Wireless Access

last person joined: 19 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

MAC OSX 10.7.2/3 Client Issues

This thread has been viewed 0 times

  • 1.  MAC OSX 10.7.2/3 Client Issues

    Posted Feb 14, 2012 06:03 PM

    Don't know where else to post this.

    We had two students bring in their MacBook Pros the other day.  Neither one getting to the WWW, or other internet applications that we tested.

    ARUBA OS 6.1.3 Master and Local Controllers.  Enterprise DHCP/DNS etc.

    Both running 7.2 - both connectiong to our WPA2 .1x network, would take approx 1 -2 minutes getting an ip address (both to the same vlan from a pool of /24 vlans).  "There are many other users (MAC and otherwise) using this vlan, successfully".

    After getting a ip - they can ping the gateway, dns, etc.  But can not browse the net.

    Reimaged both machines to 10.7.3 and all updates - same result.  We are at the end of things to try.  We have attempted all the solutions posted here and other places.

    Any ideas from anyone?



  • 2.  RE: MAC OSX 10.7.2/3 Client Issues

    EMPLOYEE
    Posted Feb 14, 2012 06:05 PM

    I would open a support case with TAC.



  • 3.  RE: MAC OSX 10.7.2/3 Client Issues

    EMPLOYEE
    Posted Feb 14, 2012 06:10 PM
    @phil wrote:

    Don't know where else to post this.

    We had two students bring in their MacBook Pros the other day.  Neither one getting to the WWW, or other internet applications that we tested.

    ARUBA OS 6.1.3 Master and Local Controllers.  Enterprise DHCP/DNS etc.

    Both running 7.2 - both connectiong to our WPA2 .1x network, would take approx 1 -2 minutes getting an ip address (both to the same vlan from a pool of /24 vlans).  "There are many other users (MAC and otherwise) using this vlan, successfully".

    After getting a ip - they can ping the gateway, dns, etc.  But can not browse the net.

    Reimaged both machines to 10.7.3 and all updates - same result.  We are at the end of things to try.  We have attempted all the solutions posted here and other places.

    Any ideas from anyone?

    Have you done a user debug or "show auth-tracebuf" when the client is authenticating?

     



  • 4.  RE: MAC OSX 10.7.2/3 Client Issues

    Posted Feb 14, 2012 07:30 PM
    I have not. Do not where to start. I will get the machines back in and do what you indicate for troubleshooting. And open a support case. Thanks.


  • 5.  RE: MAC OSX 10.7.2/3 Client Issues

    Posted Feb 15, 2012 08:42 AM

    2 things to consider with the 10.7.2/3 that are not relevant to previous versions of Mac OSX

     

    1 - Java is not enabled by default, you will need to do this in the Java Preferneces

    2 - 10.7.2/3 has its own OCSP check turned on by default

     

    Both those thing have caused problems here



  • 6.  RE: MAC OSX 10.7.2/3 Client Issues

    Posted Feb 15, 2012 07:51 PM

    I have a support case open.

    These clients (I have one on my desk now) are getting associated.  After that it is 1 to 3 minutes before they get an ip from our dhcp server.  After getting an address, they can get to no where - no ping on or off the net they are on.

    The  "show auth-tracebuf" shows a successful association.

    rom the controller cli - I can ping this machine but the response is like 4 times slower than any other client ping on the same net or other net.

    Need to do a packet capture, I guess.  Is that possible from the controller?



  • 7.  RE: MAC OSX 10.7.2/3 Client Issues

    EMPLOYEE
    Posted Feb 15, 2012 07:59 PM

    Yes it is. And that is exactly what you need to do, a packet capture.

     

    TAC can help you set this up. Unfortunately I cannot find the specific instructions on how to do this.



  • 8.  RE: MAC OSX 10.7.2/3 Client Issues



  • 9.  RE: MAC OSX 10.7.2/3 Client Issues

    Posted Feb 20, 2012 12:42 PM

    So did they above mentioned resolve the issue after you implemented the changes on your routers?

     

    Curious to know we had similar issues but they were caused by ocsp certificate issues.

     

     



  • 10.  RE: MAC OSX 10.7.2/3 Client Issues

    Posted Feb 20, 2012 02:28 PM
    Seems to have. Cleared the arp cache, set arp timeout on router from 6 min. to 3 min.

    Our MS dhcp server supports bootp in the advanced settings; made changes to all scopes for dhcp & bootp.


  • 11.  RE: MAC OSX 10.7.2/3 Client Issues

    EMPLOYEE
    Posted Feb 20, 2012 02:30 PM

    Thank you for updating us on the fix. :smileyhappy:



  • 12.  RE: MAC OSX 10.7.2/3 Client Issues
    Best Answer

    Posted Mar 06, 2012 07:41 AM

    Another update; because this problem came back.:smileymad:

    Seems our RAP config was set so the RAPs got an ip from a range in the same vlan (in a pool) as some of our wireless clients.  This led to duplicate IPs and the controller blocking the client mac as an arp spoof.  We removed that vlan from the pool for the client ssid(s) in question.