cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
484
Views
0
Helpful
4
Replies
Highlighted
Beginner

Need List of clients associated with WPA+TKIP security encryption

Hi,

I have WPA+TKIP and WPA2+AES security encryption enabled on the SSIDs.

 

I need to get a list of clients associated with WPA+TKIP so that we can go ahead and disable it as it is no longer safer mechanism.

 

Can this report be pulled from WLC? Also we have a prime setup. Can this details be pulled from Prime. If yes is there any document that tells how to pull this report?

 

Thanks in advance!

3 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Hall of Fame Master

I don’t know how well a report would be. Your best bet is to create a new wlan with a different profile name... so you would have two.

WLAN 1
Profile name: WPA_TKIP
WPA tkip

WLAN 2
Profile name: WPA2_AES
WPA AES

This way you can determine what devices are connecting to what. However, you should push a new policy on the device or migrate to a WPA2-AES ssid this way you can start moving devices to the new and then remove the old.


-Scott
*** Please rate helpful posts ***

View solution in original post

Highlighted
Rising star

Using Prime:

Reports> Report Launch Pad> Client > New Client Session report

Customise it and add encryption cypher into it.

Select the time period and run.

 

The CSV will have every client connection so you will have to do some filtering to see what is TKIP only and what devices are flapping between TKIP and AES

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

View solution in original post

Highlighted
Beginner

4 REPLIES 4
Highlighted
Hall of Fame Master

I don’t know how well a report would be. Your best bet is to create a new wlan with a different profile name... so you would have two.

WLAN 1
Profile name: WPA_TKIP
WPA tkip

WLAN 2
Profile name: WPA2_AES
WPA AES

This way you can determine what devices are connecting to what. However, you should push a new policy on the device or migrate to a WPA2-AES ssid this way you can start moving devices to the new and then remove the old.


-Scott
*** Please rate helpful posts ***

View solution in original post

Highlighted
VIP Mentor

Since you have to check each individual client details, you can get all your client mac addresses using "show client summary" output and then use "show client detail <mac_addr>" as shown below. I know it is not straight forward, but you will get what you want.

 

(WLC) >grep include "Cipher" "show client detail 1c:9e:46:98:b3:c7"
Press any key to continue.
Encryption Cipher................................ CCMP-128 (AES)

 

HTH

Rasika

Highlighted
Rising star

Using Prime:

Reports> Report Launch Pad> Client > New Client Session report

Customise it and add encryption cypher into it.

Select the time period and run.

 

The CSV will have every client connection so you will have to do some filtering to see what is TKIP only and what devices are flapping between TKIP and AES

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

View solution in original post

Highlighted
Beginner

Content for Community-Ad