Meraki

Community

Authentication Issue (EAPol Timeout) on WPA 2 PSK SSID

Dhanushkah
Here to help
‎Jul 12 2022 9:01 AM
‎Jul 12 2022 9:01 AM

Authentication Issue (EAPol Timeout) on WPA 2 PSK SSID

We are not use Authentication servers to authenticate wireless users.



Just use only WPA 2 encryption mode for authenticate wireless users.



But we identified there are lot of EAPol timeouts happened during the client authentication

 

What would be the issue for this EAPol timeouts 

 

Is this issue occurring from end user device or Access Point side ?

 

How Can we minimize this eapol timeout issue?

 

Guys Help me to rectify this issue

0 Kudos
27 Replies 27
ww
Kind of a big deal
Kind of a big deal
‎Jul 12 2022 9:50 AM
‎Jul 12 2022 9:50 AM

Would first verify if your clients running latest  wifi drivers

Dhanushkah
Here to help
‎Jul 12 2022 10:03 AM
‎Jul 12 2022 10:03 AM

Thank you ww for your reply....!

 

  • This issue affects not only a few specific users.
  • This issue randomly affects every user on each day and there are also devices with 802.11ax supported wireless adapters.
  • If this can be avoided by updating the drivers, do we have to update the drivers of all the wireless devices?

If there is any specific configuration to rectify this issue from meraki dashboard end?

 

0 Kudos
In response to Dhanushkah
WB
Building a reputation
‎Jul 12 2022 6:42 PM
‎Jul 12 2022 6:42 PM

If it's only affecting the same users each day I would be advising them to download the latest drivers from their Wi-Fi NIC manufacturers website e.g. Intel's website NOT updating via Windows update

0 Kudos
DarrenOC
Kind of a big deal
Kind of a big deal
‎Jul 12 2022 12:33 PM
‎Jul 12 2022 12:33 PM

Hi @Dhanushkah , what version of MR firmware are your APs on?

 

You mention that this is happening across all users/devices albeit sporadically throughout the day? Are all devices the same model and build?

 

Yes you should look to upgrade drivers across the board.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
In response to DarrenOC
Dhanushkah
Here to help
‎Jul 12 2022 10:25 PM
‎Jul 12 2022 10:25 PM

  • MR 36 - Current version: MR 28.6.1
  • MR 52 - Current version: MR 28.6.1

This is an environment where legacy devices and latest devices are common.

 

Most of the laptops are HP and there are few other products.

 

External wireless adapters are also used for desktop PCs and connected to the wireless network.

 

However, this EAPoL timeout will affect every device.

 

0 Kudos
DimuthuS
Here to help
‎Jul 12 2022 3:12 PM
‎Jul 12 2022 3:12 PM

Enable 802.11r. It will fix the issue

In response to DimuthuS
Dhanushkah
Here to help
‎Jul 12 2022 10:29 PM
‎Jul 12 2022 10:29 PM

Thanks @DimuthuS 

 

We already enable 802.11r for fast roaming. But it has not worked. Even though 802.11r is enabled for SSID, this eapol timeout continues.

0 Kudos
In response to Dhanushkah
DimuthuS
Here to help
‎Jul 12 2022 11:03 PM
‎Jul 12 2022 11:03 PM

802.11r enabled with WPA1 and WPA2 ? or WPA2 only ?

What you see from the AP logs for the same time "Unknown Error" ?

In response to DimuthuS
Dhanushkah
Here to help
‎Jul 13 2022 12:50 AM
‎Jul 13 2022 12:50 AM

Thanks @DimuthuS 

 

  • 802.11r enabled with WAP2 only 

This is the two types of AP logs we identified  when users experience disconnection in the meraki dashboard

 

  • auth_mode='wpa2-psk' vlan_id='16' reason='eapol_timeout' radio='1' vap='3' channel='56' rssi='20'
  • auth_mode='wpa2-psk' vlan_id='13' reason='eapol_timeout' roam_ap='E4:55:A8:09:DD:36' radio='0' vap='0' channel='1' rssi='7'
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 13 2022 3:15 AM
‎Jul 13 2022 3:15 AM

My guess - it's probably as simple as they aren't very close to the WiFi network.  Perhaps they are walking out of the office, into the office, etc.

 

Perhaps they drive to the office and park outside.  Their devices can just barely see the WiFi, and get constant timeouts till they walk inside.

In response to PhilipDAth
Dhanushkah
Here to help
‎Jul 13 2022 5:07 AM
‎Jul 13 2022 5:07 AM

Thanks @PhilipDAth 

 

In  your case, timeout is a very normal thing,

 

  • but the problem here is that the wireless connection of users who are in the same place without moving also timeout.

 

  • To explain it in another way, in this environment, a user roams from one AP to another AP even when the user is in the same place without physically moving.

