This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

iOS 11

Hi,

 

My college uses a captive portal web based authentication system on a Sophos UTM on their Wi-Fi. Since updating to iOS 11 when I connect it connects for a few seconds and gets a DHCP lease and then the connection just drops. Before I have a chance to login. They were able to reproduce the issue and said it's an iOS 11 issue then and I'd just have to wait for Apple to fix the bug. I don't think they're going to raise it with Apple or Sophos.

 

Has anyone had issues like this? I'd appreciate any input.



This thread was automatically locked due to age.
Parents
  • We are experiencing exactly the same issue at multiple sites. All sites have Sophos SG430 UTMs with firmware 9.503-4.

    We have a Ruckus wireless and various WLANs for teachers, students and guests. Students connect to a password protected WLAN (WPA2 and TKIP+AES) and then connect to the internet via the Sophos captive portal authenticated via Active Directory.

    Students are able to connect to the WLAN but then the connection drops. A workaround is to set the proxy to automatic which by default is set to off in iOS11. Once this is set to automatic the wifi connection remains but after launching a browser students are not presented with the Sophos captive portal and they are unable to browse the internet.

    I will report this issue to Sophos support and provide some feedback.

  • My family members report that this is a global problem with ios11, and that it affects every type of wifi.  I do not think UTzM can work around it.

  • I think there is also a Problem with the Device-Specific Authentication in Web Filtering. If you set Exceptions for iOS and use a Default Authentication - ios Devices get the Authentication Pop-Ups.

  • DouglasFoster said:

    My family members report that this is a global problem with ios11, and that it affects every type of wifi.  I do not think UTzM can work around it.

     

     

    It is a global problem but Apple seems to be ignoring it as it was feedbacked during beta testing iOS11 in Apple's forums and every once in a while I'll be at a place and someone says to the person behind a counter "I can't connect to your wifi..." and the response is "Did you recently update your Apple phone?" to which they say "Yes..."

    Things our location has tried:

    • switching from an open network with Sophos authentication to a password protected network with Sophos authentication
    • Disabling WPA / TKIP and going with WPA2 / AES
    • Emailing the Sophos certificate to the end-user and installing it
    • Ensuring the certificate is trusted in the certificate store (doesn't usually happen automatically, found in settings General | About | Certificate Trust Settings

    I don't know what aspect of the experience is affecting iOS users but I believe it's tied to the web authentication.

    Edit: I should add that once the certificate is installed and trusted the situation is permanently resolved with iOS 11.0. Sorry, I left that out. But if you don't have the certificate on the system already you can't get the authentication prompt and iOS boots you off before you can bring it up.

Reply
  • DouglasFoster said:

    My family members report that this is a global problem with ios11, and that it affects every type of wifi.  I do not think UTzM can work around it.

     

     

    It is a global problem but Apple seems to be ignoring it as it was feedbacked during beta testing iOS11 in Apple's forums and every once in a while I'll be at a place and someone says to the person behind a counter "I can't connect to your wifi..." and the response is "Did you recently update your Apple phone?" to which they say "Yes..."

    Things our location has tried:

    • switching from an open network with Sophos authentication to a password protected network with Sophos authentication
    • Disabling WPA / TKIP and going with WPA2 / AES
    • Emailing the Sophos certificate to the end-user and installing it
    • Ensuring the certificate is trusted in the certificate store (doesn't usually happen automatically, found in settings General | About | Certificate Trust Settings

    I don't know what aspect of the experience is affecting iOS users but I believe it's tied to the web authentication.

    Edit: I should add that once the certificate is installed and trusted the situation is permanently resolved with iOS 11.0. Sorry, I left that out. But if you don't have the certificate on the system already you can't get the authentication prompt and iOS boots you off before you can bring it up.

Children
  • I'm not 100% yet, but I might of just ran into this issue as well.  Students can connect to the SSID and get a DHCP address, but they get no where.  I'm just waiting for details on whether or not the troublesome devices are running iOS 11.

    The web filter is just setup in Transparent Mode and URL filtering only for SSL.