Wireless Access

Our environment is a campus with 70 225 APs, version 6.4.2.4.  I'm encountering a user who recurrently indicate wireless drops at his desk.  I set a client as 'Watched' in Airwave; seeing the message:   Mar 4 08:08:25 2015 <Controller> localdb[3674]: <133006> <ERRS> <Controller> User <MAC> Failed Authentication
Mar 4 11:03:15 2015 <Controller>localdb[3674]: <133019> <ERRS> <Controller> User <MAC> was not found in the database

 

Client drivers are updated; noting client health rating in the low 20s.  AP client load is low.  Health checks to RADIUS server from Controller test out ok.  I've attached the results of a user-debug over the past several days.  Are there details therein that can help me isolate the source of the user's disconnects?

 

 

 

#AP225

It looks like you have MAC authentication enabled and your initial role is set to authenticated.

 

In AirWave, do you see a lot of ClientMatch events? Do they correlate to the reported drops?

We have ClientMatch disabled in our ARM profile (this was a recommended solution on an unrelated case I opened with Aruba).

I've attached the results of show auth-tracebuf from the last couple of days.  I didn't know if this would shed light on the source of the issue. 

This has nothing to do with ClientMatch.  You have "Enforce Machine Authentication" enabled in your 802.1x profile and a device has not passed machine authentication (is not part of the domain).  If you did not set it up that way, you should consult the person who did to figure out what needs to be done:

 

Mar  5 13:04:58  m-auth req             *  3c:a9:f4:48:b2:d4  18:64:72:e2:d9:70             -    -     
Mar  5 13:04:58  m-auth resp            *  3c:a9:f4:48:b2:d4  18:64:72:e2:d9:70             -    -     failed