Meraki

Community

MR33 AP connectivity issues for Apple Devices

DB
Here to help
‎Oct 21 2018 7:24 PM
‎Oct 21 2018 7:24 PM

MR33 AP connectivity issues for Apple Devices

Hello,

We have installed in our office MR33. Our Guest SSID works well with PC's connectivity. However it does not work well with Apple devices. 

After selecting the Guest SSID and entering the correct password, the Apple device keeps rejecting the connection due to incorrect password even though we know we are entering the right password.

The Apple device also indicated issues with WPA2 settings.

After following recommendations from the Apple support site, the devices still fail to connect.

We have followed the recommendations steps:

1. resetting settings

2. resetting the device

3. re-try the connection by manually entering the SSID and selecting WAP2 as the authenticatin protocol.

 

Still no success after completing those steps.

 

Note that the Apple device used for testing connects well to other WIFI networks.

 

Our MR33 are running firmware version: MR 25.12

The Apple device used in connectivity testing is running IOS 12.0.1.

 

I am interested to know if anyone has come across this issue before? if so, I appreciate suggestions on how to resolve it.

Thanks in advance!

 

 

 

Labels:
0 Kudos
21 Replies 21
BrandonS
Kind of a big deal
‎Oct 21 2018 8:25 PM
‎Oct 21 2018 8:25 PM

What settings do you have on the Meraki side?  It sounds like you chose something Apple doesn't like.

- Ex community all-star (⌐⊙_⊙)
In response to BrandonS
DB
Here to help
‎Oct 21 2018 8:50 PM
‎Oct 21 2018 8:50 PM

Hi BrandonS,

Thanks for your reply.

These are the current settings, which I kept basic as an initial set up testing.

Association requirements: Pre-shared key with WPA2 and a key(password)
WPA encryption mode: WPA2 only
802.11w: disabled
Splash page: None (direct access)
no group policies enabled
Client IP assignment: NAT mode (Use Meraki DHCP)
No VLAN tagging
For now, Band selection: Dual band operation.

0 Kudos
In response to DB
AnuragJain
Conversationalist
‎Jun 23 2019 8:36 PM
‎Jun 23 2019 8:36 PM

I have the exact same problem. Please let me know if you were able to get it resolved.

In response to AnuragJain
BW2021
New here
‎Mar 7 2021 10:34 PM
‎Mar 7 2021 10:34 PM

What are the hostnames of the iphones in question?  Apple devices frequently have the same hostnames.  I'm curious how a meraki AP like the MR55 handles lets say five devices from Apple all trying to connect with generic hostnames like "IPhone" for all five devices...Typically this wouldn't work on any network because it couldn't resolve the name to duplicate hostnames?  If you had five PCs on a network named DellPC, only one would connect at any given time. 

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 21 2018 11:02 PM
‎Oct 21 2018 11:02 PM

Some clients can not handle complex passwords.   For a test,  try making the password simple. 

In response to PhilipDAth
DB
Here to help
‎Oct 22 2018 5:40 PM
‎Oct 22 2018 5:40 PM

I'll give that a try. At present it is only one word with two capital letter. I will change to just a plain word and see how it goes. 

THank you.

0 Kudos
pstewart
Getting noticed
‎Oct 22 2018 3:37 AM
‎Oct 22 2018 3:37 AM

I have a lot of Apple devices in my home lab - happy to compare settings if you are still having problems ...
In response to pstewart
DB
Here to help
‎Oct 22 2018 5:43 PM
‎Oct 22 2018 5:43 PM

Thanks pstewart. 

I included my current settings in one of my previous posts.

Appreciate your input.

0 Kudos
randhall
Getting noticed
‎Oct 22 2018 8:43 AM
‎Oct 22 2018 8:43 AM

Try opening a support case. We have a similar case involving MR18s (Case# 03209629) and are testing a patch with some luck.

In response to randhall
BrandonS
Kind of a big deal
‎Oct 22 2018 8:48 AM
‎Oct 22 2018 8:48 AM

I would try a new SSID with default settings for testing.  Then change one thing at a time to see if it breaks again.  Did you enable 802.11r or change the RF profile at all?

- Ex community all-star (⌐⊙_⊙)
In response to BrandonS
DB
Here to help
‎Oct 22 2018 5:48 PM
‎Oct 22 2018 5:48 PM

BrandonS, I have not enabled 802.11r  nor changed the RF profile. 

Taking every one's suggestions here is the plan.

1. change password to a simple word.

if that doesnt make any difference,

2. I will create a new SSID as per the suggestion and change one setting at a time.

if that doesnt make any difference,

3. Log a TAC case to get them to investigate if a firmware upgrade is required.

 

I will report back results.

0 Kudos
Dan_Nicolet
Here to help
‎Oct 22 2018 11:00 AM
‎Oct 22 2018 11:00 AM

I have an MR33 and run several Apple devices on it. The SSID is configured with a Pre-shared key. I am currently running 25.11. I will upgrade and get back with an update. 

