Validating Identity with Cisco AP's

Unanswered Question
Jun 15th, 2009
User Badges:

We are seeing more and more clients having issues connecting to the internal wireless network. Recently my computer has become a victim of this too. When trying to connect, the windows client just hangs at "Validating Identity." I originally thought it was a density issue as when I added AP's to certain areas, it seemed to fix the issue. There are some areas; however, that only have 5 clients and the issue is still prevalent. I did notice consistency in one building where the people who could not connect had new Dell 6400 laptops and they were trying to connect to 1231 AP's - the new 1242 fixed their issue.

I am using a Dell Latitude D630 and I am trying to connect to a lightweight 1242. I set up netsh on my laptop, please see the attachment with the results.


Please let me know what you think. This is becoming a large-scale issue.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
vancamt76 Mon, 06/15/2009 - 06:09
User Badges:

ReStart-Authentication: Initiated by the AP/Switch for Intel(R) PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport

[848] 10:04:01:303: FSMAcquired entered for port Intel(R) PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport

[848] 10:04:01:303: TIMER: Restart PCB Time: 30

[848] 10:04:01:303: ElEapEnd entered

[848] 10:04:01:303: ElEapDllEnd called for EAP Index -1

[848] 10:04:01:303: ElEapBegin entered

[848] 10:04:01:303: ElEapBegin done

[848] 10:04:01:303: ElEapWork: EapolPkt created at 05394FD0

[848] 10:04:01:303: ElEapMakeMessage entered

[848] 10:04:01:303: ElParseIdentityString: DisplayString =

[848] 10:04:01:303: ElParseIdentityString: LocalIdString = networkid=ness,nasid=US-OH-NC-WiSM-01,portid=29

[848] 10:04:01:303: ElParseIdentityString: LocalIdString Length = 48

[848] 10:04:01:303: ElParseIdentityString: NetworkID Size = 5

[848] 10:04:01:303: Got NetworkId = ness

[848] 10:04:01:303: Got NASId = US-OH-NC-WiSM-01

[848] 10:04:01:303: ElParseIdentityString: For PortId, length = 2

[848] 10:04:01:303: Got PortId = 29

[848] 10:04:01:303: ElParseIdentityString: End of String reached

[848] 10:04:01:303: ElParseIdentityString: Out of while loop

[848] 10:04:01:303: ElParseIdentityString: Out of while loop: NO ERROR

[848] 10:04:01:303: ElParseIdentityString: Calling NLARegister_802_1X with params {AB85D4EA-2A9B-444E-B1EE-8B050B5C1DDA} and networkid=ness,nasid=US-OH-NC-WiSM-01,portid=29

[848] 10:04:01:303: NLARegister_802_1X: Entered

[848] 10:04:01:303: NLARegister_802_1X: g_hNLA_LPC_Port != NULL

[848] 10:04:01:303: NLARegister_802_1X: Completed with status = 0

[848] 10:04:01:303: ElParseIdentityString: Returned after calling NLARegister_802_1X

[848] 10:04:01:303: ElGetIdentity: Userlogged, Prev !Machine auth

[848] 10:04:01:303: ElGetIdentity: Already got identity

[848] 10:04:01:303: Identity sent out = DIEBOLD_MASTER\vancamt

[848] 10:04:01:303: ElWriteToPort entered: Pkt Length = 33

[848] 10:04:01:303: ElWriteToPort: pPCB = 08B0A8C0, RefCnt = 3

[848] 10:04:01:303: ElWriteToInterface entered

[848] 10:04:01:303: ElWriteToInterface completed, RetCode = 0

[848] 10:04:01:303: Authentication Started on port Intel(R) PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport using User credentials

[848] 10:04:01:303: Setting state ACQUIRED for port Intel(R) PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport

[988] 10:04:01:303: ElWriteCompletionRoutine sent out 45 bytes with error 0

[988] 10:04:01:303: ElWriteCompletionRoutine: pPCB= 08B0A8C0, RefCnt = 3

[848] 10:04:01:303: FSMAcquired completed for port Intel(R) PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport

[848] 10:04:01:303: ProcessReceivedPacket: Reposting buffer on port {AB85D4EA-2A9B-444E-B1EE-8B050B5C1DDA}

[848] 10:04:01:303: ElReadFromPort entered, pPCB = 08B0A8C0

[848] 10:04:01:303: ElReadFromPort: pPCB = 08B0A8C0, RefCnt = 3

[848] 10:04:01:303: ProcessReceivedPacket: pPCB= 08B0A8C0, RefCnt = 3

[848] 10:04:01:303: ProcessReceivedPacket exit

[848] 10:04:02:196: EapolReceiveDataPacket: receive 75 bytes

[988] 10:04:02:196: ProcessReceivedPacket entered, length = 71

[988] 10:04:02:196: ProcessReceivedPacket: EAP_Packet

[988] 10:04:02:196: ProcessReceivedPacket: EAPOLSTATE_ACQUIRED

[988] 10:04:02:196: TIMER: Restart PCB Time: 2097148

Leo Laohoo Mon, 06/15/2009 - 16:22
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

Have you tried to update the firmware of the Dell Wireless NIC?

vancamt76 Mon, 06/15/2009 - 18:19
User Badges:

I have tried upgrading to the latest driver and downgrading to earlier releases with no avail.

Robert.N.Barrett_2 Tue, 06/16/2009 - 09:29
User Badges:
  • Bronze, 100 points or more

What EAP method are you using? Are you seeing messages on your RADIUS server to indicate delays or retries? If you are using PEAP or EAP-TLS, have you set the clients to validate the server certificate when they shouldn't (because they don't trust the RADIUS server certificate)?


Since it appears you are using WZC with XP, make sure you are running XP SP2 with the wireless update, or XP SP3. However, could a difference between your clients be SP2 versus SP3?


Just some thoughts.

vancamt76 Sun, 06/21/2009 - 13:45
User Badges:

We are using PEAP to authenticate and my machine has SP3 installed. It doesn't seem consistent with service packs since some of the people with problems have SP2 installed.


I recently set up an autonomous access point with all the same settings as our lightweight AP's - minus the controller of course and I was able to connect. This leads me to believe that there is something in the controller that is excluding certain clients. I have checked WCS for excluded clients and I do not see these clients.

orochi_yagami Sat, 07/18/2009 - 02:13
User Badges:

Hi Vancarn,


So,did you manage to find out the root cause of the issue? I'm thinking whether could it be the channel issue (the closer AP with same channel),cause i'm run into the same issue before.


regards,

Orochi.

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode