Playstation 4 on PPSK

  • 3
  • Question
  • Updated 7 months ago
I have deployed AP250s to my campus office spaces and have begun rolling out AP130s to my dorms. I have 3 SSIDs with differing authentication
  • 802.1x
  • PSK with WPA2 Personal
  • PPSK with WPA2 Personal
I am phasing out the PSK and pushing those users to the other two. Most users have had no trouble attaching to either of them (the PPSK is for headless devices) but there is a major issue with Playstation 4s. They connect to the PSK network with no trouble, but the PPSK network will not connect. They get a please wait and eventually get "cannot connect to wifi network within the time limit" They are running the newest (v4.55) version of the PayStation system software and the APs are running 7.1r1 and 8.0r1.  I am having a student bring his PlayStation to the IT offices to try to connect to an AP250 to see if that is any different. 

Does anyone have a similar experience? 
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
  • frustrated

Posted 1 year ago

  • 3
Photo of Todd Lemons

Todd Lemons

  • 6 Posts
  • 0 Reply Likes
My Aerohive engineer advised me not to run r1 feature releases as they are not always stable.  Might try
6.5r7
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
I will try to revert those particular ones to their golden version and see if that makes a difference.
Photo of Brian Powers

Brian Powers, Champ

  • 396 Posts
  • 92 Reply Likes
Older post here, but you don't look to be alone.

https://community.aerohive.com/aerohive/topics/interesting-problem-with-a-playstation-4-joining-an-a...

May be worth trying a few of the fixes mentioned in there.

A packet capture and/or a show log buff of an AP at the time of the PS4s attempted assoc/auth would indeed be interesting.
Photo of Bill W.

Bill W.

  • 222 Posts
  • 35 Reply Likes
AP250s do not support 6.5r7 (they do not support any 6.5 releases). So if you wanted to downgrade, it would be to 7.0r2
Photo of Terence Fleming ThinkWireless

Terence Fleming ThinkWireless, Champ

  • 79 Posts
  • 27 Reply Likes
I would also suggest that you run the Client Monitor tool against the MAC address of the Playstation when it is attempting to authenticate, in case that gives you additional insights.

Post the results here and we may be able to assist you to interpret the results
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
The session goes like this.

Rx auth <open> (frame 1, rssi -67dB)
Tx auth <open> (frame 2, status 0, pwr 16dBm)
Rx assoc req (rssi -67dB)
Tx assoc resp <accept> (status 0, pwr 16dBm)
WPA-PSK auth is starting (at if=wifi0.3)
Sending 1/4 msg of 4-Way Handshake (at if=wifi0.3)
Received 2/4 msg of 4-Way Handshake (at if=wifi0.3)
Sending 3/4 msg of 4-Way Handshake (at if=wifi0.3)
Received 4/4 msg of 4-Way Handshake (at if=wifi0.3)
PTK is set (at if=wifi0.3)
Authentication is successfully finished (at if=wifi0.3)
Sta(at if=wifi0.3) is de-authenticated because of notification of driver
Photo of Terence Fleming ThinkWireless

Terence Fleming ThinkWireless, Champ

  • 79 Posts
  • 27 Reply Likes
So the good news is that it's not a password problem, otherwise it would have failed at msg 2/4.  (We have seen some residential grade devices that cannot cope with long passwords).  The bad news is that if the device gives up having made it all the way through the authentication stage, something more tricky is going on and you are likely in the domain of wireless packet captures and the other suggestions in this post.
Photo of FPUAH

FPUAH

  • 8 Posts
  • 1 Reply Like
We are experiencing the same issue with PS4s regarding PPSK. I've run a client monitor with the same results as OP with the device driver de-authenticating at the end. Has there been any progress on this?
Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
Some Linux builds don't support PPSK so you may be experiencing this issue.
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
Oh gosh, I hope not. PPSK was supposed to get me out of the MAC address registration business.
Photo of Jonas Mellander

