Product Version.................................. 7.0.240.0
Firmware Version................................. PIC 16.0

When the Mac book goes from one AP to another it gets associate to 161 channel.

Post the output to the command "sh wlan <ID>".

WLAN Configuration

WLAN Identifier.................................. 8
Profile Name..................................... OFFICE-4
Network Name (SSID).............................. OFFICE-4
Status........................................... Enabled
MAC Filtering.................................... Enabled
Broadcast SSID................................... Disabled
AAA Policy Override.............................. Disabled
Network Admission Control

  Radius-NAC State............................... Disabled
  SNMP-NAC State................................. Disabled
  Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Number of Active Clients......................... 37
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ OFFICE-4
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
   Authentication................................ Global Servers

--More or (q)uit current module or <ctrl-z> to abort
   Accounting.................................... Global Servers
   Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security

   802.11 Authentication:........................ Open System
   Static WEP Keys............................... Disabled
   802.1X........................................ Disabled
   Wi-Fi Protected Access (WPA/WPA2)............. Enabled
      WPA (SSN IE)............................... Disabled
      WPA2 (RSN IE).............................. Enabled
         TKIP Cipher............................. Disabled
         AES Cipher.............................. Enabled
      Auth Key Management
         802.1x.................................. Disabled
         PSK..................................... Enabled
         CCKM.................................... Disabled
         FT(802.11r)............................. Disabled
         FT-PSK(802.11r)......................... Disabled
FT Reassociation Timeout......................... 20
FT Over-The-Air mode............................. Enabled
FT Over-The-Ds mode.............................. Enabled
CCKM tsf Tolerance............................... 1000

--More or (q)uit current module or <ctrl-z> to abort
   CKIP ......................................... Disabled
   Web Based Authentication...................... Disabled
   Web-Passthrough............................... Disabled
   Conditional Web Redirect...................... Disabled
   Splash-Page Web Redirect...................... Disabled
   Auto Anchor................................... Disabled
   H-REAP Local Switching........................ Disabled
   H-REAP Local Authentication................... Disabled
   H-REAP Learn IP Address....................... Enabled
   Client MFP.................................... Optional
   Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled

-------------------------------------------------------------------------------------

WLAN Identifier.................................. 10
Profile Name..................................... OFFICE_Group
Network Name (SSID).............................. OFFICE Group
Status........................................... Enabled
MAC Filtering.................................... Disabled
Broadcast SSID................................... Disabled
AAA Policy Override.............................. Disabled
Network Admission Control

  Radius-NAC State............................... Disabled
  SNMP-NAC State................................. Disabled
  Quarantine VLAN................................ 0
Maximum number of Associated Clients............. 0
Number of Active Clients......................... 1
Exclusionlist Timeout............................ 60 seconds
Session Timeout.................................. 1800 seconds
CHD per WLAN..................................... Enabled
Webauth DHCP exclusion........................... Disabled
Interface........................................ OFFICE GROUP
Multicast Interface.............................. Not Configured

--More or (q)uit current module or <ctrl-z> to abort
WLAN ACL......................................... unconfigured
DHCP Server...................................... Default
DHCP Address Assignment Required................. Disabled
Static IP client tunneling....................... Disabled
Quality of Service............................... Silver (best effort)
Scan Defer Priority.............................. 4,5,6
Scan Defer Time.................................. 100 milliseconds
WMM.............................................. Allowed
WMM UAPSD Compliant Client Support............... Disabled
Media Stream Multicast-direct.................... Disabled
CCX - AironetIe Support.......................... Enabled
CCX - Gratuitous ProbeResponse (GPR)............. Disabled
CCX - Diagnostics Channel Capability............. Disabled
Dot11-Phone Mode (7920).......................... Disabled
Wired Protocol................................... None
IPv6 Support..................................... Disabled
Passive Client Feature........................... Disabled
Peer-to-Peer Blocking Action..................... Disabled
Radio Policy..................................... All
DTIM period for 802.11a radio.................... 1
DTIM period for 802.11b radio.................... 1
Radius Servers
   Authentication................................ Disabled

--More or (q)uit current module or <ctrl-z> to abort
   Accounting.................................... Disabled
   Dynamic Interface............................. Disabled
Local EAP Authentication......................... Disabled
Security

