Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4574
Views
0
Helpful
3
Replies

Data rate will not exceed 54 Mbps when WEP or TKIP encryption is configured

Go to solution
Craig Le-Butt
Level 1
Level 1

‎07-26-2013 04:22 AM - edited ‎07-04-2021 12:31 AM

Hi

Just playing around with some wireless cards and found having issues with getting high speed with 802.11n.

After looking found can't get high speeds becouse we are still using WEP-TKIP encrytion.

This is ther becouse of XP SP2 limitations many moons ago

Our config on WLC

802.1x

with WEP-TKIP

WPA2-AES

We can remove the WEP-TKIP from the group policy for windows.

I want to double check and get a 100% right is the this will allow a device to connect via WEP-TKIP or WPA2-AES.

So removing the setting from the group policy will so only laptops connect via wpa2-aes will still work if I leave these WEP-TKIP in when the windows device only has wpas-aes settings?

cheers

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎07-26-2013 04:28 AM

802.11n only supports open authentication or the use of WPAv2 with AES. Having both WPA v1/TKIP and WPA v2/AES on the same SSID has been known also to cause issues with WLCs. If you have devices that only support WPA v1/TKIP, then there is nothing you can do for those devices. They are two different encryption types... If you remove WPA/TKIP then clients that are configured to use that will not connect to WPAv2/AES.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎07-26-2013 04:28 AM

802.11n only supports open authentication or the use of WPAv2 with AES. Having both WPA v1/TKIP and WPA v2/AES on the same SSID has been known also to cause issues with WLCs. If you have devices that only support WPA v1/TKIP, then there is nothing you can do for those devices. They are two different encryption types... If you remove WPA/TKIP then clients that are configured to use that will not connect to WPAv2/AES.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Craig Le-Butt
Level 1
Level 1
In response to Scott Fella

‎07-26-2013 04:34 AM

Hi Scott

Thanks for that, this was left in for the legacy laptop and PDAs, that are no longer on the wlan.

just need to change the group policy for change them to wpa2-aes only instead of iether.

Just didn't want 800 devices have to connect to the lan and force a group policy via gpupdate.

Cheers

0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎07-26-2013 04:41 AM

Sometimes it's better to create a new SSID so you can migrate users to that new on and eventually decommission the old SSID. The issue with pushing out group policy to change the existing is what happens when users are not in the office or their device doesn't support WPA v2/AES. Now your help desk will be stuck working with these users. If you push out another wireless profile and put the new one as priority, well then you still have the old SSID to fall back to. The issue with pushing out a new SSID also is you need to determine what devices can support WPA v2/AES and maybe only push the policy to those devices.

Sent from Cisco Technical Support iPhone App

-Scott
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card