Introduction
Texas A&M University's wireless network, TAMU_WiFi, is a secure, encrypted wireless network for use by any Texas A&M affiliated student, faculty, or staff. However, there is some confusion regarding what types of devices can be used on the TAMU_WiFi network. This is because many devices are labeled saying they "support WPA" and/or "Support WPA2" while not actually being able to connect to the TAMU_WiFi network. This document will explain the differences between the types of WPA and why some devices which support WPA will not work on the TAMU_WiFi network.
They key thing to know is that Texas A&M University's wireless network, TAMU_WiFi, uses the WPA2-Enterprise encryption method, and devices must support WPA2-Enterprise in order to connect to our wireless network.
Differences between WPA and WPA2 encryption
One reason a device may not be able to connect to the TAMU_WiFi network is due to the type of encryption we use.
The primary difference between WPA and WPA2 is the method in which they encrypt wireless connections. WPA uses an encryption scheme called TKIP, while WPA2 uses an encryption scheme called AES. Both schemes are secure, but AES provides stronger security of the two. Because AES encryption is newer than TKIP encryption, some wireless devices are unable to connect to a WPA2 network. Incompatible devices tend to be older devices, but may also be some newer devices which lack WPA2 capability.
Check your device documentation to verify that is supports WPA2.
Differences between Personal and Enterprise
Another reason why your device may not be able to connect to the TAMU_WiFi network is due to the type of authentication we use.
There are two types of authentication protocols used by both WPA and WPA2. The first is called Personal. Both WPA-Personal and WPA2-Personal use PreShared Key (PSK) authentication. This is the type of authentication used in many home wireless networks. A single password is used by everyone to connect to the same network. This is a great authentication method for very small networks, such as a family or a very small business. Sharing the passphrase between only 5 or 10 individuals is easy to keep up with. Additionally, there is little overhead needed when you need to change the password due to an unauthorized individual obtaining it. However, Personal authentication does not scale will to large organizations such as an entire university.
TAMU_WiFi uses Enterprise authentication. Both WPA-Enterprise and WPA2-Enterprise authenticate using individual usernames and passwords. At Texas A&M, this is your NetID and your NetID password. When you connect to an Enterprise network, you are asked to enter your username (NetID) and password. The network then consults an authentication server to make sure the username and password you provided are allowed on the network. If you are allowed to have access to the TAMULin-WPA network, the authentication server will confirm your connection, and you will be able to use the network.
Check your device documentation to verify it supports WPA2-Enterprise.
Summary
In order for a device to connect to the TAMU_WiFi network, it must support WPA2-Enterprise.