any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

dchang0 · Fri Feb 09, 2024 7:04 am

Hi, everyone--

I kinda wish I had read the forum before buying the hAP ax3, but there was no way to know I'd get hit by this problem before actually getting hit by it.

I'd read these threads and have pretty much the same problem: an Apple Macbook Pro 2016-2017 will not work with the hAP ax3's wifi, and every other device I have works fine, including a newer iPhone SE 2nd Generation. Sadly, the Macbook Pro 13in. "late 2016" I have is my only laptop and will be for a while since it has $1000 of music production software on it, so I do have to figure this issue out soon.

This thread is the closest to my situation:

viewtopic.php?p=966083&hilit=macos#p966083

"What happens - I connect the WiFi and after a minute or a few seconds, it is auto disconnected from the MikroTik. However, the WiFi on the Mac says it's still connected, but when I try to browse, there is no internet connection. Pinging my router also does not work."

That is exactly what happens to me. I'd add that eventually, the Macbook Pro figures out that the wifi connection is no good, and then it goes into a lengthy re-connect attempt before finally giving up. I can then manually re-connect it, and it will work for a minute or two, and then it will fail in the same way again.

I tried this tip, but it unfortunately doesn't work for me: viewtopic.php?p=966083#p1039918

"If it the "new" wifiwave2 drivers, those screenshots should work. The most important setting is to set your country correctly (and as here you need to check right boxes in the security tab).

On the older drivers, it's critical that the distance=indoors is set on the wireless interfaces & the group key timeout is 1:00:00 (default was lower in "old" drivers) for it work on a Mac."

I am pretty sure I do not have the wifiwave2 drivers and am using the bone stock "old wifi" drivers. I suspect this advice would work for most Macs, just not mine.

I seem to be having the same problem as these two other posters in that the specific model years of Macbook Pro, the "late 2016/early 2017" models, just don't work:

viewtopic.php?p=966083&hilit=macos#p966083

viewtopic.php?t=194216

Note that one of them tried a Macbook Pro 2019 and it did work...

I suspect it is the chipset in the Macbook Pro 2016-2017 that just doesn't like the hAP ax3 (and probably not the ax2 either). I suppose I can test this if I got a macos-compatible USB wifi adapter and used it with this Macbook Pro and the hAP ax3.

Oh, I should add that my same Macbook Pro 13in late-2016 works fine with an hAP ac2 on 5GHz.

I also seem to be having the same problem with this Macbook Pro and the hAP ax3 on the 2.4GHz radio, but it seems to go for much longer (around 10 minutes) before it loses the connection. It is likely similar to this other thread: viewtopic.php?t=194216#p1038418

I have not tried shutting off the 5GHz radio and turning the 2.4GHz radio down to N mode since that is worse than my older hAP ac2 can provide (might as well return the hAP ax3 and keep the hAP ac2).

But, I'd like to keep the hAP ax3, so I'm game to help figure this out with whatever debugging is needed.

My config. I started with a factory default with AP QuickSet and configured only the LAN and WAN networking and the WiFi SSIDs. The Macbook Pro didn't work, but all the other devices did on the factory default. I've since then changed a few settings per what I read online, trying to change as few settings per test loop at a time. What you see below is where I currently am at, but I have not fixed this issue even once.

# 2024-02-08 20:52:40 by RouterOS 7.13.4
# software id = 3003-87TI
#
# model = C53UiG+5HPaxD2HPaxD
# serial number =
/interface bridge
add admin-mac=48:A9:8A:56:01:51 auto-mac=no comment=defconf name=bridge port-cost-mode=short
/interface wifi
set [ find default-name=wifi1 ] channel.band=5ghz-ax .skip-dfs-channels=10min-cac .width=20/40/80mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=\
    mywifi5 disabled=no security.authentication-types=wpa2-psk,wpa3-psk .connect-priority=0 .group-key-update=1h
set [ find default-name=wifi2 ] channel.skip-dfs-channels=10min-cac .width=20/40mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=mywifi2 disabled=no \
    security.authentication-types=wpa2-psk,wpa3-psk .connect-priority=0
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/ip pool
add name=dhcp ranges=192.168.138.100-192.168.138.254
/ip dhcp-server
add address-pool=dhcp interface=bridge lease-time=10m name=defconf
/interface bridge port
add bridge=bridge comment=defconf interface=ether2 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=ether3 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=ether4 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=ether5 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=wifi1 internal-path-cost=10 path-cost=10
add bridge=bridge comment=defconf interface=wifi2 internal-path-cost=10 path-cost=10
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/ip address
add address=192.168.138.1/24 comment=defconf interface=bridge network=192.168.138.0
add address=192.168.89.2/24 interface=ether1 network=192.168.89.0
/ip dhcp-client
add comment=defconf disabled=yes interface=ether1
/ip dhcp-server network
add address=192.168.138.0/24 comment=defconf dns-server=192.168.138.1 gateway=192.168.138.1 netmask=24
/ip dns
set allow-remote-requests=yes servers=192.168.89.1
/ip dns static
add address=192.168.138.1 comment=defconf name=router.lan
/ip firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related hw-offload=yes
add action=accept chain=forward comment="defconf: accept established,related, untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" ipsec-policy=out,none out-interface-list=WAN
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
/ipv6 firewall filter
add action=accept chain=input comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=invalid
add action=accept chain=input comment="defconf: accept ICMPv6" protocol=icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" port=33434-33534 protocol=udp
add action=accept chain=input comment="defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=udp src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 protocol=udp
add action=accept chain=input comment="defconf: accept ipsec AH" protocol=ipsec-ah
add action=accept chain=input comment="defconf: accept ipsec ESP" protocol=ipsec-esp
add action=accept chain=input comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=input comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept established,related,untracked" connection-state=established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=forward comment="defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=icmpv6
add action=accept chain=forward comment="defconf: accept HIP" protocol=139
add action=accept chain=forward comment="defconf: accept IKE" dst-port=500,4500 protocol=udp
add action=accept chain=forward comment="defconf: accept ipsec AH" protocol=ipsec-ah
add action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=ipsec-esp
add action=accept chain=forward comment="defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=forward comment="defconf: drop everything else not coming from LAN" in-interface-list=!LAN
/system clock
set time-zone-name=America/Los_Angeles
/system logging
add topics=debug,wireless
/system note
set show-at-login=no
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN

In the wireless, debug log, it just looks like a four-step sequence over and over:
associated
connected
disconnected
disassociated

Thanks in advance for any help!

Fri Feb 09, 2024 9:31 am

Plenty of people here use that generation of macbook without issue, so it must be either a macOS config issue or ROS config issue. Try and configurre OS as 5ghz-ac and remove WPA3 and see how it works then.

dchang0 · Fri Feb 09, 2024 9:43 am

That's good to hear--there's some hope for me then!

I did try removing WPA3 already on both 5G and 2.4G so that only WPA2 was left.
I also tried removing WPA2 so that only WPA3 was left (also on both 5G and 2.4G).
No improvement. I tried to keep all other settings equal when doing this particular test (that was the only change). It is possible that some other setting should have been changed along with the WPA2 or WPA3 test.

I will try stepping down to 5Ghz-AC, but that kind of defeats the purpose of upgrading from an hAP ac2 to an hAP ax3 (I have other newer devices with AX capability--this Mac is AC at best)... I'll do it for diagnostic purposes, of course.

Thanks! I'll report back after some testing.

Oh, I forgot to mention: I have several routers on hand (I am an IT professional). I'll test this specific Mac with at least one other AX router (Gl-inet) too.

dchang0 · Fri Feb 09, 2024 10:02 am

No luck stepping it down from 5GHz-AX to 5Ghz-AC. It just failed in the same way after a few minutes.

Here is the current wifi config that doesn't work yet:

/interface wifi
set [ find default-name=wifi1 ] channel.band=5ghz-ac .skip-dfs-channels=10min-cac .width=20/40/80mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=\
    mywifi5 disabled=no security.authentication-types=wpa2-psk,wpa3-psk .connect-priority=0 .group-key-update=1h
set [ find default-name=wifi2 ] channel.skip-dfs-channels=10min-cac .width=20/40mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=mywifi2 disabled=no \
    security.authentication-types=wpa2-psk,wpa3-psk .connect-priority=0 .group-key-update=1h

Next I will try WPA2-only with 5GHz-AC only.

