Community discussions

MikroTik App
 
User avatar
justinmik
just joined
Topic Author
Posts: 11
Joined: Sat Mar 04, 2023 9:53 pm

AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2

Sun Mar 05, 2023 5:53 am

I received a new hAP ax2 this week and configured it to replace my primary hAP ac2. After 10+ hours of troubleshooting, I'm getting close to having to put the ac2 back into service. :(

Most devices have connected to the ax2 without issue, but several "smart devices," including two Geeni Smart Bulbs (model BW903) and one Roomba (model 960) will not associate when using a passphrase (WPA, WPA2, WPA3 - none of them work). Two of them give a "key handshake error" and the other never shows up in the logs. Note that I have other Geeni devices that are able to connect without issue. I'm using the same exact passphrase that's been in use on the ac2 for several years. I tried all the standard wifi troubleshooting stuff - switching channels, switching to different passphrases, hiding SSIDs, rebooting things, etc.

To get things up and running with the two bulbs and one Roomba, I created a slave network without authentication, and that has worked for all the devices. This rules out distance and a few other considerations (30 feet distance, open air, line of site). I went to put some access-list rules in and it appears that's broken in 7.8, too (I commented on another topic on that one where two other people have chimed in). I had to result in some NAT rules to whitelist the MAC addresses, and yes, someone in my apartment complex is connecting to open networks - even hidden ones - so my paranoia is warranted.

Here are the configs (I've replaced some of the values with Xs):

MASTER

4 M BR default-name="wifi2" name="xxxx-wlan-2" mac-address=XX:XX:XX:2C:42:96 arp-timeout=auto radio-mac=XX:XX:8A:2C:42:96 
        configuration.mode=ap .ssid="xxxx-wlan-2" .country=United States 
        security=xxxx-wlan 


SLAVE (AUTHENTICATED)

2   BR name="xxxx-iot-1" mac-address=XX:XX:XX:2C:42:97 arp-timeout=auto master-interface=xxxx-wlan-2 
        configuration.mode=ap .ssid="xxxx-iot-1" .hide-ssid=no 
        security=iot 


SECURITY (Using an all lower UUID for the passphrase)

2   name="iot" authentication-types=wpa2-psk,wpa3-psk encryption=ccmp,gcmp,ccmp-256,gcmp-256 passphrase="80925074-xxxx-xxxx-xxxx-xxxxxxxx01f2" 


Anyone have any ideas? Mikrotik engineers: let me know if I can get you additional troubleshooting info.

Appreciate any and all assistance.

-- Justin
 
User avatar
justinmik
just joined
Topic Author
Posts: 11
Joined: Sat Mar 04, 2023 9:53 pm

Re: AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2

Sun Mar 05, 2023 6:46 am

FYI - I have submitted support cases SUP-109704 and SUP-109706 (sorry, Mikrotik engineers, for the duplicate!).
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2

Sun Mar 05, 2023 1:29 pm

A suggestion: try to set security parameters to WPA2 only ... authentication-types=wpa2-psk encryption=ccmp ... It could be that those IoT devices freak out due to seeing unknown security features offered by AP.

Another possibility would be to downgrade the 2.4GHz radio to 802.11n (chanel.band=2ghz-n). It's property of physical radio, so it unfortunately affects all APs running on same radio (master and virtual).
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2

Sun Mar 05, 2023 3:15 pm

Concur with mkx, the issue is probably not MT but how the older devices are hard coded..........
 
User avatar
justinmik
just joined
Topic Author
Posts: 11
Joined: Sat Mar 04, 2023 9:53 pm

[SOLVED] AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2  [SOLVED]

Sun Mar 05, 2023 6:45 pm

A suggestion: try to set security parameters to WPA2 only ... authentication-types=wpa2-psk encryption=ccmp ... It could be that those IoT devices freak out due to seeing unknown security features offered by AP.

Another possibility would be to downgrade the 2.4GHz radio to 802.11n (chanel.band=2ghz-n). It's property of physical radio, so it unfortunately affects all APs running on same radio (master and virtual).
SOLVED!

Thanks, @mkx! The key was to disable the CCMP 256 option in the security profile. Your tip above where you show only ccmp is what did it.

I thank you all for your help, and I hope this helps others down the road.
 
iriseth
just joined
Posts: 10
Joined: Sat Feb 18, 2023 5:21 am

Re: [SOLVED] AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2

Tue May 23, 2023 1:41 pm

A suggestion: try to set security parameters to WPA2 only ... authentication-types=wpa2-psk encryption=ccmp ... It could be that those IoT devices freak out due to seeing unknown security features offered by AP.

Another possibility would be to downgrade the 2.4GHz radio to 802.11n (chanel.band=2ghz-n). It's property of physical radio, so it unfortunately affects all APs running on same radio (master and virtual).
SOLVED!

Thanks, @mkx! The key was to disable the CCMP 256 option in the security profile. Your tip above where you show only ccmp is what did it.

I thank you all for your help, and I hope this helps others down the road.
hi, actually you referenced this to my wifiwave2 access list issue, doesn't seem this problem have anything to do with my access list issue.
 
voskamikfor
just joined
Posts: 3
Joined: Sun Apr 28, 2019 11:21 am

Re: AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2

Sat May 27, 2023 4:48 pm

Well, there will be some problem with the Mikrotik ax device on Wifi. I have a new Mikrotik hAP AX2. It replaced the previous RB952. Here everything worked correctly. After connecting the AX2, most of the devices connected to the router. But my Wi-Fi 2.4 GHz printer Samsung SL-M2070W not connected. It doesn't even see the 2.4 GHz AX network broadcast from Mikrotik. The only solution is to turn off the ax protocol on 2.4 GHz wifi. Then it connects immediately. But I think the ax should be backwards compatible and connect the printer.

so solved...
Indeed, the choice of CCMP 256 is to blame. After turning it off, it works even with the ax protocol.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2

Sun May 28, 2023 2:10 pm

But I think the ax should be backwards compatible and connect the printer.

It's not that ax is backward compatible with n or g (it's not). It's AP that supports all the legacy generations and properly announces the capability (MT devices usually do) and adjust to whatever individual clients are capable of. And it's up to clients to properly decode AP's capabilities and not freak-out when they see capabilities announced which they don't know about. Even worse is if clients implement some small subset of certain capability in some weird way and then they expect the AP to be similarly half-brewn as well.

So in this case I'm pretty sure it's the printer to blame. I understand that when one has a peculiar device which stops to work when something else changes, that device has to be made working again ... and, oh the frustration if this means setting the new device into some legacy mode. But that's life :wink:
 
holvoetn
Forum Guru
Forum Guru
Posts: 5403
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2

Sun May 28, 2023 2:13 pm

Put an AX Lite in between in station mode and connect printer via ethernet.
Some port mapping to make the device reachable from other side of AXlite.
No ?
Or simple map / lite, those still support station bridge and are pretty cheap.
 
xzc2013
just joined
Posts: 1
Joined: Mon Jul 24, 2023 4:25 am

Re: AX2/7.8: Some 2Ghz devices unable to connect to wifiwave2

Mon Jul 24, 2023 4:30 am

Thanks for sharing.

Using hAP AX2. I solved it by setting a separate security profile for 2.4Ghz and configure wireless N and WPA2-PSK. Seems that WP3-PSK is causing my older devices to not able to connect.

Who is online

Users browsing this forum: No registered users and 32 guests