Guest

Preview Tool

Cisco Bug: CSCuw31813 - Flex local auth, client deauth roaming to AP with incomplete EAP session

Last Modified

Nov 20, 2018

Products (1)

  • Cisco Aironet 3700 Series Access Points

Known Affected Releases

8.0(110.9) 8.0(120.0)

Description (partial)

Symptom:
this is spinoff from CSCuv67326 

In scenario that client roams away from AP1 during eap processing to AP2 where auth is fully completed, if client comes back to AP1 before it has timed out that EAP state then AP1 will deauthenticate the client

we see either direct deauth after client sends auth req, or EAP error, with AP using old EAP ID

Conditions:
Flex local auth + dot1x scenario
Issue is seen specifically during bad RF scenarios, with failed authentications triggering this
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.