802.11w - "Optional PMF" doesn't work properly on 88w8864 #362
Comments
|
I've been having the same issue since I bought this router. |
|
Any updates ? |
|
No updates... sadly... |
|
Thanks, just saved a lot of time. I seem to have the same issue. WRT1900acs openwrt 19.07.3 |
|
Still no updates on this bug? Enabling ieee80211w=1 on either radio on my WRT1900AC v1 breaks ARP/broadcast for all wireless clients that do not support PMF for me as well. Also breaks Bonjour, or anything else that uses mDNS, between wireless clients. This is in pure AP mode, no routing, no DNS, no DHCP, all LAN ports and wireless networks bridged. |
|
Wifi drivers were abandoned over 1.5 years ago. |
|
I found a work-around that seems to work for me. Create two separate wireless interfaces -- one for legacy/IoT devices without PMF support (using I only have legacy clients on 2.4 GHz, not sure if there's any use case for separate interfaces for 5 GHz radio as well.
(OpenWrt 21.02.3 on Linksys WRT1900AC v1) |
|
Can you actually connect in wpa3 mode? |
|
WPA3 works for me on MacOS 12.4 with optional Management Frame Protection |
|
What if it is not optional? |
|
With disabled Management Frame Protection it does not work. With optional Management Frame Protection it looks like this on my Mac: (edit) |
|
I was saying with mandatory, because the last time I tested wpa3 with this device it did not work |
|
Sorry, I did not understand what you mean. With Management Frame Protection setting set as Required it also works for me but I can not say anything certain about the stability of the connection. I will use it for some time from now and I will try to share feedback with you. |
|
So far I haven't had any issues with the configuration described yesterday. Including the network with WPA3 + PMF required. |
|
Weird, how many SSIDs do you have? |
|
I have 2 different SSIDs, one for each AP (2.4GHz and 5GHz) |
|
That might be it, I believe I had one only, maybe someday I'll test it again, or if someone can do it it would be great. |
Hello.
I've been facing some issues with 802.11w with PMF set to "Optional" (hostapd.conf with
ieee80211w=1for a while now. I've tested several different configurations in both the hardware and the software.When I make 802.11w optional, devices that don't support PMF and devices that do support it should still be able to communicate with each other whilst concurrently connected on the same access point. This does not happen.
In an environment where all the clients/stations do not support PMF, they can connect to the AP with PMF-Optional, they pass the 4-way handshake and receive a DHCP address. They are visible in the router's ARP table and can be pinged from the router. Devices attached on the router's switch (via ethernet) can communicate with the printer. HOWEVER, as soon as a station that is PMF CAPABLE joins the AP with
ieee80211w=1, all communication with the station that does NOT support PMF ceases. It cannot be pinged from other clients/stations, but the entry for it still exists on the router's ARP table and it is still on the associated stations list.What I've tried:
-- both with hostapd-utils
Devices:
Macbook Pro Mid-2012 non retina, Macbook Air Early-2015 (PMF Capable)
iPhone 6s (PMF Capable)
AFFECTED Brother MFC-J200 Printer (Does not support PMF)
AFFECTED Techage Yoosee 1080p Camera (Does not support PMF)
Protocols:
Seems to affect Apple's Airprint/Bonjour MLD & other more standard multicast protocols.
The text was updated successfully, but these errors were encountered: