Aruba Controller versions 6.4.2.8_50314, CPPM 6.5.2.73779, Android version 5.0-5.1
I have an SSID on a Aruba 7210 controller with a backup Aruba 7210 controller. The SSID is configured AAA to pass authenication EAP\TLS user certificate authenication to CPPM via Airwatch staging for the Apple and Android devices. CPPM works fine and accepts the authenications for both Apple and Android devices and forwards back to the controller. The Apple devices work everytime and get the correct role and get an IP address. The Android devices most of the time do not get an IP address and do pass CPPM and get the correct role everytime. On the backend of the SSID I have 3 split VLANS with \24 subnets that are layer 2 to the Cisco Nexus switch in a port channel config. The layer 3 interface is on the Cisco Nexus switch and has IP helpers. I have changed the VLANS for troubleshooting to just one VLAN and it does not fix the issue and also put the layer 3 interface on the controller and that does not fix the issue.
When the Android device fails it does show it connected and has an IP addres to the SSID and the Aruba controller shows NO IP address but shows it connected for that same device. When the person that tests the Android devices sees that it does have an IP address on the Android device but can not get anywhere on the internet.
But for some reason the Android devices sometimes do get connected and work fine!!! The Apple devices have no problem and get an IP everytime and pass CPPM everytime on that same SSID.
Do you know if there is an issue with the Android devices and what version I should be using to get these devices to work everytime?
I do know that CPPM and the firewall rules on the Aruba controller all work fine because the Apple devices all work fine.
I am working with Aruba TAC on this issue but they are having issues finding a solution for this issue with the Android devices.
Thank You!