10-27-2008 01:11 PM - edited 07-03-2021 04:41 PM
I have WPA configured on my APs, but I'm interested in going to WPA2. What do I need to change under the SSID? I don't use the web interface, so CLI commands would be best.
Thanks!
John
10-27-2008 01:19 PM
What model of access point are you using? Is it truly a 1200, or is it a 1231 or 1242? WPA2 is not supported in some earlier models.
Under your ssid, issue the command "authentication key-management wpa2-psk". Under the Dot11Radio, enter the command "encryption mode ciphers aes". That should do it, as long as your AP supports it!
10-28-2008 06:31 AM
WPA2 is only supported on APs that have the 802.11g radio modules installed. This is because the older radios do not support AES encryption. You can upgrade almost all of the 1200 series APs with a module upgrade if necessary.
10-28-2008 06:44 AM
They're 1231Gs. How would I enable it under the cli?
10-29-2008 06:48 AM
config t
ssid [ssid name]
authentication open
authentication key-management wpa [version 2]
wpa-psk ascii [password]
interface Dot11Radio
encryption mode ciphers aes
ssid [ssid name]
NOTE: My previous syntax was wrong, I believe. I'm going on memory here, so hopefully this is correct. Please post if this doesn't work.
Also, the "version 2" is not supported by all IOS versions, so it may or may not be available.
10-29-2008 06:57 AM
Thank you for the response Jeff. I don't have that option under the ssid. I only have cckm or wpa, and no option to set the version.
I do have encryption mode ciphers aes-ccm under the radio interface. I'll play around with these and let you know what happens. I'm just going to change the ciphers from tkip to aes-ccm and see what happens.
--John
10-29-2008 07:16 AM
Why don't you upgrade the code on the AP?
10-29-2008 07:20 AM
I just updated it yesterday. It's at 12.3.8-JEB1.
10-29-2008 07:22 AM
Gotcha.
01-06-2009 08:45 AM
Hi John, I see the same issues, did you get this to work?
01-06-2009 10:07 AM
WPA2 is only supported on later hardware versions of the 802.11g radios.
I believe it's the xxx-21g ... something like that is the earliest hardware that supports WPA2
I couldn't find the old docs and I ran out of time to search. Try a search on "WPA2" in the main site.
Good Luck
Scott
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide