Home Network Community > Range Extenders > RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
< Range Extenders

RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
2020-06-03 18:08:43 - last edited 2020-06-03 18:15:03
Model: RE220  
Hardware Version: V2
Firmware Version: 1.0.1

We have recently bought a RE220 range extender.  It seems to be solving our problems perfectly, but there is a thing we'd like to check.  We wonder if it's possible to disable access via WPA+PSK and only allow the newer and more secure WPA2+PSK, please?

 

The reason we're asking is that we've checked our Wi-Fi using a scanning tool called inSSIDer, and it reported that the Range Extender is allowing the older WPA+PSK as well as WPA2+PSK.  It suggested turning off the older protocol, claiming it presents a security risk. 

 

I'm not sure whether this is risk is actually 'real' - my understanding is that the original WPA used an inferior encryption method (TKIP) and the newer WPA2 uses a better one (AES), but I am guessing that (a) all devices that support WPA2+PSK will default to that and not use TKIP, and (b) even with a very old device that only supports WPA-PSK and TKIP, a very long WPA key will still effectively be uncrackable in reasonable time.

 

Is my understanding correct, please?

 

Also, it would be great if a future version of the firmware allows users to disable the older WPA+PSK and TKIP.  (My main router does this by default.)

 

Thanks in advance for your help.

  1      
 
  1      
 
#1
Options
8 Reply
Re:RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
2020-06-11 09:12:29

@DJA 

 

Hello, the wifi security and password of the extender actually are the same as the host wifi, and the extender does support WPA2-PSK.

 

You can regard the extender as a computer or any other client, in order to connect it to the host wifi, the extender must synchronize the wifi settings of the host router.

 

In your case, you may try to change the wireless security type to WPAS-PSK and see if it would help.

 

Good days.

>>Landscape Mode - Tapo App for Pad. >>Smart Action 2.0 Explore and meet the next level home automation. >>How to position my TP-Link camera for optimal performance.
  0  
  0  
#2
Options
Re:RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
2020-06-12 09:24:49

@Solla-topee Thank you very much for your email.  I understand what you are saying, but I think there is a still problem:

 

  • My router is already set to WPA2-PSK only.  It works fine, and when I scan with InSSIDer, it is clearly secure.
  • When I scan with InSSIDer, I can see that the range extender is indicating that it is allowing both WPA-PSK and WPA2-PSK connections.  So even though the router requires WPA2-PSK (and the range extender is using WPA2-PSK to connect to the router), it seems that computers can connect to the range extender via the less secure WPA-PSK.

 

The range extender is already set up specifying that the host networks use WPA2-PSK only - for both 2.4 GHz and 5 GHz host networks.

 

The problem is that even though my router uses WPA2-PSK, the range extender is allowing mixed-mode WPA-PSK/WPA2-PSK.

 

How can I fix this, please?  I'd really like to plug this security hole.

  1  
  1  
#3
Options
Re:RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
2020-09-29 18:42:37

@DJA I also have this question, and I would really enjoy disabling the WPA+PSK option.

 

Are there any firmware updates to address this?

 

  0  
  0  
#4
Options
Re:RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
2020-09-30 01:15:27

@TotallyTP 

Good day.

For the RE220, it sticks to the same encryption method of the home router;

Have you tried to fix the main router to WPA2+PSK, and reconfigure the RE220 via web interface to have a look

 

Thanks a lot.

>>Landscape Mode - Tapo App for Pad. >>Smart Action 2.0 Explore and meet the next level home automation. >>How to position my TP-Link camera for optimal performance.
  0  
  0  
#5
Options
Re:RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
2020-09-30 13:52:23

@Solla-topee Unfortunately, this doesn't work quite as intended.  My router is set up like this, but the range extender is still apparently allowing the less-secure TKIP connections, even though the main router doesn't.  This shows up easily if you use a WiFi scanning tool like inSSIDer.

 

Is there any fix?

  0  
  0  
#6
Options
Re:RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
2020-10-11 13:54:28 - last edited 2020-10-11 14:05:12

 

@Solla-topee 

This thread (to which you replied) confirms that regardless of the latest answers that were provided the extenders still broadcast in TKIP mode:

https://community.tp-link.com/en/home/forum/topic/192784

 

An update from your side is needed by yesterday

 

KR

  0  
  0  
#7
Options
Re:RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
2020-10-14 09:00:41

@Solla-topee 

As already commented in another thread, I see there are news for owners of other repeater models.

Any news for RE200?

 

KR

  0  
  0  
#8
Options
Re:RE220 - is there any way to disable WPA+PSK and only allow WPA2+PSK please?
2020-10-14 17:23:53 - last edited 2020-10-14 17:29:54

@Solla-topee 

 

I was contatect via email by forum support service and all in all the answer I got is that "RE200 V1 and V2 has been discontinued some time ago, so the beta firmware or official firmware might not be available yet or take quite a long time".

 

Should I take it as a confirmation that the repeater is NOT broadcasting following the main router encryption (so it's also using TKIP), as we stated several times (even if we were told the opposite)?

Is an updated firmware update being sheduled (if yes, by when - even if it requires a long time I expect you plan for it, otherwise it will really take forever) or does it mean that basically we will be left without any security fix, so we should bin it and look for a different product, even if our repeaters are still fully functional and could be fixed via a software patch?

 

Can you or anybody else comment?

 

KR

 

Firmware Version:
3.14.2 Build 160329 Rel.51554n
Hardware Version:
RE200 v1 00000000
  0  
  0  
#9
Options

Information

Helpful: 1

Views: 3017

Replies: 8

Related Articles
RE220 Issue
634 1
RE220 on Onemesh
1038 0
Problem configuring RE220
507 0
RE220 stops transmitting
1174 2
RE220 as access point
1225 0
 WPA-PSK/WPA2-PSK Stopped working
525 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.