Wireless Access

Morning,

 

I am experiencing some issues with Apple devices (specially with iPhones).

I have the following setup:

Wireless network with 2 controllers (Master-Standby), and CPPM as a RADIUS server.

I have set up a SSID with 802.1x (EAP-TLS authentication) used to connect mobile devices provided with a certificate (mostly iPhones and iPads). The controller is configured as the DHCP server for this SSID (only DHCPv4, DHCPv6 is disabled)

 

The issue I experience is the following:

 

When some devices connect to that SSID, they successfully authenticate (I can see a successful authentication in CPPM access tracker). They also get an IPv4 address from the controller ( I use the commands "logging level debugging network subcat dhcp" and "show log network all | include <client_mac_address>").

However, I can see from the clients that they do not get access to the network. When I look from the controller, I can see that those clients are using IPv6 addresses instead (fe80::/10).

Furthermore, if I manually configure an IPv4, DNS, and default GW in those clients, they can actually connect to the network.

In my opinion, it looks like a problem on the client side. I wonder if someone else has experienced these issues and how I could troubleshoot it

Thank you very much in advance

/Kevin

We seem to have this issue on a IAP3xx. Does anyone have any ideas?

Try disabling IPv6 functionality on the controller, it should prevent IPv6 sessions from being added to the user-table.

How do I do that in Instant GUI config? "Allow IPv6 Management: " is disabled.

@hill2button for an IAP, I don't think that functionality is available. Have you tried setting up an IPv6 deny all ACL to prevent users from passing traffic using IPv6? Also, can you confirm that the client is at least obtaining an IPv4 DHCP address, it's just trying to communicate using IPv6?