Fri Feb 09, 2024 10:04 am

When macbook has connected, hold "option" on the keyboard while clicking on the wifi icon in top-right corner of the screen. It will show more details about the connection

dchang0 · Fri Feb 09, 2024 10:12 am

Thanks, normis--
Doing so confirms it is connected at 5GHz AC (but that's no surprise, since the highest this Macbook Pro can go is 5GHz AC).

Interestingly, it says it's connected using WPA3 Personal, but I have unchecked the box for all WPA3 on the hAP ax3 5GHz radio, leaving only WPA2 PSK checked. Is the Mac lying?

The other info is:

Channel 149 (5GHz, 80MHz)
Country Code: US
RSSI: -46dBm
Noise: -92dBm
TX Rate: 585 Mbps
PHY Mode: 802.11ac
MCS Index: 7
NSS: 1

Fri Feb 09, 2024 10:14 am

OK so this could be the cause. MacBooks sometimes remember old config, even if you changed it. Try another SSID. It will think it's a new network and will reconsider the settings.

dchang0 · Fri Feb 09, 2024 10:17 am

Interesting. I read that in one of the other posts, but I thought it would be enough to remove the SSID from the "Advanced" tab of the Wifi Config in MacOS.

Are you saying I actually have to change the SSID in the hAP ax3? That's not hard, but I have not tried it once yet during my testing. I'd only deleted the remembered SSIDs from the Mac between tests.

Fri Feb 09, 2024 10:19 am

Yes, macOS is very stubborn. If you joined a SSID with WPA3, it will try it again, no matter if you removed it from recently used SSIDs.
Just for sake of experiment, set a new SSID in the hAP device

dchang0 · Fri Feb 09, 2024 10:22 am

Understood, and thanks.

I have done so just now. The new SSID is test15. I confirm that the Mac says WPA2 Personal and 5GHz-ac. Current config is:

/interface wifi
set [ find default-name=wifi1 ] channel.band=5ghz-ac .skip-dfs-channels=10min-cac .width=20/40/80mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=test15 \
    disabled=no security.authentication-types=wpa2-psk .connect-priority=0 .group-key-update=1h
set [ find default-name=wifi2 ] channel.skip-dfs-channels=10min-cac .width=20/40mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=mywifi2 disabled=no \
    security.authentication-types=wpa2-psk,wpa3-psk .connect-priority=0 .group-key-update=1h

It's late here, so I will put it on streaming music, and if it makes it through the night, then it is a huge success. After that I will try 5GHz-ax with WPA2 Personal. Thanks again!

dchang0 · Fri Feb 09, 2024 10:35 am

Darn, no luck with 5GHz-ac with WPA2 PSK only (confirmed on the Mac side too).
It just cut off the streaming radio music a few minutes in.

I'll pick this up tomorrow--any other suggestions are welcome! I'd like to fix this and document it here for anyone else having the same problem.

dchang0 · Fri Feb 09, 2024 11:20 pm

I tried wiping out the Mac's network settings by destroying the Preferences files. No improvement.

I tried destroying the Location and creating a new one, then destroying all the network-related Preferences files. So far, it's doing better (I had one hiccup at the start but the connection has been running okay so far--I'm running a continuous ping to 8.8.8.8 and it seems to be okay).

Stepping back up to 5GHz-ax with WPA2 PSK only to see how it goes...

There is a chance the continuous ping is acting as a keepalive somehow; I will also run the test without the ping.

EternalNet · Fri Feb 09, 2024 11:48 pm

I tried wiping out the Mac's network settings by destroying the Preferences files. No improvement.

Try to disable skip-dfs and pick lowest 5Ghz channel. the issue with disconnecting could be related with skipping dfs channels and (for some reason) not connecting to other channel (maybe?).

dchang0 · Sat Feb 10, 2024 1:51 am

Thanks, EternalNet. Yeah, it does look like it could be related to channel-skipping. It feels like there's an element of randomness going on...

I will test that next. Right now, I am trying to get back to a working state based only on what I did earlier.

