cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
640
Views
0
Helpful
2
Replies

WLC 5508 802.1x with AES

Ahmet Erkol
Level 1
Level 1

Hi,

We have a staff WLAN on Cisco WLC 5508. We use 802.1x with TKIP with authentication from RADIUS server. We deployed new 802.11n APs but on staff WLAN we cannot enable 802.11n because of the TKIP encryption. Can we just simply change the encryption without changing any other configuration to support 802.11n data rates?

2 Accepted Solutions

Accepted Solutions

George Stefanick
VIP Alumni
VIP Alumni

On your WLAN you can enable AES and TKIP. Just know that some clients mau have issue when they see both TKIP and AES. Ive had pretty good success with this in the past. Dont forget, you also need to enable WMM allowed to get N rates.

But you will need to configure AES on the client as well to support N rates.

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

View solution in original post

Stephen Rodriguez
Cisco Employee
Cisco Employee

You'll also need to change the clients.  Windows picks either WPA enterprise or WPA2 Enterprise, so if you can push a GPO that will make it easier.

On the WLC you'll want to go to WPA2/AES only (disable WPA/TKIP), and you should also check and make sure that 802.11n rates are enabled.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

View solution in original post

2 Replies 2

George Stefanick
VIP Alumni
VIP Alumni

On your WLAN you can enable AES and TKIP. Just know that some clients mau have issue when they see both TKIP and AES. Ive had pretty good success with this in the past. Dont forget, you also need to enable WMM allowed to get N rates.

But you will need to configure AES on the client as well to support N rates.

__________________________________________________________________________________________
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
__________________________________________________________________________________________
‎"I'm in a serious relationship with my Wi-Fi. You could say we have a connection."

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________

Stephen Rodriguez
Cisco Employee
Cisco Employee

You'll also need to change the clients.  Windows picks either WPA enterprise or WPA2 Enterprise, so if you can push a GPO that will make it easier.

On the WLC you'll want to go to WPA2/AES only (disable WPA/TKIP), and you should also check and make sure that 802.11n rates are enabled.

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered

HTH,
Steve

------------------------------------------------------------------------------------------------
Please remember to rate useful posts, and mark questions as answered
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: