Hello Leo,

We performed the upgrade to 17.9.4a last December 26, since that date the WLC has been up. The zone is coveraged by 3802-E-A access point using antennas ANT-2566. The Aps has been restarted several times in order to discard an issues, also we verified the status of the cabling, during that test the cable was disconnected for few minutes.

Thanks. Debbie

    - Have an overall  checkup of the 9800  wireless  controller with the CLI command 
             show tech wireless and feed the output into Wireless Config Analyzer

 M.
                                                                                   

(A x800 coupled with 17.9.4a.  What could possibly go wrong.)

Let me start with this:  2800/3800/4800/1560/6300 has a hardware design defect.  There is a particular wireless chip used in the entire family where it would routinely crash.  Combined with poor coding work, Cisco has been unable to fix or apply a workaround since the this behaviour first emerged in the early days of 8.5MR4.  One of the telltale signs is the 2800/3800/4800/1560/6300 would randomly drop packets or traffic.  No amount of "reboot the AP" is going to fix the issue.  I have compiled a list of Bug IDs and they can be found HERE.

When the 9800 first emerged, it was hoped that new coding would help.  Unfortunately, the bugs discovered in AireOS were soon updated with IOS-XE version numbers.  And the list (bugs only affecting 2800/3800/4800/1560/6300 in IOS-XE) are getting longer and longer.  

On the "bright side" (for the lack of the a better description), I have found a number of "candidate" bugs smelling very similar to what is going on now.  And they are: 

CSCwi18057: 4-way handshake failure, missing M3 packet.
CSCwk17514:  C9800 WLC clients are unable to connect due to M3 failure
CSCwa25735: AP1832 does not forward packets to radio, adding serviceability log to track this issue
CSCwi49862: AP transmitting M1 after 3 seconds (HIDDEN)
CSCwj04146: 2800/3800/4800/1560/6300 AP not sending traffic over the air when using dot1x (HIDDEN)
CSCwh74663: 2800/3800/4800/1560/6300 not sending QoS data frames downstream
CSCwi69696: Access point experiencing random drops in traffic towards wireless clients

By the way, what is the model of the WLC?  If it is a 9800-80, how many APs are there?  If the WLC is a 9800-80, is there an SSID with web auth?

Hello Leo

The model of this WLC is 9800-40, there are joined 30 APs 3802E and 45 9120I (for office enviroment), there is only a webauth SSID for guest users but only few clients are connected there, the affected SSID is a FT802.1x EAP authentication. I'm starting a test, I asked for a fabric default HH and I connected it to the network without SOTI enrollment. I'll share the results soon 

Deb.