This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Alot of Failed connection attempts.

Hi,

 

In my setup i run a Sophos UTM v9.413-3 and i have two AP's connected to it, one AP55C and one AP30. This was working just fine for a long time, but recently i noticed my wifi connection in was getting worse, so i looked at the logging and i noticed that since december 2016 i started to get alot of failed connection attempts.

this is how it daily looks now.

This is the yearly one, where you can see it started out of the blue in december.

I do see these log messages, but im not sure if they have anything to do with it.

2017:05:09-20:23:15 ding awed[4969]: [MASTER] start processing configuration change
2017:05:09-20:23:16 ding awed[4969]: [MASTER] end processing configuration change
2017:05:09-20:27:54 A4002FE206C4AE1 hostapd: wlan0: STA 00:40:9d:8e:df:1f WPA: group key handshake completed (RSN)
2017:05:09-20:28:02 A4002FE206C4AE1 hostapd: wlan9: STA f4:5c:89:87:36:e1 WPA: group key handshake completed (RSN)
2017:05:09-20:28:05 A4002FE206C4AE1 awelogger[14396]: id="4105" severity="info" sys="System" sub="WiFi" name="STA WPA failure" ssid="BreakingBad" ssid_id="WLAN1.1" bssid="00:1a:8c:8d:37:54" sta="10:41:7f:56:4b:0a" reason_code="2"
2017:05:09-20:28:05 A4002FE206C4AE1 awelogger[14396]: id="4102" severity="info" sys="System" sub="WiFi" name="STA disconnected" ssid="BreakingBad" ssid_id="WLAN1.1" bssid="00:1a:8c:8d:37:54" sta="10:41:7f:56:4b:0a"
2017:05:09-20:28:10 A4002FE206C4AE1 hostapd: wlan9: STA 10:41:7f:56:4b:0a IEEE 802.11: deauthenticated due to local deauth request
2017:05:09-20:28:32 A4002FE206C4AE1 hostapd: wlan9: STA 10:41:7f:56:4b:0a IEEE 802.11: authenticated
2017:05:09-20:28:32 A4002FE206C4AE1 hostapd: wlan9: STA 10:41:7f:56:4b:0a IEEE 802.11: associated (aid 1)
2017:05:09-20:28:32 A4002FE206C4AE1 hostapd: wlan9: STA 10:41:7f:56:4b:0a WPA: pairwise key handshake completed (RSN)
2017:05:09-20:28:32 A4002FE206C4AE1 awelogger[14396]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="BreakingBad" ssid_id="WLAN1.1" bssid="00:1a:8c:8d:37:54" sta="10:41:7f:56:4b:0a" status_code="0"
2017:05:09-20:28:32 A4002FE206C4AE1 awelogger[14396]: id="4104" severity="info" sys="System" sub="WiFi" name="STA association" ssid="BreakingBad" ssid_id="WLAN1.1" bssid="00:1a:8c:8d:37:54" sta="10:41:7f:56:4b:0a" status_code="0"
2017:05:09-20:28:32 A4002FE206C4AE1 awelogger[14396]: id="4101" severity="info" sys="System" sub="WiFi" name="STA connected" ssid="BreakingBad" ssid_id="WLAN1.1" bssid="00:1a:8c:8d:37:54" sta="10:41:7f:56:4b:0a"
 
Anyone able to help me out troubleshoot this?
 
Thanks.


This thread was automatically locked due to age.
Parents
  • Hello together,

     

    at first I´d like thank for the good post´s and the knowledge sharing her in this community.

    even if it´s a few days ago, we still experiencing these problems too. We are using AP55/AP55C/AP100X APs for our forklift trucks.

    After struggeling arround with some client related roaming problems it´s working ok now. The last problem left are the WPA failures.

    After I changed AES Security to AES&TKIP and run only one SSID (instead of three) and changed the GHz Band to 2,4 only) the connection failures are getting less. 

    But that can´t be the last solution.... Is there anything heard from Sophos concerning this Problem? Or any other hints, how to solve this problems?

     

    Cheers

     

    Sebastian

  • Hi all,

    I´ve found a solution which fixed this failure for me.

    I´m running UTM 9.603-1 and got many of these log entries:

    2019:07:10-07:05:41 A4002F7D5D63BAF hostapd: wlan8: STA xx:xx:xx:xx:xx:xx IEEE 802.1X: STA identity 'host/PCNAME.Domain.de'

    2019:07:10-07:05:42 A4002F7D5D63BAF hostapd: wlan8: STA xx:xx:xx:xx:xx:xx WPA: WPA IE from (Re)AssocReq did not match with msg 2/4

    2019:07:10-07:05:42 A4002F7D5D63BAF awelogger[680]: id="4105" severity="info" sys="System" sub="WiFi" name="STA WPA failure" ssid="MCTLG" ssid_id="WLAN0.1" bssid="xx:xx:xx:xx:xx:xx" sta="xx:xx:xx:xx:xx:xx" reason_code="2"

    Some Win 10 clients could connect and others (same hard and software could not).

     

    The Solution to was to disable “Fast transition”. After this all clients are able to connect.

    I assume this is a bug.

    Michael

  • Excellent work, Michael!  Others note that the "Fast transition" selection is made in 'Advanced' in the Wireless Network definition.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Excellent work, Michael!  Others note that the "Fast transition" selection is made in 'Advanced' in the Wireless Network definition.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data