This question relates to Wi-Fi certification. In particular, a station is not allowed to connect to a pure TKIP AP. There are also various settings of "mixed WPA/WPA2" and "WPA2". We tried using the settings here:
Specifically we tried the configuration under "Connect to secured WiFi network (WPA)" and "Connect to secured WiFi network (WPA2)". The problem is that we fail the "pure TKIP test" in those configurations.
I've been searching the web trying to better understand these fields. It looks to me like group relates to multicast ciphers (e.g. TKIP or CCMP) and pairwise relates to unicast ciphers (e.g. TKIP or CCMP). Is that correct? That said, I think the pure WPA2 configuration should only be specifying group=CCMP and pairwise=CCMP. Is that right? For the "mixed" I'm not quite as sure, but I think it should be group=TKIP (or maybe group=TKIP CCMP?) and pairwise=CCMP. Is that right?
I have not found an explanation of "proto" at all. How is this used? I've seen examples of it being set to "WPA" and other examples of it being set to "RSN". What's the difference?
The ultimate goal here is:
- What's the proper configuration for mixed mode WPA/WPA2 operation?
- What's the proper configuration for pure WPA2 operation?
Both of these configurations must NOT connect to a "pure TKIP" AP.