I have an issue at a site which has ~60 IoT devices which are required to be on 24/7. The network has a total of 11 Meraki MR56s (FW version: MR27.5.1), and the network the IoT devices are connected to uses WPA2-PSK authentication. I have about 10 of these 60 devices which either can't connect at all, or connect for only a few minutes a day. The issue seems to be that the client IoT device successfully associates, then tries to authenticate but the authentication times out after 10 seconds (and says 'wlan0: Request to deauthenticate .... reason=3 state=ASSOCIATED'). Additionally, the client device hops around trying to connect to different APs, some which are quite far away. I've verified that passwords and everything are correct.
We've tried a 5GHz only network, 2.4 GHz only network, replacing devices, setting static IPs, increasing the device DNS resolution timeout (which after further investigation I don't think was relevant). blacklisting certain BSSIDs (which isn't a practical long-term solution), disabling load-balancing, band-steering, and traffic shaping. Bandwidth minimums are on to prevent 802.11b devices, and client device packet captures don't indicate anything unusual that I can see (but I'm not an expert at understanding packet capture data).
Anyone have any suggestions about how to either pinpoint why authentication is failing or improve performance?
It sounds like you have done an awful lot of troubleshooting already which is good. I would contact support and ask if they can have a look at your logs as support are able to view logs in a debug fashion as opposed to the informative view end users receive.
Meraki CMNO, Ruckus WISE, Sonicwall CSSA, Allied Telesis CASE & CAI
Thanks! Do you happen to know if Meraki support would be able to tell whether or not the AP sent an acknowledgement of the client's authentication request? I think this is the piece I'm missing but unfortunately I'm not the person that deals with Meraki support so I just want to make sure I'm clear on what I'm looking for.