Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2667
Views
0
Helpful
5
Replies

configure WPA2-psk on 1100 series AP

t4tauseef33
Level 1
Level 1

‎09-27-2009 07:59 AM - edited ‎07-03-2021 06:05 PM

Hi, i want to configure the WPA2-PSK. what is the way to configure it on 1100 series AP. I have different options like TKIP, AES CCMP with combination of wep128/40 bit. which is the corrent combination for WPA2-PSK standard?

Labels:
0 Helpful
5 Replies 5

George Stefanick
VIP Alumni
VIP Alumni

‎09-27-2009 05:47 PM

Cisco allows you to mix authenication types and encryption types.

By standard --

WPA PSK w/ TKIP

WPA2 PSK w/ AES

WEP is not part of the WPA or WPA2 authenication type.

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

t4tauseef33
Level 1
Level 1
In response to George Stefanick

‎09-30-2009 04:20 AM

Hi gstefanick,

so its mean we cannot run WPA2 PSK with TKIP.

if TKIP is enable, its the WPA,

if the AES is enable, its the WPA2.

Is that correct?

0 Helpful

SHANNON WYATT
Level 1
Level 1

‎09-30-2009 04:55 AM

Hmmm, I havent tried this, but could you configure the encryption for all three like you do for WPA1, WPA2 and WEP and then on the SSID configure it for optional EAP, Key management optional and eable WPA?

0 Helpful

jeff.kish
Level 7
Level 7
In response to SHANNON WYATT

‎09-30-2009 07:42 AM

To build on gstefanick's post, there is a distinction between the WPA version and the encryption used. WPA1 can use AES, and WPA2 can use TKIP. The use of AES does not mean you're using WPA2, nor does using TKIP imply WPA1. You can see this on the controller GUI - specifying either WPA or WPA2 allows you to use TKIP or AES.

I'm not sure what every difference is, but I know that WPA2 addresses a handshake security exploit, which is there regardless of whether TKIP or AES is used. The exploit occurs before the keys are even exchanged, or maybe as they're exchanged. Sorry for the lack of details.

On IOS access points, you can configure all three encryption types (WEP, TKIP, and AES). With controllers, though, you can't run WEP alongside TKIP or AES, though TKIP and AES can still be run together.

0 Helpful

t4tauseef33
Level 1
Level 1
In response to jeff.kish

‎09-30-2009 12:42 PM

I have following options available on my 1100 series ap.

WEP 128bit

WEP 40bit

TKIP

CKIP

CMIC

CKIP-CMIC

TKIP + WEP 128bit

TKIP + WEP 40bit

AES CCMP

AES CCMP + TKIP

AES CCMP + TKIP + WEP 128

AES CCMP + TKIP + WEP 40

Just tell me which option i have to select for WPA2-PSK and WPA-PSK.

I know that AES/TKIP can work with both WPA and WPA2. But there is no option to explicitly say to use WPA1 or WPA2.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card