M and MSM Series
cancel
Showing results for 
Search instead for 
Did you mean: 

MSM422 (MSM765 zl) FW 6.4.2.0-19648 EAP-TTLS: Multiple EAP-Request Identity packets problem

 
Highlighted
lightxx1980
Occasional Advisor

MSM422 (MSM765 zl) FW 6.4.2.0-19648 EAP-TTLS: Multiple EAP-Request Identity packets problem

We have recently switched to EAP-TTLS as outer 802.1X authentication protocol for our campus wide MSM422 installation (controlled by a MSM765 zl, everything running FW 6.4.2.0-19648), and the problem we are seeing is that EVERY (reproduced with 3 different APs) MSM422 sends multiple  EAP-Request Identity packets within a few thousands of a second. 

 

This confuses the Windows 802.1x supplicant and thus the TLS handshake fails.

 

Just for the sake of completness, we are using a proprietary EAP protocol (EAP-JUAC) as inner authentication protocol. However, the issue described here occurs before the inner EAP method is even suggested.

 

Attached please find a packet capture that shows the problem.

 

Now the question is:  Is this a bug? If not, why  are the APs behaving this way?

Why would an AP send 3 ID requests a few thousandths of a second apart, is there a practical use case for this? Is there no way to instruct the APs to only send 1 as is common?

1 REPLY 1
Highlighted
lightxx1980
Occasional Advisor

Re: MSM422 (MSM765 zl) FW 6.4.2.0-19648 EAP-TTLS: Multiple EAP-Request Identity packets problem

Are there any HP engineers reading this? I've opened a case with HP support but it seems like this is getting nowhere ...