Menu
What's new
By:
Filters Better Search

PMF not really working correctly?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Matthew Patrick

Matthew Patrick

Senior Member
Hi guys. So I'm using AC86U with 386.10. i tried setting PMF to always be required. But using WiFi Analyzer app on my laptop it seems like PMF is only enforced on my main 2.4ghz SSID. The 5ghz one doesn't even have PMF enabled or optional. I think my guest network 1 and 2 (both 2.4 and 5ghz) doesn't show PMF being enabled or optional either. Is it a bug ? Can anyone confirm? Thank you!
 
Matthew Patrick said:
Hi guys. So I'm using AC86U with 386.10. i tried setting PMF to always be required. But using WiFi Analyzer app on my laptop it seems like PMF is only enforced on my main 2.4ghz SSID. The 5ghz one doesn't even have PMF enabled or optional. I think my guest network 1 and 2 (both 2.4 and 5ghz) doesn't show PMF being enabled or optional either. Is it a bug ? Can anyone confirm? Thank you!
Click to expand...

PMF will only work on clients capable of using WPA3. If it’s an older device with only WPA or WPA2 then it’s unlikely the device will connect to the network if PMF is set to required. If set to capable then devices that can will use PMF and devices that can’t won’t use PMF.

WPA2/WPA3 mix should give you the option for PMF.

Edit: Can confirm guest network doesn’t show the option for enabling or disabling PMF. WPA3 will use it, WPA2/WPA3 may or may not and since it’s not listed I’m not sure, but theoretically should default to capable.
 
Last edited:
DJones said:
PMF will only work on clients capable of using WPA3. If it’s an older device with only WPA or WPA2 then it’s unlikely the device will connect to the network if PMF is set to required. If set to capable then devices that can will use PMF and devices that can’t won’t use PMF.
Click to expand...
WPA2 does support PMF though. And my Asus is AC only . So it doesn't have WPA3. And let's just say that it's on capable. It should've set the PMF to capable on all radios right? Both 2.4 and 5ghz. But it seems like it's only doing that in the 2.4ghz. here. See these screenshots when I'm using PMF with the Required option.

My WiFi option on my AC86U :
1680109363215.png


Main 2.4GHz SSID
1680108903045.png


Main 5GHz SSID
1680108932474.png


Guest 2.4GHz SSID
1680108997391.png


Guest 5GHz SSID
1680109033941.png



It seems like PMF is only being advertised or even enforced on the main 2.4GHz?
 
Matthew Patrick said:
WPA2 does support PMF though. And my Asus is AC only . So it doesn't have WPA3. And let's just say that it's on capable. It should've set the PMF to capable on all radios right? Both 2.4 and 5ghz. But it seems like it's only doing that in the 2.4ghz. here. See these screenshots when I'm using PMF with the Required option.

My WiFi option on my AC86U :
View attachment 48973

Main 2.4GHz SSID
View attachment 48966

Main 5GHz SSID
View attachment 48967

Guest 2.4GHz SSID
View attachment 48968

Guest 5GHz SSID
View attachment 48970


It seems like PMF is only being advertised or even enforced on the main 2.4GHz?
Click to expand...

To be accurate PMF is required for all new Wifi alliance certified devices. Which typically means they support WPA3 and backwards compatibility with WPA2.

I would try and force the device that is capable of PMF on 5Ghz and see if it says capable. Disable smart connect to do so.
 
Matthew Patrick said:
WPA2 does support PMF though. And my Asus is AC only . So it doesn't have WPA3. And let's just say that it's on capable. It should've set the PMF to capable on all radios right? Both 2.4 and 5ghz. But it seems like it's only doing that in the 2.4ghz. here. See these screenshots when I'm using PMF with the Required option.

My WiFi option on my AC86U :
View attachment 48973

Main 2.4GHz SSID
View attachment 48966

Main 5GHz SSID
View attachment 48967

Guest 2.4GHz SSID
View attachment 48968

Guest 5GHz SSID
View attachment 48970


It seems like PMF is only being advertised or even enforced on the main 2.4GHz?
Click to expand...
@DJones this results doesn't need me to connect to it. It's being broadcasted by the SSID itself. So it shouldn't matter if I'm connected to 5ghz or 2.4ghz right now since it's reading the info being broadcasted by the SSID itself without the need of connecting to it.

For a reference. I tried turning on my WiFi 5 mobile hotspot using my phone. I enabled PMF on my phone and I can see using the wifi analyzer that my phone's WiFi 5 hotspot. Does have PMF enabled on capable. Unlike my AC86U which only does PMF on the main 2.4ghz . That's the weird thing
 
Matthew Patrick said:
@DJones this results doesn't need me to connect to it. It's being broadcasted by the SSID itself. So it shouldn't matter if I'm connected to 5ghz or 2.4ghz right now since it's reading the info being broadcasted by the SSID itself without the need of connecting to it.

