07-26-2012 08:23 AM - edited 07-26-2012 08:26 AM
I recently setup six AP-105 devices in my office. They are joined and managed by the built-in "Virtual Controller". They are currently running on firmware version 220.127.116.11-18.104.22.168_34479.
I have two networks configured. One network is for "employees" and DHCP is handled by the network. Another "Guest" network is setup for guests and DHCP is handled by the "Virtual Controller".
After setting up the two networks, I allowed some users to connect so I could test things out. Everything seemed fine at first, but after a few days a pattern began to develop. iPhone and iPad users connected to the "Guest" network began to complain that every morning after arriving to work they noticed that their devices had successfully connected to the "Guest" network, but they were not able to receive any "data". Some reported that if they rebooted their device it would work fine after that (until the next day).
Users with iPads or iPhones who connect to the "Employee" network, don't seem to have any problems "re-connecting" to the network.
This leads me to believe there is an issue with the Virtual Controller IP DHCP assignments and/or the NATing being done to facilitate the "Guest" DMZ. Something just seems to be getting stalled in the routing of traffic.
I thought it might be a problem with DNS, but I got the same behavior regardless of how I tried to configure the DNS related to the guest network. When troubleshooting the DNS theory I tried opening a browser on an iPad and entering an URL using its IP and it connected fine. After that, the iPad was able to navigate normally without issue. However, I have to assume that the behavior will return tomorrow when the device "rejoins" the network.
Is anyone else experiencing this issue?
Solved! Go to Solution.
07-26-2012 11:04 AM
Settings -> Wi-Fi -> Click on the blue arrow next to the Guest SSID that you are connected to.
Now, check if you have restricted the Guest users to send traffic to that DNS IP address.
07-26-2012 11:19 AM
In the default configuration I don't specify DNS servers and therefore the Virtual Controller provides the DNS servers from the network. However, under "Advanced Settings" you can specify DNS servers to be used by the Virtual Contoller for "Guest" networks. I have tried this too and used publicly available DNS servers. The clients pick these up if I configure it that way, but it doesn't seem to make any difference. The clients connecting to the guest network still have the issues I described in the post regardless of the DNS servers used.
The only firewall rule I have configured for the "Guest" network is the "Allow all to everything" rule.
07-27-2012 10:38 AM
Could you please post the screenshots for the Steps 3 and Step4 for the guest SSID?
Do you have a pre-authentication role set for the Guest SSID? If yes, then what all does it allow?
07-27-2012 11:21 AM
Here are all the configuration screens for the Guest network setup. Nothing fancy. The issue seems to only impact iPad and iPhone devices as far as I can tell.
07-27-2012 11:30 AM
I have the same setup in my lab here and I do not see any issues with iphone and iPad. Kindly open a support case for this issue.
08-08-2012 06:42 AM
My retailer for my IAP-105s was Dell. I contacted them and explained the issues. After a few days they were able to replicate some of the behavior that I was experiencing. They determined that downgrading the firmware to a previous version would correct the issue and that they would submit the issue to Aruba to be handled in future firmware releases.
The firmware version that gave me issues was version 22.214.171.124-126.96.36.199_34479.
The firmware I am using that seems to work fine is version 188.8.131.52-184.108.40.206_32946.
So, my issue with iPhones and iPads stalling as described in the above posts seems to be resolved. We'll see what happens in the next firmware release.
12-05-2012 10:27 AM
Hi there, has anything further been found on this issue? We are experiencing the exact same issues at a customer of ours. They have a 6000 based controller running 220.127.116.11. Recently on the guest network they are experiencing the same issues with iphones/ipads. Association to the wireless is made successfully, but from there users can't get a captive portal login. Upon further investigation it appears that when this occurs, the devices are not recieving a DHCP address (which is assigned from the controller). During testing, other devices (standard pc's, macbooks, etc.) all connect fine. Resolution is to either "Forget this Network" and reconnect the device or reboot the device, which so far in all cases solves the problem temporarily.
I was just wondering/hoping that there may be more information in relation to this issue.
12-05-2012 10:56 AM
Please open a new thread. The user in this thread is talking about an instant (not controller-based) issue that was resolved.
Aruba Customer Engineering
Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base