Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
687
Views
0
Helpful
1
Replies

WPA2 enterprise security, no authentication security type in WiFi profile

calissajk
Level 1
Level 1

‎08-08-2014 12:08 PM - edited ‎07-05-2021 01:20 AM

 

We currently have a Cisco environment in which we use radius, WPA2 enterprise, AES encryption using PEAP to authenticate using our AD credentials.  

We've noticed that we can configure our windows 7 client users to connect to the network in 2 ways.  One way is to define all of the WAP2 settings for authentication.  However, we can also connect to the wireless network if we set up our clients with the wifi profile using "no authentication (open)".  

My question is, does the authentication process auto negotiate using encryption when we set them to "no authentication"?  Is there a real big downfall for configuring the clients this way?

 

 

Labels:
0 Helpful
1 Reply 1

David Watkins
Level 4
Level 4

‎08-11-2014 10:55 AM

If you have in fact configured the SSID for WPA2 w/ AES-CCMP L2 encryption using 802.1x key management, then there is absolutely no way your client is connecting to "that" WLAN with explicitly defining NO Open L2 Authentication. There would have to be another AP out there that is broadcasting this same SSID with no authentication configured.

Generally, if you don't "explicitly" configure the client, it will "negotiate", however the client often may not trust the server-side certificate presented, or may be trying to deliver a certificate (smartcard or other certificate) rather than using a defined PEAP configuration.  If you do "explicitly" configure NO Authentication, then there is no way this client would connect to a WPA2/AES encrypted WLAN.

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card