Hi
Setup:
1 x Mobility Master (8.2.1.0)
1 x MD (8.2.1.0)
1 x Cluster with this MD
1 x Standalone controller (8.2.1.0)
400+ AP305
1 x Clearpass
SSIDs - MAC Auth, 802.1X, PSK, guest network
Problem:
Reboot MD Controller
- clients already connected to APs work fine
- new connections are not accepted, regardless of auth and SSID
- if wireless station is denied access on AP1 - it can move to AP2 and connect fine.
- no hits in controller logs
- reboot of AP solves the problem
- the AP seems to be online during the entire controller reboot, have uptime of 100days +
- We're trying to recreate problem in an isolated environment to gather logs for TAC.
But almost that we suspect this is issue with open auth or association?
is open auth and association handled on AP or controller? PSK devices authenticated on AP or controller ?
For AP - could this be IPSec tunnel error? since existing clients work but new ones are discarded? I've understand correctly that new APs create one GRE tunnel per radio, whereas older APs created one GRE per BSSID?