I have been bring them back after couple hours of multiple different trying. but didn't recall which one is the correct solution.
but there is another question arise:
I have two ssid(jike-2.4G and jike-5G) using the same auth method: ppsk cloud.
user could authenticated successfully on jike-2.4G, but failed on jike-5G.
here is the jike-5G ssid authentication result of `_debug auth all`
405b:d84b:8a69 is my device mac
------
2021-10-20 08:46:56 warn last message repeated 5 times
2021-10-20 08:46:54 warn ah_dcd: wifi: [CLT_CAPS]Invalid frame 0: Unknown IE(70)
2021-10-20 08:46:53 info ah_cli: security: admin:<show log buffered>
2021-10-20 08:46:52 warn ah_dcd: wifi: [CLT_CAPS]Invalid frame 0: Unknown IE(70)
2021-10-20 08:46:52 debug ah_auth: [auth_info]: WPA: Use EAPOL-Key timeout of 4000 ms (retry counter 3)
2021-10-20 08:46:52 debug ah_auth: [auth_info]: broadcom_send_eapol: drv->sock_xmit p 0x12ad40, status 113, eth->h_source 9c5d:1249:1624
2021-10-20 08:46:52 debug ah_auth: [auth_info]: broadcom_send_eapol: drv->sock_xmit p 0x12ad40, status 113, eth->h_dest 405b:d84b:8a69
2021-10-20 08:46:52 debug ah_auth: [auth_dump]: 00 00 00 00 00 00 00 00 00 00 00 00 00
2021-10-20 08:46:52 debug ah_auth: [auth_dump]: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2021-10-20 08:46:52 debug ah_auth: [auth_dump]: 9e a2 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
2021-10-20 08:46:52 debug ah_auth: [auth_dump]: e0 72 12 7a 74 89 fc ce fe 91 67 d1 b4 ce a2 1d e9 6c 0c e2
2021-10-20 08:46:52 debug ah_auth: [auth_dump]: 8a 00 10 00 00 00 00 00 00 00 03 10 d7 49 fe a4 50 9a 9d 6a
2021-10-20 08:46:52 debug ah_auth: [auth_dump]: 40 5b d8 4b 8a 69 9c 5d 12 49 16 24 88 8e 01 03 00 5f 02 00
2021-10-20 08:46:52 debug ah_auth: [auth_dump]: driver TX EAPOL - hexdump(len=113):
2021-10-20 08:46:52 debug ah_auth: [auth_info]: broadcom_send_eapol: addr 405b:d84b:8a69
2021-10-20 08:46:52 debug ah_auth: [auth_info]: WPA: Send EAPOL(version=2 secure=0 mic=0 ack=1 install=0 pairwise=1 kde_len=0 keyidx=0 encr=0)
2021-10-20 08:46:52 debug ah_auth: [auth_info]: sending 1/4 msg of 4-Way Handshake
2021-10-20 08:46:52 debug ah_auth: [auth_fsm]: WPA: 405b:d84b:8a69 WPA_PTK entering state PTKSTART
2021-10-20 08:46:52 info ah_auth: aaa: STA(405b:d84b:8a69) at 9c5d:1249:1624(wifi1.1, jike-5G) EAPOL-Key timeout, wpa_ptk_state=8[WPA_PTK_PTKCALCNEGOTIATING]
2021-10-20 08:46:50 warn last message repeated 5 times
2021-10-20 08:46:49 warn ah_dcd: wifi: [CLT_CAPS]Invalid frame 0: Unknown IE(70)
2021-10-20 08:46:48 debug ah_auth: [auth_info]: Thread(0xb2363460) is go to sleep, number of current waiting threads is 5.
2021-10-20 08:46:48 debug ah_auth: [auth_basic]: STA(405b:d84b:8a69) is authenticating
2021-10-20 08:46:48 warn ah_auth: aaa: ah_wpa_external_ppsk_req: request pmk for 405b:d84b:8a69 failed, reason: RADIUS server rejected this user
2021-10-20 08:46:48 info ah_auth: aaa: radclient: Radius server 192.168.9.249 rejected the user 40-5B-D8-4B-8A-69
2021-10-20 08:46:48 warn ah_auth: aaa: Access-Reject
2021-10-20 08:46:48 info ah_auth: aaa: out interface is mgt0, nas IP is mgt0 IP
2021-10-20 08:46:48 debug ah_auth: [auth_basic]: Sending PPSK request to external server for sta 405b:d84b:8a69
2021-10-20 08:46:48 debug ah_auth: [auth_info]: Thread(0xb2363460): is arised, number of current waiting threads is 4.
