WLC4404, ADU(220.127.116.119) with EAP-FAST authentication and WLC local radius server(local EAP) with "auto provisioning" is used.
When the problem occurs, session timeout caused the client re-authentication. During EAP-FAST authentication process, WLC repeats sending "Request, Identity" packet and consequently the client fails authenticate.
f any RADIUS servers are configured on the controller, the controller tries to authenticate the wireless clients using the RADIUS servers first. Local EAP is attempted only if no RADIUS servers are found, either because the RADIUS servers timed out or no RADIUS servers were configured. If four RADIUS servers are configured, the controller attempts to authenticate the client with the first RADIUS server, then the second RADIUS server, and then local EAP. If the client attempts to then reauthenticate manually, the controller tries the third RADIUS server, then the fourth RADIUS server, and then local EAP.
This example uses EAP-FAST as the Local EAP method on the WLC, which in turn is configured to query the LDAP backend database for user credentials of a wireless client.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...