Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1154
Views
10
Helpful
2
Replies

Detect AP Random WLC & Encryption Cipher

Go to solution
xZamalek
Level 1
Level 1

‎03-16-2021 10:49 PM - edited ‎07-05-2021 01:23 PM

Hello Community,

 

I have have 2 cases which i would like to ask about.

 

1-Sometimes an AP is disassociated from a Specific WLC and joins a random WLC , this might be for a testing purpose on a huge enterprise with hundreds of controllers, is there any trick to detect which WLC the AP is currently joining from the LAN side? assuming that the telnet/ssh is disabled by default on the access point as well.

 

2-If we enable AES and TKIP for WPA1 for example , is that a logical and or logical or ? should the device which will connect to the SSID at least support one of them or should support both of them ?

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎03-17-2021 02:33 AM

Well let me try to answer your questions.
1. You will not be able to know from the lan side what controller the ap is joined to.
You should always define the high availability on each ap so that the ap know what is the primary, secondary or tertiary. The only easy way is if you had Prime Infrastructure or an NMS tools that support wireless. You can maybe look at the router and grep to see what IP address is mapped to udp 5246 or 5247. Then you can investigate from there.
2. Never mix and match. You should be using WPA2 with aes. If you need WPA1, then only use tkip. This encryption is not support for 802.11n or newer standards, so you will get legacy speeds.
-Scott
*** Please rate helpful posts ***

View solution in original post

2 Replies 2

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎03-17-2021 02:33 AM

Well let me try to answer your questions.
1. You will not be able to know from the lan side what controller the ap is joined to.
You should always define the high availability on each ap so that the ap know what is the primary, secondary or tertiary. The only easy way is if you had Prime Infrastructure or an NMS tools that support wireless. You can maybe look at the router and grep to see what IP address is mapped to udp 5246 or 5247. Then you can investigate from there.
2. Never mix and match. You should be using WPA2 with aes. If you need WPA1, then only use tkip. This encryption is not support for 802.11n or newer standards, so you will get legacy speeds.
-Scott
*** Please rate helpful posts ***

Go to solution
xZamalek
Level 1
Level 1
In response to Scott Fella

‎03-19-2021 08:38 PM

Thank you for support.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card