Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1111
Views
9
Helpful
7
Replies

Apple iOS device connection issues

Go to solution
Greg Dickinson
Level 1
Level 1

‎08-07-2013 02:41 PM - edited ‎07-04-2021 12:36 AM

Hi,

I have a 2504 WLC with 3502 (and one 1311) APs.  I'm advertising three networks using local switching, to drop the traffic onto separate VLANs at each site.  We use the controller for configuration and AAA authentication, against a Server 2008 server running NPS.  I have a single user with a few Apple devices that seemingly at random loses connection to the wireless network.  When he loses connection I see the following in the event log on the WLC:

2Wed Aug  7 16:14:58 2013AAA Authentication Failure for UserName:[user]  User Type: WLAN USER
3Wed Aug  7 16:14:58 2013AAA Authentication Failure for UserName:

[user]

User Type: WLAN USER
4Wed Aug  7 16:14:58 2013 AAA Authentication Failure for UserName:

[user]

User Type: WLAN USER

Over and over, several times a second.  However I don't see these requests at the NPS server, and his AD account does not lock out as I would expect after several attempts to log in.  This account is used for wireless access and has a non-expiring password.

It seems to just be Apple devices - this user and one other have this issue and  both use iPads and iPhones.  Any clue what might be going on?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Greg Dickinson

‎08-07-2013 03:03 PM

That looks fine. I would just make sure session timeout is disabled and load balancing is disabled on the advanced tab.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎08-07-2013 02:43 PM

Check your encryption being used. You should only use either WPA v1 with TKIP or WPA v2 with AES. Don't mix and match and don't enable both on the same SSID.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Go to solution
Greg Dickinson
Level 1
Level 1
In response to Scott Fella

‎08-07-2013 02:52 PM

I'm pretty sure that's how it's set up (I'll admit I'm not the wireless expert...) Here's what I have:

       

Message was edited by: Greg Dickinson - Image was missing

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Greg Dickinson

‎08-07-2013 03:03 PM

That looks fine. I would just make sure session timeout is disabled and load balancing is disabled on the advanced tab.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Greg Dickinson
Level 1
Level 1
In response to Scott Fella

‎08-07-2013 08:59 PM

OK the timeout was enabled on both the "Corporate" and "BYOD" WLANS, so I disabled it there.  I left it enabled on the "Guest" WLAN that uses lcoal webauth.  Let's see what happens.

Thanks for the help.

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎08-08-2013 03:53 AM

If your using WebAuth then you still want to disable session timeout or maybe set it to 28800 sec and still set your idle timer to 7200 for example. Apple devices if the login and then goes to sleep will be required to login every time which isn't ideal.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Go to solution
Greg Dickinson
Level 1
Level 1
In response to Scott Fella

‎08-09-2013 11:34 AM

The timeout settings seems to have fixed the issue.  Thanks Scott...

Of course now I have some other questions regarding finding a host that keeps spamming the AAA server, but that's another subject for another thread

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Greg Dickinson

‎08-09-2013 11:41 AM

Well glad it's working for you.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card