Session Timeout and User Idle Timeout

Session Timeout:

Force the client to re-authenticate when the timer expires. This is not related to the client’s traffic.

 apfMsExpireCallback (apf_ms.c:645) Expiring Mobile!
 apfMsExpireMobileStation (apf_ms.c:7846) Changing state for mobile yy:yy:yy:yy:yy:yy on AP xx:xx:xx:xx:xx:xx from Associated to Disassociated
 Scheduling deletion of Mobile Station:  (callerId: 45) in 10 seconds
 apfMsExpireCallback (apf_ms.c:645) Expiring Mobile!
 Succesfully freed AID 1, slot 0 on AP xx:xx:xx:xx:xx:xx, #client on this slot 0
 apfSendDisAssocMsgDebug (apf_80211.c:3735) Changing state for mobile yy:yy:yy:yy:yy:yy on AP xx:xx:xx:xx:xx:xx from Disassociated to Disassociated
 Sent Disassociate to mobile on AP xx:xx:xx:xx:xx:xx-0 on BSSID zz:zz:zz:zz:zz:zz(reason 1, caller apf_ms.c:7930)
 Setting active key cache index 8 ---> 8
 Deleting the PMK cache when de-authenticating the client.
 Global PMK Cache deletion failed.
 Sent Deauthenticate to mobile on BSSID zz:zz:zz:zz:zz:zz slot 0(caller apf_ms.c:7938)
 apfMsExpireMobileStation (apf_ms.c:7996) Changing state for mobile yy:yy:yy:yy:yy:yy on AP xx:xx:xx:xx:xx:xx from Disassociated to Idle  




User Idle Timeout:

Remove the client after it has been inactive for more than the threshold time. We can also set the traffic threshold. If the traffic threshold is not reached within the specified time, the client will be deleted.

Received DELETE mobile, reasonCode MN_IDLE_TIMEOUT, deleteReason 4 from AP xx:xx:xx:xx:xx:xx, slot 0 …cleaning up mscb 
 Succesfully freed AID 1, slot 0 on AP xx:xx:xx:xx:xx:xx, #client on this slot 0
 apfMsDeleteByMscb Scheduling mobile for deletion with deleteReason 4, reasonCode 4
 Scheduling deletion of Mobile Station:  (callerId: 30) in 1 seconds
 apfMsExpireCallback (apf_ms.c:645) Expiring Mobile!
 apfSendDisAssocMsgDebug (apf_80211.c:3735) Changing state for mobile yy:yy:yy:yy:yy:yy on AP xx:xx:xx:xx:xx:xx from Associated to Disassociated
 Sent Disassociate to mobile on AP xx:xx:xx:xx:xx:xx-0 on BSSID zz:zz:zz:zz:zz:zz(reason 4, caller apf_ms.c:7819)
 Client already in disassociated state, not sending disassociation
 Setting active key cache index 8 ---> 8
 Deleting the PMK cache when de-authenticating the client.
 Global PMK Cache deletion failed.
 Sent Deauthenticate to mobile on BSSID zz:zz:zz:zz:zz:zz slot 0(caller apf_ms.c:7938)
 apfMsExpireMobileStation (apf_ms.c:7996) Changing state for mobile yy:yy:yy:yy:yy:yy on AP xx:xx:xx:xx:xx:xx from Disassociated to Idle

Interestingly, User Idle Timeout is timed by the AP and resets the timer every time RX/TX is received. When the timer expires, the WLC will be notified.

To view the User Idle Timeout timer, we can use the “show controllers dot11Radio 0/1 client” command. In the following example, we can see that Age is 79. We can see the changes of Age by executing the command multiple times.

AP1700#show controllers dot11Radio 0 client 
 ---Clients 0  AID VLAN Status:S/I/B/A Age TxQ-R(A) Mode Enc Key  Rate  Mask Tx   Rx             BVI   Split-ACL Client-ACL WebAuth-ACL L2-ACL
 aaaa.aaaa.aaaa    1    2 30 40144 000 0FE 79   0-0 (0) 32B0 000 0-0  1EFFFFFF00000000000  010D 10C - - - -    - 
                  RxPkts KBytes  Dup Dec Mic Txc  TxPkts  KBytes  Retry RSSI SNR Fail BAfail
  aaaa.aaaa.aaaa       182     16    9   0   0   0       36       3     93   50  40    0    0

References

Cisco Wireless Controller Configuration Guide, Release 8.3

Leave a Reply

Your email address will not be published. Required fields are marked *