Hello everyone
We have two SSID: Open (Mac Auth) and A new SSID (802.1x)
I have dorms students complaning the 802.1x SSID is slow. There is quite a difference when testing with speedtest.net.
Open: 60 Mbps
Secure SSID: 6Mbps
I know it is not a reliable speed test etc. Just poiting out the big difference betwee the two SSIDs.
So, I wanted to check transfer rate by sending a 20MB file between two computers over wireless. When i transfer the file connected on the Open SSID i obtain a rate of 49Mbps , while on the 802.1x SSID 2.7Mbps.
Laptop
RSSI -60db
802.11n
Association Rate: 145Mbps
MCS index: 15
Channel 153, 5Ghz Band, 20Mhz
I understand that AES encryption create more overhead, but this is quite a difference. Also, I understand reliable throughput is difficult to estimate. At the moment of the test there were no other clients connected to the AP. So, I have students in the dorm complaning that the Secure SSID is slow.
- I will open a ticket with TAC.
Secure SSID:
show wlan virtual-ap ClearPass_VAP
Virtual AP profile "ClearPass_VAP"
--------------------------------------
Parameter Value
--------- -----
AAA Profile ClearPass_AAA
802.11K Profile default
Hotspot 2.0 Profile N/A
SSID Profile ClearPass_SSID
Virtual AP enable Enabled
VLAN Pool
Forward mode tunnel
Allowed band all
Band Steering Disabled
Steering Mode prefer-5ghz
Dynamic Multicast Optimization (DMO) Enabled
Dynamic Multicast Optimization (DMO) Threshold 6
Drop Broadcast and Unknown Multicast Enabled
Convert Broadcast ARP requests to unicast Enabled
Authentication Failure Blacklist Time 3600 sec
Blacklist Time 3600 sec
Deny inter user traffic Disabled
Deny time range N/A
DoS Prevention Disabled
HA Discovery on-association Enabled
Mobile IP Enabled
Preserve Client VLAN Disabled
Remote-AP Operation standard
Station Blacklisting Enabled
Strict Compliance Disabled
VLAN Mobility Disabled
FDB Update on Assoc Disabled
WMM Traffic Management Profile N/A
(CS_Local) #show wlan ssid-profile ClearPass_SSID
SSID Profile "ClearPass_SSID"
-----------------------------
Parameter Value
--------- -----
SSID enable Enabled
ESSID ClearPass_Test
Encryption wpa2-aes
Enable Management Frame Protection Disabled
Require Management Frame Protection Disabled
DTIM Interval 1 beacon periods
802.11a Basic Rates 6 12 24
802.11a Transmit Rates 6 9 12 18 24 36 48 54
802.11g Basic Rates 1 2
802.11g Transmit Rates 1 2 5 6 9 11 12 18 24 36 48 54
Station Ageout Time 1000 sec
Max Transmit Attempts 8
RTS Threshold 2333 bytes
Short Preamble Enabled
Max Associations 64
Wireless Multimedia (WMM) Disabled
Wireless Multimedia U-APSD (WMM-UAPSD) Powersave Enabled
WMM TSPEC Min Inactivity Interval 0 msec
Override DSCP mappings for WMM clients Disabled
DSCP mapping for WMM voice AC 56
DSCP mapping for WMM video AC 40
DSCP mapping for WMM best-effort AC 24
DSCP mapping for WMM background AC 8
Multiple Tx Replay Counters Disabled
Hide SSID Disabled
Deny_Broadcast Probes Disabled
Local Probe Request Threshold (dB) 0
Disable Probe Retry Enabled
Battery Boost Disabled
WEP Key 1 N/A
WEP Key 2 N/A
WEP Key 3 N/A
WEP Key 4 N/A
WEP Transmit Key Index 1
WPA Hexkey N/A
WPA Passphrase N/A
Maximum Transmit Failures 0
EDCA Parameters Station profile N/A
EDCA Parameters AP profile N/A
BC/MC Rate Optimization Disabled
Rate Optimization for delivering EAPOL frames Enabled
Strict Spectralink Voice Protocol (SVP) Disabled
High-throughput SSID Profile default
802.11g Beacon Rate default
802.11a Beacon Rate default
Video Multicast Rate Optimization default
Advertise QBSS Load IE Disabled
Advertise Location Info Disabled
Advertise AP Name Disabled
802.11r Profile N/A
Enforce user vlan for open stations Disabled
Enable OKC Enabled
Any suggestions?
Thank you
Nils.