   802.11 Authentication:........................ Open System
   Static WEP Keys............................... Disabled
   802.1X........................................ Disabled
   Wi-Fi Protected Access (WPA/WPA2)............. Enabled
      WPA (SSN IE)............................... Disabled
      WPA2 (RSN IE).............................. Enabled
         TKIP Cipher............................. Disabled
         AES Cipher.............................. Enabled
      Auth Key Management
         802.1x.................................. Disabled
         PSK..................................... Enabled
         CCKM.................................... Disabled
         FT(802.11r)............................. Disabled
         FT-PSK(802.11r)......................... Disabled
FT Reassociation Timeout......................... 20
FT Over-The-Air mode............................. Enabled
FT Over-The-Ds mode.............................. Enabled
CCKM tsf Tolerance............................... 1000

--More or (q)uit current module or <ctrl-z> to abort
   CKIP ......................................... Disabled
   Web Based Authentication...................... Disabled
   Web-Passthrough............................... Disabled
   Conditional Web Redirect...................... Disabled
   Splash-Page Web Redirect...................... Disabled
   Auto Anchor................................... Disabled
   H-REAP Local Switching........................ Disabled
   H-REAP Local Authentication................... Disabled
   H-REAP Learn IP Address....................... Enabled
   Client MFP.................................... Optional
   Tkip MIC Countermeasure Hold-down Timer....... 60
Call Snooping.................................... Disabled
Roamed Call Re-Anchor Policy..................... Disabled
SIP CAC Fail Send-486-Busy Policy................ Enabled
SIP CAC Fail Send Dis-Association Policy......... Disabled
Band Select...................................... Disabled
Load Balancing................................... Disabled

Any Problems with the configurations ? ,if there is, then  i will ask my network team to troubleshoot.

The WLAN configuration looks fine for Apple devices.. but may I ask, how many SSID's do you have and how many are actually being broadcast on those access points.  I see the WLAN ID as 8 and 10, best practice is to have at most 4 or less.  If users have to switch SSID's, that can be the issue.... roaming really is when you stay on a given SSID, or are you saying that if an Apple device is on WLAN 8 in one area and moves to another area on the same SSID, the Apple devices have issues?  Have you tried deleting the wireless profile on the apple devices and adding them back on?

Scott

There are 10 SSIDS , in the office. 4 are outside the hall and 2 are inside the room .

one in my cabin and one in meeting room . likewise 2 are inside some room and 2 vice versa.

the two SSIDS are broadcasting at 2.4 Ghz and 5 Ghz both , while outside the hall are broadcasting at only 2.4Ghz

These two SSIDS in cabin and meeting room are in channel 1 and channel 161.

Do we need to change the channel ??

yes, if an Apple device is on WLAN 8 in one area and moves to another area on the same SSID, the Apple devices have issues.

Still i did not understand what is the issue.

From my experience, you need not to have that many access points.  This would also mean that devices have more than one wireless profile, in which you can't control what ssid the device wants to switch to, unless you manually change it.

For roaming and good user experience, you want to keep SSIDS on all AP's and also have the same radio bands enabled.  What you are doing, isn't how the wireless system is suppose to be designed and, nothing you can do to fix the client issue if the device is freaking out.  Roaming..... being able to have the same ssid and radios enabled throughout the area in which the SSID needs to be seen by the device.  Having more than 3-4 SSID's, will always cause issues with devices because there is a beacon being sent out for every SSID you have enabled.  See link below:

http://wifinigel.blogspot.com/2013/08/its-well-known-rule-of-thumb-when.html

SSID's can be eliminated, especially if the access to the vlans are the same or if the SSID is mapped to the same vlan.  If you associate to one SSID, do you have the same access as on any other?  Remember, devices require that the SSID is available in all areas that the user is going to move around.  The radios also need to be enabled for that to ensure best user experience.

Scott

Thanks Scott for your suggestions.

Actually i do not have the controller with me right now , tomorrow i will tell the network admin to check what you have told and will get back to you. 

Not a problem.... from my years of doing this, I have had to migrate customers that have 10+ SSID's to maybe 3-5 or when using ISE, we can even bring this down to 2.  Upgrades in the past were just to keep the original design, which worked, back in the days, but with BYOD and the increasing number of SSID's and clients, you have to go back to the design board and sit back and take another look.  Having SSID's broadcast on certain AP's worked well in the past, but back then, people got use to bad roaming... they new to restart their wireless and they are good.  These days, users want hands off...  just get it to work.  so that is where you have to look at what is currently being designed and sit back and think, "how would I attack this now, that will still work great 5 years from now."

Scott