INC-2026-05-31-001: P16g WiFi Data VLAN 10 Auth Failure

Incident Summary

Field	Value
Detected	2026-05-31 ~15:50 PST (manual discovery — Domus-WiFi-Mgmt-VLAN100 failed, IoT fallback)
Mitigated	2026-05-31 ~15:58 PST (connected via Domus-IoT at 10.50.40.166)
Resolved	<PENDING>
Duration	Ongoing
Severity	P3 (Medium) — Workaround available via IoT, but no access to 10.50.1.0/24 network for ISE policy testing
Impact	Cannot obtain a 10.50.1.0/24 address via WiFi. Domus-WiFi-Data-VLAN10 has never connected (timestamp 0). Domus-WiFi-Mgmt-VLAN100 failed. Wired connection (Domus-Wired-Mgmt-VLAN100) in config-failed loop. Currently on Domus-IoT (10.50.40.0/24) — no ISE policy match.
Root Cause	Under investigation — multiple compounding failures: (1) Data-VLAN10 profile missing MAC randomization disable, (2) Mgmt-VLAN100 and wired profiles failing with config-failed, (3) ISE VLAN assignment may not be configured for WiFi Data VLAN 10

Field

Value

Detected

2026-05-31 ~15:50 PST (manual discovery — Domus-WiFi-Mgmt-VLAN100 failed, IoT fallback)

Mitigated

2026-05-31 ~15:58 PST (connected via Domus-IoT at 10.50.40.166)

Resolved

Duration

Ongoing

Severity

P3 (Medium) — Workaround available via IoT, but no access to 10.50.1.0/24 network for ISE policy testing

Impact

Cannot obtain a 10.50.1.0/24 address via WiFi. Domus-WiFi-Data-VLAN10 has never connected (timestamp 0). Domus-WiFi-Mgmt-VLAN100 failed. Wired connection (Domus-Wired-Mgmt-VLAN100) in config-failed loop. Currently on Domus-IoT (10.50.40.0/24) — no ISE policy match.

Root Cause

Under investigation — multiple compounding failures: (1) Data-VLAN10 profile missing MAC randomization disable, (2) Mgmt-VLAN100 and wired profiles failing with config-failed, (3) ISE VLAN assignment may not be configured for WiFi Data VLAN 10

Timeline

Time (PST) Event

Time (PST)	Event
~15:50	Attempted connection to Domus-WiFi-Mgmt-VLAN100 — had been working earlier (static IP 10.50.1.204/24 on VLAN 100)
~15:53	Wired connection (Domus-Wired-Mgmt-VLAN100) auto-activated on enp134s0 — immediately entered config-failed loop (3 rapid failures within 1 second)
~15:53	NM logs show: `state change: config → failed (reason 'config-failed')` repeating on every retry
~15:58	Supplicant state on wlan0: authenticating → associating → associated → completed (Domus-IoT connected successfully)
~15:58	Domus-IoT assigned 10.50.40.166/24 via DHCP — functional but wrong network for ISE policy testing
~15:58	Wired continues failing: another burst of 4 rapid config-failed cycles
Post	`nmcli con show` confirms: Domus-IoT active, all Domus-Secure and wired profiles inactive

~15:50

Attempted connection to Domus-WiFi-Mgmt-VLAN100 — had been working earlier (static IP 10.50.1.204/24 on VLAN 100)

~15:53

Wired connection (Domus-Wired-Mgmt-VLAN100) auto-activated on enp134s0 — immediately entered config-failed loop (3 rapid failures within 1 second)

~15:53

NM logs show: state change: config → failed (reason 'config-failed') repeating on every retry

~15:58

Supplicant state on wlan0: authenticating → associating → associated → completed (Domus-IoT connected successfully)

~15:58

Domus-IoT assigned 10.50.40.166/24 via DHCP — functional but wrong network for ISE policy testing

~15:58

Wired continues failing: another burst of 4 rapid config-failed cycles

Post

nmcli con show confirms: Domus-IoT active, all Domus-Secure and wired profiles inactive

Symptoms

Domus-WiFi-Data-VLAN10: connection.timestamp: 0 — has never successfully connected
Domus-WiFi-Mgmt-VLAN100: previously working (seen-bssids present) but currently disconnected
Domus-Wired-Mgmt-VLAN100: config-failed in tight loop on enp134s0 — autoconnect retries immediately fail
Domus-IoT: connected successfully but on wrong subnet (10.50.40.0/24 vs needed 10.50.1.0/24)
No wired link detected — ethernet cable may not be connected or NIC not negotiating

Impact Assessment

Systems Affected

System	Status	Impact Duration
P16g WiFi — ISE policy testing	Degraded	Ongoing — cannot reach 10.50.1.0/24 via WiFi
P16g Wired — 802.1X EAP-TLS	Failed	Ongoing — config-failed loop
P16g general connectivity	Functional	N/A — IoT provides internet access

System

Status

Impact Duration

P16g WiFi — ISE policy testing

Degraded

Ongoing — cannot reach 10.50.1.0/24 via WiFi

P16g Wired — 802.1X EAP-TLS

Failed

Ongoing — config-failed loop

P16g general connectivity

Functional

N/A — IoT provides internet access

Business Impact

Users affected: 1
Data loss: No
Workaround: Domus-IoT provides connectivity but ISE policy testing blocked

Metadata

Field	Value
Incident ID	INC-2026-05-31-001
Author	Evan Rosado
Created	2026-05-31
Last Updated	2026-05-31
Status	Open — Investigation
Post-Incident Review	Pending

Field

Value

Incident ID

INC-2026-05-31-001

Author

Evan Rosado

Created

2026-05-31

Last Updated

2026-05-31

Status

Open — Investigation

Post-Incident Review

Pending