WDS/Bridging w/ WPA2/AES on RT-N66U?

[martopg]

So I read a bunch of reviews and did some digging in forums and decided to buy 2 RT-N66U routers to replace my aging (inadequate) WDS bridge (g-based, using DD-WRT).

I was excited because I had read that the N66U supports WDS/brdiging in the native firmware. However, a closer look at this option reveals that it only supports open system or WEP (no WPA/WPA2), which sucks big-time.

I know WDS with WPA2/AES is possible because I was doing it with my 10-year-old devices running DD-WRT. I emailed Asus support to see if this is something they might implement in a future firmware but they "are not informed of what features are being worked on ahead of time".

So I'm trying to find out which firmwares support WDS/bridging with WPA2/AES. I know I have the option of going to DD-WRT but I hear it may be a bit 'rough' on this model. Does Tomato support this? Merlin's firmware?

Also, somewhat related question: is it easy to go back to the stock Asus firmware from one of these other versions on this model, if I decide to do that in the future?

Thanks!

 

[Lost_Animal]

I am currently using WDS + WPA2_Personal Bridge between my Asus RT-N66U and my OLD Asus RT-N16 router on 2.4Ghz Band (RT-N16 is Single 2.4 Band).

Both are running Merlin's Firmware but i must say that also when i was on Tomato FW at RT-N16, the WDS bridge on WPA2_Personal was Fine also.

The RT-N66U is on Hybrid mod because i want to have AP on my home, and both are locked by their MAC on Remote AP list.

So i think you don't have the correct information.

 

[jsmiddleton4]

Lost....

When you setup the N16 to talk to the 2.4ghz wireless port for the N66 I'm assuming you used the N66's 2.4ghz listed MAC address for the connect to field in the N16.

I'm trying to understand what we're seeing with the N66 LAN port and the 2.4ghz port showing the same MAC address. About the only scenario in which I could see the 2.4ghz port MAC being in play is the WDS scenario due to the way WDS config is structured.

I'm also assuming you aren't having any issues with LAN attached decvices on the N66.

So everything is working ok? WDS router to router traffic doing ok?

 

[Lost_Animal]

I know that is a bit strange to have same MAC on NIC and 2.4 Ghz device.
But it works flawless and the throughput between the RT-N16 and RT-N66U bridge is depending by the quality of the signal strength.

Right now the bridge is working on 54Mbps due to low RSI -89db and i can get about 6MBp/s from LAN to LAN transfer.

If the RSI goes to -50db area then i can get 300 Mbps and LAN to LAN transfer fly up to 20MBp/s.

Also on Hybrid mod on the N66U the 2.4Ghz network remains available for all WiFi Devices on my Home...

 

[jsmiddleton4]

Thanks for the update.

 

[martopg]

I am currently using WDS + WPA2_Personal Bridge between my Asus RT-N66U and my OLD Asus RT-N16 router on 2.4Ghz Band (RT-N16 is Single 2.4 Band).

Both are running Merlin's Firmware but i must say that also when i was on Tomato FW at RT-N16, the WDS bridge on WPA2_Personal was Fine also.

The RT-N66U is on Hybrid mod because i want to have AP on my home, and both are locked by their MAC on Remote AP list.

So i think you don't have the correct information.

I was just trying to figure out which firmwares support this. I should have clarified: I'm currently running the stock Asus firmware (v3.0.0.4.260).

In the stock firmware, there is a note on the Wireless>Bridge tab that says "The function only support [Open System/NONE, Open System/WEP] security authentication method". I tested with Open and WEP and it worked. I then tried upgrading to WPA2/AES (just in case this note was inaccurate. Unfortunately, it seems like it is correct: I got no connectivity between the two after I changed the security.

So it sounds like Merlin's firmware and Tomato both support this; I'll try one of those out I think.

 

[RMerlin]

I was just trying to figure out which firmwares support this. I should have clarified: I'm currently running the stock Asus firmware (v3.0.0.4.260).

In the stock firmware, there is a note on the Wireless>Bridge tab that says "The function only support [Open System/NONE, Open System/WEP] security authentication method". I tested with Open and WEP and it worked. I then tried upgrading to WPA2/AES (just in case this note was inaccurate. Unfortunately, it seems like it is correct: I got no connectivity between the two after I changed the security.

So it sounds like Merlin's firmware and Tomato both support this; I'll try one of those out I think.

I haven't changed anything related to bridging, so you will probably have to look at Tomato if you need more flexibility there.

 

[testius]

ESS support

RMerlin,

It would be great if you would reconsider your position; nowadays when a cheap $39 such as Alfa AIP-W515H provides WDS and AP+WDS...surely the great ASUS line of N-router should do no less.

A lot of us in small businesses would like to have ESS (extended service set) functionality, preferably even without WDS, such as "wired connections" for ESS. Would you consider this feature as part of the next release?

It would be nice not to have users stop complaining about "why do I have to reconnect every time I got from one floor to another?"....without having to buy Cisco or Aruba gear.

 

[RMerlin]

RMerlin,

It would be great if you would reconsider your position; nowadays when a cheap $39 such as Alfa AIP-W515H provides WDS and AP+WDS...surely the great ASUS line of N-router should do no less.

A lot of us in small businesses would like to have ESS (extended service set) functionality, preferably even without WDS, such as "wired connections" for ESS. Would you consider this feature as part of the next release?

It would be nice not to have users stop complaining about "why do I have to reconnect every time I got from one floor to another?"....without having to buy Cisco or Aruba gear.

I'm not a network engineer. Plus, drivers are closed source, and I have no idea what ESS is - never heard of it. So rather than mess with things I don't understand, I'd rather stick with stability rather than implement things I don't understand and would be buggy/broken. Asus's engineers are in a much better position than me to work with these low-level features.

 

[tschmidt]

I managed to get WDS Bridging working on my RT-N66U. But like others have stated, the WDS connection needed to use either Open or WEP security, no WPA/WPA2 is allowed.

What I did is setup my primary 2.4GHz WiFi using WEP, with the SSID hidden (not broadcast), but then setup my original WPA2 2.4GHz WiFi as a Guest network with Intranet access. That way my wireless clients are able to use WPA2 as before, and I have WDS enabled for my bridged connection to a remote router using WDS.

I agree that there is no reason that the Asus router should not be able to support WDS over a WPA/WPA2 security connection. So I do hope that they add this feature to the firmware so that a less secure WEP connection is not required.

 

[RMerlin]

The lack of WPA2 support is a technical limitation of the WDS technology. It's not Asus's fault or a deliberate decision on their part to not support it just because. The WDS technology cannot use any encryption scheme that relies on rotating keys or that are dynamically assigned, such as standard WPA or WPA2 does.