iOS unable to connect to AP in repeater mode with WPA2 Enterprise

Solved
jrhop
Getting noticed

iOS unable to connect to AP in repeater mode with WPA2 Enterprise

Hi,

 

We have several APs setup as gateway's, as a test I set one up as a repeater, which is connected fine through a gateway AP nearby. The network is setup with an SSID and WPA2 Enterprise, authentication is handled with NPS server, this all works fine on the gateway APs, I can connect and roam etc, no problem. With the repeater AP I can connect fine with a windows 10 laptop, however when I try with an iPhone (iOS 11.2.5) it will not connect, it just tries to connect, then retries. Connecting the iPhone to a gateway AP works fine, connect instantly.

 

If I do a RADIUS test it passes fine on all APs, and in the event log for the repeater AP the EAP/Radius shows as a success.

 

Has anyone else experienced this issue with iOS/iPhones connecting to repeater APs with WPA2 enterprise?

 

Thanks in advance.

1 Accepted Solution
jrhop
Getting noticed

OK, so looks like changing 802.11r to Adaptive has fixed it. We didnt have any issues with it set to enabled with Gateway APs, only on mesh repeater APs. The main reason we had it set to enabled rather than Adaptive was because Adaptive is only supported on iPhone 6s and above (https://support.apple.com/en-gb/HT202628), we have several iPhone 6 devices in our environment, which can now no longer make use of this roaming feature. But at least they are now able to connect.

 

Not sure if this is a side effect of 802.11r enabled mode or a bug with Meraki.

View solution in original post

5 Replies 5
MilesMeraki
Head in the Cloud

I've not had any problems, What version of firmware are you running on your MR's? 

 

Do you currently have WPA and WPA2 encryption enabled on the SSID? Wireless>Access Control>Encryption mode, if set to WPA and WPA2, change this to WPA2, save and re-try.

 

If you're still having problems it's probably best to get on the phone with Meraki support who will be able to help troubleshoot with you in real-time by taking packet captures of the authentication process. 

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
PhilipDAth
Kind of a big deal
Kind of a big deal

I have not tried that exact scenario but like @MilesMeraki I have not had any issues.  I would try 25.9 if you are not using it already.

MerakiDave
Meraki Employee
Meraki Employee

Agreed could be firmware, maybe try 25.9 (Stable Release Candidate) as @PhilipDAth suggested and also check your 802.11r setting, as a test if it's already enabled try adaptive instead.  Like @MilesMeraki said probably worth opening a case, probably best to call in so you can do some live troubleshooting and connect an iOS device to the repeater AP while they run some pcaps.

jrhop
Getting noticed

Hi all,

 

Thanks for the replies! Forgot to say we are running 25.9. We do have 802.11r on in Enabled mode, will try Adaptive and see if its any better for iOS devices. We have a case open with Meraki now, so will continue down that route.

 

 

jrhop
Getting noticed

OK, so looks like changing 802.11r to Adaptive has fixed it. We didnt have any issues with it set to enabled with Gateway APs, only on mesh repeater APs. The main reason we had it set to enabled rather than Adaptive was because Adaptive is only supported on iPhone 6s and above (https://support.apple.com/en-gb/HT202628), we have several iPhone 6 devices in our environment, which can now no longer make use of this roaming feature. But at least they are now able to connect.

 

Not sure if this is a side effect of 802.11r enabled mode or a bug with Meraki.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels