Our school wi-fi network has web-auth configured to login against AD (ldap). Everything appears to work fine in a classroom with up to about 20 clients. Once we get past that number web-auth freezes on all the screens where students have not yetcompleted the login. It simply times out. AT times when this is happening I have even lost the ability manage the WLC as the web page gets unresponsive.
If web-auth is turned off there are absolutely no problems.
If web-auth is on and there are 15 or less laptops trying to logon then we are just fine. Everyone logs in gets online.
Any ideas on how we can let the whole class get online at the same time?
-We have already increased teh number of clients on all the APs to support 75 max.
-In one test the clients were associating to multiple APs so I do not believe we are overloading one AP. I really think the issue is with the controller
-A consultant configured the APs for H-REAP.
-Our servers and WLC are on GigE. Our APs are plugged into GigE.
-We have two ldap servers config'd in the software and do not have login issues like this for our wired computer labs.
-DHCP is being handled by a Microsoft Server (i.e. not the WLC).
I am not familiar with "local to the WLC" as a term. Our APs to get their config via connection to the WLC over the native vlan. They were not in HREAP mode until recently. That was a recommendation from our consultants that have not yet solved the issue. Their thought was that this would cut down on traffic to the controller and might help.
I dont have a bug ID handy but basically there is something about having an unresponsive Radius server or LDAP server that can create momentary holds in WLC Control communication (gui/cli). So perhaps your LDAP server stops responding intermittently? Again, I don't have many details, but its worth talking to TAC about.
I don’t think there is problem of users. I think there is a problem with your LDAP or Radius server, When WLC forward the client request to server and if server is not responding your WLC will become unresponsive for momentarily. Please cross check the connectivity between LDAP server and WLC also check settings of LDAP and Radius server.
The solution was finally solved when a newer (patch) version of the WLC software was issued. Apparently it was a "known issue" for a very long time. The problem was related to an end user typing an incorrect password. No joke. The previous version of the software was not multi-threaded. The result was that when an end user entered incorrect credentials the system would stall and all subsequent users needed to wait until that thread terminated. The newer patch handles authentication in a multi-threaded manner that does not exhibit the problem.
IntroductionHow to use the Wireless LAN Controller Configuration Analyzer (WLCCA)
Javier Contreras is a Senior Tech Lead for the Wireless Business Unit in Cisco, with over 2 decades of experi...
< PRE >
(#)For this reason being that : - application that doesn't use multicast, sends one copy of each packet ( data unit of traffic at layer 3 ) to each client (" who seeks the traffic ).- application that does use multicast, sends ...
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...