Wireless Access

last person joined: 19 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Android 7.x Phone sending deauth code 3

This thread has been viewed 1 times

  • 1.  Android 7.x Phone sending deauth code 3

    Posted Dec 01, 2017 06:08 PM

    So one of the clients is getting random disconnection for some reason. Log says Code 3 reason or the way I understand it is the phone itself is initiating the deauth. He has a Motorola Android 7.x phone. What is really surprising is I have an LG phone with Android 7.x too but I don't have this problem. Any ideas? Here's the log. 

     

    (aruba-wc2) #  show auth-tracebuf mac d4:63:c6:xx:xx:2x

Warning: user-debug is enabled on one or more specific MAC addresses;
         only those MAC addresses appear in the trace buffer.

Auth Trace Buffer
-----------------


Dec  1 13:53:51  station-down           *  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  -
Dec  1 13:54:07  station-up             *  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  -    wpa2 aes
Dec  1 13:54:07  wpa2-key1             <-  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  117
Dec  1 13:54:07  wpa2-key2             ->  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  135
Dec  1 13:54:07  wpa2-key3             <-  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  167
Dec  1 13:54:07  wpa2-key4             ->  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  95
Dec  1 14:01:05  station-down           *  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  -
Dec  1 14:01:16  station-up             *  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  -    wpa2 aes
Dec  1 14:01:16  wpa2-key1             <-  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  117
Dec  1 14:01:16  wpa2-key2             ->  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  135
Dec  1 14:01:16  wpa2-key3             <-  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  167
Dec  1 14:01:16  wpa2-key4             ->  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2                    -  95
Dec  1 14:03:16  rad-acct-int-update   ->  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2/radius-01-eduroam  -  -
Dec  1 14:03:16  rad-acct-int-update   ->  d4:63:c6:xx:xx:2x  18:64:72:38:71:d2/radius-02-eduroam  -  -

(aruba-wc2) #

     

    (aruba-wc2) #show log user-debug all | include d4:63:c6:xx:xx:2x
.
.
.
.
.

