Wireless Access

Reply
Super Contributor I
Posts: 300
Registered: ‎12-01-2010

iMessage Issue

I had a customer having issue using iMessage on WiFi, I had disable the following but it still didn't work


Drop Broadcast and Multicast

DMO

 

AirOS is 6.1.3.9

 

Any advise?

Normal Guy
Guru Elite
Posts: 8,320
Registered: ‎09-08-2010

Re: iMessage Issue

[ Edited ]

Can you run show datapath session table <ip-address> and see if there is any port 80, 443, or 5223 traffic being denied?(indicated with a D flag)

 

 


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Super Contributor I
Posts: 300
Registered: ‎12-01-2010

Re: iMessage Issue

Did not see any deny fro the user from datapath. It was using authenticated roled (Allowall).

Normal Guy
MVP
Posts: 4,225
Registered: ‎07-20-2011

Re: iMessage Issue

Are you using NAT for this traffic by any chance ?

 

Can you please share the show user ip <user ip> ?

 

 

Thank you

Victor Fabian
Lead Mobility Engineer @ Integration Partners
AMFX | ACMX | ACDX | ACCX | CWAP | CWDP | CWNA
Super Contributor I
Posts: 300
Registered: ‎12-01-2010

Re: iMessage Issue

Will do that when I am onsite on coming Monday.

Normal Guy
Super Contributor I
Posts: 300
Registered: ‎12-01-2010

Re: iMessage Issue

Hi Tim,

 

No indication of any Deny.See the following user IP 10.142.115.166

 

(WLAN-SR6) #show datapath session table | include 10.142.115.166
17.149.32.50    10.142.115.166  6    443   53648  0/0     0 96  9   tunnel 61   156  0      0
10.140.78.2     10.142.115.166  17   53    63540  0/0     0 32  1   tunnel 61   6    0      0      FI
31.13.79.70     10.142.115.166  6    443   53653  0/0     0 96  2   tunnel 61   14   0      0
10.140.78.2     10.142.115.166  17   53    52439  0/0     0 224 1   tunnel 61   a    0      0      FI
10.142.115.166  17.149.32.50    6    53648 443    0/0     0 96  10  tunnel 61   15a  cd4    1aa    C
74.125.135.104  10.142.115.166  6    443   53656  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.104  10.142.115.166  6    443   53657  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.104  10.142.115.166  6    443   53658  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.104  10.142.115.166  6    443   53659  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.104  10.142.115.166  6    443   53660  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.104  10.142.115.166  6    443   53661  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.104  10.142.115.166  6    443   53662  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.104  10.142.115.166  6    443   53663  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.103  10.142.115.166  6    443   53670  0/0     0 32  0   tunnel 61   4    0      0      F
74.125.135.104  10.142.115.166  6    443   53664  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.106  10.142.115.166  6    443   53666  0/0     0 32  1   tunnel 61   7    0      0
74.125.135.104  10.142.115.166  6    443   53665  0/0     0 32  1   tunnel 61   8    0      0      F
74.125.135.106  10.142.115.166  6    443   53667  0/0     0 32  1   tunnel 61   6    0      0
74.125.135.105  10.142.115.166  6    443   53671  0/0     0 32  0   tunnel 61   1    0      0
74.125.135.147  10.142.115.166  6    443   53669  0/0     0 32  1   tunnel 61   5    0      0
74.125.135.147  10.142.115.166  6    443   53668  0/0     0 32  1   tunnel 61   5    0      0
10.142.115.166  10.140.78.2     17   63540 53     0/0     0 32  1   tunnel 61   8    cd4    1aa    FCI
74.125.129.108  10.142.115.166  6    993   53585  0/0     0 96  17  tunnel 61   343  0      0
74.125.129.108  10.142.115.166  6    993   53584  0/0     0 96  18  tunnel 61   343  0      0
74.125.129.108  10.142.115.166  6    993   53586  0/0     0 96  17  tunnel 61   343  0      0
74.125.129.108  10.142.115.166  6    993   53582  0/0     0 96  18  tunnel 61   343  0      0
10.142.115.166  10.140.78.2     17   52439 53     0/0     0 224 1   tunnel 61   c    cd4    1aa    FCI
10.142.115.166  10.140.78.2     17   49545 53     0/0     0 224 0   tunnel 61   1    cd4    1aa    FCI
10.142.115.166  31.13.79.70     6    53653 443    0/0     0 96  2   tunnel 61   17   cd4    1aa    C
17.154.239.16   10.142.115.166  6    443   53655  0/0     0 96  1   tunnel 61   d    0      0
17.154.239.52   10.142.115.166  6    443   53654  0/0     0 96  1   tunnel 61   d    0      0
69.171.233.33   10.142.115.166  6    443   53652  0/0     0 96  1   tunnel 61   18   0      0
10.142.115.166  69.171.233.33   6    53652 443    0/0     0 96  1   tunnel 61   19   cd4    1aa    C
10.142.115.166  74.125.135.147  6    53668 443    0/0     0 32  0   tunnel 61   9    cd4    1aa    C
10.142.115.166  74.125.135.147  6    53669 443    0/0     0 32  0   tunnel 61   9    cd4    1aa    C
10.142.115.166  74.125.135.105  6    53671 443    0/0     0 32  0   tunnel 61   5    cd4    1aa    C
10.142.115.166  74.125.135.104  6    53664 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.135.104  6    53665 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.135.106  6    53666 443    0/0     0 32  0   tunnel 61   b    cd4    1aa    C
10.142.115.166  74.125.135.106  6    53667 443    0/0     0 32  0   tunnel 61   a    cd4    1aa    C
10.142.115.166  74.125.135.104  6    53662 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.135.104  6    53663 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.135.104  6    53660 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.135.104  6    53661 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.135.104  6    53658 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.135.103  6    53670 443    0/0     0 32  0   tunnel 61   8    cd4    1aa    FC
10.142.115.166  74.125.135.104  6    53659 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.135.104  6    53656 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.135.104  6    53657 443    0/0     0 32  0   tunnel 61   c    cd4    1aa    FC
10.142.115.166  74.125.129.108  6    53586 993    0/0     0 96  17  tunnel 61   347  cd4    1aa    C
10.142.115.166  74.125.129.108  6    53584 993    0/0     0 96  17  tunnel 61   347  cd4    1aa    C
10.142.115.166  74.125.129.108  6    53585 993    0/0     0 96  17  tunnel 61   347  cd4    1aa    C
10.142.115.166  17.154.239.16   6    53655 443    0/0     0 96  1   tunnel 61   11   cd4    1aa    FC
10.142.115.166  17.154.239.52   6    53654 443    0/0     0 96  1   tunnel 61   11   cd4    1aa    C

