Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
484
Views
0
Helpful
4
Replies
Highlighted
andags
Beginner
Beginner
‎03-22-2020 08:27 PM
‎03-22-2020 08:27 PM

Need List of clients associated with WPA+TKIP security encryption

Hi,

I have WPA+TKIP and WPA2+AES security encryption enabled on the SSIDs.

 

I need to get a list of clients associated with WPA+TKIP so that we can go ahead and disable it as it is no longer safer mechanism.

 

Can this report be pulled from WLC? Also we have a prime setup. Can this details be pulled from Prime. If yes is there any document that tells how to pull this report?

 

Thanks in advance!

Labels:
0 Helpful
Reply
3 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
Scott Fella
Hall of Fame Master Hall of Fame Master
Hall of Fame Master
‎03-22-2020 09:23 PM
‎03-22-2020 09:23 PM

I don’t know how well a report would be. Your best bet is to create a new wlan with a different profile name... so you would have two.

WLAN 1
Profile name: WPA_TKIP
WPA tkip

WLAN 2
Profile name: WPA2_AES
WPA AES

This way you can determine what devices are connecting to what. However, you should push a new policy on the device or migrate to a WPA2-AES ssid this way you can start moving devices to the new and then remove the old.


-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
Reply
Highlighted
Haydn Andrews
Rising star
Rising star
‎04-02-2020 03:53 PM
‎04-02-2020 03:53 PM

Using Prime:

Reports> Report Launch Pad> Client > New Client Session report

Customise it and add encryption cypher into it.

Select the time period and run.

 

The CSV will have every client connection so you will have to do some filtering to see what is TKIP only and what devices are flapping between TKIP and AES

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

View solution in original post

0 Helpful
Reply
Highlighted
andags
Beginner
Beginner
‎04-05-2020 06:17 PM
‎04-05-2020 06:17 PM

thanks!

View solution in original post

0 Helpful
Reply
4 REPLIES 4
Highlighted
Scott Fella
Hall of Fame Master Hall of Fame Master
Hall of Fame Master
‎03-22-2020 09:23 PM
‎03-22-2020 09:23 PM

I don’t know how well a report would be. Your best bet is to create a new wlan with a different profile name... so you would have two.

WLAN 1
Profile name: WPA_TKIP
WPA tkip

WLAN 2
Profile name: WPA2_AES
WPA AES

This way you can determine what devices are connecting to what. However, you should push a new policy on the device or migrate to a WPA2-AES ssid this way you can start moving devices to the new and then remove the old.


-Scott
*** Please rate helpful posts ***

View solution in original post

0 Helpful
Reply
Highlighted
Rasika Nayanajith
VIP Mentor VIP Mentor
VIP Mentor
‎03-23-2020 01:35 AM
‎03-23-2020 01:35 AM

Since you have to check each individual client details, you can get all your client mac addresses using "show client summary" output and then use "show client detail <mac_addr>" as shown below. I know it is not straight forward, but you will get what you want.

 

(WLC) >grep include "Cipher" "show client detail 1c:9e:46:98:b3:c7"
Press any key to continue.
Encryption Cipher................................ CCMP-128 (AES)

 

HTH

Rasika

0 Helpful
Reply
Highlighted
Haydn Andrews
Rising star
Rising star
‎04-02-2020 03:53 PM
‎04-02-2020 03:53 PM

Using Prime:

Reports> Report Launch Pad> Client > New Client Session report

Customise it and add encryption cypher into it.

Select the time period and run.

 

The CSV will have every client connection so you will have to do some filtering to see what is TKIP only and what devices are flapping between TKIP and AES

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

View solution in original post

0 Helpful
Reply
Highlighted
andags
Beginner
Beginner
‎04-05-2020 06:17 PM
‎04-05-2020 06:17 PM

thanks!

View solution in original post

0 Helpful
Reply
Latest Contents
An End of an Era for Cisco AireOS Controllers
Created by bymag on 03-05-2021 12:30 PM
1
5
1
5
It’s been a long road for our AireOS wireless controllers. In fact these products have been around Cisco in some form since 2005. As you may have heard, Cisco made the decision to End-of-Sale (EOS) these products last month. That means that these AireOS ... view more
Cisco AP AIR-CAP702I-E-K9
Created by sahara101 on 02-18-2021 05:39 AM
0
0
0
0
 Hello Community, I have an issue where APs do not connect to the WLC. Connection is made over VPN. Until yesterday all 3 APfailed with below errors. We change the LAN connection to a cisco router and now one of the AP magically connected to the... view more
Wireless Config Analyzer Express v 0.5.9
Created by Javier Contreras on 02-15-2021 09:27 AM
3
15
3
15
Where to download Attached files on this post Alternatively, cloud version (only summaries) General information: New implementation for the WLC Config Analyzer. it is a new re-write of the application, with clean up and improved checks Support for IOS... view more
**New Episode** Cisco Champion Radio: S8|E6 Fastlane+ Optimi...
Created by aalesna on 02-09-2021 10:20 AM
0
0
0
0
Cisco Champion Radio · S8|E6: Fastlane+ Optimizes Network and Device Communication Cisco Fastlane+ is a co-developed solution with Apple that significantly improves the experience of any Wi-Fi 6 capable iPhone or iPad connected to a Cisco Catalyst 9130 A... view more
IOS-XE 17.4.1 Blog
Created by SAY on 01-26-2021 12:19 AM
1
10
1
10
We are pleased to announce the immediate availability of the IOS-XE release 17.4.1 for the Catalyst Wireless Controllers. The new code is now posted on the CCO and can be found at this link: https://software.cisco.com/download/home/286316412/type/28204647... view more
Content for Community-Ad