WPA and WPA2 mixed environment

Similar Messages

• What's the security difference between WPA and WPA2 Personal?

  In order to get my G4 iMac (OS 10.4.11) onto my new AEBS(b/g/n) wi-fi network, I had to drop the network security down from WPA2 Personal to WPA/WPA2 Personal.
  What are the potential security risks in this mode? I know that WEP is no longer secure, so I'm concerned about WPA also being vulnerable.
  If there's a good online explanation of these security differences (not necessarily Apple-only), you just give me that link.
  Thanks

  Hi,
  Summary:
  1.WPA2 is the improved version of WPA
  2.WPA only supports TKIP encryption while WPA2 supports AES
  3.Theoretically, WPA2 is not hackable while WPA is
  4.WPA2 requires more processing power than WPA
  http://www.differencebetween.net/technology/difference-between-wpa-and-wpa2/

• How to set WPA and WPA2 security with multiple AEs

  Hi Everybody,
  I have purchased a second AE and with the help of Alan Summers was able to set them all up for multiple speakers use in iTunes. In order to make them run I had to downgrade security settings to 40-bit WEP which is not really satisfying. My Airport Admin. Utility was still 4.0, so I tried 4.2 which offers the use of WPA and WPA2 with multiple AEs. Upgraded to 4.2 and switched off security settings first. Both AE are recogniced and speakers of second AE also show up in iTunes but I cannot connect to them. Since it didn't work without security settings, I didn't even try with it and went back using 4.0. All other firmware is up-to-date:
  AirPort Express 6.3
  iTunes 6.0.2
  Intel(R) PRO/Wireless 2200BG Network Connection 9.0.3.0
  Any advice would deeply be appreciated!
  BTW - if it works, it's maybe the greatest sound experience I ever had. Music all over the place!!
  Best regards
  Roman

  Found it!!
  1) upgrade Airport Admin. Utility to 4.2
  2) set second AE as "remote base station" and not in "client mode" (that's the clue!!)
  3) follow instructions and type in MAC address of main base station
  4) choose a channel (doesn't matter which one, just has to be the same on both AEs)
  5) choose your personal WPA and WPA2 password (same on both AEs)
  6) restart both AEs
  7) enjoy the music all over the place!
  Best regards
  Roman

• Difference between WEP, WPA, and WPA2 and better suggestion to use for shared family users

  What is the difference between WEP, WPA, and WPA2? My router is set up on my family PC and connected to a modem so I access Wi-fi through my laptop and my sister has a laptop too and uses our family network to get internet. I just set up a WPA today, so will we all be able to get internet (along with my family using the pc, and my sis on her laptop, even at the same time) protected? (like nobody else using our network)

  Wired Equivalent Privacy, commonly called WEP is 802.11's first hardware form of security where both the WAP and the user are configured with an encryption key of either 64 bits or 128 bits in HEX. So when the user attempts to authenticate, the AP issues a random challenge. The user then returns the challenge, encrypted with the key. The AP decrypts this challenge and if it matches the original the client is authenticated. The problem with WEP is that the key is static, which means with a little time and the right tool a hacker could use reverse-engineering to derive the encryption key. It is important to note that this process does affect the transmission speed.
  WPA builds upon WEP, making it more secure by adding extra security algorithms and mechanisms to fight intrusion.
  WiFi Protected Access (WPA) is the new security standard adopted by the WiFi Alliance consortium. WiFi compliance ensures interoperability between different manufacturer’s equipment.WPA delivers a level of security way beyond anything that WEP can offer, bridges the gap between WEP and 802.11i networks, and has the advantage that the firmware in older equipment may be upgradeable.
  WPA2 is based upon the Institute for Electrical and Electronics Engineers’ (IEEE) 802.11i amendment to the 802.11 standard, which was ratified on July 29, 2004. The primary difference between WPA and WPA2 is that WPA2 uses a more advanced encryption technique called AES (Advanced Encryption Standard), allowing for compliance with FIPS140-2 government security requirements. 

