D-Link Forums
The Graveyard - Products No Longer Supported => Routers / COVR => COVR-3902-US => Topic started by: jdw20 on September 28, 2020, 03:03:57 PM
-
Hi
I just updated my Ipad to ios 14, and in my wifi section it indicates that my router has "weak security" that WPA/WPA2 (TKIP) is not considered secure - that I should configure router to WPA2(AES) or WPA3
However in my router settings there is no options to change the security , only available selection under wireless advanced settings is WPA/WPA2-Personal
is there a update for this setting or is my router becoming obsolete and have security concerns?
Appreciate your replies and information
Thanks
-
iOS 14 has added more security measures. Your connection is still secure (for WiFi standards - nothing is 100% secure), they are just "suggesting" WPA2 AES or WPA3. The router does support WPA2 AES but I am assuming it will try TKIP first. D-Link has sent this to the engineers to look at. Hopefully they can either put an option (like most of D-Link routers) to select TKIP or AES, or have it set to AES by default.
-
Thanks for the replies and insight, hopefully DLink will update the router security, i have been very pleased with this router to date, also will watch for the ios update
-
The COVR uses WPA2 and AES. MIne does since day one.
The issue is that Apple has introduced new features and such in there IOS. Apple are the one who need to make sure there products and devices are connecting to provided security modes that wifi routers support and broadcast. It's up to the device to pick and choose which security modes to select. D-Link just provides the platform and modes.
Please contact Apple and let them know what your having problems with since you loaded iOS 14. There are other router mfr users who are seeing similar issues with iOS 14 was made available.
-
Just following up, I have received my Apple iOS update 14.2, but my Apple devices still are indicating that my wifi security is weak? Ant updates from D-Link engineering as to a possible router update to have correct security protocols? Thanks
-
I can confirm iOS 14.0.2 shows "weak security" with the 3902 router and v1.01 B05 Beta 1 HCR2 FW loaded. I don't see this with a non D-Link router with security mode set to WPA2 and AES only.
(https://i.postimg.cc/s24njFwn/i-Phone12-Max-i-OS1402-3902.png) (https://postimg.cc/t17dkc0P)
Android pad WiFi Man app shows it's using WPA2/PSK with the 3902 and a different non D-Link router with same security mode set to WPA2 and AES only.
(https://i.postimg.cc/FK4WXFgd/Android-Pad.png) (https://postimg.cc/fV8jxNPD)
-
So I am somewhat confused! Apple shows weak security (same as my Apple devices ) but your android devices are showing security as wpa2-psk. Who to believe? Maybe I am over thinking this security concern but want ensure that my Wi-Fi is not using an obsolete security protocol
Thanks
-
Ya, D-Link routers always support WPA2 and AES. I'm wondering if maybe there is a new mis-handling of the mode or connection mode with newer iOS versions vs older. I hadn't seen this with older versions of iOS so I presume that there is some items that both Apple and D-Link need to look into with the new iOS and new phones and such. Something to send D-Link support your concerns about.
-
Is a new thing with iOS 14. If they detect that the router/extender/access point supports TKIP, it will give you the "weak security" message. It does not mean you are currently connected to TKIP. D-Link chose to keep TKIP for backward compatibility with older WIFI clients. If your client supports AES, it will connect using AES.
There is nothing to fix on Apple's side. D-Link needs to put the feature back in that allows you to manually select "AES only" or add WPA3 to the current line of non-AX routers. Not sure the reasoning for them taking it out. (Speaking for myself here) there should not be a panic over this. People need to realize WIFI is and will never be safe. WEP was fine until it wasn't. WPA was safe until is wasn't. Same will happen with every other encryption/wifi security in the future.
-
I just checked with a my Nintendo Switch which reports or seems to report actual security mode. I connected it to both a non D-Link wifi router and the COVR-3902 and its connected to both and using AES, not TPIK:
(https://i.postimg.cc/fRmqQmCY/Swtich-Reporting-WPA2-AES3902.jpg) (https://postimg.cc/75PngCpL)
So at least one device reports using AES with the 3902.
