Cloud Managed Networks

hello I have  a question 

I have a ssid with 6ghz support and a psk 

But let's say I want to connect to an old device that just supports wpa2, I though he would try to connect to the 5ghz because he is unable to see the 6ghz channel with the psk transition option but it's not happening its just can't connect 

The WPA 3 devices can connect without issues but the ones that do not support it cannot

Any idea why this is happening? it should connect to the BSSID of 5ghz or 2.4ghz I think or I'm wrong?

You will need to use WPA3-Personal in transition mode in order to support 6 GHz operation (WPA3 only) and mixed mode (WPA2/WPA3) in 2.4 GHz or 5 GHz.

If the old client doesn't connect to WPA3-Personal transition mode, you will have to use a WPA2-Personal only network for the legacy client. 

hello I have  a question 

I have a ssid with 6ghz support and a psk 

But let's say I want to connect to an old device that just supports wpa2, I though he would try to connect to the 5ghz because he is unable to see the 6ghz channel with the psk transition option but it's not happening its just can't connect 

The WPA 3 devices can connect without issues but the ones that do not support it cannot

Any idea why this is happening? it should connect to the BSSID of 5ghz or 2.4ghz I think or I'm wrong?

Hello

So it depends on the client?

It works in some WPA2-only clients that do not support WPA3 and other legacy that are WPA2-only and cannot connect.?

I just want to be clear if I understood correctly

You will need to use WPA3-Personal in transition mode in order to support 6 GHz operation (WPA3 only) and mixed mode (WPA2/WPA3) in 2.4 GHz or 5 GHz.

If the old client doesn't connect to WPA3-Personal transition mode, you will have to use a WPA2-Personal only network for the legacy client. 

hello I have  a question 

I have a ssid with 6ghz support and a psk 

But let's say I want to connect to an old device that just supports wpa2, I though he would try to connect to the 5ghz because he is unable to see the 6ghz channel with the psk transition option but it's not happening its just can't connect 

The WPA 3 devices can connect without issues but the ones that do not support it cannot

Any idea why this is happening? it should connect to the BSSID of 5ghz or 2.4ghz I think or I'm wrong?

Yes. WPA3-Personal in Transition Mode allows the client to negotiate based on what it supports. WPA2 or WPA3.

The majority of legacy WPA2-only clients have no issues with WPA3-Personal in Transition Mode (which advertises AKMs for both PSK and SAE) and will negotiate as WPA2 clients.

Hello

So it depends on the client?

It works in some WPA2-only clients that do not support WPA3 and other legacy that are WPA2-only and cannot connect.?

I just want to be clear if I understood correctly

You will need to use WPA3-Personal in transition mode in order to support 6 GHz operation (WPA3 only) and mixed mode (WPA2/WPA3) in 2.4 GHz or 5 GHz.

If the old client doesn't connect to WPA3-Personal transition mode, you will have to use a WPA2-Personal only network for the legacy client. 

hello I have  a question 

I have a ssid with 6ghz support and a psk 

But let's say I want to connect to an old device that just supports wpa2, I though he would try to connect to the 5ghz because he is unable to see the 6ghz channel with the psk transition option but it's not happening its just can't connect 

The WPA 3 devices can connect without issues but the ones that do not support it cannot

Any idea why this is happening? it should connect to the BSSID of 5ghz or 2.4ghz I think or I'm wrong?

is there a command i can run in which I can see on the instant well it has an issue with wpa3 even if its on transition mode? like a command which give me an error or something just to see it?

guess maybe the show ap debug tracebuff {mac} or something like that maybe or there are others that can help me to see that there is a problem with this legacy laptop

Thanks

Original Message:
Sent: Feb 01, 2024 09:22 AM
From: schmelzle
Subject: 615 APS with with 6ghz on

Yes. WPA3-Personal in Transition Mode allows the client to negotiate based on what it supports. WPA2 or WPA3.

The majority of legacy WPA2-only clients have no issues with WPA3-Personal in Transition Mode (which advertises AKMs for both PSK and SAE) and will negotiate as WPA2 clients.

------------------------------
Josh

Original Message:
Sent: Feb 01, 2024 09:11 AM
From: Carlos De La Rosa
Subject: 615 APS with with 6ghz on

Hello

So it depends on the client?

It works in some WPA2-only clients that do not support WPA3 and other legacy that are WPA2-only and cannot connect.?

