Wireless Access

Reply
Contributor I

Mobile (android/iOS) clients suddenly lose connection

Dear all experts and friends,

 

Our wlan has serious trouble with all mobile devices ( Android/iOS)

 

Aruba infratructure 

 

Controller : 7205 version 6.4.4.9 ( Master-local)

IAP 325: converted to campus AP mode

Radius: Cisco ACS 4.5 (802.1x) ( staff)

Internal database: for Guest access

MAC authentication: for deverloper

03 SSID: staff,dev,guest

 

1. All laptop user now have good connection to wlan ( all SSID)

2. Mobile user (android) cannot access staff's wlan (802.x1), if they can, they will be disconnected after a few seconds

3. Mobile user can normally access wlan dev and guest without disconnecting (non-802.1x)

4. i've already removed 802.1x authentication (staff) and use preshared key.after that, mobile client can normally access it.

5. Mobile user can normally access wlan ( staff dot.1x) with Ruckus system.

6. i've already removed cisco ACS and use NPS ( radius microsft) but mobile client disconnected after few seconds or mintues or they cannot access. ( same cisco ACS)

 

I dont think this is error on mobile devices, because mobile user can normaly with other WLAN ( ruckus, free wifi, home, cafe...)

 

In attached file :

Log mobile client when access my Aruba WLAN ( failse)

Log mobile client when access my Aruba WLAN ( success)

Log laptop client when access my Aruba WLAN ( Always success)

 

In log failse, i saw after send authentication, controller provided vlan for client, but client cannot got IP address.

 

I was spend alot of time (two week and more), but i cannot detect the root cause.

 

Dear all experts and friend , please help me to investigate the proplem, Please review my configuration and give me some ideas or recommend for me.

Thank you so much

Best and regards,

Lee Nguyen

 

 

Frequent Contributor I

Re: Mobile (android/iOS) clients suddenly lose connection

hi Lee

Reproduce the issue then collect "show auth-tracebuf" shortly thereafter. Then, connect with the working laptop and run "show auth-tracebuf" again. (you may wish to enter "no paging" first to make it easier to collect, also ensure that "show running-config | include user-debug" returns no output first, e.g. there should be no user-debug configured)

 

Double check that you have the correct forwarding mode on the dot1x enabled virtual-ap profile. 

 

 

what is the configuration of role wlan_high_priority-role ?

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: