CommScope RUCKUS Community Forums

I've setup 802.1x using TLS certificates, with 802.11r (fast transition) enabled on an SSID named BaxterX. I've used two separate Radius servers, one a local freeradius implementation, the other a cloud radius solution. After noticing clients not able to connect on first attempt on both radius servers I moved on to connection troubleshooting.

I've noticed that when devices connect to WiFi for the first time they fail to respond to the first frame of the 4-way handshake. If 802.11r is not enabled this failure does not occur.

Failure of the 4-way handshake on initial connection results in a poor user experience on Android phones as a full wireless scan needs to be completed again before the client will attempt to connect to WiFi again. It also appears that roaming to a different AP will cause the issue again leading to what appears to be random disconnects on the client device.

Sometimes the timeout is short, and sometimes it is several seconds and of course any local resources are no longer accessible during this time.

I've taken screenshots of the connection flow, see here: https://drive.google.com/file/d/11Q2fSB4q-aHz4otdF1ezIK86co4JFhCN/view?usp=sharing where '4-Way Handshake - Frame 1' doesn't get a response from the client, the error is 'Reason: (code 18)Timeout expired'.

I opened a support ticket to report this as a bug, but without a support contract I'm redirected to the forums.