WPA Authentication times out/failed every now and then but after some time succesfull
I experience a for me weird connection lost and reconnect problem.
I've Omada AP contoller (V4.1.5) that's controlling 3 AP's: 2 EAP245 and 1 outdoor eap225.
The use of the Omage AP control program makes sure the definitions of the AP's are identical as they're applied to all AP's.
So SSID's and WPA2 secure string is all the same for all AP's.
As of the installation begin of this year but now as of the juni release more ofter the WiFi is instable.
While connected and working client it suddenly looses its connection and attempts to reconnect.
Reconnect takes some time.
In the logs i see "WPA Authentication times out/failed"
But after a minute or so the client does get connected.
All type clients experience this problems: android, windows, chromebook.
The AP's provide 2,4 and 5 GHz using the same SSID.
I've reset the most setting back to standard.
I did orginally use Fast Roaming and band steering. Did uncheck them for now, that improved it a bit but not enough.
When checked these I noticed the client kept conencted but lost internet connectivity.
On android changing "using mac address to random mac" speeds up the relinking.
What could cause this behaviour and what to change here in the conguration ?
The DHCP is delivered using an Edgemax router. The DHCP logs do not reveal much here. Looks like the AP handshake somewhere fails within the alloted time.
DHCP is very busy, but seems the message does not pass:
17:53:31 Information xxx daemon dhcpd3 DHCPOFFER on x.x.x.101 to MyMACaddr via switch0
17:53:31 Information xxx daemon dhcpd3 DHCPDISCOVER from MyMACaddr via switch0
17:53:29 ... same message over and over again...
17:53:29
17:53:28
17:53:28
17:53:28
17:53:28
17:53:23
17:53:23
17:53:21
17:53:21
17:53:20
17:53:20
17:53:19
17:53:19
17:53:18
17:53:18
17:53:16
17:53:16
17:53:15
17:53:15
The omada logs show less details:
7-8-2020 17:53:44 Information MyOmadacontroller local1 1 2020-08-07T15:53:45.934Z - Omada Controller - - [client:MyMACaddr] is connected to [ap:D8-0D-17-94-07-34] with SSID MySSID on channel 1.
7-8-2020 17:53:44 Information MyOmadacontroller local1 1 2020-08-07T15:53:45.900Z - Omada Controller - - [client:MyMACaddr] is disconnected from SSID MySSID on [ap:1C-3B-F3-A1-62-DE] (10s connected, 1.73KB).
7-8-2020 17:53:41 Information MyOmadacontroller local1 1 2020-08-07T15:53:42.721Z - Omada Controller - - [client:MyMACaddr] is connected to [ap:1C-3B-F3-A1-62-DE] with SSID MySSID on channel 11.
7-8-2020 17:53:41 Information MyOmadacontroller local1 1 2020-08-07T15:53:42.694Z - Omada Controller - - [client:MyMACaddr] is disconnected from SSID MySSID on [ap:D8-0D-17-94-07-34] (7s connected, 2.74KB).
7-8-2020 17:53:14 Information MyOmadacontroller local1 1 2020-08-07T15:53:15.782Z - Omada Controller - - [client:MyMACaddr] is connected to [ap:D8-0D-17-94-07-34] with SSID MySSID on channel 108.
7-8-2020 17:53:14 Information MyOmadacontroller local1 1 2020-08-07T15:53:15.756Z - Omada Controller - - [client:MyMACaddr] is disconnected from SSID MySSIDon on [ap:D8-0D-17-94-07-34] (17s connected, 7.78KB).
I'm reading on the subject "WPA Authentication times out/failed" discussions on changing Beacon interval of DTIM period. Do not feel comfortable with this yet to start experiments.
In the mean time the customers on the site are getting upset on this instable WiFi.
Any thoughts?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Just to let you know, the smart home devices are 2.4G band only. In my case i created a broadcast just for them only (2.4G).
V/r
- Copy Link
- Report Inappropriate Content
I'm experiencing this with a EAP660 HD(Canada) v1.0. Devices constantly dropping offline or reporting no wifi. I've removed the EAP660 HD(Canada) v1.0 for now and the issue has resolved, but that's certainly not the long-term solution I was hoping for. I have a EAP610-Outdoor(US) v1.0 on the same controller and it doesn't seem affected by this bug.
@TP-Link, what's the plan?
- Copy Link
- Report Inappropriate Content
I am expierencing the same issue in an installation in a botique hotel with 3 x switches and 36 x APs.
1 x OC200 5.7.6
1 x ER7206 v1.0
1 x TL-SG2210P v3.20
2 x TL-SG2428P v5.0
33 x EAP235-Wall(US) v1.0
2 x EAP225-Outdoor(US) v1.0
1 x EAP245(US) v3.0
Large numbers of internal ping attacks as well as WPA Authentication times out/failed
Guests have started complaining of connectivy issues as well as staff have noticed various smart TV's drop the wifi connection and need to manually coneccted again and reenter password.
I have left as much as possible in default configuration though I did need to enable Mesh for an EAP225-Outdoor unit.
Concerning to find others have had this issue for some period of time.
Checking the logs of a smaller site and see the same error but have not had a complaint from the client at this point.
Any suggestions @TP-Link ?
