Apple devices not reconnecting to wifi

ilium007 · September 24, 2020, 1:26pm

I have a strange issue where Apple devices are sometimes not reconnecting to the Mikrotik Chateau LTE 12 wireless networks after previously being connected. Not sure where to start, I have read of issues plaguing routerOS for years regarding Apple devices and wireless but cant find solutions. I have never previously had an issue with Apple devices connecting to any wireless network I have managed.

[admin@router01] /system> /system/routerboard/print
       routerboard: yes
             model: RBD53G-5HacD2HnD
     serial-number: C8CA0CB0B626
     firmware-type: ipq4000L
  factory-firmware: 7.0beta6
  current-firmware: 7.1beta2
  upgrade-firmware: 7.1beta2

Wireless config:

[admin@router01] /interface/wireless> print
Flags: X - disabled; R - running
 0  R name="wlan1" mtu=1500 l2mtu=1600 mac-address=48:8F:5A:11:24:DD arp=enabled interface-type=IPQ4019 mode=ap-bridge ssid="LIBERTY" frequency=auto band=2ghz-b/g/n channel-width=20/40mhz-Ce
      secondary-channel="" scan-list=default wireless-protocol=802.11 vlan-mode=no-tag vlan-id=1 wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled
      default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no security-profile=default compression=no

 1    name="wlan2" mtu=1500 l2mtu=1600 mac-address=48:8F:5A:11:24:DE arp=enabled interface-type=IPQ4019 mode=ap-bridge ssid="LIBERTY_AC" frequency=auto band=5ghz-onlyac channel-width=20/40mhz-Ce
      secondary-channel="" scan-list=default wireless-protocol=802.11 vlan-mode=no-tag vlan-id=1 wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled
      default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no security-profile=default compression=no
[admin@router01] /interface/wireless>
admin@router01] /interface/wireless> security-profiles/print
Flags: * - default
 0 * name="default" mode=dynamic-keys authentication-types=wpa2-psk unicast-ciphers=aes-ccm group-ciphers=aes-ccm wpa-pre-shared-key="xxxxxxxxxxxx" wpa2-pre-shared-key="xxxxxxxxxxxx"
     supplicant-identity="MikroTik" eap-methods="" tls-mode=no-certificates tls-certificate=none mschapv2-username="" mschapv2-password="" disable-pmkid=no static-algo-0=none static-key-0=""
     static-algo-1=none static-key-1="" static-algo-2=none static-key-2="" static-algo-3=none static-key-3="" static-transmit-key=key-0 static-sta-private-algo=none static-sta-private-key=""
     radius-mac-authentication=no radius-mac-accounting=no radius-eap-accounting=no interim-update=0s radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username radius-called-format=mac:ssid
     radius-mac-caching=disabled group-key-update=1h management-protection=disabled management-protection-key=""
[admin@router01] /interface/wireless>

psannz · September 24, 2020, 7:20pm

If you updated your iPhone to iOS 14 recently, it will have autoactivated the “Private WIFI Address”. Changes the MAC address per ssid once a day to a random new one. Useful to avoid tracking but badly implemented.
Feature has to be disabled per SSID on the iPhone.

kalamaja · September 25, 2020, 5:06am

Fixed with the macOS 10.15.7 and iOS 14.0.1.

akorenchikov · October 4, 2020, 9:01am

After update to iOS 14 I have found that local network access for MikroTik app was turned off (Settings → MikroTik-> toggle local network). After turn on device successfully connected

ilium007 · October 5, 2020, 10:24am

There’s something else going on here. I am getting the problem whereby I can’t reconnect my Apple MacBook Pro. It seems like the wireless is connecting but I’m not getting an IP address.

Could there be an issue with the DHCP side of things? I hadn’t experienced the problem in weeks but all of a sudden its back again. If I connect to the Mikrotik cAP it works but fails on the Chateau LTE 12.
Screen Shot 2020-10-05 at 7.09.55 pm.png
Screen Shot 2020-10-05 at 7.10.01 pm.png

mkx · October 5, 2020, 7:06pm

You definitely have DHCP issues if your device shows IP address 169.x.y.z … whether that’s basic problem or it’s superimposed on top of lower layer problems (read: wireless connectivity) that’s a thing to find out.

ilium007 · October 7, 2020, 2:46am

I have turned on DHCP logging to try and catch something the next time it happens.

ilium007 · October 12, 2020, 11:22pm

I think I have solved my wireless issues with the help of a few other threads in these forums.

Key configuration changes were:
channel-width
wmm-support
keepalive-frames
multicast-buffering
multicast-helper
group-key-update

and increasing DHCP lease time from 10mins to 10hrs

[admin@router01] > /interface/wireless/export 
# oct/13/2020 10:17:27 by RouterOS 7.1beta3
# software id = 8DD5-P647
#
# model = RBD53G-5HacD2HnD
# serial number = C8CA0CB0B626
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n channel-width=20/40mhz-Ce country=\
    australia disabled=no distance=indoors frequency=auto installation=indoor keepalive-frames=\
    disabled mode=ap-bridge multicast-buffering=disabled multicast-helper=disabled ssid=LIBERTY \
    station-roaming=enabled wireless-protocol=802.11 wmm-support=enabled
set [ find default-name=wlan2 ] antenna-gain=0 band=5ghz-onlyac channel-width=20/40/80mhz-Ceee \
    country=australia disabled=no distance=indoors frequency=auto installation=indoor \
    keepalive-frames=disabled mode=ap-bridge multicast-buffering=disabled multicast-helper=disabled \
    ssid=LIBERTY_AC station-roaming=enabled wireless-protocol=802.11 wmm-support=enabled
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods="" group-key-update=1h mode=\
    dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=xxxxxxxxxx \
    wpa2-pre-shared-key=xxxxxxx
[admin@router01] >