Wireless Access

last person joined: yesterday 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

Assoc request every twelve (12) hours

This thread has been viewed 0 times

  • 1.  Assoc request every twelve (12) hours

    Posted Apr 25, 2013 01:31 PM

    User-debug log output of a client shows every 10 seconds it does a "Get Next/Get Request mac is" and every twelve hours it does an "Assoc request @". AAA 802.1X Authentication Profile is configured with the default 86400 seconds for Reauthentication Interval. I can't find anything with a 12 hour interval. Any ideas what causes this to happen every twelve hours? Also, if during an eap-start what is the time field in the profile (is it the Authentication Server Retry Interval) that it wants to see the authentication server to acknowledge the client before it considers it a eap-failure and therefore a station down? If that field is set for say 5 seconds and the reply back from the server was longer than that, controller considers it a failure?

     

    Regards,

    Tony



  • 2.  RE: Assoc request every twelve (12) hours

    EMPLOYEE
    Posted Apr 25, 2013 07:05 PM

    "Get Next/Get Request mac" is debugging and can be ignored

     

     

     

    The role could have a reauthentication interval attached, so you should look at that.

     

    Please take a look at the chapter heading for Performing Advanced Configuration Options for 802.1X in the ArubaOS 6.2 user guide for the meaning of those timers.  I would just be copying and pasting the information here, otherwise...



  • 3.  RE: Assoc request every twelve (12) hours

    Posted Apr 26, 2013 11:08 AM

    Thanks for the reply.

     

    I understand but what I'm still hung up on is the following: If in my "show log user-debug all" output I'm see the followig entry every 12 hours "<INFO> |authmgr|  username=host/xxxxxx MAC=xx:xx:xx:xx:xx:xx IP=0.0.0.0 Authentication result=Authentication Successful method=802.1x server=xxxxxx" and my aaa authentication dot1x Jefferson-dot1x-profile has an entry of "Reauthentication Interval 86400 sec" I would think I woulkd expect that every 2 4 hours and not 12 hours, unless it is another timer that is causing it.

     

    I'll keep reading the user guide and see if I can shed some light on my confusion.

     

    Regards,

    Tony



  • 4.  RE: Assoc request every twelve (12) hours
    Best Answer

    EMPLOYEE
    Posted Apr 26, 2013 11:19 AM
    I am not sure that the user guide can shed light on your confusion with regards to 24 hours. I just wanted to give you good info about the other timers you mentioned. The client can authenticate as frequently as it wants for whatever reason, and it does not have to rely on wireless lan controller or radius server, so there is that variable. You may have to debug your client to get to the bottom of it.


  • 5.  RE: Assoc request every twelve (12) hours

    Posted Apr 26, 2013 01:18 PM

    I believe I figured out the "timer" in question. It appears to be the PMK time to live under the SSID NEtwork Properties 802.11 settings. Fast roaming has a check box for Enable Pairwise Master (PMK) caching that is where the setting can be configure. Thanks again cjoseph!!!

     

    Regards,

    Tony