If you’re using a LACP link between the controller/MD and the uplink switch
double check that LACP signaling is correct.
We’ve seen this with at least one switch vendor where the LAG showed up, but
traffic was intermittent.
From: The EDUCAUSE Wireless Issues Community Group Listserv
On
Yes, this was AP manufacturer independent as the root cause of the issue was in
the way the device driver handles 802.11ax (WiFi 6).
If the user has updated their driver the issue is resolved, but you’d have to
rely on the user to properly upgrade their devices. If all they connect to is
We've seen much the same.
A Pixel 2XL and a Pixel3XL fully updated, the 2XL had the Don't Validate
option, but the Pixel3XL did not.
We added the CA cert to a subpage on the guest captive portal for ease of
access to the Wireless device, and provided some instructions for the devices.
The
+1 Kill WEP and TKIP
Please beware of enabling WPA3 or OWE!
Can’t wait to be able to use them, but there are still some serious driver
issues out there.
For instance, the Google Pixel 3 used to (may still) kernel panic and reboot
the phone when connecting to a WPA3-Personal SSID. No error, no
For the wireless side the ASE has a pretty good walkthrough.
https://ase.arubanetworks.com/solutions/id/161
Does the captive portal happen if you try to go to another non-https site on
Apple while connected?
If so, there's a check box for Apple Captive-portal Network Assistant by-pass
that
The new encryptions can also cause issues with some of the supplicants.
We’ve seen some clients requesting user/pass when connecting to an Open network
running the Open Wireless Enhanced (OWE).
Google Pixel 3’s used to Seg fault and rebooting the phone when connecting to
WPA3-Personal along
Aruba gives the following warning when doing containment / deauth
The Federal Communications Commission ("FCC") and some third parties have
alleged that, under certain circumstances, use of containment functionality
violates 47 U.S.C. Section 333 and/or other FCC rules, regulations or policies.
We’ve had issues specifically with Sonos and Aruba AirGroups, even custom built
AirGroup definitions didn’t work.
This was left at the engineering level with Aruba working for an AOS8 patch to
resolve the issue.
The last version we tested with was 8.3.0.9 and that still wasn’t patched /
Yes.
If you have AP-515’s you should be on 8.5.0.x code, DO NOT USE 8.4.x CODE.
So far it looks like the same fixes in the 8.3.0.8 code are in the 8.5.0.3, but
several folks are still having mDNS and SSDP issues with AirGroups on both.
Not sure about 8.3.0.9 just yet.
From: The EDUCAUSE
Has anyone got the eduroam CAT working with EAP-TLS?
Couldn’t find a good way for loading the certificates.
May have missed the documentation for that portion.
From: The EDUCAUSE Wireless Issues Community Group Listserv
On Behalf Of Enfield, Chuck
Sent: Friday, September 13, 2019 8:42 AM
To:
2nd that, self guided EAP-PEAP is convenient, but the Evil Twin Attack isn't
exactly new or difficult.
In the past I've used a optional layered approach.
Give an option on the open SSID captive portal for initial onboarding, or
limited Guest access (weekly type) captive portal re-login after
Check out the RF and Roaming Optimization Guide here:
https://community.arubanetworks.com/t5/Validated-Reference-Design/RF-and-Roaming-Optimization-for-Aruba-802-11ac-Networks/ta-p/508678
Some of this is very applicable even in a Cisco WLC environment.
Such as making sure that you disable
12 matches
Mail list logo
