This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM Problems

Is anyone else having problems connecting to a Wi-Fi network that uses Sophos UTM web authentication portal from iOS 11. Where the iOS 11 client will connect and get a DHCP lease but then about a second later the connection will drop.



This thread was automatically locked due to age.
  • Hi Nicholas,

    Can you please show us loglines from the aua.log and wireless.log?

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Does the wifi login use a commercial certificate or a self-signed certificate?

  • i've got the same problem. It seems the web filter module doesn't recognise ios11 as ios in device specific authentication. Turning off web filtering, turning off block access on authentication failure (or exempt the device from webfiltering) seems to be a working workaround.

  • I run into the same problem. Excepting the iOS 11 device from webfiltering authentification resolves the problem.

    At the moment we are on utm version 9.502-4. Is the issue fixed in 9.503-4.

    Does the problem exists with a commercial certificate? At the moment we are using a self-signed certificate.

  • A client we are assisting with this same issue let us know that since IOS 11 the problem as described by Sachingurung started happening.

    I checked the wireless log and found this:

     

    2017:10:18-13:34:25 192.168.4.3 hostapd: wlan1: STA "MAC ADDRESS" IEEE 802.11: authenticated
    2017:10:18-13:34:25 192.168.4.3 awelogger[27278]: id="4103" severity="info" sys="System" sub="WiFi" name="STA authentication" ssid="Company" ssid_id="WLAN1.0" bssid="MAC ADDRESS" sta="MAC ADDRESS" status_code="0"
    2017:10:18-13:34:25 192.168.4.3 awelogger[27278]: id="4104" severity="info" sys="System" sub="WiFi" name="STA association" ssid="Company" ssid_id="WLAN1.0" bssid="MAC ADDRESS" sta="MAC ADDRESS" status_code="0"
    2017:10:18-13:34:25 192.168.4.3 hostapd: wlan1: STA MAC ADDRESS IEEE 802.11: associated (aid 2)
    2017:10:18-13:34:25 192.168.4.3 hostapd: wlan1: STA 7MAC ADDRESS WPA: pairwise key handshake completed (RSN)
    2017:10:18-13:34:25 192.168.4.3 awelogger[27278]: id="4101" severity="info" sys="System" sub="WiFi" name="STA connected" ssid="Company" ssid_id="WLAN1.0" bssid="MAC ADDRESS" sta="MAC ADDRESS"
    2017:10:18-13:34:31 192.168.4.3 hostapd: wlan1: STA MAC ADDRESS IEEE 802.11: disassociated
    2017:10:18-13:34:31 192.168.4.3 awelogger[27278]: id="4102" severity="info" sys="System" sub="WiFi" name="STA disconnected" ssid="Company" ssid_id="WLAN1.0" bssid="MAC ADDRESS" sta="MAC ADDRESS"
    2017:10:18-13:34:32 192.168.4.3 hostapd: wlan1: STA MAC ADDRESS IEEE 802.11: deauthenticated due to inactivity (timer DEAUTH/REMOVE)

     

    Hope this helps

  • Access the UTM via SSH and login as root. Restart awed services by executing:

    /var/mdw/scripts/awed restart

    Also, show me the access point settings, may be changing the country could help. 

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Last weekend we updated to version 9.504-1. After the update or the restart connection seems to be stable now.

    Access Points are configured for Germany.