• HT1178 What the difference is between WPA and WPA2 and how are these settings affecting the access of other computers to the internet through my Time Capsule

  I have a Time Capsule of the 4th generation and I am pretty impressed since I just had a fried harddrive on my 3 month old Imac and Time Capsule restored it fully including all programs etc. without having me to put in all serial numbers etc. for that I give it an A+. However what I find very frustrating is the very short and incomplete user manual and setup instructions. I give those a D-. It does not explain the consequences of certain choices to a normel non computer gig user like me:
  I do not understand what the consequences and difference is between the security setting WPA/WPA2 and WPA2 when setting it up. It would be helpful if the manual would explain something like: If you set it onto WPA2 then computers older than XXX years will not able to hook up to the internet through your router...or the likes, since I slowly supect this may be the reason for some of my troubles.
  I also have a 5 year old PC with vista connected to the Time Capsule. It can wireless connect to the Time Capsule and access the printer (I have managed that after some painful hours...) but it cannot access the internet with that PC through the timecapsule wireless, only if I hook it up with a cable. Why? Does that have to do with the fact that I have set the TIme Capsule to WPA2?
  Our PS3 can connect wireless, no problem. However, I friend of mine tried it with a quite new Toshiba Notebook and he could see the Time Capsule but again it shows the line from the Time Capsule to the internet blocked. All other computers linked with data cable to the Time Capsule are connected to the internet no problem. What have we done wrong? Should I change the security setting to WPA/WPA2?
  I tried the latter, but then another problem does come up, which was there from beginning on: When I change the settings for my Time Capsule my Imac suddenly cannot find the Timne Capsule anymore, even so I am only 3feet away from it. When I set it up for the first time 3 month ago it drove me crazy. The very first time it found the Time Capsule right away. But when I discuverd a mistake in my initial setup and I went through the settings again to change stuff it suddenly could not find the Time Capsule anymore. Only after frustrating 20 times or so with turning wi-fi on and off several times inbetween did it suddenly find the Time Capsule in the set up menu. However, when I tried changing my security setting to WPA/WPA2 today to see whether this solves my other problems again it could not find the Time Capsule when I was finished with the settings and I had to give up/cancel. Why is that???
  I would really appreciate some help here. But please I am not a computer gig and normally always had assistance with these things. On the other hand I am not all stupid either (even so these manuals assuming we all grew up sleeping on a computer make me feel stupid).....
  Thank you all in advance

  Hello Schimi. The Time Capsule is a kind of product that offer you two possibility:
  - To use the TC as a router or as an external HD.
  The difference between WPA and WPA 2 are:
  - They are two kinds of internet connection.
  WPA uses dynamic key encryption , which means that the key is constantly changing and makes the invasion of a wireless network more difficult than WEP . WPA is considered one of the highest levels of wireless security for your network and is recommended if your devices support this kind of encryption . Newer routers offer WPA2 security . WPA2 is compatible with WPA , but offers higher security level . In fact, it meets the high standards of many government agencies . If the router and computer support WPA2 , this should be your choice.
  If you need any help or if you find some difficult setting up it you can contact Apple Support.
  I am sure that they can help you with that.
  I am sory for the delay. I holpe that you solve your issue.

• Automomous AP not broadcasting SSID and can I get it to support both WPA and WPA2?