Jonas Mellander, Systems Engineer, Nordics and Baltics

  • 8 Posts
  • 0 Reply Likes
@Johnny Matthews, @FPUAH, have you gotten any further with this? If not, could you please try and make a capture of this (either using an external AP (AP not servicing the PS4), or if you have access to a Macbook, download AirTools, and it will make it very simple to capture packets.
Then make a capture on the right channel and channel width and supply the MAC of the station as well as the PPSK used. Email me at jmellander at aerohive dot com. If you wouldn't mind, please also make an equivalent capture of the PS4 connecting to a WPA2-PSK SSID, and supply the same details. This way there are chances that I can figure out what's happening. Thanks.
(Edited)
Photo of FPUAH

FPUAH

  • 8 Posts
  • 1 Reply Like
@Jonas Mellander. I'm working with a student trying to nail down a time to work with the PlayStation 4. It might be a while before I can get some captures, but thank you for the reply.
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
I'm having a student try the idea by Patrick below. If that doesn't work, he is going to bring in his PS4 to do some testing. I'll keep you posted.
Photo of Patrick Spencer

Patrick Spencer

  • 26 Posts
  • 4 Reply Likes
We had the same problem with only the PSP4, as older PSP's worked fine.

It turned out it wasn't a Aerohive issue but a problem in the PSP4 network setup.

First of all check your router settings on DNS and most important is the MTU size 1500. Then manual setup the PSP4 network setup with the following input:
  • IP, subnet and gateway info
  • DNS to 8.8.8.8 and 8.8.4.4
  • MTU size down to 1380 (!!!!!!!!!!!)
And than you should be good to go. It solved our problems with the PSP4.
(Edited)
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
I'm having one of my student workers try this to see if it helps. Thanks!
Photo of Jonas Mellander

Jonas Mellander, Systems Engineer, Nordics and Baltics

  • 8 Posts
  • 0 Reply Likes
OK, I've managed to get a hold of a PS4 as well (or tomorrow rather) so I will be doing some tests of my own. I'll keep you posted.
Photo of FPUAH

FPUAH

  • 8 Posts
  • 1 Reply Like
Guys, thank you for looking into this. I'm trying to schedule a time with one of our students in their dorm room so we can also try changing the MTU of the PlayStation 4.

When setting the MTU does it also necessitate a static IP on the PlayStation 4? Any work around that necessitates a static IP wouldn't be usable in our environment. 
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
Jonas, if you need to see the configurations that are failing, let me know and I can certainly let you look at my SSID settings.  
Photo of Jonas Mellander

Jonas Mellander, Systems Engineer, Nordics and Baltics

  • 8 Posts
  • 0 Reply Likes
We now have a bug (aka CFD) filed for this issue. I've gathered proper logs of the issue, and it seems the AP (AP250 with 8.1r1 in my case, as filing bugs is always easier off of the latest code) is eating the DHCP frames when you have multiple user profiles (regardless of if they map to different VLANs or not). They simply do not come out on the ethernet side. We're trying to identify what is triggering this bug. One theory I have (and this is just an observation by myself, not support nor engineering yet) relates to the Option 60, where the PS4 has a trailing 0x00 byte for unknown reasons. Not sure if this causes something.
I also tested with modifying the MTU to 1380 as suggested, but that had no impact (and it does not affect what the DHCP Discover frame looks like).
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
After hand registering 80+ PS4's MAC addresses in the last couple weeks, I'll be really happy if this got pushed through. We are running on 8.0r1 but have been trying to keep up with the newest version, so that is not a problem.
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
That's good news! For your bug report, this behaviour also happens on an AP130.
Photo of FPUAH

FPUAH

  • 8 Posts
  • 1 Reply Like
Thank you Jonas for all of your hard work! We're experiencing the issue on AP121, AP130, AP230, and (probably) AP1130 as well. I've been working with support on this issue for about 3 weeks. I'll try to direct their attention to this thread. 
(Edited)
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi FPUAH,

I have updated your support case with the latest information.

Thanks,

Nick
(Edited)
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi Johnny,

I have cloned your original support case and reached out to you requesting more data to help us progress this.

Thanks,

Nick
Photo of Jonas Mellander

Jonas Mellander, Systems Engineer, Nordics and Baltics

  • 8 Posts
  • 0 Reply Likes
This issue is now confirmed as a defect. Thanks to Nick for pulling things together.

The root cause of the issue is that the DHCP-Request packets sent by the PS4 does not include a Parameter Request List (55) option. When OS detection by DHCP is enabled and user profile reassignment is also configured, these DHCP Discover packets are dropped.

The potential workarounds that we have identified are:

1) Ensure that user profile reassignment is not present in the config.
2) Else, if user profile reassignment needs to be enabled, disable OS detection via "no os-detection enable".

Note that disabling OS detection is a global parameter (per Network Policy), so disabling it will do so on all SSIDs on the APs in question.

The issue will likely get a fix in future HiveOS releases (both version 6.5rX for legacy APs and the version 8-train for current APs).
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
Thanks for digging into this. To be clear, do I enable Management Options under Network Service and disable OS Detection on that screen? Do I need to to anything else?
Photo of Jonas Mellander

Jonas Mellander, Systems Engineer, Nordics and Baltics

  • 8 Posts
  • 0 Reply Likes
Yes, I believe that should be it. I've not been able to test it as I don't have access to the PS4 that I used for my testing last week.
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
Ok, I'm having some students test these changes. I need to keep profile assignment as everything is based on that currently, but I can live without OS detection until a fix comes out.
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi Johnny,

Thank you for the information. Please provide feedback in the support case too with regards to the outcome of this.

Regards,

Nick
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi all,

As Jonas mentions, we have isolated this issue to a root cause and are tracking and handling it internally as CFD-2761.

Thanks,

Nick
(Edited)
Photo of Bob - Aero

Bob - Aero

  • 2 Posts
  • 0 Reply Likes
Is there any update on this ticket or any way I can follow this?

Unfortunately the workaround presented above didn't work for me.
Tried this on a AP130 with firmware 6.5r8b and the last available today.

Using Default-user profile and also tried disabling OS detection.
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi Bob.

The workaround should work. It it does not, it is likely you are encountering a different issue. I suggest reviewing the running configuration to confirm if the workaround has applied properly.

The fix for the PS4 interoperability issue for the HiveOS 6.5rX branch will come with HiveOS 6.5r9 and will be documented in the release notes.

Thanks,

Nick
Photo of Bob - Aero

Bob - Aero

  • 2 Posts
  • 0 Reply Likes

Hi Nick,

Thanks for the reply.

In running-config i see the line: no os-detection enable
If I remove the policy shown in the attachment, this line is removed (so it does apply)

Funny thing, when I first connect to my Ziggo modem (samen network different SSID) and then connect to the Aerohive SSID, everything works fine.


Photo of Malcolm Snelgrove

Malcolm Snelgrove

  • 21 Posts
  • 2 Reply Likes
I also ran into this issue, confirmed and tested with a PS4 and turning off the OS detection. I also tested with modifying the MTU to 1380 as someone suggested above, but that had no effect.

I do have the multiple user profile settings, assigning them based on the authentication. I don't want to touch that as it also assigns the VLANS. Looks like I need to leave OS Detection off until the new HiveOS releases?
Not quite sure what the "user profile re-assignment" is though.
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi Malcolm,

The issue is resolved in HiveOS 8.2r1, if you have APs capable of running this branch of HiveOS you could look to update to this release.

The issue will be resolved with the forthcoming HiveOS 6.5r9

Thanks,

Nick
Photo of Johnny Matthews

Johnny Matthews

  • 34 Posts
  • 2 Reply Likes
We have updated and will try turning OS detection back on.
Photo of Doug

Doug

  • 14 Posts
  • 0 Reply Likes
Thanks for the information Johnny.