AireOS

Cisco Wave2 AP and WPA2 TKIP

by Haifeng · Published November 21, 2019 · Updated November 23, 2019

If you are using Wave2 AP and WPA2 TKIP is enabled, it may cause client connection problems. This is because the Wave2 AP does not support WPA2 TKIP. In versions 8.4 and above, the following warning will appear if you enable TKIP.

(wlc) >config wlan security wpa wpa2 ciphers tkip enable 1

Warning! WPA2 TKIP cipher is not supported on Wave2 APs for WLAN 1

From the documentation we can see that Cisco does not recommend the use of TKIP.

Customers should be discouraged from running legacy TKIP as that feature has been deprecated by the Wi-Fi Alliance.
Cisco Aironet Series 2800/3800 Access Point Deployment Guide

We can use the following command to enable or disable TKIP.

config wlan security wpa wpa2 ciphers { aes | tkip} { enable | disable} wlan_id

To configure WPA2 ciphers and enable or disable Advanced Encryption Standard (AES) or Temporal Key Integrity Protocol (TKIP) data encryption for WPA2, use the config wlan security wpa wpa2 ciphers command
config wlan security wpa wpa2 ciphers { aes | tkip} { enable | disable} wlan_id
config wlan security wpa wpa2 ciphers

Tags: AP Client TKIP WLC WPA2

Leave a Reply Cancel reply