We have some 5508 controllers with and 1142 APs + web authentication using ACS. Ours is a Conference + Staff utility where we want our users to remain authenticated as long as possible. To this end I had modfied User Idle Timeout to 90,000 seconds and DHCP lease to 72 hours. This had worked well with 18.104.22.168 so that users did not need to authenticate so often.
However, after I upgraded to 22.214.171.124 the following happened : (1) Users need to re-authenticate every time they close the laptop lid and laptop goes into hibernate (2) On some small devices like iPods frequent re-authentication is needed.
After some debug etc, I found on the Controller trap messages the following entries:
204 Fri Nov 12 09:06:44 2010 Client Deauthenticated: MACAddress:de:ad:be:ef:11:11 Base Radio MAC:30:37:a6:c3:xx:xx Slot: 1 User Name: XXX Ip Address: YYYY Reason:Unspecified ReasonCode: 1
203 Fri Nov 12 09:06:44 2010User XXX logged Out. Client MAC:de:ad:be:ef:11:11, Client YYYY, AP MAC:30:37:a6:c3:xx:xx, AP Name:ap10
Looks like AP sends a de-authenticate to the client and client logs out. Should not the User Idle Timeout to 90,000 seconds help me keep the client logged in ?
Would anybody know how this can be fixed ? Would 126.96.36.199.157 release I saw on the forum help this case in your opinion?
there is a likely reason. In 188.8.131.52, a new feature got introduced. The AP will deauthenticate the client after a certain number of retransmissions. I guess that this happens because your clients are in sleep mode.
They came up with a fix that keeps the client entry in memory so no re-authentication is needed. The fix should be contained in the special release you mention.
I suggest you open a TAC case so they can validate it and provide you with the software.
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...