  Ok, I am playing around with a 3702i that has been converted to Autonomous running ap3g2-k9w7-mx.153-3.JAB
  I have 2 issues I have not been able to solve yet.   I have basically set it up using the web interface....
  First, I can't get the SSID to broadcast -- the SSID is active, because I can type it in manually.
  Second, I have an HP 8600 Pro All-in-One printer that I normally connect over WiFi.  Basically, it does not seem to support WPA2...I spent most of yesterday pouring through HP forums and WPA2 support seems to be a issue.  My old Linksys router had a setting that supported WPA/WPA2...does anyone know how or if I can support WPA / WPA2 simultaneously on this Autonomous AP?
  Here is my config:
  Thanks....
  Cisco3702#sh run br
  Building configuration...
  Current configuration : 3867 bytes
  ! Last configuration change at 12:44:59 -0500 Tue Mar 9 1993
  ! NVRAM config last updated at 11:29:23 -0400 Sat Oct 18 2014
  ! NVRAM config last updated at 11:29:23 -0400 Sat Oct 18 2014
  version 15.3
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  service password-encryption
  hostname Cisco3702
  logging rate-limit console 9
  no logging console
  enable secret 5 XXXXXXXXXXXX.
  no aaa new-model
  clock timezone -0500 -5 0
  clock summer-time -0400 recurring
  no ip source-route
  no ip cef
  ip domain name mydomain.com
  ip name-server 192.168.6.254
  dot11 syslog
  dot11 activity-timeout unknown default 300
  dot11 activity-timeout client default 300
  dot11 ssid MYSSID
     band-select
     authentication open
     authentication key-management wpa version 2
     infrastructure-ssid
     wpa-psk ascii 7 XXXXXXXXXXXX
  dot11 network-map
  dot11 arp-cache optional
  crypto pki trustpoint TP-self-signed-2632604960
   enrollment selfsigned
   subject-name cn=IOS-Self-Signed-Certificate-2632604960
   revocation-check none
   rsakeypair TP-self-signed-2632604960
  crypto pki certificate chain TP-self-signed-2632604960
   certificate self-signed 01
  username CISCO password 7 XXXXXXXX
  username ADMIN privilege 15 secret 5 XXXXXXXXXXXX
  bridge irb
  interface Dot11Radio0
   no ip address
   encryption mode ciphers aes-ccm
   ssid MYSSID
   antenna gain 0
   stbc
   speed  basic-11.0 basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15. m16. m17. m18. m19. m20. m21. m22. m23.
   channel 2412
   station-role root access-point
   dot11 qos class video local
      admission-control
      admit-traffic signaling infinite
   dot11 qos class voice local
      admission-control
      admit-traffic narrowband max-channel 75 roam-channel 6
   dot11 qos class video cell
      admission-control
   dot11 qos class voice cell
      admission-control
   bridge-group 1
   bridge-group 1 subscriber-loop-control
   bridge-group 1 spanning-disabled
   bridge-group 1 block-unknown-source
   no bridge-group 1 source-learning
   no bridge-group 1 unicast-flooding
  interface Dot11Radio1
   no ip address
   encryption mode ciphers aes-ccm
   ssid MYSSID
   antenna gain 0
   peakdetect
   dfs band 3 block
   stbc
   speed  basic-6.0 basic-9.0 basic-12.0 basic-18.0 basic-24.0 basic-36.0 basic-48.0 basic-54.0 m0. m1. m2. m3. m4. m5. m6. m7. m8. m9. m10. m11. m12. m13. m14. m15. m16. m17. m18. m19. m20. m21. m22. m23. a1ss7 a2ss7 a3ss7
   channel dfs
   station-role root access-point
   dot11 qos class video local
      admission-control
      admit-traffic signaling infinite
   dot11 qos class voice local
      admission-control
      admit-traffic narrowband max-channel 75 roam-channel 6
   dot11 qos class video cell
      admission-control
   dot11 qos class voice cell
      admission-control
   bridge-group 1
   bridge-group 1 subscriber-loop-control
   bridge-group 1 spanning-disabled
   bridge-group 1 block-unknown-source
   no bridge-group 1 source-learning
   no bridge-group 1 unicast-flooding
  interface GigabitEthernet0
   no ip address
   duplex auto
   speed auto
   bridge-group 1
   bridge-group 1 spanning-disabled
   no bridge-group 1 source-learning
  interface BVI1
   mac-address 58f3.9cea.5d20
   ip address 192.168.6.253 255.255.255.0
   ipv6 enable
  ip forward-protocol nd
  ip http server
  ip http secure-server
  ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
  snmp-server view dot11view ieee802dot11 included
  snmp-server community public view dot11view RO
  snmp-server location Home
  snmp-server chassis-id Cisco3702i
  bridge 1 route ip
  line con 0
  line vty 0 4
   login local
   transport input all
  sntp server 173.255.227.205
  sntp broadcast client
  end

  Hi
  You have to add "guest mode" command to broadcast your SSID. Also if you need WPA/TKIP support then remove version 2 keyword under SSID & add TKIP option under radio interface encryption config. Also get rid of "infrastructure SSID" command under SSID config.
  dot11 ssid MYSSID
     band-select
     authentication open
     authentication key-management wpa version 2
     infrastructure-ssid
     wpa-psk ascii 7 XXXXXXXXXXXX
    guest mode
  interface Dot11Radio1
   encryption mode ciphers aes-ccm tkip
  Pls do not forget to rate all useful responses 
  HTH
  Rasika

• 7920 and 7921G mixed environment

  Hi Team, have you any experiences with both 7920 and 7921G in the same WLAN? My Customer is using WLC440x w AP1242. How to Configuree the SSID Parameters regarding QOS and CAC, have you any hints? Thx, Regards, Michael

  The big issue here is with CAC/TSPEC.
  The 7921 gives precedence to TSPEC over QBSS for CAC as TSPEC can be utilized for inbound and outbound CAC, where QBSS is just for outbound dialing.
  4.1 release for the Cisco WLAN controller has the load based CAC feature. This means it will account for all traffic and energy on the channel, not just the # of TSPEC clients on a given AP.
  So if wanting to enable CAC/TSPEC in mixed environment of 7920 and 7921, would want to ensure you use 4.1 release and enable load based CAC.
  If 7921 will be in G mode, it will send out the CTS to self for G protection, which the 7920 will adhere to.
  The other is capacity. If you have calls at 11mbps or other 802.11b rates, then capacity will get reduced.
  Typically can get up to 10 RTP streams per AP @ 11 mbps and up to 20 calls @ 24 mbps or higher.

• CAM and user mixed environment

  Is it possible to have both users and CAM mode all with or without smart cards? i.e. Without any smart cards, I want to have some Rays specified to be kiosks and others to be user log in terminals, and all Rays should connect to the same server. I know I can do one or the other, or I can do both with separate servers and VLANs. Even one server with multiple VLANs (interfaces) would be fine, with one interface per purpose.

  Is it possible to have both users and CAM mode all with or without smart cards?In the current release the CAM decision is made strictly on a card vs. non-card basis. There's a good chance that this will change in the next release but so far there's been no announcement of a date for that release, or even a date for a beta.

• Wireless speed difference with WEP and WPA2?

  I am connecting to my FiOS router wirelessly, since I was new on wireless networking, I did lots of reading they all say WEP encryption is flawed, and WPA2 should be used instead. So I changed the router's default WEP to WPA2 the same day I got FiOS installed. When I check about 10 of my neighbor's wireless networks, 8 of them using WEP, 1 has Security Disabled(D'oh), and I am the only one using WPA2-personal. My question is will I see any connection speed difference between using WEP and WPA2?
  Solved!
  Go to Solution.

  in every day use, your experience will vary.  There is more "going on" with WPA and WPA2 than with WEP, such as message checking and encryption key changes for each data transmission, so these, combined with other possibilities inherent in computer-connected-to-internet use, can slow you down.  Another factor:  There will be more administrative overhead to use WPA or WPA2.  such as if you ever have to reset the router (to default settings), the default is WEP, so you have to go into the router to then chage it (or import a config file you previously saved on your PC).   AND If you need to call verizon tier one tech support, they only support default settings.  Their premium service is called Expert Care.
  cjacobs001

• WPA or WPA2 on Vista?

  I got a Linksys WRT54GL router, and it supports WPA and WPA2.  I have a PC60G installed in a 32-bit Vista machine.  I configured the router for WPA2, and the Vista machine would not connect to it.  Then I configured the router for WPA, and the Vista machine still could not connect to it.  Only after I configured the router for WEP was the Vista machine finally able to connect to it.
  Does anyone have a PC60G on a 32-bit Vista machine connecting to a router using WPA or WPA2?

  Sometimes it simply doesn't work together using the protocol you like.
  Windows has very poor WPA compatibility, switch to WEP is that does work.
  Else try a different brand router and see if it works, Wifi simply has such problems.
  That's why I use cables if I can

• WPA versus WPA2, must you support both?

  Is it generally a requirment to support both WPA and WPA2 for enterprise?
  Sent from Cisco Technical Support Android App

  I would say no. I might suggest supporting one or the other. Some clients when seeing both supported on the same WLAN will have issues in negotiation.
  Sent from Cisco Technical Support iPhone App

• Using WPA and my Canon iP4000r printer

  I have both a APExpress and a APExtreme, an APExtreme card in both a mini and a G4 APB. WPA works great until I try to connect my Canon iP4000r WiFi printer to it. Called Canon and they said they cannot help me since the printer functions it just won't connect using WPA. They suggested not using security. This option is not what I want. Has anyone connected a WiFi printer to a WPA network? If so, how do I do it?

