SCR50AXE - Impossible to connect with SSID in WPA2 but possible in WPA3

GiuseppeR

Hello everyone,

I have 2 sites with SCR50AXE where I have issues with WiFi devices.

Site1 (MD clinic): router installed months ago, WiFi enabled with WPA2 since today when the owner told me it was NOT possible to connect to its SSID with a specific notebook. I saw other WiFi devices linked to that router, so it seemed strange to me and I modified the config to WPA3 and everything was good letting the customer connect to it. Same password same config, only changing WPA2 to WPA3.

Site2 (pharmacy): router installed months ago, WiFi enabled with WPA2 since some days ago when I had issues (see Case 250100624) so I started to do some tests.

Inside Site2 now I have 2 SSIDs:

Different names, same VLAN, same settings a part from WPA2/WPA3 choice.

I went on Site2 and I was able to connect to SSID WPA3 with an old notebook (so old that WPA3 and 5 GHz WiFi did not exist when that PC was sold) but that old notebook was able to connect to that SSID WPA3 smoothly at 2.4 GHz

I tested same old notebook on Site2 with SSID WPA2 and it was NOT able to connect to it (checked SSID password multiple times, of course).

I think that there is a bug with those routers, it seems to me that it is not a hardware fault because WiFi works, partially, but it works. So similar issues with those independent sites. Is the hardware included in SCR50AXE always the same or you have different hardware releases?

Because in the last scenario it could be possible to have incompatibilities with specific WiFi NICs.

Please let me know, have a nice evening.

Zyxel_Kay

Hi @GiuseppeR

Thank you for reaching out and providing a detailed description of your observation.

Currently, for the SCR50AXE's SSID configuration:

• When WPA2 is selected as the security protocol, only AES encryption is supported; TKIP is not supported.
• On the other hand, selecting WPA3 enables a "transition mode" by default. This allows compatibility with both WPA3 and WPA2 clients. In this transition mode, WPA2 clients can connect using AES, but the router also supports additional encryption standards for older devices.

The behaviour you're observing suggests that some devices may rely on specific encryption protocols, which could explain why the old notebook connects to WPA3 but struggles with WPA2-only SSIDs.

We recommend keeping the SSID set to WPA3 (transition mode) for broader compatibility while maintaining secure encryption standards.

Have a nice day!

GiuseppeR

Hello @Zyxel_Kay

thanks for the confirmation about the fact that your WPA3 is not a strict WPA3 but it is a WPA3 Transition Mode

Is there a way to have this difference highlighted in the settings?

It could be needed to know that WPA3 is backwards compatible with WPA2 (with its security issues too…) or it is ONLY WPA3.

As you can see, looking into settings, it seems that selecting WPA3 option could give WPA3 compatibility ONLY:

See you soon 😁