On iOS 14.1 and 14.2, Wifi connections to a router supporting WAP2 (AES) are reported as WAP2 (TKIP)

Question

Level 1

9 points

On iOS 14.1 and 14.2, Wifi connections to a router supporting WAP2 (AES) are reported as WAP2 (TKIP)

I had a router and access point configured to use WPA2 (AES) only, My iPhone could connect to both, I upgared my router to one (D-Link DIR-2640) that is configured supporting WPA/WPA2-Personal (default and no other choice) . When my device connects to WiFi via the router, the iPhone now reports "Weak Security" and is connected via WPA (TKIP).! The manufacturer states this:

1. By default, D-Link devices use WPA2 (AES) and will connect if your client supports it. If your iOS device detects that your router, access point, or range extender is using a mixed security mode (WPA/WPA2), the warning message is displayed even though you are connected using WPA2 (AES) security.

So why does this happen if as ststed the devices is actuallly connected uing WPA2 (AES)? Its very misleading.

iPhone 8 Plus, iOS 14

Posted on Nov 9, 2020 4:32 PM

Reply

Answer 1

Best reply

Lawrence Finch

Level 10

204,134 points

Nov 18, 2020 11:34 AM in response to fixpertise

fixpertise wrote:

I had a router and access point configured to use WPA2 (AES) only, My iPhone could connect to both, I upgared my router to one (D-Link DIR-2640) that is configured supporting WPA/WPA2-Personal (default and no other choice) .

WPA/WPA2-Personal is not secure, because it will fall back to WPA if anyone within range attempts to connect to WPA, which is not secure. According to the manual for that D-Link it supports WPA2-Personal (which is NOT the same as WPA/WPA2-Personal)

From the manual:

• WPA2 (Wi-Fi Protected Access 2) • WPA2-PSK (Pre-Shared Key) • WPA (Wi-Fi Protected Access) • WPA-PSK (Pre-Shared Key)

Unfortunately, the manual doesn’t say whether it is WPA2(AES) or WPA2(TKIP); only AES is secure. This is what the iPhone checks for.

After you configure the router you must forget the network, then reconnect.

Reply

Answer 2

SnickZ.

Community Specialist

Nov 16, 2020 3:14 PM in response to fixpertise

Hi there, fixpertise.

It appears that you're having an issue when you connect to your home's Wi-Fi network. The message below your connection shows "Weak Security" even though you're using a WPA2 (AES) security connection. We understand how disconcerting this warning could be, and we're glad to help with this.

If your iPhone, iPad, or iPod touch won’t connect to a Wi-Fi network - Apple Support -- Even though you're able to connect with your home's Wi-Fi network, work through the steps in this article to see if the warning disappears.

Get Support -- If the warning's still there, please contact Apple Support. Choose Connectivity > The topic is not listed. Briefly describe the issue, then Continue.

Take care.

Reply

Answer 3

fixpertise Author

Level 1

9 points

Nov 18, 2020 3:39 PM in response to Lawrence Finch

Parts of the manual are obviously a bit generic covering several router models. The DIR-2640 can only be configured as WPA/WPA2 Personal. But dispite this, as I mentioned above, the D-LInk website has this note regarding the issue.

By default, D-Link devices use WPA2 (AES) and will connect if your client supports it. If your iOS device detects that your router, access point, or range extender is using a mixed security mode (WPA/WPA2), the warning message is displayed even though you are connected using WPA2 (AES) security.

So users are left in the uncomfortable position of having the "Weak Security" message indicating the connection imay be using TKIP, but in the case of a D-Link router having to trust that the connection is really using AES. Pretty sad.

Reply

Answer 4

SnickZ.

Community Specialist

Nov 17, 2020 1:15 PM in response to fixpertise

Thank you for contacting us again, fixpertise. We weren’t sure if the steps would remove the warning. You need to contact Apple Support as posted previously since we don’t have the ability to diagnose a problem in Communities. Posting the link and instructions again to help you contact Apple Support.

Get Support -- After selecting this link, choose Connectivity > The topic is not listed. Briefly describe the issue, then Continue.

Cheers!

Reply

Answer 5

fixpertise Author

Level 1

9 points

Nov 18, 2020 11:22 AM in response to SnickZ.

I tried support. Not much help there. My expectation was that support would create a case for engineeing. I am not sure if they did or not. This is obviously a flaw in the WiFi handshake between the IPhone and the particular WiFi router (D-Link DIR-2640). The iPhone reports the encryption being used as TKIP and the manufacturer asserts AES is being used. In this case, there is nothing a user can do to eliminate the "weak security" message.

Reply

Answer 6

fixpertise Author

Level 1

9 points

Nov 17, 2020 11:14 AM in response to SnickZ.

I had tried all the suggestions. No help. This is a problem in the WiFi protocol negotiation between iOS and the router. Not clear where the issue resides.

Reply

On iOS 14.1 and 14.2, Wifi connections to a router supporting WAP2 (AES) are reported as WAP2 (TKIP)

Similar questions