This is definitely a 10.11.2 issue - I have been trying to find out if there is anything I can change on the WAP to stop the packet loss.
The past couple of weeks have been annoying, especially as I keep getting booted of a VMWare Horizon View session.
I have noticed in the WAP logs the following.
Dec 23 10:42:29.761: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 2 AES-CCMP TSC replays
Dec 23 10:42:35.761: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 2 AES-CCMP TSC replays
Dec 23 10:44:34.750: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 5 AES-CCMP TSC replays
Dec 23 10:51:29.740: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 3 AES-CCMP TSC replays
Dec 23 10:52:15.745: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 3 AES-CCMP TSC replays
Dec 23 10:58:42.732: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 1 AES-CCMP TSC replays
Dec 23 10:59:02.732: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 10 AES-CCMP TSC replays
Dec 23 10:59:10.728: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 3 AES-CCMP TSC replays
Dec 23 11:02:19.737: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 1 AES-CCMP TSC replays
Dec 23 11:02:32.731: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 1 AES-CCMP TSC replays
Dec 23 11:03:29.718: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 3 AES-CCMP TSC replays
Dec 23 11:04:45.716: %DOT11-4-CCMP_REPLAY: Client xxxx.xxxx.xxxx had 5 AES-CCMP TSC replays
From the Cisco error messages description - AES-CCMP TSC replay was indicated on a frame, hence the frame was dropped for security reasons. A replay of the AES-CCMP TSC in a received packet could be caused by an active attack or by wireless client nonconformance to the 802.11i standard.
So it would appear that Apple has broken something, and not conforming to the 802.11i standard in 10.11.2 - what they have changed I don't know but it would appear to be AES-CCMP encryption.