I have a 2862ac (which I upgraded to 3.9.5 from the Taiwan site in the hope of fixing this problem) and two 903s on 1.3.7.1.

Everything seems to work OK - for a while. Then after hours, or maybe a day, some devices ‘drop out’ and/or say the WPA2 password is incorrect. I’ll notice my iPhone loses its connection for example, and my Sky box. The iPhone usually reconnects if I go to wifi settings and tell it to. The sky box insists on me resetting the network and re-entering the password - annoying.

I’ve tried turning on roaming, turning off roaming, turning on the minimum RSSI value, turning that off (but the settings seem different on the 2862ac).

It used to be more stable when I had a 2862n (which can’t operate as a mesh root) and one of the 903s was the mesh root, connected to it via an ethernet cable. Besides, it was connecting at 2.4Ghz, which I didn’t understand because I have band steering turned on on all the draytek gear.

I’m really not sure what to try next. I connected one of the 903s directly to the sky box with an ethernet cable at least to stop having to redo the password on it every day or two. But my devices (mostly apple) disconnect frequently. I have various wifi power plugs and light bulbs, amazon echoes and google assistant things, and they seem a lot more stable.

This is all good practice for business setups, because until now we’ve only used 903s as regular APs, not mesh, and we are about to set up a mesh network in a pub where we can’t put wiring in because it’s a listed building.

I'm afraid that this isn't going to be much help to you but -

I have a 2926ac with which I used 3 x AP902s in AP Mode, two connected to the router by LAN cable and one with a wireless bridge between it and one of the wired AP902s.

I also have a number of IOT devices on one VLAN - plugs, echoes, CH system etc. using WPA2 PSK (Personal as it is now described). There never seemed to be any problem with these.

On the main VLAN, which I use for my iPhone and iPads, I decided to use 802.1x WPA2 as I naively imagined that it might improve "roaming" ( the facility for "Fast Roaming" being turned on) and perhaps be an additional layer of security.

The Apple devices would frequently report "incorrect password" when trying to connect to the AP902s. I also suffered badly from very slow/or not at all connections on 5GHz, to the extent that I eventually just turned it off in frustration.

Intrigued by the idea of a "mesh" when the AP903 came out I have changed to a network consisting of 4 x AP903 in a mesh with the 2926ac as the root, 3 of them wired to the 2926ac and one wireless as before. Whether it is the Drayteks or the Apple updates I don't know, but I no longer get the "incorrect password" problem. I do, however, find that the iPhone frequently fails to get its IP address when "roaming" between APs and reverts to a useless "black hole" IP address. I don't know why this is.

Several on here have asked for guidance on how the AP903s' "roaming" settings interact with the "mesh" but nobody seems to know. I'm not convinced the Draytek "mesh" behaves in the way I expected anyway - I find that if a client is connected to one AP in the "mesh" and that AP is turned off, then the client just sits there in a disconnected state - it does not "seamlessly" carry on as if nothing had happened, which is what PC Pro magazine describe in their review and what I was hoping would be the case.

Finally, if you do not need all the LAN ports on the 903s perhaps you could consider the AP1000C? That appears to have a dedicated 2nd 5GHz backhaul radio, although quite how that works with the routers that have only 1 5GHz radio I'm not sure....

Thanks for the info. I have a feeling that the software isn’t quite complete. I’m also pretty sure the problem wasn’t so great when I just used 903s and not the 2862ac as a root. I used to use have three Tenda MW6’s, which are a mesh system, and that seemed to work a bit better, except it would give me problems with wifi calling.

It seems to me that the mesh feature is an add-on that doesn’t quite integrate so well with the existing wireless features. Like - why is there a roaming option when that’s one of the reasons for having a mesh network and it should be on by default? Why don’t devices reconnect when a mesh node goes down? Why doesn’t the central point of control for all the settings that’s completely transparent?

Anthian wrote:
Then after hours, or maybe a day, some devices ‘drop out’ and/or say the WPA2 password is incorrect. ... The iPhone usually reconnects if I go to wifi settings and tell it to. The sky box insists on me resetting the network and re-entering the password - annoying.

I can't help with the iphones - other than to say that there is an option, that might help...

