Wifi crpytographic options
Hello everyone,
This is a continuation of a previous, unresolved thread:
https://community.tp-link.com/en/business/forum/topic/671930
I finally have a EAP773 to play with. I notice that when I disable 2.5 and 5ghz in the Omada controller, and 6ghz is the only option selected, then and only then is AES-GCM 256 and AES-CNSA available. This is confirmed using a Wifi analyzer app on my android phone. The 5ghz channel is shown advertising WPA2-EAP/SHA1-CCMP on the same SSID as the 6ghz with the SHA-256-GCMP.
Why is this? These newer cipher suites are perfectly compatible with 2.4 and 5ghz. Basically, the way TP-Link appears to have set this up, WPA3 encryption is not available on any band except 6ghz... at least not for WPA-Enterprise. All of the lower frequency bands use older standards, and there appears to be no way of forcing modern standards in the controller settings with the exception of completely disabling the lower frequency bands and using ONLY 6ghz.
Am I missing something here?