On Thu, Dec 03, 2015 at 04:17:12PM +0000, Oliver Elliott wrote: > The 7.6.x range was buggy as hell so I'm not surprised. Get off there asap!
Not as buggy as 7.4.x... we ran 7.6 for a year quite happily. All Cisco software releases are buggy... just depends on whether the bugs affect your particular environment :) > On 3 December 2015 at 16:15, John York <[email protected]> wrote: > > > After a year of pretty much rock solid behavior we’ve had two instances > > this week where EAP failed for some or all of the users on our WLC 5508 In what way? > > experiencing the problem, but the WebAuth SSID worked fine. The ACS logs > > showed “EAP session timed out.” The Windows NPS logs didn’t show any > > authentication failures. How many authentications per second? Is it busier than usual? Could be a case of the WLC reusing RADIUS session IDs which will totally break stuff and is a know issue under high numbers of authentications. Cisco have gone some way to fix this issue in the latest 8.x, but as far as I'm concerned their RADIUS client design is overall still pretty bad. > > After a few hours it fixed itself. I tried a 5508 reboot in one of the > > instances, and it didn’t appear to help. So likely behaviour caused by some external factor, such as the above. But could be anything like eap timers not tuned well, wireless issues at the edge, etc. Or backend auth being slow. Cheers, Matthew -- Matthew Newton, Ph.D. <[email protected]> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <[email protected]> ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
