Enable Rogue AP Containment vs "friendly-ap" vs "rogue-ap" roles
Freshman Member
What does "Enable Rogue AP Containment" actually do?
And what does it have to do with the "roles" of 'friendly-ap" and 'rogue-ap'?
If I have marked all unknown AP's as rogue in the "monitor" area. That does what to those devices?
If they happen to be attached to the zyxel gateway network, then any client from that AP would be rejected?
I did look it up in the manual, the answer didn't help:
Enable Rogue AP Containment = Select this to enable rogue AP containment.
Best Answers
-
Hi @jef ,
Thank you for bringing your concerns to our attention.
Our current APs include support for 802.11w, also known as Protected Management Frames (PMF), is to enhance the security of wireless networks by protecting management frames from being spoofed or tampered with, so Rogue AP Containment is no longer necessary. Therefore, we plan to phase out Rogue AP Containment in an upcoming firmware update.
Engage in the Community, become an MVP, and win exclusive prizes!
0 -
Hi @jef ,
In a network configured for "WPA2" only, every client device must support WPA2 (AES) encryption to authenticate and connect successfully.
On the other hand, a network set to "WPA2-mix mode" allows for the connection of devices using either WPA (TKIP) or WPA2 (AES) encryption standards, accommodating a broader range of client devices.
Should you opt to disable or deselect the "WPA2-mixed" mode, be advised that devices only capable of supporting WPA (TKIP) encryption will not be able to connect to the specified SSID (Wi-Fi network name).
Engage in the Community, become an MVP, and win exclusive prizes!
0
Zyxel Employee
All Replies
-
Hi @jef ,
Thank you for bringing your concerns to our attention.
Our current APs include support for 802.11w, also known as Protected Management Frames (PMF), is to enhance the security of wireless networks by protecting management frames from being spoofed or tampered with, so Rogue AP Containment is no longer necessary. Therefore, we plan to phase out Rogue AP Containment in an upcoming firmware update.
Engage in the Community, become an MVP, and win exclusive prizes!
0 -
Thank you Judy, Wpa2 vs wpa2-mixed.. limits the PMF.. If I deselect "mixed" what do I loose?
0 -
Hi @jef ,
In a network configured for "WPA2" only, every client device must support WPA2 (AES) encryption to authenticate and connect successfully.
On the other hand, a network set to "WPA2-mix mode" allows for the connection of devices using either WPA (TKIP) or WPA2 (AES) encryption standards, accommodating a broader range of client devices.
Should you opt to disable or deselect the "WPA2-mixed" mode, be advised that devices only capable of supporting WPA (TKIP) encryption will not be able to connect to the specified SSID (Wi-Fi network name).
Engage in the Community, become an MVP, and win exclusive prizes!
0
Categories
- All Categories
- 415 Beta Program
- 2.3K Nebula
- 141 Nebula Ideas
- 94 Nebula Status and Incidents
- 5.5K Security
- 216 USG FLEX H Series
- 262 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 1K Wireless
- 39 Wireless Ideas
- 6.3K Consumer Product
- 243 Service & License
- 382 News and Release
- 81 Security Advisories
- 27 Education Center
- 8 [Campaign] Zyxel Network Detective
- 3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 71 Security Highlight
