10-16-2021 03:16 AM - edited 10-16-2021 03:25 AM
WLC Cisco IOS XE Software, Version 17.06.01
C9800 Software (C9800_IOSXE-K9), Version 17.6.1, RELEASE SOFTWARE (fc6)
AP ver 17.6.1.13
My 1+5T phone (Snapdragon 835, Android 10, Security patch 2020.09) won't connect to SSID.
I've tried configurations like this, if my phone works then old devices don't work.
work old devices
wlan Park 179 Park2021
no device-analytics
no device-analytics pc-analytics
no security ft adaptive
security wpa psk set-key ascii 0 Tech2021
no security wpa akm dot1x
security wpa akm psk
security wpa akm psk-sha256
security wpa akm sae
security wpa wpa3
security pmf optional
no shutdown
work android 10
wlan Park 179 Park2021
no device-analytics
no device-analytics pc-analytics
no security ft adaptive
security wpa psk set-key ascii 0 Tech2021
no security wpa akm dot1x
security wpa akm psk-sha256
security wpa akm sae
security wpa wpa3
security pmf optional
no shutdown
10-16-2021 03:32 AM
Search the forum for snapdragon as I remember seeing issue with them. I recall maybe it is also wpa3. Have you tried disabling that?
10-16-2021 04:26 AM
I read all similar topics, but I did not find solutions when all devices work.
10-16-2021 07:05 AM
10-17-2021 11:13 AM - edited 10-17-2021 11:15 AM
Like @Scott Fella said try disabling WPA3.
Recent testing has found up to 14% of current smartphones do not recognise a WPA3 enabled beacon (treated as invalid or corrupt) due to faulty/incomplete implementations of the 802.11 standards with the result that those devices cannot "see" the SSID at all if it is in WPA3 transition (WPA2 + WPA3) mode due to the WPA3 information element in the beacon.
Note this is a device issue which cannot be resolved on the AP/WLC. Only device firmware/driver updates can resolve this (some devices may never be fixed).
You can search for WPA3 certified phones at https://www.wi-fi.org/product-finder-results?sort_by=certified&sort_order=desc&categories=3&capabilities=628
Those who are WBA (Wireless Broadband Alliance) members can find more detail on the discussions in the Testing & Interoperability Work Group discussions on the WBA extranet site.
So on the WLC GUI that's WPA+WPA2 layer 2 security mode not WPA2+WPA3.
In CLI config:
security wpa wpa2 ciphers aes
security wpa akm psk
no security wpa akm sae
no security wpa wpa3
If it isn't WPA3 causing the problem then try adding/disabling features to see which is causing the problem like Scott said.
10-23-2021 06:58 AM
It turned out to make old and new devices work!
wlan Park 179 Park2021
no device-analytics
no device-analytics pc-analytics
dot11bg 11g
radio policy dot11 24ghz
radio policy dot11 5ghz
no security ft adaptive
security wpa psk set-key ascii 0 Tech2021
no security wpa akm dot1x
security wpa akm psk
security wpa akm psk-sha256
no shutdown
Additionally set in the section WLAN Timeout. I will watch how it will work in the future.
10-23-2021 07:36 AM
Yeah WPA3 is typically an issue with sites that have or might have older devices. As far as the timeout, I typically disable that or set that to the max. This is a preference to many, but many do not like to have that set as default.
10-24-2021 05:23 AM - edited 10-24-2021 05:26 AM
@Scott Fella note the WPA3 problem is not only old devices - up to 14% of currently available devices are affected!
The very latest devices are more likely to be WPA3 certified and therefore fixed.
I'm guessing there's some faulty 802.11 source code which has been widely re-used across the industry and therefore affects every device based on that source code.
10-24-2021 10:57 AM
It’s seems to always be an issue when “new” things come to market. I remember when 802.11n and channel widths became an issue and also AC. Just takes a few years before all vendors get it right:)
10-25-2021 12:54 AM
And Intel drivers not working with AX - quite recently
10-25-2021 01:10 AM
Hi @Rich R Are you referring to the below intel bug https://www.intel.com/content/www/us/en/support/articles/000054799/wireless.html
or something else? I would like to know more.
10-25-2021 01:38 AM
Yes that's the one @Arshad Safrulla
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide