DescriptionConnected wireless clients are disconnected/de-authenticated from Cisco WLC controllers via SNMP OID bsnMobileStationDeleteAction. There is currently a known issue where the C9800 model does not honor the SNMP method to disconnect.
Symptoms of this behavior include connected clients unable to switch VLANs after successful registration. If the client disconnects from the wireless and reconnects, the new VLAN is assigned.
For details, refer to Cisco Bug ID: CSCvv58252 "WLC 9800 Ignores Disconnect Request
from RADIUS Server"
ScopeVersion: 8.6.2 and higher
SolutionSolution 1: Cisco has indicated the issue is planned to be addressed in firmware version 17.5 of the C9800. Contact Cisco for details.
Solution 2:
1. Upgrade appliance to version 8.7.2 or higher.
2. Configure appliance to use Change of Authentication (CoA) to disconnect clients (SNMP remains the default method). For instructions, refer to the Cisco Wireless Controller Integration reference manual in the Fortinet Document Library.
ID 0598661