Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1055
Views
0
Helpful
1
Replies

IPhones and iPads randomly disconnects from ISE.

vstoyanov
Level 1
Level 1

‎03-14-2018 10:08 AM - edited ‎02-21-2020 10:48 AM

IPhones and iPads randomly disconnects from ISE.
 
We use 802.1X secure authentication by Cisco ISE 2.2.0.470, WLC 8.3.112.0, Active Directory, AP: 2600, 3702, 1142.
Internet working after authorization, but when devices going idle it will lose connectivity.  No issues with IMac, Macbooks, macmini or Android devices. 
 
No issues on WPA2. 
The problem is manifested on 802.1x only
 
User session 12hr 
Idle timeout 12hr

Any advices ?
 
Labels:
0 Helpful
1 Reply 1

Arne Bier
VIP
VIP

‎03-14-2018 06:59 PM

If the EAP requests don't even come to ISE after the iPhone/iPad wakes up from idle state, then it's probably not an ISE issue.  It may be that the AP's are doing some kind of key caching (probably 802.11r or BSS Fast Transition) and that could be broken. 

If however you can see the radius request coming into ISE then ISE should be responding to it.  ISE will generate the new keying material for the WPA2 encryption.

CCKM is another key caching mechanism but it requires CCXv5 - not sure if that applies to iPhone/iPad (mostly things like Cisco VoIP phones and intel wifi chipsets).

I would open a TAC case quite honestly.  They might ask you to disable 802.11r if you have it enabled.

0 Helpful
Customers Also Viewed These Support Documents