  Right a bit more info:
  Airport Basestation
  Info via Airport Admin Utility
  Wireless Security: WPA2 Personal
  Encryption Type WPA and WPA2
  Firmware Version: 5.7
  I don't use my basestation for NAT/DHCP, but that shouldn't make a difference.
  IP4000R
  Info via BJ Network Tool
  Encryption Method: Use WPA
  TCP/IP Setting: Get IP address automatically.
  That's it really, although I've provided some more info below.
  Some more info from BJ Network Tool :
  ========================================
  Network Information
  ========================================
  (01)Date . . . . . . . . . . . . . . : 2006/Mar/21 23:34:25
  Application Info.
  (14)Application Name . . . . . . . . : Utilities
  (15)Application Version. . . . . . . : 1.5.1
  (16)Printer. . . . . . . . . . . . . : iP4000R (Wireless)
  NIC Info.
  (21)Printer. . . . . . . . . . . . . : iP4000R
  (22)Firmware Version . . . . . . . . : 1.01
  Wireless LAN
  (23)Wireless LAN Enabled . . : YES
  (24)Standard . . . . . . . . : 802.11g
  (25)AirPort ID . . . . . . . : REMOVED
  (26)Network Type . . . . . . : Infrastructure
  (27)SSID . . . . . . . . . . : REMOVED
  (29)Encryption ON. . . . . . : YES
  (30)Encryption Type. . . . . : TKIP
  (31)Authentication . . . . . : WPA-PSK
  (32)Attached Information . . : XX character Passphrase
  (33)Link Status. . . . . . . : Active
  (34)Signal Level . . . . . . : 53%
  (35)Link Quality . . . . . . : 41%
  TCP/IP
  (36)Mode . . . . . . . . . . : Auto
  (37)IP Address . . . . . . . : 192.168.1.5
  (38)Subnet Mask. . . . . . . : 255.255.255.0
  (39)Router . . . . . . . . . : 192.168.1.1
  Wired LAN
  (40)Wired LAN Enabled. . . . : NO
  (41)Ethernet ID. . . . . . . : REMOVED
  (42)Link Status. . . . . . . : Inactive
  TCP/IP
  (43)Mode . . . . . . . . . . :
  (44)IP Address . . . . . . . :
  (45)Subnet Mask. . . . . . . :
  (46)Router . . . . . . . . . :
  (47)Admin Password ON. . . . . . . . : YES
  Printer Access Control
  (48)MAC Address Enable . . . : NO
  (49)IP Address Enable. . . . : NO
  (50)Device Status. . . . . . . . . . : Available
  PC Info.
  (61)AirPort
  AirPort ID . . . . . . . . . : REMOVED
  SSID . . . . . . . . . . . . : REMOVED
  Configure IP . . . . . . . . : DHCP
  IP Address . . . . . . . . . : 192.168.1.3
  Subnet Mask. . . . . . . . . : 255.255.255.0
  Router . . . . . . . . . . . : 192.168.1.1
  DNS Servers. . . . . . . . . : REMOVED
  (62)Built-in Ethernet
  Ethernet ID. . . . . . . . . : REMOVED
  Configure IP . . . . . . . . : DHCP
  DNS Servers. . . . . . . . . :
  ========================================

• Worked fine with WPA2, now WPA and cannot connect

  Hi,
  I had to change the security settings on my router to accommodate another device on my network and now I cannot get my Airport Express to join the network. I've used an ethernet to plug my Macbook into the the AE, changed the security settings, click apply, and still nothing.
  If it matters, my router is a Linksys WRT54GS which it was working fine with before changing the security type.
  Please advise.
  Thank you,
  Jacob

  This indicates that the AirPort Express is not correctly joining the wireless network because the security settings are not compatible. I'm not sure what else to suggest at this point as there are only two available settings that you can use with the Express for WPA...."WPA/WPA2 Personal" and "WPA2 Personal".
  Perhaps there are some additional settings on the Linksys to try? I'm afraid that you may need to return the Linksys to WPA2 to get the green light on the Express.

• Remote desktop connection limit in windows 2003 administration as well as in the mixed environment of windows 2003 and 2008 servers

  RDP protocol i.e. Remote desktop connection is configured to perfrom and manage  software administration of ORACLE application and database servers which runs on windows 2003 server.   Two sessions are allowed on each of these servers for database
  administrators. The question is: 
  a) if network administrators who perform window server administration (50+) are included in
  2 sessions limit or do they manage all these servers through Console Session which is separate from the remote desktop connection limits of 2 sessions.  
  b) How is the 2 sessions  limit prescribed by microsoft (more of a licensing limit) handled in the mix environment of windows 2003 and 2008 server where all these servers are managed on the VMWARE?
  avnish sharma

  Hi Avnish,
  Thank you for posting in Windows Server Forum.
  By default any windows server will provide 2 remote session for administration purpose only. No matter which administrator is accessing that server. If you will connect the console session then 3.One server is accessed by 3 Session (console + Remote +
  Remote). When the particular server reached this limit then any working administrator will receive a message to log out as other user trying to access the session or if we had provided the setting then new user is restricted to login.
  If you want more than 2 remote desktop session than you need to purchase TS\RDS CAL, install TS\RD Licensing role, activate it first and then configure CAL on it. There are 2 types of CAL available (USER & DEVICE). You can purchase CAL according to your
  company requirements.
  Hope it helps to understand!
  Thanks.
  Dharmesh Solanki
  TechNet Community Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Mixed Environment: Wintel and Unix

  We are currently looking into implementing HFM in a Mixed environment, Wintel and UNIX. The Web Servers and Application servers will run on Wintel; however, we are thinking of putting our Reports server in a UNIX environment. Are any of you running HFM in a mixed environment? We would appreciate any feedback...Thanks,Doug

  From what you post about trying different things I would delete com.apple.ichat.AIM.plist and restart iChat
  2:50 PM Sunday; November 18, 2007