Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    802.1x Wifi Random Disconnection from Apple devices

    Scheduled Pinned Locked Moved pfSense Packages
    13 Posts 4 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kevindd992002
      last edited by kevindd992002

      I have Ubiquiti Unifi AP's that all use my pfsense box as a Radius server (so FreeRadius package). I'm not sure why but only Apple devices are having random disconnections (mostly when they are idle) and these need to re-authenticate (input username and password) again to be able to connect. This does not happen to Android devices at all. Not sure if these logs mean something but here's what I got:

      Aug 5 21:21:28 	radiusd 	16220 	Signalled to terminate
Aug 5 21:21:28 	radiusd 	16220 	Exiting normally
Aug 5 21:21:29 	radiusd 	81314 	Debugger not attached
Aug 5 21:21:29 	radiusd 	82004 	[/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT".
Aug 5 21:21:29 	radiusd 	82004 	[/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT".
Aug 5 21:21:29 	radiusd 	82004 	Loaded virtual server <default>
Aug 5 21:21:29 	radiusd 	82004 	Loaded virtual server default
Aug 5 21:21:29 	radiusd 	82004 	Ignoring "sql" (see raddb/mods-available/README.rst)
Aug 5 21:21:29 	radiusd 	82004 	Ignoring "ldap" (see raddb/mods-available/README.rst)
Aug 5 21:21:29 	radiusd 	82004 	Loaded virtual server inner-tunnel-ttls
Aug 5 21:21:29 	radiusd 	82004 	Loaded virtual server inner-tunnel-peap
Aug 5 21:21:29 	radiusd 	82004 	Ready to process requests
Aug 5 21:21:35 	radiusd 	82004 	Signalled to terminate
Aug 5 21:21:35 	radiusd 	82004 	Exiting normally
Aug 5 21:21:35 	radiusd 	26856 	Debugger not attached
Aug 5 21:21:35 	radiusd 	27181 	[/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT".
Aug 5 21:21:35 	radiusd 	27181 	[/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT".
Aug 5 21:21:35 	radiusd 	27181 	Loaded virtual server <default>
Aug 5 21:21:35 	radiusd 	27181 	Loaded virtual server default
Aug 5 21:21:35 	radiusd 	27181 	Ignoring "sql" (see raddb/mods-available/README.rst)
Aug 5 21:21:35 	radiusd 	27181 	Ignoring "ldap" (see raddb/mods-available/README.rst)
Aug 5 21:21:35 	radiusd 	27181 	Loaded virtual server inner-tunnel-ttls
Aug 5 21:21:35 	radiusd 	27181 	Loaded virtual server inner-tunnel-peap
Aug 5 21:21:35 	radiusd 	27181 	Ready to process requests

      Can anyone point me to the right direction here? Thanks.

      1 Reply Last reply Reply Quote 0
      • K
        kevindd992002
        last edited by

        Can anyone help me with this please?

        1 Reply Last reply Reply Quote 0
        • ?
          A Former User
          last edited by

          What versions are the Apple devices running on?
          How long has this been an issue btw?

          1 Reply Last reply Reply Quote 0
          • K
            kevindd992002
            last edited by

            They're running at iOS 11.4.1 and this started happening when I switched to using RADIUS authentication with pfsense being the FreeRADIUS server.

            1 Reply Last reply Reply Quote 0
            • GertjanG
              Gertjan
              last edited by

              You are using the pfSense's Captive Portal ?

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              K 1 Reply Last reply Reply Quote 0
              • NogBadTheBadN
                NogBadTheBad
                last edited by

                I doubt its a pfSense / FreeRadius issue, I have exactly the same setup and everything works fine.

                You don't have Fast Roaming enabled on the Wireless Networks page do you ?

                I'm also running 11.4.1.

                Andy

                1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                1 Reply Last reply Reply Quote 0
                • K
                  kevindd992002 @Gertjan
                  last edited by

                  @gertjan said in 802.1x Wifi Random Disconnection from Apple devices:

                  You are using the pfSense's Captive Portal ?

                  No. I'm using Ubiquiti's captive portal.

                  @nogbadthebad said in 802.1x Wifi Random Disconnection from Apple devices:

                  I doubt its a pfSense / FreeRadius issue, I have exactly the same setup and everything works fine.

                  You don't have Fast Roaming enabled on the Wireless Networks page do you ?

                  I'm also running 11.4.1.

                  Right, so I'm at a loss here. And no, I'm not using Fast Roaming for all my three wireless networks. Any more ideas?

                  NogBadTheBadN 1 Reply Last reply Reply Quote 0
                  • NogBadTheBadN
                    NogBadTheBad @kevindd992002
                    last edited by

                    @kevindd992002

                    Do you use the Ubiquity Captive portal and WPA2 Enterprise on the same SSID ?

                    Andy

                    1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                    K 1 Reply Last reply Reply Quote 0
                    • K
                      kevindd992002 @NogBadTheBad
                      last edited by

                      @nogbadthebad

                      No. I have three networks:

                      1. Guest - with captive portal and open authentication.
                      2. Main - with WPA2 enterprise authentication
                      3. Legacy - with WAP2 personal authentication
                      NogBadTheBadN 1 Reply Last reply Reply Quote 0
                      • NogBadTheBadN
                        NogBadTheBad @kevindd992002
                        last edited by

                        @kevindd992002 said in 802.1x Wifi Random Disconnection from Apple devices:

                        @nogbadthebad

                        No. I have three networks:

                        1. Guest - with captive portal and open authentication.
                        2. Main - with WPA2 enterprise authentication
                        3. Legacy - with WAP2 personal authentication

                        I'm at a loss too.

                        Anything in the logs on the UCK ?

                        Andy

                        1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                        1 Reply Last reply Reply Quote 0
                        • GertjanG
                          Gertjan
                          last edited by Gertjan

                          Don't know anything about "Ubiquiti". (although I heard a lot of good about these devices - have to try one ones)
                          I do know that the FreeRadius package has some extended log capabilities.
                          Put them on all, locate them, look at them.
                          Tell us also how you setup FreeRadius.

                          I'm not aware of the fact that FreeRadius filters out Apple devices to give them a special treatment.

                          Btw : what do you mean by "Disconnection" : the get disconnected radio-wise (the Wifi carrier) - the portal throws away the firewall rules related to the Apple device ?

                          Note : not that it matters, and just a slightly helpful : I'm using FreeRaduis and the pfSense captive portal, and some pretty dumb "wire to radio converters" (== stupid no brain AP's that is)
                          It works soooooooooooooooooooooooooo good ;)

                          No "help me" PM's please. Use the forum, the community will thank you.
                          Edit : and where are the logs ??

                          1 Reply Last reply Reply Quote 0
                          • NogBadTheBadN
                            NogBadTheBad
                            last edited by

                            https://community.ubnt.com/t5/UniFi-Wireless/Random-disconnects-Apple-devices-on-802-1x/td-p/2456271

                            Andy

                            1 x Netgate SG-4860 - 3 x Linksys LGS308P - 1 x Aruba InstantOn AP22

                            K 1 Reply Last reply Reply Quote 0
                            • K
                              kevindd992002 @NogBadTheBad
                              last edited by kevindd992002

                              @nogbadthebad said in 802.1x Wifi Random Disconnection from Apple devices:

                              https://community.ubnt.com/t5/UniFi-Wireless/Random-disconnects-Apple-devices-on-802-1x/td-p/2456271

                              Thank you for this!!! I feel stupid I didn't find this discussion :)

                              EDIT: In my defense, it's a new thread, lol.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.