Occasional Contributor II

ClearPass RADIUS COA issues with iPhone

I am building out a guest wireless setup with ClearPass.  We are allowing users to connect their personal devices to the guest network with their AD credentials.  Depending on the AD group membership we are placing different users into different VLANs.  


The workflow is the user connects to the guest SSID and gets the captive portal.  The user logs in with their AD credentials and the policy in CPPM determines which VLAN to send back to the Aruba controller.  CPPM issues a COA so that the user gets moved from the initial VLAN into the VLAN based on policy.  


This process seems to work well for most devices but the iPhone seems to roam over to the cellular connection or another known network if available instead of reconnecting to the same guest SSID after the COA.  


If we turn off the cellular connection on the phone and remove all known networks, then the process seems to work correctly.  Anyone have any tips or tricks to get the COA and reconnection to work smoothly for the iPhone?


Super Contributor II

Re: ClearPass RADIUS COA issues with iPhone

What type of CoA are you sending back? Terminate?



Dustin Burns
Senior Mobility and Access Engineer @WEI
ACMX #509 | ACCX #1272 | ACSP | ACDA | ACEP | CCNP | CCDP | CCNA Wireless

If my post address your queries, give kudos and accept as solution!
Occasional Contributor II

Re: ClearPass RADIUS COA issues with iPhone

Yes we are sending the Aruba wireless terminate session.

Search Airheads
Showing results for 
Search instead for 
Did you mean: