Jim,
What version of Aruba code are you running? At Emory, we've experienced
similar problems since our move to 3.3.1 code (currently on 3.3.1.15). We've
been working with Aruba TAC and have identified a bug - bugid 27234. It
relates to MobileIP where a wireless client may not be cleanly removed from the
mobility table. Symptoms are strong signal level and 802.1x authentication
occurs normally but user is unsuccessful in getting an IP address
(self-assigned or it just keeps trying to reconnect). A user debug shows the
user requesting a DHCP IP address, but the mobility process preventing it from
being assigned. We've only seen a handful of users affected by this problem.
The users are generally only affected in locations homed to one controller, and
can connect normally at other locations homed to different controllers.
The good news is that Aruba has a patch for this in 3.3.1.20 code. We are
upgrading next weekend to address this problem. There are some workarounds
(some drastic) that I'll let Aruba TAC tell you about to temporarily address
this.
>>-> Stan Brooks - CWNA/CWSP
Emory University
University Technology Services
404.727.0226
AIM/Y!/Twitter: WLANstan
MSN: [EMAIL PROTECTED]
GoogleTalk: [EMAIL PROTECTED]
-----Original Message-----
From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL
PROTECTED] On Behalf Of Jim Galiardi
Sent: Monday, November 03, 2008 1:03 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Windows Wireless Clients- strange behavior after
recent Windows Updates?
Interesting thread.
I've only recently been made aware of similar issue on our WLAN that may have
been occurring since the start of fall quarter but took a few weeks to filter
through to me from our helpdesk and NOC. This also seems new to us and we've
made no configuration changes since winter quarter of last year.
In our case DHCP transactions seem to occur normally according to DHCP logs.
Requests are being received And ACKs returned. The client seems to be
receiving the ACKs as they maintain the same IP address being issued during a
release/renew. However, as mentioned in other threads the client cannot ping
anything on the network but itself. However, in many of the reports I've
received and some of the duplication we've been able to produce, a reset of the
NIC or even full reboot of the client does not alleviate the issue. Seems only
moving to a different controller alleviates the issue.
What is interesting, is most of the recent talk has been focused on Cisco
sites, but in our case we are an Aruba shop. The one commonality may be
mobility as we also run a large mobility domain.
This may be just coincidence, but the symptoms sounded so eerily familiar, I
thought I would post our experiences to date. After a significant amount of
problem replication and troubleshooting last week, I finally opened a case with
Aruba TAC on this which is currently being worked. We'll see what they can
come up with.
Regarding the post from Bruce Johnson:
"When a mobile station roams from an AP joined to one controller, to an AP
joined to another controller, the client may suffer a lack of data connectivity
for a period as long as the configured user idle timeout."
This may also be a commonality. I reduced the configured 'idle timeout' on our
controllers to 300 seconds late last week which seems to have stemmed the
number of complaints, but it's still too early to say for sure.
Also in similar problems we've had in the past, Aruba has a similar workaround
to the one Bruce mentions;' Delete the mobility members from the configuration
and re-add them.' Fortunately, though we don't have to re-add them manually,
it is still not a very scalable solution for clients stuck out on campus with
no connectivity.
___________________________________
Jim Galiardi
Network Specialist, Network Systems
UW Technology
University of Washington
(206)616-0397
Box 354150
-----Original Message-----
From: The EDUCAUSE Wireless Issues Constituent Group Listserv [mailto:[EMAIL
PROTECTED] On Behalf Of Lee H Badman
Sent: Friday, October 31, 2008 11:35 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: Windows Wireless Clients- strange behavior after recent Windows
Updates?
It's good to know we have our choice of bugs on this condition:) It's
looking very much like the symmetric mobility tunneling that the
esteemed gentleman from New Mexico mentioned- set this up on our spare
controllers and tested thoroughly, we're looking much better. But we
went to this version of code months ago, yet the problem started in the
last week- that's the real confusion agent to me.
Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Syracuse University
315 443-3003
-----Original Message-----
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Johnson, Bruce
T
Sent: Friday, October 31, 2008 11:55 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Windows Wireless Clients- strange behavior
after recent Windows Updates?
CSCsr40109 Bug Details
http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method
=3DfetchBu
gDetails&bugId=3DCSCsl51486&from=3Dsummary
Mobility announcements not sent after an upgrade when wrong version =20
Symptom:
When a mobile station roams from an AP joined to one controller, to an
AP
joined to another controller, the client may suffer a lack of data
connectivity
for a period as long as the configured user idle timeout.
"debug mobility handoff enable" output shows that, after the roam event,
the WLC to which the client has roamed does not send the MobileAnnounce
message
to the WLC from which the client had roamed.
Conditions:
Multiple WLCs in the same mobility group, running 4.2.112.0. The WLCs
had all
been upgraded from 4.1.185.0, and then had not been rebooted again.
Workaround:
There are 2 workarounds for this issue,
1) Delete the mobility members from the configuration and re-add them.
2) After upgrading all WLCs to 4.2.112.0, reboot them all once more.
=20
Bruce T. Johnson | Network Engineer | Partners Healthcare=20
Network Engineering | 617.726.9662 | Pager: 31633 |
[EMAIL PROTECTED]
________________________________
From: The EDUCAUSE Wireless Issues Constituent Group Listserv on behalf
of James
Nesbitt
Sent: Fri 10/31/2008 11:49 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Windows Wireless Clients- strange behavior
after
recent Windows Updates?
Lee,=20
Are you using GLBP? I recently had an issue with clients roaming from
one AP to
another AP on a different controller, but in the same mobility group.
After a
week or so of providing Cisco with logs and configs I was issued the
following:
Bugs CSCsv21441 and CSCsv21464 have been filed on the GLBP issue. As a
work
around I was instructed to use the router's actual ip address instead of
the
GLBP virtual address for the default gateway on the client interfaces.
James Nesbitt
Wireless Engineer
Duke University
On Oct 31, 2008, at 8:29 AM, Lee H Badman wrote:
=09
This is getting worse for us, and I think we have found that the
recent
Windows patches have their own baggage but are likely not the actual
problem in
our Cisco environment. We have an open TAC case right now, but so far no
response to what is becoming a very disruptive condition. It seems that
any OS
is impacted (Linux, Mac, Windows) but only on our secure 802.1x network-
open
networks not affected- in that if you roam from one AP to another your
session
breaks. Seems worse on APs on different controllers, though everything
is in the
same mobility group. We've made no system changes and did not have this
problem
a week ago. Weird stuff- debug is so convoluted and chattey on a busy
controller
that it's hard to extract any value in this case
=20
Lee Badman
=09
________________________________
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Bentley,
Douglas
Sent: Thursday, October 30, 2008 11:14 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Windows Wireless Clients- strange
behavior
after recent Windows Updates?
=20
Yes, Cisco for us. 2 6509E with 6 WiSMs (3x3) and 2 4404-100s
in our
test core. We just moved to 4.2.130. I need to perform more testing
with this
code in place. We are using open and WPA with web authentication as
well as
WPA2/AES.
=20
=20
Douglas R. Bentley
University Information Technology
Systems Engineering Group
=20
<image001.jpg>=20
=20
727 Elmwood Avenue, Suite 132
Rochester, NY 14620
Office: (585) 275-6550=20
Fax: (585) 273-1013
Mailto:[EMAIL PROTECTED]
www.rochester.edu/its/
=20
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Lee H Badman
Sent: Thursday, October 30, 2008 11:06 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Windows Wireless Clients- strange
behavior
after recent Windows Updates?
=20
Cisco for you? And what version code? And only on secure WLAN or
on open
nets as well?
=20
Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Syracuse University
315 443-3003
=09
________________________________
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Bentley,
Douglas
Sent: Thursday, October 30, 2008 9:57 AM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Windows Wireless Clients- strange
behavior
after recent Windows Updates?
