We found the root cause of our wireless issues….turns out about 30-40% of our users were affected*, and the root cause had effectively nothing to do with the RADIUS P2V, it was (not surprising), self-inflicted. I had rebooted the Meru controller Monday morning as I was seeing some events in the event log of the RADIUS server that I wasn’t sure if it was due to the controller not picking up some change or another.
Turns out when I did that, the startup config didn’t match what had been the running config, so all the AP’s that had been using 5GHz were set to 2.4GHz, and we have so much interference here that 5GHz is necessary for wireless to be reliable. The fix of course was to return the AP settings to what they had been, and click SAVE to make the startup config the same as the running config. Troubleshooting: · Send out e-mail to the wireless users to get a grasp of who was impacted · List OS and hardware affected (clue: WinXP, Win7, and Mac OS, Dell and Mac hardware affected) · Note the location and floor of the affected users where they experienced the issue (clue: most users reported problems in the same areas, contingent on the next clue) · Note date/time of problem (clue, no problems ever happened before 8am) · Walk the floors with known good machine and a ping tool to find the problematic areas · Work with Meru to confirm there are no problems between the Meru controller and the RADIUS server · Check the controller to see load per AP. This screen shows which AP’s are on 2.4GHz and 5GHz and was how we realized it was the root cause Sadly, it took a couple of days to get to the last step because we were concentrating on the RADIUS chase, and early on removing/re-adding the profile “fixed” one machine. For a while. * Depending on time of day, as it later turned out. Dave From: Christopher Bodnar [mailto:[email protected]] Sent: Wednesday, March 06, 2013 7:13 AM To: NT System Admin Issues Subject: Re: P2V DC/radius server Can you point the controller to a different DC? Move the RADIUS server to a different machine to see if that resolves the issue? Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 [email protected]<mailto:> [cid:[email protected]] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> From: David Lum <[email protected]<mailto:[email protected]>> To: "NT System Admin Issues" <[email protected]<mailto:[email protected]>> Date: 03/06/2013 08:52 AM Subject: P2V DC/radius server ________________________________ This weekend we did a P2V of a DC that also handles RADIUS and DHCP duties. Before the P2V I did make sure it held no FSMO roles as well DCPROMO it out of being a DC, then P2V, then DCPROMO back up. Once it came up as a VM, I assigned the IP info to the “new” NIC, checked replication, DCDIAG, DHCP requests, etc. and it all came up good. Our wireless system (Meru) uses RADIUS and since the P2V we have had many clients now have connect/disconnect/reconnect/disconnect issues. 1. We have 25 access points spread over six floors in our building 2. Meru connected via GotoAssist and was able to confirm their controller and the RADIUS server are passing auth requests as expected 3. Deleting and re-creating the wireless profile seems to fix this issue 4. Not 100% of our users are affected, but probable 75% of them are Anyone see anything similar before? David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
<<inline: image001.jpg>>
