Here is my setup:
- I setup all my APs in 5Ghz@CH-36 WPA2-Personal PSK (AES).
I compared their setup in CAPsMan mode vs standalone mode.
In both modes, all the APs report support of the WEP in their sniffed beacons.
Now here is my issue:
In standalone mode, the WEP support is continued in the association response frames while in CAPsMAN mode, the WEP support flag is de-activated just after association. (If you are curious this will make some of our legacy devices to fail to associate to CAPs, while they can connect fine to the same AP reconfigured in standalone mode with identical Wireless properties).
Here is the question: Is dropping WEP support in association response a kind of security enhancement available just in CAP mode? In other words, do these flags, that of the beacon, and that of the association response, represent WEP support at different layers (such as PHY, MAC and LLC) and thus suggest that WEP support is required just for authentication and key exchange but not used for encryption (because of WPA2 in use)? Anyhow, is there any hope/workaround to disable this security enhancement in CAPs mode for reviving my legacy devices?