WIFI dropping several times a day

Ehsan_Rahimi
Comes here often

WIFI dropping several times a day

Hi guys,

 

I have lots of dot1x failures on my WiFi SSID with the reasons like below:

type='802.1X auth fail' num_eap='9' first_time='0.027329269' associated='false' radio='1' vap='0'

type='802.1X auth fail' num_eap='8' first_time='0.160289959' associated='false' radio='1' vap='0'

....

 

And when these failures happen, actually a client drops from Wireless SSID and they have to restart the system or turn off and on the WiFi to be able to connect to WiFi again. This happens only for the SSID that authenticates users with the radius server which is NPS. So generally clients can connect to WiFi but this happens randomly. So my laptop and another laptop are in the same room connecting to the same access point, and the issue happens to my colleague's system but not me. and again vice versa.

 

I looked around and I found articles like the below which the issue can be solved by enabling TLS 1.2

https://community.meraki.com/t5/Wireless-LAN/Wireless-Authentication-Failure-with-Radius/m-p/48773

 

Now, not being an expert on NPS or Microsoft, was wondering how can I:

1. check which version of TLS is running on my NPS(I know by default TLS 1 is running)

 

2. How I can enable my NPS to run TLS1 , 1.1, 1.2 at the same time. For this, I have found a way on google like "https://www.dot11.guru/2020/07/27/enforcing-tls-1-2-for-microsoft-nps-server-2008-2012/" and I have done the change, but still I have the failures and Im not sure if the change actually has happened and TLS1.2 is enabled.

 

I was wondering if you could give me some help on this. Thank you all in advance.

 

 

3 Replies 3
Ehsan_Rahimi
Comes here often

@HosamHasan @PhilipDAth @TD888 maybe you could help us please?

PhilipDAth
Kind of a big deal
Kind of a big deal

First, make sure you are at least running the current stable firmware or better.

 

Then check you have the most up to date WiFi drivers on the computers.  This smells like a client firmware issue.  You might have to go to the manufacturer of the WiFi NIC in the computer if the computer manufacturer has not made an update available.

 

Not so likely, but Windows 10 computers turning on WiFi power savings can cause problems.  Try the below commands to turn off WiFi power savings.

powercfg /SETDCVALUEINDEX SCHEME_CURRENT 19cbb8fa-5279-450e-9fac-8a3d5fedd0c1 12bbebe6-58d6-4636-95bb-3217ef867c1a 0
powercfg /SETACVALUEINDEX SCHEME_CURRENT 19cbb8fa-5279-450e-9fac-8a3d5fedd0c1 12bbebe6-58d6-4636-95bb-3217ef867c1a 0

 

Ehsan_Rahimi
Comes here often

Hi @PhilipDAth 

Thank you so much.

I surely will check this and get back to you.

There is just more things, like in another SSID that works with PSK, these issues do not happen. So that is why I think it relates to the TLS version on NPS.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels