Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4564
Views
3
Helpful
6
Replies

AP Join profile>management> user configuration fail when set aes encryption. it can success when set clear. AES is not working? is it a bug or configuration issue.

Go to solution
yaoszhan
Cisco Employee
Cisco Employee

‎09-08-2020 08:13 PM - edited ‎07-05-2021 12:29 PM

AP Join profile>management> user configuration fail when set aes encryption. it can success when set clear. AES is not working? is it a bug or configuration issue.

Screen Shot 2020-09-09 at 10.49.39.pngScreen Shot 2020-09-09 at 10.49.49.png

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to yaoszhan

‎09-09-2020 09:27 AM

You need to enter the information in clear text, not with AES. Then if you issue a show run and the password is in clear text, you need to run this command:

key config-key password-encrypt encryption aes
-Scott
*** Please rate helpful posts ***

View solution in original post

6 Replies 6

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎09-08-2020 10:09 PM

You set it unencrypted when you apply it. If you have enabled encryption, it will be encrypted after you applied it.
-Scott
*** Please rate helpful posts ***

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to Scott Fella

‎09-08-2020 10:15 PM

FYI:

If password encryption was enabled on the original configuration, all keys and passwords would have to be reconfigured. Once the keys/passwords are reconfigured enable password encryption back again. The command is below:
key config-key password-encrypt password encryption aes”
-Scott
*** Please rate helpful posts ***

Go to solution
yaoszhan
Cisco Employee
Cisco Employee
In response to Scott Fella

‎09-08-2020 11:39 PM

I think this management user is for login AP by SSH or Telnet. when we set up the user in AP Join profile, the AP will download the configuration of AP Join profile. The user account will be used to login the AP. as follow: 0 is clear, 8 is AES encryption, but look like it is not support the aes encryption.

C9840-2(config-ap-profile)#mgmtuser username anz1 password 8 anz123456 secret 8 anz123456
% Password encryption failed

0 Helpful

Go to solution
JPavonM
VIP
VIP
In response to yaoszhan

‎09-09-2020 02:02 AM

This is returning error because that command is expecting the password hash with AES encryption and not the clear text.

As Scott has told a few post above, you must set the password in clear text, and then it can be encrypted using that command.

HTH
-Jesus
*** Please Rate Helpful Responses ***

0 Helpful

Go to solution
yaoszhan
Cisco Employee
Cisco Employee
In response to JPavonM

‎09-09-2020 06:16 AM

Could you help to show me configuration on this? I have tried to generate a username with clear password, but I still can’t encrypt it by aes.
0 Helpful

Go to solution
Scott Fella
Hall of Fame
Hall of Fame
In response to yaoszhan

‎09-09-2020 09:27 AM

You need to enter the information in clear text, not with AES. Then if you issue a show run and the password is in clear text, you need to run this command:

key config-key password-encrypt encryption aes
-Scott
*** Please rate helpful posts ***
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card