I added back 5GHz-ax, and that seemed to be fine (the Group Key Update was 01:00:00 and it was WPA2 PSK only).
Then, I removed the Group Key Update 01:00:00, and that seemed okay.
Then, I added back WPA3 PSK, and it broke almost right away.

The continuous ping probably also isn't serving as a keepalive, since I was able to break the wifi even while the continuous ping was running. It's a good forward indicator of when the connection actually fails, though. As soon as the ping fails, I know the wifi is down even if it thinks it's not.

Anyway, I turned off WPA3 PSK and put back the Group Key Update 01:00:00, but now I'm having to mess with the Mac to try to get back to a working state. The three things I'm trying that seemed to work before were:

1) Delete the saved SSID
2) Create a new Location, destroy the old one.
3) Remove the network-related Preferences files and reboot

Combine that with renaming the SSID on the hAP ax3 and that seemed to get me to a stable working state. Trying it again now...

* There is a fourth trick for Mac users: remove the Wifi interface and re-add it. I have not done that even once yet during my testing.

dchang0 · Sat Feb 10, 2024 1:54 am

Here's the config that was working stably for at least a couple of hours until I broke it by removing group-key-update=1h and adding back WPA3 PSK:

/interface wifi
set [ find default-name=wifi1 ] channel.band=5ghz-ax .skip-dfs-channels=10min-cac .width=20/40/80mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=test15 \
    disabled=no security.authentication-types=wpa2-psk .connect-priority=0 .group-key-update=1h
set [ find default-name=wifi2 ] channel.skip-dfs-channels=10min-cac .width=20/40mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=mywifi2 disabled=no \
    security.authentication-types=wpa2-psk,wpa3-psk

I am going to have to rename test15 to something else now. The Mac seems determined to remember the SSID no matter what. I suspect that my iPhone is sharing its remembered networks with the Macbook Pro... To keep the iPhone from interfering, I will not join it to the new SSID name.

dchang0 · Sat Feb 10, 2024 2:02 am

Okay, I'm back where I was when it was stable, but it's not stable, so next test: EternalNet's suggestions, one at a time.

First, turn off skip-dfs-channels.

This is the current config I am testing:

/interface wifi
set [ find default-name=wifi1 ] channel.band=5ghz-ax .skip-dfs-channels=disabled .width=20/40/80mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=test25 \
    disabled=no security.authentication-types=wpa2-psk .connect-priority=0 .group-key-update=1h
set [ find default-name=wifi2 ] channel.skip-dfs-channels=10min-cac .width=20/40mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=mywifi2 disabled=no \
    security.authentication-types=wpa2-psk,wpa3-psk

dchang0 · Sat Feb 10, 2024 2:13 am

No luck with just disabling skip-dfs-channels. So far, the Mac's wifi info shows it has been using DFS, 100 (5GHz, 80MHz) for all of this time since I disabled skip-dfs-channels.

Now trying the second tip from EternalNet: set the channel to a low one.

I've run into a problem, though: when I try to select the Channel in the drop-down in WebFig, the drop-down is empty (nothing to choose from).
I'm guessing I'll have to set it using the Terminal or WinBox... UPDATE: Under WinBox, Channel = unknown.

Hmm. It occurred to me that I might have better lucky trying the wifiwave2 drivers that others have written about...

Sat Feb 10, 2024 3:12 am

I use Ruckus AP in my production and WPA-3 also sucks.
Turned off and things go smoother for older and newer WiFi cards ... no Macs but the effect was immediate.

dchang0 · Sat Feb 10, 2024 6:38 am

Thanks, BartozP-- I won't try WPA3 again (no real need for it, as opposed to max throughput and lowest latency).

Here's another wrench in the works. My Windows PC has always been fine with the 5GHz-ax connection regardless of the tweaking of the settings for the Mac. While running WinBox over the 5GHz-az wifi, WinBox suddenly lost the connection to the hAP ax3 and then reconnected quickly on its own. I wasn't making changes and was just watching the traffic graph. Is that normal? I have never seen that happen on my other two MIkrotik devices (except when deliberately making changes such as changing the wifi settings or rebooting the device).

Another strange clue with the Mac's failure. Now, when it loses the wifi connection, if I try to manually force it to reconnect to the SSID test25, sometimes it can't even see the SSID for a minute. If I keep waiting long enough, it will eventually see the SSID again and can re-connect (and then fail again). Also, the failures, when they happen, are super-fast (within a few seconds, whereas it used to take about 1 to 2 minutes to as many as 5 minutes before the connection failed.

