Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Clients losing Connections yellow exclamation mark still associated

We are having intermittent issue where clients just lose connectivity, they stay associated to the access point but get a yellow exclamation mark.

I have followed the steps in these post but still the issue persists. https://supportforums.cisco.com/thread/2194495

https://supportforums.cisco.com/thread/2002533

WPA2 802.1 x authentication.

We were getting this error before I made the changes

(Cisco Controller) >*dot1xMsgTask: Jan 31 11:58:25.140: 08:11:96:80:33:e0 Key exchange done, data packets from mobile 08:11:96:80:33:e0 should be forwarded shortly

*dot1xMsgTask: Jan 31 11:58:25.140: 08:11:96:80:33:e0 Sending EAPOL-Key Message to mobile 08:11:96:80:33:e0

                                                                                                            state PTKINITDONE (message 5 - group), replay counter 00.00.00.00.00.00.00.02

*dot1xMsgTask: Jan 31 11:58:25.141: 08:11:96:80:33:e0 Updated broadcast key sent to mobile 08:11:96:80:33:E0

*Dot1x_NW_MsgTask_0: Jan 31 11:58:25.145: 08:11:96:80:33:e0 Received EAPOL-Key from mobile 08:11:96:80:33:e0

*Dot1x_NW_MsgTask_0: Jan 31 11:58:25.145: 08:11:96:80:33:e0 Ignoring invalid EAPOL version (1) in EAPOL-key message from mobile 08:11:96:80:33:e0

*Dot1x_NW_MsgTask_0: Jan 31 11:58:25.145: 08:11:96:80:33:e0 Received EAPOL-key in REKEYNEGOTIATING state (message 6) from mobile 08:11:96:80:33:e0

After I made the changes there are no errors in the debug  just clients stops working with yellow exclamation mark, cannot reach default gateway.

We also recently enabled Rogue policies auto contain rogue on wire and Using our SSID.

WLC4402 7.0.235.0

We want to upgrade the WLC software but want to make sure it’s the issue.

7 REPLIES
VIP Purple

Clients losing Connections yellow exclamation mark still associa

HI Theo,

from these logs, we can not identify the problem:


*Dot1x_NW_MsgTask_0: Jan 31 11:58:25.145: 08:11:96:80:33:e0 Received EAPOL-key in REKEYNEGOTIATING state (message 6) from mobile 08:11:96:80:33:e0

This means Successfully received group key update.So this is not a error 

Please paste more logs.

debug client

Reagrds

New Member

Re: Clients losing Connections yellow exclamation mark still ass

that is it nothing else further in the logs client just loses connection

VIP Purple

Clients losing Connections yellow exclamation mark still associa

Hi,

No logs then we have to go by hidden and trial method

1. Are you facing this problem with only one client or with many clients ??

2. Check the WLAN > Advanced page and disable the sesiion timeout or enter a big value there(Many hours).

3. Is there enough signal level near to the client ?

4. NIC driver are up to date or not for client ?

Regards

New Member

Re: Clients losing Connections yellow exclamation mark still ass

session time out is 30 min but the issue occurs within that time frame

Only to clients in one building affected, signal level is acceptable.

just a note we are using the ap for clients and rogue at the same time.

Hall of Fame Super Silver

Re: Clients losing Connections yellow exclamation mark still ass

RLDP should not be enabled or else it can cause client connection issues. What code on the WLC and what AP's. There is an issue with v7.6 and 3600's and 3700's that clients loose layer 2 and will get an exclamation showing no internet access.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
New Member

Re: Clients losing Connections yellow exclamation mark still ass

We have disabled it now will see if the issue still persists

Contoller 4400 code

7.0.235.0

Hall of Fame Super Silver

Clients losing Connections yellow exclamation mark still associa

Okay... well at least its not the WLC code or AP tht is an issue.  RLDP whould only be used on monitor mode access points, When used with access points that serve clients, the AP when detecting a rogue, will drop all associated clients.  The AP's will do rogue detection anyways, so no need enable RLDP. 

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a0080722d8c.shtml

Thanks,

Scott

Help out other by using the rating system and marking answered questions as "Answered"

-Scott
*** Please rate helpful posts ***
901
Views
0
Helpful
7
Replies
CreatePlease login to create content