802.1X auth errors .... (or .... ?)

@CraigBeck ... Putting my faith in you here, aswell as the other experts.

Dived into a rather strange issue today, which I had not too much time onsite to troubleshoot - so while waiting for next opportunity to look at this, maybe some others have had these issues;
 -On all 802.1X secured networks, random disconnection issues arise. Clients are disconnected for no particular reason, then reconnects automatically. From the NPS logs we see only reauthentication, which is successfull. Wireless Controller logs show no deauth for that client, only successful reauths.

This is, very very most super unlikely RF problem, as the issues is organization wide, for both dense and sparse deployments - in RF-crowded environments, and RF-uncrowded enviroments - with no neighbouring APs. This also happens to all types of clients (Win7, Win8, OsX, iOS, Androids ++)

The only common is NPS server and wireless controller --- logs OK for both.
Win2008R2 NPS
Aruba 7210 controller ... which I really is supposed to be on top of --- any ideas 802.1X auth-wise?

btw; one lead might be the Pairwise Master Key ---- which we're looking in to
LVL 22
Jakob DigranesSenior ConsultantAsked:
Who is Participating?
Craig BeckCommented:
@jakob - I'll try my best :-)

I'll assume you're using WPA.  I think you're looking at the right thing by investigating the PMK... It sounds to me like the client is reauthenticating due to the rekeying timeout coming before the EAP session is expired, or (less likely IMO) the GTK is being rotated due to a client disconnection.  Either will probably result in a reauthentication.

I'd try to disable the session timeout on the SSID and see if that helps.

The NPS will only log authentication attempts so I don't expect to see any deauth messages in there.  I'd head to the controller for that.  Can you do a client debug at the controller to see what happens just before a client reauths?
Jakob DigranesSenior ConsultantAuthor Commented:
Thanks --- will look into this over the weekend. A lot of holidays and constitution days in Norway, so rather low speed the last week. Will keep you posted !
Jakob DigranesSenior ConsultantAuthor Commented:
looks like it was solved during some radio settings tweaking - most likely timeouts and disconnects leading to continous re-auths ...

thanks !!
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.