Dec 1 13:54:07 :522259:  <DBUG> |authmgr|  "VDR - Do Role Based VLAN Derivation user d4:63:c6:xx:xx:2x role cpp-role-authenticated rolehow ROLE_DERIVATION_DOT1X_VSA.
Dec 1 13:54:07 :522254:  <DBUG> |authmgr|  VDR - mac d4:63:c6:xx:xx:2x rolename cpp-role-authenticated fwdmode 0 derivation_type Dot1x Aruba VSA Role Contained vp not present.
Dec 1 13:54:07 :522258:  <DBUG> |authmgr|  "VDR - Add to history of user user d4:63:c6:xx:xx:2x vlan 0 derivation_type Reset Role Based VLANs index 7.
Dec 1 13:54:07 :522255:  <DBUG> |authmgr|  "VDR - set vlan in user for d4:63:c6:xx:xx:2x vlan 1521 fwdmode 0 derivation_type Current VLAN updated.
Dec 1 13:54:07 :522258:  <DBUG> |authmgr|  "VDR - Add to history of user user d4:63:c6:xx:xx:2x vlan 1521 derivation_type Current VLAN updated index 8.
Dec 1 13:54:07 :522260:  <DBUG> |authmgr|  "VDR - Cur VLAN updated d4:63:c6:xx:xx:2x mob 0 inform 1 remote 0 wired 0 defvlan 1521 exportedvlan 0 curvlan 1521.
Dec 1 13:54:07 :522029:  <INFO> |authmgr|  MAC=d4:63:c6:xx:xx:2x Station authenticate: method=802.1x, role=cpp-role-authenticated/cpp-role-authenticated//guest-logon, VLAN=1521/1521, Derivation=9/1, Value Pair=0
Dec 1 13:54:07 :522158:  <DBUG> |authmgr|  Role Derivation for user 10.110.166.196-d4:63:c6:xx:xx:2x-amulyadi@cpp.edu N/A User authenticated with auth type:Unknown auth type role derivation:0.
Dec 1 13:54:07 :522318:  <DBUG> |authmgr|  Client d4:63:c6:xx:xx:2x idle timeout 300 profile global
Dec 1 13:54:07 :522008:  <NOTI> |authmgr|  User Authentication Successful: username=amulyadi@cpp.edu MAC=d4:63:c6:xx:xx:2x IP=10.110.166.196 role=cpp-role-authenticated VLAN=1521 AP=015-2000-ap07-w1 SSID=eduroam AAA profile=cpp-aaa-dot1x-eduroam auth method=802.1x auth server=radius-01-eduroam
Dec 1 13:54:07 :522158:  <DBUG> |authmgr|  Role Derivation for user fe80::d663:c6ff:fe43:4b25-d4:63:c6:xx:xx:2x-amulyadi@cpp.edu N/A User authenticated with auth type:Unknown auth type role derivation:0.
Dec 1 13:54:07 :522318:  <DBUG> |authmgr|  Client d4:63:c6:xx:xx:2x idle timeout 300 profile global
Dec 1 13:54:07 :522008:  <NOTI> |authmgr|  User Authentication Successful: username=amulyadi@cpp.edu MAC=d4:63:c6:xx:xx:2x IP=fe80::d663:c6ff:fe43:4b25 role=cpp-role-authenticated VLAN=1521 AP=015-2000-ap07-w1 SSID=eduroam AAA profile=cpp-aaa-dot1x-eduroam auth method=802.1x auth server=radius-01-eduroam
Dec 1 13:54:07 :522301:  <DBUG> |authmgr|  Auth GSM : USER publish for uuid 0x88724b02e09839a7 mac d4:63:c6:xx:xx:2x name amulyadi@cpp.edu role cpp-role-authenticated devtype Android wired 0 authtype 4 subtype 9  encrypt-type 10 conn-port 8448 fwd-mode 0
Dec 1 13:54:07 :522243:  <DBUG> |authmgr|  MAC=d4:63:c6:xx:xx:2x Station Updated Update MMS: BSSID=18:64:72:38:71:d2 ESSID=eduroam VLAN=1521 AP-name=015-2000-ap07-w1
Dec 1 13:54:07 :522301:  <DBUG> |authmgr|  Auth GSM : USER publish for uuid 0x88724b02e09839a7 mac d4:63:c6:xx:xx:2x name amulyadi@cpp.edu role cpp-role-authenticated devtype Android wired 0 authtype 4 subtype 9  encrypt-type 10 conn-port 8448 fwd-mode 0
Dec 1 13:54:10 :527000:  <DBUG> |mdns|  mdns_parse_auth_userapname_message 452 Auth->MDNS User APNAME: MAC:d4:63:c6:xx:xx:2x, NEW AP NAME:015-2000-ap07-w1
Dec 1 13:54:10 :527000:  <DBUG> |mdns|  mdns_parse_auth_userrole_message 269 Auth User ROLE: MAC:d4:63:c6:xx:xx:2x, ROLE_NAME:cpp-role-authenticated
