Hi there, i just upgraded my lab AP to 5.0rc4 and now wireless with encryption (wpa/wpa2) does not work at all.

Clients can connect but then i just get a "group key exchange timeout". I am not able to connect a client (i tried 4 different ones).

I also did a reset-configuration on the wireless settings and even definied new security profiles but without success.

Anyone else expiriencing this also?

Regards,
brainy

ok update ...

it does work if i define wpa AND wpa2 together but not when only using wpa/tkip

on a different note, why do you use TKIP? use AES, it's faster and more secure.

just a thought - WPA with tkip was cracked in 2 hours as a demo on some hacking conference. AES add several weeks to that time and WPA2 several month.

WPA2 AES is crackable in days with a PSK

WPA2 AES is crackable in days with a PSK

[ citation needed ]

You can thank Nvidia

http://securityandthe.net/2008/10/12/ru ... ing-speed/
http://www.youtube.com/watch?v=GzDbvd5knmQ


It's either quick or cheap

Just saying, ever wireless protection system out there can be cracked if they want in bad enough

WPA or WPA2 key could be cracked in days or weeks instead of years.

Cool, nice to know

The best wireless security you can have is a SSH tunnel!

SSTP

Some hardware encryption acceleration so we dont take a performance hit running it and yes!

Some hardware encryption acceleration so we dont take a performance hit running it and yes!

I try to not post links to distributors, but this company already sells 10Gbit RouterOS routers: http://www.mikrotikrouter.com/2200.asp

Haven't seen anyone complain.

Wrong thread I think Normis?

Also they appear to be 10 x 1gbit ports standard, not 10gbit

I feel tricked

You can thank Nvidia

http://securityandthe.net/2008/10/12/ru ... ing-speed/
http://www.youtube.com/watch?v=GzDbvd5knmQ


It's either quick or cheap

Just saying, ever wireless protection system out there can be cracked if they want in bad enough

with a passphrase like that, sure... anyplace I setup, the passphrase is either from uuidgen, or something like pEbE93=9FExu+ega

Although, it sure would be nice to have WPA2-RADIUS built into MT...

I had to downgrade to 5.0rc3 because wireless/encryption is totally fucked up in rc4

i had a lot of clients there weren't able to connect to the AP anymore

i have a "old" client that only support WPA and not WPA2 but neither with TKIP nor AES i am able to connect with rc4

after the downgrade everything is fine again ..

WPA2-AES PSK worked for me on my 433s, but not WPA2-AES-EAP.

Hi. We got a problem with 5.0RC4, and rolled back to 5.0RC3.
Setup: Windows 2008R2 AD, NAP ( Radius) + Mikrotik 411AR with 5.0RC4.
Wireless setup - Access point wtih two SSID:
1) WPA2 AES EAP (Radius auth)
2) WPA2 AES PSK (preshared key)

When I install 5.0RC4, Windows 7 clients with Radius auth. can not connect. No errors on Windows 2008R2 NAP server.
Second SSID with WPA2 PSK works ok.

please email to support@mikrotik.com - we can provide you with a test version where we fixed the encryption problem.

please do not say stupid things ... breaking a string of 8 or more characters take several years .. because the method works by comparison (dictionary), even when using pre-compiled tables with the help of the graphics card processor. As long as the admin does not choose a simple word like "hello1234" or "administrator"

and what about bruteforce? .. that will crack every password ...

please do not say stupid things ... breaking a string of 8 or more characters take several years .. because the method works by comparison (dictionary), even when using pre-compiled tables with the help of the graphics card processor. As long as the admin does not choose a simple word like "hello1234" or "administrator"

I know a few people who would disagree with you based on experience, Also Mr Rainbow Tables would like a word with you also.

Wireless security is a joke, Run real encryption on the top of a link