Unable to connect any Android Phone running Nougat to the Aerohive access point

  • 1
  • Question
  • Updated 11 months ago
My company is running a large number of access points (Aerohive AP230 HiveOS 6.5R5 Honolulu) and all our android phones can connect with no problems. However as soon as they are upgraded to Nougat they are immediacy unable to connect anymore. Unfortunately more and more android phones are being upgraded to Nougat as google pushes out their system updates. Any help would be appreciated. The symptoms are that once the phone is on Nougat, the authentication always fails.
Photo of William Beilstein

William Beilstein

  • 1 Post
  • 0 Reply Likes

Posted 11 months ago

  • 1
Photo of Carsten Buchenau

Carsten Buchenau, Champ

  • 343 Posts
  • 115 Reply Likes
Can you describe the configured authentication mechanism in detail? What happens when you change it, eg to open?

Can you run the client monitor for one of those nougat phones and post the output here?
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2487 Posts
  • 449 Reply Likes
Hi William,

What is acting as the EAP-terminating RADIUS server for 802.1X authentication? Is it a third-party RADIUS server or the one builtin to Aerohive APs?

We typically see this type of symptom where there is something wrong with the server X.509 certificate or where a broken version of FreeRADIUS is being used that results in bad MPPE keys being returned in the Access-Accept where TLS 1.2 is successfully used by the supplicant with the authentication server yet the TLS 1.0 PRF is incorrectly used by the RADIUS server.

For certificate requirements, see consideration 2 in https://wiki.geant.org/display/H2eduroam/EAP+Server+Certificate+considerations


Photo of Crowdie

Crowdie, Champ

  • 960 Posts
  • 269 Reply Likes
We are experiencing issues with Nougat phones authenticating to Skype for Business.  The same phone model running Marshmallow authenticates successfully.