Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

clients seem to drop their connectivity intermittently

Hi,
 

We've been  having an intermittent issue where clients seem to drop their connectivity intermittently. We have an SSID configured with 802.1x and user-machine authentication using MS-PEAP.  ISE is currently used as the radius server,

Synopsis:

When the client drops out, it is associated to the AP at good signal strength -64dBm. All our clients are running Win7. Once the issue occurs a yellow exclamation mark appear across the system tray wireless icon and a message appears in the "Network and Sharing Center" that either says “no internet connection” AP status on the controller is associated  The client can ping its default gateway, but no connectivity above layer 3 appear to be working.  This behavior is extremely intermittent. The only way to restore full connectivity to the client is to hard reset the wireless adapter or switch to another SSID and go back to the problematic SSID.

 

Today , I've worked with the same Cisco TAC engineer for almost three hours  trying to  diagnose and analyze this issue.  We've tried to diagnose several clients that were having  this issue by running debugs  on the controllers. The wireless controllers were showing the clients were still associated, yet the clients couldn't communicate with network. I ran a link-test from the controller to the affected clients and all came back with failed status.

Any idea
1 ACCEPTED SOLUTION

Accepted Solutions

a link test could fail

a link test could fail depending on the adapter and CCX. If the client can ping it's default gateway, then the issue is probably, more than likely, not the wireless. Pinging the GW proves the client is passing traffic out of the WLC and upstream. If they are not able to reach any resources you might want to look and check your CAM and arp table entries, it is entirely possible that a MAC is being spoofed, or an IP address is being stolen somewhere.

 

HTH,

Steve

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
2 REPLIES
VIP Purple

What WLC model & code version

What WLC model & code version are you using ?

Also do you have same AP model or different models ?

Rasika

a link test could fail

a link test could fail depending on the adapter and CCX. If the client can ping it's default gateway, then the issue is probably, more than likely, not the wireless. Pinging the GW proves the client is passing traffic out of the WLC and upstream. If they are not able to reach any resources you might want to look and check your CAM and arp table entries, it is entirely possible that a MAC is being spoofed, or an IP address is being stolen somewhere.

 

HTH,

Steve

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered
113
Views
0
Helpful
2
Replies
CreatePlease to create content