When do I use WPA2-PSK AES versus when to use TKIP?

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
How do I make a decision to choose between WPA2-PSK AES or TKIP?
http://i.imgur.com/n7AV0fr.jpg

I have some guests coming over for a week, and they asked for the wifi  
password, which is fine, so I logged into my router and decided to set up  
a guest network (so that I can give them a *different* passphrase).

When I logged into the router, I'm confronted with this choice?
( )WPA2-PSK (AES)
( )WPA-PSK [TKIP] + WPA2-PSK [AES]

I'm sure *both* work just fine, but, rather than just click one of them  
arbitrarily (which is what I did prior), I wonder if you can advise me on  
how I would properly make a decision between the various options?

Re: When do I use WPA2-PSK AES versus when to use TKIP?

Quoted text here. Click to load it

Also, what exactly does checking this box do?
( )Allow guest to access My Local Network

Re: When do I use WPA2-PSK AES versus when to use TKIP?
BTW, I do have this manual:
https://www.myaccount.charter.com/customers/support.aspx?supportarticleid=3292

But, all it says for the first question is:
WPA2-PSK (AES) - WPA2-PSK is stronger than WPA-PSK. It is advertised to be theoretically indecipherable due to the greater degree of randomness in encryption keys that it generates.
WPA-PSK (TKIP) + WPA2-PSK (AES) - WPS-PSK + WPA2-PSK Mixed Mode can provide broader support for all wireless clients. WPA2-PSK clients get higher speed and security, and WPA-PSK clients get decent speed and security. The product documentation for your wireless adapter and WPA client software should have instructions about configuring their WPA settings.  

And, for the second question, I don't see how these are different?
Allow guest to access My Local Network - If this check box is selected, any user who connects to this SSID has access to your local network, not just Internet access.
Enable Wireless Isolation - If this check box is selected, then wireless clients (computers or wireless devices) that join the network can use the Internet, but cannot access each other or access Ethernet devices on the network.  


Re: When do I use WPA2-PSK AES versus when to use TKIP?
On Sat, 18 Jul 2015 22:19:48 +0000 (UTC), Werner Obermeier wrote:

Quoted text here. Click to load it

What follows are my understandings, perhaps quite flawed:

Quoted text here. Click to load it

If all you want your guests to be able to access is the wide-area, distant
internet, do NOT check this box (checking it will allow guests to access
everything -- printers, modems, computers, SAN drives, files and folders,
etc. -- on your local network as well). Whether your guests will or won't
be able to access *each other* seems to be unspecified here.

Quoted text here. Click to load it

If all you want is for your guests to be able to access the wide-area,
distant internet, but nothing local, not even each other, check this box.

It almost appears as if checking the first box, to give guests access to
everything, and checking the second, to assure that guests are wirelessly
isolated from each other, will let guests access the internet, and local
printers, say (or modems, or faxes, etc.), but *not* each other.

But test that before letting guests loose in that playground, I may well be
horribly off-base :-) .

Cheers, -- tlvp


--  
Avant de repondre, jeter la poubelle, SVP.

Re: When do I use WPA2-PSK AES versus when to use TKIP?
On Sat, 18 Jul 2015 21:31:36 +0000 (UTC), Werner Obermeier wrote:

Quoted text here. Click to load it


TKIP is no longer considered secure, unlike AES.

You would only enable TKIP when the guests had older devices which  
did not support AES.  Anything made in the last 9 years should  
support AES.



--  
Kind regards
Ralph

Site Timeline