What could interfere with global wireless communication?

Recommended settings for wireless routers and access points

For maximum security, performance, and reliability, we recommend these settings for wireless routers, base stations, or access points used with Apple products.

This article is primarily intended for network administrators and others who manage their own network. If you're trying to connect to a Wi-Fi network, the following articles may help:

Privacy and security warnings
If your Apple device displays a warning about privacy or the weak security of a Wi-Fi network, that network could be disclosing information about your device. Apple recommends connecting to a Wi-Fi network that meets or exceeds the security standards described in this article.

Before changing the router settings

  1. Back up your router's settings so you can restore them if necessary.
  2. Update the software on your devices. This is important to ensure that your devices have the latest security updates and are working optimally with each other.
  3. On any device that has previously joined the network, you may need to ignore the network to ensure that the device uses the router's new settings when it is reconnected to the network.

Router Settings

To ensure your devices can connect to your network securely and reliably, consistently apply these settings to every wireless router and access point, as well as every band on a dual-band, tri-band, or other multiband router.

security

Attitude: WPA3 Personalfor more security
Attitude:WPA2 / WPA3 Transitional for better compatibility with older devices

The security settings define the type of authentication and encryption used by your router and the level of data protection for data transmitted over the network. Regardless of the setting selected, always set a secure password for dialing into the network.

  • WPA3 Personal is the newest and most secure protocol currently available for WiFi devices. It works with all devices that support WLAN 6 (802.11ax) and some older devices.
  • WPA2 / WPA3 Transitional is a mixed mode that uses WPA3 Personal with devices that support this protocol, while older devices can use WPA2 Personal (AES) instead.
  • WPA2 Personal (AES) is suitable if you cannot use any of the safer modes. In this case, also select AES as the encryption type, if available.

Weak security settings to avoid on your router

Don't create networks or network connections that use outdated security protocols. These are no longer secure and reduce the reliability and performance of the network, causing your device to display a security warning:

  • WPA / WPA2 mixed modes
  • WPA Personal
  • WEP, including WEP Open, WEP Shared, WEP Transitional Security Network, or Dynamic WEP (WEP with 802.1X)
  • TKIP, including all security settings with "TKIP" in the name

Settings that disable security, such as None, Open, or Unsecured, are also strongly discouraged. Disabling security features turns off authentication and encryption, and anyone can dial into your network, access shared resources (including printers, computers, and smart devices), use your Internet connection, and tap into the websites you visit and other data that you have transmitted over your network or internet connection. This is a risk even if security features are only temporarily disabled or disabled for a guest network.

Network name (SSID)

Attitude: Single, unique name (Note upper and lower case)

The WiFi network name or SSID (Service Set Identifier) ​​is the name your network uses to indicate its presence to other devices. This is also the name that nearby users will see in their device's list of available networks.

Use a name that is unique to your network and make sure that all routers on your network use the same name for each band they support. For example, don't use common names or standard names such as. B. linksys, netgear, dlink, wireless Internet access or 2wire, and do not give your 2.4 GHz and 5 GHz bands different names.

If you don't follow these guidelines, devices may not be able to reliably connect to your network, to routers on your network, or to available bands on your routers. Devices that dial into your network are more likely to discover other networks with the same name and then automatically try to connect to them.

Hidden network

Attitude: Disabled

A router can be configured to hide its network name (SSID). Your router may incorrectly use the word "closed" for "hidden" and "send" for "not hidden".

Hiding the network name does not protect the network from detection or unauthorized access. Because of the way devices search for and connect to Wi-Fi networks, if you are using a hidden network, you may see information related to you and the hidden networks you are using, such as: B. your home network, can be identified. If you're connected to a hidden network, your device may display a privacy warning because of this privacy risk.

Instead, use the appropriate security settings to secure access to your network.

MAC address filtering, authentication, access control

Attitude: Disabled

When this feature is enabled, your router can be set up so that only devices with certain MAC (Media Access Control) addresses can dial into the network. You shouldn't rely on this feature to prevent unauthorized access to your network for the following reasons:

Instead, use the appropriate security settings to secure access to your network.

Automatic firmware updates

Attitude: Activated

If possible, set your router to automatically install software and firmware updates as they become available. Firmware updates can affect the security settings available to you and provide other important improvements to the stability, performance, and security of your router.

Transmitter mode

Attitude: All (preferred) orWLAN 2 to WLAN 6 (802.11a / g / n / ac / ax)

These settings, available separately for the 2.4 GHz and 5 GHz bands, control which versions of the wireless standard the router uses for wireless communication. Newer versions offer better performance and support more devices at the same time.

It is usually best to enable each mode offered by your router rather than just individual modes. All devices, including older ones, can then connect in the fastest transmitter mode they support. This also helps reduce interference from nearby older networks and devices.

Tapes

Activate any bands supported by your router.

