Regarding Wifi Wave2 drivers and setting them up, could someone share must-have/best practice settings, especially for the security module?
My current setup is a pair of Audience, running 7.2rc5 with Wave2 drivers.
I had no issues setting up the Configuration & Channel module, however I’m not sure what is considered an ok config for the security tab.
Currently, my setup is this:
authentication types: WPA2 PSK , WPA3 PSK
encryption: CCMP. CCMP 256
passphrase
disable PMKID
WPS: disable
and.. that’s all.
Should I have anything else checked? Or changed in my current config?
With the current config, there’s only one device that won’t connect unless unchecking WPA3, a Oneplus9 (key handshake failure).
Should I add something to the above config? Or just give up on using WPA3?
Try to add gcmp and gcmp-256 to the encryption list. They come with wpa3 and some implementers might think it’s required to use some gcmp cipher with wpa3.
Thanks, mkx.
I’ve added both gcmps and now Oneplus randomly connects - which is an improvement from not connecting at all.
Probably something in Oxygen OS doesn’t like Mikrotik’s approach to WPA3.
Can’t say about winbox, in webfig all the options have check boxes and it’s possible to enable multiple choices. In CLI, you set it like this: set 0 security.encryption=ccmp,gcmp,ccmp-256,gcmp-256 …
How should interpret the fact that, if I make no settings under the encryption area of the Security settings tab of Wireless, 2 devices that previously had problems now connect without any issues?
Basically CCMP/CCMP256/GCMP/GCMP256 are no longer checked, while WPA2PSK/WPA3PSK are still checked.. and this solved the issue.
Official wifiwave2 documentation mentions default settings. For encryption in particular it says that it defaults to “ccmp” only. Which incidentally is the only real WPA2 key exchange algorithm (tied with aes encryption algorithm), TKIP is a WPA (first gen).
Personally I don’t like empty settings, because hard-coded defaults can change out-of-sync with documentation. I’d rather see property which has default value set in initialisation script while empty value would trigger error message and non-operational interface.
…better practice…try it out, go through the dungeons of configurations without the ability to use capsman…once you are there, keep it and never look back…maybe software will evolve over time.
I would not trade my hap-ac3 units anymore…definitely, they are not on a shelve…my cap-ac and wap-ac are.
…the point is, hence the reference to putting in on a shelve: if you already own one, then do use it. …if you are looking for better performance but start with new hardware…go elsewhere or wait.
As a home user with a relatively simple network, I’m quite ok with Audience running 7.x. To be honest, even with Mikrotik proprietary drivers, wireless performance feels significantly better than it was before. So I’m not considering shelfing them.. yet