- Copy Link
- Report Inappropriate Content
Good morning everyone,
In my case i solved the issue with the authentication failure. It all boiled down to the way i had the controller connected. Every single problem went away when I looked at my ports configuration and noticed that I somehow had put the devices in the incorrect ports/VLANS. I use VLANs for the many segments i have, once i corrected that, all the problems went away. Also make sure you only use one port of the controller, do not use both ports to connect different switches. Connect the controller to your main switch, and then connect the other switches to the main switch. Lastly, make sure that your VLANS are properly configured on the ports.
I wish everyone a happy new Year and Good luck.
I hope at least this will help someone.
V/r
- Copy Link
- Report Inappropriate Content
Unfortunately in my case, I'm getting the issue even without using a controller at all. I just have the APs in standalone mode.
It seems that most devices in my setup (a lot of Apple gear, a few other things) just try again and succeed and so it is mostly transparent.
But a handful of devices (some Kindle Fire, LG washer & dryer) don't retry and give up requiring user intervention.
I bought an OC200 and have had it waiting to install, but trying to figure out what this issue is about before moving my network to that setup.
No VLANs on my network, currently.
I've considered buying one of the newer WiFi6 APs from TP-Link and testing it as a replacement to one of the EAP225s for the 2.4GHz LG washer & dryer to see if it fixes the issue for those particular devices. I don't know whether I want to continue throwing money at the TP-Link solution versus buying some other brand.
- Copy Link
- Report Inappropriate Content
@jedigrover with the OC200 I do find I get better reporting. I'd recommend installing it and let it help with your network. It also took my network a few weeks to settle after the switch and these updates. Some devices needed to be disconnected and reconnected to the network manually as I was using the same SSID as with a previous mesh network which caused them issues. There were some devices that were choosing the wrong access point and they took a while to figure things out. The changes I made that fixed it for me were:
- have a separate SSID for 2.4 vs 5/6 (and therefore turn off band steering). It was fewer changes to move my wifi 5/6 devices to a new network name, but some devices saw the network as different because of this change. I also made sure my networks were on Channels 1 and 11 (manually) with automatic channel width and high TX
- turn off 802.11r (but turned on Fast Roaming and AI Roaming on the site (with OC200)
- Made sure it was on WPA2-PSK for my 2.4 devices (mainly smart home stuff)
All my devices that matter are constantly connected now. Some 2.4 devices that used to struggle are now more reliable. Some still fail to connect occasionally, but are trying again. I'm now experiencing perfect WiFi performance day to day. Much better than the RBK40 units I was using.
- Copy Link
- Report Inappropriate Content
I'm not an expert but i have learned a few things along the road. I highly encourage you to create VLANs so you can manage your APs, and other devices (controller, etc.)( It will speed up your traffic). It is also not recommended to mix administration with regular user traffic. The controller will help best, if all devices are Omada SDN compatible (switch, router, & AP).
V/r
- Copy Link
- Report Inappropriate Content
My two cents from recent experience (home user).
TLDR: I've found success by changing my DNS server to google DNS servers, on the DHCP settings within my (non omada) router. But I don't know why this has worked.
I've had the "WPA Authentication times out/failed" issue, and the "Association times out" issue with many of my network clients, but mainly smart plugs (TP-Link KP115, HS110) and an irrigation controller (Orbit B-Hyve 12 station).
I've tried many of the other suggestions, from this and other threads.
SSID setup is 2.4ghz only, and I've also turned off the 5ghz radios on all APs. WPA2 AES security on the SSID.
Previously I had anywhere between tens and hundreds of these errors in the log each day
I changed my DNS server from the ISP DNS servers to google DNS servers i.e. 8.8.8.8 and 8.8.4.4.
I've now had two days of zero authentication failures, previously was anywhere between tens and hundreds per day.
The thing is, I have no idea why this has changed/fixed the situation for me. Potentially something in my (non OMADA) router?
Hope this helps someone/gives another thing to try!
Router: TP-Link Archer C3150 V2 (non OMADA)
Switch: TP-Link TL-SG1210MP (non managed/non OMADA)
Controller: OC200 firmware 5.7.6
EAPs: 3x EAP615 firmware 1.1.4; 1x EAP610 Outdoor firmware 1.0.6
- Copy Link
- Report Inappropriate Content
Being "the founder" of this topic.. I'm still struggling with it.
The problem almost (only 1-2 times a day for any mobile device) but as of the upgrade to controller 5.9.32 its back again on a all smartphones inhouse. OC200 model 1.0.
Looks for me as no configuration has changed that versions 5.9.32 made things worse unfortenately. From release notes no clue from which change in the last controller upgrade this is linked to. Could btw also be from any of the sw upgrade on the EAP's that came with it.
n.b. I upgrade the home EAP's to model 615 half a year ago and they were as stable as the previous EAP 245 for this. Only the coverage internal of the network has improved. But this "crazy" WPA authentication failure is again a nightmare for me and my family as it causes not connectivity many times a day.
I loose trust in the Omada sweat of EAP's :-(
- Copy Link
- Report Inappropriate Content
@sjon
I agree. I actually work for a large networking company, but wanted a less expensive solution for home. I have seen all these issues plus a significant throughput reduction compared to my older non-Wifi6 APs from my own company (not to mention p*ssed family members and misbehaving home automation). May have to switch back to the older APs from my own employer that I just replaced. <Groan>
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 44923
Replies: 57
Voters 0
No one has voted for it yet.