Normal Guy
Super Contributor I
Posts: 300
Registered: ‎12-01-2010

Re: iMessage Issue

Hello Victor

 

(WLAN-SR6) #show user ip 10.142.115.166

Datapath Session Table Entries ------------------------------

Flags: F - fast age, S - src NAT, N - dest NAT        D - deny, R - redirect, Y - no syn        H - high prio, P - set prio, T - set ToS        C - client, M - mirror, V - VOIP        Q - Real-Time Quality analysis        I - Deep inspect, U - Locally destined        E - Media Deep Inspect, G - media signal        u - User Index

  Source IP     Destination IP  Prot SPort DPort  Cntr Prio ToS Age Destination TAge UsrIdx UsrVer Flags --------------  --------------  ---- ----- -----  ---- ---- --- --- ----------- ---- ------ ------ ----- 17.149.32.50    10.142.115.166  6    443   53648  0/0     0 96  7   tunnel 61   238  0      0 10.142.115.166  17.149.32.50    6    53648 443    0/0     0 96  7   tunnel 61   238  cd4    1aa    C 74.125.129.108  10.142.115.166  6    993   53585  0/0     0 96  30  tunnel 61   421  0      0 74.125.129.108  10.142.115.166  6    993   53584  0/0     0 96  31  tunnel 61   421  0      0 74.125.129.108  10.142.115.166  6    993   53586  0/0     0 96  30  tunnel 61   421  0      0 74.125.129.108  10.142.115.166  6    993   53582  0/0     0 96  31  tunnel 61   421  0      0 174.36.251.201  10.142.115.166  6    443   53677  0/0     0 96  6   tunnel 61   79   0      0 10.142.115.166  174.36.251.201  6    53677 443    0/0     0 96  6   tunnel 61   79   cd4    1aa    C 69.171.233.33   10.142.115.166  6    443   53652  0/0     0 96  14  tunnel 61   f3   0      0 10.142.115.166  69.171.233.33   6    53652 443    0/0     0 96  13  tunnel 61   f3   cd4    1aa    C 10.142.115.166  74.125.129.108  6    53586 993    0/0     0 96  30  tunnel 61   421  cd4    1aa    C 10.142.115.166  74.125.129.108  6    53584 993    0/0     0 96  30  tunnel 61   421  cd4    1aa    C 10.142.115.166  74.125.129.108  6    53585 993    0/0     0 96  30  tunnel 61   421  cd4    1aa    C