This is the current config--it's bad. I'm not sure how the connect-priority=0 got in there. Gonna remove that next.

/interface wifi
set [ find default-name=wifi1 ] channel.band=5ghz-ax .skip-dfs-channels=disabled .width=20/40/80mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=test25 \
    disabled=no security.authentication-types=wpa2-psk .connect-priority=0 .group-key-update=1h
set [ find default-name=wifi2 ] channel.skip-dfs-channels=10min-cac .width=20/40mhz configuration.antenna-gain=6 .country="United States" .mode=ap .ssid=mywifi2 disabled=no \
    security.authentication-types=wpa2-psk,wpa3-psk

dchang0 · Sat Feb 10, 2024 7:08 am

Removing connect-priority=0 didn't make a difference on the Mac, but it wasn't there when it was stable before, so I got rid of it.

Anybody know what to look for in the macOS wifi.log files? I will start checking those and correlating timestamps to wifi failures.

dchang0 · Sat Feb 10, 2024 7:29 am

I watched the ping and /private/var/log/wifi.log in real time and saw the failure happen.

These are the lines related to the failure. Not very much to go on. The <kernel> en0: link down event is the start of the failure. I think it ends at "Terminating supplicant" but the lines in the log started scrolling fast.

It could be the postMessage::1412 APPLE80211_M_BSSID_CHANGED received that explains the link down event.

Fri Feb  9 21:21:35.798 Apple80211Set:10303 Processing APPLE80211_IOC_ROAM dataRef:0x7fb4b283f870
Fri Feb  9 21:21:35.798 Apple80211Set:10324 CFType is CFData
Fri Feb  9 21:22:12.349 <kernel> en0: link down event, informing supplicant.
Fri Feb  9 21:22:12.350 <kernel> postMessage::1412 APPLE80211_M_BSSID_CHANGED received
Fri Feb  9 21:22:12.350  Fri Feb  9 21:22:12.353 <kernel> AirPort_BrcmNIC::getSSIDData(): Get failure: APPLE80211_IOC_SSID: 6
Fri Feb  9 21:22:12.368 <airport[227]> -[dpsManager handleDPSEventWithType:eventInfo:networkName:BSSID:channelInfo:isCriticalAppInUse:]_block_invoke: Ignoring non-dps events while not in monitoring period/ Ignoring DPS event while in monitoring period
Fri Feb  9 21:22:12.417 <kernel> en0: Terminating supplicant.
Fri Feb  9 21:22:12.417 <kernel> RSNSupplicant: Releasing authenticator for 48:a9:8a:56:01:55
Fri Feb  9 21:22:12.490 <airport[227]> _processIPv4Changes: ARP/NDP offloads disabled, not programming the offload
Fri Feb  9 21:22:12.499 <airport[227]> _processIPv4Changes: ARP/NDP offloads disabled, not programming the offload
Fri Feb  9 21:22:17.309 <airport[227]> systemWokenByWiFi: System Wake Reason not found
Fri Feb  9 21:22:27.151 <airport[227]> systemWokenByWiFi: System Wake Reason not found

dchang0 · Sat Feb 10, 2024 7:41 am

The next real-time failure is more typical.

Here is the Mac's wifi.log section:

Fri Feb  9 21:34:39.061 Apple80211Set:10289 Processing APPLE80211_IOC_ROAM
Fri Feb  9 21:34:39.061 Apple80211Set:10303 Processing APPLE80211_IOC_ROAM dataRef:0x7fb4b2a39760
Fri Feb  9 21:34:39.061 Apple80211Set:10324 CFType is CFData
Fri Feb  9 21:36:01.056 <airport[227]> __SymptomsMgrDNSFailureSymptomsCallback: __SymptomsMgrDNSFailureSymptomsCallback called at 729236161.056677
Fri Feb  9 21:36:01.059 <airport[227]> Could not set property APPLE80211_REGKEY_DPS_SYMPTOMS_INPUT_PARAMS
Fri Feb  9 21:37:24.812 <airport[227]> __SymptomsMgrDNSFailureSymptomsCallback: __SymptomsMgrDNSFailureSymptomsCallback called at 729236244.812836
Fri Feb  9 21:37:24.814 <airport[227]> Could not set property APPLE80211_REGKEY_DPS_SYMPTOMS_INPUT_PARAMS
Fri Feb  9 21:37:27.952 <airport[227]> __SymptomsMgrDNSFailureSymptomsCallback: __SymptomsMgrDNSFailureSymptomsCallback called at 729236247.952187
Fri Feb  9 21:37:27.953 <airport[227]> Could not set property APPLE80211_REGKEY_DPS_SYMPTOMS_INPUT_PARAMS

