cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1358
Views
5
Helpful
3
Replies

Is it possible to disable weak SSH ciphers on capwap AP 3702i?

Ondrej Caha
Level 1
Level 1

Hello,

 

we have 3702i APs managed by 5508 WLC on 8.5.161.0 code and we have enabled SSH on APs. Is it also possible to disable weak ciphers (e.g. md5, HMAC ) on these APs ?

 

Thanks a lot

Ondrej

1 Accepted Solution

Accepted Solutions

Scott Fella
Hall of Fame
Hall of Fame
I know you can enable high cipher on the controller, don’t know about the AP’s itself, but you could always disable ssh until you need it.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/administration_of_cisco_wlc.html
-Scott
*** Please rate helpful posts ***

View solution in original post

3 Replies 3

Scott Fella
Hall of Fame
Hall of Fame
I know you can enable high cipher on the controller, don’t know about the AP’s itself, but you could always disable ssh until you need it.

https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/administration_of_cisco_wlc.html
-Scott
*** Please rate helpful posts ***

yprasannas
Level 1
Level 1

Anyone found a solution related to disable weak ciphers for APs?

Disabling SSH on APs when needed has a negative impact...when AP has issues connecting to WLC we cannot SSH because it already has SSH disabled so when you need SSH to APs this option would block the access.

Thanks for your suggestions!

Prasanna

Cisco_OST
Level 1
Level 1

I can't get a confidante Cisco TAC engineer to tell me if this is possible or not when the APs are in controller mode.

Review Cisco Networking for a $25 gift card