For a reference. I tried turning on my WiFi 5 mobile hotspot using my phone. I enabled PMF on my phone and I can see using the wifi analyzer that my phone's WiFi 5 hotspot. Does have PMF enabled on capable. Unlike my AC86U which only does PMF on the main 2.4ghz . That's the weird thing
Click to expand...

Ah okay. I see what you mean. Uh yeah that’s odd seems like a bug, curious if it’s happening also on the latest stock. Assuming it’s not a UI bug with Merlin the Broadcom drivers might need to be modified on Asus’s side. Could always leave them feedback or wait and see if @RMerlin sees the issue.
 
If you disable smart connect you should be able to set 5G individually. Is PMF still disabled then on 5G if you enable it? I found TWT to be disabled on 5G after disabling smart connect (where it was enabled), so maybe this setting is also not correctly replicated to both bands? Just an idea.

And if it's the case, does it stay enabled after you reenable smart connect again?
 
DJones said:
Ah okay. I see what you mean. Uh yeah that’s odd seems like a bug, curious if it’s happening also on the latest stock. Assuming it’s not a UI bug with Merlin the Broadcom drivers might need to be modified on Asus’s side. Could always leave them feedback or wait and see if @RMerlin sees the issue.
Click to expand...
Yeah idk. The option might only be applying it to the 2.4ghz band only.

chris.at said:
If you disable smart connect you should be able to set 5G individually. Is PMF still disabled then on 5G if you enable it? I found TWT to be disabled on 5G after disabling smart connect (where it was enabled), so maybe this setting is also not correctly replicated to both bands? Just an idea.

And if it's the case, does it stay enabled after you reenable smart connect again?
Click to expand...
I haven't tried that. Can't do it now though. But yeah seems to be a bug or something
 
Also WPA3 is available on AC routers just doesn’t seem to be that Asus has added support. :/ Considering the routers still get updates it’s kinda unfortunate they haven’t added this functionality.
 
DJones said:
Considering the routers still get updates it’s kinda unfortunate they haven’t added this functionality.
Click to expand...
Tell that to Broadcom. They develop the SDK, only they can add support for WPA3.
 
RMerlin said:
Tell that to Broadcom. They develop the SDK, only they can add support for WPA3.
Click to expand...

As usual doesn’t surprise me it falls back into Broadcom’s lap kinda wish asus would move to atheros just seems more manageable, I think they started to move to proprietary drivers with their ac routers, not sure. Open source would be better.
 
Anyone with AC86U can try and reproduce the issue? Just Smart Connect and WPA2 only security. Both modes of PMF seems to only apply to the main 2.4ghz. just wanna see if it's happening with others too
 
You must log in or register to reply here.

Similar threads

IAmOrion
Is someone Deauthing my router? Can anyone tell me what's going on here?
Replies
14
Views
1K
chris2kari
chris2kari
H
Spotify connect broadcast multicast across both wifi 2.4GHz and 5GHz
Replies
6
Views
1K
mbyr416
M
D
mDNs / Bonjour / Multicast
2
Replies
23
Views
3K
Donga120
D
S
Solved 5Ghz not working on ASUS RT-AX3000 Mesh Node
Replies
0
Views
817
s7clarke10
S
J
Shellies dropping connection in asus aimesh network
Replies
13
Views
2K
pgershon
P
Similar threads
Thread starter Title Forum Replies Date
G RESOLVED: Lost access to WebUI from LAN, SSH is working Asuswrt-Merlin 1
dbaser ASUS RT-AC68U not working after Merlin firmware update, did I brick it? Asuswrt-Merlin 15
DiOnlyThingINoIsThatIDont The Asus + Merlin + NordVPN router never disconnects from the internet when NordVPN stops working for a moment. Asuswrt-Merlin 4
E WebUI not working - AX86U (latest Merlin firmware) Asuswrt-Merlin 5
Neo-ST [AX86U Pro] WIFI not working well after updating from stock to Merlin Asuswrt-Merlin 33
icanfly E3372H 4g dongle no longer working Asuswrt-Merlin 10
C Why isn’t this working on the current firmware ? Asuswrt-Merlin 0
SkierInAvon Asus Merlin - iptables command (not working?) Asuswrt-Merlin 8
E VPN Killswitch not working on RT-AC68U 386.12_4 Asuswrt-Merlin 0
W DDNS update not working Asuswrt-Merlin 9

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 957 (members: 26, guests: 931)
Top