Dec 1 13:54:10 :527000:  <DBUG> |mdns|  mdns_auth_userinfo_req_message 345 mac(d4:63:c6:xx:xx:2x), ip(10.110.166.196)
Dec 1 13:54:15 :527000:  <DBUG> |mdns|  mdns_parse_userinfo 376 UserInfo resp=1 ip=10.110.166.196, mac=d4:63:c6:xx:xx:2x, apname=015-2000-ap07-w1, role=cpp-role-authenticated, username=amulyadi@cpp.edu, vlan=1521
Dec 1 13:54:15 :527000:  <DBUG> |mdns|  ag_mdns_get_token_list_for_mac 654 AirGroup user exists but token_list does not: mac=d4:63:c6:xx:xx:2x
Dec 1 13:54:15 :527000:  <DBUG> |mdns|  ag_ssdp_get_token_list_for_mac 360 AirGroup user exists but ssdp_token_list does not: mac=d4:63:c6:xx:xx:2x
Dec 1 13:54:15 :527000:  <DBUG> |mdns|  mdns_parse_auth_userinfo_resp_message 401 UserInfo response completed for ip=10.110.166.196 mac=d4:63:c6:xx:xx:2x
Dec 1 14:01:06 :501105:  <NOTI> |AP 015-2000-ap07-w1@10.111.19.254 stm|  Deauth from sta: d4:63:c6:xx:xx:2x: AP 10.111.19.254-18:64:72:38:71:d2-015-2000-ap07-w1 Reason STA has left and is deauthenticated
Dec 1 14:01:06 :522296:  <DBUG> |authmgr|  Auth GSM : USER_STA delete event for user d4:63:c6:xx:xx:2x age 0 deauth_reason 3
Dec 1 14:01:06 :522036:  <INFO> |authmgr|  MAC=d4:63:c6:xx:xx:2x Station DN: BSSID=18:64:72:38:71:d2 ESSID=eduroam VLAN=1521 AP-name=015-2000-ap07-w1
Dec 1 14:01:06 :501000:  <DBUG> |AP 015-2000-ap07-w1@10.111.19.254 stm|  Station d4:63:c6:xx:xx:2x: Clearing state
Dec 1 14:01:06 :522234:  <DBUG> |authmgr|  Setting idle timer for user d4:63:c6:xx:xx:2x to 300 seconds (idle timeout: 300 ageout: 0).
Dec 1 14:01:06 :501000:  <DBUG> |stm|  Station d4:63:c6:xx:xx:2x: Clearing state
Dec 1 14:01:16 :501093:  <NOTI> |AP 015-2000-ap07-w1@10.111.19.254 stm|  Auth success: d4:63:c6:xx:xx:2x: AP 10.111.19.254-18:64:72:38:71:d2-015-2000-ap07-w1
Dec 1 14:01:16 :501095:  <NOTI> |AP 015-2000-ap07-w1@10.111.19.254 stm|  Assoc request @ 14:01:16.430349: d4:63:c6:xx:xx:2x (SN 3262): AP 10.111.19.254-18:64:72:38:71:d2-015-2000-ap07-w1
Dec 1 14:01:16 :501100:  <NOTI> |stm|  Assoc success @ 14:01:16.437800: d4:63:c6:xx:xx:2x: AP 10.111.19.254-18:64:72:38:71:d2-015-2000-ap07-w1
Dec 1 14:01:16 :501100:  <NOTI> |AP 015-2000-ap07-w1@10.111.19.254 stm|  Assoc success @ 14:01:16.431301: d4:63:c6:xx:xx:2x: AP 10.111.19.254-18:64:72:38:71:d2-015-2000-ap07-w1
Dec 1 14:01:16 :522295:  <DBUG> |authmgr|  Auth GSM : USER_STA event 0 for user d4:63:c6:xx:xx:2x
Dec 1 14:01:16 :522035:  <INFO> |authmgr|  MAC=d4:63:c6:xx:xx:2x Station UP: BSSID=18:64:72:38:71:d2 ESSID=eduroam VLAN=1521 AP-name=015-2000-ap07-w1
Dec 1 14:01:16 :522077:  <DBUG> |authmgr|  MAC=d4:63:c6:xx:xx:2x ingress 0x0x1042d (tunnel 1069), u_encr 64, m_encr 4112, slotport 0x0x2100 , type: local, FW mode: 0, AP IP: 0.0.0.0 mdie 0 ft_complete 0
Dec 1 14:01:16 :522078:  <DBUG> |authmgr|  MAC=d4:63:c6:xx:xx:2x, wired: 0, vlan:1521 ingress:0x0x1042d (tunnel 1069), ingress:0x0x1042d new_aaa_prof: cpp-aaa-dot1x-eduroam, stored profile: cpp-aaa-dot1x-eduroam stored wired: 0 stored essid: eduroam, stored-ingress: 0x0x1042d
Dec 1 14:01:16 :522247:  <DBUG> |authmgr|  User idle timer removed for user with  MAC d4:63:c6:xx:xx:2x.
Dec 1 14:01:16 :522258:  <DBUG> |authmgr|  "VDR - Add to history of user user d4:63:c6:xx:xx:2x vlan 0 derivation_type Reset VLANs for Station up index 9.
