Problems with NWA1123-AC PRO/Nebula Blocking Clients at Random

KKC
KKC Posts: 5
First Comment
edited April 2021 in Nebula
I have scoured the web and the forums and have yet to find a solution.  Our customer is reporting that their devices can see the SSID, try to connect, but are unable to connect to the SSID.  Some devices work for a while, but later get randomly dropped.  The AP is running latest firmware v6.10(ABHD.3), yet problems persist.  Below are the errors we're seeing:

2020-09-24 10:27:08   BC:CF:4F:48:60:C1     Wireless LAN    Station: 44:fe:3b:09:8d:0e has associated on Channel: 48, SSID: phs, 5GHz, Signal: -65dBm. Interface:wlan-2-1                            

2020-09-24 10:27:12   BC:CF:4F:48:60:C1     Wireless LAN    Station: 44:fe:3b:09:8d:0e has blocked by Hostapd3 on Channel: 48, SSID: phs, 5GHz. reason 1, Interface:wlan-2-1                              

2020-09-24 10:27:12   BC:CF:4F:48:60:C1     Wireless LAN    Station: 44:fe:3b:09:8d:0e has blocked by prev-Auth Failed on Channel: 48, SSID: phs, 5GHz. reason 2, Interface:wlan-2-1                        

2020-09-24 10:27:12   BC:CF:4F:48:60:C1     Wireless LAN    WPA authenticator requests disconnect: reason 1. Interface:wlan-2-1 Station: 44:FE:3B:09:8D:0E                           

2020-09-24 10:27:12   BC:CF:4F:48:60:C1     Wireless LAN    WPA authenticator requests disconnect: reason 2. Interface:wlan-2-1 Station: 44:FE:3B:09:8D:0E                                                                                


All Replies

  • KKC
    KKC Posts: 5
    First Comment
    Anybody?
  • Zyxel_Freda
    Zyxel_Freda Posts: 397  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hi @KKC ,
    The log 'Hostapd3 +  prev-Auth Failed' means the WPA2 authentication is not successful. It might be caused incorrect password or packet lost during doing the authentication. So, please check the key in authentication password or if there's any retry rate high information at the issue happened time.
    The other log 'WPA authenticator requests disconnect' means there's a problem of connection between the AP and client with unknown reason, so the AP (WPA authenticator) request to disconnect the connection.
    Would you provide more logs for us to check details or check that if there's many wireless health related logs at that time?
  • KKC
    KKC Posts: 5
    First Comment
    What logs would you like us to provide? 

    Also, I filtered the logs for Wireless Health, and the filter returned no results.
  • Zyxel_Freda
    Zyxel_Freda Posts: 397  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hi @KKC ,
    Please provide the log from 2020-09-24 09:30 to 2020-09-24 11:00 to us because we want to check the client connection status at that time. And, would you help to enable the Zyxel support in the HELP> Support request for us to check the configuration settings of the site.

  • KKC
    KKC Posts: 5
    First Comment
    It's been a while since I last checked this post.  I can only go back 7 days in the logs, but the problem still exists.  I've attached 2 hours worth of logs from today.  I also turned on the "Invite Zyxel support as administrator" as requested.
  • Zyxel_Freda
    Zyxel_Freda Posts: 397  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hi @KKC ,
    Thanks for your information. We are checking the detail of the log. We found that the SSID was configured to 2.4GHz only. May I know is there any specific reason to set 2.4GHz only? Because there might be interference of 2.4GHz easily, we recommend to enable both 2.4GHz and 5GHz for the SSID to let the 5GHz compatible clients can connect.
    As monitoring the event log, there are two clients with MAC 44:fe:3b:xx:xx:xx to connect failed because of the pre-auth. fail+Hostapd3, so are they legal clients to connect the SSID? 
    We'll keep checking detail and update for you asap.

  • Zyxel_Freda
    Zyxel_Freda Posts: 397  Zyxel Employee
    First Anniversary Friend Collector First Answer First Comment
    Hi @KKC ,
    After we check the detail of the logs, the client was blocked by the MIC invalid as below picture.


    At the same time, the other clients can connect to the AP without problem, so it's more like the client sent an invalid password to the AP. Please delete the SSID profile on the client/station and key-in the correct password again to check if it's successful to connect.  May I know what's the device with MAC 44:fe:3b:xx:xx:xx? Because as we checked the log, most connection failure are come from the station with that MAC.

Nebula Tips & Tricks