You have an option under wireless security settings in order to switch it on
Disable EAPOL Key Retries
Thanks for this
Enabled on both. _________________ Router Model: Netgear R8000
Firmware: DD-WRT v3.0-r41813 std (12/29/19)
Modem: Super Hub 3.0
ISP: Virgin Media 350/35 Mbps
... that allows to set an flag that will fix that issue even if the client does not have a patch, but it can cause interoperability issues and therefore is off by default.
... that allows to set an flag that will fix that issue even if the client does not have a patch, but it can cause interoperability issues and therefore is off by default.
You meant to say here I guess
http://www.dd-wrt.com/phpBB2/viewtopic.php?p=1099456#1099456 _________________ R6400v2 (boardID:30) - Kong 36480 running since 03/09/18 - (AP - DNSMasq - AdBlocking - QoS) R7800 - BS 31924 running since 05/26/17 - (AP - OpenVPN Client - DNSMasq - AdBlocking - QoS) R7000 - BS 30771 running since 12/16/16 - (AP - NAS - FTP - SMB - OpenVPN Server - Transmission - DDNS - DNSMasq - AdBlocking - QoS) R6250 - BS 29193 running since 03/20/16 - (AP - NAS - FTP - SMB - DNSMasq - AdBlocking)
Joined: 14 Dec 2015 Posts: 25 Location: 192.168.1.1
Posted: Thu Oct 19, 2017 14:14 Post subject:
<Kong> wrote:
... that allows to set an flag that will fix that issue even if the client does not have a patch, but it can cause interoperability issues and therefore is off by default.
... that allows to set an flag that will fix that issue even if the client does not have a patch, but it can cause interoperability issues and therefore is off by default.
interoperability issues?
an example?
# This workaround might cause interoperability issues and reduced robustness of
# key negotiation especially in environments with heavy traffic load due to the
# number of attempts to perform the key exchange is reduced significantly. As
# such, this workaround is disabled by default (unless overridden in build
# configuration).
# Ref.: https://lede-project.org/docs/user-guide/wifi_configuration#wpa_key_reinstallation_attack_workaround
Joined: 19 Nov 2008 Posts: 274 Location: Madison, CT, US
Posted: Thu Oct 19, 2017 23:09 Post subject:
Under wireless security, there is now CCMP and GCMP in addition to the standard AES, WEP ,TKIP. What is the best encryption which is compatible with a bunch of devices with older wifi adapters? I have been using AES. Not sure how to turn ON/OFF for the krackattack fix either. _________________ Netgear R7800(2), R7500v2(2) WDS, Asus RT-AC68R (2)
Joined: 03 Jan 2010 Posts: 7568 Location: YWG, Canada
Posted: Thu Oct 19, 2017 23:14 Post subject:
ccmp-256/gcmp are part of 802.11ac spec, yet none of my ac devices connect with them on, probably another untested feature.. they are not for compatibility, for that u stay where u are, with wpa2 aes, its fixed already, we can all calm down about it now. except scream at shitty vendors that dont update their stuff.
it does seem like it applies to 5ghz only, when selecting on 2.4ghz, the radio wont even broadcast. _________________ LATEST FIRMWARE(S)
BrainSlayer wrote:
we just do it since we do not like any restrictions enforced by stupid cocaine snorting managers