cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2725
Views
0
Helpful
11
Replies
Highlighted
Beginner

WLC9K8 + AP9K + Android10 Connectivity Issue

Hi Team, 

 

We are experiencing weird behaviour with WLC9K8 and AP9K with some devices, exactly Android 10 Devices (doesn't matter which device model, we tried with Samsung and Xiaomi with same result).

 

The issue:

When those devices try to join to SSID the behaviour is "Trying to Connect, Disconnect...Trying to Connect, Disconnect..." and never connects, this happens with WPA2-PSK, with WPA2-ENTERPRISE, with or without WIFI-AX enabled, in 2.5Ghz and 5Ghz band...

 

If we open the ssid (no auth required) the device connects smoothly.

 

We tried to debug on WLC with no traces captured... is like the device never reaches the WLC.

 

Have you experiencied this behaviour in your deployments? Any advice? Probably we are missing some "check" in configuration but I'm unable to see it.

 

We are running WLC9K8 virtual in FlexConnect mode and 16.12.1t code. We upgraded recently, with the old version (recommended one, it doesn't work, we experienced the same problem).

 

Thank you,

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

11 REPLIES 11
Highlighted
Participant

I discovered a new bug regarding c9800 + c91xx APs when using smartphones and enabling PMF (802.11w). DISCOVERED BUG CSCvs41931.

 

If you disable PMF, like it happens when using Open Auth, it works flawlessly.

 

Bug for 9120 issue CSCvs41931 - Clients not replying to M3 packet tx by 9120 in flexconnect connected to 9800 dot1x-sha256 SSID With the fix for CSCvs11922 there will be no need to configure dot1x-sha256 and then will avoid bug CSCvs41931 Problem Description: Newly provisioned Catalyst 9120AX WiFi6 access point on brand new Catalyst 9800-80 controller.

 

HTH
-Jesus

*** Rate All Helpful Responses ***

Highlighted

Hi Jesús,

 

It doesn't work in our scenario.

 

We tried to debug (debug client xx.xx.xx.xx.xx) on AP and if we try to connect to OPEN SSID or PORTAL SSID type, we can see the traces of the debug but if we try to connect to the WPA2-PSK or WPA2-ENT we cannot see nothing, it's like if the AP isn't see nothing...

 

Thank you,

Highlighted

What's your current WLAN configuration? (CLI output or GUI)

Highlighted
Hall of Fame Master

Seems like you have a wlan setting that is wrong. Create a new test ssid with now FT, no WPA3, no k or v, just as basic as you can then test. Typically if it fails a join, must be a setting unless you are hitting a bug.
-Scott
*** Please rate helpful posts ***
Highlighted

hi,

 

we're encountering the EXACT same issue (cat98 with 16.12.2s) - no logs or debug traces of any kind when the clients tries to connect to a WPA2 network (both Enterprise+PSK won't work). Problem e.g. with Nokia 7plus with Android 10; normal PC/Laptop works fine.

We (for troubleshooting) established another "pure" WPA3-Enterprise SSID (no WPA2), the Android10 phone works there (!).

 

But as a university, we cannot deploy eduroam as WPA3-only at the moment as there are pretty many very old clients around.

So I'm very interested if there is any kind of progress regarding this topic?

 

kind regards,

Philipp

Highlighted

Seems like you are hitting the exact same behaviour here:

https://community.cisco.com/t5/wireless-and-mobility/issues-connecting-android-10-to-cisco-me/m-p/4065397

Take into account that the code is the same for the APs, no matter what the controller is.

After troubleshooting end-to-end (device,OTA,AP, controller), I realized some mobile devices using Android 10 (Xiaomi in my case) were not sending any association request. Doing some debugs with ADB (Android Debug Suite) there were no association-request when using WPA2 or WPA2/WP3-Mixed, and the process only worked when using WPA3-Enterprise.

All Windows 10 devices, iOS and the rest of the Android 10 (Samsung) or Android 7 devices I have tested worked like a charm.

Unfortunatelly, openning a support case with Xiaomi didn't worked for me, they only support basic troubleshooting, and the only workaround is to factory-reset the device.

But the only good news is that those devices are working properly with lower Cisco codes and other vendors. There should be some weird thing in the logic of the mobile vendor implementation of Android 10 that doesn't understand such beacon and do not send association request. Looking into "wpa_supplicant.conf" doesn't solve my doubts on where it is the failure.

 

HTH
-Jesus
*** Please Rate Helpful Responses ***

It looks like with Android 10, some vendors 

Highlighted

Hi all

Any news about this case ?

At our university we have got exactly the same problem

wlc9k8 16.12.2s,  ap3.8k, 2.8k or 9k   Nokia 7+  One+8   android10

 

The Nokia connects fine with android 9 but not  with Android 10.

 

Kind regards

Robert

Highlighted

I invite you to follow this discussion thread as it is been updated more frequently, and the issue is the same for both software codes.

https://community.cisco.com/t5/wireless-and-mobility/issues-connecting-android-10-to-cisco-me/m-p/4065397

Last update: configuration with WPA2-SHA256 do the trick, but missing legacy devices.

Highlighted

Hi Buddy,

I have a exactly same issue with WLC 3504 and AP 3802e, some users have Xiaomi phone (Android 10) can not connect. 

I have 2 work around:

 1. Change Layer 2 Security to None (Open ssid).

 2. Change PSK to PSK-SHA2.

I can not deploy my customer's network with solution 1. 

With solution 2, some old generation laptop can not connect.

Could anyone share better solution with us ?

 

Highlighted

Highlighted

Thank you!!

 

Looks like at least qe can justify or workaround the issue!

 

Regards,

Content for Community-Ad

This widget could not be displayed.