I recently switched from PPSK with RADIUS (a mix of two EAP673 units and one EAP772 unit) to WPA-Enterprise (using only two EAP772 units), both configured with FreeRADIUS. While PPSK with RADIUS works perfectly, I'm encountering some issues with WPA-Enterprise.

Below is a sample Access-Accept response from FreeRADIUS. Most of the time, it correctly assigns my client devices to VLAN 53 as expected.

(11) Sent Access-Accept Id 212 from 192.168.10.225:1812 to 192.168.10.7:37370 length 191
(11)   MS-MPPE-Recv-Key = 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
(11)   MS-MPPE-Send-Key = 0xffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff
(11)   EAP-Message = 0x03aa0004
(11)   Message-Authenticator = 0x00000000000000000000000000000000
(11)   User-Name = "myuname"
(11)   Framed-MTU += 994
(11)   Tunnel-Type += VLAN
(11)   Tunnel-Medium-Type += IEEE-802
(11)   Tunnel-Private-Group-Id += "53"

I'm currently facing two issues:
 

1. Some devices fail to reconnect after successfully establishing the initial connection. After troubleshooting, I found that not every connection request is being sent to FreeRADIUS. If a request isn't sent, the connection inevitably fails.

2. After remaining on VLAN 53 (the assigned Tunnel-Private-Group-Id) for a few hours, some devices may unexpectedly revert to the default (untagged) VLAN.

Has anyone encountered similar issues or have any recommendations on how to resolve them?