Draytek wrote: "Apple iOS Keep Alive:
Apple iOS Keep Alive can keep Wifi connection of iOS device by sending UDP port 5353 packets every 5 seconds."

Is it a Sky Q box? ... I noticed mine was trying to form its own 'Mesh', to talk to my (non-existent!) Sky Q 'minis'. It was blasting away on CH36 - using a full 80MHz. If not in use, you can disable it with some hidden menu jiggery-pokery - or move your Wifi network elsewhere.

He also wrote: I’ve tried turning on roaming, turning off roaming, turning on the minimum RSSI value, turning that off (but the settings seem different on the 2862ac).

I had a 'bit of a play' with roaming options...See: https://forum.draytek.co.uk/viewtopic.php?f=19&t=23919 . One thing that I did notice, is that my ancient 2860n, does not cooperate with the AP903/AP802 roaming scheme - despite being set up in the same manner.

(In general, all the roaming options do, are kick the client off - and set some sort of short-lived blacklist entry, to stop it returning. With the 'minimium RSSI option, the APs first agree with one another, that it is a "good idea". However, it is the client that decides what it's going to do next. I've seen clients booted off one AP's 5GHz SSID, only to connect to 2.4GHz on another - closely followed by the Band Steering kicking them off there, whereupon they go back to the original AP

I've stopped using Band Steering - in fact, I've taken my main SSID off 2.4GHz, having ascertained I get full 5GHz coverage everywhere I need it. (When summer returns, and I'm sat in the garden, I may regret this!)

But my devices (mostly apple) disconnect frequently. I have various wifi power plugs and light bulbs, amazon echoes and google assistant things, and they seem a lot more stable.

I'd be inclined to pin this at Apple's door...it's not something I've seen, with Windows, Android, TVs, I.O.T. devices etc.

Piste Basher wrote:
I decided to use 802.1x WPA2 as I naively imagined that it might improve "roaming" ( the facility for "Fast Roaming" being turned on) and perhaps be an additional layer of security.

Well definitely "yes" to an additional layer of security...
...I think by "Fast Roaming", it means "Not as slow as 802.1x normally is" :wink: (Because the AP doesn't have to 'transact' with the (Radius) server?)

I also suffered badly from very slow/or not at all connections on 5GHz, to the extent that I eventually just turned it off in frustration.

Has that gone away with the AP903's?

I do, however, find that the iPhone frequently fails to get its IP address when "roaming" between APs and reverts to a useless "black hole" IP address. I don't know why this is.

Timing issue maybe? As in, it gives up on DHCP, while waiting for 'fast roaming' to complete :wink:
(BTW - my "DNS firewalling" issue turns out to be Android sometimes continuing to query 8.8.8.8, despite being given local DNS server addresses...)

Several on here have asked for guidance on how the AP903s' "roaming" settings interact with the "mesh" but nobody seems to know.

But, I did an experiment to find out
(You've got to be "led by the science", you know! )

I find that if a client is connected to one AP in the "mesh" and that AP is turned off, then the client just sits there in a disconnected state - it does not "seamlessly" carry on as if nothing had happened, which is what PC Pro magazine describe in their review and what I was hoping would be the case.

Yes, well - as previously discussed - the powered-off AP is going to play no further part, and the remaining ones can't tell the orphaned client to connect to them. This - surely - is a client issue? (Assuming they're not just simply out of range of another AP?)

Has that gone away with the AP903's?

It would appear so :?

This - surely - is a client issue? (Assuming they're not just simply out of range of another AP?)

Well that's not what PC Pro appear to understand by the "mesh" operation - their "test" involved iPads streaming HD video from You Tube. On turning off the AP to which the iPads were connected they describe the result as a "seamless" switch-over to another AP in the mesh, with the video uninterrupted.

I tried this very experiment and found that the video appeared to continue streaming but stopped after a while - presumably it had been buffering. At that point I checked and found that the iPads were indeed no longer connected - although another "mesh" AP was well within range.

I greatly appreciate your persistence with the experimentation - when I wrote "nobody seems to know" I should have said that there is no official guidance from Draytek as to how these things should be configured.