Guest

Preview Tool

Cisco Bug: CSCvv30336 - Wired client connected to 1815w unable to connect using MAB

Last Modified

Aug 11, 2020

Products (1)

  • Cisco Aironet 1850 Series Access Points

Known Affected Releases

8.10(122.0)

Description (partial)

Symptom:
We connected wired devices to an RLAN on the AP 1815w the device is unable to authenticate using MAB.

That only happened when WLC is running version 8.10.122, but if we downgrade to version 8.5.164.0 the Tv is able to authenticate

From the WLC debug (debug client /aaa all enable), I just see EAP-Request/Identity sent to the device and the timeout:

*Dot1x_NW_MsgTask_0: Jul 27 10:09:28.490: d0:03:4b:54:44:40 Sending EAP-Request/Identity to mobile d0:03:4b:54:44:40 (EAP Id 1)
*osapiBsnTimer: Jul 27 10:09:33.288: d0:03:4b:54:44:40 802.1x 'txWhen' Timer expired for station d0:03:4b:54:44:40 and for message = M0
*Dot1x_NW_MsgTask_0: Jul 27 10:09:33.289: d0:03:4b:54:44:40 dot1x - moving mobile d0:03:4b:54:44:40 into Connecting state
*Dot1x_NW_MsgTask_0: Jul 27 10:09:33.289: d0:03:4b:54:44:40 Sending EAP-Request/Identity to mobile d0:03:4b:54:44:40 (EAP Id 2)
*osapiBsnTimer: Jul 27 10:09:38.247: d0:03:4b:54:44:40 802.1x 'txWhen' Timer expired for station d0:03:4b:54:44:40 and for message = M0

From the AP debug (config ap client-trace filter all enable/ debug client)

CLSM[D0:03:4B:54:44:40]: Added to ClientIPTable on wired1
CLSM[D0:03:4B:54:44:40]: client moved from ASSOC to 8021X
CLSM[D0:03:4B:54:44:40]: Added to WCP client table AID 1 Radio 2 Vap 1
CLSM[D0:03:4B:54:44:40]: 8021X timer expired ---> Delete client
CLSM[D0:03:4B:54:44:40]: Client delete initiated with timeout of 1 seconds
CLSM[D0:03:4B:54:44:40]: Remove success from ClientIPTable on wired1
CLSM[D0:03:4B:54:44:40]: Not sending DELETE to cont, reason AUTH_EXPIRED
CLSM[D0:03:4B:54:44:40]: client moved from 8021X to DELETE_PENDING
CLSM[D0:03:4B:54:44:40]: Delete timeout
CLSM[D0:03:4B:54:44:40]: Delete RLAN client

Packet capture from AP port did not show any traffic

Conditions:
AP 1815w WLC 8.10.122
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.