System Diagnostics
There are four sets of diagnostics for a controller:
- Radio diagnostics
- Station diagnostics
- Inferences
- Station Connection Diagnostics (Serviceability)
Radio diagnostics
Each AP has either one or two radios that can be configured individually (Configuration > Wireless > Radio). You can check on the wireless activity trends for these radios by looking at the diagnostic information:
- Click Monitor > Diagnostics > Radio.
- Provide an AP number and an interface ID (Radio 1 or 2).
- Click Start Diagnostics in the upper right corner of the screen.
Figure 80: Radio Diagnostics
- Check the four charts for these radio trends:
| Chart | What it tells you | Why you might want to know this |
| Throughput | Sum of upstream and downstream traffic for the radio | Users are experiencing slow response in the area covered by this AP |
| Noise Level | How much unwanted
energy is present in the received radio signals |
Users are experiencing connection problems or low transmission speeds in the region covered by this AP |
| Associated Stations | How many clients are using this AP | Find out if you need to add another AP (consult your reseller for specific AP deployment recommendations) |
| Current Value | Packet retries, loss %, channel utilization, and management overhead
for the radio |
Users are experiencing slow response in the area covered by this AP |
Station diagnostics
Each client on an AP can be studied individually by looking at the station diagnostic information:
- Click Monitor > Diagnostics > Station.
- Provide a MAC address for the client. One way to determine the client MAC address on Windows XP is to open the Command Prompt by clicking Programs > Accessories > Command Prompt and then entering the command ipconfig /all – this gives you physical addresses for the wireless connections.
- Click Start Diagnostics in the upper right corner of the screen.
Figure 81: Station Diagnostics
- Check the four charts for these station trends:
- Throughput
- Loss %
- Signal Strength
- Airtime Utilization
- Click Help for explanations for the charts.
Inferences
Inferences are best guesses as to what could be wrong with your wireless network. Check a controller, AP, and station by looking at the diagnostic inferences:
- Click Monitor > Diagnostics > Inferences.
- Optionally narrow down the list by providing a MAC address for a controller, AP, or station.
A list of recent events is listed along with corresponding details.
Figure 82: Diagnostic Inferences
The first part of the message is the issue and level of severity. In the example above, there is an IP conflict which is a critical issue. The information in a Station Entry is listed below. You can read it or alternately cut and paste the MAC address into the Station Diagnostics window. Figure 83: Decoding a Station Entry
| Sample Station Entry
Inference Rule #8 matched : IP Address Update 32 times within 360 seconds. [IP 172.27.0.198] [dhcp] [data] [AP-3 AP-3] [BSSID 00:0c:e6:3d:0b:45] [ESSID rcomm_diag] [Vlan Tag 0] [L2 State clear] [L3 State clear] [First Seen @ UTC Jun 9 13:50:22] Inference Rule #12 matched : Soft Handoff 21 times within 360 seconds. [IP 172.27.0.198] [dhcp] [data] [AP-2 AP-2] [BSSID 00:0c:e6:3d:0b:45] [ESSID rcomm_diag] [Vlan Tag 0] [L2 State clear] [L3 State clear] [First Seen @ UTC Jun 9 13:50:22] |
 Information Provided
- Rule that triggered entry
- Latest IP address of station
- DHCP used
- Type of traffic (data or SIP)
- AP updated
- BSSID of Station
- ESSID of Station
- VLAN tag number
- Authentication used on L2
- Authentication used on L3
- Date problem was first seen
Station Inference Messages
Some possible station rules and messages are:
| # | Station Message | Remarks |
| 1 | MAC Filter ACL Success | Station executed MAC filtering ACL authentication |
| 2 | MAC Filter ACL Failure | Station exceeded threshold of MAC filtering ACL authentication attempts |
| # | Station Message | Remarks |
| 3 | MAC Filter RADIUS Success | Station executed MAC filtering RADIUS authentication |
| 4 | MAC Filter RADIUS Failure | Station exceeded threshold of MAC filtering RADIUS authentication attempts |
| 5 | Assignment Failure | Station exceeded threshold of 802.11 assignment attempts. This could be caused by any of the following:
Associated AP is not found in AP table Maximum number of stations, which varies with AP models, is exceeded Maximum number of licensed stations is exceeded Controller has not received configuration of the AP yet BSSID for a client to be assigned is not found in the BSS table AP does not have a free slot for the station RSSI is not appropriate for the station |
| 6 | WEP-key Index Mismatch | Monitor WEP-key index mismatched count
(Not implemented yet) |
| 7 | Association Success | Station executed 802.11 association |
| 8 | Key Exchange Success | Station executed 802.1x key exchange |
| 9 | Key Exchange Failure | Station exceeded threshold of 802.1x key exchange attempts. An AP detected either of the following conditions of 1X authentication failure between the AP and the client; EAPoL handshaking failed
EAPoL handshaking timed out Another possible cause is that Hostapd detected one of the following conditions of 1X authentication and 802.1x key exchange failure: Invalid RADIUS VLAN tag detected EAP packet failed to reach the station MIC failure occurred and both the counts of MIC failure and 802.1x key exchange failure are increased 4-way handshake timed out Group key update timed out EAP key replay counter is mismatched |
| 10 | MIC Failure | Station exceeded threshold of 802.1x MIC attempts |
| 11 | 802.1x RADIUS Success | Station executed 802.1x RADIUS authentication |
| 12 | 802.1x RADIUS Failure | Station exceeded threshold of 802.1x RADIUS authentication attempts |
| 13 | IP Address Update | IP address changed from valid to 0, 0 to valid, or valid to valid |
| # | Station Message | Remarks |
| 14 | Data Decryption Failure | Data decryption failure of RX packet occurred; attempt threshold was exceeded. Hostapd detected that Ess.MicCountermeasureData.MicCounter exceeded 1 within the MIC_COUNTERMEASURE_PERIOD (60 seconds). When this occurs, Hostapd notifies the AP to stop accepting communication from that station and disassociate the station. |
| 15 | CP Guest User Success | Station authenticated a Captive-Portal guest |
| 16 | CP Guest User Failure | Station exceeded threshold of Captive-Portal guest authentication attempts |
| 17 | CP RADIUS User Success | Station authenticated Captive-Portal user using RADIUS |
| 18 | CP RADIUS User Failure | Station exceeded threshold of Captive-Portal RADIUS user authentication attempts |
| 19 | Soft-Handoff | Station executed soft-handoff |
Some possible controller inference messages are:
| Controller Message | What it tells you |
| DHCP server reached | DHCP Server required for IP address assignment is reachable |
| DHCP server unreachable | DHCP Server required for IP address assignment is unreachable |
| Gateway reached | Default gateway for client sub-network is reachable |
| Gateway unreachable | Default gateway for client sub-network is unreachable |
| RADIUS server reached | RADIUS server required for client authentication is reachable |
| RADIUS server unreachable | RADIUS server required for client authentication is unreachable |
| VLAN gateway reached | VLAN gateway in the path for client communication is reachable |
| VLAN gateway unreachable | VLAN gateway in the path for client communication is unreachable |
| IP Address conflict between wireless clients or between wired and wireless clients or between wireless client and controller | At least two wireless clients or controllers have been assigned (or have specified) the same IP address, which is causing network confusion. |
| IP un-assignment of client by failure of
DHCP IP assignment |
An IP address has been removed from the client due to the DHCP server failing to provide an assignment. |
“station-log issues” command works but will not accept any of the arguments. 4200 controller running 8.4.1 software.