Menu
What's new
By:
Filters Better Search

Protected Management Frames

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

john9527

john9527

Part of the Furniture
Thought I'd pass on something I learned with respect to Protected Management Frames for wireless. I was running with a setting of 'Capable' under the belief that the setting was either a work/not work setting with respect to each client. In debugging a periodic loss of access to one of my clients I found out this is not true. This particular client would connect and stay connected via wifi, but would periodically become unresponsive on the network. Changing the Protected Management Frames setting to 'Disabled' cleared things up and the client is now 100% stable.

So, if you are having problems with loss of access on wireless, another thing I would recommend is to try with the the PMF setting disabled.

PS...the client in question was Win10 using an ASUS AC55 USB wireless adapter. Router running my LTS fork.
 
john9527 said:
Thought I'd pass on something I learned with respect to Protected Management Frames for wireless. I was running with a setting of 'Capable' under the belief that the setting was either a work/not work setting with respect to each client. In debugging a periodic loss of access to one of my clients I found out this is not true. This particular client would connect and stay connected via wifi, but would periodically become unresponsive on the network. Changing the Protected Management Frames setting to 'Disabled' cleared things up and the client is now 100% stable.

So, if you are having problems with loss of access on wireless, another thing I would recommend is to try with the the PMF setting disabled.

PS...the client in question was Win10 using an ASUS AC55 USB wireless adapter. Router running my LTS fork.
Click to expand...
Thanks.

Do you have different recommended settings other than default for the more adventurous among us? Or do your default LTS fork settings represent the latest and greatest you have found?
 
I just checked and found PMF set to "Disabled" by default.
 
Gar said:
I just checked and found PMF set to "Disabled" by default.
Click to expand...
I had changed it for my setup since Protected Management Frames is a mitigation for the Kr00k vulnerability. But it seems as if some clients aren't fully compatible even if they appear to be.
 
Gar said:
Thanks.

Do you have different recommended settings other than default for the more adventurous among us? Or do your default LTS fork settings represent the latest and greatest you have found?
Click to expand...
I have pretty much tried to make the defaults the best for the general use case. But I'll go through my personal settings and see what I may have changed.
 
I am wondering how to check if the client device supports PMF. For Windows devices it is easy, but I don't know how to check Android phones.
 
john9527 said:
I had changed it for my setup since Protected Management Frames is a mitigation for the Kr00k vulnerability. But it seems as if some clients aren't fully compatible even if they appear to be.
Click to expand...
Problem is I think its a requirement of WPA3.

Also Harmony hub hates it being on required (completely incompatible). Seems my Ptouch printer does not like it either.
 
Last edited:
It's disabled in my 1900 by default I believe as I never changed it. I realize no WPA3 option.

EDIT: more secure with it enabled if your devices supports it I guess...
 
Last edited:
john9527 said:
I had changed it for my setup since Protected Management Frames is a mitigation for the Kr00k vulnerability. But it seems as if some clients aren't fully compatible even if they appear to be.
Click to expand...
My FireTV 4k won't work with it enabled.

EDIT: "Capable" is OK with everything I use so far, all Win10 stuff is fine.
 
Last edited:
Gar said:
EDIT: "Capable" is OK with everything I use so far, all Win10 stuff is fine.
Click to expand...
Yes....this PC is one that didn't get a lot of use (probably the first time I turned it on in a month to try out Channels DVR server). Everything else was working fine with the Capable setting. Just this specific combination (had me going crazy until I remembered I had made the change to Capable after the last time I used it).
 
  • Like
Reactions: Gar
john9527 said:
Yes....this PC is one that didn't get a lot of use (probably the first time I turned it on in a month to try out Channels DVR server). Everything else was working fine with the Capable setting. Just this specific combination (had me going crazy until I remembered I had made the change to Capable after the last time I used it).
Click to expand...
So "capable" was enough to cause trouble, it didn't have to be set to "enabled". I guess that's why it's disabled by default!
 
Can confirm "Capable" cause troubles.
DLink DAP1620 WiFi extender with FW 1.5 and Samsung Tab3 won't connect.
Default "Disabled" is not set by mistake.
 
I have a couple of cheap USB 2.0 wi-fi cards based on an older RealTek / MediaTek chipsets (81xx IIRC) ('n' standard, 2.4Ghz only) which have not had new drivers for a long time. These don't like PMF set to capable.... it does 'connect' but it doesn't work - DHCP will timeout and the os will give itself an APIP address. Also discovered when I turned on a rarely used system.
I kept PMF enabled and purchased a couple of new cheap dongles.
I have a couple of Firestick 4k devices and they work with PMF = capable.
 
i wish i had found this thread before.

i also did 2 things
disable PMF
fixed 2.4ghz bandwidth to 40mhz

evertything stable now for 4 days in a row.
only a couple of wifi camera's which did disconnect but after changing the bandwidth to 1024 those are stable as well
 
Looks like this is the same issue that's causing me trouble for few months now.
I've replaced for a new router asus AXE7800 to replace my RT-5400 thinking it could be the cause of these issues.

Disabling PMF from Capable and everything seems stable now. Thanks.
 
Wish I heard about this earlier. I too had similar issues with it being set to capable that were driving me wild on my axe16000 and now the GT-BE98 pro that I replaced it with. Ever since I set it to disabled I've had zero issues and everything running much better. Some of my devices simply would not connect being set to capable. Putting 2.4 ghz to 40 mhz as well seems to run better. Thanks for sharing this.
 
Disabling PMF on my router (RT-AX88U Pro) didn't change it on the AIMesh nodes (x1 RT-AX88U and x2 TUF-AX5400) where it remained as Capable.
On the AIMesh nodes I had to disable it from nvram and reboot them.

nvram set wl_mfp=0
nvram commit
reboot
 
i checked my aimesh node(RT-AC86U) and on that one wl_mfp currently is 0 so in my situation it did follow the router settings
 
You must log in or register to reply here.

Similar threads

netmik3
Protected Management Frames default?
Replies
4
Views
2K
RMerlin
RMerlin
M
RT-N66U LTS fork PMF
Replies
0
Views
1K
merlin_user123
M
B
URL addresses management
2
Replies
29
Views
1K
Blackstar
B
H
Bug in Asus firmware - Protected Management Frames not backwards compatible causes 802.11n devices to lose connection
Replies
10
Views
2K
ColinTaylor
C
splendid_koi
Gigabit Tx/Rx rates yet slow transfer speeds over wifi
2 3
Replies
53
Views
2K
TheLostSwede
TheLostSwede
Similar threads
Thread starter Title Forum Replies Date
B URL addresses management Asuswrt-Merlin 29
Wobbo RT-AC86U LED Management Issue After Reboot (Firmware 386.12_4) Asuswrt-Merlin 14
H Does RT-AX86U Pro Support Jumbo Frames? Asuswrt-Merlin 10
N Enable baby jumbo frames on pppoe connection Asuswrt-Merlin 10

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 898 (members: 19, guests: 879)
Top