 

Name: ta, IP: 10.142.115.166, MAC: 90:b9:31:44:c3:f4, Role:nygh_staff, ACL:53/0, Age: 00:06:40 Authentication: Yes, status: started, method: Web, protocol: PAP, server: IAS Bandwidth = No Limit Bandwidth = No Limit Role Derivation: Matched server rule VLAN Derivation: unknown Idle timeouts: 0, ICMP requests sent: 0, replies received: 0, Valid ARP: 0 Mobility state: Wireless, HA: Yes, Proxy ARP: No, Roaming: No Tunnel ID: 0 L3 Mob: 0 Flags: internal=0, trusted_ap=0, l3auth=1, mba=0 Flags: innerip=0, outerip=0, guest=0, download=1, nodatapath=0, wispr=0 Auth fails: 0, phy_type: a-HT, reauth: 0, BW Contract: up:0 down:0, user-how: 14 Vlan default: 6, Assigned: 0, Current: 6 vlan-how: 0 DP assigned vlan:0 Mobility Messages: L2=0, Move=0, Inter=0, Intra=0, ProxyArp=0, Flags=0x0 Tunnel=0, SlotPort=0x1040, Port=0x10bd (tunnel 61) Role assigment - L3 assigned role: n/a, VPN role: n/a, Dot1x cached role : n/a     Current Role name: nygh_staff, role-how: 2, L2-role: logon, L3-role: nygh_staff Essid: Wireless@NYGH, Bssid: d8:c7:c8:b3:15:52 AP name/group: IT CONTROL RM/nygh Phy-type: a-HT RadAcct sessionID:n/a RadAcct Traffic In 42936/23441883 Out 33749/13378330 (0:42936/0:0:357:45531,0:33749/0:0:204:8986) Timers: ping_reply 0, spoof reply 0, reauth 0, mac reauth 0 Profiles AAA:nygh, dot1x:, mac: CP: def-role:'logon' sip-role:'' via-auth-profile:'' ncfg flags udr 0, mac 0, dot1x 0, RADIUS interim accounting 0 IP Born: 1392652375 (Mon Feb 17 07:52:55 2014) Core User Born: 1392652375 (Mon Feb 17 07:52:55 2014) Upstream AP ID: 0, Downstream AP ID: 0 DHCP assigned IP address 10.142.115.166, from DHCP server 0.0.0.0 Device Type: iPhone6,2/7.0.5 (11B601) Mac-Auth Session Timeout Value from Radius: 0

Flags: W: WMM client, A: Active, K: 802.11K client, B: Band Steerable

PHY Details: HT: High throughput; 20: 20MHz; 40: 40MHz              <n>ss: <n> spatial streams

Association Table ----------------- Name           bssid              mac                auth  assoc  aid  l-int  essid          vlan-id  tunnel-id  phy             assoc. time  num assoc  Flags ----           -----              ---                ----  -----  ---  -----  -----          -------  ---------  ---             -----------  ---------  ----- IT CONTROL RM  d8:c7:c8:b3:15:52  90:b9:31:44:c3:f4  y     y      4    20     Wireless@NYGH  6        0x10bd     a-HT-40sgi-1ss  21m:10s      1          WAB

90:b9:31:44:c3:f4-d8:c7:c8:b3:15:52 Stats ------------------------------------------ Parameter                            Value ---------                            ----- Channel                              40 Channel Frame Retry Rate(%)          0 Channel Frame Low Speed Rate(%)      0 Channel Frame Non Unicast Rate(%)    92 Channel Frame Fragmentation Rate(%)  55 Channel Frame Error Rate(%)          2 Channel Bandwidth Rate(kbps)         112 Channel Noise                        90 Client Frame Retry Rate(%)           0 Client Frame Low Speed Rate(%)       0 Client Frame Non Unicast Rate(%)     0 Client Frame Fragmentation Rate(%)   0 Client Frame Receive Error Rate(%)   0 Client Bandwidth Rate(kbps)          0 Client Tx Packets                    5984 Client Rx Packets                    2429 Client Tx Bytes                      762074 Client Rx Bytes                      1475907 Client SNR                           48

 

Normal Guy
Super Contributor I
Posts: 300
Registered: ‎12-01-2010

Re: iMessage Issue

Found the issue is with the ISP, even with a FAT APs directly connected to the router it is not working.

Normal Guy
Search Airheads
Showing results for 
Search instead for 
Did you mean: