Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Wireless configuration issue with CCA

CCA allows you to configure the following with the built-in access point on the UC520:

  • No security
  • WEP
  • WPA with TKIP enabled
  • WPA2 with AES enabled

However, configuring WPA2 with AES only creates problems with some wireless devices. Configuring WPA2 with both the AES and TKIP ciphers does solve the problem for some of the devices. You cannot currently configure WPA2 with both ciphers enabled in CCA on the UC520. However, the AP on the UC520 unit can be configured for WPA with both the TKIP and AES ciphers enabled.

Here is a configuration for WPA2 with both the AES and TKIP ciphers enabled:

dot11 ssid uc520demo-data

vlan 1

authentication open

authentication key-management wpa

wpa-psk ascii 0 uc520Demo1

!

interface Dot11Radio0/5/0

no ip address

!

! This part of the config is not yet supported by CCA, but will enable both the AES and TKIP ciphers

!

encryption vlan 1 mode ciphers aes-ccm tkip

!

ssid uc520demo-data

!
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
channel 2412
station-role root
!

interface Dot11Radio0/5/0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding

Will this problem be fixed in CCA? CCA allows WPA with one or the other cipher enabled to be configured, but does not like configurations with both the AES and TKIP ciphers enabled.

Everyone's tags (6)
3 REPLIES
Community Member

Re: Wireless configuration issue with CCA

Hi John,

CCA currently does not support TKIP. We will consider adding it on our roadmap. Do a lot of customers require TKIP for wireless security?

Thanks,

Saurabh

Community Member

Re: Wireless configuration issue with CCA

The problem is that some older WPA devices behave incorrectly without the TKIP cipher enabled. This is even true for some of the devices that allow you to configure WPA2 with AES.

The SPA525G, 7921, and 7925 phones will behave correctly with only the AES cipher enabled.

Community Member

Re: Wireless configuration issue with CCA

Thanks for responding John. We will look at the feasibility of including this on our CCA roadmap.

-Saurabh

3115
Views
0
Helpful
3
Replies
CreatePlease to create content