Client disconnects with ARP and EAPOL errors

Unanswered Question
Jan 20th, 2010

Hi all,

We recently deployed a new WLAN (1242G APs and a 4402 controller) after performing a site survey in a somewhat challenging environment (a large theatre venue with surrounding offices on several different floors).  The site survey and AP placement/network design was done by a CCNA contractor, and all appeared to be working well at the time.

We are now having issues with laptop clients and barcode scanner clients disassociating from the network at intermittant times.  This appears to be happening on many of the 22 APs in different areas and floors of the buildings, if not most.  We are spread out between 5 different floors.

These are the errors I'm seeing intermittantly (though pretty steadily) in the controller log:

15:23:49.701 1x_ptsm.c:404 DOT1X-3-MAX_EAPOL_KEY_RETRANS: Max EAPOL-key M1 retransmissions exceeded for client

Jan 05 11:35:06.159 dtl_net.c:1343 DTL-1-ARP_POISON_DETECTED: STA [00:23:xx:xx:xx:xx,] ARP (op 1) received with invalid SPA 172.x.x.x/TPA 172.x.x.x

Jan 12 11:20:44.492 spam_lrad.c:21988 LWAPP-4-SIG_INFO1: Signature information; AP 00:24:xx:xx:xx:xx, alarm ON, standard sig Auth flood, track per-Macprecedence 5, hits 30, slot 0, channel 6, most offending MAC 00:12:xx:xx:xx

I've seen the error code explanation in the Cisco docs for the ARP_POISON error.  For security reasons, we need to require DHCP.  It does appear that clients eventually do re-DHCP after a delay.  So like the documentation notes, perhaps we can ignore this particular error.  In that case, I'm guessing this error is more of a symptom (ie, it happens after and because of a client disconnection), and we need to find the root cause of why clients are disconnecting.

As far as the MAX_EAPOL_KEY_RETRANS error - what would cause a client not respond to an EAPOL-key message?

I'm thinking about purchasing the Cisco Spectrum Expert equipment, as I'm concerned interference may be a possible cause.  So my questions would be:

1) Could something like this be caused by interference, or should we look elsewhere?

2) What is the learning curve in general for Cisco Spectrum Expert, for a Systems Admin with basic wireless knowledge?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jamie_5th Tue, 01/26/2010 - 16:28


Any general ideas on which direction to take in terms of troubleshooting this?



This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode