Hi Guys, I have a TAC case open on this but It looks like once a week or so when the perfect storm arises we are hitting this one for a couple of minutes: CSCuo96366
--- WLC sends Radius packets with same ID without doing Radius ID check CSCuo96366 Description Symptom: Clients are not able to Authenticate at Peak loads when using FreeRadius. Conditions: Using Freed radius (most susceptible), we observe at high auth rate and if Radius server is not responding to all Radius packets in seq order or if the server is slow, WLC when wraps around 0-255 Radius ID's, it does not do a check when posting new packet. So essentially you have 2 packets with same ID being presented to AAA server. --- The funny thing is that 9 of 10 WLC's are working fine against the same servers at the same time - the problem only happens on one WLC. When it occurs we see this in the logs (Notice the same ID number 253 below) servername radiusd[23964]: Discarding conflicting packet from client (IP of WLC) port 32770 - ID: 253 due to recent request 57345605. servername radiusd[23964]: Discarding conflicting packet from client (IP of WLC) port 32770 - ID: 253 due to recent request 57347264 Wondering if other Cisco WLC customers see this since I know a lot of you are using FreeRADIUS, or FreeRADIUS-based authentication servers. If so, let me know of any solutions and/or work-arounds. Thanks, Curtis Larsen University of Utah IT/CIS Sr. Network Engineer ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
