Client pc cann't connect to WDS network using WPA2-EAP

acirs · March 1, 2007, 10:37am

I’ve 3 APs using dynamic WDS, each in ap-bridge mode. One AP is connected to Inet provider. To configure APs I used “Mesh_wds” manual from Mikrotik wiki. Everything works fine without encryption. But when I use encryption,

/interface wireless security-profiles add name=WPA2 mode=dynamic-keys
authentication-types=wpa2-eap unicast-ciphers=aes-ccm group-ciphers=aes-ccm eap-methods=eap-tls tls-mode=no-certificates

clients (WinXp) cannot connect to this wireless network. What should be clients configuration?

uldis · March 1, 2007, 10:45am

Use this security profile only for WDS connection, specify it in the connect list for each AP. And use the regular (default) security profile (without encryption) for the wireless interface.

acirs · March 1, 2007, 12:31pm

As my WDSs are dynamic, I cann’t set them WPA2 security profile under Connect List. But when I set for WLAN, it works. I’m just wondering, what is the diference when I set Sec.Profile directly under Interface Wireless in Wireless Tab between Sec.Prof for WLAN in ConnectList Tab.

uldis · March 1, 2007, 12:57pm

Yes, you can set them under the connect-list even if the wds is in the dynamic mode. Add the WDS mac address or ssid and specify the security profile. For the wireless interface leave the default profile.
It means that the for wds connections it will use the specified profile but for regular clients that are connecting to AP will use default security profile.