Enable Rogue AP Containment vs "friendly-ap" vs "rogue-ap" roles
Freshman Member
What does "Enable Rogue AP Containment" actually do?
And what does it have to do with the "roles" of 'friendly-ap" and 'rogue-ap'?
If I have marked all unknown AP's as rogue in the "monitor" area. That does what to those devices?
If they happen to be attached to the zyxel gateway network, then any client from that AP would be rejected?
I did look it up in the manual, the answer didn't help:
Enable Rogue AP Containment = Select this to enable rogue AP containment.
Best Answers
-
Hi @jef ,
Thank you for bringing your concerns to our attention.
Our current APs include support for 802.11w, also known as Protected Management Frames (PMF), is to enhance the security of wireless networks by protecting management frames from being spoofed or tampered with, so Rogue AP Containment is no longer necessary. Therefore, we plan to phase out Rogue AP Containment in an upcoming firmware update.
0 -
Hi @jef ,
In a network configured for "WPA2" only, every client device must support WPA2 (AES) encryption to authenticate and connect successfully.
On the other hand, a network set to "WPA2-mix mode" allows for the connection of devices using either WPA (TKIP) or WPA2 (AES) encryption standards, accommodating a broader range of client devices.
Should you opt to disable or deselect the "WPA2-mixed" mode, be advised that devices only capable of supporting WPA (TKIP) encryption will not be able to connect to the specified SSID (Wi-Fi network name).
0
Zyxel Employee
All Replies
-
Hi @jef ,
Thank you for bringing your concerns to our attention.
Our current APs include support for 802.11w, also known as Protected Management Frames (PMF), is to enhance the security of wireless networks by protecting management frames from being spoofed or tampered with, so Rogue AP Containment is no longer necessary. Therefore, we plan to phase out Rogue AP Containment in an upcoming firmware update.
0 -
Thank you Judy, Wpa2 vs wpa2-mixed.. limits the PMF.. If I deselect "mixed" what do I loose?
0 -
Hi @jef ,
In a network configured for "WPA2" only, every client device must support WPA2 (AES) encryption to authenticate and connect successfully.
On the other hand, a network set to "WPA2-mix mode" allows for the connection of devices using either WPA (TKIP) or WPA2 (AES) encryption standards, accommodating a broader range of client devices.
Should you opt to disable or deselect the "WPA2-mixed" mode, be advised that devices only capable of supporting WPA (TKIP) encryption will not be able to connect to the specified SSID (Wi-Fi network name).
0
Categories
- All Categories
- 417 Beta Program
- 2.6K Nebula
- 161 Nebula Ideas
- 108 Nebula Status and Incidents
- 5.9K Security
- 333 USG FLEX H Series
- 287 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 260 Service & License
- 402 News and Release
- 86 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.8K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 80 Security Highlight