The CFType is CFData is the last line while the wifi was working properly. It sat there for a while while it was working, so I don't consider it and the lines above it to be bad.
Then, when the continuous ping started to fail, nothing happened for a few seconds until the __SymptomsMgrDNSFailureSymptomsCallback pairs of lines started to show up. Looking at the Wifi icon at the top right corner of the window, it was clear the Mac thought it still had a perfectly functioning wifi connection.

This time there was no en0: link down at all, just a loss of internet access while the Mac thought the wifi connection was still up.

I need more detailed debug logging on both ends of the wifi connection... But then it would be like drinking water from a fire hose...

dchang0 · Sat Feb 10, 2024 11:34 am

I decided to do a factory default config and then build up again from that, testing each setting one at a time. I also named both the 5GHz and 2.4GHz SSIDs the same. Current config with all the suggested changes except specifically choosing a channel at the low end, and it's also set to 5GHz-ax.
The Mac still has issues with this config; all the other devices are fine.

/interface wifi
set [ find default-name=wifi1 ] channel.band=5ghz-ax .skip-dfs-channels=disabled .width=20/40/80mhz configuration.country="United States" .mode=ap .ssid=slc93512 disabled=no \
    security.authentication-types=wpa2-psk .disable-pmkid=yes .ft=yes .ft-over-ds=yes .group-key-update=1h
set [ find default-name=wifi2 ] channel.band=2ghz-n .skip-dfs-channels=disabled .width=20mhz configuration.country="United States" .mode=ap .ssid=slc93512 disabled=no \
    security.authentication-types=wpa2-psk .disable-pmkid=yes .ft=yes .ft-over-ds=yes .group-key-update=1h

I have noticed on the hAP ax3 side that the Mac loses its registration, and in the logs, it says "SA query timeout" some of the times. Am adding connection-priority=0/1 for this.

dchang0 · Sat Feb 10, 2024 9:22 pm

While watching the wifi debug log, I'm starting to wonder if I have a defective hAP ax3.
Turns out there are frequent disconnects for all the devices currently connected to both wifi radios. All the devices are less than 15ft away from the router and have full bars of strength.

For all the devices except the Mac, the disconnects are short, about 1 second or less, except those few times that my Windows desktop loses its connection for more than a few seconds, which has shown up as a disconnect from WinBox.

The prior routers were never this flaky, though I did not ever watch the wifi logs to see whether frequent short disconnects is a normal thing.

Maybe I need to return this router right away.

MaxwellsEq · Sat Feb 10, 2024 10:21 pm

I couldn't spot in your long thread whether you have disabled Management Frame Protection.

dchang0 · Sat Feb 10, 2024 10:24 pm

Hi, MaxwellsEq--
Nope, haven't touched Management Frame Protection yet. I'll try that now, having tried everything else (that was mentioned here or in other threads as related to Macbook fixes) already. Thanks!

UPDATE: the other things I haven't tried yet (because I don't know how yet) are:
locking channel to low end
wifiwave2-style configuration

MaxwellsEq · Sat Feb 10, 2024 11:11 pm

Hi, MaxwellsEq--
Nope, haven't touched Management Frame Protection yet. I'll try that now, having tried everything else (that was mentioned here or in other threads as related to Macbook fixes) already. Thanks!

UPDATE: the other things I haven't tried yet (because I don't know how yet) are:
locking channel to low end
wifiwave2-style configuration

I have an older device which was OK with a previous generation of ROS hardware, but it kept generating SA Query Timeout errors, did a bit of googling and found AX devices may support Frame Protection, even if AC and WPA3 is disabled. When I turned off Frame Protection (willing to accept the risk) it came good.

dchang0 · Sun Feb 11, 2024 5:42 am

Thanks, MaxwellsEq--

No luck disabling Management Frame Protection with regards to the disconnects. Looking back through the log, it does look like it stopped the SA Query Timeout errors.

What's kinda weird about all this is that the other devices all seem to not care about any of the settings changes, but the Macbook Pro is just plain unhappy all the time. The only thing I saw was that the failures were fast (up a few seconds, down several seconds, up a few seconds and so on) when the Group Key Update was not set to 01:00:00. When Group Key Update was set to 01:00:00, the Mac would go for longer between disconnects (1 to 2 minutes).

Maybe the Mac is indeed broken, but given that it works with every other router I have tested it against including other AX routers, I have a hard time believing that...

Anyway, I'm kinda stuck now until I learn how to hard-set the channel and/or try the wifiwave2-style configuration.

Does anyone have a known-good config for an hAP ax3 that works perfectly with ANY Macbook capable of either ac or ax? I'd like to copy the config into my hAP ax3. Thanks!

I have tried this on the Mac, testing after each change, but no luck:

reset PRAM
reset SMC
turn IPv6 to link local only
disable awdl0 interface

The Mac is still working fine with the Gl-inet Beryl AX. I am now comparing the wifi connections.

With the hAP ax3, the Mac wifi stats say:
Security WPA2 Personal
Channel: 100 (5GHz, 80MHz) <-- it has always been this, even though I have not hard-coded anything
Country Code: US
PHY Mode: 802.11ac
MCS Index: 5, was 7 last time I actually paid attention
NSS: 2

The Gl-inet Beryl AX has:
Security: WPA2 Personal
Channel: 48 (5GHz, 80Mhz)
Country Code: US
PHY Mode: 802.11ac
MCS Index: 6, then changed to 7 while I was watching it
NSS: 2

Maybe the channel (below 100) is what makes the difference... I am going to have to sit down and learn how to hard-code the channel on the hAP ax3 next.

dchang0 · Tue Feb 13, 2024 8:13 am

I'm seeing frequent disconnects with one of my security cameras too (on the 2.4GHz radio). My suspicion is that this unit is faulty somehow, and I'll look into returning it.

No luck with forcing the channel down below 100. Here's what I decided to do: rather than figure out how to specify the channel explicitly, I simply restricted the Frequency range so that it could only choose a channel from 36 to 64. Sure enough, the Macbook Pro showed for the first time that it was on a channel other than 100, 80MHz. This time it was on channel 64, 80MHz.
But, sadly, the same disconnect problem happened.

Here is the current config.

/interface wifi
set [ find default-name=wifi1 ] channel.frequency=5170-5330 configuration.country="United States" .mode=ap .ssid=slc93512 disabled=no security.authentication-types=wpa2-psk \
    .disable-pmkid=yes .ft=yes .ft-over-ds=yes .group-key-update=1h .management-protection=disabled
set [ find default-name=wifi2 ] channel.band=2ghz-n .width=20mhz configuration.country="United States" .mode=ap .ssid=slc93512 disabled=no security.authentication-types=\

It's the same problem as before: the Macbook Pro thinks it has a valid wifi connection; the Mikrotik doesn't list the Mac any more in the Registration list, and there is no network traffic between the two. Eventually the Mac figures out that it has lost network traffic and then attempts to reconnect to the Wifi, which succeeds (usually but not always) and then it's up for about 10 to 30 seconds before dying again.

Combined with the rare but non-zero disconnects on the 2.4GHz radio, I'm losing hope this will be fixed.

dchang0 · Wed Feb 14, 2024 7:09 am

For fun, I booted my Macbook Pro 2016 off of an Ubuntu 22.04.3 live CD (burned to USB stick) to test out the wifi to see if it is the hardware or the software on the Mac that is causing problems.
Interestingly, Ubuntu connects to the 2.4GHz radio (both radios have the same SSID and have roaming on, and the Windows PC can roam from the 2.4GHz to the 5GHz without problems) but it never roams up to the 5GHz radio.
As a result, Ubuntu doesn't lose the network connection--it stays connected all the time on the 2.4GHz radio, 20MHz, at wifi-n speeds. So, while I wasn't able to find out whether the hardware works fine with 5GHz and Ubuntu, I did learn that the 2.4GHz radio works fine with the Mac hardware.
Next, what I'll have to do is name the 5GHz SSID something else so that I can force Ubuntu to connect to it. If the 5GHz connection fails, we will have ruled out macOS, though not the Macbook Pro's hardware.

