Wireless settings mac os

Recommended settings for Wi-Fi routers and access points

For the best security, performance, and reliability, we recommend these settings for Wi-Fi routers, base stations, or access points used with Apple products.

This article is primarily for network administrators and others who manage their own network. If you’re trying to join a Wi-Fi network, one of these articles should help:

About privacy and security warnings
If your Apple device shows a privacy warning or weak-security warning about a Wi-Fi network, that network could expose information about your device. Apple recommends connecting to Wi-Fi networks that meet or exceed the security standards in this article.

Before changing the settings on your router

1. Back up your router’s settings, in case you need to restore them.
2. Update the software on your devices. This is critical to ensure that your devices have the latest security updates and work best with each other.
   • First install the latest firmware updates for your router.
   • Then update the software on your other devices, such as on your Mac and on your iPhone or iPad.
3. On each device that previously joined the network, you might need to forget the network to ensure that the device uses the router’s new settings when rejoining the network.

Router settings

To ensure that your devices can connect securely and reliably to your network, apply these settings consistently to each Wi-Fi router and access point, and to each band of a dual-band, tri-band, or other multiband router.

Security

Set to WPA3 Personal for better security
Set to WPA2/WPA3 Transitional for compatibility with older devices

The security setting defines the type of authentication and encryption used by your router, and the level of privacy protection for data transmitted over its network. Whichever setting you choose, always set a strong password for joining the network.

• WPA3 Personal is the newest, most secure protocol currently available for Wi-Fi devices. It works with all devices that support Wi-Fi 6 (802.11ax), and some older devices.
• WPA2/WPA3 Transitional is a mixed mode that uses WPA3 Personal with devices that support that protocol, while allowing older devices to use WPA2 Personal (AES) instead.
• WPA2 Personal (AES) is appropriate when you can’t use one of the more secure modes. In that case, also choose AES as the encryption or cipher type, if available.

Weak security settings to avoid on your router

Don’t create or join networks that use older, deprecated security protocols. These are no longer secure, they reduce network reliability and performance, and they cause your device to show a security warning:

• WPA/WPA2 mixed modes
• WPA Personal
• WEP, including WEP Open, WEP Shared, WEP Transitional Security Network, or Dynamic WEP (WEP with 802.1X)
• TKIP, including any security setting with TKIP in the name

Settings that turn off security, such as None, Open, or Unsecured, are also strongly discouraged. Turning off security disables authentication and encryption and allows anyone to join your network, access its shared resources (including printers, computers, and smart devices), use your internet connection, and monitor the websites you visit and other data transmitted over your network or internet connection. This is a risk even if security is turned off temporarily or for a guest network.

Network name (SSID)

Set to a single, unique name (case-sensitive)

The Wi-Fi network name, or SSID (service set identifier), is the name your network uses to advertise its presence to other devices. It’s also the name that nearby users see on their device’s list of available networks.

Use a name that’s unique to your network, and make sure that all routers on your network use the same name for every band they support. For example, don’t use common names or default names such as linksys, netgear, dlink, wireless, or 2wire, and don’t give your 2.4GHz and 5GHz bands different names.

If you don’t follow this guidance, devices might not connect reliably to your network, to all routers on your network, or to all available bands of your routers. And devices that join your network are more likely to encounter other networks that have the same name, and then automatically try to connect to them.

Hidden network

Set to Disabled

A router can be configured to hide its network name (SSID). Your router might incorrectly use ”closed” to mean hidden, and ”broadcast” to mean not hidden.

Hiding the network name doesn’t conceal the network from detection or secure it against unauthorized access. And because of the way that devices search for and connect to Wi-Fi networks, using a hidden network might expose information that can be used to identify you and the hidden networks you use, such as your home network. When connected to a hidden network, your device might show a privacy warning because of this privacy risk.

To secure access to your network, use the appropriate security setting instead.

MAC address filtering, authentication, access control

Set to Disabled

When this feature is enabled, your router can be set up to allow only devices that have specified MAC (media access control) addresses to join the network. You shouldn’t rely on this feature to prevent unauthorized access to your network, for these reasons:

• It doesn’t prevent network observers from monitoring or intercepting traffic on the network.
• MAC addresses can easily be copied, spoofed (impersonated), or changed.
• To help protect user privacy, some Apple devices use a different MAC address for each Wi-Fi network.

