DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Are Vigor APs useless with Apple devices?
- tazladd
- Offline
- Junior Member
Less
More
- Posts: 13
- Thank you received: 0
03 Mar 2021 17:40 #98694
by tazladd
A question for you, did you use WPA2 Enterprise to enabled fast roaming / precache. Seems like thats the only way to enable it...
Replied by tazladd on topic Re: Are Vigor APs useless with Apple devices?
wilsodg wrote:
Having spent a day trying to sort this, I have made some progress.
Turning off the 2925 wifi and replacing it with the spare 902 has made a marked improvement (no black hole for the Apple devices). So it seems that when a device on the AP's want to roam, somehow the 2925 is blocking data. I can now wander around the house and the phones change AP almost seamlessly. Moral of saga - Router wifi is fine stand-alone, but if you want to extend it, it's better to go with all external APs and turn router wifi off. Which is counter to the marketing blurb from draytek.
Settings.
Channels selected so no/minimal overlap. Bandwidth = Auto (seems to select 20).
Under roaming, Strictly Min RSSI is -70db (50%). Fast Roaming Pre-Caching of passwords is set to 600 minutes.
Band steering is off. In a home environment, I see no benefit to this and (I think) all it does is delay connection to a 2.4MHz connection.
On the Apple devices, under network settings, 'private address' is turned off (fixes the mac address), and the mac is bound to an IP (so devices always get the same IP and have the same MAC).
Link speeds in the 100+mb range. Real download from speedtester is approaching wired speeds (70mb)
A question for you, did you use WPA2 Enterprise to enabled fast roaming / precache. Seems like thats the only way to enable it...
Please Log in or Create an account to join the conversation.
- hornbyp
- Offline
- Big Contributor
Less
More
- Posts: 1323
- Thank you received: 0
04 Mar 2021 00:18 #98696
by hornbyp
I don't think you were asking me, but anyway
It seems from the AP903 User Guide, that "Fast Roaming(WPA2 Enterprise)" is actually their implementation of IEEE 802.11i (which I'd never heard of - despite it being ratified in 2004 )
I don't know if you can find a more readable guide to IEEE 802.11i , but I found this:
https://www.energy.gov/sites/prod/files/oeprod/DocumentsandMedia/Wireless_80211i_Rec_Practice.pdf
It says that IEEE802.1x (Radius for most practical purposes?), is an integral part of this standard - hence the requirement to use WPA2 Enterprise (and not Pre-Shared Key authentication).
Replied by hornbyp on topic Re: Are Vigor APs useless with Apple devices?
tazladd wrote:
A question for you, did you use WPA2 Enterprise to enabled fast roaming / precache. Seems like that's the only way to enable it...
I don't think you were asking me, but anyway
It seems from the AP903 User Guide, that "Fast Roaming(WPA2 Enterprise)" is actually their implementation of IEEE 802.11i
I don't know if you can find a more readable guide to IEEE 802.11i
It says that IEEE802.1x (Radius for most practical purposes?), is an integral part of this standard - hence the requirement to use WPA2 Enterprise (and not Pre-Shared Key authentication).
Please Log in or Create an account to join the conversation.
- tazladd
- Offline
- Junior Member
Less
More
- Posts: 13
- Thank you received: 0
04 Mar 2021 03:07 #98697
by tazladd
Hahah I've only been around this forum recently and noticed you have some good knowledge on this.
What is your setup like with Wifi? I know you have no IOS knowledge but I just would love an insight. I am tempted to enable this setting and changing over to WPA2 Enterprise, like what is really stopping me? I run WPA2 Personal now, and I assume this is only a benefit that can happen to my WIFI...
One day I will get the perfect wifi setup One side of the house seems perfect and in general we get the bad days and the good days. Like I don't know much more I personally can do, throwing more money at it maybe an option but meh do I really want to do that hahah... I just want the kids to stop moaning when doing zoom school, we're down to only one moaning though now so positive signs.
I also personally just want to take advantage of 1gbps I pay for, but like wifi isn't the end all and be all for the house. I made sure every room has ethernet ports (well main rooms). Lovely for my own desktop setup but these kids running about with the macs / phones want it better I can understand their frustration... the switch in the loft needs replacing if that comes to any help? Would that do anything to help except provide POE lol, yeah my netgear one I've had for years doesn't allow POE.
