I have a Corporate SSID which uses EAP-TLS authentication and I am noticing that an application that runs on our IPADs, times out at random times.
The IPADs display a report and, each IPAD one by one, the report crashed and fails to refresh.
I need to rule out this being an issue with our wireless. I have created a new SSID and used just WPA2 Pre Shared Key for authentication and the issue still persists.
I am testing the same report on a Windows 8 mobile device too to see if that experiences the same drop outs.
If I were to remove the use of WPA2 keys and just use MAC authentication and then limit the access on that SSID using an IP ACL, do you think that would provide a more reliable 24/7 wireless connection?
I guess the question I am really asking is whether Wireless Authentication is affecting our IPADs being able to have a 24/7 wireless connection. My thinking is that as session keys and group keys are changed / refreshed, the IPAD loses connectivity and hence the report fails to run.
First I would test with an open SSID just to get more info if it's something in the wireless or iPad. I would also disable session timer on the WLAN just to also test that scenario. The other issue is the application. The iPad will go to sleep and wireless supplicants might want to rekey on a certain time, so the application needs to have some sort of persistence built in. Roaming would be a good test also. Once you figure out why these devices break, sleep or even roaming, then you can look at how maybe you can tweak the application or the RF.
Please rate helpful post and Cisco Support Community will donate to Kiva
Our Corporate SSID uses EAP-TLS... so the first thing i did was create a new SSID with EAP-TLS, but disable session timeouts. This did not resolve the issue.
The next thing I did was to change the authentication type on the new SSID from EAP-TLS to WPA2 Pre-Shared-Key. The issue with this is that the WLC did not let me use RADIUS NAC when WPA2 PSK is being used, so I had to remove the RADIUS element alltogether and just use local MAC authentication (not ideal). This did not work either.
I would like to try open authentication but the SSID maps straight to a corporate DATA VLAN, so i am a bit weary trying that sugestion.
I am taking the route of trying the report on a different type of mobile device and a computer connected via the wire, just to make sure that it is not the report itself that has the issue.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...