Hello Meraki Community,
We're seeing some issues, specifically with newer Meraki AP firmware and MacBooks it seems.
At each of our locations, we have MR44s running 30.5 firmware, configured with two SSIDs:
A guest/public WiFi network with Password selected and configured in Security, WPA2 only, 802.11r Disabled, 802.11w Disabled, no Splash Page, External DHCP server assigned, VLAN Tagging with VLAN ID of 6.
A "production" network secured with Identity PSK with RADIUS, WPA2 only, 802.11r & 802.11w both Disabled, no Splash Page, multiple RADIUS servers configured on the dashboard which are running FreeRADIUS on CentOS, no RADIUS accounting is configured, External DHCP server assigned, VLAN Tagging with VLAN ID of 2. This network is connected to, and able to access internal servers -- file shares and our accounting program.
We've been running the above configuration for over a year without issue.
We've been receiving reports of, and have been able to duplicate, issues with connecting to our production network's SSID, but it is limited to MacBooks. The macOS version does not matter, we've seen it with both Ventura (v13) and Sonoma (v14). The WiFi icon in the menu bar appears to scan and scan, but will not connect. In some instances, the user is prompted for a password. Since we, IT, setup the computer, the users do not know the password. Clicking cancel on the password prompt, the computer may or may not connect. In some instances the user is either prompted for the network's password again, or prompted to run Diagnostics. Clicking cancel again, the computer may or may not connect, but, eventually, the computer finally does connect. This behavior does not occur on our Windows computers, either 10 Pro or 11 Pro.
In our HQ office, we upgraded our MR44s to 30.6 yesterday morning after seeing it's availability and its list of bug fixes, but the issue persists.
At another nearby building, we have two MR44s in our office space, and this is the location where we first received reports of the connectivity issues I described above. Here's kicker #1: in our warehouse space of this building, there are six MR72s running 26.8.3. These APs are part of the landlord's Meraki Organization, which I have admin rights to, and are connected directly to our Meraki MS320s (yeah, yeah, I know, they're going EOL, we have a replacement plan -- focus people 😉), just like our MR44s. These MR72s have the same SSIDs with the same configurations I described above. When I take a MacBook out into the warehouse space, where I get connected to one of the older MR72s running the much older firmware, there are no issues. I'm able to bounce between the guest/public network and our production network without any issues whatsoever.
Last night, I created a new Test Network in my Meraki organization and moved one of the MR44s from our HQ network to this new network. After I setup the SSIDs with the same configuration as our other networks/locations, I downgraded the firmware on this single MR44 from 30.6 to 28.5.1 since that was the oldest version available. I did this because I didn't want to downgrade all of the APs in my HQ network.
Here's Kicker #2: using a MacBook that's connected to the MR44 running 28.5.1 in the new Test Network, I'm able to bounce between the guest/public and production networks without issue. I know I'm connected to this AP because it's directly above where I sit, and I've verified the connection of the MacBook to this particular AP in the dashboard. I even created a third, non-broadcasting SSID that only exists in the Test Network with the same settings (IPSK with RADIUS, VLAN, etc). I'm able to bounce between it, the regular production network and the guest/public network. This MacBook would struggle with the same symptoms I described above (WiFi password and Diagnostics prompts) when the AP was running 30.5 and 30.6.
So, the million dollar question(s): anyone else seeing something similar? Any suggestions?
