Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Problem with WLC Authentication

We have two 4400 WLC Controllers on our network using ACS for authentication. For over a week now one of the controllers is comtinually sending the following message

An Alert of Category Switch is generated with severity 1

by Switch PHMDP01_WLC4404_2/ .

The message of the alert is Controller ''. RADIUS server(s) are not responding to authentication requests..

The two controllers are configured exactly the same and we don't get the alerts from the other controller.

Please could someone give me some ideas as to what to look for to resolve this issue?



New Member

Re: Problem with WLC Authentication

I have noticed this problem as well and I narrowed it down to two things.

1. Any 350 series card that is not using ACU 6.6 and using EAP-FAST with WPA/TKIP will cause this error

2. If you have multiple ACS servers During the time that the servers are replicating you will get this message.

I think that the reason you are getting it from one controller and not the other is the fact that you have a client trying to authenticate to an AP on that controller and no the other controller and that could be causing the problem with only one. Without knowing your configuration or what type of clients you have I cannot be sure though. These are what I have narrowed down from my experiences. By the way I still haven't stopped them completely, and it is very aggravating.

Cisco Employee

Re: Problem with WLC Authentication

I have seen this as well. But in my case, it was also with a couple steel-belted radius servers rather than ACS.

So, I don't believe it is something on the ACS end.

New Member

Re: Problem with WLC Authentication

Have you had any luck with this? I am still receiving these error messages.

New Member

Re: Problem with WLC Authentication

If they are configured the same way, as you are pointing out only one of them should not complain about request/response failure.

Please make sure that you have added the second controller to the list of AAA clients on the ACS.

New Member

Re: Problem with WLC Authentication

I was getting this message from all the controllers in my stack (3), concurrently. But the error only occurred at random times. All controllers are entered correctly in ACS. I upgraded to ACS 4.1.1 build 23 this morning and it seemed to clear things up. This version seems much more stable than 4.0.1 build 27. I am going to monitor it for a couple of days and see.