Solved: Windows 10 showing as WPA2-Enterprise

sandeepsingh3200 · ‎11-20-2023

Hello,

I have few Windows 10 devices connecting to WLAN that’s WPA3 only . I’m using AES CCMP 128. When I look at the WIFI settings on the laptop it’s showing WPA2-Enterprise. But this WLAN setups to accept WPA3-Enterprise. I am using windows GPO to push out the policy and the policy is setup as WPA3-ENT. Anyone know if this is just a windows 10 issue? Will this cause issue if I move rest of my windows 10 devices to WPA3-Enterprise?

Leo Laohoo · ‎11-20-2023

Please read this: Cisco Secure Client 5.1.0.136 New Features

Network Access Manager added support for WPA3 802.11 CCMP128 encryption and Protected Management Frames (PMF). However, WPA3 will not work until Microsoft releases a fix that relates to Integrity Group Temporal Key generation. The fix is not available in a production environment, but we anticipate the fix in an upcoming Windows 11 release and Windows 10 22H2 update. While PMF can be used in WPA2, it is required for WPA3 Enterprise. If you have a WPA2 network with PMF required or optional, your connection to Secure Client 5.1.0.136 will fail until the Microsoft fix.

View solution in original post

JPavonM · ‎11-21-2023

WPA3 strict policy is the same like using WPA2 with AES-CCMP128, SHA256-Dot1X AKM and PMF enabled, so that's why Windows keeps telling you that, and it works, as what makes up WPA3 are feature that are also supported under WPA2.

There are few defects in Windows 10 regarding WPA3 adoption, one is that it does not display WPA3 when using CCMP128, SHA256 and PMF, the other is that you cannot create a WAP3 Enterprise wireless policy as it returns error (not even on the GPO). BUT the good news is that it connects and work, but you won't see it on Windows but on the WLAN Infra.

View solution in original post

Leo Laohoo · ‎11-20-2023

Please read this: Cisco Secure Client 5.1.0.136 New Features

Network Access Manager added support for WPA3 802.11 CCMP128 encryption and Protected Management Frames (PMF). However, WPA3 will not work until Microsoft releases a fix that relates to Integrity Group Temporal Key generation. The fix is not available in a production environment, but we anticipate the fix in an upcoming Windows 11 release and Windows 10 22H2 update. While PMF can be used in WPA2, it is required for WPA3 Enterprise. If you have a WPA2 network with PMF required or optional, your connection to Secure Client 5.1.0.136 will fail until the Microsoft fix.

JPavonM · ‎11-21-2023

WPA3 strict policy is the same like using WPA2 with AES-CCMP128, SHA256-Dot1X AKM and PMF enabled, so that's why Windows keeps telling you that, and it works, as what makes up WPA3 are feature that are also supported under WPA2.

There are few defects in Windows 10 regarding WPA3 adoption, one is that it does not display WPA3 when using CCMP128, SHA256 and PMF, the other is that you cannot create a WAP3 Enterprise wireless policy as it returns error (not even on the GPO). BUT the good news is that it connects and work, but you won't see it on Windows but on the WLAN Infra.