Client can´t connect to WLAN with WPA2 + AES /WPA + TKIP
End user has a WLC AIR-CT5508-50-K9 with ver 220.127.116.11 with 17 LAPs registered ; 9 LAPs are registered in the main site the other 8 LAPs registered in the remote site; the problem is that WLC's logs show many alarms like:
- Impersonation of AP with Base Radio
- IDS Signature attack detected. Signature Type..
These logs are just for remote LAPs, all the user in remote site that try to associate to the WLANs by means of the remote LAPs cannot do it. The user for local LAPs works fine with the same encryption WPA2+ AEs /WAP + TKIP
I have to create two new WLAN with open + WEP so that end user can associate to WLANs in remote LAPs
any idea why neither WPA2 nor WPA works in remote site?
v7.5 is deferred and you should upgrade to v18.104.22.168
Also, its best practice not to use both WPA2/AES and WPA/TKIP on the same SSID. This is known to cause issue with clients and it's best to define just one and not a mix of either. If you need both for some reason, then create a new WLAN with a different profile name but same SSID. This will allow out to have one that is WPA2/AES and another that is WPA/TKIP. This will work better for clients to connect.
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...