=20
We are seeing the same thing here. If anyone finds anything
please post
it.
=20
=20
Douglas R. Bentley
University Information Technology
Systems Engineering Group
=20
<image001.jpg>=20
=20
727 Elmwood Avenue, Suite 132
Rochester, NY 14620
Office: (585) 275-6550=20
Fax: (585) 273-1013
Mailto:[EMAIL PROTECTED]
www.rochester.edu/its/
=20
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Lee H Badman
Sent: Wednesday, October 29, 2008 12:26 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Windows Wireless Clients- strange
behavior
after recent Windows Updates?
=20
We are so far finding that just changing network selection (go
to
another network then come back) or disconnect/reconnect, or reboot, or
similar
does tend to fix it.
=20
Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Syracuse University
315 443-3003
=09
________________________________
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Fruits, Brian
Sent: Wednesday, October 29, 2008 12:23 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: Re: [WIRELESS-LAN] Windows Wireless Clients- strange
behavior
after recent Windows Updates?
=20
I have had reports from one user that sound very similar to your
last
item. They say they can connect in one location, but when they move
they have
no connectivity. If they move back they are online again. I am still
waiting
for the user to contact me with more details about their device, have
you found
a fix/workaround for this? We run mostly Meru with BlueSocket and
nothing
special like 802.1x.=20
=20
Brian Fruits
ITS - Network Services
UNC Charlotte
=20
=20
From: The EDUCAUSE Wireless Issues Constituent Group Listserv
[mailto:[EMAIL PROTECTED] On Behalf Of Lee H Badman
Sent: Wednesday, October 29, 2008 12:16 PM
To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU
Subject: [WIRELESS-LAN] Windows Wireless Clients- strange
behavior after
recent Windows Updates?
=20
Wondering if anyone else is feeling this effect after the recent
spate
of updates to XP and Vista machines- our Mac. Linux, and handheld users
seem to
be immune and we have had no configuration changes in our Cisco LWAPP
environment of late, and the condition has also been noted on at least
two staff
machines in their home networks:
=20
- Machines coming out of sleep, hibernation, screen
saver, etc
have an IP address, but can ping nothing (but themselves)
- Wireless sniffing showed one user was simply
generating null
data frames (likely 802.11 power save related)
- Or- user is good and functional on one AP, but cannot
move to
an AP on another controller- same symptoms described above. Again,
non-Windows
users have no issue
=20
Is this ringing bells for anyone? Mostly, this seems to be very
recent.
I know for sure that Windows XP SP3 was not kind to one of my own PCs-
after the
reboot it came up with unrecognized hardware (sound card) and drastic
changes
were made to my wireless adapter including my 802.1x profile being
changed.
=20
-Lee
=20
Lee H. Badman
Wireless/Network Engineer
Information Technology and Services
Syracuse University
315 443-3003
=20
********** Participation and subscription information for this
EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this
EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this
EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this
EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this
EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this
EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.=20
********** Participation and subscription information for this
EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE
Constituent Group discussion list can be found at
http://www.educause.edu/groups/.=20
The information transmitted in this electronic communication is intended
only
for the person or entity to whom it is addressed and may contain
confidential
and/or privileged material. Any review, retransmission, dissemination or
other
use of or taking of any action in reliance upon this information by
persons or
entities other than the intended recipient is prohibited. If you
received this
information in error, please contact the Compliance HelpLine at
800-856-1983 and
properly dispose of this information.
**********
Participation and subscription information for this EDUCAUSE Constituent
Group discussion list can be found at http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
This e-mail message (including any attachments) is for the sole use of
the intended recipient(s) and may contain confidential and privileged
information. If the reader of this message is not the intended
recipient, you are hereby notified that any dissemination, distribution
or copying of this message (including any attachments) is strictly
prohibited.
If you have received this message in error, please contact
the sender by reply e-mail message and destroy all copies of the
original message (including attachments).
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
