AP Firmware 2.2u Released!

Alta-MikeD · November 25, 2025, 10:29pm

This update provides a correction to captive portal behavior to ensure expected operation.

Resolve issues with passwordless captive portal requiring password.

This update is being rolled out now. You can manually initiate the upgrade if you’d like, or it will automatically update overnight (if auto-updates are enabled). The complete, up-to-date change log is available here:

As always, if you have questions or encounter any issues, feel free to reply here or start a new topic. Please include details about the issue so we can assist you effectively.

wifiUser · November 26, 2025, 11:30pm

How long has WPA3=required been broken?

jmszuch · November 27, 2025, 1:04am

What sort of problem is occurring? Tested from my iPhone and a Windows 11 laptop and didn’t seem to have any issue on my WPA3 SSID, for example. Windows laptop indicated it was connected using WPA3. Both PMF and WPA3 are set to required in my case.

wifiUser · November 27, 2025, 4:24am

Install new AP6. Update firmware to 2.2u. Create the first and only Wifi network with WPA3=required. Wifi network does not show up on iPhone 16 pro; it shows up on my 2020 M1 MBP, but an error occurs every time I try to connect. Change the network to WPA3=off, connection succeeds on both devices. Remove AP6, reinstall previous access point with WPA3=required wifi network, both devices immediately connect successfully.

jmszuch · November 27, 2025, 3:14pm

Hmm, I’ll check it out on my MacBook when I have a chance and see if I get an error when connecting it. Here’s how my settings look, just for reference:

ebuckland81 · November 27, 2025, 4:40pm

Could it possibly be a mismatch with the PMF setting? It should at least be set to On, or possibly also Required when WPA3 is required?!

Alta-MikeD · November 28, 2025, 5:26pm

Please double check what @jmszuch and @ebuckland81 have suggested, and let us know. I’ll reshare this here:

Just make sure to use the appropriate settings for the desired mode.

For WPA2/3 transitional mode: WPA3 = on , PMF = on  (PMF required is valid here, if you know all client STAs support it, but for broader compatibility leave to on which means optional)
For WPA3-only mode: set both WPA3 and PMF to required  (there is no other valid option for WPA3 only).

WPA3 cannot exist without PMF, it is literally part of the specification. HERE’s the PDF on the Wi-Fi Alliance site.

E.g. page 10, section 2.2, part 3, WPA3-Personal Only Mode:

The AP's BSS Configuration shall be PMF Required, i.e., AP sets MFPC to 1 and MFPR to 1 in beacons and probe responses of the BSS.

And then on page 11, 2.3, part 4, WPA3-Personal Transition Mode:

The AP shall reject an association for SAE if PMF is not negotiated for that association.

The reason it doesn’t show up on Apple and some other devices is because you have an invalid configuration, most likely PMF off.

EDIT: while some devices are tolerant of an invalid transition config, you basically just have a WPA2-AES SSID at that point, as without PMF, it will never negotiate SAE (WPA3). Linux, and some older versions of Android, and some IoT devices are what may connect (via WPA2). Even some newer Android devices like my Galaxy S24 Ultra or my Galaxy Z Fold 7 do not show invalid SSIDs (e.g. when WPA3 = on and PMF = off).

ebuckland81 · November 28, 2025, 7:05pm

without?