mschwen
asked on
Wireless Connectivity Issues Cisco WLC with 6.0.182.0 code.
I have a Cisco 4402 WLC running on 6.0.182.0 code. We have 24 1131 access points providing sufficient coverage of our entire building. I have verified it is not a coverage issue. This problem is only happening with out Accounting department. The authentication is 802.1x, WPA, AES, and using a Cisco ACS server for username credentials.
When people in accounting (All Microsoft Windows Shop) get on the wireless they are getting randomly disconnected from the WLAN at random times, it pops right back up but it interrupts their processes they are running and they have to start over. I found logs on the WLC saying this for 1 client.
Sep 24 09:06:50 orm-wlc-1 orm-wlc-1: *Sep 24 09:06:50.695: %DOT1X-3-MAX_EAPOL_KEY_RET RANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:1b:77:60:0b:6d
Sep 24 09:07:42 orm-wlc-1 orm-wlc-1: *Sep 24 09:07:42.843: %DOT1X-3-MAX_EAPOL_KEY_RET RANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:1b:77:60:0b:6d
Sep 24 09:08:35 orm-wlc-1 orm-wlc-1: *Sep 24 09:08:35.177: %DOT1X-3-MAX_EAPOL_KEY_RET RANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:1b:77:60:0b:6d
Sep 24 09:08:35 orm-wlc-1 orm-wlc-1: *Sep 24 09:08:35.252: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:447 Authentication aborted for client 00:1b:77:60:0b:6d
Sep 24 09:08:38 orm-wlc-1 orm-wlc-1: *Sep 24 09:08:38.042: %DOT1X-3-MAX_EAPOL_KEY_RET RANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:1b:77:60:0b:6d
Sep 24 09:09:13 orm-wlc-1 orm-wlc-1: *Sep 24 09:09:13.759: %DOT1X-3-MAX_EAPOL_KEY_RET RANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:1b:77:60:0b:6d
Sep 24 09:09:27 orm-wlc-1 orm-wlc-1: *Sep 24 09:09:27.320: %DOT1X-3-MAX_EAPOL_KEY_RET RANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:1b:77:60:0b:6d
That pretty much repeats, that is the only log I can see at all with this client. I tested with my MAC and am not having this issue at all, any clues?
When people in accounting (All Microsoft Windows Shop) get on the wireless they are getting randomly disconnected from the WLAN at random times, it pops right back up but it interrupts their processes they are running and they have to start over. I found logs on the WLC saying this for 1 client.
Sep 24 09:06:50 orm-wlc-1 orm-wlc-1: *Sep 24 09:06:50.695: %DOT1X-3-MAX_EAPOL_KEY_RET
Sep 24 09:07:42 orm-wlc-1 orm-wlc-1: *Sep 24 09:07:42.843: %DOT1X-3-MAX_EAPOL_KEY_RET
Sep 24 09:08:35 orm-wlc-1 orm-wlc-1: *Sep 24 09:08:35.177: %DOT1X-3-MAX_EAPOL_KEY_RET
Sep 24 09:08:35 orm-wlc-1 orm-wlc-1: *Sep 24 09:08:35.252: %DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:447 Authentication aborted for client 00:1b:77:60:0b:6d
Sep 24 09:08:38 orm-wlc-1 orm-wlc-1: *Sep 24 09:08:38.042: %DOT1X-3-MAX_EAPOL_KEY_RET
Sep 24 09:09:13 orm-wlc-1 orm-wlc-1: *Sep 24 09:09:13.759: %DOT1X-3-MAX_EAPOL_KEY_RET
Sep 24 09:09:27 orm-wlc-1 orm-wlc-1: *Sep 24 09:09:27.320: %DOT1X-3-MAX_EAPOL_KEY_RET
That pretty much repeats, that is the only log I can see at all with this client. I tested with my MAC and am not having this issue at all, any clues?
In your first message all the errors are from the same client... if you ping the computers in accounting, then do
arp -a
in a command window, you should be able to find out which one has MAC address 00:1b:77:60:0b:6d.
i.e. if you don't have a record of all your MAC addresses.
I would suspect something is wrong with that specific client. e.g. antenna loose/blocked/unhooked-fro m-card, cordless phone or microwave right next to it, et cetera.
arp -a
in a command window, you should be able to find out which one has MAC address 00:1b:77:60:0b:6d.
i.e. if you don't have a record of all your MAC addresses.
I would suspect something is wrong with that specific client. e.g. antenna loose/blocked/unhooked-fro
ASKER
I posted the logs with that specific client. The other computers are having the same issue, that was just 1 example. I think it is possible that clients need to have the latest drivers installed but am not convinced that will fix it. Its only XP clients and its not all the XP clients having issues just most of them. All XP machines are either on SP2 or SP3.
Try upgrading the drivers, but it still sounds like interference is corrupting some of the signal... according to
http://www.cisco.com/en/US/docs/wireless/controller/message/guide/msgs4.html#wp1000139
the message means the credentials were not correct, but if that were true they would *never* be able to connect.
http://www.cisco.com/en/US/docs/wireless/controller/message/guide/msgs4.html#wp1000139
the message means the credentials were not correct, but if that were true they would *never* be able to connect.
ASKER
Exactly, that is what is so puzzling about this situation, I think the credentials are right but the timer never gets reset so it expires, once the timer expires the client think's the credentials are wrong and requests to the WLC to re authenticate. It's very strange.
Check the power management settings on the WNIC's. Turn CAM on if PSP/PSM is on.
Device Manager / Wireless NIC / Advanced
Device Manager / Wireless NIC / Advanced
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Open in new window