I'm receiving the following syslog messages on my WLC (WiSM2): " *dot1xMsgTask: Dec 04 11:51:53.944: %DOT1X-3-MAX_EAP_RETRIES:
1x_auth_pae.c:3136 Max EAP identity request retries (3) exceeded for XX:XX:XX:XX:XX " and it's for all of my Mac OSX users. I'm using Windows Server 2008 R2 as a Radius server and PEAP for auth. Any ideas ? Thanks!!
The Max Retries value is the number of times the WLC will send the Identity Request to the client, before removing its entry from the MSCB. Once the Max Retries is reached, the WLC sends a de-authentication frame to the client, forcing them to restart the EAP process. Available value is 1 to 20.
**The Max Retries works with the Identity Timeout. If you have your Identity Timeout set to 120, and your Max Retries to 20 how long does it takes 2400 (or 120 * 20). This means it would take 40 minutes for the client to be removed, and to start the EAP process over again. If you set the Identity Timeout to 5, with a Max Retries value of 12, then it will take 60 (or 5 * 12).
We are moving! Please use WLCCA Forum for updates and discussions
[toc:faq] Wireless LAN Controller (WLC) Config Analyzer Download Click
here to Download To request access, send an e-mail to
firstname.lastname@example.org. Please include your Cisco.com userna...
[toc:faq] IntroductionHere is the step by step process that we have to
take care of while converting LWAPP to IOS and then vice versa..LWAPP to
IOSThe hardware used = 1141 AP (make sure we are using the right
[toc:faq] Introduction AnyConnect Secure Mobility Client 3.0: Network
Access Manager & Profile Editor on Windows Summary Use the Cisco
AnyConnect Network Access Manager Profile Editor to build custom
profiles for the AnyConnect Secure Mobility Client. App...