Greetings Leders and people of Earth!
I support someone who has a TP-Link TL-WA701ND v2.2 and I'd like to ask if anyone knows that the hardware revision two point two of that model will be supported by a recent build patched against the KRACK vulnerability. This is an access point only, not a router, and it is not connected to any network in any sort of wireless client capacity. TP-Link categorically claims that their access points as such are not vulnerable to KRACK, but I do wonder about that.
I'd like to be able to patch this person's Access Point with your firmware to be sure I'm doing all I can to keep them safe. But I fear bricking their device.
To underscore the reason for my need to ask a question: this is the 2.2 version of the 701nd. Not the v2.0 or the v2.1. I have unsuccessfully tried before to flash another TP-Link AP, the EAP-120. I used firmware said to work with the v1 of that model, but it failed to take, I suspect because the AP in question was off by a minor version # of the hardware: it is a EAP-120 v. 1.2. There was no catastrophe, the lede firmware simply failed to flash. But I'd rather not take any risks with someone else's AP.
So to rep the question: regarding the lede-17.01.4-ar71xx-generic-tl-wa701nd-v2-squashfs-factory.bin image webflashed on the TL-WA701nd version 2.2. - Should I expect this to definitely work? Or is the lack of a version packaged specifically for the v2.2 of the hardware sufficient reason to stop hoping that a fix exists?
You should also be aware that the standard image for all LEDE devices is a basic router, meaning even though the installed TP-Link firmware offers you an AP, the newly flashed device will be configured as a single port router with the Ethernet set as a LAN port.
Thanks for your reply. I appreciate the need for client patching. All laptops normally on that network are of the most recent Windows and all the phones and tablets normally on the network are Apple IOS. They should already be patched against Krack via automatic updating - I've admonished the owners of these devices to manually run whatever update utility they have just to be sure. There are some other wifi devices present which are not patch-able. I'm thinking of setting those up on their own separate AP+network, using an older, slower AP and putting another NiC in the Linux router. The older and vulnerable IoT junk would be firewalled off from the rest. I wanted to do this even before Krack.
Thank you for that information. I did wonder about whether the image for the 701nd would be stripped already of all the stuff it didn't need. I will dig into that dump-ap config.