Hi, I really need help here, since my boss decided he wanted a different computer than all the rest of ours, and got a brand new Surface Laptop Studio, which is having problems connecting to just our network specifically.

Some information:

• The Surface Laptop is on Windows 11 Pro, latest version

• The wireless card for the laptop is an Intel Wi-Fi 6 AX200 160MHz, and up to date

• We use a Cisco Embedded Wireless LAN Controller on Catalyst access points.

• The network authentication for our WLAN is set to WPA + WPA2, with AES(CCMP128) encryption and PSK-SHA256 for authentication key management.

• The APs are ax capable, and have 5GHz and 2.4GHz networks, with the vast majority of our devices using the 5

• All the rest of our computers as well as various phones/tablets can join the office WiFi networks with no problem.

• His Surface Laptop could connect to most other networks from what I can see, including a basic home router and my wireless iPhone hotspot

• It just has a problem with our office network. When attempting to connect, all we get is the generic and unhelpful "Can't connect to this network", with no other options or troubleshooting prompts

• If I try to go to Control Panel > Network and Sharing Center > Set Up a Connection or Network > Manually connect to a wireless network, and input the correct information, with the correct security type, it just stays stuck on connecting and shows "Attempting to authenticate", but can't go past that. So clearly it's some authentication issue. Changing the network type to b/g or ac or whatnot on the adapter makes no difference, as expected.

• As a test, I also tried temporarily setting our network to no/open authentication, and his Surface was able to successfully join the network

• And yes, I've uninstalled/reinstalled the driver, rebooted, updated, etc.

• Hardwired ethernet connection also works fine

I posted this in Microsoft forums and they say the problem is most likely on the Cisco end, although it is unusual that all of our other Dell laptops and other devices have no problem connecting. They say there are other problems with the AX200 and Cisco gear, and it may be similar to this issue: https://community.cisco.com/t5/wireless/unable-to-connect-ssid-with-wpa2-authentication/td-p/4577593

I'm seeing that some people said that Fast Transition on the wireless network is the culprit, but that has always been disabled on our controller, so I'm not sure what it is:

I can't seem to get good logs for this either, in my syslog or locally. If I specify the mac address of the problematic Surface's Wifi card, I don't get anything, because it never completes the authentication.

The only command that seemed to give me some relevant output was 'show wireless stats client delete reasons | ex 0' after trying to connect from the device a few times.

Any advice for this situation to at least get more info on it? Has anyone seen this issue before?