1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Asus RT-AC3200 Smart Connect Rules Fine Tuning

Discussion in 'ASUS AC Routers & Adapters' started by dlandon, Feb 15, 2015.

  1. civiksi

    civiksi New Around Here

    Joined:
    Mar 14, 2015
    Messages:
    4
    So far these settings are working very good for me. Thanks for posting them and all of your time playing with it.
     
  2. trichard

    trichard Occasional Visitor

    Joined:
    Jan 3, 2015
    Messages:
    17
    [​IMG]

    This is mine which stable for my devices...
     
  3. trichard

    trichard Occasional Visitor

    Joined:
    Jan 3, 2015
    Messages:
    17
    I did a test to do a manual 5Ghz grouping into the same SSID (different channel).. but 2.4Ghz is a different SSID.

    Looks good that I can do a manual SC on 2x5Ghz channel without using the complex rule ....

    Updated - Yes Smart Connect can work on only 2 x 5Ghz channel only using my method !
     
    Last edited: Apr 11, 2015
  4. joe012594

    joe012594 Regular Contributor

    Joined:
    Feb 18, 2015
    Messages:
    91
    Wanted to post my current, stable Smart Connect settings and findings. For anyone wanting to separate their N and AC clients between the two 5GHz bands and also cease the routine hourly disconnects, please follow this guide.

    1. Disable "Network Key Rotation Interval" by setting it to "0" via the router's GUI or SSH.

    1A. For the GUI method, be sure Smart Connect is disabled first and all 3 bands are in manual mode then set, in each radio's page, "Network Key Rotation Interval" to "0". Re-enable Smart Connect and, again, set "Network Key Rotation Interval" to "0" if still set to "3600".

    1B. For the SSH method, enter the following commands:

    nvram set wl_wpa_gtk_rekey=0
    nvram set wl0_wpa_gtk_rekey=0
    nvram set wl1_wpa_gtk_rekey=0
    nvram set wl2_wpa_gtk_rekey=0
    nvram commit
    service restart_wireless


    2. Now that the hourly disconnect issue has been solved, let's separate out those N and AC clients between the two 5GHz bands. Replicate each Smart Connect setting provided in the attachment and apply the settings to your router. That's it! Please report back your results after using this guide. :)



    SmartConnect_N_AC.PNG
     
    qsyang likes this.
  5. qsyang

    qsyang Occasional Visitor

    Joined:
    Nov 18, 2013
    Messages:
    17
    Joe - just wanted to double check if you're using stock firmware or RMerlin's .52_2? Thanks!
     
  6. joe012594

    joe012594 Regular Contributor

    Joined:
    Feb 18, 2015
    Messages:
    91
    Tested with the latest of both firmwares, stock and Merlin.
     
    qsyang likes this.
  7. qsyang

    qsyang Occasional Visitor

    Joined:
    Nov 18, 2013
    Messages:
    17
    Smart Connect has been running for almost 24 hours now, so far so good, no disconnect noticed. Thank you!
     
    joe012594 likes this.
  8. trichard

    trichard Occasional Visitor

    Joined:
    Jan 3, 2015
    Messages:
    17
    Sharing my latest working setting..


    [​IMG]
     
    Brian John and raphaelogy like this.
  9. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    14,252
    Location:
    San Diego, CA
    wow... that's a major security issue with WPA/WPA2 - the groupwise key should update/spin any time a STA attaches or leave the BSS - and not rolling the pairwise key on a regular basis - say everything 3600 seconds or so, that is another security concern.

    This is a signficant bug - someone with contacts at Asus should bring this up...
     
  10. adampk17

    adampk17 Regular Contributor

    Joined:
    Sep 17, 2013
    Messages:
    147

    I just loaded up your settings. I will report back my experiences over the next couple days.

    Thanks!
     
  11. jerry6

    jerry6 Very Senior Member

    Joined:
    Jan 24, 2010
    Messages:
    739
    Location:
    Montreal
    I

    i thought WPA2 does not use key rotation ? Look at this linksys setup page WPA2 does not use key rotation only WPA or WPA TKIP
    http://www.linksys.com/us/support-article?articleNum=139152
     
  12. sfx2000

    sfx2000 Part of the Furniture

    Joined:
    Aug 11, 2011
    Messages:
    14,252
    Location:
    San Diego, CA
    Keeping things at a very high level...

