New Contributor

TLS Renogotiation

Does anyone know if there is a timer setting in ArubaOS for TLS renegotiation? We have a client device on a Remote AP wired port (doing 802.1x PEAP-TLS) that stops talking after five minutes. Normal company laptops don't have this issue (they keep communicating). Doing a packet capture on the laptops, we see that after five minutes, a TLS renegotiation occurs. The laptop handles it without a problem. I'm fairly certain that this is what is tripping up the other device. Since the renegotiation is initiated by the RAP/NAS, I'm wondering if there is a place that I can turn this timer off to accommodate the other client?
Guru Elite

Re: TLS Renogotiation

Please open a TAC case to ensure that is what is happening with that specific device. You can also do a "show auth-tracebuf mac " on the controller to see what is going on with that client.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
New Contributor

Re: TLS Renogotiation

I decided to try a simple test first: enabling re authentication on the controller. I set the timer there for 7 minutes. After 7 minutes, successful re-auth occurs from the device and the connection remains stable. It appears that setting the re-auth timer stops the RAP from requesting the TLS renegotiation. The device in question can seemingly handle the re-authentication but not the cipher renegotiation.
Search Airheads
Showing results for 
Search instead for 
Did you mean: