Hi comunnity,

I'm facing some connectivity issues when trying to connect iPhone 6 running any iOS 12.4.x release.

They all get stuck after receiving 4-way handshake M1 and after many retries, the controlelr delete the session. See below RA output:

{wncd_x_R0-0}{1}: [auth-mgr] [25343]: (info): [aabb.ccdd.eeff:capwap_90000013] Authc success from Dot1X, Auth event success
{wncd_x_R0-0}{1}: [auth-mgr] [25343]: (info): [aabb.ccdd.eeff:capwap_90000013] auth mgr attr change notification is received for attr (450)
{wncd_x_R0-0}{1}: [auth-mgr] [25343]: (info): [aabb.ccdd.eeff:capwap_90000013] Received User-Name Username for client aabb.ccdd.eeff
{wncd_x_R0-0}{1}: [client-auth] [25343]: (note): MAC: aabb.ccdd.eeff L2 Authentication Key Exchange Start. Resolved VLAN: 1, Audit Session id: 7808080A000001D5065F3D9B
{wncd_x_R0-0}{1}: [mm-client] [25343]: (debug): MAC: 0000.0000.0000 Sending pmk_update of XID (0) to (MobilityD[0])
{wncd_x_R0-0}{1}: [client-auth] [25343]: (info): MAC: aabb.ccdd.eeff Client auth-interface state transition: S_AUTHIF_DOT1XAUTH_PENDING -> S_AUTHIF_DOT1XAUTH_KEY_XCHNG_PENDING
{wncd_x_R0-0}{1}: [client-keymgmt] [25343]: (info): MAC: aabb.ccdd.eeff EAP key M1 Sent successfully
{wncd_x_R0-0}{1}: [client-keymgmt] [25343]: (info): MAC: aabb.ccdd.eeff Client key-mgmt state transition: S_INITPMK -> S_PTK_START
{wncd_x_R0-0}{1}: [client-keymgmt] [25343]: (info): MAC: aabb.ccdd.eeff Keymgmt: resend eapol key m1. Retrasmitting EAP key packet M1
{wncd_x_R0-0}{1}: [client-keymgmt] [25343]: (info): MAC: aabb.ccdd.eeff Client key-mgmt state transition: S_PTK_START -> S_PTK_START
{wncd_x_R0-0}{1}: [client-keymgmt] [25343]: (info): MAC: aabb.ccdd.eeff Keymgmt: resend eapol key m1. Retrasmitting EAP key packet M1
{wncd_x_R0-0}{1}: [client-keymgmt] [25343]: (info): MAC: aabb.ccdd.eeff Client key-mgmt state transition: S_PTK_START -> S_PTK_START
{wncd_x_R0-0}{1}: [client-keymgmt] [25343]: (ERR): MAC: aabb.ccdd.eeff Keymgmt: Failed to eapol key m1 retransmit failure. Max retries for M1 over
{wncd_x_R0-0}{1}: [client-keymgmt] [25343]: (info): MAC: aabb.ccdd.eeff Keymgmt: eapol key failure. Sending client key exchange failure to auth fsm,reason code: 15
{wncd_x_R0-0}{1}: [client-keymgmt] [25343]: (info): MAC: aabb.ccdd.eeff Client key-mgmt state transition: S_PTK_START -> S_KEYMGMT_CLIENT_DELETE
{wncd_x_R0-0}{1}: [client-auth] [25343]: (info): MAC: aabb.ccdd.eeff Client auth-interface state transition: S_AUTHIF_DOT1XAUTH_KEY_XCHNG_PENDING -> S_WAIT_FOR_CO_DELETE
{wncd_x_R0-0}{1}: [client-orch-sm] [25343]: (info): MAC: aabb.ccdd.eeff Deleting the client, reason: 15, CO_CLIENT_DELETE_REASON_KEY_XCHNG_TIMEOUT, Client state S_CO_L2_AUTH_IN_PROGRESS
{wncd_x_R0-0}{1}: [client-orch-sm] [25343]: (note): MAC: aabb.ccdd.eeff Client delete initiated. Reason: CO_CLIENT_DELETE_REASON_KEY_XCHNG_TIMEOUT, fsm-state transition 00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|00|01|07|13|1a|23|

Conditions:

Cisco WLAN running either 16.121.2s or 17.3.1

iPhone 6 running from 12.4.5 to 12.4.8

SSID config #1: dot1X WPA/WPA2 with SHA1+SHA256 + Disabled FT

SSID config #2: dot1X WPA/WPA2 with SHA1 + Disabled FT

SSID config #3: dot1X WPA/WPA2 with SHA256 + Disabled FT

SSID config #4: dot1X WPA2/WPA3 with SHA1+SHA256 + Disabled FT

Anyone experiencing same issue?

Regards