I'm seeing what appears to be unexpected roaming behavior on iPhone 11 devices, between two MR36's installed in a residential site.
When iPhone 11 devices connect to a different AP, the event log shows the following. In this case the iPhone moves from downstairs to upstairs:
Whereas I was expecting the following roaming behavior, like this Android device roaming from upstairs to downstairs:
iPhone 11's do not hit the PMKSA cache, where all other devices on this network (including the Android client above) do. At first I suspected 802.11ax to be the bottleneck, but disabling it does not change anything.
Do I see correctly that iPhone 11 clients in this case are not roaming as intended? If so, what would you recommended to try to fix this?
Hi @Kevin31 your settings all look correct, I would suggest opening a case with Meraki Support and get a plan in place to try tweaking certain settings, in a certain order, to gather some additional data points. I'd also suggest getting on the 27.5 firmware and confirm you get those same results with your roaming tests. Also note there is not necessarily anything wrong, as the roaming behavior is completely dependent on the client, the OS, the driver version, etc. Here's another related thread if it helps. https://community.meraki.com/t5/Wireless-LAN/Wireless-roaming-for-client-to-AP-s-not-connecting-to-c...
Thanks for your thoughts. I did some testing and double checked: the iPhone never hits the PMKSA cache. Actually it never did since installing the APs.
For the Android devices I see in the logs frequent “OKC Match” and “PMKSA Cache Match”. For the iPhone not a single instance. Each time the iPhone roams between APs, it has to authenticate against the Meraki Radius server, which seems inefficient to me and not the expected behavior.
Just to keep you updated - spoke with a support engineer who was very helpful. He could capture/witness the roaming issue from watching the logs and is going to try to replicate the issue using a testing set-up.
Meanwhile I also did some testing of my own. Fully disabling 802.11w for affected SSID (instead of 'Enabled - allow unsupported clients') seems to have solved the roaming issues. This also solved an issue where the iPhone would be unable to associate with the network when connecting to the SSID for the first time. (eventually after reconnecting many, many times, it would successfully connect)
I'm interested to see if my findings are in line with the testing results from Meraki Support Also, for security reasons I would like to be able to set 802.11w to 'Enabled - allow unsupported clients' again without it affecting roaming capabilities. Please note that per Apple's documentation: "802.11w's protected management frames (PMF) interoperate with iOS and iPadOS support for 802.11k, 802.11r, and 802.11v." (https://support.apple.com/en-us/HT202628).