Security

We have a ssid setup specifically for smart phones which uses PSK authentication and mac-auth.

mac-auth is done by clear pass.

The problem is we get disconnections on the ssid the clients are not getting ip address they are stuck on obtaining ip address most of the time.

The initial role on the aaa profile is set to logon and mac-auth role is set to Mgmt-role which has access to resources.

Is it the problem with the initial role because of which we have connectvity issues.

Who is leasing IP for users?

Is DHCP service present in assigned role?

Regards,

Nik..

DHCP is the wireless controller.

Its the deafault logon role we have changed anything on that.

Sripathy,

Do you see mac authentication coming through?  What role does the user get when the user passes mac auth?  That is the role that should have any any service dhcp.

After Mac-auth the role they fall into is Mgmt-role which has got dhcp , dns, http, https services allowed.

On clear pass we have getting success mesage for the mac address added.

How many SSIDs do you have setup and what bands are they operating on?

What kind of VOIP handsets are these?  You have to deploy your access points based on what the VOIP manufacturer suggests.  That is the key to success with VOIP handsets.--