New Contributor

TLS Renogotiation

Does anyone know if there is a timer setting in ArubaOS for TLS renegotiation? We have a client device on a Remote AP wired port (doing 802.1x PEAP-TLS) that stops talking after five minutes. Normal company laptops don't have this issue (they keep communicating). Doing a packet capture on the laptops, we see that after five minutes, a TLS renegotiation occurs. The laptop handles it without a problem. I'm fairly certain that this is what is tripping up the other device. Since the renegotiation is initiated by the RAP/NAS, I'm wondering if there is a place that I can turn this timer off to accommodate the other client?
Guru Elite

Re: TLS Renogotiation

Please open a TAC case to ensure that is what is happening with that specific device. You can also do a "show auth-tracebuf mac " on the controller to see what is going on with that client.


Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.
New Contributor

Re: TLS Renogotiation

I decided to try a simple test first: enabling re authentication on the controller. I set the timer there for 7 minutes. After 7 minutes, successful re-auth occurs from the device and the connection remains stable. It appears that setting the re-auth timer stops the RAP from requesting the TLS renegotiation. The device in question can seemingly handle the re-authentication but not the cipher renegotiation.
Search Airheads
Showing results for 
Search instead for 
Did you mean: