Disable Group Key Interval.
Your router model looks like this example where it is enabled by default in the Asus Routers.
https://demoui.asus.com/Advanced_Wireless_Content.asp
Post
Replies
Boosts
Views
Activity
More research information about having to turn WiFi off and On.
I am having no more issues after disabling the WiFi Group Key Interval on my Router.
However, others are now providing additional information from their wireless router debug logs to indicate their apple devices are generating error logs in their WiFi Router at the configured Interval.
The recorded error is this:
WPA: received EAPOL-Key with invalid MIC
This is an error from the wireless router that is generated by the client (apple device).
It appears that turning off the Group Key Interval is a work around to prevent clients from trying to rekey the encryption which avoids these types of errors with apple devices.
To prove this issue with IOS 14, I conducted another experiment.
My WiFi Router supports 4 virtual access points.
I disabled the Group Key Interval on one of the four virtual access points.
I reduced the Group Key Interval on the other three virtual access points to either 10 or 15 minutes.
IOS 14 connected to the same WiFi router on virtual access point one with disabled group key interval never has any more WiFi issues.
The IOS 14 devices connected to the same exact WiFi router on any of the virtual access points with a reduced group key interval have the WiFi problem way more often.
The WiFi problems with the IOS 14 devices on any access point with Group Key Interval enabled continue to have problems while IOS 14 devices on virtual access points with Group Key Interval disabled work exactly as expected.
When Group Key Interval disabled, set to zero, or Max Time, the IOS 14 devices never have any more WiFi Issues.
This experiment was done on the same wireless router using 4 different virtual access points to prove a point.
During these research experiments, none of the other wireless devices, laptops, computers, etc, had any WiFi issues regardless of changing these settings to on or off, high or low. It only affected apple IOS 14 devices.
It has been a week and no issues after disabling WPA Key Regeneration timing interval This was entirely the cause of the WiFi issues.
If you are having problems with your iphone finding your Wifi, that is a totally different issue. You either have a bad wifi router, or the other most common problem, wifi frequency conflict. Relocate your router to the center of your home so that you have better signal strength throughout your home. Otherwise if you and your neighbor have the wifi routers on the same side of the house and they are on conflicting frequency channel, they will both be competing and the phone can’t distinguish them apart. Think of it like this, frequencies are either different or the same. If they are the same, they take turns sharing, if you neighbor is on the same frequency, and your wifi access points are to close, the sharing part is more difficult to do because of the signal strength being to strong and to close. Move them further apart. It does wonders.
It has been several days since I have had any wireless issues.
First, yes IOS 14 now includes a private WiFi MAC address feature. So if you are filtering by MAC, resolve that issue first. Then if you are like many others still having issues, read the rest of my post.
Turning the WiFi off and on, was the original symptom.
WPA Key Regeneration timing interval was entirely the cause of the WiFi issues.
It also appears some new wireless routers have this feature disabled / not checked / zero or max by default now.
Since basically disabling the above feature on my WiFi router, I have had no more issues and it cost me nothing to login to the WiFi router and turn the feature off.
I am sure some big company could just sell you another new wireless router that fixes all these problems simply by turning off the same common feature by default to be more compatible with all the iPhones and iPads. $$$
For those of you who tried switching back to WEP security, the reason it worked, WEP security keys were static and there was no random number generator that rotates the security keys.
WPA2 now negotiates the pre shared key and then generates another random secret key to continue talking. The first negotiation seems to work just fine. After that, the group key regeneration timing value set by the wireless router starts to cycle and rotates the keys and that is when you will notice problems with your IOS 14 devices.
Disable the group key regeneration interval and the problem goes away.
Now on to the bigger question, why has this not been addressed in the IOS 14 WiFi drivers? Is it a compatibility issue with older wifi routers or do Apple products not support this feature? (Group Key Interval)
Does anyone know what the default value is on the new Apple Airport Express / Extreme wireless base stations?
Some more research about:
WiFi Group Key Interval, or Key Regeneration
The default interval in seconds is oddly different for many Wireless Router manufacturers.
Many default to:
3600 seconds (1 hour)
1800 seconds (30 minutes)
86400 seconds (24 hours)
0 seconds (not enabled)
and sometimes
Key Regeneration not enabled by default
After reading through many manufacturers websites, manuals, forums, etc
They all suggested disabling Group Key Regeneration to prevent issues with all apple products including iphones, ipads, and mac books.
Some routers have a check box to uncheck.
Other routers have either a minimum or maximum key interval value.
Setting that value to zero or the max may also disable the key regeneration interval on some wireless routers or wifi access points.
No more turn off and turn on WiFi anymore …. :)
I strongly believe the IOS 14 WiFi problem is being caused by WPA 2 Key Regeneration cycle timing issue.
Today I changed my WiFi Router’s WPA 2 Key Regeneration from the default value of 3600 seconds to the max allowable value of 36000 seconds (10 Hours).
Today, I have not had any issues with my iPhone’s WiFi being connected or communicating. For the first time since updating my iPhone to IOS 14, it has worked exactly as expected.