I presume that there could be some mis-handling of the mode by the newer iOS version since D-Link only has the mode set for Automatic, thus letting the wireless client device determine which mode to use. Maybe the newer iOS isn't picking AES and choosing TPIK. :-\ However, if D-Link can provide a manual UI method to force AES only, this would be helpful as well. ;)
-
Thanks for the insight and explanation, agree that any security is ever involving as needed to best protect the end users. You both mention that D-Link support should be involved in potentially rectifying the security protocols. Is this something that you and Greenbay42 will pursue with D-Link Support? I feel an enquire coming from you and this forum would carry more importance than a single D-Link customer
Thanks again!! PS I have been quite satisfied with this router’s performance
-
You'll need to contact D-Link support and present your information to then. Not sure if the 3902 will be included in any newer fixes since this model has entered in to EOL status:
This product has been discontinued.
Free support for this product will end on 01/01/2021
So not sure if D-Link will do anything at this point.
Please contact D-Link support and them them know what your seeing. You can include this thread as well for there review.
-
Well that’s not the greatest news that cover 3902 is EOL as of Jan 01/21, I purchased this router system just over 2yrs ago. Pretty sure D-Link will not providing any updates to anEOL product!!
Appreciate everyone’s knowledge and replies, this forum is most helpful
-
Well the COVR is working with AES. the iOS version will be a problem. I feel that Apple should also own up to this as well. Just seems like there new iOS is not handling the automatic security mode select and seems to be taking TPIK when AES is also available. Would be easy if D-Link can add the WPA2 Personal only option. However how many other router mfrs have some automatic security select feature?
It would be something to also ask Apple about as well.
-
Chatted with D-Link tech support they indicated that they looking into a possible FW update to separate WPA from WPA2 , but unfortunately did not have any timing on if or when this will occur. It is for forum members who are experiencing similar weak IOS security issues , to connect with D-Link Tech Support to help get this FW change implemented, I am sure that this issue probably common in several for their routers. I will follow up in 1 month with support
-
Good to hear. Yes, I encourage everyone with a 3902 system to contact D-Link support. The more they hear about this, hopefully will encourage them to make changes. Thank you for letting us know. ;)
-
I have Hotfixes for multiple routers. I will post here today. I did not see any for COVR devices unfortunately.
-
:(
-
Maybe a hot fix coming for the cover router?!! 🤞🏻🤞🏻
-
I'll be sure to reach out to D-Link support as well. ;)
-
I don't care if my iOS devices say "weak security" - what gets me is that TKIP cannot be diabled, leaving a more vulnerable means of hacking into the router open. I have more than once found unknown devices accessing my WiFi in the past when I had other routers, I used to lock out unknown MAC addresses in the past but the COVR1200 series does not have that option.
-
WPA2 and WPA3 are also compromised.
Please open a support ticket with D-Link and let them know about this.
-
Just checking in, any updates from D-Link support regarding this weak security issue for cover 3902 system? Thanks
-
Nothing I'm aware of. Not sure if the 3902 will get a update on this.
Over all, AES is support and used by client devices and is preferred by the device. It's mostly Apples newer policy that seems to be if they detect older WPA or TPIK protocols being broadcast with WPA2 and AES along side, there OS seems to take noticed and advice users of it is all. I have connected my iphones and android pad to the 3902 and they are connected using AES. This is mostly a cosmetic and comfort issue is all.
Users are recommended to contact D-Link support about this. Please reference this forum thread.
Good Luck.
-
Did a follow up with support today, advised me that several routers have received updated security protocols, but the covr 3902 router as of yet. Support indicated that they do not know which or when the routers will be updated. Told me probably in the next few months! It is very strange that D-Link support/ technical group don’t know which routers are to updated. Everyone gotta keep the heat on them to fix this issue! Call support and get a ticket started. THANKS!!!
Here is the chat details:
13:23:58 [Jeffery] Wi-Fi security on covr 3902 system, I talked to support (Jan) back in Nov/20 regarding weak security warnings on iOS 14 devices. Looking for update if D-Link has plans to update/upgrade the Wi-Fi security protocols on this router? Thanks
13:24:18 [Mohamed]
Thank you for contacting D-Link Technical Support, my name is Mohamed, I will be assisting you today.
13:24:22 [Mohamed]
Hello sir
13:24:30 [Jeffery] Hi
13:26:24 [Mohamed]
Unfortunately we still don't have an ETA on the Firmware update on the WPA3 security for your router, We have updated other routers to support that security type and in the next coming months there should be an update for the router
13:26:49 [Mohamed]
unfortunately we don't have a list of router's that are going to be updated so all we can do is wait.
13:28:51 [Jeffery] Thanks for update, so there are routers that being updated but you can tell me if the covr 3900 will be included? I would think D-Link would know which routers will get upgrade?
13:31:19 [Mohamed]
the firmware update are handled by our main branch. We haven't got an announcement that a firmware update is going to happen for your router that is why there's no ETA as of yet
13:33:09 [Jeffery] Seems strange but I will check back in another 30days if my router doesn’t update, Thanks again for your reply
13:33:22 [Mohamed]
no problem sir have a nice rest of your day
-
Perhaps the question to ask D-Link would be to see if they can implement the UI setting of allowing users to manually select WPA2 and AES only setting on the 3902s web page instead of Automatic.
The 3902 is not supporting of WPA3 as WPA3 requires from what I hear, different hardware chipset configuration. Something that the 3902 did not have at the time it was mfr'd. Nor was probably available back then.
http://forums.dlink.com/index.php?topic=75435.msg306028#msg306028 (http://forums.dlink.com/index.php?topic=75435.msg306028#msg306028)
The only option for the 3902 would be to allow users to set the security mode to WPA2 and AES only which would satisfy Apples IOS notification of it seeing TPIK and AES being broadcast at the same time when in Auto mode, Even though Apples devices are connecting using AES.
Again, this is only a Apple issue in there iOS. Devices are actually using AES modes. D-Link just needs to implement a UI change and UI mode option to allow users to set WPA2 and AES only.
However not sure if D-Link will do this for the 3902.
-
Agree that would “fix” the iOS issue for sure, you would think that is doable within the current HW environment. Would be great if D-Link would just tell us Covr owners that the issue can and will be addressed in an update. If not at least let us know it’s a “no-go”
-
Most routers try to not set a presidence in there business, support and development. Why most Mfr are quite about giving any future update information. Nature of the business. Been like this for years. Users are encouraged to reach out to support to express there concerns and give information. All we can do.
-
Hello, I also encountered this issue with a DIR-615 on the new iOS updates. Currently, the default wireless settings will set the cipher type to "TKIP or AES", so it makes sense why some devices recognized it as AES whereas others notified you it was not secure as TKIP. This is simple to change in the router settings by following these steps:
1. Go to your router settings page, login
2. Go to "Wireless Settings"
3. Click "Manual Wireless Network Setup"
4. Scroll down to "WPA" section and under "Cipher Type" select "AES"
5. Click Save Settings
The router will restart and once you reconnect you will be on secure settings again, good luck
-
AES only is not selectable on this model system.
Hello, I also encountered this issue with a DIR-615 on the new iOS updates. Currently, the default wireless settings will set the cipher type to "TKIP or AES", so it makes sense why some devices recognized it as AES whereas others notified you it was not secure as TKIP. This is simple to change in the router settings by following these steps:
1. Go to your router settings page, login
2. Go to "Wireless Settings"
3. Click "Manual Wireless Network Setup"
4. Scroll down to "WPA" section and under "Cipher Type" select "AES"
5. Click Save Settings
The router will restart and once you reconnect you will be on secure settings again, good luck
-
There will not be a firmware fix for this product unfortunately since it has been discontinued and is no longer supported.