802.1x Wifi Random Disconnection from Apple devices
-
I have Ubiquiti Unifi AP's that all use my pfsense box as a Radius server (so FreeRadius package). I'm not sure why but only Apple devices are having random disconnections (mostly when they are idle) and these need to re-authenticate (input username and password) again to be able to connect. This does not happen to Android devices at all. Not sure if these logs mean something but here's what I got:
Aug 5 21:21:28 radiusd 16220 Signalled to terminate Aug 5 21:21:28 radiusd 16220 Exiting normally Aug 5 21:21:29 radiusd 81314 Debugger not attached Aug 5 21:21:29 radiusd 82004 [/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT". Aug 5 21:21:29 radiusd 82004 [/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT". Aug 5 21:21:29 radiusd 82004 Loaded virtual server <default> Aug 5 21:21:29 radiusd 82004 Loaded virtual server default Aug 5 21:21:29 radiusd 82004 Ignoring "sql" (see raddb/mods-available/README.rst) Aug 5 21:21:29 radiusd 82004 Ignoring "ldap" (see raddb/mods-available/README.rst) Aug 5 21:21:29 radiusd 82004 Loaded virtual server inner-tunnel-ttls Aug 5 21:21:29 radiusd 82004 Loaded virtual server inner-tunnel-peap Aug 5 21:21:29 radiusd 82004 Ready to process requests Aug 5 21:21:35 radiusd 82004 Signalled to terminate Aug 5 21:21:35 radiusd 82004 Exiting normally Aug 5 21:21:35 radiusd 26856 Debugger not attached Aug 5 21:21:35 radiusd 27181 [/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay" found in filter list for realm "DEFAULT". Aug 5 21:21:35 radiusd 27181 [/usr/local/etc/raddb/mods-config/attr_filter/access_reject]:11 Check item "FreeRADIUS-Response-Delay-USec" found in filter list for realm "DEFAULT". Aug 5 21:21:35 radiusd 27181 Loaded virtual server <default> Aug 5 21:21:35 radiusd 27181 Loaded virtual server default Aug 5 21:21:35 radiusd 27181 Ignoring "sql" (see raddb/mods-available/README.rst) Aug 5 21:21:35 radiusd 27181 Ignoring "ldap" (see raddb/mods-available/README.rst) Aug 5 21:21:35 radiusd 27181 Loaded virtual server inner-tunnel-ttls Aug 5 21:21:35 radiusd 27181 Loaded virtual server inner-tunnel-peap Aug 5 21:21:35 radiusd 27181 Ready to process requests
Can anyone point me to the right direction here? Thanks.
-
Can anyone help me with this please?
-
What versions are the Apple devices running on?
How long has this been an issue btw? -
They're running at iOS 11.4.1 and this started happening when I switched to using RADIUS authentication with pfsense being the FreeRADIUS server.
-
You are using the pfSense's Captive Portal ?
-
I doubt its a pfSense / FreeRadius issue, I have exactly the same setup and everything works fine.
You don't have Fast Roaming enabled on the Wireless Networks page do you ?
I'm also running 11.4.1.
-
@gertjan said in 802.1x Wifi Random Disconnection from Apple devices:
You are using the pfSense's Captive Portal ?
No. I'm using Ubiquiti's captive portal.
@nogbadthebad said in 802.1x Wifi Random Disconnection from Apple devices:
I doubt its a pfSense / FreeRadius issue, I have exactly the same setup and everything works fine.
You don't have Fast Roaming enabled on the Wireless Networks page do you ?
I'm also running 11.4.1.
Right, so I'm at a loss here. And no, I'm not using Fast Roaming for all my three wireless networks. Any more ideas?
-
Do you use the Ubiquity Captive portal and WPA2 Enterprise on the same SSID ?
-
No. I have three networks:
- Guest - with captive portal and open authentication.
- Main - with WPA2 enterprise authentication
- Legacy - with WAP2 personal authentication
-
@kevindd992002 said in 802.1x Wifi Random Disconnection from Apple devices:
No. I have three networks:
- Guest - with captive portal and open authentication.
- Main - with WPA2 enterprise authentication
- Legacy - with WAP2 personal authentication
I'm at a loss too.
Anything in the logs on the UCK ?
-
Don't know anything about "Ubiquiti". (although I heard a lot of good about these devices - have to try one ones)
I do know that the FreeRadius package has some extended log capabilities.
Put them on all, locate them, look at them.
Tell us also how you setup FreeRadius.I'm not aware of the fact that FreeRadius filters out Apple devices to give them a special treatment.
Btw : what do you mean by "Disconnection" : the get disconnected radio-wise (the Wifi carrier) - the portal throws away the firewall rules related to the Apple device ?
Note : not that it matters, and just a slightly helpful : I'm using FreeRaduis and the pfSense captive portal, and some pretty dumb "wire to radio converters" (== stupid no brain AP's that is)
It works soooooooooooooooooooooooooo good ;) -
https://community.ubnt.com/t5/UniFi-Wireless/Random-disconnects-Apple-devices-on-802-1x/td-p/2456271
-
@nogbadthebad said in 802.1x Wifi Random Disconnection from Apple devices:
https://community.ubnt.com/t5/UniFi-Wireless/Random-disconnects-Apple-devices-on-802-1x/td-p/2456271
Thank you for this!!! I feel stupid I didn't find this discussion :)
EDIT: In my defense, it's a new thread, lol.