Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1543
Views
5
Helpful
4
Replies

Need List of clients associated with WPA+TKIP security encryption

Go to solution
andags
Level 1
Level 1

‎03-22-2020 08:27 PM - edited ‎07-05-2021 11:52 AM

Hi,

I have WPA+TKIP and WPA2+AES security encryption enabled on the SSIDs.

 

I need to get a list of clients associated with WPA+TKIP so that we can go ahead and disable it as it is no longer safer mechanism.

 

Can this report be pulled from WLC? Also we have a prime setup. Can this details be pulled from Prime. If yes is there any document that tells how to pull this report?

 

Thanks in advance!

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎03-22-2020 09:23 PM

I don’t know how well a report would be. Your best bet is to create a new wlan with a different profile name... so you would have two.

WLAN 1
Profile name: WPA_TKIP
WPA tkip

WLAN 2
Profile name: WPA2_AES
WPA AES

This way you can determine what devices are connecting to what. However, you should push a new policy on the device or migrate to a WPA2-AES ssid this way you can start moving devices to the new and then remove the old.


-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful

Go to solution
Haydn Andrews
VIP Alumni
VIP Alumni

‎04-02-2020 03:53 PM

Using Prime:

Reports> Report Launch Pad> Client > New Client Session report

Customise it and add encryption cypher into it.

Select the time period and run.

 

The CSV will have every client connection so you will have to do some filtering to see what is TKIP only and what devices are flapping between TKIP and AES

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

View solution in original post

Go to solution
andags
Level 1
Level 1

‎04-05-2020 06:17 PM

thanks!

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Scott Fella
Hall of Fame
Hall of Fame

‎03-22-2020 09:23 PM

I don’t know how well a report would be. Your best bet is to create a new wlan with a different profile name... so you would have two.

WLAN 1
Profile name: WPA_TKIP
WPA tkip

WLAN 2
Profile name: WPA2_AES
WPA AES

This way you can determine what devices are connecting to what. However, you should push a new policy on the device or migrate to a WPA2-AES ssid this way you can start moving devices to the new and then remove the old.


-Scott
*** Please rate helpful posts ***
0 Helpful

Go to solution
Rasika Nayanajith
VIP
VIP

‎03-23-2020 01:35 AM

Since you have to check each individual client details, you can get all your client mac addresses using "show client summary" output and then use "show client detail <mac_addr>" as shown below. I know it is not straight forward, but you will get what you want.

 

(WLC) >grep include "Cipher" "show client detail 1c:9e:46:98:b3:c7"
Press any key to continue.
Encryption Cipher................................ CCMP-128 (AES)

 

HTH

Rasika

0 Helpful

Go to solution
Haydn Andrews
VIP Alumni
VIP Alumni

‎04-02-2020 03:53 PM

Using Prime:

Reports> Report Launch Pad> Client > New Client Session report

Customise it and add encryption cypher into it.

Select the time period and run.

 

The CSV will have every client connection so you will have to do some filtering to see what is TKIP only and what devices are flapping between TKIP and AES

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

Go to solution
andags
Level 1
Level 1

‎04-05-2020 06:17 PM

thanks!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card