Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

iPhone DoS - Taking Down Wireless Network

Mobile devices are saturating our medium sized enterprise network. Examples of these devices are iPhones,

iPads , Kindles, Droids, etc… When a device is authenticated on our APMobile wireless network and downloads updates, email, or music our Network bandwidth is consumed. Services/Applications are no longer available, such as VoIP. Basically, this is an internal DoS.

I have done some research and an example of this problem is an “ARP Storm” but currently clients obtain IP addresses form our DHCP server, which acts as a proxy for the clients and if effective against deliberate attempts to craft packets that create “ARP Storms”. In addition we configured the WLC to disable ARPunicast processing via the CLI.

The following link is from Cisco's site. It is the ARPstorm that we originally thought was the cause but after more researching we found it wasn't this exact issue - http://tools.cisco.com/security/cen...

Does anyone have any ideas as to why iPhones frequently take down our network? Could this be a configuration issue with our firewall (Cisco ASA 5520 running version 8.4(2))?

Please advise.
Thanks.

8 REPLIES

iPhone DoS - Taking Down Wireless Network

The issue is not clear. We need to know what exactly happens when the issue occurs. Wireless capture is needed as well as wired capture to isolate.

Is the issue hitting a specific AP/location when it happens? or all APs are affected at te same time?

Do you have multiple WLCs? If yes then do you have them in Foreign-Anchor Scenario?

Where is the WLAN gateway is configured? on the ASA?

What is the software versoin that the WLCs run?

What AP model you have?

Rating useful replies is more useful than saying "Thank you"
New Member

iPhone DoS - Taking Down Wireless Network

We are controller based connecting back to Cisco 5508 WLC and the WAPs are Cisco 1242

We are a medium sized company and are going to run WireShark on the network and force the network to go down this weekend so we can see a little more what is going on.

Re: iPhone DoS - Taking Down Wireless Network

Hi there .. I'm curious, did you sniff the wireless medium ? Also, if you think that arp is a cause of the problem, you may want to try arp proxy on the access point. With arp proxy the ap will respond on behalf of the wireless client. This will limit some of the traffic over wireless.

http://www.my80211.com/home/2010/3/12/autonomous-understanding-cisco-ap-arp-caching-disabled-enabl.html

Also to be clear, is it the wireless being flooded or the wired ?

Sent from Cisco Technical Support iPhone App

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
Hall of Fame Super Gold

iPhone DoS - Taking Down Wireless Network

Not alot of info here, except the version of the ASA firmware you are running.

Can you please elaborate more?

What kind of WLAN are you running?  Autonomous or Controller-based?

What kind of WAPs are you running?  Aironets or SMB types?

New Member

iPhone DoS - Taking Down Wireless Network

We are controller based connecting back to Cisco 5508 WLC and the WAPs are Cisco 1242

iPhone DoS - Taking Down Wireless Network

Nolan: That is a useful post. +5.

But we need to confirm if the DoS this post is talking about is with one or all APs. It is possible that APs in different locations  experience same issue at the same time.

Rating useful replies is more useful than saying "Thank you"
New Member

Re: iPhone DoS - Taking Down Wireless Network

We are controller based connecting back to Cisco 5508 WLC and the WAPs are Cisco 1242

     

I will read the articles and get back to you.

Thank you so far you you help. We are thinking this a bandwidth issue and are going to run WireShark on the network and force it down with iphone and see what that tells us.

1257
Views
5
Helpful
8
Replies
CreatePlease to create content