cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
670
Views
10
Helpful
8
Replies

IPAD Connectivity issue in WLC4400 with 7.0.240.0

sreejith_r
Level 1
Level 1

I have an SSID with 802.1x authentication for IPAD. If i am trying to connect with my IPAD its giving me an error message "unable to connect" for the first three or four attempts and in the fifth or sixth attempt it connects.

In debugging its showing timeout event error occurs. I have configured all the EAP timers to the maximum value. But still facing issues.

Any Clue?

Thaks & Regards

Sreejith R

8 Replies 8

Does this happen to all the iOS versions or specific iOS version devices (like 7.x). If you forget all the networks & try to join to a SSID, will that successful first time or still needs to try 2-3 times.

Post "show wlan to get an idea how you configured the SSID.

Below gives the order of preference when iOS device trying to connect to a SSID when multiple SSID available

http://support.apple.com/kb/HT5965

HTH

Rasika

**** Pls rate all useful responses ****

It's happening to iphone and iPad for versions 7 and 6 . Even for the first time it's the same.

During debugging it's showing timeout event occurred even I configured the eap timers to maximum

Sent from Cisco Technical Support iPhone App

Scott Fella
Hall of Fame
Hall of Fame

Apple devices have issues connecting if your using WPA or WPA2 encryption. If you are using WPA or WPA2, make sure you only using one. Either WPA/TKIP or WPA2/AES. Don't use both or a mix if ine or the other. If you still have issues, post your show WLAN

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

Please find the below output

(Cisco Controller) >show wlan 13


WLAN Identifier.................................. 13
Profile Name..................................... mdm
Network Name (SSID).............................. mdm
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Enabled
AAA Policy Override.............................. Enabled
Network Admission Control

Radius-NAC State............................... Enabled
SNMP-NAC State................................. Disabled
Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Number of Active Clients......................... 0
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ dt_vendor
Multicast Interface.............................. Not Configured

--More-- or (q)uit
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Enabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
Authentication................................ 172.18.35.99 1812
Accounting.................................... 172.18.35.99 1813

--More-- or (q)uit
Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security

802.11 Authentication:........................ Open System
Static WEP Keys............................... Disabled
802.1X........................................ Disabled
Wi-Fi Protected Access (WPA/WPA2)............. Enabled
WPA (SSN IE)............................... Disabled
WPA2 (RSN IE).............................. Enabled
TKIP Cipher............................. Disabled
AES Cipher.............................. Enabled
Auth Key Management
802.1x.................................. Enabled
PSK..................................... Disabled
CCKM.................................... Disabled
FT(802.11r)............................. Disabled
FT-PSK(802.11r)......................... Disabled
FT Reassociation Timeout......................... 20
FT Over-The-Air mode............................. Enabled
FT Over-The-Ds mode.............................. Enabled
CCKM tsf Tolerance............................... 1000
CKIP ......................................... Disabled

--More-- or (q)uit
IP Security................................... Disabled
IP Security Passthru.......................... Disabled
Web Based Authentication...................... Disabled
Web-Passthrough............................... Disabled
Conditional Web Redirect...................... Disabled
Splash-Page Web Redirect...................... Disabled
Auto Anchor................................... Disabled
H-REAP Local Switching........................ Disabled
H-REAP Local Authentication................... Disabled
H-REAP Learn IP Address....................... Enabled
Client MFP.................................... Optional
Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled

Mobility Anchor List
WLAN ID IP Address Status
------- --------------- ------


--More-- or (q)uit

(Cisco Controller) >

Sent from Cisco Technical Support iPhone App

If you are doing AAA override you can test it without that & see if that make any difference.

If issue is only with iOS devices, then I would suggest to get "debug client " output  for working client (like Android device) & for a iOS device.

Then you can compare what's happening with iOS device. If you could get this pls attach as txt file so then easy to compare.

HTH

Rasika

**** Pls rate all useful responses ****

Scott Fella
Hall of Fame
Hall of Fame

Take a look at the radius server logs also. Now what I would test is taking a device that has issue and create a new ssid for testing that uses WPA2/AES preshared key and see if the issue still happens. Also tests with an open ssid. This helps is understand if it may be a radius issue, WLC config issue or something else.

I would also try to reset the network setting on the iDevice to see if that helps. I noticed that the profile is mdm. Are you using an mdm solution and is it pushing out the wireless profile?

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

The radius is fine as I am getting successful messages for each try. It's something to do with the client and the wlc . I think it should be the issue with the EAP timers as I am getting timeout event in the wlc

Sent from Cisco Technical Support iPhone App

you can change your EAP Timers, take a look at the below document on some recommendations

https://supportforums.cisco.com/docs/DOC-12110

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
Review Cisco Networking for a $25 gift card