09-20-2024 12:05 AM
Hi guys
My office is using WLC 3504:
With some Cisco AP:
Users complain me, they are often disconnected to the wireless (802.1x) 5-10 times a day.
I tried to debug a client and this is the log when it was disconnected
debug client log is in the attach file
Anyone can help me to see why they are disconnected.
This is some my wlan configurations: Some one on the internet recommend to uncheck the "Aironet 1E", should I follow it ?
09-20-2024 12:35 AM
- Below you will find the output of disconnected-logs.txt when processed with Wireless Debug Analyzer
it looks not too bad , as per https://www.cisco.com/c/en/us/support/docs/wireless/wireless-lan-controller-software/200046-tac-recommended-aireos.html
use 8.5.182.12 (8.5.182.13 for 3504s
on the 3504 as the aireos models are EOL , you should use the last release available :
Connection attempt #1 | |||
Sep 20 11:02:34.797 | *Dot1x_NW_MsgTask_2 | WLC/AP is sending EAP-Identity-Request to the client | |
Sep 20 11:02:34.816 | *Dot1x_NW_MsgTask_2 | Client sent EAP-Identity-Response to WLC/AP | |
Sep 20 11:02:35.416 | *Dot1x_NW_MsgTask_2 | RADIUS Server permitted access | |
Sep 20 11:02:35.416 | *Dot1x_NW_MsgTask_2 | Client will be required to Reauthenticate in 1800 seconds |
|
Sep 20 11:02:35.428 | *Dot1x_NW_MsgTask_2 | 4-Way PTK Handshake, Received M2 | |
Sep 20 11:02:35.428 | *Dot1x_NW_MsgTask_2 | 4-Way PTK Handshake, Sending M3 | |
Sep 20 11:02:35.429 | *Dot1x_NW_MsgTask_2 | 4-Way PTK Handshake, Received M4 | |
Sep 20 11:02:35.429 | *Dot1x_NW_MsgTask_2 | Client is entering the 802.1x or PSK Authentication state | |
Sep 20 11:02:35.429 | *Dot1x_NW_MsgTask_2 | Client has completed PSK Dot1x or WEP authentication phase | |
Sep 20 11:02:35.430 | *Dot1x_NW_MsgTask_2 | Client has entered RUN state | |
Sep 20 11:02:35.438 | *DHCP Socket Task | Received DHCP request from client | |
Sep 20 11:02:35.438 | *DHCP Socket Task | Sending DHCP Request to DHCP Server 140.231.150.19 through gateway 140.231.150.45 requesting 140.231.150.240 on VLAN 0 |
|
Sep 20 11:02:38.269 | *DHCP Socket Task | Received DHCP request from client | |
Sep 20 11:02:38.269 | *DHCP Socket Task | Sending DHCP Request to DHCP Server 140.231.150.19 through gateway 140.231.150.45 requesting 140.231.150.240 on VLAN 0 |
|
Sep 20 11:02:40.779 | *DHCP Socket Task | Received DHCP request from client | |
Sep 20 11:02:40.779 | *DHCP Socket Task | Sending DHCP Request to DHCP Server 140.231.150.19 through gateway 140.231.150.45 requesting 140.231.150.240 on VLAN 0 |
|
Sep 20 11:02:44.398 | *DHCP Socket Task | Received DHCP request from client | |
Sep 20 11:02:44.398 | *DHCP Socket Task | Sending DHCP Request to DHCP Server 140.231.150.19 through gateway 140.231.150.45 requesting 140.231.150.240 on VLAN 0 |
|
Sep 20 11:02:49.398 | *DHCP Socket Task | Received DHCP request from client | |
Sep 20 11:02:49.398 | *DHCP Socket Task | Sending DHCP Request to DHCP Server 140.231.150.19 through gateway 140.231.150.45 requesting 140.231.150.240 on VLAN 0 |
|
Sep 20 11:02:51.362 | *DHCP Socket Task | Received DHCP request from client | |
Sep 20 11:02:51.362 | *DHCP Socket Task | Sending DHCP Request to DHCP Server 140.231.150.19 through gateway 140.231.150.45 requesting 140.231.150.240 on VLAN 0 |
|
Sep 20 11:02:55.074 | *DHCP Socket Task | Received DHCP request from client | |
Sep 20 11:02:55.074 | *DHCP Socket Task | Sending DHCP Request to DHCP Server 140.231.150.19 through gateway 140.231.150.45 requesting 140.231.150.240 on VLAN 0 |
09-20-2024 12:43 AM
Hi Marce
Thank you for your review and some helpful information you gave. But the problem is that client was connected to wifi at about 10h36. Then you see at 11h02, it was disconnected and reconnect again.
