Hi all,

At first, sorry for my English.

We are actually working on a wireless solution deployment, and we have some strange problems.

We're using an integrated controller (Cisco Catalyst 3750G Integrated Wireless LAN Controller), with two AP models (1030 and 1131AG).

Actually, the 1030 APs are in local mode and the 1131AG APs in H-REAP mode.

We are using :

ACS 3.3.

WCS version 4.0.179.8.

CSSC 5.0.2.

PC's user has an Intel Pro/Wireless 2200BG

The problem comes from the authentication.

When user is using WPA2-AES / 802.1x authentication, associated with the 1030 AP, we don't see anything on the controller, the client tries to connect without success and you have to disable and to enable the Wifi Radio on the CSSC to do it works.

When user is using WPA2-AES / 802.1x authentication, associated with the 1131AG AP (on another site - H-REAP mode), the connection is not working. It's impossible for the user to connect.

We have this kind of error messages:

Mon Feb 11 16:06:18 2008: 00:13:02:3b:81:0a Deleting mobile 00:13:02:3b:81:0a on AP 00:0b:85:7c:55:40(1)

Mon Feb 11 16:06:21 2008: 00:13:02:3b:81:0a Adding mobile 00:13:02:3b:81:0a on LWAPP AP 00:0b:85:7c:55:40(1)

Mon Feb 11 16:06:21 2008: 00:13:02:3b:81:0a Scheduling deletion of Mobile Station: 00:13:02:3b:81:0a (callerId: 23) in 5 seconds

Mon Feb 11 16:06:21 2008: 00:13:02:3b:81:0a Changing state for mobile 00:13:02:3b:81:0a on AP 00:0b:85:7c:55:40 from Idle to Probe

Mon Feb 11 16:06:21 2008: 00:13:02:3b:81:0a Scheduling deletion of Mobile Station: 00:13:02:3b:81:0a (callerId: 24) in 5 seconds

Mon Feb 11 16:06:26 2008: 00:13:02:3b:81:0a 0.0.0.0 START (0) Deleted mobile LWAPP rule on AP [00:0b:85:7c:55:40]

When we're trying to use the WPA-TKIP / 802.1x authentication, the user cannot connect correctly, neither on the 1030 nor on the 1131AG.

Sometimes the connection is working at the first time but the user lost his connection after 3-4 hours.

Sometimes it's impossible to authenticate and we have this kind of messages:

Mon Feb 11 16:04:09 2008: 00:13:02:3b:81:0a 0.0.0.0 8021X_REQD (3) Plumbed mobile LWAPP rule on AP 00:0b:85:7c:55:40

Mon Feb 11 16:04:09 2008: 00:13:02:3b:81:0a Changing state for mobile 00:13:02:3b:81:0a on AP 00:0b:85:7c:55:40 from Associated to Associated

Mon Feb 11 16:04:09 2008: 00:13:02:3b:81:0a Stopping deletion of Mobile Station: 00:13:02:3b:81:0a (callerId: 48)

Mon Feb 11 16:04:09 2008: 00:13:02:3b:81:0a Sending Assoc Response to station 00:13:02:3b:81:0a on BSSID 00:0b:85:7c:55:40 (status 0)

Mon Feb 11 16:04:09 2008: 00:13:02:3b:81:0a Changing state for mobile 00:13:02:3b:81:0a on AP 00:0b:85:7c:55:40 from Associated to Associated

Mon Feb 11 16:04:09 2008: 00:13:02:3b:81:0a dot1x - moving mobile 00:13:02:3b:81:0a into Connecting state

Mon Feb 11 16:04:09 2008: 00:13:02:3b:81:0a Sending EAP-Request/Identity to mobile 00:13:02:3b:81:0a (EAP Id 1)

Mon Feb 11 16:04:10 2008: 00:13:02:3b:81:0a 802.1x 'txWhen' Timer expired for station 00:13:02:3b:81:0a

Mon Feb 11 16:04:10 2008: 00:13:02:3b:81:0a dot1x - moving mobile 00:13:02:3b:81:0a into Connecting state

Mon Feb 11 16:04:10 2008: 00:13:02:3b:81:0a Sending EAP-Request/Identity to mobile 00:13:02:3b:81:0a (EAP Id 2)

Mon Feb 11 16:04:11 2008: 00:13:02:3b:81:0a 802.1x 'txWhen' Timer expired for station 00:13:02:3b:81:0a

Actually, we're thinking about some problem between the Intel wireless Card and the CSSC.

With the CSSC 4.2, the WPA2-AES connection was working fine on 1030 (not on the 1131AG).

Thanks a lot for your help.

Vincent.