My customer is facing an issue where the wireless clients will experiences disconnections randomly and is getting frequently. When I checked the logs of C9800, I saw many logs below:
Nov 8 12:01:34.531: %DOT1X-5-FAIL: Chassis 1 R0/0: wncd: Authentication failed for client (5ebb.2ac6.f188) with reason (Timeout) on Interface capwap_90000028 AuditSessionID 013E1BAC00000C1FFF4FFAEA Username: <omitted>
*Nov 8 12:01:23.523: %DOT1X-5-FAIL: Chassis 1 R0/0: wncd: Authentication failed for client (f8ac.65c1.6f65) with reason (Timeout) on Interface capwap_90000020 AuditSessionID 013E1BAC00000C1EFF4E6CF7 Username: <omitted>
*Nov 8 11:59:53.523: %DOT1X-5-FAIL: Chassis 1 R0/0: wncd: Authentication failed for client (f8ac.65c1.6f65) with reason (Timeout) on Interface capwap_90000020 AuditSessionID 013E1BAC00000C1EFF4E6CF7 Username: <omitted>
I had done some research and found out there are similar symptoms hitting bug CSCvw53548. During that time the WLC was running on version 16.12.04a. Therefore, we proceeded with an upgrade to version 17.03.03, which is the known fixed release stated in the BST. However, the disconnection issue still persist and the same logs keep on appearing every few minutes. Anyone have any ideas so far or encounter similar scenario?
Hardware is C9800-L-C
- Have a sanity check of the controller configuration with this app : https://cway.cisco.com/tools/WirelessAnalyzer/ for the 9800(-L-C) platform , you need to input the output of show tech wireless . You can also do client (mac) debugging and use this tool for that particular output : https://cway.cisco.com/tools/WirelessDebugAnalyzer/
Could you please post RA trace from a client having the issues. Also post more information such as AP model, Client type, Client OS, WLC model, WLC code, Authentication used, Profiling or posturing enabled etc.
I have experienced many roaming issues with 17.3.3 on my 9800s. I just upgraded to 17.3.4c and it resolved a good number of my issues.
- MacBooks would not roam in my office areas. Upgrading to 17.3.3esw10 resolved this issue.
- I had a Zebra Scan gun in a warehouse only work on one AP. It would not roam to other APs in the warehouse. The upgraded to 17.3.4c resolved this issue.
The situation comes from gadgets that are not yet registered or from BYOD times - seems like I have the high-quality answer I am going to get as this isn't clearly a Cisco trouble however an Apple problem to use with ammo. I even have reached out to their help but failed to get past degree 1.