Dec 1 14:01:16 :522255:  <DBUG> |authmgr|  "VDR - set vlan in user for d4:63:c6:xx:xx:2x vlan 1521 fwdmode 0 derivation_type Default VLAN.
Dec 1 14:01:16 :522258:  <DBUG> |authmgr|  "VDR - Add to history of user user d4:63:c6:xx:xx:2x vlan 1521 derivation_type Default VLAN index 10.
Dec 1 14:01:16 :522255:  <DBUG> |authmgr|  "VDR - set vlan in user for d4:63:c6:xx:xx:2x vlan 1521 fwdmode 0 derivation_type Current VLAN updated.
Dec 1 14:01:16 :522258:  <DBUG> |authmgr|  "VDR - Add to history of user user d4:63:c6:xx:xx:2x vlan 1521 derivation_type Current VLAN updated index 11.
Dec 1 14:01:16 :522158:  <DBUG> |authmgr|  Role Derivation for user N/A-d4:63:c6:xx:xx:2x-amulyadi@cpp.edu N/A Set AAA profile defaults.
Dec 1 14:01:16 :522246:  <DBUG> |authmgr|  Idle timeout should be driven by STM for MAC d4:63:c6:xx:xx:2x.
Dec 1 14:01:16 :524141:  <DBUG> |authmgr|  clr_pmkcache_ft():987: MAC:d4:63:c6:xx:xx:2x BSS:18:64:72:38:71:d2
Dec 1 14:01:16 :522287:  <DBUG> |authmgr|  Auth GSM : MAC_USER publish for mac d4:63:c6:xx:xx:2x bssid 18:64:72:38:71:d2 vlan 1521 type 1 data-ready 0
Dec 1 14:01:16 :522254:  <DBUG> |authmgr|  VDR - mac d4:63:c6:xx:xx:2x rolename guest-logon fwdmode 0 derivation_type Initial Role Contained vp not present.
Dec 1 14:01:16 :522258:  <DBUG> |authmgr|  "VDR - Add to history of user user d4:63:c6:xx:xx:2x vlan 0 derivation_type Reset Role Based VLANs index 12.
Dec 1 14:01:16 :524124:  <DBUG> |authmgr|  dot1x_supplicant_up(): MAC:d4:63:c6:xx:xx:2x, pmkid_present:True, pmkid:62 83 69 da 8a d1 d2 ec 7d 53 53 c2 30 75 c1 99
Dec 1 14:01:16 :522142:  <DBUG> |authmgr|  Setting cached role to cpp-role-authenticated for user d4:63:c6:xx:xx:2x".
Dec 1 14:01:16 :522254:  <DBUG> |authmgr|  VDR - mac d4:63:c6:xx:xx:2x rolename NULL fwdmode 0 derivation_type VLAN from pmk-cache vp not present.
Dec 1 14:01:16 :522044:  <INFO> |authmgr|  MAC=d4:63:c6:xx:xx:2x Station authenticate(start): method=802.1x, role=cpp-role-authenticated/cpp-role-authenticated//guest-logon, VLAN=1521/1521, Derivation=9/1, Value Pair=0, flags=0x8
Dec 1 14:01:16 :522158:  <DBUG> |authmgr|  Role Derivation for user N/A-d4:63:c6:xx:xx:2x-amulyadi@cpp.edu N/A station Authenticated with auth type:  Unknown auth type.
Dec 1 14:01:16 :522127:  <DBUG> |authmgr|  {L2} Update role from cpp-role-authenticated to cpp-role-authenticated for IP=N/A, MAC=d4:63:c6:xx:xx:2x.
Dec 1 14:01:16 :522049:  <INFO> |authmgr|  MAC=d4:63:c6:xx:xx:2x,IP=N/A User role updated, existing Role=cpp-role-authenticated/none, new Role=cpp-role-authenticated/none, reason=station Authenticated with auth type:  802.1x
Dec 1 14:01:16 :522050:  <INFO> |authmgr|  MAC=d4:63:c6:xx:xx:2x,IP=N/A User data downloaded to datapath, new Role=cpp-role-authenticated/95, bw Contract=0/0, reason=Download driven by user role setting, idle-timeout=300
Dec 1 14:01:16 :522301:  <DBUG> |authmgr|  Auth GSM : USER publish for uuid 0x88724b02e09839a7 mac d4:63:c6:xx:xx:2x name amulyadi@cpp.edu role cpp-role-authenticated devtype Android wired 0 authtype 4 subtype 9  encrypt-type 10 conn-port 8448 fwd-mode 0
Dec 1 14:01:16 :522259:  <DBUG> |authmgr|  "VDR - Do Role Based VLAN Derivation user d4:63:c6:xx:xx:2x role cpp-role-authenticated rolehow ROLE_DERIVATION_DOT1X_VSA.
