Just wanted to give feedback from our first tests with 2.9RC9 and WPA-PSK/AES-CCM.
I connected two systems (one running on a Geode@266MHz, the other a VIA C3@500MHz) in a standard scenario (ap/station). Both are using a Atheros 5212 miniPCI interfaces (Zcom AG-621).
Created security profiles using WPA-PSK with AES-CCM (only, no TKIP).
Client can associate with the AP, ip level communication is possible. Running bandwidth test from the ap to client (and vice versa) (yes, intentionally running ON the routers, to get the CPU up to 100% constantly) showed that encryption really takes place in hardware: Although the bandwidth test alone brought both systems to 100% CPU usage easily, switching on/off the AES encryption didn’t change anything in the throughput I got.
So it looks as WPA-PSK is finally working - at least between two MikroTik systems. Next I’ll give other clients a shot…
Nice work Christian - would be very interested in your results.
Haven’t tried this mode yet here.
I wonder, at full rate (80Mbps UDP) whether the hardware encryption will slow the link down or not. Guess I will have to try …
I’d love to try it, but don’t have two test systems with enough horse-power for a full link at hand right now… Will try to get something freed up here…
Well we DO have the kit, 600MHz and 1.5GHz platforms with 5212 and 5213 radio cards, but no free staff at present due to major customer builds and holidays etc.
We could plug things together, and open a port in our router to allow VNC onto a test PC connected to the routers. Interested?
I’m out of the office today but could set something up later this week -
If I use a connect-list entry on the client, it won’t connect when using WPA-PSK (no matter if I set the security profile in the connect-list or only via the wireless interface directly)…
here everything is fine except the cpu in fact in our lab test two rb500 at 266mhz with wpa AES-CCM+tkip get 100% without any traffic.
We have 20mbps udp both ways
So the encryption doesn’t seems to lower the speed but it stresses the cpu a lot.
Rosario
P.S.
the configuration is a bridge ptp in 5ghz with nstream activated