UPDATE: I renamed the 5GHz radio's SSID and tried to attach the Macbook Pro running Ubuntu to it. It could not even see it in the automatic scans, nor could I connect to it if explicitly specifying the SSID by typing it in. Could this be related to why the Macbook Pro when running macOS Monterey is unable to stay on the 5GHz radio, even though it can see the SSID and connect to it at first?

My other 5GHz-capable devices can see the new SSID on the 5GHz radio and connect to it. Here is the current config:

/interface wifi
set [ find default-name=wifi1 ] configuration.country="United States" .dtim-period=3 .mode=ap .ssid=slc93512test disabled=no security.authentication-types=wpa2-psk \
    .disable-pmkid=yes .ft=yes .ft-over-ds=yes .group-key-update=1h .management-protection=disabled
set [ find default-name=wifi2 ] channel.band=2ghz-n .width=20mhz configuration.country="United States" .dtim-period=3 .mode=ap .ssid=slc93512 disabled=no \
    security.authentication-types=wpa2-psk .disable-pmkid=yes .ft=yes .ft-over-ds=yes .management-protection=disabled

Also, the Macbook Pro running Ubuntu can see other 5GHz SSIDs and connect to them. Only the hAP ax3's 5GHz SSID is missing and unreachable.

I feel like if I can change the hAP ax3 config so that the Macbook Pro running Ubuntu can see and connect to it, then even macOS will work properly.

dchang0 · Wed Feb 14, 2024 7:50 am

Aha! I can get the Macbook Pro running Ubuntu 22 to see the 5GHz radio's SSID if I set skip-dfs-channels=all.

It connects at 5.2GHz (that's all it says in the GUI--I can probably get more details at the command line.

This config is what I'm running now:

/interface wifi
set [ find default-name=wifi1 ] channel.skip-dfs-channels=all configuration.country="United States" .dtim-period=3 .mode=ap .ssid=slc93512test disabled=no \
    security.authentication-types=wpa2-psk .disable-pmkid=yes .ft=yes .ft-over-ds=yes .group-key-update=1h .management-protection=disabled
set [ find default-name=wifi2 ] channel.band=2ghz-n .width=20mhz configuration.country="United States" .dtim-period=3 .mode=ap .ssid=slc93512 disabled=no \
    security.authentication-types=wpa2-psk .disable-pmkid=yes .ft=yes .ft-over-ds=yes .management-protection=disabled

If it stays connected for a long time in Ubuntu, I will reboot into macOS and see if that stays connected for a long time.

dchang0 · Wed Feb 14, 2024 8:09 am

Darn. Well, the Macbook Pro running Ubuntu 22 worked great with skip-dfs-channels=all, but as soon as I rebooted into macOS and tested it, it failed.
This suggests that the Macbook Pro's hardware is okay and that something with how macOS handles the connection is part of the problem.

Well, I'm stuck again. No other ideas to try.

jaclaz · Wed Feb 14, 2024 2:01 pm

What is surprising (to me) is that you are not talking of an obscure, possibly no-name, wireless device, you are using two rather common and recent enough notebooks from one of the leading manufacturers and that - judging from the few Mikrotik videos I have seen - are often used by Mikrotik experts/trainers/technicians.

Now that you have excluded the hardware as a possible cause of the issue, it is *something* in MacOS, there should be - if not a dedicated page on Mikrotik (or Apple) help/wiki at least some threads on the forum with the same issue and a definite way (settings/patch/whatever) to resolve it.

A plain (official) admission that it simply doesn't work and that there is no known solution to the issue (though far less satisfying) would also do, at least it would have avoided you all the troubles to pinpoint the problem.

any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Re: any fix yet for Macbook Pro 2016-2017 not working with hAP ax3 wifi?

Who is online