To secure access to your network, use the appropriate security setting instead.

Automatic firmware updates

Set to Enabled

If possible, set your router to automatically install software and firmware updates as they become available. Firmware updates can affect the security settings available to you, and they deliver other important improvements to the stability, performance, and security of your router.

Radio mode

Set to All (preferred), or Wi-Fi 2 through Wi-Fi 6 (802.11a/g/n/ac/ax)

These settings, available separately for the 2.4GHz and 5GHz bands, control which versions of the Wi-Fi standard the router uses for wireless communication. Newer versions offer better performance and support more devices concurrently.

It’s usually best to enable every mode offered by your router, rather then a subset of those modes. All devices, including older devices, can then connect using the fastest radio mode they support. This also helps reduce interference from nearby legacy networks and devices.

Bands

Enable all bands supported by your router

A Wi-Fi band is like a street over which data can flow. More bands provide more data capacity and performance for your network.

Channel

Set to Auto

Each band of your router is divided into multiple, independent communication channels, like lanes in a street. When channel selection is set to automatic, your router selects the best Wi-Fi channel for you.

If your router doesn’t support automatic channel selection, choose whichever channel performs best in your network environment. That varies depending on the Wi-Fi interference in your network environment, which can include interference from any other routers and devices that are using the same channel. If you have multiple routers, configure each to use a different channel, especially if they are close to each other.

Channel width

Set to 20MHz for the 2.4GHz band
Set to Auto or all widths (20MHz, 40MHz, 80MHz) for the 5GHz band

Channel width specifies how large of a ”pipe” is available to transfer data. Wider channels are faster but more susceptible to interference and more likely to interfere with other devices.

• 20MHz for the 2.4GHz band helps to avoid performance and reliability issues, especially near other Wi-Fi networks and 2.4GHz devices, including Bluetooth devices.
• Auto or all channel widths for the 5GHz band ensures the best performance and compatibility with all devices. Wireless interference is less of a concern in the 5GHz band.

Set to Enabled, if your router is the only DHCP server on the network

DHCP (dynamic host configuration protocol) assigns IP addresses to devices on your network. Each IP address identifies a device on the network and enables it to communicate with other devices on the network and internet. A network device needs an IP address much like a phone needs a phone number.

Your network should have only one DHCP server. If DHCP is enabled on more than one device, such as on both your cable modem and router, address conflicts might prevent some devices from connecting to the internet or using network resources.

DHCP lease time

Set to 8 hours for home or office networks; 1 hour for hotspots or guest networks

DHCP lease time is the length of time that an IP address assigned to a device is reserved for that device.

Wi-Fi routers usually have a limited number of IP addresses that they can assign to devices on the network. If that number is depleted, the router can’t assign IP addresses to new devices, and those devices can’t communicate with other devices on the network and internet. Reducing DHCP lease time allows the router to more quickly reclaim and reassign old IP addresses that are no longer being used.

Set to Enabled, if your router is the only device providing NAT on the network

NAT (network address translation) translates between addresses on the internet and addresses on your network. NAT can be understood by imagining a company’s mail department, where deliveries to employees at the company’s street address are routed to employee offices within the building.

Generally, enable NAT only on your router. If NAT is enabled on more than one device, such as on both your cable modem and router, the resulting ”double NAT” might cause devices to lose access to certain resources on the network or internet.

Set to Enabled

WMM (Wi-Fi multimedia) prioritizes network traffic to improve the performance of a variety of network applications, such as video and voice. All routers that support Wi-Fi 4 (802.11n) or later should have WMM enabled by default. Disabling WMM can affect the performance and reliability of devices on the network.

Источник

If your Mac doesn’t connect to the Internet over Wi-Fi

If your Mac is set up to connect to a Wi-Fi network, it can analyze the connection for issues that affect its performance, including its connection to the Internet.

If you’ve followed the steps to connect your Mac to a Wi-Fi network, but the connection to your network or the Internet isn’t reliable, the steps in this article might help.

Check for Wi-Fi recommendations

When your Mac tries to connect to a Wi-Fi network, it checks for issues that affect its ability to create a fast, stable, and secure connection. If an issue is detected, the Wi-Fi status menu in the menu bar shows a new item: Wi-Fi Recommendations. Choose it to see recommended solutions.

Wi-Fi recommendations are available in macOS Sierra or later.

Analyze your wireless environment

Your Mac can use Wireless Diagnostics to perform additional analysis.

1. Quit any apps that are open, and connect to your Wi-Fi network, if possible.
2. Press and hold Option (Alt) ⌥ key, then choose Open Wireless Diagnostics from the Wi-Fi status menu .
3. Enter your administrator name and password when prompted.

Wireless Diagnostics begins analyzing your wireless environment:

If the issue is intermittent, you can choose to monitor your Wi-Fi connection:

When you’re ready to see recommendations, continue to the summary. Wireless Diagnostics asks for optional information about your base station or other router, so that it can include that in the report it saves to your Mac.

Click the info button next to each item in the summary to see details about that item. Wi-Fi best practices are tips that apply to most Wi-Fi networks.

Back up or make note of your network or router settings before changing them based on these recommendations—in case you need to use those settings again.

Monitor your Wi-Fi connection

Your Mac can monitor your Wi-Fi connection for intermittent issues, such as dropped connections. Follow the steps to analyze your wireless environment, but choose ”Monitor my Wi-Fi connection” when prompted.

During monitoring, a window shows that monitoring is in progress. Monitoring continues as long as this window is open and you’re on the same Wi-Fi network, even when your Mac is asleep.

If Wireless Diagnostics finds an issue, it stops monitoring and shows a brief description of the issue. You can then resume monitoring or continue to the summary for details and recommendations.

Create a diagnostics report

Wireless Diagnostics automatically saves a diagnostics report before it displays its summary. You can create the same report at any time: press and hold the Option key, then choose Create Diagnostics Report from the Wi-Fi status menu . It can take your Mac several minutes to create the report.

• macOS Sierra and later saves the report to the /var/tmp folder of your startup drive, then opens that folder for you.
  To open the folder manually, choose Go > Go to Folder from the Finder menu bar, then enter /var/tmp.
• OS X El Capitan or earlier saves the report to your desktop.

The report is a compressed file with a name that begins “WirelessDiagnostics.” It contains many files that describe your wireless environment in detail. A network specialist can examine them for further analysis.

Use other diagnostics utilities

Wireless Diagnostics includes additional utilities for network specialists. Open them from the Window menu in the Wireless Diagnostics menu bar:

• Info gathers key details about your current network connections.
• Logs enables background logging for Wi-Fi and other system components. The result is saved to a .log file in the diagnostics report location on your Mac. Logging continues even when you quit the app or restart your Mac, so remember to disable logging when you’re done.
• Scan finds Wi-Fi routers in your environment and gathers key details about them.
• Performance uses live graphs to show the performance of your Wi-Fi connection:
  • Rate shows the transmit rate over time in megabits per second.
  • Quality shows the signal-to-noise ratio over time. When the quality is too low, your device disconnects from the Wi-Fi router. Factors that affect quality include the distance between your device and the router, and objects such as walls that impede the signal from your router. Learn more.
  • Signal shows both signal (RSSI) and noise measurements over time. You want RSSI to be high and noise to be low, so the bigger the gap between RSSI and noise, the better.
• Sniffer captures traffic on your Wi-Fi connection, which can be useful when diagnosing a reproducible issue. Select a channel and width, then click Start to begin capturing traffic on that channel. When you click Stop, a .wcap file is saved to the diagnostics report location on your Mac.

Learn more

Additional recommendations for best Wi-Fi performance:

• Keep your router up to date. For AirPort Time Capsule, AirPort Extreme, or AirPort Express Base Station, check for the latest firmware using AirPort Utility. For non-Apple routers, check the manufacturer’s website.
• Set up your router using Apple’s recommended settings, and make sure that all Wi–Fi routers on the same network use similar settings. If you’re using a dual-band Wi-Fi router, make sure that both bands use the same network name.
• Learn about potential sources of Wi-Fi and Bluetooth interference.

Источник