My ancient TV isn’t smart so I use an Android TV box to allow me to watch iPlayer, ITVX etc. My old box was based on ancient Android 7 and some recent apps were refusing to work. So I’ve just bought a (cheap) Android TV box based on the Rockwell RK3528 SOC.
However, it wouldn’t connect to my hAP ax2 Wi-Fi. It sees the network but won’t connect. Having been here before and got the t-shirt, I immediately suspected either AX or security. My private network has WPA2 PSK & WPA3 PSK authentication. The guest network has WPA PSK & WPA2 PSK. It wouldn’t connect to either. If I turned security off and made it an open network, it connected. I finally narrowed it down to have WPA PSK and WPA2 PSK enabled. I set-up a separate virtual network just using WPA PSK and this works fine. I’m not overly worried about security - it’s only used by this TV box and I suspect I can hide it once things have settled down.
But I guess my question is any idea why it can’t connect to an interface when both security protocols are enabled? I thought the idea was that if a device could only connect to WPA-PSK, then it would ignore WPA2-PSK?
However, I suspect this chipset can use WPA2-PSK - after all it’s relatively recent. So the problem could be connecting using the RouterOS implementation of WPA2-PSK?
PS. This chipset is used on quite a few single board computers but I guess the OS/device drivers running on them make a big difference.
What is the point of running WPA2 and WPA3 on same network at same time? It doesn’t matter that there are some clients connected over WPA3 when there is WPA2 still available. Security of your network is always the lowest one = WPA2.
Just adjust that to WPA and WPA2, idea is same..
And side note: it doesn’t have to be issue with auth type but encryption, e.g. TKIP vs CCMP (AES)
I am a bit like a dog with a bone sometimes. So I snoozed this one for a year because whilst I got it working, having an extra Wi-Fi network just for a cheap TV box niggled. I know, I need to get out more. I kind of hoped that a RouterOS upgrade might fix this but sadly not. With WPA alone, this crap TV box connects fine albeit interestingly ROS reports it’s connected as 5GHz A/N. Never seen that before - every other Wi-Fi 5 is listed as 5GHz AC. Change to WPA/WPA2 and won’t connect.
I’ve since discovered that the Rockwell RK3528 doesn’t have Wi-Fi on the chip so Wi-Fi must be supplied through some additional circuitry.
I know it’s probably a crap Wi-Fi implementation/driver but love a challenge.
It’s also a learning exercise. One just accepts what WPA is at face value. As a sometimes developer and ex-games programmer in 80s (so Z80/6502 time), I like to know what goes on under the hood.
This problem is seen on all WiFi manufacturer’s forums. “my crappy client does not connect to your shining new WiFi, please fix that!”.
Also, for every firmware upgrade there invariably are some clients that now can connect (which rarely are mentioned of course) and some which can no longer connect (and its owners are outraged),
It is difficult to fix because there are so many crappy WiFi client implementations around. Especially in IoT devices, but also in low-end other stuff. And of course their manufacturers never release updates to fix their crap, that is left to the AP manufacturers.
I remember well that on our company network, old devices could no longer connect once “fast roaming” (802.11k/r/v) was enabled, maybe that is your problem too. But when I enabled WPA2/WPA3 a while ago, there also was a user with some old tablet who could not longer connect. It is a problem that cannot be solved other than by buying new stuff once in a while.
Could well be fast roaming. I’ve got a spare hAP ac lite lying around, going to try that as well. I completely accept that it could be a crap client but I am learning about WPA which was before a black box. BTW - I’ve got a few smart plugs and they’re on the main Wi-Fi with WPA2-PSK and WPA3-PSK. My old Kindle refused to connect to any AX access point.
The problem is that while most fields in WiFi are defined in an “extensible” way, i.e. new features and new authentication protocols can be added unambiguously, lots of crappy client implementations assume the fields look like what they looked back when they implemented their client.
So when new values are added, new data items are added, length fields are changed, etc they crap out and do wrong or unexpected things.
For example, a WiFi connected HP inktjet printer would think that a network has no authentication (and thus would not ask for a password, and fail to connect) when fast roaming was enabled on the network.
At least that has been fixed in later models. But usually such problems would never be fixed by firmware updates (lots of manufacturers declare end-of-support within 2-3 years after a device was first manufactured, and support anyway was only for security issues and not for design limitations), and if they were it would often not be practical for the user to upgrade the device.
We are lucky with MikroTik that they still release regular updates for devices designed 15 years ago!
Yes, I’d heard about the concept of the fields and it makes sense. Consider a byte register that started off with just bit 0 used for anything. The correct way to handle this is to say IF field AND 1 THEN do something. However, if the other bits returned zero, IF field == 1 THEN do something would also work but was an accident waiting to happen. Sloppy programming for sure but understandable - would get through testing.
The reason those mini-PCs mentioned above can’t use Wi-Fi 6 could be something like this. And unless there is a fix for the client end, they never will.
Once upon a time, the concept of getting somebody else to read your code was fashionable for while until the bean counters realised it cost money. I suppose that this idea still exists a little bit in Open Source where many pairs of eyes may look over your code.
I’m hampered a little bit that I don’t have a Wi-Fi 6/WPA3-PSK capable router or access point from another manufacturer to test against.
In some cases you could work around the issue by using a lowcost MikroTik WiFi AP, e.g. a hAP lite (TC) or a hAP ac2 that you may have in the junkbox after encountering the storage limitations as a WiFi client (connected to the TV box using a short ethernet cable).
At least than you can fire at MikroTik when it does not want to connect.