We have some clients that work fine using 802,1X auth (EAP-TTLS(PAP)) and intermittently they will just not be able to get an IP address. I put the MAC address in debug on the local controller and I see successful authentication as well as a DHCP address being handed out by my DHCP server, but the client never sees it. ??
I did notice that from time to time I get RADIUS Accounting messages during the relative window when they aren't working (see we get the acct-start message because there is successful authN from the RADIUS server). The messages will have a 'filter-id' item in it. Anyone know if there's anything about that?
Mon May 21 09:41:07 2012
NAS-IP-Address = 128.91.243.89
User-Name = "deke"
NAS-Port = 0
NAS-Port-Type = Wireless-IEEE-802-11
Acct-Session-Id = "dekeA4670678284A-19ACE"
Acct-Multi-Session-Id = "A4670678284A-0000186714"
Framed-IP-Address = 165.123.70.138
Calling-Station-Id = "A4670678284A"
Called-Station-Id = "000B860C9020"
Acct-Delay-Time = 5
Aruba-Essid-Name = "AirPennNet"
Aruba-Location-Id = "fulberts"
Aruba-User-Vlan = "<0><0><1><244>"
Acct-Status-Type = Alive
Filter-Id = "<254><128><0><0><0><0><0><0><166>g<6><255><254>x(J"
Acct-Input-Octets = 7163
Acct-Output-Octets = 9239
Acct-Input-Packets = 57
Acct-Output-Packets = 28
Acct-Session-Time = 4
Timestamp = 1337607662
Here's a message from a usual good auth from the same user:
Mon May 21 09:40:58 2012
NAS-IP-Address = 128.91.243.89
User-Name = "deke"
NAS-Port = 0
NAS-Port-Type = Wireless-IEEE-802-11
Acct-Session-Id = "dekeA4670678284A-19ACE"
Acct-Multi-Session-Id = "A4670678284A-0000186714"
Calling-Station-Id = "A4670678284A"
Called-Station-Id = "000B860C9020"
Acct-Delay-Time = 0
Aruba-Essid-Name = "AirPennNet"
Aruba-Location-Id = "fulberts"
Aruba-User-Vlan = "<0><0><1><244>"
Acct-Status-Type = Start
Acct-Authentic = 0
Timestamp = 1337607658
Thoughts?