Wireless Access

 View Only
last person joined: 18 hours ago 

Access network design for branch, remote, outdoor and campus locations with Aruba access points, and mobility controllers.
Expand all | Collapse all

Mobile phones can't connect to SSID whereas Computers can

This thread has been viewed 22 times
  • 1.  Mobile phones can't connect to SSID whereas Computers can

    Posted Jun 25, 2022 12:55 PM
    Hi everyone,

    I've recently installed standalone mobility virtual controller MC-VA 8.7.1.9. I created a SSID that has open one for guest network. Computers can connect to the SSID and get an ip address however mobile phones can't. I created a custom role that's ipv4 permit any any so nothing changed with that SSID. Is there anyone can guess what the problem may be ? I've really got stuck in this issue.

    Thanks in advance.


  • 2.  RE: Mobile phones can't connect to SSID whereas Computers can

    EMPLOYEE
    Posted Jun 25, 2022 06:08 PM
    When you say "open" is it captive portal or just plain open?

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------



  • 3.  RE: Mobile phones can't connect to SSID whereas Computers can

    Posted Jun 26, 2022 03:32 AM
    It's plain open, there is a third party captive portal in related vlan, it's just enough to connect to the SSID to be redirected.


  • 4.  RE: Mobile phones can't connect to SSID whereas Computers can

    EMPLOYEE
    Posted Jun 26, 2022 06:09 AM
    For Apple devices, the Aruba controller and third party captive portal must have a publicly trusted https certificate to work.

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------



  • 5.  RE: Mobile phones can't connect to SSID whereas Computers can

    Posted Jun 26, 2022 06:16 AM
    It doesn't matter that the device is Apple or Android, it doesn't work. Any mobile phone can't get an ip address, meanwhile it's been working with Cisco Controller for a long time.


  • 6.  RE: Mobile phones can't connect to SSID whereas Computers can

    EMPLOYEE
    Posted Jun 26, 2022 06:19 AM
    What is providing DHCP?

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------



  • 7.  RE: Mobile phones can't connect to SSID whereas Computers can

    Posted Jun 26, 2022 06:23 AM
    DHCP is third party device itself in the related vlan.


  • 8.  RE: Mobile phones can't connect to SSID whereas Computers can

    EMPLOYEE
    Posted Jun 26, 2022 06:29 AM
    You should create a second generic test open SSID and see if you have the same issue.

    ------------------------------
    Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    HPE Design and Deploy Guides: https://community.arubanetworks.com/support/migrated-knowledge-base?attachments=&communitykey=dcc83c62-1a3a-4dd8-94dc-92968ea6fff1&pageindex=0&pagesize=12&search=&sort=most_recent&viewtype=card
    ------------------------------



  • 9.  RE: Mobile phones can't connect to SSID whereas Computers can

    MVP EXPERT
    Posted Jun 27, 2022 10:53 AM
    I wireless connection is created in the following phases:

    1. 802.11 association/authentication
    2. Authentication (open/wpa2/wpa3)
    3. User role (ACL)
    4. DHCP Resolving

    First check if the first two phase has passed. On the controller you can user "show user-table" to see if the client mac adres is connected.
    The next command is "show user mac ##:##:##:##:##:##. Here you can see if all phases are completed. You can use the command "show rights" to see the ACL of the user-role.

    Questions:
    1. Is phase 1 802.11 association/authenticated successfull on your client
    2. What user-role is derived?
    3. What ACL consist the user-role?
    4. Did the client get an  IP address?

    If phase one is failed, not all client accept any channel or channel-width. What channel and channel-width are you using?

    If DHCP is failing you can enable dhcp debug logging.





    ------------------------------
    Marcel Koedijk | MVP Expert 2022 | ACEP | ACMP | ACCP | ACDP | Ekahau ECSE | Not an HPE Employee | Opinions are my own
    ------------------------------