Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Wando64

macrumors 68020
Original poster
Jul 11, 2013
2,167
2,745
I have been using for some time a TP-Link WA850RE range extender and since installing iOS 14 I am getting warning that the network is using an insecure protocol WPA/WPA2.
In theory, according to TP-Link, the extender should be using the main Router's protocol.

It is clear that the connection between the extender and my main router is WPA2-PSK and it is secure. My router would not allow any other connection.
However it would seem that the extender itself would allow connections from insecure WPA protocol as it is reported WPA/WPA2 by both iOS14 devices and by my Macs.

Am I misunderstanding something fundamental or do I have a problem?
 

Wando64

macrumors 68020
Original poster
Jul 11, 2013
2,167
2,745
Doesn’t the extender have an option to only allow connections using WPA2?

It has a setting to specify the connection with the router, but not one to specify what it will accept as incoming connections.
Maybe the two are the same, however I have set it to connect to the router using WPA2 only but it still advertises itself as accepting WPA/WPA2 connections.
 

mystery hill

macrumors 6502a
Apr 2, 2021
902
3,337
TP-Link WA850RE offers TKIP

Our Range Extenders use Auto secutiy mode by default, which supports WPA2+AES, and TKIP to be compatible with the devices that only support old encryption methods. If the Apple devices detect that the wireless connection a weak encrypted network, 'the weak securiy' would show up there. But in fact, iOS devices would still perfer to the secure encryption method WPA2+AES, instead of TKIP when connecting to the range extenders, and users do not need to worry about the potential security issue.
 

Wando64

macrumors 68020
Original poster
Jul 11, 2013
2,167
2,745
I did see this document, but I don’t find it particularly reassuring.
Again I might be misunderstanding something fundamental, but even if my devices connect to the extender using a secure protocol, what is to stop another device gaining access to my network via the less secure WPA protocol that seems to be available from the extender?
 

Wando64

macrumors 68020
Original poster
Jul 11, 2013
2,167
2,745
Is there a way to test if the range extender is really accepting WAP connections?
Can I force one of my devices to use WAP only for the purpose of testing?
 

mystery hill

macrumors 6502a
Apr 2, 2021
902
3,337
Is there a way to test if the range extender is really accepting WAP connections?
iPhone > Settings > WiFi > Other > You can manually enter the name of your wireless network and choose the security type.

You should forget your WiFi network on your phone before testing.
 

Wando64

macrumors 68020
Original poster
Jul 11, 2013
2,167
2,745
iPhone > Settings > WiFi > Other > You can manually enter the name of your wireless network and choose the security type.

You should forget your WiFi network on your phone before testing.

I cannot see from Apple’s support info whether this will determine the minimum security level or the maximum.

e.g. If I set the security as WAP2, will it connect to a network with security a)WPA2 or below, b)WPA2 or above, c)precisely WPA2

Is there a way of checking which protocol I am using at any given moment in time?
 

Wando64

macrumors 68020
Original poster
Jul 11, 2013
2,167
2,745
Why not set it to WPA?
Sure. Same question though.
Does it means that it will connect to networks with a minimum requirement of WPA (WPA and above) or it means that it will connect to networks with a maximum requirement of WPA (WPA or WEP) or does it mean it will only connect to a WPA network?

I have also been looking for a way to tell which protocol and encryption I am using (WPA-TKIP or WPA2-AES).
If I ask my Mac, all i get is that I am using WPA/WPA2 which doesn't tell me anything useful.
 

mystery hill

macrumors 6502a
Apr 2, 2021
902
3,337
Does it means that it will connect to networks with a minimum requirement of WPA (WPA and above) or it means that it will connect to networks with a maximum requirement of WPA (WPA or WEP) or does it mean it will only connect to a WPA network?
If you manually choose WPA then it means that it's connecting via WPA.

If you connect successfully then the extender is accepting connections for WPA and WPA2.
 

Wando64

macrumors 68020
Original poster
Jul 11, 2013
2,167
2,745
If you manually choose WPA then it means that it's connecting via WPA.

If you connect successfully then the extender is accepting connections for WPA and WPA2.
That is exactly what is happening.
Do you know of a way to confirm the protocol in use?
 

mystery hill

macrumors 6502a
Apr 2, 2021
902
3,337
Selecting WPA and successfully connecting is the confirmation.

That's the expected behaviour according to the TP-Link page that I posted above. The extender is accepting both WPA and WPA2 connections.

I guess you could check if there is a firmware update that allows you to restrict the security protocol.

I wouldn't really worry about it since someone would need to be physically in range of the wireless network and also wanting (and knowing) how to crack the WPA protocol to gain access.
 

Wando64

macrumors 68020
Original poster
Jul 11, 2013
2,167
2,745
I already have the last Firmware update.

Oh well...
What I could do is use MAC filtering on the extender to give me a little bit more security.

Thanks for your help
 

Wando64

macrumors 68020
Original poster
Jul 11, 2013
2,167
2,745
TP-Link have released a new firmware to fix this problem.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.