My devices are running iOS 12.1 and iOS 12.1 Public beta 4.

In response to Dan_Nicolet
DB
Here to help
‎Oct 22 2018 5:50 PM
‎Oct 22 2018 5:50 PM

Thanks

0 Kudos
In response to Dan_Nicolet
Dan_Nicolet
Here to help
‎Oct 22 2018 7:17 PM
‎Oct 22 2018 7:17 PM

Performed the firmware upgrade and tried several different configurations. I also matched the configuration above. Could not get the Apple devices to fail association.
What is the AP connected to? Seems basic but did you try to reboot the AP?
In response to Dan_Nicolet
DB
Here to help
‎Oct 22 2018 11:07 PM
‎Oct 22 2018 11:07 PM

Dan_Nicolet,

Thanks for your input and testing time. I have changed the shared key to a very simple word, rebooted the AP's. User testing, no change unable to authenticate with mobile devices, specifically Apple Iphone.

THe AP is connected to a cisco 3750 via PoE power packs. THe switch port was initially configured as a trunk because I want a vlan for guest and another for corporate. but for the purpose of testing I configured the guest ssid with very simple settings. after encountering all these connectivity issues I changed the switch port config to access mode.

I cannot see how that would impact the authentication, however I gave it a try. Rebooted AP's after switch config change and still no change.

HEre is the error shown in dashboard:

type='WPA-PSK auth fail' associated='false' radio='1' vap='1'

 

I feel like I need to wipe out the AP configs and start again.. if after doing that no change, the next step is a tac case.

 

In response to DB
DB
Here to help
‎Oct 23 2018 5:57 PM
‎Oct 23 2018 5:57 PM

Hi all,

User test this morning for guest ssid:

Apple devices authenticated and connected OK

PC's uthenticated and connected OK

 

This was the last course of actions I did before I would decide to wipe out configs.

1.Reboot AP's, shut down the switch ports immediately to isolate.

2.Re-configure switch ports from Trunk to Access.

3.Re-enabled switch ports. AP's reconnected.

4.Reboot AP's again.

5. I also configured a very simple 8 digit password. ( previous was longer than 8 using mix of capital and numbers)

 

Got users to test this morning and everyone was able to authenticate their devices, Apple's and PC's and navigate the www.

 

Thanks everyone for your input and suggestions.

It was a great welcoming as a newbie on this community.

 

 

 

0 Kudos
NolanHerring
Kind of a big deal
‎Jan 30 2019 6:33 AM
‎Jan 30 2019 6:33 AM

@DB  Not to necro this thread, but just curious if by any chance you had disabled 'meshing' under General settings.

Nolan Herring | nolanwifi.com
TwitterLinkedIn
In response to NolanHerring
Philip1
Conversationalist
‎May 23 2019 3:35 PM
‎May 23 2019 3:35 PM

@NolanHerring 

Not OP, but that's the behavior I've found in my environment.  After enabling mesh the "wrong PSK" bevavior on my MR33 went away.

 

PSK on MR32 worked, on MR33 didn't work while mesh was disabled.

0 Kudos
In response to Philip1
NolanHerring
Kind of a big deal
‎May 24 2019 6:59 AM
‎May 24 2019 6:59 AM

@Philip1 wrote:

@NolanHerring 

Not OP, but that's the behavior I've found in my environment.  After enabling mesh the "wrong PSK" bevavior on my MR33 went away.

 

PSK on MR32 worked, on MR33 didn't work while mesh was disabled.

Thanks for the feedback @Philip1 

 

That's not good lol.  Did you open a support case for that?

 

I've disabled MESHING (for testing) with MR33 and did not run into any issue with being able to connect with the same WPA2-PSK network I had before disabling.

Nolan Herring | nolanwifi.com
TwitterLinkedIn
0 Kudos
dalmiroy2k
Getting noticed
‎May 30 2019 8:45 AM
‎May 30 2019 8:45 AM

_ Checkout Air Marshall settings. Allow rogue AP for the test. Make sure your iphone client is actually connecting to your MR33 and not other vendor AP with the same SSID down your network.

_ Disable 802.11R and 802.11W.

_ Switch from Dual band operation with Band Steering to Dual band operation (2.4 GHz and 5 GHz).

_ Consider creating a dedicated SSID for iphone and other problematic clients.

 

After this changes:

 

Erase the stored WIFI session in your test iphone and scan the SSID again. Store the credentials.

0 Kudos
mercan
New here
‎Apr 27 2023 4:04 AM
‎Apr 27 2023 4:04 AM

Hello all,

I have the same problem and on acces control page when i select Meraki AP assigned (NAT mode) mode and gave the correct dns the macbook connected and used the internet clearly.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.