Hello all,
Hoping someone can help. Quick overview of our architecture:
- 2 x Aruba ClearPass virtual 5k appliances
- IAP 325's & virtual controllers
- mix of architecture for routers, switches, firewalls inbetween
- Intune used to push a WiFi profile to clients
- Clients have PKCS certificates pushed from Intune, these are validated by ClearPass
- when the clients observe the VPN drop a timeout is seen in ClearPass
- clients with newer / higher spec WiFi adapters are less effected
Symptoms on WiFi:
- Windows 10 laptop clients observe frequent VPN disconnects and poor call quality issues with soft phones
- the VPN disconnects occur randomly, one client will disconnect whilst the person next to them will remain connected
- pings to the internet remain good whilst the VPN drops
- the behaviour only occurs when clients connect to an SSID configured with 802.1x / certificate based authentication, when connected to an open SSID or SSID with PSK the VPN does not drop - observed for several hours
- for testing, clients have been connected directly to the WiFi switch with a CAT6 in the relevant VLAN with no authentication, no issues observed
Aruba TAC have been engaged for several months and requested BSSID / Wireshark captures but they do not show 802.1 frames for some reason.
Basically it's clear the issue is related to 802.1x, any help would be much appreciated!
Many thanks