Dec 1 14:01:16 :522254:  <DBUG> |authmgr|  VDR - mac d4:63:c6:xx:xx:2x rolename cpp-role-authenticated fwdmode 0 derivation_type Dot1x Aruba VSA Role Contained vp not present.
Dec 1 14:01:16 :522258:  <DBUG> |authmgr|  "VDR - Add to history of user user d4:63:c6:xx:xx:2x vlan 0 derivation_type Reset Role Based VLANs index 13.
Dec 1 14:01:16 :522255:  <DBUG> |authmgr|  "VDR - set vlan in user for d4:63:c6:xx:xx:2x vlan 1521 fwdmode 0 derivation_type Current VLAN updated.
Dec 1 14:01:16 :522258:  <DBUG> |authmgr|  "VDR - Add to history of user user d4:63:c6:xx:xx:2x vlan 1521 derivation_type Current VLAN updated index 14.
Dec 1 14:01:16 :522260:  <DBUG> |authmgr|  "VDR - Cur VLAN updated d4:63:c6:xx:xx:2x mob 0 inform 1 remote 0 wired 0 defvlan 1521 exportedvlan 0 curvlan 1521.
Dec 1 14:01:16 :522029:  <INFO> |authmgr|  MAC=d4:63:c6:xx:xx:2x Station authenticate: method=802.1x, role=cpp-role-authenticated/cpp-role-authenticated//guest-logon, VLAN=1521/1521, Derivation=9/1, Value Pair=0
Dec 1 14:01:16 :522158:  <DBUG> |authmgr|  Role Derivation for user 10.110.166.196-d4:63:c6:xx:xx:2x-amulyadi@cpp.edu N/A User authenticated with auth type:Unknown auth type role derivation:0.
Dec 1 14:01:16 :522318:  <DBUG> |authmgr|  Client d4:63:c6:xx:xx:2x idle timeout 300 profile global
Dec 1 14:01:16 :522008:  <NOTI> |authmgr|  User Authentication Successful: username=amulyadi@cpp.edu MAC=d4:63:c6:xx:xx:2x IP=10.110.166.196 role=cpp-role-authenticated VLAN=1521 AP=015-2000-ap07-w1 SSID=eduroam AAA profile=cpp-aaa-dot1x-eduroam auth method=802.1x auth server=radius-01-eduroam
Dec 1 14:01:16 :522158:  <DBUG> |authmgr|  Role Derivation for user fe80::d663:c6ff:fe43:4b25-d4:63:c6:xx:xx:2x-amulyadi@cpp.edu N/A User authenticated with auth type:Unknown auth type role derivation:0.
Dec 1 14:01:16 :522318:  <DBUG> |authmgr|  Client d4:63:c6:xx:xx:2x idle timeout 300 profile global
Dec 1 14:01:16 :522008:  <NOTI> |authmgr|  User Authentication Successful: username=amulyadi@cpp.edu MAC=d4:63:c6:xx:xx:2x IP=fe80::d663:c6ff:fe43:4b25 role=cpp-role-authenticated VLAN=1521 AP=015-2000-ap07-w1 SSID=eduroam AAA profile=cpp-aaa-dot1x-eduroam auth method=802.1x auth server=radius-01-eduroam
Dec 1 14:01:16 :522301:  <DBUG> |authmgr|  Auth GSM : USER publish for uuid 0x88724b02e09839a7 mac d4:63:c6:xx:xx:2x name amulyadi@cpp.edu role cpp-role-authenticated devtype Android wired 0 authtype 4 subtype 9  encrypt-type 10 conn-port 8448 fwd-mode 0
Dec 1 14:01:16 :522243:  <DBUG> |authmgr|  MAC=d4:63:c6:xx:xx:2x Station Updated Update MMS: BSSID=18:64:72:38:71:d2 ESSID=eduroam VLAN=1521 AP-name=015-2000-ap07-w1
Dec 1 14:01:16 :522301:  <DBUG> |authmgr|  Auth GSM : USER publish for uuid 0x88724b02e09839a7 mac d4:63:c6:xx:xx:2x name amulyadi@cpp.edu role cpp-role-authenticated devtype Android wired 0 authtype 4 subtype 9  encrypt-type 10 conn-port 8448 fwd-mode 0
Dec 1 14:01:19 :527000:  <DBUG> |mdns|  mdns_parse_auth_userapname_message 452 Auth->MDNS User APNAME: MAC:d4:63:c6:xx:xx:2x, NEW AP NAME:015-2000-ap07-w1
Dec 1 14:01:19 :527000:  <DBUG> |mdns|  mdns_parse_auth_userrole_message 269 Auth User ROLE: MAC:d4:63:c6:xx:xx:2x, ROLE_NAME:cpp-role-authenticated
Dec 1 14:01:19 :527000:  <DBUG> |mdns|  mdns_auth_userinfo_req_message 345 mac(d4:63:c6:xx:xx:2x), ip(10.110.166.196)

