Hello,
since ~1 week, i have wifi problems with my MT hap ac^2.

All devices get irregular disconnects and no device is able to reconnect to the access point any more. Ethernet connection is still possible.

I'm using Firware 6.42.2 - but I have the same issue with the latest RC version.

The first time it happened the Log showed the following messages:
Since I read about some NTP issues, I switched to a different NTP server. The unicast key problem seems to be gone since then.
With my hap lite, i didn't have any issues like that for more than 2 years.

However, the group key exchange remains.
Update interval is 5 minutes. Using WPA with AES. WPA Passwort consists of letters and numbers only.

A group update interval of 5 minutes is rather low. What happens if you set it to an hour?

Hey!
I made the changes you suggested. Exact 25 hours after I made the changes and restarted the router, all clients disconnect again and can't reconnect.

Any more ideas?

Do you have any Virtual AP interface binded to any physical interface ?

yes i do - i have a virtual AP on 2.4 ghz which is used for the guest network

I checked my other devices, I see the same problem on a hap lite, cap ac and the already mentioned hap ac^2.

The following firmwares were tested on all of those devices so far:
- 6.40.8
- 6.42.2
- 6.42.3

Does this problem happens also on the RouterOS v6.43rc version?
It happens on both 2.4ghz and 5ghz wifi?
Only disable/enable helps?
Could you make support output file at that time and send it to support@mikrotik.com

Since i have these issues, i tried out every new RC version. It didn't help.

Enabling/Disabling helps, but not always. When i couldn't reconnect at all any more i just switched between firmwares to get it going again.

Support output file was sent to support last week. I'm waiting for a response.

I am unsure if it happens only on 2.4ghz or also on 5ghz. I will check and provide this information in 2-3 days, when I am at home again.


I also noticed group exchange timeouts on an hap lite, after updating it. Before, i didn't have any kind of such messages in the log.

6 days ago they just asked me if i already tried out the RC versions, which was already mentioned in the ticket itself.

since that time, i didn't get any response from the support.

Hello,

Thank you for writing to MikroTik Support.
This is an automated reply.

We will try to help you as soon as possible (reply might take up to 3 business days).

3 business days....

Every day I am getting more and more fed up with MT. The last 2 months were a pain. Let's see how long my patience will last.

Hello, we replied to your ticket within three business days stating a question about whether the issue is still relevant in the latest RC version at the time, but never got back a reply from you. Since 6.42.2 there have been quite a few improvements for hAP ac^2 and we hope that your issue is fixed within these releases. If it is not, please reply to the ticket you submitted.

I answered two times on the ticket:
- 1st time: 25.05.2018 at 11:54

Hello,
it does not appear on 6.41.4 or 60.40.8.

However, running the 60.40.8 isn't a real alternative to me, since the wireless performance of the device isn't as good as with the current or RC firmware.

Regards

- 2nd time: 28.05.2018 at 19:20

Hello,
after some more testing, i have to correct myself:

The issue appears on the following firmware Versions: 6.40.8, 6.42.2, 6.42.3.

More testing is going on here, on multiple devices.


Did you already make investigations in my support file?

Regards

I didn't get any error message from the mailservers or your ticket system. Messages to other people also arrived. So I assume they got delivered successfully.

I have reported the same issue on other thread. But I can add here that I have same issues on cAP ac as well. My firmware is 6.42.3. The WiFi will drop and if you check the log, it was “ group key timeout”. And my iPhone goes to LTE until you notice it. It won’t automatically reconnect to WiFi until you manually do it.

Hello, we replied to your ticket within three business days stating a question about whether the issue is still relevant in the latest RC version at the time, but never got back a reply from you. Since 6.42.2 there have been quite a few improvements for hAP ac^2 and we hope that your issue is fixed within these releases. If it is not, please reply to the ticket you submitted.

I just dropped a reminder by Email two minutes ago, that I still didn't get any response 1.5 weeks after the last message.

If my messages really don't appear in your ticket system, something is wrong with it. However, I don't believe that you didn't receive the Emails. I feel that's how Mikrotik support looks like these days. I expected something else. Won't buy any products any more, irregardless of how this issue will be solved or not solved from now on. Maybe even leaving some warnings for potential future customers on Amazon etc.

Thats's a message I received from support:

i see that this device is passing VLANs through, what is the lease time on DHCP server?
Does disconnects happen on intervals at half of lease time?
Can You increase it for a test?

My lease time was 3 days. I increased it to 5 days and didn't see any improvement.
brg3466, can you test this as well and share your experience?

Disconnects do not happen on a reproducable intervall - that means a NO to question no. 2 of the support.

it seams that I have the same isue:
Time Jun/07/2018 22:50:36
Buffer memory
Topics
wireless
info
Message 5C:CF:7F:B1:44:7C@wlan1: disconnected, group key exchange timeout

any help?

I used to have lease time for 5 minutes and later I changed to 1hr, but no improvement on the disconnection issues. I changed to 1 day the other day but the disconnection still happened.
My firmware is 6.42.3. My wireless setting is very simple , CCR1009 + 3 cAP ac and the CAPsMAN is on CCR1009. I tried to make static address on dhcp server for my apple stuff, iphone, ipad, etc , but it doesn't work. From time to time, the iphone lost connection due to the " group key exchange timeout" and couldn't connect to wifi automatically, I need to do it manually.

After I changed the DHCP Lease Time and told them that this did not have any positive or negative effect at all, they wrote me a new Email few hours ago.

They ask now if i collected some more information which would help them to understand the problem. Unfortunately I am not able to deliver more information, since I have absolutely no clue where else to look at. I already did change every potential relevant setting I can imagine.

They also didn't loose a single word about the support file I send them. It would be really nice to know if they find any "bad" setting in there. That's what I asked them now.

I don't have the feeling they even had a look at the file I send to them. All these one line responses just give me the feeling they just write back to me, to have an update in the ticket...

Let's see what there answer regarding my support file will be. They had enough time to look at it, to take that into account. I'm doing well with 6.41.4 now on my devices. All up-to-date versions of current / RC / bugfix channels are pure cancer when i have them on my devices.

What is your group key update time interval? What happens when you change it to 1hour?
Oh. You already did it...it helps to me always...
I have no other idea.

@Kerbia. do you get stable wifi under 6.41.4 ? If so, I probably want to switch back as well. The drop of Wifi due to this 'groupkey timeout" really bothered me. Hope that Mikrotik can do something about it and fix it.

Yeah, 6.41.4 runs stable for me. However, there is still the kinda weak throughput with this firmware. But at least it is quite stable.



Ping: Lenovo Y510 Notebook --> Mikrotik hap ac ^2 (6.42.3) With 6.41.4 Firmware I have no timeouts, and the ping is between <1 and 1 ms.

Everything can be reproduced on cap ac.

Also: I believe more and more and this happens only at 2.4ghz.

@brg3466, Did you see any disconnects / group exchange timeouts on 5ghz?
Also: What wireless protocoll is selected in your settings? - Is it "any"?

Small impression of the router log, while having a phone connected (or disconnected!).

Having fun in the last 6 minutes: