Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Cisco 3850 wirelsss - Can't configure wpa akm psk set-key ascii 8 <word>. Prompt decryption failed.

Hi, anyone manage to configure on Cisco 3850 wireless wpa key using the ascii 8 encryption ? I'm able to configure using the >> security wpa akm psk set-key ascii 0 <pre-sharedkey>. But since it is not encrypted, i'm able to see the PSK string in plaintext if i show config.

I tried to use the ascii 8 <pre-sharedkey> but prompted for the below error after entering the command.

% switch-1:eicored:Invalid Encrypted Text : Decryption Failed

 

Everyone's tags (1)
2 ACCEPTED SOLUTIONS

Accepted Solutions
VIP Purple

Hi I am also not so sure how

Hi 

I am also not so sure how to get AES encrypted text to follow this ascii 8 <pre-sharedkey>.

But here is a workaround I am doing not to disclose PSK in plain text in switch configuration. Hope that may be useful to you as well.

You can enter your PSK in HEX format instead of plaintext. You can use this website to derive your PSK in hex format.

Here is an example (SSID: ABC-PSK, Presharedkey: Test12345). From the above link you can get the PSK in HEX format as shown below & configure it on your WLAN.

wlan ABC-PSK 17 ABC-PSK
client vlan 1410
no mfp client
no mfp client required
no security wpa akm dot1x
security wpa akm psk set-key hex 0 194d3ee23de5212c109a7139e6c398ecd0ce9a394f84c0c88fb3cfd389262ae2
no shutdown

 

HTH

Rasika

**** Pls rate all useful responses ****

VIP Purple

Nice.. You can mark the tread

Nice.. You can mark the thread as "answered" if you are satisfied with the resolution.

Rasika

4 REPLIES
VIP Purple

Hi I am also not so sure how

Hi 

I am also not so sure how to get AES encrypted text to follow this ascii 8 <pre-sharedkey>.

But here is a workaround I am doing not to disclose PSK in plain text in switch configuration. Hope that may be useful to you as well.

You can enter your PSK in HEX format instead of plaintext. You can use this website to derive your PSK in hex format.

Here is an example (SSID: ABC-PSK, Presharedkey: Test12345). From the above link you can get the PSK in HEX format as shown below & configure it on your WLAN.

wlan ABC-PSK 17 ABC-PSK
client vlan 1410
no mfp client
no mfp client required
no security wpa akm dot1x
security wpa akm psk set-key hex 0 194d3ee23de5212c109a7139e6c398ecd0ce9a394f84c0c88fb3cfd389262ae2
no shutdown

 

HTH

Rasika

**** Pls rate all useful responses ****

Community Member

Great. That did the job.

Great. That did the job. Thanks.

VIP Purple

Nice.. You can mark the tread

Nice.. You can mark the thread as "answered" if you are satisfied with the resolution.

Rasika

VIP Purple

Hi I checked this with Cisco

Hi 

I checked this with Cisco & here is the resolution for this. You need to simply configure the below & then all your PSK shown in encrypted format.

3850(config)#passwd encryption on

HTH

Rasika

**** Pls rate all useful responses ****

906
Views
10
Helpful
4
Replies
CreatePlease to create content