User mentioned they have an older SSID using LEAP (they are scheduled to migrate away from this BTW, but not soon enough) and existing Apple client devices who upgraded to iOS 8 are having authentication issues.
According to Apple Enterprise support. The fix is as follows:- Use Apple Configurator to create a WiFi profile with LEAP enabled - Go to Make Profile - Click on WiFi Payload for IOS8 or Later except Apple TV - and click LEAP as the Authentication type - Go to the Prepare screen and find the profile you created and click the Share button. That exports the profile that can be pushed to the IOS devices or (as in my case) imported into my third party MDM software and pushed out that way. You can also email that profile to the users device.In case you are using Apple configurator, the above mentioned solution works fine for one of the user who mentioned: Apple Configurator worked for us. We created the profile then emailed it to affected users. The documentation is a little thin so it took some experimenting with settings but finally got it working.https://supportforums.cisco.com/discussion/12304946/apple-ios-8-and-leap-issue
According to the Apple Knowledge base "LEAP is disabled by default". So far we haven't been able to find where to enable it and when adding an SSID LEAP is not an option.
According to Apple, About the
Security content of iOS 8
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker can obtain WiFi credentials
Description: An attacker could have impersonated a WiFi access point, offered to authenticate with LEAP, broken the MS-CHAPv1 hash, and used the derived credentials to authenticate to the intended access point even if that access point supported stronger authentication methods. This issue was addressed by disabling LEAP by default.
it sounds like you need to re-enable it after upgrading to iOS8. Depending on how you configured authentication, it may require pushing out a new profile.
This document is created from the following discussion:
Hello, I have a network with 350 Cisco 1810W access points that are connected to Cisco 3650 PoE switches. I have noticed that the APs are drawing almost the full 30W per port. I believe these APs should only be drawing 8 to ...
Hello all masters of Cisco, I have a Cisco Access point 1852i. I tried to upgrade it on several different ways, via HTTP, via CLI, even via Cisco.com. But I wasn't successful. On HTTP I got a message "Transfer failed". In CLI via TFTP nothing happene...
Hello!We have WLC 2504(airos 8.5.130 ) with mix of AP1832 and AP1702I. Clients report sometimes slow performance and lags.I start test today - sit in direct AP vision and start ping controller and gw. I see same issue. Delay jump from 2ms to 80 -150...
Hello, I am in a situation where I need to rename a huge number of APs which wouldn't be feasible from the GUI. I spent a lot of time trying and searching for a how-to but to no avail!The commands listed under 'ap' don't include a rename! Is the...
I work for an MSP and also do sales into some enterprise clients, I have a client with 4x 3602 APs and another 17x 3702 APs ready to be installed.A colleague of his told him he needs a wireless controller now, he wants to know if that is a requirement, or...