WX3510H Local Forwarding Terminal Association Exception Problem at a site
- 0 Followed
- 0Collected ,934Browsed
Network Topology
Local forwarding with authentication and association points on the AP
Problem Description
A local site uses WX3510H local forwarding network, the service template is configured with PSK encryption, the authentication point and association point are configured on the AP, and the remote AP is configured, but the AP is always registered. At this time, it is found that the terminal has been unable to associate. As long as the authentication point and association point are modified on the AC, it can be associated. The site also indicates that AC and AP are connected through VPN.
Process Analysis
1) First of all, even if the remote AP is configured, but the actual AP has been the registered state, indicating that the remote AP is not in effect. The actual problem is that the authentication point and the association point on the AP will cause the terminal can not be associated.
2) Check the configuration is nothing special, are simple normal configuration.
|
wlan service-template 1 ssid h3c client association-location ap client forwarding-location ap vlan 1 client-security authentication-location ap akm mode psk preshared-key pass-phrase cipher $c$3$71/K7hwQ4F2dtEYhF2Z1VJNrJYBk75VdHLkH cipher-suite ccmp security-ie rsn service-template enable wlan ap-group aaa vlan 1 if-match ip X.X.X.X 255.255.0.0 hybrid-remote-ap enable ap-model WA5320 map-configuration flash:/123. txt radio 1 service-template 2 vlan 1 radio 2 service-template 2 vlan 1 gigabitethernet 1 gigabitethernet 2
|
3) Afterwards, debug wlan client mac X-X-X information is collected on the AP and the exception log is found to be
|
Jun 30 07:35:37:131 2020 X-X-X STAMGR/6/STAMGR_CLIENT_OFFLINE: Client X-X-X went offline from BSS X-X-X with SSID h3c on AP FitAP Radio ID 2. State Reason: Failed to synchronize client state to uplink devices.
|
From the logs, it seems that the AP and AC failed to synchronize the terminal information, combined with the AP and AC is a VPN connection, it is suspected that the link problem caused.
4) Configure the fragment-size command in AP view. This command is used to configure the maximum length of the CAPWAP control message or data message fragment, and the terminal can be associated normally after modification.
|
[Sysname-ap-ap1] fragment-size control 1300 [Sysname-ap-ap1] fragment-size data 1300 |
Solution
Configure the fragment-size command in AP view or AP group view to modify the maximum length of the CAPWAP control message or data message fragment.