Controllerless Networks

 View Only

InstantAP Nexus 4 won't connect to SAID with WPA2 Personal (Android 4.3)

This thread has been viewed 0 times
  • 1.  InstantAP Nexus 4 won't connect to SAID with WPA2 Personal (Android 4.3)

    Posted Nov 18, 2013 05:35 AM

    Hi Guys,

    I encountered some issue,in one of my clients site.

    (SMB OFFICE) with more than 30 units of Nexus 4

     

    • Android 4.3 on Nexus 4 phone , just wont connect to any WPA2 Personal ssid that being created with InstantAP105 - Dosent matter with AOS (even the newest) :smileysurprised: **cant see the MAC of the client(S)  on any show log / Gui interface**
    • Android 4.2.2 on Nexus 4 phone , Connecting as needed to WPA2.  :smileyhappy:

     

    even due it's seems an issue belong to google team and  Nexus 4 + 4.3 (Because other vendors - android smartphones with diffrent android os 4.1 4.2.2 4.3 4.3.1 4.4 /pc/apple devices  connecting as needed to WPA2 and working well)

     

    I still wanna share with the config:

    This is the config example - (this config is after  I changed it to WPA1 Personal - BTW  with WPA1 everything work like charm!) :smileyhappy:

     

    version 6.2.1.0-3.4.0
    virtual-controller-country IL
    virtual-controller-key bc76a0c101b0c8ad371d4e09ec6b0aad0dc58cdcece5343e4d
    name Instant-CB:8C:BE
    terminal-access
    ntp-server 192.114.62.250
    clock timezone none 00 00
    rf-band all

    allow-new-aps
    allowed-ap 6c:f3:7f:cb:8c:be
    allowed-ap 6c:f3:7f:cb:8c:bf
    allowed-ap 6c:f3:7f:cb:8c:d9
    allowed-ap 24:de:c6:c3:eb:02
    allowed-ap 24:de:c6:c3:ea:9a
    allowed-ap 24:de:c6:c3:ea:ee
    allowed-ap 24:de:c6:c3:d2:fa



    arm
     wide-bands 5ghz
     min-tx-power 12
     max-tx-power 18
     band-steering-mode prefer-5ghz
     air-time-fairness-mode fair-access
     client-aware
     scanning
    rf dot11g-radio-profile
     dot11h
     interference-immunity 3


    syslog-level warn ap-debug
    syslog-level warn network
    syslog-level warn security
    syslog-level warn system
    syslog-level warn user
    syslog-level warn user-debug
    syslog-level warn wireless






    mgmt-user admin 453e1d68f86d9a43120c46295a3e11db

    wlan access-rule default_wired_port_profile
     index 0
     rule any any match any any any permit

    wlan access-rule everything
     index 1
     rule any any match any any any permit

    wlan access-rule everything-guests
     index 2
     rule any any match any any any permit

    wlan access-rule default_dev_rule
     index 3
     rule any any match any any any permit

    wlan access-rule cable
     index 4
     rule any any match any any any permit

    wlan access-rule tunnels
     index 5
     rule any any match any any any permit

    wlan access-rule wired-instant
     index 6
     rule 10.0.254.10 255.255.255.255 match tcp 80 80 permit
     rule 10.0.254.10 255.255.255.255 match tcp 4343 4343 permit
     rule any any match udp 67 68 permit
     rule any any match udp 53 53 permit

    wlan access-rule everything-dev
     index 7
     rule any any match any any any permit

    wlan access-rule everything-users
     index 8
     rule any any match any any any permit

    wlan ssid-profile everything
     enable
     index 0
     type employee
     essid everything
     wpa-passphrase be166a11f2e8c0e6127d7ed0b942ec7a2a95d7701edcbc8d
     opmode wpa-psk-tkip,wpa-psk-aes
     max-authentication-failures 0
     vlan 2
     auth-server InternalServer
     rf-band all
     captive-portal disable
     dtim-period 1
     inactivity-timeout 1000
     broadcast-filter none
     blacklist
     dmo-channel-utilization-threshold 90
     local-probe-req-thresh 0
     max-clients-threshold 64