    TL:DR WPA/WPA2 both roll keys, on the Group and Pair...

    The author of the article is trying very hard to explain in a simple way, but they're perhaps over simplifying it, and this perhaps can confuse folks..

    WPA/WPA2 Personal use a static Pre-Shared-Key (PSK), which is used to generate a Pairwise Master Key, WPA/WPA2 Enterprise use a dynamic key sent over by the RADIUS function... For Enterprise, the RADIUS sets the timer based on policies defined by the Radius Admin, whereas in Personal, you create the PSK, and you set the timer.

    We generate a Pairwise Master Key - see above for WPA2-PSK - this is known by both the AP and the STA - it's never sent over the air - instead, there's the 4-way handshake, and a unicast PTK is generated and used, and it will roll on a periodic basis, or if that timer has not elapsed, it's deleted when the STA disassociates from the BSS...

    There's also a GroupWise Key that is used for Broadcast/Multicast traffic, and that rolls any time a STA joins or leaves the BSS - or if STA's don't leave, or no new STA's join the BSS, the GTK stays until it's timer expires, and we generate a new GTK...

    Doesn't matter whether it's WPA-TKIP, or WPA2-AES (or any combination) - Transient Keys, whether Group or Personal, should always rotate... That's why WPA/WPA2 can be a challenge to hack...

    If an AP that is supporting a BSS explicitly tells the BSS that we're not rolling transient keys, this makes it very easy to get enough information that the PSK can then be derived...

    We won't talk about WPS - that's a whole nuther ball of worms...
     
  13. adampk17

    adampk17 Regular Contributor

    Joined:
    Sep 17, 2013
    Messages:
    147
    Unfortunately, this didn't help me.
     
  14. Speedluvver

    Speedluvver Regular Contributor

    Joined:
    Feb 6, 2015
    Messages:
    59
    how is everyone doing with smart connect ? On the hardware.sg forums, the asus guy said not to use 0 for key rotation as it will 'drown' the router and cause early wear to components.. just wondered if thats still necessary to stop the disconnects
     
  15. RMerlin

    RMerlin Super Moderator

    Joined:
    Apr 14, 2012
    Messages:
    31,302
    Location:
    Canada
    Something must have been lost somewhere in the translation, because I don't understand what that's supposed to mean...
     
  16. Speedluvver

    Speedluvver Regular Contributor

    Joined:
    Feb 6, 2015
    Messages:
    59
    See here -> http://forums.hardwarezone.com.sg/94094566-post3554.html - he does not say damage to components, but someone else on the thread adds that, I am guessing heat, but that may not be the case, he may just mean instability..
     
  17. adampk17

    adampk17 Regular Contributor

    Joined:
    Sep 17, 2013
    Messages:
    147
    I've abandoned using it, for now. With my iPhones and iPads the frequent disconnects, even after trying suggestions in this thread, were simply intolerable.
     
  18. scottegos2

    scottegos2 Occasional Visitor

    Joined:
    Aug 22, 2012
    Messages:
    37
    Me too. In my case, it was Android tablets, but it was just too annoying. All my clients work fine when I turn off this garbage and just connect everything to the high 5gHz band.
     
  19. bit curation

    bit curation Occasional Visitor

    Joined:
    Jul 5, 2015
    Messages:
    14
    upgraded to the latest firmware, it doesn't have disconnect problem at all but I only used for a week so far.

    The Smart connect rule though is touch, when put in AC only in the 5G-2 band, it won't connect Amazon FireTV for some reason no matter how I played with different combination. The VHT value is totally a mystery but is the default value now at least when I bought it. If not for FireTV the default value works the best where all devices are connected correctly in corresponded bands. But I ended up using the reference setting from this thread to leave the VHT to "All" but devices connection are not consistent with the correct band.

    Smart connect is a nice feature but desperately needs some best practices guideline.
     
  20. frostrambler

    frostrambler New Around Here

    Joined:
    Jul 28, 2015
    Messages:
    1
    I was using the latest stable release of Merlin and the latest beta from Asus and both sets of firmware have newer Smart Connect Rules that do not let my Amazon Echo connect no matter how much I try. Disabling smart connect allows it instantly. I'm using trichard's settings now in the mean time, but I wonder why Amazon devices are having issues with these rules?