Edit - When just looking at the AP903 settings, it does have a fast transition roaming setting already which involves 802.11r without using enterprise, I have this already enabled on everything but have it over air, and not over the DS. What is the differences there?
Replied by tazladd on topic Re: Are Vigor APs useless with Apple devices?
hornbyp wrote:
tazladd wrote:
A question for you, did you use WPA2 Enterprise to enabled fast roaming / precache. Seems like that's the only way to enable it...
I don't think you were asking me, but anyway
It seems from the AP903 User Guide, that "Fast Roaming(WPA2 Enterprise)" is actually their implementation of IEEE 802.11i(which I'd never heard of - despite it being ratified in 2004 )
I don't know if you can find a more readable guide to IEEE 802.11i, but I found this: https://www.energy.gov/sites/prod/files/oeprod/DocumentsandMedia/Wireless_80211i_Rec_Practice.pdf
It says that IEEE802.1x (Radius for most practical purposes?), is an integral part of this standard - hence the requirement to use WPA2 Enterprise (and not Pre-Shared Key authentication).
Hahah I've only been around this forum recently and noticed you have some good knowledge on this.
What is your setup like with Wifi? I know you have no IOS knowledge but I just would love an insight. I am tempted to enable this setting and changing over to WPA2 Enterprise, like what is really stopping me? I run WPA2 Personal now, and I assume this is only a benefit that can happen to my WIFI...
One day I will get the perfect wifi setup
I also personally just want to take advantage of 1gbps I pay for, but like wifi isn't the end all and be all for the house. I made sure every room has ethernet ports (well main rooms). Lovely for my own desktop setup but these kids running about with the macs / phones want it better
Edit - When just looking at the AP903 settings, it does have a fast transition roaming setting already which involves 802.11r without using enterprise, I have this already enabled on everything but have it over air, and not over the DS. What is the differences there?
Please Log in or Create an account to join the conversation.
- piste basher
- Offline
- Big Contributor
Less
More
- Posts: 1199
- Thank you received: 9
04 Mar 2021 09:31 #98700
by piste basher
Replied by piste basher on topic Re: Are Vigor APs useless with Apple devices?
I run a setup with (now) a 2927ac as the root and (changed mode again last night!) 4 x AP903 nodes, 3 of them in wired uplink mode.
For some time I used "Fast Roaming (WPA2 Enterprise)" on the AP903s in the naïve belief that it would provide as it suggests, i.e. "Fast Roaming". The devices which move around are all iOS devices - an iPhone 11 and 3 newish iPads.
I found that "Fast Roaming" was anything but. I suspect, but do not know, that the more complex negotiations required in implementing this protocol actually resulted in a reluctance on the part of the devices to "roam".
I have now gone back to WPA2 Personal (WPA3 is available but my devices don't seem to want to connect using that) with 802.11r enabled "Over the DS" and Strictly Minimum RSSI of -70 with 5 adjacent.
Roaming definitely seems quicker in this scenario and I don't suffer any speed loss issues (back in the mists of time when I was using AP902s I had such severe problems with the 5GHz band that I turned it off. That no longer seems to be a problem, but whether that is down to Draytek or Apple I have no idea).
Very occasionally I get the "Wrong password" issue but a quick Off/On of the wifi on the device solves that, and it's so infrequent that I'm not really bothered by it.
For some time I used "Fast Roaming (WPA2 Enterprise)" on the AP903s in the naïve belief that it would provide as it suggests, i.e. "Fast Roaming". The devices which move around are all iOS devices - an iPhone 11 and 3 newish iPads.
I found that "Fast Roaming" was anything but. I suspect, but do not know, that the more complex negotiations required in implementing this protocol actually resulted in a reluctance on the part of the devices to "roam".
I have now gone back to WPA2 Personal (WPA3 is available but my devices don't seem to want to connect using that) with 802.11r enabled "Over the DS" and Strictly Minimum RSSI of -70 with 5 adjacent.
Roaming definitely seems quicker in this scenario and I don't suffer any speed loss issues (back in the mists of time when I was using AP902s I had such severe problems with the 5GHz band that I turned it off. That no longer seems to be a problem, but whether that is down to Draytek or Apple I have no idea).
Very occasionally I get the "Wrong password" issue but a quick Off/On of the wifi on the device solves that, and it's so infrequent that I'm not really bothered by it.
Please Log in or Create an account to join the conversation.
- hornbyp
- Offline
- Big Contributor
Less
More
- Posts: 1323
- Thank you received: 0
04 Mar 2021 23:55 #98704
by hornbyp
Very simple, really. AP903 on middle floor, mid-way down a corridor - AP mode, connected to structured cabling. AP802 in lounge, in TV cabinet - again, AP mode, connected to structured cabling. The Vigor 2860n's (2.4GHz) Wifi tends to get used by I.O.T. things at that end of the house (outside light switches, Wiser Heating hub etc). (The 2860 is in the integral garage, on the outside wall where the phone line comes in).
The 2.4GHz channels don't need much in the way of speed and are configured as 20MHz wide. Channels were chosen to avoid one another and the neighbours (which can be faintly detected). The AP903's 5GHz is on CH36 - and is set to 80MHz wide, for speed. The AP802 uses CH100 (the AP802 has a higher power o/p from 5480MHz and up). It is also set to 80MHz wide. Because CH100 is a DFS channel, the AP802 plays dead for a minute, listening for Radar stations. Because it has to do this every day, it is set to auto-reboot at 6am. Last, but not least, my Sky Q box's network hogging 5GHz integral AP has been turned off - I don't have any Sky mini boxes.
Authentication is done via WPA2/PSK. AP-assisted Roaming is used and appears to work acceptably. The 2.4GHz and 5GHz bands use different SSIDs. 2.4GHz is reserved for I.O.T. and my 'Media LAN'. - everything else is on 5GHz. (The Media LAN is a throwback to the days when I was a Virgin Media customer. The Virgin Media Tivo sat on VM's network and on mine. It looked like an obvious back-door to me...)
My approach would be to start with a survey of the house. A Mobile phone with Wifi scanner and Netflix's 'FAST' speedtester app. ought to suffice. Find out what coverage you've got and who your competition is!
It could be that you have a particular 'rogue' app. on the network (someone pressing the "Fire" button every 25mS:wink: or some such). The 'Airtime fairness' options can help here - or even put them on a band all by themselves.
I don't know what the ultimate throughput of a Draytek AP is, but I do know that no single client is going to trouble your 1Gbps download limit!
Replied by hornbyp on topic Re: Are Vigor APs useless with Apple devices?
tazladd wrote:
What is your setup like with Wifi? I know you have no IOS knowledge but I just would love an insight.
Very simple, really. AP903 on middle floor, mid-way down a corridor - AP mode, connected to structured cabling. AP802 in lounge, in TV cabinet - again, AP mode, connected to structured cabling. The Vigor 2860n's (2.4GHz) Wifi tends to get used by I.O.T. things at that end of the house (outside light switches, Wiser Heating hub etc). (The 2860 is in the integral garage, on the outside wall where the phone line comes in).
The 2.4GHz channels don't need much in the way of speed and are configured as 20MHz wide. Channels were chosen to avoid one another and the neighbours (which can be faintly detected). The AP903's 5GHz is on CH36 - and is set to 80MHz wide, for speed. The AP802 uses CH100 (the AP802 has a higher power o/p from 5480MHz and up). It is also set to 80MHz wide. Because CH100 is a DFS channel, the AP802 plays dead for a minute, listening for Radar stations. Because it has
Authentication is done via WPA2/PSK. AP-assisted Roaming is used and appears to work acceptably. The 2.4GHz and 5GHz bands use different SSIDs. 2.4GHz is reserved for I.O.T. and my 'Media LAN'. - everything else is on 5GHz. (The Media LAN is a throwback to the days when I was a Virgin Media customer. The Virgin Media Tivo sat on VM's network and
One day I will get the perfect wifi setupOne side of the house seems perfect and in general we get the bad days and the good days
My approach would be to start with a survey of the house. A Mobile phone with Wifi scanner and Netflix's 'FAST' speedtester app. ought to suffice. Find out what coverage you've got and who your competition is!
It could be that you have a particular 'rogue' app. on the network (someone pressing the "Fire" button every 25mS
I don't know what the ultimate throughput of a Draytek AP is, but I do know that no single client is going to trouble your 1Gbps download limit!
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek