Enable Rogue AP Containment vs "friendly-ap" vs "rogue-ap" roles
Freshman Member
What does "Enable Rogue AP Containment" actually do?
And what does it have to do with the "roles" of 'friendly-ap" and 'rogue-ap'?
If I have marked all unknown AP's as rogue in the "monitor" area. That does what to those devices?
If they happen to be attached to the zyxel gateway network, then any client from that AP would be rejected?
I did look it up in the manual, the answer didn't help:
Enable Rogue AP Containment = Select this to enable rogue AP containment.
Best Answers
-
Hi @jef ,
Thank you for bringing your concerns to our attention.
Our current APs include support for 802.11w, also known as Protected Management Frames (PMF), is to enhance the security of wireless networks by protecting management frames from being spoofed or tampered with, so Rogue AP Containment is no longer necessary. Therefore, we plan to phase out Rogue AP Containment in an upcoming firmware update.
Judy
See how you've made an impact in Zyxel Community this year!
0 -
Hi @jef ,
In a network configured for "WPA2" only, every client device must support WPA2 (AES) encryption to authenticate and connect successfully.
On the other hand, a network set to "WPA2-mix mode" allows for the connection of devices using either WPA (TKIP) or WPA2 (AES) encryption standards, accommodating a broader range of client devices.
Should you opt to disable or deselect the "WPA2-mixed" mode, be advised that devices only capable of supporting WPA (TKIP) encryption will not be able to connect to the specified SSID (Wi-Fi network name).
Judy
See how you've made an impact in Zyxel Community this year!
0
Zyxel Employee
All Replies
-
Hi @jef ,
Thank you for bringing your concerns to our attention.
Our current APs include support for 802.11w, also known as Protected Management Frames (PMF), is to enhance the security of wireless networks by protecting management frames from being spoofed or tampered with, so Rogue AP Containment is no longer necessary. Therefore, we plan to phase out Rogue AP Containment in an upcoming firmware update.
Judy
See how you've made an impact in Zyxel Community this year!
0 -
Thank you Judy, Wpa2 vs wpa2-mixed.. limits the PMF.. If I deselect "mixed" what do I loose?
0 -
Hi @jef ,
In a network configured for "WPA2" only, every client device must support WPA2 (AES) encryption to authenticate and connect successfully.
On the other hand, a network set to "WPA2-mix mode" allows for the connection of devices using either WPA (TKIP) or WPA2 (AES) encryption standards, accommodating a broader range of client devices.
Should you opt to disable or deselect the "WPA2-mixed" mode, be advised that devices only capable of supporting WPA (TKIP) encryption will not be able to connect to the specified SSID (Wi-Fi network name).
Judy
See how you've made an impact in Zyxel Community this year!
0
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 151 Nebula Ideas
- 98 Nebula Status and Incidents
- 5.7K Security
- 271 USG FLEX H Series
- 274 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.4K Consumer Product
- 250 Service & License
- 389 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 74 Security Highlight
