I have a pc with windows xp which is a domain computer. For authentication we use eap-fast/wpa2. Note: ACS is on a Windows 2000 AD server). During booting the pc, after the windows gina, the pc stuck for up to 3 minutes, sometimes longer sometimes shorter. It seems that the pc is waiting for somewhat. When I change to wpa2-psk the login time is almost as fast as the computer is connected with a wired cable. What could the main reason for this behavior?
Do i need machine authentication with peap or eap-tls or is eap-fast capable of doing machine authentication?
The PC is trying to retreive it's security credential from the DC using kerberos over udp. If you want to speed up thing...it depend on your DC.
If you are using a WLSM, you have to reduce the mtu on the server( if windows 2000) and on the client. If you dont use any kind of tunnel, only limit the mtu on the host PC.
One other thing will help. Forcing kerberos to use TCP and it should resolve your issue. You can push it to every host on your network with a GPO. This is by far the easiest solution if you got a large network.
IntroductionHow to use the Wireless LAN Controller Configuration Analyzer (WLCCA)
Javier Contreras is a Senior Tech Lead for the Wireless Business Unit in Cisco, with over 2 decades of experi...
< PRE >
(#)For this reason being that : - application that doesn't use multicast, sends one copy of each packet ( data unit of traffic at layer 3 ) to each client (" who seeks the traffic ).- application that does use multicast, sends ...
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...