This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9.4, WPA2 Personal and unexpected 802.1X authentication requests

In the last few weeks (I'm almost certain it was after 9.4 firmware was installed), I've been noticing more and more of our users with authentication issues on wireless. We run a mostly Mac environment so have not seen the issue presented on a Windows machine nor have I been notified about any phones being affected.

We are running 4 SSID's off our AP's (mixture of AP55C and 100C). All are running AES WPA2 Personal encryption. On Mac OS X computers, running 10.8 or less (confirmed on 10.5, 10.6, 10.7 and 10.8), it seems that 3 SSID's are asking for 802.1X authentication when trying to connect. The other does not. We don't have a RADIUS server set up, we aren't using WPA2 Enterprise anywhere and I've even tried changing a couple of the less critical SSIDs encryption and bandwidth types to no avail. There doesn't seem to be anything different at all between the 1 SSID that does work and the other 3 that don't... it just leaves me scratching my head. 

[Update]: I played around after hours and re-set the encryption method of our primary SSID and now it doesn't ask for 802.1X authentication and allows my test client to connect fine (will check the others when they return to work). Unfortunately, the other 2 SSIDs still don't want to work right. The difference now is, the 2 that do work are both bridging to VLAN's and are getting static DHCP mappings off an AD server. The 2 that don't are running as "Separate Zone" and utilising DHCP servers on the UTM itself with dynamic ip assignments. 

Has anyone else encountered this with 9.4? Any chance you were able to fix it at all? 



This thread was automatically locked due to age.
  • Hi Jeremy,

    What happen when the user faces authentication issue with wireless ? Is he able to log in or is the connected client disconnected intermittently? Can you please post wireless.log for a particular MAC address which is facing issue during the authentication.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.