Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
607
Views
0
Helpful
4
Replies

Wireless client re-authenticates occasionally

steelhalcon
Level 1
Level 1

‎03-16-2013 10:20 PM - edited ‎07-03-2021 11:44 PM

I have 3 WLC 4402 controller connected to an ACS Server and Cisco 1252G AP. Previuosly the wireless networks works fine but for two weeks now most of the clients experiencing reauthentication frequently, Some experience it every 5 mins even if they are browsing or idle and not moving. I've check the session time out settings in the wlc and it was configured for 30 mins as default. I have around 900 student clients connecting every day. I've tried removing the web authentication security policy and it works ok but when I apply it again, the same problem occurs. Kindly advise me what to do to solve the problem.

Labels:
0 Helpful
4 Replies 4

Amjad Abdullah
VIP Alumni
VIP Alumni

‎03-17-2013 04:02 AM

What do you mean by "reauthentication"? The users are getting redirected to the web-auth page?
Note that the user idle-timeout on the WLC is 5 minutes (300 seconds) by default. If a user is idle for 5 minutes s/he is going to be disconnected and his/her sessoin times out.

User idle timeout is configurable in GUI from under Controller tab -> General.

or form CLI:

config network usertimeout

Hope this helps,

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
0 Helpful

steelhalcon
Level 1
Level 1
In response to Amjad Abdullah

‎03-18-2013 03:13 AM

Yes, wireless clients were prompted again with the web authentication page sometimes every 5 mins even when they are browsing. I tried to increase the idle time settings in the controller to 10 mins. Im now checking the clients feedback or if the same problem occur. thank you for replying.

0 Helpful

Amjad Abdullah
VIP Alumni
VIP Alumni
In response to steelhalcon

‎03-18-2013 03:20 AM

increae "arp idle timeout" from same page.

This will probably mitigate your issue.

If not, please proceed wiht the below:

enable debug client on the controller for one of the clients and wait for the problem to happen.

- CLI (ssh/telnet) to the WLC.

- stop session timeout (session timeout 0).

- log the session to a file.

- Make sure one of the problematic clients is already connected and authenticated to web-auth.

- enable debug client (debug client )

- wait until the problem experience the disconnection.

then, attach the file of the debugs to give it a look.

Regards,

Amjad

Rating useful replies is more useful than saying "Thank you"

Rating useful replies is more useful than saying "Thank you"
0 Helpful

Scott Fella
Hall of Fame
Hall of Fame

‎03-18-2013 04:34 AM

You really should increase the session timeout and the idle timer to a higher value. I would set the session timer around 4-8 hours or more and the idle timer to 2 hours.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card