09-27-2009 07:59 AM - edited 07-03-2021 06:05 PM
Hi, i want to configure the WPA2-PSK. what is the way to configure it on 1100 series AP. I have different options like TKIP, AES CCMP with combination of wep128/40 bit. which is the corrent combination for WPA2-PSK standard?
09-27-2009 05:47 PM
Cisco allows you to mix authenication types and encryption types.
By standard --
WPA PSK w/ TKIP
WPA2 PSK w/ AES
WEP is not part of the WPA or WPA2 authenication type.
09-30-2009 04:20 AM
Hi gstefanick,
so its mean we cannot run WPA2 PSK with TKIP.
if TKIP is enable, its the WPA,
if the AES is enable, its the WPA2.
Is that correct?
09-30-2009 04:55 AM
Hmmm, I havent tried this, but could you configure the encryption for all three like you do for WPA1, WPA2 and WEP and then on the SSID configure it for optional EAP, Key management optional and eable WPA?
09-30-2009 07:42 AM
To build on gstefanick's post, there is a distinction between the WPA version and the encryption used. WPA1 can use AES, and WPA2 can use TKIP. The use of AES does not mean you're using WPA2, nor does using TKIP imply WPA1. You can see this on the controller GUI - specifying either WPA or WPA2 allows you to use TKIP or AES.
I'm not sure what every difference is, but I know that WPA2 addresses a handshake security exploit, which is there regardless of whether TKIP or AES is used. The exploit occurs before the keys are even exchanged, or maybe as they're exchanged. Sorry for the lack of details.
On IOS access points, you can configure all three encryption types (WEP, TKIP, and AES). With controllers, though, you can't run WEP alongside TKIP or AES, though TKIP and AES can still be run together.
09-30-2009 12:42 PM
I have following options available on my 1100 series ap.
WEP 128bit
WEP 40bit
TKIP
CKIP
CMIC
CKIP-CMIC
TKIP + WEP 128bit
TKIP + WEP 40bit
AES CCMP
AES CCMP + TKIP
AES CCMP + TKIP + WEP 128
AES CCMP + TKIP + WEP 40
Just tell me which option i have to select for WPA2-PSK and WPA-PSK.
I know that AES/TKIP can work with both WPA and WPA2. But there is no option to explicitly say to use WPA1 or WPA2.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide