Security, WIDS/WIPS and Aruba ECS

Occasional Contributor II

Any issues with supporting WPA-AES and WPA-TKIP on the same AP?

We won't be able to update our Group Policy that pushes our wireless settings for another year (Due to needing to get a 2008 DC in place or do a schema update) and as a result cannot push WPA2+AES to our users. Is there any issue with enabling WPA+AES and WPA+TKIP on the same AP? Performance, compatibility, etc...?

My thought is to enable WPA+TKIP and WPA+AES on the VAP, then update the GPO to use WPA+AES and then watch the logs from stragglers using WPA+TKIP.

Any feedback would be appreciated!
Guru Elite

You can do this

You can certainly do this. You can also monitor who is using what cipher by using the "show dot1x supplicant-info list-all" command. The other alternative is to use Airwave.

Another user did the schema update in this thread here: and noted that it was straightforward.

*Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba Networks or Hewlett Packard Enterprise.*
ArubaOS 8.3 User Guide
InstantOS 8.3 User Guide
Airheads Knowledgebase
Airheads Learning Videos
Search Airheads
Showing results for 
Search instead for 
Did you mean: