Sounds like an Apple issue since every other OS works fine.
Original Message:
Sent: Jun 03, 2024 03:35 PM
From: Daniel Kingdon
Subject: Apple iPhones and ArubaOS 10 - DHCP Timeouts and Roaming issues
Hi
Did you ever get to the bottom of this? We are 3 weeks into Aruba support with exactly the same symptoms and no resolution in sight.
Devices seem fine if they have a strong signal from a single AP but as soon as they start doing a bit of roaming they either rapidly channel hop between 2.4 and 5ghz on same AP or just roam as normal between AP's. At some point they get stuck and either disconnected and won't reconnect, connected but with "poor signal" or just connected but no actual connection.
In all cases roaming outside the range of the effected AP and the client will reconnect again. Roam back to problem location and it will continue to work for a while until it gets stuck again.
I see the same errors in central as you and a LOT of "Client Onboarding Failure - Deauthentication/Disassociation" events. in fact for our environment 50% of all events are that error!
Our Environment:
Aruba Central
mostly AP-515 with a few AP-535 and AP-505's
Current firmware 10.6.0.0 and same issue on an earlier 10.5 but not sure exact version.
Have disabled all fast roaming features and left most radio settings as default.
Original Message:
Sent: Apr 23, 2024 12:20 PM
From: KK7
Subject: Apple iPhones and ArubaOS 10 - DHCP Timeouts and Roaming issues
Hello,
I have been chasing a problem with our wireless network, and I wanted to create a thread about it in case others are experiencing the same issues. Since ArubaOS 10.5.1.1 we have noticed issues where an access point will report the following with some devices:
Onboarding failed for client xx:xx:xx:xx:xx:xx in L3 phase timeout to BSSID xx:xx:xx:xx:xx:xx on channel xx of AP hostname AP-xxxx. Reason: No DHCP traffic detected
Wireshark packet captures never show the endpoint reaching the DHCP server. Further investigation of the Aruba Central logs for all access points shows that most of these L3 Timeouts are from Apple iPhone devices. This issue appears to be alleviated if the user forgets the wireless network and rejoins it-I suspect this is due to the MAC randomization feature found on iPhones. The issue can be mitigated if the user roams to a different access point.
Additionally, it has been observed that Apple iPhone devices sometimes rapidly roam between frequency bands on the same access point. An example of this issue is as shown in an access point log below:
2024-04-23 08:47:47 CDT | Client Onboarding Failure - Deauthentication/Disassociation | Onboarding failed for client 12:1a:xx:xx:xx:xx in Deauthentication/Disassociation phase to BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207. Reason: Station has roamed to another AP
2024-04-23 08:47:47 CDT | Client Roaming Success | Client 12:1a:xx:xx:xx:xx associated to BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207 roamed successfully to BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207
2024-04-23 08:45:55 CDT | Client Onboarding Failure - Deauthentication/Disassociation | Onboarding failed for client 12:1a:xx:xx:xx:xx in Deauthentication/Disassociation phase to BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207. Reason: Station has roamed to another AP
2024-04-23 08:45:55 CDT | 802.11 De-authentication to Client | De-authentication sent to client 12:1a:xx:xx:xx:xx from BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207. Reason: Station has roamed to another AP
2024-04-23 08:45:55 CDT | Client Roaming Success | Client 12:1a:xx:xx:xx:xx associated to BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207 roamed successfully to BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207
2024-04-23 08:45:35 CDT | Client Onboarding Failure - Deauthentication/Disassociation | Onboarding failed for client 12:1a:xx:xx:xx:xx in Deauthentication/Disassociation phase to BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207. Reason: Station has roamed to another AP
2024-04-23 08:45:35 CDT | 802.11 De-authentication to Client | De-authentication sent to client 12:1a:xx:xx:xx:xx from BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207. Reason: Station has roamed to another AP
2024-04-23 08:45:35 CDT | Client Roaming Success | Client 12:1a:xx:xx:xx:xx associated to BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207 roamed successfully to BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207
2024-04-23 08:45:28 CDT | Client Onboarding Failure - Deauthentication/Disassociation | Onboarding failed for client 12:1a:xx:xx:xx:xx in Deauthentication/Disassociation phase to BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207. Reason: Station has roamed to another AP
2024-04-23 08:45:28 CDT | Client Roaming Success | Client 12:1a:xx:xx:xx:xx associated to BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207 roamed successfully to BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207
2024-04-23 08:45:18 CDT | 802.11 De-authentication to Client | De-authentication sent to client 12:1a:xx:xx:xx:xx from BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207. Reason: Station has roamed to another AP
2024-04-23 08:45:18 CDT | Client Onboarding Failure - Deauthentication/Disassociation | Onboarding failed for client 12:1a:xx:xx:xx:xx in Deauthentication/Disassociation phase to BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207. Reason: Station has roamed to another AP
2024-04-23 08:45:18 CDT | Client Roaming Success | Client 12:1a:xx:xx:xx:xx associated to BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207 roamed successfully to BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207
2024-04-23 08:45:05 CDT | Client Association Success | Client 12:1a:xx:xx:xx:xx associated successfully to SSID CHS-BYOD on channel 11 of AP hostname AP-HS207
2024-04-23 08:44:21 CDT | Client Roaming Success | Client 12:1a:xx:xx:xx:xx associated to BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207 roamed successfully to BSSID 6c:c4:xx:xx:xx:xx on channel 11 of AP hostname AP-HS207
2024-04-23 08:44:21 CDT | 802.11 De-authentication to Client | De-authentication sent to client 12:1a:xx:xx:xx:xx from BSSID 6c:c4:xx:xx:xx:xx on channel 132+ of AP hostname AP-HS207. Reason: Station has roamed to another AP
Environment details are below.
Aruba Central Managed: Yes
Deployed Access Points: AP-615, AP-515, AP-635, AP-535
Affected Firmware: 10.5.1.1 and 10.6.0.0 (Latest as of the time of this writing)
Features enabled for affected WLAN: 802.11k
Radio settings are left mostly at default settings
Other devices such as Windows laptops, Chromebooks, and Android devices also use this affected WLAN without issue.
If anyone has experienced similar issues or knows a solution to this problem, I'd be interested in hearing about them. I will open a TAC soon and update the thread with its information if this issue is being experienced by others.