2021-10-20 08:46:48 debug ah_auth: [auth_info]: invalid MIC in msg 2/4 of 4-Way Handshake
----------------
HERE is the jike-2.4G ssid authentication result of `_debug auth all`
------
2021-10-20 08:56:33 debug ah_auth: [auth_info]: roaming entry (SPA=405b:d84b:8a69, AA=9c5d:1249:1614, ssid=, cache_timeout=3600, PMK=d895, UID=8, VID=0, auth-timeout=2592000, hop=0, addi_flag=14) is added/updated
2021-10-20 08:56:33 debug ah_auth: [auth_basic]: New roaming entry is added: SPA=405b:d84b:8a69
2021-10-20 08:56:33 debug ah_auth: [auth_info]: to add roaming entry: flag=local SPA=405b:d84b:8a69 AA=9c5d:1249:1614 IP=0.0.0.0 UID=8 VID=0 auth_timeout=2592000 cache_timeout=-1 age=0 hop=0
2021-10-20 08:56:33 debug ah_auth: [auth_basic]: Query PPSK success for sta 405b:d84b:8a69, username: qinkaitao@qmcc, session-timeout: 2592000, group-name: pc-cmcc-jike-jiefang
2021-10-20 08:56:33 debug ah_auth: [auth_basic]: Sending PPSK request to external server for sta 405b:d84b:8a69
2021-10-20 08:56:33 debug ah_auth: [auth_basic]: Getting PMK for STA(405b:d84b:8a69) on external server
2021-10-20 08:56:33 debug ah_auth: [auth_basic]: Search roaming-cache PMK for STA(405b:d84b:8a69)
2021-10-20 08:56:33 debug ah_auth: [auth_fsm]: WPA: 405b:d84b:8a69 WPA_PTK entering state PTKCALCNEGOTIATING
2021-10-20 08:56:33 debug ah_auth: [auth_info]: WPA: Received EAPOL-Key from 405b:d84b:8a69 key_info=0x10a type=2 key_data_length=22
2021-10-20 08:56:33 debug ah_auth: [auth_info]: IEEE 802.1X: 121 bytes from 405b:d84b:8a69
2021-10-20 08:56:33 debug ah_auth: [auth_info]: l2_packet_receive: src=405b:d84b:8a69 len=135
2021-10-20 08:56:33 debug ah_auth: [auth_info]: wifi0.1: hostapd_new_assoc_sta: reschedule ap_handle_timer timeout for 405b:d84b:8a69 (300 seconds - ap_max_inactivity)
2021-10-20 08:56:33 debug ah_auth: [auth_info]: broadcom_send_eapol: drv->sock_xmit p 0x129e48, status 113, eth->h_dest 405b:d84b:8a69
2021-10-20 08:56:33 debug ah_auth: [auth_info]: broadcom_send_eapol: addr 405b:d84b:8a69
2021-10-20 08:56:33 debug ah_auth: [auth_fsm]: WPA: 405b:d84b:8a69 WPA_PTK entering state PTKSTART
2021-10-20 08:56:33 debug ah_auth: [auth_info]: Searching a PSK for 405b:d84b:8a69 prev_psk=0x0
2021-10-20 08:56:33 debug ah_auth: [auth_info]: Searching a PSK for 405b:d84b:8a69 prev_psk=0x0
2021-10-20 08:56:33 debug ah_auth: [auth_fsm]: WPA: 405b:d84b:8a69 WPA_PTK entering state INITPSK
2021-10-20 08:56:33 debug ah_auth: [auth_fsm]: WPA: 405b:d84b:8a69 WPA_PTK entering state AUTHENTICATION2
2021-10-20 08:56:33 debug ah_auth: [auth_fsm]: WPA: 405b:d84b:8a69 WPA_PTK entering state AUTHENTICATION
2021-10-20 08:56:33 debug ah_auth: [auth_fsm]: WPA: 405b:d84b:8a69 WPA_PTK_GROUP entering state IDLE
2021-10-20 08:56:33 debug ah_auth: [auth_info]: broadcom_set_sta_authorized: Entered. addr=405b:d84b:8a69, authorized=0
2021-10-20 08:56:33 debug ah_auth: [auth_info]: broadcom_set_key: alg=0, addr=405b:d84b:8a69, key_idx=0, key_len 0, set_tx 1, drv->hapd 0x1294a8
2021-10-20 08:56:33 debug ah_auth: [auth_fsm]: WPA: 405b:d84b:8a69 WPA_PTK entering state INITIALIZE
2021-10-20 08:56:33 debug ah_auth: [auth_info]: broadcom_set_key: alg=0, addr=405b:d84b:8a69, key_idx=0, key_len 0, set_tx 1, drv->hapd 0x1294a8
2021-10-20 08:56:33 debug ah_auth: [auth_info]: Wpa key mgmt of station 405b:d84b:8a69 = 2
2021-10-20 08:56:33 debug ah_auth: [auth_info]: Number of PMKIDs provided by station 405b:d84b:8a69 = 0
2021-10-20 08:56:33 debug ah_auth: [auth_dump]: sta 405b:d84b:8a69's wpa ie version=WPA2
2021-10-20 08:56:33 info ah_dcd: wifi: [CLT_CAPS]Send 9c5d:1249:1614[405b:d84b:8a69] <ASSOC REQ> trap successfully
2021-10-20 08:56:33 debug ah_auth: [auth_info]: ap_sta_add: New STA. hapd p 0x1294a8, hapd->conf p 0x12b648, addr 405b:d84b:8a69
2021-10-20 08:56:33 info ah_auth: aaa: [Auth]: receive driver notification[0x8, WLC_E_ASSOC_IND] for Sta[405b:d84b:8a69] at Hapd[9c5d:1249:1614, wifi0.1]
2021-10-20 08:56:33 debug ah_auth: [auth_info]: broadcom_handle_event: recv WLC_E_XXX event. evt_type 8, status 0, evt_msg->datalen 91, evt_msg->ifidx 14, evt_msg->ifname wifi0.1, event_msg->addr 405b:d84b:8a69
---
any idea?