At several customers EWC installations i am wondering that some clients are reported as active (Reports - All Active clients) although i know they are definitive offline.
To debug this i have connect a recent Windows 7 client to a WPA2 802.1x SSID. After that i disconnect the SSID via Windows normally.
Remote wireshark trace on that AP shows me a vaild Deauth frame:
But EWC report this MAC as active till idle timer after 30 minutes cut the session ...
Why does EWC ignore this above Deauth Frame ?
EWC = 10.31.07
Anybody who observe this behaviour too ?