Authentication Speed

Unanswered Question
Aug 5th, 2003
User Badges:

Hello,


I am trying to speed up the amount of time it take for a WLAN client using PEAP with OTP to authentication the WLAN.


Currently, it can take up to 2 minutes before a user is prompted to authenticate. Is there any way of speeding this up?


I know on the AP you can configure the Authentication server timeout and retries, is there a similar function that works for communication between the AP and client?


I have seen 'EAP retry limite reached for user X' appear. I think this happens because the PC is busy performing OS logon and scripts, so cannot respond to the network logon, hence this process times out.


Any ideas?


Many Thanks

Abdul

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
derwin Tue, 08/05/2003 - 05:07
User Badges:
  • Cisco Employee,

Hi Abdul,


From what you have described here is not a problem with PEAP or the wireless network but rather Windows boot up time.


You can try disabling all services that are not needed and also try booting up with all network cards turned off then insert or turn on the wireless card, this is a PIA but unfortuantly when Windows boots up if it detects a network card that has a layer 2 link then it will try to contact the domain server to log on and will time out before proceeding to boot up this is whats causing your delay

a.mayat Tue, 08/05/2003 - 06:24
User Badges:

Thanks for the response...


I think your right, it is a combination of the problems...the windows boot up time is long, but we can live with that


The delayed authentication issues happen at boot up and when the PC is re-authentication after being out of range or coming out of suspend. So, even after the PC is fully booted, the association process is lengthy.


My aim is to package the solution so it can be used by 'end-users' with minimum clicks, and user intervention. As such an ideal solution would be:


A user boots up his/her machine (which may take and extra 30 seconds or so) then be prompted with a single logon box, which will allow the user to logon without timing out, and provide a diaglogue box back if an incorrect password has been entered. If a user roams into a WLAN coverage area, then again a box pops up straight away. When you used to not authenticating to the network (as with Ethernet) it is very frustrating to have to wait for 3 or 4 minutes to use the network. After all we are promoting mobility!



Actions

This Discussion

 

 

Trending Topics - Security & Network