A WiFi band is like a road through which data can be routed. More bands provide more data capacity and performance for your network.

channel

Attitude: Automatically

Each band on your router is divided into several independent communication channels, like the lanes of a street. If the channel selection is set to "Automatic", your router will choose the best WiFi channel for you.

If your router doesn't support automatic channel selection, choose the channel that works best in your network environment. This varies depending on the wireless interference in your network environment. This can include interference from other routers and devices using the same channel. If you have multiple routers, configure each one to use a different channel, especially if they are close together.

Channel width

Attitude: 20 MHz for the 2.4 GHz band
Attitude: Automaticallyor all bandwidths (20 MHz, 40 MHz, 80 MHz) for the 5 GHz band

The channel width indicates the data transmission capacity. Wider channels are faster, but more prone to interference, and can also interfere with other devices.

  • Choosing 20 MHz for the 2.4 GHz band avoids performance and reliability issues, especially around other Wi-Fi networks and 2.4 GHz devices, including Bluetooth devices.
  • Selecting "Automatic" or all channel widths for the 5 GHz band ensures the best performance and compatibility with all devices. WLAN interference is less of a problem in the 5 GHz band.

DHCP

Attitude: Activatedif your router is the only DHCP server on the network

DHCP (Dynamic Host Configuration Protocol) assigns IP addresses to devices on your network. Each IP address identifies a device on the network and enables communication with other devices on the network and on the Internet. A network device needs an IP address, much like a phone needs a phone number.

Your network should only have one DHCP server. When DHCP is enabled on multiple devices (such as your cable modem and router), address conflicts can prevent some devices from being able to connect to the Internet or use network resources.

DHCP lease time

Attitude:8 hours for home or office networks;1 hour for hotspots or guest networks

The DHCP Lease Time specifies how long an IP address assigned to a device is reserved for this device.

Wireless routers usually have a limited number of IP addresses that they can assign to devices on the network. When this number is used up, the router cannot assign IP addresses to new devices, and those devices cannot communicate with other devices on the network and the Internet. By reducing the DHCP lease time, the router can reclaim and reassign old IP addresses that are no longer used more quickly.

NAT

Attitude: Activatedif your router is the only device that provides NAT on the network

NAT (Network Address Translation) translates between addresses on the Internet and addresses on your network. NAT can be thought of as the post office of a company, from which shipments to employees registered at the company's postal address are forwarded to the appropriate offices within the building.

In general, NAT should only be enabled on your router. If NAT is enabled on more than one device, e.g. On your cable modem and router, for example, the resulting "duplicate NAT" can cause devices to lose access to certain resources on the network or Internet.

WMM

Attitude: Activated

WMM (WiFi Multimedia) prioritizes network traffic to improve the performance of various network applications such as video and voice. WMM should be activated by default on all routers that support WLAN 4 (802.11n) or higher. Disabling WMM can affect the performance and reliability of devices on the network.

Device functions that can affect WiFi connections

These features can affect the setup of your router or the devices that connect to it.

Location services

Make sure that the location services for Wi-Fi networks are activated on your device, as the regulations in the individual countries or regions determine the Wi-Fi channels permitted there and the cellular signal strength. You can use location services to ensure that your device can reliably find and connect to nearby devices, and that it will not be able to use Wi-Fi or features that use Wi-Fi, such as wireless internet access. B. AirPlay or AirDrop is performing well.

On the Mac:

  1. Choose the Apple menu > System Preferences, then click Security.
  2. Click the lock icon in the corner of the window, and enter your administrator password.
  3. On the Privacy tab, click Location Services, then select the Enable Location Services check box.
  4. Scroll to the bottom of the list of apps and services, then click the Details button next to System Services.
  5. Choose Wi-Fi Network, then click Done.

On the iPhone, iPad, or iPod touch:

  1. Go to Settings> Privacy> Location Services.
  2. Activate "Location Services".
  3. Scroll to the bottom of the list, then tap System Services.
  4. Enable "Network & Wireless" (or "WiFi Network").

Automatic connection to WiFi networks from cellular providers

Cellular carrier Wi-Fi networks are public networks set up by your cellular operator and its partners. Your iPhone or other Apple cellular device treats them as known networks and connects to them automatically.

If you see a "Privacy Warning" message under the name of your carrier's network in Wi-Fi settings, your cellular identity may be revealed if your device connects to a malicious hotspot that impersonates your carrier's Wi-Fi. To avoid this, you can prevent your iPhone or iPad from automatically connecting to your wireless carrier's Wi-Fi network:

  1. Go to Settings> WiFi.
  2. Next to the carrier's network, tap.
  3. Turn off the automatic connection.

Any information relating to products not manufactured by Apple or any independent website that is not controlled or audited by Apple is not a recommendation or endorsement. Apple is not responsible for the selection, performance, or use of third party websites and products. Apple makes no representations about the accuracy or reliability of any third party websites. Contact the provider for additional information.

Release date: