cancel
Showing results for 
Search instead for 
Did you mean: 

Users have to re-authenticate

it_support_6355
New Contributor II
Hi,

We have a Zonedirector that's broadcasting 2 SSID, one for guests and one for internals that has Web Authentication configured with our AD.

We've had several users complaining that they lose connection and have to re-login to the portal. In the log we see the following entry when it's happening:

2014/02/13 13:40:45 Low User[user1] fails to join WLAN[Internal] from AP[ap01]
2014/02/13 13:49:27 Low AP[ap1] radio [11g/n] detects User user1 in WLAN[Internal] roams from AP[ap1]
2014/02/13 13:49:27 Low AP[ap1] radio [11a/n] detects User user1 in WLAN[Internal] roams out to AP[ap01]
2014/02/13 13:40:45 Low User[user1] of WLAN[Internal] is authorized at AP[ap01]

It looks like it's roaming between the radios and then fails to join. Is there any way to find out why it's failing?
7 REPLIES 7

sid_sok
Contributor II
It sounds like the grace period is not checked. Without a grace period every disconnection will result in the client going into an Unauthorized state. Check the "Advanced Options" section of the wlan with WebAuth and set the "Grace period". By default it's 30 minutes. The 30 minute is from the time the client was last seen, not from when it first connects.

Users should should not have to re-login if they disconnect and reconnect within the grace period.

it_support_6355
New Contributor II
Correct, we had it checked on the guest wlan but not on our internal.
It's enabled now. Thank you!

it_support_6355
New Contributor II
Well it seems like the grace period setting solved part of the problem. As you can see below, user re-connecting within the period is connected without the need to re-authenticate. But we still see a lot of disconnects like this one, and it always seems to happen when roaming between radios on the same AP.
Is there any way to disable this?

2014/02/25 12:55:21 Low User2 User[User2] fails to join WLAN[WLAN_INTERNAL] from AP[AP2]
2014/02/25 12:55:21 Low User2 AP[AP2] radio [11a/n] detects User[User2] in WLAN[WLAN_INTERNAL] roams from AP[AP2]
2014/02/25 12:55:21 Low User2 AP[AP2] radio [11g/n] detects User[User2] in WLAN[WLAN_INTERNAL] roams out to AP[AP2]
2014/02/25 12:51:07 Low User2 User[User2] joins WLAN[WLAN_INTERNAL] from AP[AP2]
2014/02/25 12:51:07 Low User2 User[User2] reconnects to AP[AP2] within grace period. No additional authentication is required.
2014/02/25 12:07:08 Low User2 User[User2] leave WLAN[WLAN_INTERNAL] at AP[AP2] with Session Time[449.01 sec] RX Bytes[1878883] TX Bytes[3346951]
2014/02/25 12:07:08 Low User2 User[User2] disconnects from WLAN[WLAN_INTERNAL] at AP[AP2]

primoz_marinsek
Valued Contributor
This is normal. Client stations are like spoiled children. They do what they want and the AP obeys. 802.11 doesn't define a super nanny that could straighten them out.