WPA Authentication times out/failed every now and then but after some time succesfull
I experience a for me weird connection lost and reconnect problem.
I've Omada AP contoller (V4.1.5) that's controlling 3 AP's: 2 EAP245 and 1 outdoor eap225.
The use of the Omage AP control program makes sure the definitions of the AP's are identical as they're applied to all AP's.
So SSID's and WPA2 secure string is all the same for all AP's.
As of the installation begin of this year but now as of the juni release more ofter the WiFi is instable.
While connected and working client it suddenly looses its connection and attempts to reconnect.
Reconnect takes some time.
In the logs i see "WPA Authentication times out/failed"
But after a minute or so the client does get connected.
All type clients experience this problems: android, windows, chromebook.
The AP's provide 2,4 and 5 GHz using the same SSID.
I've reset the most setting back to standard.
I did orginally use Fast Roaming and band steering. Did uncheck them for now, that improved it a bit but not enough.
When checked these I noticed the client kept conencted but lost internet connectivity.
On android changing "using mac address to random mac" speeds up the relinking.
What could cause this behaviour and what to change here in the conguration ?
The DHCP is delivered using an Edgemax router. The DHCP logs do not reveal much here. Looks like the AP handshake somewhere fails within the alloted time.
DHCP is very busy, but seems the message does not pass:
17:53:31 Information xxx daemon dhcpd3 DHCPOFFER on x.x.x.101 to MyMACaddr via switch0
17:53:31 Information xxx daemon dhcpd3 DHCPDISCOVER from MyMACaddr via switch0
17:53:29 ... same message over and over again...
17:53:29
17:53:28
17:53:28
17:53:28
17:53:28
17:53:23
17:53:23
17:53:21
17:53:21
17:53:20
17:53:20
17:53:19
17:53:19
17:53:18
17:53:18
17:53:16
17:53:16
17:53:15
17:53:15
The omada logs show less details:
7-8-2020 17:53:44 Information MyOmadacontroller local1 1 2020-08-07T15:53:45.934Z - Omada Controller - - [client:MyMACaddr] is connected to [ap:D8-0D-17-94-07-34] with SSID MySSID on channel 1.
7-8-2020 17:53:44 Information MyOmadacontroller local1 1 2020-08-07T15:53:45.900Z - Omada Controller - - [client:MyMACaddr] is disconnected from SSID MySSID on [ap:1C-3B-F3-A1-62-DE] (10s connected, 1.73KB).
7-8-2020 17:53:41 Information MyOmadacontroller local1 1 2020-08-07T15:53:42.721Z - Omada Controller - - [client:MyMACaddr] is connected to [ap:1C-3B-F3-A1-62-DE] with SSID MySSID on channel 11.
7-8-2020 17:53:41 Information MyOmadacontroller local1 1 2020-08-07T15:53:42.694Z - Omada Controller - - [client:MyMACaddr] is disconnected from SSID MySSID on [ap:D8-0D-17-94-07-34] (7s connected, 2.74KB).
7-8-2020 17:53:14 Information MyOmadacontroller local1 1 2020-08-07T15:53:15.782Z - Omada Controller - - [client:MyMACaddr] is connected to [ap:D8-0D-17-94-07-34] with SSID MySSID on channel 108.
7-8-2020 17:53:14 Information MyOmadacontroller local1 1 2020-08-07T15:53:15.756Z - Omada Controller - - [client:MyMACaddr] is disconnected from SSID MySSIDon on [ap:D8-0D-17-94-07-34] (17s connected, 7.78KB).
I'm reading on the subject "WPA Authentication times out/failed" discussions on changing Beacon interval of DTIM period. Do not feel comfortable with this yet to start experiments.
In the mean time the customers on the site are getting upset on this instable WiFi.
Any thoughts?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
@Fae,
Here the same problem with authenication failure.
2 months ago I bought an OC200 and extra EAP225-Outdoor
Device list:
OC200 v1.0 - 4.2.8 and 1.7.3 Build 20201119 Rel.63433
EAP245 v3
EAP225-Outdoor v1
All EAPS upgraded to latest firmware 5.0.0
I tried every possible settings or authentication types....but no result....keeping loads of authentication failures
I have 2 Yeelight Lamps which are 2.4gz wifi lamps...
The authentication is apparently a problem, because the lamps very often don't respond the first or second time.
Also my 3 google home mini's have authentication errors....yesterday one of them was disconnected from the EAP225-Outdoor
My old setup was EAP245 (previous firmware) and an old TP-Link Wifi Router, which I turned to an AP with DDWRT router software.
Never had any problem with authentication.