(aruba-wc2) #

     



  • 2.  RE: Android 7.x Phone sending deauth code 3

    EMPLOYEE


  • 3.  RE: Android 7.x Phone sending deauth code 3

    Posted Dec 01, 2017 07:12 PM

    Yes I saw this  link a while ago. The thing is, client is not moving at all. The Client devices initiates deauth and connects to the same AP for no reason at all. I want to understand if this is a client device issue or some setting on the controller can fix this issue.



  • 4.  RE: Android 7.x Phone sending deauth code 3

    EMPLOYEE
    Posted Dec 01, 2017 07:30 PM

    What version of ArubaOS is this?

    What model access point is this?



  • 5.  RE: Android 7.x Phone sending deauth code 3

    Posted Dec 01, 2017 08:07 PM

    AOS 6.4.4.16

    AP225

     

     

    thanks.



  • 6.  RE: Android 7.x Phone sending deauth code 3

    EMPLOYEE
    Posted Dec 01, 2017 08:13 PM

    Do you have 802.11r, v or k enabled on that SSID?

     

    UPDATE 6/2018 -  The updated RF and Roaming Optimization Validated Reference Design Guide (VRD) has been published and has updated recommendations about enabling 802.11v, k and r in user networks.  The VRD can be found here: http://community.arubanetworks.com/t5/Validated-Reference-Design/RF-and-Roaming-Optimization-for-Aruba-802-11ac-Networks/ta-p/432994



  • 7.  RE: Android 7.x Phone sending deauth code 3

    Posted Dec 04, 2017 04:55 PM

    Hi Cjoseph,

     

    Where can I exactly find these? Checked the SSID profile and I don't seem to find them in there.

     

    NVM- I found it. It is pointing to N/A profile. Should I make a profile? What settings should I put?

     

     



  • 8.  RE: Android 7.x Phone sending deauth code 3

    EMPLOYEE
    Posted Dec 04, 2017 05:06 PM

    If they are not enabled, that is good.  You might want to open a tac case so that they can look through your configuration for clues.  It is hard to review a configuration on the forum here.