Unable to connect any Android Phone running Nougat to the Aerohive access point

  • 1
  • Question
  • Updated 1 year ago
My company is running a large number of access points (Aerohive AP230 HiveOS 6.5R5 Honolulu) and all our android phones can connect with no problems. However as soon as they are upgraded to Nougat they are immediacy unable to connect anymore. Unfortunately more and more android phones are being upgraded to Nougat as google pushes out their system updates. Any help would be appreciated. The symptoms are that once the phone is on Nougat, the authentication always fails.
Photo of William Beilstein

William Beilstein

  • 1 Post
  • 0 Reply Likes

Posted 1 year ago

  • 1
Photo of Carsten Buchenau

Carsten Buchenau, Champ

  • 356 Posts
  • 117 Reply Likes
Can you describe the configured authentication mechanism in detail? What happens when you change it, eg to open?

Can you run the client monitor for one of those nougat phones and post the output here?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
Hi William,

What is acting as the EAP-terminating RADIUS server for 802.1X authentication? Is it a third-party RADIUS server or the one builtin to Aerohive APs?

We typically see this type of symptom where there is something wrong with the server X.509 certificate or where a broken version of FreeRADIUS is being used that results in bad MPPE keys being returned in the Access-Accept where TLS 1.2 is successfully used by the supplicant with the authentication server yet the TLS 1.0 PRF is incorrectly used by the RADIUS server.

For certificate requirements, see consideration 2 in https://wiki.geant.org/display/H2eduroam/EAP+Server+Certificate+considerations

Thanks,

Nick
(Edited)
Photo of Crowdie

Crowdie, Champ

  • 972 Posts
  • 272 Reply Likes
We are experiencing issues with Nougat phones authenticating to Skype for Business.  The same phone model running Marshmallow authenticates successfully.