 

  • After analyzing the user's timeline, we could see that even when the user is in the same place, he connects to several nearby APs within a few seconds, and this eapol timeout occurs when the user continuously jumping nearby APs
0 Kudos
BigForrest
Comes here often
‎Nov 28 2022 6:10 PM
‎Nov 28 2022 6:10 PM

Hi,

I have a same problem with @Dhanushkah that random users on random days, our users can't connect WiFi even the AP is next to week they still can't connect. When I check the logs, it show error "reason='eapol_timeout", and user can't connect again. The workaround is we have to forget the network then re-authenticate again then it works but that happens only for few days then it happens again. Our NPS does show the user is authenticate and reply back. Any ideas? 

0 Kudos
AlexanderN
Meraki Employee
Meraki Employee
‎Dec 14 2022 10:41 AM
‎Dec 14 2022 10:41 AM

Hi @Dhanushkah have you tried reviewing our new Wireless overview page (Wireless > Monitor > Overview) to drill down on specific problematic clients and find the root cause?

 

Screenshot at Dec 14 10-35-08.png

 

In response to AlexanderN
AlexanderN
Meraki Employee
Meraki Employee
‎Dec 15 2022 9:29 AM
‎Dec 15 2022 9:29 AM

Also, I just wanted to confirm if you are using just WPA2-PSK auth or something else like iPSK w/o RADIUS?

SilviaS
Here to help
‎Apr 20 2023 7:17 AM
‎Apr 20 2023 7:17 AM

Hello. I do have the same issue. Did you find any solution to this?

0 Kudos
Henrik_
Here to help
‎Apr 20 2023 7:24 AM
‎Apr 20 2023 7:24 AM

Could the issues in this thread be related to Re: Radius Authentication Issues - The Meraki Community

0 Kudos
In response to Henrik_
SilviaS
Here to help
‎Apr 20 2023 7:47 AM
‎Apr 20 2023 7:47 AM

We did disable 802.11w a few days ago but the errors still there.

I also tried disable band steering yesterday and will troubleshoot again next week.

Thanks for the reply.

0 Kudos
TBHPTL
A model citizen
‎Apr 24 2023 11:42 AM
‎Apr 24 2023 11:42 AM

  • Flush and forget any stored  profiles entries.  THESE ARE EASILY CORRUPTED
  • Update your client wireless drivers

As a SIMPLE test you can change your PSK make sure that it is at least 8 characters in length and test... 

 

For the record just because a client doesn't move, that doesn't mean they will not roam. Clients, and clients alone, decide to which wireless AP they will connect.

UFOUNDLX
New here
‎Jun 21 2023 6:14 PM
‎Jun 21 2023 6:14 PM

Similar issue here: 

EAPoL timeout issues to Radius Server. sometimes just a really long "Time to Connect" 

affects users/computers randomly,

issue happening at multiple sites

both sites: are using MR52 APs

both sites are using Firmware MR 29.5.1

 

 

 

 

0 Kudos
In response to UFOUNDLX
SilviaS
Here to help
‎Jun 22 2023 2:39 AM
‎Jun 22 2023 2:39 AM

Hello.

We disabled client balancing in the radio configuration and users are no more complaining after that. Maybe this also helps for you?

 

BR

0 Kudos
amabt
Building a reputation
‎Aug 6 2023 10:48 PM
‎Aug 6 2023 10:48 PM

was this ever solved?

0 Kudos
In response to amabt
SilviaS
Here to help
‎Aug 7 2023 8:51 AM
‎Aug 7 2023 8:51 AM

We solved the problems by disabling client balancing. Please try that.

0 Kudos
In response to SilviaS
UFOUNDLX
New here
‎Aug 7 2023 9:30 AM
‎Aug 7 2023 9:30 AM

unfortunately, Management doesn't want us to disable that feature. looking at Radius Servers, we found 1 server that was not showing any connection attempts in logs, and removed that from the list of Radius Servers in Meraki.  we are waiting on further confirmation from staff, hoping that was the problem.

0 Kudos
Kiwi_James
Meraki Employee
Meraki Employee
‎Aug 9 2023 5:41 PM
‎Aug 9 2023 5:41 PM

I would STRONGLY recommend that you update your client drivers, as well as update Windows to latest build level as there are fixes for these timeouts. ANY wireless issue should trigger you to check that the latest drivers are installed!!!

 

In addition, there are also issue with latest Windows builds and 11r. If you see an "invalid MIC" issue then disable 11r for that SSID. My understanding (I may be wrong) is Microsoft are working on a fix but it'll be a while.

LabyAK
Conversationalist
‎Aug 14 2023 7:06 AM
‎Aug 14 2023 7:06 AM

Thanks you all for the comments/responses as I too have similar issue with eapol_timeout/invalid MIC.

I too had tried enabling 802.11r ,but didn't fixed. 

 

Thanks anyway and keep rocking and rolling. This forums help to learn/resolve issues as Meraki TAC is mostly late for actions. 

 

 

0 Kudos
iterssroom
New here
‎Aug 30 2023 1:35 AM
‎Aug 30 2023 1:35 AM

Ok got it. Thank for your help.

redactle

0 Kudos
KevinWaller
Conversationalist
‎May 25 2024 12:22 PM
‎May 25 2024 12:22 PM

I was able to resolve this on my network by enabling fast roaming 802.11r

Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.