Preview Tool

Cisco Bug: CSCuw37942 - Local EAP hardening

Last Modified

Sep 28, 2018

Products (1)

  • Cisco 5500 Series Wireless Controllers

Known Affected Releases


Description (partial)

Symptom 1:
A WLC may unexpectedly reload with crash file similar to the following:

Task Name:      EAP Framework
Reason:         System Crash
[ ... ]
Analysis of Failure:

System Stack

0x408f11 0x40867d 0x403347 0x1cc11f0
0x1cf7d10 0xd62a9a 0x10916d0 0x107fa12
0x108e998 0x15602f9 0x15604a0 0x15610be
0x15386f7 0x15386f7 0x15386f7 0x1090537
0xd6e62f 0x1cbc982 0x1d17ba9 0x1d17ba9
0x1d17ba9 0x1d17ba9 0x1d17ba9 0x1d17ba9

Symptom 2:
EAP negotiations between the WLC Local auth server and a client may fail following a session-timeout.  A message similar to the following is seen in the msglog:

*Dot1x_NW_MsgTask_0: Apr 14 14:52:36.930: #DOT1X-3-ABORT_AUTH: 1x_bauth_sm.c:449  Authentication Aborted for client 8c:70:5a:58:fd:60

Using the AireOS local authentication server.

Related Community Discussions

User not getting authenticated/connected to WLAN (radius authentication )
Hello Experts, I have one SSID which having RADUIS authentication but when client try's to connect it fails ... here are the logs from thecontroller. Dot1x_NW_MsgTask_0: Nov 07 13:05:08.371: %DOT1X-3-INVALID_WPA_KEY_MSG_STATE: [PA]1x_eapkey.c:1002 Received invalid EAPOL-key M2 msg in START  state - invalid secure bit; KeyLen 40, Key type 1 *Dot1x_NW_MsgTask_0: Nov 07 13:04:56.767: %DOT1X-3-AAA_AUTH_SEND_FAIL: [PA]1x_aaa.c:849 Unable to send AAA message for client 90:2e:1c:47:e7:80 *Dot1x_NW_MsgTask_0: ...
Latest activity: Aug 13, 2018
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.