*apfPmkCacheTimer: Sep 20 11:02:34.796: 54:6c:eb:09:be:92 Expiring PMK cache of 54:6c:eb:09:be:9
*apfPmkCacheTimer: Sep 20 11:02:34.796: 54:6c:eb:09:be:92 Removing expired PMK cache entry for station 54:6c:eb:09:be:92 AKM was:APF_KY_MGMT_80211i
*apfPmkCacheTimer: Sep 20 11:02:34.796: 54:6c:eb:09:be:92 Removing expired PTK entry for station 54:6c:eb:09:be:92
*apfReceiveTask: Sep 20 11:02:34.796: 54:6c:eb:09:be:92 Found an cache entry for BSSID e0:0e:da:df:4f:8f in PMKID cache at index 0 of tation 54:6c:eb:09:be:92
*apfReceiveTask: Sep 20 11:02:34.796: 54:6c:eb:09:be:92 Removing BSSID e0:0e:da:df:4f:8f from PMKID cache of station 54:6c:eb:09:be:92
*apfReceiveTask: Sep 20 11:02:34.796: 54:6c:eb:09:be:92 Resetting MSCB PMK Cache Entry @index 0 for station 54:6c:eb:09:be:92
*apfReceiveTask: Sep 20 11:02:34.796: 54:6c:eb:09:be:92 Initiating 802.1x due to PMK Timeout Event for STA
*apfReceiveTask: Sep 20 11:02:34.796: 54:6c:eb:09:be:92 Sent 1x reauth initiate message to multi thread task for mobile 54:6c:eb:09:be92 1
*Dot1x_NW_MsgTask_2: Sep 20 11:02:34.796: 54:6c:eb:09:be:92 dot1xProcessInitiate1XtoMobile to mobile station 54:6c:eb:09:be:92 (mscb 9 msg 9)
09-20-2024 02:23 AM
If use is guest and you use CWA then what you see (Connect disconnect) is normal there is no problem
First connect to allow use conenct to CWA ISE and then after CoA the WLC disconnect and user reconnect again.
Above if you use CWA
MHM
09-20-2024 02:30 AM
>...Thank you for your review and some helpful information you gave. But the problem is that client was connected to wifi at about 10h36. Then you see at 11h02, it was disconnected and reconnect again.
You should always these days upgrade to 8.5.182.3 , because if it related to bugs and Cisco considers that last release for support , then check again ,
M.
09-20-2024 12:57 AM
Increase session timeout, I usually use 43200 seconds which is 12 hours. I usually combine that with a user idle timout of 3600 seconds (1 hour). Aireonet IE is typically something you should have disabled.
09-20-2024 01:08 AM
Thank you, I ll try
09-20-2024 01:14 AM
MAC OUI shows Intel.
Are the affected clients mostly Intel AX2xxx wireless NIC?
09-20-2024 01:59 AM - edited 09-20-2024 02:00 AM
uhm I don't think the problem comes from Intel wireless NIC card. I only face with unstable connection issue happen with Mediatek NIC card (build in by default in some Lenovo laptops)
09-20-2024 07:54 PM
IF the wireless NIC cards of the affected wireless client are not Intel AX2xx (CSCwe50033) or Realtek RTL88xx (CSCwf03870), then I'd recommend first updating the wireless NIC of the wireless card.
Alternatively, disable 802.11 k, v & r from the SSID.
09-22-2024 05:30 PM
As for aireonet IE, Cisco best practices is this is only enabled for Cisco VoWIFI SSIDs, although I generally have it running on my guest network mainly so when i survey i get the AP names.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide