Regarding Wifi Wave2 drivers and setting them up, could someone share must-have/best practice settings, especially for the security module?

My current setup is a pair of Audience, running 7.2rc5 with Wave2 drivers.
I had no issues setting up the Configuration & Channel module, however I'm not sure what is considered an ok config for the security tab.
Currently, my setup is this:
- authentication types: WPA2 PSK , WPA3 PSK
- encryption: CCMP. CCMP 256
- passphrase
- disable PMKID
- WPS: disable
and.. that's all.

Should I have anything else checked? Or changed in my current config?
With the current config, there's only one device that won't connect unless unchecking WPA3, a Oneplus9 (key handshake failure).
Should I add something to the above config? Or just give up on using WPA3?

Thanks, mkx.
I've added both gcmps and now Oneplus randomly connects - which is an improvement from not connecting at all.
Probably something in Oxygen OS doesn't like Mikrotik's approach to WPA3.

Try to add gcmp and gcmp-256 to the encryption list.

I've added both gcmps [...]

...ehhrmm...how did you actually do that? I can only select one item out of the possible list in the group encryption entry under the security tab.

meeeh..yes, the encryption segment is per default hidden in webfig and winbox...no wonder, I didn't see it with my old eyes...I am balding fast

How should interpret the fact that, if I make no settings under the encryption area of the Security settings tab of Wireless, 2 devices that previously had problems now connect without any issues?
Basically CCMP/CCMP256/GCMP/GCMP256 are no longer checked, while WPA2PSK/WPA3PSK are still checked.. and this solved the issue.

Is this safe to keep like this?

Best practice............. put it on a shelf, and wait for maturity of software.

...better practice....try it out, go through the dungeons of configurations without the ability to use capsman....once you are there, keep it and never look back...maybe software will evolve over time.

I would not trade my hap-ac3 units anymore...definitely, they are not on a shelve...my cap-ac and wap-ac are.

...better practice....try it out, go through the dungeons of configurations without the ability to use capsman....once you are there, keep it and never look back...maybe software will evolve over time.

I would not trade my hap-ac3 units anymore...definitely, they are not on a shelve...my cap-ac and wap-ac are.

I will wait for next Gen WIFI, I much prefer the performance as per my other business access points, but prefer having that tech with RoS flexibility.

...the point is, hence the reference to putting in on a shelve: if you already own one, then do use it. ...if you are looking for better performance but start with new hardware....go elsewhere or wait.

As a home user with a relatively simple network, I'm quite ok with Audience running 7.x. To be honest, even with Mikrotik proprietary drivers, wireless performance feels significantly better than it was before. So I'm not considering shelfing them.. yet

Got it, and yes I still use one capac, didnt replace them all with other products. The others are gathering dust.