Wireless Access

last person joined: an hour ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Verizon Wi-Fi Calling issues on controller deployment

  • 1.  Verizon Wi-Fi Calling issues on controller deployment

    Posted 13 days ago
    I've been pulling my hair out over a strange issue ever since swapping over to an Aruba controller-based solution at home, hoping someone has run in to this before & has some ideas.

    Going 'all in' on the Aruba solution at home, I now have a virtual MM/MC deployed.  The MC is running as my Internet gateway as well as as terminating the internal VLANs.  For the most part everything is fine, no issues accessing the Internet/the other networks via the MC, and wireless is running well (one SSID broadcast, 5 IAP-215s).  The only issue is wi-fi calling from Verizon, it works but repeatably cuts out roughly 45 seconds to 1 minute in to any conversation.  My phone (iPhone) will recover from this with a brief 3-4 second loss of audio, but my wife's phone (Google Pixel) will just drop the call hard.

    The default UDP timeout on the controller was set to something very short like 16 seconds so I upped that (the wi-fi calling basically does an outbound VPN to Verizon as I understand it) in case there was some sort of UDP timeout issue there but no such luck.  Turned off DPI & all that on the controllers, no change.  All the Wi-Fi calling WMM features were turned off too, with no change.  Outbound UDP ports 4500 & 500 are open...clients that associate are all in the default 'authenticated' role so there shouldn't be any firewall rules preventing communication.  I can connect to outside IPsec VPNs fine from a laptop with no packet loss, so I'm not sure what's different about the phone communication.

    A packet capture didn't seem to show too much interesting between the phone & Verizon's servers, except for *one* ESP packet being sent from the phone with a TTL value of '1'.  I still need to dig in to that.

    No issues were present on my old setup (Cisco WLC & APs for wireless, Fortigate firewall for that side of things) so this seems to be a new issue with the MM/MC.  I believe the software version is 8.7.0.0 but I'd need to double check.

    Has anybody run across wi-fi calling issues before & resolved them?


  • 2.  RE: Verizon Wi-Fi Calling issues on controller deployment

    Posted 12 days ago
    I've kind of become afraid of anything Aruba doesn't call a conservative release, but sometimes they force me out of that stance by releasing new products that I want to use but not having a conservative release that supports them for a year or more.  We're not in that situation at the moment, though, so I can't speak to WIFI calling on 8.7, but we're running 8.5.0.11and as far as I know we're not having problems with WIFI calling.  Specifically my phone is a Google Pixel 5, and cellular coverage isn't very good in my office, so my phone is on Verizon WIFI calling most of the day.  I'm not having issues.

    ------------------------------
    Adam Forsyth
    ------------------------------



  • 3.  RE: Verizon Wi-Fi Calling issues on controller deployment

    Posted 2 days ago
    I'd have to agree with forsytad. 
    We are running AOS 8.6.07. 
    Sometimes you have to stay current with AOS to get access to new APs that are released.
    We have no issues running wifi calling on 5 controllers, 2 mobility masters. 
    Are you sure the fortigate firewall isn't doing anything with the wifi calling packets?  I'd double check the rules.
    We had to do some exclusion to get them to pass through our Palo Alto firewalls....damn AI and intelligence was filtering.

    ------------------------------
    Ron Smith
    ------------------------------



  • 4.  RE: Verizon Wi-Fi Calling issues on controller deployment

    Posted 2 days ago
    have you turned on Debug on that client to see if anything is being seen from the controller side of things?  what about messages in the error log?

    ------------------------------
    Dave Abels
    ------------------------------



  • 5.  RE: Verizon Wi-Fi Calling issues on controller deployment

    Posted 21 hours ago
    Hi Northof8,

    WiFi calling issues could be hard to troubleshoot, you could contact Aruba TAC support to assist you in this. The problem can be allmost everything and without the right troubleshooting knownledge and methods this could hard to solve, and also hard to help you here on the airheads forum.

    Where you say using virtual VMC controllers you have also take into account your Hypervisor version and network driver/firmware that's in use.  There could also something wrong into your RF spectrum, WLAN/LAN configuraion, firewall, and many more things to take into account.

    Somebasic questions what can you tell use about your RF:
    - channel and channel bandwith use.
    - Client capabilities and used settings, what channel and radio is in use.
    - SNR
    - Channel Utilization
    - Rates
    - Frame Retries
    - Co-channel interference
    - Spectrum Analysis
    - Etc.

    I see a lot of WiFi calling issues that's not related to WiFi but the LAN/WLAN backhaul or firewall settings. Try to turn off all IDS/IPS, Application Filtering, Web Filtering, logging, etc. on your firewall for testing purpose.

    Personally i don't have any issues with ArubaOS 8.6.0.7 with two physical 9004 controllers, in early version of 8.6.x.x i had some issues. For best result i would recommend to use the conservative release 8.5.0.11 as long you not required one of the later feature sets.

    Also be sure your client drivers are up to date, this could have issues a lot of times. Don't skip this step!

    If you use wpa2-enterprise authentication for WiFi be sure the disconnnection are not due re-authentication, 802.11k enabling can help on this.

    There are a lot of troubleshoot commands and debugging available in the controllers, but it's to much to all handle in detail here. Start troubleshooting following the ISO layers one by one; what about 802.11 auhtentication/assosiotion, do i see 802.11 re-auths, etc. and so on.

    When enabling WMM be sure DSCP is configurered anywhere on your network between your AP and switch, vSwitch, controller and firewall. Be sure your application and device support WMM.

    You can also use an Aruba Capesensor or using the opensource WLANPi project with WiPerf to troubleshoot your WiFi experience from user perspective to give some sight in your WLAN.

    ------------------------------
    Marcel Koedijk | MVP Expert 2020 | ACMP | ACCP | Ekahau ECSE
    ------------------------------