We just wrapped up a week's worth of troubleshooting with Aruba TAC and a group of Aruba developers to troubleshoot a similar issue. They ultimately recommended we disable blacklisting clients for “Arp Spoof”. They did not correlate the issue related to the iOS update, though. I still have the case open, and will pass along the message. We are also seeing users complaining of their Windows 10 devices intermittently not connecting to an SSID after waking from sleep mode. We are still investigating that issue.
We have an MM/MC dual 7220 Cluster running 8.5.0.9 / AP300,AP500 series Deployed. Thanks, Nick Rauer Manager of Networking and Telecommunications Wheaton College – Massachusetts From: The EDUCAUSE Wireless Issues Community Group Listserv [mailto:WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU] On Behalf Of Michael Hulko Sent: Monday, September 21, 2020 1:10 PM To: WIRELESS-LAN@LISTSERV.EDUCAUSE.EDU Subject: Re: [WIRELESS-LAN] iOS 14 Causing ARP Spoofing Events on Aruba Controllers Yup.. we had to disable the “Arp Spoof” settings in the IDS profiles. We have other irons in the fire so we are not able to do much to investigate this issue at this time. M From: The EDUCAUSE Wireless Issues Community Group Listserv <WIRELESS-LAN@listserv.educause.edu <mailto:WIRELESS-LAN@listserv.educause.edu> > on behalf of "McClintic, Thomas" <thomas.mcclin...@uth.tmc.edu <mailto:thomas.mcclin...@uth.tmc.edu> > Reply-To: The EDUCAUSE Wireless Issues Community Group Listserv <WIRELESS-LAN@listserv.educause.edu <mailto:WIRELESS-LAN@listserv.educause.edu> > Date: Friday, September 18, 2020 at 11:46 AM To: "WIRELESS-LAN@listserv.educause.edu <mailto:WIRELESS-LAN@listserv.educause.edu> " <WIRELESS-LAN@listserv.educause.edu <mailto:WIRELESS-LAN@listserv.educause.edu> > Subject: [WIRELESS-LAN] iOS 14 Causing ARP Spoofing Events on Aruba Controllers We have begun seeing an impact with iOS 14 on our various SSIDs with ARP Spoofing events. We had not seen an event this year until July 9th (the date beta was released). There has been a large increase since the 16th of the events. The events seem to occur randomly as we are starting to troubleshoot. They still occur even when clients disable the privacy setting for the network. Since our blacklist interval is set to 30 minutes this is causing an interruption of service when it occurs. Has anyone else seen similar events? I have opened a TAC case to assist. Thanks TJ McClintic UTHealth | The University of Texas Health Science Center at Houston Houston’s Health University Communications Technology | Network Operations 7000 Fannin | Suite M60 | Houston, TX 77030 713.486.9269 netops | 713.486.2271 office ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