Looks like the new controller 4.2.8. and firmwares of EAPS and OC200 need some improvements
- Copy Link
- Report Inappropriate Content
FInd my answers below;
The WPA Authentication Timeout/Failed may be prompted on the Omada SDN Controller in two situations:
- There is a packet loss in the wireless associated handshake process, which causes the handshake process to timeout.
-> I do not understand as most of the time I'm on visual range of the AP. Even when I'm on a few meters it happens that I need to disable / enable Wifi to get again a connection as to move to the most close AP. The amount of errors of the log has reduced as of the change in SSID i made - see below. As well as i notice the amount of failures is reduced as of the last update 1 month ago.
- The wireless password is input wrong when connecting to the SSID on the wireless client.
-> for sure not the case as it can connect at the end of the day.. But moving around it looses connection and does not restablish.. It will connect after some time or when disable WiFi on the smartphone and enable it again. Other method that almost always works is to switch from fixed MACaddress to random MACaddress or the other way around on the smartphone. So it looks like when not roaming but introduce a new MAC address it's fine to get a new DHCP address.
DHCP is delivered by Edgemax routers. I looked for DHCP related problems on WiFi and roaming but its unknown at that end.
So please ensure your wireless clients can get a strong signal strength from the SSID, and the wireless password is input correctly first.
Besides, please make sure your Omada Controller and EAPs are all up to date. (The Omada Controller v4.2.8 has been released)
-> i updated all of them 3 weeks ago.
If the signal strength is strong enough and the password is input correctly, please try providing the info below for further analysis.
1. What else phenomenon do you notice in your network except for WPA Authentication times out/failed on the Omada Controller?
hmmmm. Weird behaviour.... I've one Smartphone (out of 3) that only wants (..) to connect to the AP on the highest floor and never to the AP on the groundfloor. Weird as the config is shared amonst all of the controllers, and e.g. my smartphone does connect to all of the AP's.
Next a chromebook at the 5 Ghz can run ok talking to the Chromecast-ultra@my TV (ultra so UTP cabled) but suddenly gets disconnect and will show WPA errors in the log.
I scanned the 5 GHz air.. there is only 1 other AP around in that band. and in the 2,4 band none of the AP's close to us is using the same channel.
2. What devices(brand/model/OS) are you using in your network? What devices are suffering from the problem?
For example, iPhone12 with iOS 14.3, Samsung SM-A217F with Android 10.
Smartphone's are all Android 9 or 10. No iPhone's.
Chromebook using 5 Ghz.
Several Window 10 pc's using 2,4 Ghz
Most smartphones use the 5 Ghz, only 1 Smartphone can only us the 2,4 GHz.
Several IOT devices at the 2,4 Ghz.
3. Does the problem only occur on certain devices or only exist on a specific band (2.4GHz or 5GHz), specific SSID?
It happens on all devices on both bands. but as 2,4 have more reachability I tend to believe this band is having more problems. Also as this band also used by our neighboors
4. Does the issue occur regularly and how often would it happen for your case? Can you reproduce the problem steadily?
If i could reporduce i would be more closer to a solution. Most time when roaming from one AP to another AP this does not work. using the MAC change will most ofter resolve or just wait...
As workaround I introduced 2 SSID's and did setup them on different AP's in different bands. This behaviour means when roaming from one AP to another AP y need to migrate to another SSID of within the same SSID move to the other band.This greatly improved the stability, but every day below email with the failures of the day is passed to me:
2021-02-02 04:12:03 Client Information [client:MAC-client1] failed to connected to [ap:1C-3B-F3-A1-62-DE] with SSID "SSID1" on channel 1 because WPA Authentication times out/failed.(1 time in a minute)
2021-02-02 06:46:39 Client Information [client:MAC-client2] failed to connected to [ap:1C-3B-F3-A1-64-5A] with SSID "SSID1" on channel 48 because WPA Authentication times out/failed.(1 time in a minute)
2021-02-02 06:47:06 Client Information [client:MAC-client2] failed to connected to [ap:D8-0D-17-94-07-34] with SSID "SSID1" on channel 100 because WPA Authentication times out/failed.(1 time in a minute)
2021-02-02 06:59:04 Client Information [client:MAC-client3] failed to connected to [ap:1C-3B-F3-A1-62-DE] with SSID "SSID1" on channel 1 because WPA Authentication times out/failed.(1 time in a minute)
2021-02-02 16:13:41 Client Information [client:MAC-client4] failed to connected to [ap:D8-0D-17-94-07-34] with SSID "SSID2" on channel 11 because WPA Authentication times out/failed.(1 time in a minute)
2021-02-03 02:08:43 Client Information [client:MAC-client5] failed to connected to [ap:1C-3B-F3-A1-62-DE] with SSID "SSID1" on channel 1 because WPA Authentication times out/failed.(1 time in a minute
---
another day:
2021-01-31 09:39:43 Client Information [client:MAC-client3 ] failed to connected to [ap:D8-0D-17-94-07-34] with SSID "SSID1" on channel 104 because WPA Authentication times out/failed.(1 time in a minute)
2021-01-31 09:42:16 Client Information [client:MAC-client4] failed to connected to [ap:1C-3B-F3-A1-62-DE] with SSID "SSID1" on channel 1 because WPA Authentication times out/failed.(1 time in a minute)
2021-01-31 09:42:16 Client Information [client:MAC-client3] failed to connected to [ap:1C-3B-F3-A1-62-DE] with SSID "SSID1" on channel 1 because WPA Authentication times out/failed.(1 time in a minute)
2021-01-31 15:12:46 Client Information [client:MAC-client2] failed to connected to [ap:D8-0D-17-94-07-34] with SSID "SSID1" on channel 104 because WPA Authentication times out/failed.(1 time in a minute)
2021-02-01 02:05:22 Client Information [client:MAC-client5] failed to connected to [ap:1C-3B-F3-A1-62-DE] with SSID "SSID1" on channel 1 because WPA Authentication times out/failed.(1 time in a minute)
2021-02-01 05:08:53 Client Information [client:MAC-client1] failed to connected to [ap:1C-3B-F3-A1-62-DE] with SSID "SSID1" on channel 1 because WPA Authentication times out/failed.(1 time in a minute)
2021-02-01 07:05:24 Client Information [client:MAC-client3] failed to connected to [ap:1C-3B-F3-A1-62-DE] with SSID "SSID1" on channel 1 because WPA Authentication times out/failed.(1 time in a minute)
5. How do you get the devices to be connected finally? Would a reboot help for your case?
no reboot, just change the setting on random MAC address / fixed MAC address or visaversa.
6. Do you configure any advanced features like Band Steering, Airtime Fairness, Fast Roaming, Mesh or 802.11 Rate Control?
Note: they are disabled on the Omada Controller by default unless you enable it manually.
I've played with them. Switch off / on. Did not make any difference.
For now i've advanced features: fast roaming, dual band 11k report and band steering.
The rest is al kept default. No portal acces. a very basic WiFi network setup for my family.
7. Are you using Omada Software Controller or OC200? What's the version of the Omada Controller?
For example, Omada Controller v4.2.8 - Windows.
OC200 1.0 running at V4.2.8 now Firmware 1.7.3 Build 20201119 Rel.63433
8. How many EAPs do you have in total, what's the detailed firmware version of your EAPs?
For example, only one EAP245 V3 whose firmware is 5.0.0 Build 20200918.
two EAP245(EU) v3.0 - 5.0.0
one EAP225-Outdoor(EU) v1.0 - 5.0.0
All wired, no mesh.
Hopes this helps
- Copy Link
- Report Inappropriate Content
I have the same issue here. Mostly with Samsung phones and smart devices such as Meross/Wemo.
Using 2 EAP245 on 5.0.1 firmware and OC200 with the latest firmware updated yesterday.
I tried to set the DTIM settings to 3 instead of 1, I've seen less errors but there's still some happening and sometimes smart devices respond very late to commands with a 3 to 10 seconds delay.
- Copy Link
- Report Inappropriate Content
@sjon Good night, has anyone found a definitive solution to the problem?
- Copy Link
- Report Inappropriate Content
@JacksonC Latest firmware are much more stable on this, doesn't get any of these anymore since the 2 last updates.
- Copy Link
- Report Inappropriate Content
Okay, for me the problem started after installing the OC 200 and updating all Access Point... Clients are disconnected from the internet and after a while they are connected again and this WPA error is showing
- Copy Link
- Report Inappropriate Content
@JacksonC I forgot about it but I did change the DTIM setting from 1 to 3 to make it stop. See my settings here, this can be found in Site settings. Both are the same for 2.4 and 5ghz :
- Copy Link
- Report Inappropriate Content
@marcandre.roy Thanks,
apparently the problem has subsided but I still get alerts and I have some disconnections... did you make any more changes?
- Copy Link
- Report Inappropriate Content
I'm having these problems in my setup for hte last two weeks. New to Omada and *very* frustrated. Connections have been super unstable with WPA Authentication failures (and very poor, unuseful logging).
My clients will connect and disconnect repeated (or roam) even though they are in the same room as the AP.
I have Software Controller (4.4.6), two EAP620s, with a ER605 router. All firmwares are current.
No setting combination seems to help. Turnning off 5g does seem to a help a bit, but that is unacceptable.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 44858
Replies: 57
Voters 0
No one has voted for it yet.