Wireless Access

last person joined: 18 hours ago 

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.
Back to discussions
Expand all | Collapse all

iPhone 5 (mini included) and newer wont roam between AP's with 802.1x

This thread has been viewed 0 times

  • 1.  iPhone 5 (mini included) and newer wont roam between AP's with 802.1x

    Posted Apr 28, 2014 10:38 AM

    We've been having a bunch of issues with iPhone 5(s) iPad mini's and newer iPads roaming between APs when using 802.1x. Running a 650 on code 6.3.1.4 with AP-105's.

     

    Already opened a ticket with TAC but not having much luck getting this working.

     

    Some of the things we've tried:

     

    aaa authentication dot1x "WiFi" 
    timer idrequest_period 3 
    reauth-max 2 
    timer wpa-key-period 2000 
    timer wpa2-key-delay 100 
    timer wpa-groupkey-delay 100 
    no opp-key-caching 
    validate-pmkid 

     

     Result: Dot11i key exchange was not happening when the client device had roamed to the new AP (this was on 6.1.3.7)

     

    Suspected client issue:  Upgraded to 6.1.3.11

     

    We tested with iPhone 5 & iPad3 by running a ontinuous ping using an app from client. 
    Saw more than 20 ping drops while an iPhone roams from one AP to another. 
    Disabled scanning on the arm profile. Then when checked with iPad there was not more than 2 ping drops. 
    Tried with another iPhone 5, even with this phone we saw more than 20 drops. 
    Per TAC upgraded to  6.3.1.4 (current release at the time)

    After upgrade to latest code - still unable to roam between APs.  

     

    FYI -  When roaming between APs the iPhone's MAC address is listed in the address table - the key exchange just fails. 

     

    Authentication works fine with OSX and Windows clients.

     

    Any insight would be greatly appreciated. 

     

    Other info:  IAS is running Windows Server 2003 Standard. 



  • 2.  RE: iPhone 5 (mini included) and newer wont roam between AP's with 802.1x

    Posted Apr 28, 2014 11:30 AM

    My previous post did not account for iOS 7.1.1.

     

    I just re-ran my roaming tests and it looks like iOS 7.1.1 fixed the issue whatever it was.  

     

    Tried logging on using both user@domain.com and just user with dot 1x and besides 3 dropped pings during roaming between APs it seems ok. 



  • 3.  RE: iPhone 5 (mini included) and newer wont roam between AP's with 802.1x

    Posted Jun 10, 2014 03:58 PM

    Our PC Shop came to us with possible wireless issues with the IPhone 5(s) and IPad2 3G on 7.1.1

     

    Our IPad air on 7.1.1 works great on the wireless and downloads apps just fine. But the PC shops IPad 2 3G and IPhone 5(s) has slow connectivity and will not download apps. I tested this in our war room where we both were connected to the same AP and the IPad air had no issues downloading apps and had good download speeds. 

     

    The PC Shop restored both the IPad 2 and the IPhone and received the same results. I did notice that 7.1.1 has not been approved on this site for aruba. http://www.arubanetworks.com/support-services/interoperability/

    I hope others will reply.

     

    Thanks