Anyone using WPA3?
09-20-2019 03:49 AM - edited 09-20-2019 03:53 AM
o.k. WPA3-Enterprise available on controllers (184.108.40.206) our eduroam net is normally configured for wpa2-enterprise
iOS 13 appeared this morning and our onboarding s/w allows us to configure an iPhone to use wpa3-enterprise
I use eap-tls on my iPhone and with the controller set up to use wpa2-enterprise the mobility master shows
1).my username = CN of client cert
2). That the role assigned is = whts passed from clearpass ( filterid=abc... = controller policy
Reconfigure iphone to use wpa3-enterprise and it can still connect . to wpa2 net - fine
However, reconfigure eduroam from wpa2-enterprise to be wpa3-enterprise, disconnect / reconnect iphone and although clearpass does the same thing and sends back an access accept, on the mobility master the iPhone entry shows a name of its ip address and its role is set to logon.
Net result is that the phone thinks it sconnected to eduroam but the controller is blocking traffic as the role is incorrect
Revert the mobility controller back to wpa2-e and stuff works
Know its the 1st day of iOS supporting wpa3 on a controller has been there for a while ...