Wireless Controlers 4402 + SSID

Unanswered Question
Mar 5th, 2010
User Badges:

We have 2 controlers wireless 4402 and we have 1 ssid on it with security WPa-tkip , The ssid is CXXX


Now, I want to add another SSID , like CYYY,  I did it and it seems to work ok


But now, The IT told me that since I add that second SSID on the controlers .


All the RF are always  getting disconected.


Here's the message log on one of my controlers



WLAN requiring WPA and/or WPA2.MobileStation: 00:1e:ec:50:0c:67, SSID:C097,AP: 00:16:46:2c:37:50.
*Mar 02 11:42:25.693: %APF-1-PROC_RSN_WARP_IE_FAILED: apf_80211.c:2234 Could not process the RSN and WARP IEs. station not using WPA or WPA2 on WLAN requiring WPA and/or WPA2.MobileStation: 00:1e:ec:50:0c:67, SSID:C097,AP: 00:16:46:2c:37:50.
*Mar 02 11:41:30.798: %APF-1-PROC_RSN_WARP_IE_FAILED: apf_80211.c:2234 Could not process the RSN and WARP IEs. station not using WPA or WPA2 on WLAN requiring WPA and/or WPA2.MobileStation: 00:1e:ec:50:0c:67, SSID:C097,AP: 00:16:46:2c:37:50.
*Mar 02 11:41:30.597: %APF-1-PROC_RSN_WARP_IE_FAILED: apf_80211.c:2234 Could not process the RSN and WARP IEs. station not using WPA or WPA2 on WLAN requiring WPA and/or WPA2.MobileStation: 00:1e:ec:50:0c:67, SSID:C097,AP: 00:16:46:2c:37:50.


On my other controlers , I have this error log


*Mar 05 14:54:24.408: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:0b:6b:77:9f:93
*Mar 05 14:54:24.407: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:0b:6b:77:9f:a7
*Mar 05 14:53:34.556: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:0b:6b:77:a0:d9
*Mar 05 14:53:30.545: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:0b:6b:77:a0:d9
*Mar 05 14:53:26.534: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:0b:6b:77:a0:d9
*Mar 05 14:53:22.523: %DOT1X-3-MAX_EAPOL_KEY_RETRANS: 1x_ptsm.c:407 Max EAPOL-key M5 retransmissions exceeded for client 00:0b:6b:77:a0:d9


Do you have any idea.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Scott Fella Fri, 03/05/2010 - 12:51
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Make sure you either choose WPA or WPA2, tkip or AES.  Set the encryption to WPA-TKIP only and verify the configuration on the end device.  If you get that working and others are complaining, then look at their settings.  When you created the new SSID, did you also create and mapped that SSID to a different interface/vlan?  Just trying to picture how you have it setup.

sleboeuf1 Fri, 03/05/2010 - 13:10
User Badges:

Thanks for the reply.


You're asking me :  When you created the new SSID, did you also create and mapped that SSID to a different interface/vlan?  Just trying to picture how you have it setup.


Yes, I did that already and that part is working ok, With an AP , I could configure my laptop and connect on that new SSID.


For the other device , None of them have the new SSID and it's security.





Make sure you either choose WPA or WPA2, tkip or AES.  Set the encryption to WPA-TKIP only and verify the configuration on the end device.  If you get that working and others are complaining, then look at their settings.  When you created the new SSID, did you also create and mapped that SSID to a different interface/vlan?  Just trying to picture how you have it setup.

Scott Fella Fri, 03/05/2010 - 13:15
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Okay... so are you using any special charachter's in your pre-shared key?  Some times it is best to test as basic as you can and work up.  use an ssid with no encryption if that works then setup wpa-tkip psk with a simple psk and see if that works.  If you can eliminate that it is an end device, then this is what I would try.

sleboeuf1 Fri, 03/05/2010 - 13:39
User Badges:

Thanks again.


Okay... so are you using any special charachter's in your pre-shared key?  Some times it is best to test as basic as you can and work up.  use an ssid with no encryption if that works then setup wpa-tkip psk with a simple psk and see if that works.  If you can eliminate that it is an end device, then this is what I would try.


No, My key is a regular phrase for our security here.


I did taht already, Like I told you, On my side, Everything look fine.


I try an SSID with no security at all.


Now, What I will do is to disable my second SSID and see if there's some more error .....


Thanks again.

Scott Fella Sun, 03/07/2010 - 09:44
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

Well if you look at the logs, if it isn't a bug, then it is pointing to client side configuration issues.  Find the clients devices with those mac address and verify the wireless profile settings are correct.  If you are not the one responsible for this, then I would suggest you make sure that the person who is setting this up is doing it correctly.  Here is a thread with the same error you are seeing:


https://supportforums.cisco.com/thread/2003178?tstart=0

Leo Laohoo Fri, 03/05/2010 - 15:36
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

What firmware are you using?

Scott Fella Mon, 03/08/2010 - 08:46
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 Wireless

I would follow this thread also that I posted earlier... you are running the same firmware


https://supportforums.cisco.com/thread/2003178

Actions

This Discussion

 

 

Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode