Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2436
Views
0
Helpful
6
Replies

WLC 4404 Upgraded to 7.0.235.3 (WPA HandShake Timeout) not availbale

Go to solution
cbellinger
Level 1
Level 1

‎10-16-2012 08:44 AM - edited ‎07-03-2021 10:51 PM

Greetings,

Just upgraded my Cisco 4404 WLC's to 7.0.235.3, the upgrade went just fine. My problem is when I either Telnet or SSH to my Lightweight AP's and run the "DOT11 WPA Handshake Timeout 1000" command the AP doesn't recognized this command. This is one of the reasons I upgrade my WLC's.I have several wireless printers that are passive and are heavily used and keep getting disassociated because they don't respond in time.

Any Help would be greatly appreciated.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to cbellinger

‎10-16-2012 09:44 AM

yeah, that is for an IOS AP.  not sure why they wouldn't have the correct command for the WLC.

To verify, it would be

show advanced eap

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee

‎10-16-2012 08:54 AM

that command is for IOS AP, not for the WLC. 

Q.    How do you change the Wi-Fi Protected Access (WPA) handshake timeout   value on a Wireless LAN Controller (WLC) through CLI? I know I can do this on   Cisco IOS® Access Points (APs) with the dot11 wpa handshake   timeout value command, but how...

A. The ability to configure the WPA-Handshake timeout through the WLCs was       integrated in software release 4.2 and later. You do not need this option in       earlier WLC software versions.

These commands can be used to change the WPA Handshake timeout: 

    config advanced eap eapol-key-timeout 
    config advanced eap eapol-key-retries

The default values continue to reflect the WLCs current       behavior.

   - the default value for eapol-key-timeout is 1 second.
   - the default value for eapol-key-retries is 2 retries

Note: On IOS APs, this setting is configurable with the dot11           wpa handshake command.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Go to solution
cbellinger
Level 1
Level 1
In response to Stephen Rodriguez

‎10-16-2012 09:00 AM

Stephen,

Thank you for your quick response. I did make my self clear, sorry. I had to upgrade the WLC's so the Lightweight access point IOS software could be upgraded to a version that supported Telnet and SSH and the "DOT11 WPA Handshake Timeout' command. I was trying this command on the AP (IOS version 12.4(23c).JA6) and the AP was not recognizing the command. any ideas?

0 Helpful

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to cbellinger

‎10-16-2012 09:12 AM

You don't configure the AP directly when you have a WLC.  You need to use the below commands on the WLC CLI.

    config advanced eap eapol-key-timeout 
    config advanced eap eapol-key-retries

Even if the AP did take the command, it wouldn't hold through a reboot.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Go to solution
cbellinger
Level 1
Level 1
In response to cbellinger

‎10-16-2012 09:25 AM

Stephen,


Great, I will try it. Just so that i'm clear the about commands govern the Client to AP communications? And not the AP to WLC communications? The printer web site stated to use the "DOT11 WPA Handshake Timeout" command on the AP's thenselves, that is why I was trying to that command on the AP's. What is the command I can use to verify?

Thank You Very Much for your help!!!!!!!

0 Helpful

Go to solution
Stephen Rodriguez
Cisco Employee
Cisco Employee
In response to cbellinger

‎10-16-2012 09:44 AM

yeah, that is for an IOS AP.  not sure why they wouldn't have the correct command for the WLC.

To verify, it would be

show advanced eap

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
0 Helpful

Go to solution
cbellinger
Level 1
Level 1
In response to Stephen Rodriguez

‎10-16-2012 10:09 AM

Stephen,

Thank you!!!!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card