Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.

UAC Down mees

This thread has been viewed 10 times
  • 1.  UAC Down mees

    Posted Jul 26, 2021 03:53 PM
    I had a user that could not connect via wireless on their AP303H in RAP mode. RAP was homed to a cluster of 6 controllers running 8.6.0.6. Same workstation could connect via wired using the same cert for EAP-TLS. When they tried to connect via wireless, it didn't even show in authentication logs. 

    I logged on to the AAC for the RAP and ran "show ap remote debug mgmt-frames ap-name" and saw this in the output 

    Traced 802.11 Management Frames
    -------------------------------
    Timestamp stype SA DA BSS signal Misc
    --------- ----- -- -- --- ------ ----
    Jul 23 10:01:01.580 deauth 24:62:ce:d8:81:10 b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 15 UAC Down (seq num 2926)
    Jul 23 10:01:01.579 reassoc-resp 24:62:ce:d8:81:10 b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 15 Success
    Jul 23 10:01:01.579 reassoc-req b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 24:62:ce:d8:81:10 22 -
    Jul 23 10:01:01.577 auth 24:62:ce:d8:81:10 b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 15 Success (seq num 0)
    Jul 23 10:01:01.577 auth b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 24:62:ce:d8:81:10 0 -
    Jul 23 10:01:01.416 deauth 24:62:ce:d8:81:10 b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 15 UAC Down (seq num 2926)
    Jul 23 10:01:01.415 reassoc-resp 24:62:ce:d8:81:10 b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 15 Success
    Jul 23 10:01:01.415 reassoc-req b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 24:62:ce:d8:81:10 22 -
    Jul 23 10:01:01.413 auth 24:62:ce:d8:81:10 b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 15 Success (seq num 0)
    Jul 23 10:01:01.413 auth b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 24:62:ce:d8:81:10 0 -
    Jul 23 10:01:01.299 deauth 24:62:ce:d8:81:10 b8:9a:2a:b4:ed:a8 24:62:ce:d8:81:10 15 UAC Down (seq num 2926)​

    The wireless client was trying to connect, but kept getting disconnected with UAC down messages. I used 'cluster-debug calc-sta-uac' to determine the client's UAC, and that member in the cluster was up. Cluster was L2 connected at the time, and there are no missed heartbeats accruing. Also, the user's UAC had hundreds of other wireless clients connected to it with no problem. 

    I'm thinking of a few possibilities for why this might be happening: 

    • Something wrong the firewalls in front of the controller cluster. Maybe connection tables full or shifting NAT configurations. 
    • Something wrong at the user end, like their home gateway running out of NAT entries. 
    • Bug on the controllers. 
    Has anybody seen any similar behavior? 


    ------------------------------
    Mark Williams
    ------------------------------