cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
363
Views
0
Helpful
2
Replies
Ahmet Erkol
Beginner

WLC 5508 802.1x with AES

Hi,

We have a staff WLAN on Cisco WLC 5508. We use 802.1x with TKIP with authentication from RADIUS server. We deployed new 802.11n APs but on staff WLAN we cannot enable 802.11n because of the TKIP encryption. Can we just simply change the encryption without changing any other configuration to support 802.11n data rates?

2 ACCEPTED SOLUTIONS

Accepted Solutions

On your WLAN you can enable AES and TKIP. Just know that some clients mau have issue when they see both TKIP and AES. Ive had pretty good success with this in the past. Dont forget, you also need to enable WMM allowed to get N rates.

But you will need to configure AES on the client as well to support N rates.

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

View solution in original post

You'll also need to change the clients.  Windows picks either WPA enterprise or WPA2 Enterprise, so if you can push a GPO that will make it easier.

On the WLC you'll want to go to WPA2/AES only (disable WPA/TKIP), and you should also check and make sure that 802.11n rates are enabled.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered

View solution in original post

2 REPLIES 2

On your WLAN you can enable AES and TKIP. Just know that some clients mau have issue when they see both TKIP and AES. Ive had pretty good success with this in the past. Dont forget, you also need to enable WMM allowed to get N rates.

But you will need to configure AES on the client as well to support N rates.

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

View solution in original post

You'll also need to change the clients.  Windows picks either WPA enterprise or WPA2 Enterprise, so if you can push a GPO that will make it easier.

On the WLC you'll want to go to WPA2/AES only (disable WPA/TKIP), and you should also check and make sure that 802.11n rates are enabled.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH, Steve ------------------------------------------------------------------------------------------------ Please remember to rate useful posts, and mark questions as answered

View solution in original post

Content for Community-Ad