Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
JensG
New Contributor II

FortiAP - Apple Devices WiFi handoff issues

Hi,

 

I have issues with iPhones, iPads and MacBooks loosing WiFi connection when moving to another room.

The devices try to keep/establish the connection and it seems they are trying to change the AP but are not able to do so. They are switching between full WiFi power and just one dot in the WiFi sign.

Manually switching off WLAN in the devices and switching it on again after a while does not help.

When I reboot the device it connects immediately and all is fine until I move into another room. 

 

Handoff is switched on, both frequency and AP.

 

I am using FortiAP 231F and 23JF and FGT60F, all first with v6.4.7 and now v7.0.3, having AP versions respectively. No difference whether v6 or v7 is used.

 

The Apple devices are newer and older ones, and different models, all with OS versions up to date (iOS 15.1.1, iPadOS 15.1, macOS 12.0.1)

 

Has someone else seen similar issues?

Any ideas?

 

Thank you,

Jens

12 REPLIES 12
jkassner
New Contributor II

Quick update...

 

Same Apple Devices, same Radio/VAP config except using WPA3 Enterprise (local Raius / FGT User ) work fine.... 

 

So there´s a flaw in the WPA3 SAE/SAE Transition on the FortiAP 231F (7.0.2)

______________________________________________________
Have you tried turning diag deb off and on again :D
JensG
New Contributor II

Today I had a session with the Fortinet engineer who is working on my ticket.

He asked me to change from WPA3 SAE Transition to WPA2 for the moment and disable PMF setting inside the SSID settings (CLI).

 

He confirmed there is a bug identified with 231F in current firmware version regarding WPA3 SAE Transition and pmf setting enabled.

 

Seems you were on the right track.

 

We verify now, whether connection stays stable for all devices. If this is proofed and they once fixes the bug, I should switch back to WPA3 Transition.

jkassner
New Contributor II

Update from my side.

 

WPA3 Enterprise (PMF mandatory) also shows the issue.

So JensG seems to be on Point with the PMF.

But it seems to be happening on WPA3, WPA3 Transition and WPA3 Enterprise.

Makes sense, because these are all using PMF (Mandatory or optional)

______________________________________________________
Have you tried turning diag deb off and on again :D