PEAP clients --- rapid re-authentication

Unanswered Question
Sep 1st, 2010

We are deploying  a large number of  IV pumps with internal wireless NICs( dlink)

Clients can successfuly authenticate...then re-authenticate every few seconds..

controller code 6.0.188

ACS version 4.2

authenticating to microsoft AD

Clients are configured for WPA2, PEAP, MSCHAPv2,

each has a unique identity/password

ACS is the CA( using self signed cert)

Any know of a timer value or setting that my trigger this ?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Kayle Miller Wed, 09/01/2010 - 07:02

Charles,

     Just a thought on this, is WPA AES enabeld on the SSID? If so try disabling it if you can. I have run into several instances where when that was enabled even though not being used it caused thousands of re-authentications per second.  I actually saw it take down 2 seperate client facilities, in both cases I had TAC Cases open and TAC couldn't understand why it was happening, only that once we disabled WPA AES it immediately stopped and the clients only re-authed on the timer set in the WLC for Session timeout.

Hope this helps.. Please rate useful posts.

Thanks,

Kayle

George Stefanick Fri, 09/03/2010 - 17:16

for starters, do a client debug and see what is going on ...

from the WLC

debug client XXXXXXXXXX

Actions

This Discussion

 

 

Trending Topics - Security & Network