This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Disconnecting every 43200 seconds in WPA3+SAE

Go to solution
jungyu_park
New Contributor III

‎10-09-2022 10:25 PM - edited ‎10-09-2022 10:27 PM

Ruckus R650, R610 Unleashed 200.12.10.105.129

 

I posted on reddit, but I also post here in the community.

Reconnection every 43200 seconds : RuckusWiFi (reddit.com)

I have already written an post before, but the related log seems to be classified as spam.

The problem seems to be that WPA3 + SAE revokes client authentication to recreate the PMK cache when it expires.

The relevant commit is on hostapd and I would like Ruckus to take a look at it.

hostap - hostapd/wpa_supplicant (w1.fi)

I have confirmed that the connection is maintained even after 12 hours on WPA2-only.

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
jungyu_park
New Contributor III
In response to Vineet_nejwala

‎11-04-2022 12:18 AM - edited ‎11-06-2022 03:40 AM

Today I found out that my Galaxy Tab s8 reconnects every 259200 seconds.
It seems that the set value is longer than other devices.

  • User[8a:1b:5c:xx:xx:xx] leave WLAN[Ruckus-Wireless-2G] at AP[R650@8c:7a:15:xx:xx:xx] with Session Time[259206.47 sec] RX Bytes[127951510] TX Bytes[22309832226]

The wpa_supplicant.conf I looked at in Samsung's firmware has that option.

update_config=1
eapol_version=1
ap_scan=1
fast_reauth=1
p2p_add_cli_chan=1
oce=1
dot11RSNAConfigPMKLifetime=259200

I still think that this reconnection is an unnecessary process, but the current problem seems to be a normal behavior according to the client's settings.

Edit: I think I misunderstood something.
That commit seem to be for wpa_supplicant, not hostapd.

Samsung uses wpa_supplicant v2.10-devel-11 on Android 11 and wpa_supplicant v2.10-devel-12 on Android 12.

PMK cache expiration postponement must be the client's action.
This problem is considered to be a client issue.

Samsung needs to update the wpa_supplicant version.

Edit2: I confirmed that the lenovo tablet also uses the "wpa_supplicant v2.10-devel-11" version. Device manufacturers will need to update wpa_supplicant to v2.10 stable version including the above commit through firmware update.

View solution in original post

7 REPLIES 7

Go to solution
Vineet_nejwala
Moderator
Moderator

‎10-11-2022 06:32 AM

Hi @jungyu_park 

Thank you for notifying this. Can you share some details, if this issue is seen on all vendor (OS) clients or specific ? Have you had chance to open a case with us to gather data and look further for a fix, if you have not can you please reach out to us on https://support.ruckuswireless.com/contact-us and we could together work on this further to commit a resolution.

Best Regards

Vineet

Go to solution
jungyu_park
New Contributor III
In response to Vineet_nejwala

‎10-11-2022 06:49 AM - edited ‎10-11-2022 07:01 AM

Hello.

In fact, there is nothing to say about the details.
If you have a Samsung Galaxy device for testing, leave it connected to the OPEN-WPA3 SSID for 12 hours. (WPA2/WPA3-Mixed in my case)

And set the Event Log Level to Any.
The default is Critical & Warning.

It happened on both the Unleashed R650 and R610, so it's probably not a very difficult test.

We've had issues with most devices on our family wifi.
Galaxy S10+, Galaxy note10, Galaxy z flip3, Galaxy tab s6 lite, Lenovo tab P11 5g.

The devices that didn't experience the issue were a windows 10 laptop and a Galaxy tab s8.

The laptop doesn't support WPA3 so it connects via WPA2 and to be honest I don't know why the Galaxy tab s8 doesn't have any issues.

One thing I do know is that the Galaxy tab s8 supports 802.11r in WPA3 while others do not.
I've referenced the relevant commit in hostapd, but it's possible that it's a wpa_supplicant issue on devices.

But anyway after I set the SSID to WPA2-only the above problem doesn't happen.

In addition, you can probably test by changing the PMK Cache Timeout option.

  • PMK Cache Timeout= 720 minutes

End users can't change this option in Unleashed, but it's probably possible in a test environment, so I think you can set it up and test it in a short time.

0 Kudos

Go to solution
Vineet_nejwala
Moderator
Moderator
In response to jungyu_park

‎10-11-2022 06:59 AM

@jungyu_park 

The additional details that you shared was related to specific client "Galaxy tab s8" not having this issue. We do test such scenario before releasing any new features hence this can be device issue too and not related to Ruckus as we have seen such incidents in past though we will try this in lab once with iOS and android clients.

Best Regards

Vineet 

0 Kudos

Go to solution
jungyu_park
New Contributor III
In response to Vineet_nejwala

‎10-11-2022 07:18 AM - edited ‎10-11-2022 07:20 AM

Before purchasing the AP, I knew that Ruckus would be difficult to get technical support without a support contract, so I'd appreciate it enough for you to run tests in your lab.

Please let me know your test results.

If necessary, I can send a debug log of the AP or client dump at the moment the connection is disconnected. However, since I do not have a support contract, I will leave the address of this post separately after opening the Administration or Hardware case, not the software case.

0 Kudos
Copyright © 2024 Khoros, LLC