    wlan ssid-profile everything-guests
     enable
     index 1
     type employee
     essid everything-guests
     wpa-passphrase 59216016e4d8e027c3cbd0a40eef943fc792c754ff0e466e
     opmode wpa2-psk-aes
     max-authentication-failures 0
     vlan 2
     auth-server InternalServer
     rf-band all
     captive-portal disable
     dtim-period 1
     inactivity-timeout 1000
     broadcast-filter none
     per-user-bandwidth-limit 1000
     blacklist
     dmo-channel-utilization-threshold 90
     local-probe-req-thresh 0
     max-clients-threshold 64

    wlan ssid-profile cable
     enable
     index 2
     type employee
     essid cable
     wpa-passphrase 7aef79580fca6d5df5a8b2b184ec12f01b881fca1d3d5dbb
     opmode wpa2-psk-aes
     max-authentication-failures 0
     vlan 10
     auth-server InternalServer
     rf-band all
     captive-portal disable
     dtim-period 1
     inactivity-timeout 1000
     broadcast-filter none
     dmo-channel-utilization-threshold 90
     local-probe-req-thresh 0
     max-clients-threshold 64

    wlan ssid-profile tunnels
     enable
     index 3
     type employee
     essid tunnels
     wpa-passphrase b9b2998dd428332ff121e033683eaf995c95cfbc9a1be321
     opmode wpa2-psk-aes
     max-authentication-failures 0
     vlan 22
     auth-server InternalServer
     rf-band all
     captive-portal disable
     dtim-period 1
     inactivity-timeout 1000
     broadcast-filter none
     dmo-channel-utilization-threshold 90
     local-probe-req-thresh 0
     max-clients-threshold 64

    wlan ssid-profile everything-dev
     enable
     index 4
     type employee
     essid everything-dev
     wpa-passphrase 35c2c6046d0a28d332f04c23556da45861f0234e46f3bc1e
     opmode wpa2-psk-aes
     max-authentication-failures 0
     vlan 3
     auth-server InternalServer
     rf-band all
     captive-portal disable
     dtim-period 1
     inactivity-timeout 1000
     broadcast-filter none
     dmo-channel-utilization-threshold 90
     local-probe-req-thresh 0
     max-clients-threshold 64

    wlan ssid-profile everything-users
     enable
     index 5
     type employee
     essid everything-users
     wpa-passphrase 0f04838e192937c1853e7757beee503107af8cc8614c5143
     opmode wpa2-psk-aes
     max-authentication-failures 0
     auth-server InternalServer
     rf-band all
     captive-portal disable
     dtim-period 1
     inactivity-timeout 1000
     broadcast-filter none
     dmo-channel-utilization-threshold 90
     local-probe-req-thresh 0
     max-clients-threshold 64

    auth-survivability cache-time-out 24



    wlan external-captive-portal
     server localhost
     port 80
     url "/"
     auth-text "Authenticated"


    blacklist-time 3600
    auth-failure-blacklist-time 3600

    ids classification

    ids
     wireless-containment none


    wired-port-profile default_wired_port_profile
     switchport-mode trunk
     allowed-vlan all
     native-vlan 1
     shutdown
     access-rule-name default_wired_port_profile
     speed auto
     duplex full
     no poe
     type employee
     captive-portal disable
     no dot1x

    wired-port-profile wired-instant
     switchport-mode access
     allowed-vlan all
     native-vlan guest
     no shutdown
     access-rule-name wired-instant
     speed auto
     duplex auto
     no poe
     type guest
     captive-portal disable
     no dot1x


    enet0-port-profile default_wired_port_profile

    uplink
     preemption
     enforce none
     failover-internet-pkt-lost-cnt 10
     failover-internet-pkt-send-freq 30
     failover-vpn-timeout 180


    airgroup
     disable

    airgroupservice airplay
     disable
     description AirPlay

    airgroupservice airprint
     disable
     description AirPrint

    ---------------------------------------------------------------

     

    :robotsad::robotsad::robotsad::robotsad:

    • If anyone encounter issue similer like this and solve them - please share some tips.
    • if anyone encounter Wi-Fi issues with nexus 4 (With 4.3) please share ...

     

    Thanks,

     

    Me


    #3600