Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Wireless configuration issue with CCA

CCA allows you to configure the following with the built-in access point on the UC520:

  • No security
  • WEP
  • WPA with TKIP enabled
  • WPA2 with AES enabled

However, configuring WPA2 with AES only creates problems with some wireless devices. Configuring WPA2 with both the AES and TKIP ciphers does solve the problem for some of the devices. You cannot currently configure WPA2 with both ciphers enabled in CCA on the UC520. However, the AP on the UC520 unit can be configured for WPA with both the TKIP and AES ciphers enabled.

Here is a configuration for WPA2 with both the AES and TKIP ciphers enabled:

dot11 ssid uc520demo-data

vlan 1

authentication open

authentication key-management wpa

wpa-psk ascii 0 uc520Demo1


interface Dot11Radio0/5/0

no ip address


! This part of the config is not yet supported by CCA, but will enable both the AES and TKIP ciphers


encryption vlan 1 mode ciphers aes-ccm tkip


ssid uc520demo-data

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2412
station-role root

interface Dot11Radio0/5/0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding

Will this problem be fixed in CCA? CCA allows WPA with one or the other cipher enabled to be configured, but does not like configurations with both the AES and TKIP ciphers enabled.

Everyone's tags (6)
Community Member

Re: Wireless configuration issue with CCA

Hi John,

CCA currently does not support TKIP. We will consider adding it on our roadmap. Do a lot of customers require TKIP for wireless security?



Community Member

Re: Wireless configuration issue with CCA

The problem is that some older WPA devices behave incorrectly without the TKIP cipher enabled. This is even true for some of the devices that allow you to configure WPA2 with AES.

The SPA525G, 7921, and 7925 phones will behave correctly with only the AES cipher enabled.

Community Member

Re: Wireless configuration issue with CCA

Thanks for responding John. We will look at the feasibility of including this on our CCA roadmap.


CreatePlease to create content