I am not joking around when I say that as of all day today May 22nd, 2021, I never had to turn my WiFi off and on during any part of the day.
Yesterday I experimented with a shorter Key Regeneration timing value below the default of 3600 to only 900. That caused the problem to get much worse on my IOS 14 iPhone. However all my other computers / devices on WiFi still worked as expected.
For everyone:
When Encryption Keys on both ends don’t match, the end result is that WiFi can show that it is connected, but it will never send or receive any data due to a encryption / decryption failure!
The first wifi encryption key negotiation happens during the initial wifi connection. After that, the wifi connection is maintained by the encryption key regeneration timing cycle value which is configured on your WiFi router.
This totally explains why if we turn WiFi off and on, it reconnects and works until the next time.
Again, I only have this issue with IOS 14 devices.
I have no idea what the IOS 14 default is or what the compatibility is for supporting a router’s Key Regeneration minimums or maximums.
I believe more people should try and confirm that changing the Key Regeneration value on their WiFi routers fixes all these IOS 14 WiFi issues.
Also, please note that I believe that changing the Key Generation timing to a higher value than the router’s default is very much less secure. This may give a snoop more time to listen with a recently captured key set.
Hopefully a new IOS update can be created to properly work with WiFi Routers that frequently regenerate the encryption keys.
iPhone 12 Pro Max Software Version 14.4.2 Modem Fimrware 1.42.03 has intermittent WiFi. Constantly have to turn WiFi "Off and On" for every iPhone we have that is version 13 or higher. There are zero problems with any other WiFi devices such as all the other popular brand phones, game consoles, computers, laptops, iPads and iPhones running IOS 9, or anything else. This is a nightmare, and I am very upset that this problem has not been identified and corrected with the latest software updates. I just completed some testing. iPhone Wifi shows connected, later after being home, no internet at some random time later as usaual. I was unable to ping the gateway / router from iPhone while using Joe's network utility. Zero packets can be captured from a live packet sniff from the router's interface when attempting to ping from the iPhone to the router's gateway IP when this occurs. However, I just noticed that if I "Turn Off" the Personal Hot Spot on the iPhone, WOW I am immediately able to access the internet as well as ping and then everything is working again as usual until the next time. There is also zero delay after disabling Personal Hot Spot and starting any network communication ping tests and the Safari browser on the iPhone was working as soon as the Personal Hot Spot is turned off on the iphone. I believe this issue is being caused by specifically due to wireless encryption keys no longer matching on both ends. Turning off and on the WiFi causes it to rekey the encryption. Also, another test I did with Joe's network utility which had some very odd results. Ping tested the network with a broadcast packet when unable to ping the gateway / router. I was getting a reply but only from the iPhone's DHCP IP obtained via DHCP on WiFi. That indicates the iPhone only detected it's own IP even though it was WiFi connected. Makes sense, because to talk to the local iPhone IP, it doesn't have to encrypt any of the wireless packets destined for the onboard wireless card! A packet sniff from the router's LAN interface on the network detected nothing from the iPhone, basically indicating that nothing was properly encrypted / keyed to match the access point, so nothing was received. Anytime I have ever seen this in the past when troubleshooting wireless issues is when there are no communication due to LACK of WIRELESS ENCRYPTION MATCHING ON BOTH ENDS! In the old days, you used to be able to manually type in the static encryption keys on both ends, Access Point and Wireless Client. Not matching these keys would result in NO PACKETS SENT or RECEIVED due to lack of matching encryption. After turning off the Personal Hot Spot on the iPhone, the same ping test with a broadcast packet, example pinging 192.168.0.255 returned ping results from all the other IP addresses on the network as expected. I suspect as soon as I turn off the Personal Hot Spot that the wireless encryption is immediately re-keyed to match both on both ends. This same type of scenario used to happen back in the days if you manually typed in your IPSEC security keys on both sides of a VPN and they did not match the expected value on both sides, basically making it impossible to decrypt the received data on both sides. I suspect that we could easily prove this issue by simply #1 changing the wireless access point's setup for Key Renewal to ZERO seconds. This basically disables the key from changing after initial connection. That is not something I recommend for anything but temporarily testing / identifying the problem. Leaving Key Renewal disabled would allow someone to easily sniff and attack the wireless. However if the original disconnect problem goes away after changing the key renewal, this would clearly indicate that the problem is related to not Renewing the Keys so they are the same on both sides. Since I only have this problem on Apple Devices running version 13 and 14, I suspect a software encryption / decryption matching issue with the WiFi drivers, etc. This could be a Key Renewal Calculation error or possibly a missed key exchange due to being out of wireless range. However, in my experience this isn't a range issue, but is more of a mismatch that isn't detected by the wireless driver to trigger another re-connection. To me, this is like there is no WiFi setting on the iPhone for Roaming Agressiveness, and somehow it holds on to the same WiFi connection regardless of if it is able to accurately encrypt the data with the correct matching keys.