WPA3 + Fast Roaming = No Roaming ?
WPA3 + Fast Roaming = No Roaming ?
Hello,
I try to setup my new Omada Network (1 eap650 on one building and 2 eap610 on another building), and i noticed with https://developer.apple.com/bug-reporting/profiles-and-logs/ i don't have fast roaming with WPA3 Personal. Buildings are separated in two sites in omada system
SSID with good fast roaming:
And the SSID with roaming problem:
PS : 802.11r unchecked here for testing, cuz I have the issue described here with this checkbox checked
On the WPA3 ssid, when i am connected to 2.4 Ghz and i come into 5Ghz -70 dBm or higher range, nothing happen. The otherway is the same, go out of 5ghz range just disconnect the phone
On the WPA2 SSID, when i am connected to 5 Ghz and i come to -70 dBm or lower signal strenght, my phone switch to 2.4 Ghz, and when i come back, my phone switch back around 15/20sec later.
I have issue on multi ap building too, the roaming happen when the iphone lost signal from its current AP for the problematic SSID, and for the other SSID in WPA2, all is fine.
PS1 : Advanced site settings
Same for 5Ghz
Thanks for your help
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Reps are recommending turning off 802.11r as fix\workaround for roaming problems so they definitely know it's an issue. Hopefully that means it'll be addressed sooner rather than later but luckily in my environment at least having it off isn't a big deal - but I'd still like to have it on and working right again.
I've updated to the lastest official Controller firmware the other day (5.14.26.x) but haven't tested it. My guess is that this release is too soon for a fix.
- Copy Link
- Report Inappropriate Content
My case is a little more problematic, I am an IT manager at a university, we have implemented almost 300 AP 610 v3, we are having problems with roaming and constant WiFi drops on the iPhone, regardless of the version.
removing 802.11r roaming doesn't work, what seems to happen is that the ap shuts down on you and you connect to another ap, there is no transparent roaming because the section drops.
I'm having a problem because I have more than 1000 users per day, not to mention the countless authentication errors, since we use radius.
errors like this:
[Falhou]00-00-00-00-00-00 failed to connected to 230279 - Sala Gonda with SSID "eduroam" on channel 157 because WPA Authentication failed.(1 time in the last minute)
[Failed]POCO-X6-5G failed to connected to 230213 - PoP-RNP with SSID "eduroam" on channel 149 because WPA Authentication failed.(1 time in the last minute)
- Copy Link
- Report Inappropriate Content
@estevaodb hello
do you activated fast roaming, it is needed for roaming correctly on my side 4 ap and only 802.11kv activated and 802.11r activated for wpa2 and for wpa3 802.11r disabled
- Copy Link
- Report Inappropriate Content
Hi,
For good roaming experience you must turn off 802.11r, or at least in 99% of the cases.
The IEEE 802.11r standard is not being implemented or fully supported by current clients like smartphones. For example, the chipset in my iPhone 15 Pro supports 802.11r but iOS does not.
Whenever an iPhone or any other client that does not (fully) support it receives 802.11r-frames it does not understand the frames - hence issues with roaming.
The 802.11r standard is commonly used with healthcare alarm systems like Ascom and Cisco phones.
Like you said, the client decides when to roam.
To help the client decide, you have to make sure that the places it should roam have a signal strength close to it's roaming thresholds.
iPhones will look for better APs at -68dBm, if the signal strength is -60dBm the iPhone will not roam to a different AP.
There are two ways to change the signal strenght:
- Increasing or decreasing the transmit power
- Physically moving access points
The Omada Controller has a Heatmap Simulator, which is a decent tool for playing around with Tx-power and received signalstrength.
- Copy Link
- Report Inappropriate Content
Hello, I am not agree with this answer cuz I have one site (our biggest) with 4 OpenWRT C7 and we have successful 802.11r with iOS, and it is confirmed by Apple here : https://support.apple.com/en-gb/guide/deployment/dep98f116c0f/web
and confirmed by our logs files
hostapd: phy0-ap0: STA b4:85:xx:xx:xx:xx WPA: FT authentication already completed - do not start 4-way handshake
we don't migrate this site to Omada since 802.11r issue was not solved cuz on the Omada site, users complains about voip call dropping when they roam
- Copy Link
- Report Inappropriate Content
I recently added EAP610 to my network and started to have a roaming issues.
Till hardware upgrade in use EAP225 and EAP245 with no issues, since EAP610 has been adopted by Omada controller notify that clients connected to wifi via EAP 610 are not switching to other EAP's once back in rooms with older EAP :(
I reased ticked in support for it but no sucess till now with issue.
Fast roaming enabled and 802.11r un-check, I changed to WPA2 -PSK only and no luck
I notify if iPhone connected with EAP 245 and moved to EAP610 roaming works well, on way back to EAP245 or 225 roaming function fail and device stays without wifi.
once tried to connect wifi manually IOS popup with "unable to connect" info. Only solution is to forget network and connect manually again to wifi.
Hope anyone can give me some advice
- Copy Link
- Report Inappropriate Content
Just an additional anecdotal update... After updating my OC200 controller to 5.14.32.56 (2.17.6 Build 20241101 Rel.44787) and my EAP650s to 1.1.0, I re-enabled 802.11r to see if my iOS devices would flake out on me again or not. After more than a week I've not had a repeat of my "no internet despite being connected" bug and usually it would crop up within a day or two.
Totally anecdotal because I don't have enough sample size or measurable test\check but at least in my case it seems to be resolved so might be worth trying it out. The new firmware upgrade functions are kinda nice enhancements too.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 3638
Replies: 18
Voters 0
No one has voted for it yet.