12-06-2007 05:35 AM - edited 07-03-2021 03:03 PM
We use the Ciso WISM solution and have a wism ctlr (4.0.217.0) with 57 AP's. During the day we have +/-650 users on this ctrl. (the other has 81 AP;'s and +/-500 users)
Most users are concentrated in classrooms.
In the snmp trap logs we see concentrated in time during the day a lot (+/- 150) of 'AAA Authentication Failure for UserName:xxxxxx User Type: WLAN USER' messages.
There are complains from the users about maintaining the wireless connection.
Also there's sometimes in this busy period a swap from the primary radius srv (Radiator) to the secondary.
Is there a best practice for this? In the 'off hours' everything works fine.
12-06-2007 12:03 PM
You might want to check on your EAP timout values.
"show advanced eap" from the CLI and consider increasing the timeout values.
12-07-2007 02:25 AM
Thanks for this information. I found these values. The default values??
(WiSM-slot11-1) >show advanced eap
EAP-Identity-Request Timeout (seconds)........... 1
EAP-Identity-Request Max Retries................. 20
EAP Key-Index for Dynamic WEP.................... 0
EAP Max-Login Ignore Identity Response........... enable
EAP-Request Timeout (seconds).................... 1
EAP-Request Max Retries.......................... 2
Is there any documentation what these parameters do?
EAP-Identity-Request Timeout vs EAP-Request Timeout ??
12-07-2007 04:21 AM
The defaults are normally sufficient, unless you're using EAP-FAST, in which case you're supposed to up the wait timer from 10seconds, to 20.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: