I have WPA configured on my APs, but I'm interested in going to WPA2. What do I need to change under the SSID? I don't use the web interface, so CLI commands would be best.
What model of access point are you using? Is it truly a 1200, or is it a 1231 or 1242? WPA2 is not supported in some earlier models.
Under your ssid, issue the command "authentication key-management wpa2-psk". Under the Dot11Radio, enter the command "encryption mode ciphers aes". That should do it, as long as your AP supports it!
WPA2 is only supported on APs that have the 802.11g radio modules installed. This is because the older radios do not support AES encryption. You can upgrade almost all of the 1200 series APs with a module upgrade if necessary.
ssid [ssid name]
authentication key-management wpa [version 2]
wpa-psk ascii [password]
encryption mode ciphers aes
ssid [ssid name]
NOTE: My previous syntax was wrong, I believe. I'm going on memory here, so hopefully this is correct. Please post if this doesn't work.
Also, the "version 2" is not supported by all IOS versions, so it may or may not be available.
Thank you for the response Jeff. I don't have that option under the ssid. I only have cckm or wpa, and no option to set the version.
I do have encryption mode ciphers aes-ccm under the radio interface. I'll play around with these and let you know what happens. I'm just going to change the ciphers from tkip to aes-ccm and see what happens.
WPA2 is only supported on later hardware versions of the 802.11g radios.
I believe it's the xxx-21g ... something like that is the earliest hardware that supports WPA2
I couldn't find the old docs and I ran out of time to search. Try a search on "WPA2" in the main site.