12-06-2007 05:35 AM - edited 07-03-2021 03:03 PM
We use the Ciso WISM solution and have a wism ctlr (4.0.217.0) with 57 AP's. During the day we have +/-650 users on this ctrl. (the other has 81 AP;'s and +/-500 users)
Most users are concentrated in classrooms.
In the snmp trap logs we see concentrated in time during the day a lot (+/- 150) of 'AAA Authentication Failure for UserName:xxxxxx User Type: WLAN USER' messages.
There are complains from the users about maintaining the wireless connection.
Also there's sometimes in this busy period a swap from the primary radius srv (Radiator) to the secondary.
Is there a best practice for this? In the 'off hours' everything works fine.
12-06-2007 12:03 PM
You might want to check on your EAP timout values.
"show advanced eap" from the CLI and consider increasing the timeout values.
12-07-2007 02:25 AM
Thanks for this information. I found these values. The default values??
(WiSM-slot11-1) >show advanced eap
EAP-Identity-Request Timeout (seconds)........... 1
EAP-Identity-Request Max Retries................. 20
EAP Key-Index for Dynamic WEP.................... 0
EAP Max-Login Ignore Identity Response........... enable
EAP-Request Timeout (seconds).................... 1
EAP-Request Max Retries.......................... 2
Is there any documentation what these parameters do?
EAP-Identity-Request Timeout vs EAP-Request Timeout ??
12-07-2007 04:21 AM
The defaults are normally sufficient, unless you're using EAP-FAST, in which case you're supposed to up the wait timer from 10seconds, to 20.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide