I am trying to activate fast transitions (roaming) in may wireless network.
I have a main router and a dumb AP both running 22.3.2 openWRT.
They both are configured with two wireless networks (guest and wlan).
Each wireless network is configured with a SSID and password, the same on both devices and over 5GHZ and 2.4 GHz network.
By default they have wdap-basic-wolfssl
But when I activate roaming in the wlan (under wireless security enabling fast transitions and with the same mobility domain) transitions don't seem to work well. (I have 802.11w as optional).
But the main problem is that some devices won't be able to even connect to the wlan.
Following instructions in this thread (thanks to @frollic ), I removed wpad-* and installed hostapd.
It seems to work (it was neccesary to recreate all wirless interfaces) but it does not seem to provide WAP3 security.
Is there a modules that let me provide WPA2 and WPA3 security and works well with fast transitions?
Thanks, I will, I hope to understand enough of it to have it working (or decide whether WPA3 should take preference to fast transitions, if they are not compatible).
I had read that WPA2 is not so secure and WPA3 should be used (not all devices support it so I cannot enforce it).
I have been using WPA3 only for over a year. Almost all devices can speak WPA3. Those that can not (mainly Chinese IoT things or very old phones) have no business being on home network anyway, so they get to sit on IoT 2.4GHz guest WiFi.
802.11r does work slightly better than "fake" roaming that my iPhone does but you basically need to specifically measure it (pinging and logging the results) to notice the difference.
And activated ft transitions in the 2.5GHz and 5GHz wlan in both router and access point (I have not activated it in the guest lan).
But it did not work. Some devices like my mobile does connect, but older mobiles like the mobile of my sister do not.
I have discovered that it does not connect when I stablish 802.11w to required either.
I getting a bit mad about this.
Without fast transitions, my phone many times changes the AP when i go from one point to the other, but it takes a while and some times it does it incorrectly, moving from 5G to 2.4G network in the other AP and it keeps there.
My wifi neighbouhood is quite busy I can see (and they can see me) SSIDS from some bars and restarutants near me, so I think it is important to use WPA3 (I cannot enforce it as not all devices might work, so may be using mixed wpa2+wpa3 is just as insercure as using only wpa2).
It seems that I have to decide whether is better to not use fas transitions (as it was now) or use hostapd (it seemed to wokr) and just wpa2.
I am not sure as I don't know exactly what hostapd does and differences with current default implementations.
OK, thank you.
I think I will have to wait to activate fast transition to see if things get better in next release of openwrt.
I don't have enough expertize to deal with all the problems that can arrive if (as it seems) current wpad implementations are not fully compatible with it and with many devices.
The altternative could be use hostapd instead and wpa2, but it seems that openwrt has decided to go forward with wpad alternatives, as they distribute the firmware with that, so better don't tinker too much with router configuration.
Thank you, I don't know the differences, I am lost with all that modules.
But in the thread that I have bookmarked, it is advised to uninstall wpad and install hostapd and it seemed to work but you only have wpa2 and you need to recreate the wifi networks (at leaste I had too).
I will try to uninstall wpad-basic-wolfssl and install wpad-basic-openssl and see if it makes any difference.