Community discussions

MikroTik App
  4. RouterOS
  5. Wireless Networking

WPA2 EAP and "pre-auth" tag missing

Post Reply
 
meristo
just joined
Topic Author
Posts: 4
Joined: Sat Oct 14, 2017 11:24 pm

WPA2 EAP and "pre-auth" tag missing

Sat Oct 14, 2017 11:38 pm

Hello, I'm new of Mikrotik product.

I have an hAP ac and 2 Asus Router that I use as Access point. I configurated my Mikrotik WiFi in this manner (with Radius Authentication):
Code: Select all
/interface wireless print detail 
Flags: X - disabled, R - running 
 0  R name="wlan1" mtu=1500 l2mtu=1600 mac-address=xx:xx:xx:xx:xx arp=enabled 
      interface-type=Atheros AR9300 mode=ap-bridge ssid="Bla" 
      frequency=2462 band=2ghz-b/g/n channel-width=20mhz scan-list=default 
      wireless-protocol=802.11 vlan-mode=no-tag vlan-id=1 wds-mode=disabled 
      wds-default-bridge=none wds-ignore-ssid=no bridge-mode=enabled 
      default-authentication=yes default-forwarding=yes default-ap-tx-limit=0 
      default-client-tx-limit=0 hide-ssid=no security-profile=EAP-RADIUS 
      compression=no 

 1    name="wlan2" mtu=1500 l2mtu=1600 mac-address=xx:xx:xx:xx:xx arp=enabled 
      interface-type=Atheros AR9888 mode=ap-bridge ssid="Bla" 
      frequency=5200 band=5ghz-a/n/ac channel-width=20/40mhz-Ce 
      scan-list=default wireless-protocol=802.11 vlan-mode=no-tag vlan-id=1 
      wds-mode=disabled wds-default-bridge=none wds-ignore-ssid=no 
      bridge-mode=enabled default-authentication=yes default-forwarding=yes 
      default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no 
      security-profile=EAP-RADIUS compression=no
My problem is that on Asus Routers I see in wifi properties of my phone (with Wifi Analyzer app) :
[WPA2-EAP-CCMP+TKIP-preauth][ESS]

on Mikrotik board I see:
[WPA2-EAP-CCMP+TKIP][ESS]

The difference is pre-auth tag that is missing on Mikrotik router. Can I add it?

Thanks
Top
 
User avatar
Petri
Frequent Visitor
Frequent Visitor
Posts: 97
Joined: Mon Dec 05, 2016 1:55 pm
Location: Helsinki, Finland
Contact:
Contact Petri

Re: WPA2 EAP and "pre-auth" tag missing

Sun Oct 15, 2017 6:25 pm

Preauthentication has to do with roaming. When the client detects a new AP with the same SSID it will automatically authenticate with it just in case it will switch to using that AP. That makes the switch seamless, if it occurs. Of course this could lead to many unnecessary authentications as well, but that doesn't bother the user.
Probably the message you are seeing means that your phone was earlier connected to another AP and roamed with preauthenticated credentials to the Asus.
Top
 
Gau28
just joined
Posts: 5
Joined: Mon Dec 18, 2017 2:11 pm

Re: WPA2 EAP and "pre-auth" tag missing

Mon Dec 18, 2017 8:33 pm

Hi Meristo,

May-be, can you help me on my post viewtopic.php?t=128785
I wish to connect a AP in station mode to an existing wifi with EAP. Is-it what you do on your side ?
Top
Post Reply
  4. RouterOS
  5. Wireless Networking