Hi
I was wondering about the PMF advanced setting for SSID can either be toggled on or off. anyone knows if “on” still allows legacy devices that not necessarily supports PMF to connect and works as an “if capable” setting or if its more like if on it’s “required”? 
best regards Victor
@Victor197 Yes, a PMF setting of On makes it Optional.
great thanks
If this is optional, why is it when I have this on, all my Google speakers can’t connect to wifi, and my Nintendo switch can’t connect to the wifi?
The moment I switch it off, they connect
@Wirepower84 There are many devices that do not handle the optional PMF negotiation correctly, which is why we recommend disabling PMF if you have those types of devices on your network (or you can create a separate SSID just for those devices, etc.)
The PMF setting “on/off” is a little confusion as it is today,
On means different things depending on WPA3 setting.
I had to use wireshark and look at beacon frames to see this, when trying to troubleshoot why my laptop did not work with WPA3 set to off 
And, you’ve found a problem that I experienced just today. PMF, in previous experience is normally optional but enabling this on a WPA2 network broke things pretty badly.
It would be good if there were an option to make it Optional or Enforced like other products out there
I can confirm it as well. My IoT devices (e.g. Shelly WiFi) are on a WiFi SSID with WPA3=Off, and I lost connection to them when setting PMF=On.
Alta, please update with drop-down menu for Off, Enabled (Forced), Optional, and/or update help pop-ups to make the configuration options for PMF more clear.
Lightning fast implementation from my previous post. But, I guess you were already testing it out by that time 
Anyways, the following seems to have solved the issue of Required vs. Optional for IoT devices on SSID with WPA2 (using “On”).