I just want to be clear if I understood correctly

Original Message:
Sent: Jan 29, 2024 03:29 PM
From: JS90
Subject: 615 APS with with 6ghz on

You will need to use WPA3-Personal in transition mode in order to support 6 GHz operation (WPA3 only) and mixed mode (WPA2/WPA3) in 2.4 GHz or 5 GHz.

If the old client doesn't connect to WPA3-Personal transition mode, you will have to use a WPA2-Personal only network for the legacy client. 

------------------------------
Josh

Original Message:
Sent: Jan 29, 2024 03:02 PM
From: cdelarosa
Subject: 615 APS with with 6ghz on

hello I have  a question 

I have a ssid with 6ghz support and a psk 

But let's say I want to connect to an old device that just supports wpa2, I though he would try to connect to the 5ghz because he is unable to see the 6ghz channel with the psk transition option but it's not happening its just can't connect 

The WPA 3 devices can connect without issues but the ones that do not support it cannot

Any idea why this is happening? it should connect to the BSSID of 5ghz or 2.4ghz I think or I'm wrong?

For connected clients try show clients debug advanced which adds a unicast_encr_alg column which will indicate if the client is using WPA2-PSK or WPA3-SAE in this context.

show ap debug auth-trace-buf mac <mac> to show the trace buffer info for a specific MAC address for authentication events associated with the IAP.

------------------------------
Josh

Original Message:
Sent: Feb 28, 2024 12:02 AM
From: cdelarosa
Subject: 615 APS with with 6ghz on

is there a command i can run in which I can see on the instant well it has an issue with wpa3 even if its on transition mode? like a command which give me an error or something just to see it?

guess maybe the show ap debug tracebuff {mac} or something like that maybe or there are others that can help me to see that there is a problem with this legacy laptop

Thanks

Original Message:
Sent: Feb 01, 2024 09:22 AM
From: schmelzle
Subject: 615 APS with with 6ghz on

Yes. WPA3-Personal in Transition Mode allows the client to negotiate based on what it supports. WPA2 or WPA3.

The majority of legacy WPA2-only clients have no issues with WPA3-Personal in Transition Mode (which advertises AKMs for both PSK and SAE) and will negotiate as WPA2 clients.

------------------------------
Josh

Original Message:
Sent: Feb 01, 2024 09:11 AM
From: Carlos De La Rosa
Subject: 615 APS with with 6ghz on

Hello

So it depends on the client?

It works in some WPA2-only clients that do not support WPA3 and other legacy that are WPA2-only and cannot connect.?

I just want to be clear if I understood correctly

Original Message:
Sent: Jan 29, 2024 03:29 PM
From: JS90
Subject: 615 APS with with 6ghz on

You will need to use WPA3-Personal in transition mode in order to support 6 GHz operation (WPA3 only) and mixed mode (WPA2/WPA3) in 2.4 GHz or 5 GHz.

If the old client doesn't connect to WPA3-Personal transition mode, you will have to use a WPA2-Personal only network for the legacy client. 

------------------------------
Josh

Original Message:
Sent: Jan 29, 2024 03:02 PM
From: cdelarosa
Subject: 615 APS with with 6ghz on

hello I have  a question 

I have a ssid with 6ghz support and a psk 

But let's say I want to connect to an old device that just supports wpa2, I though he would try to connect to the 5ghz because he is unable to see the 6ghz channel with the psk transition option but it's not happening its just can't connect 

The WPA 3 devices can connect without issues but the ones that do not support it cannot

Any idea why this is happening? it should connect to the BSSID of 5ghz or 2.4ghz I think or I'm wrong?

Hello  thanks for the reply schmelzle, but I don't think the first command will work because it just doesn't connect so I can't see any client connected or anything

I was planning to run tomorrow the second one already but if there are more commands I can run to check if the user can't connect or a command that will give me a reason why is not connecting let me know

Thanks

For connected clients try show clients debug advanced which adds a unicast_encr_alg column which will indicate if the client is using WPA2-PSK or WPA3-SAE in this context.

show ap debug auth-trace-buf mac <mac> to show the trace buffer info for a specific MAC address for authentication events associated with the IAP.

------------------------------
Josh

Original Message:
Sent: Feb 28, 2024 12:02 AM
From: cdelarosa
Subject: 615 APS with with 6ghz on

is there a command i can run in which I can see on the instant well it has an issue with wpa3 even if its on transition mode? like a command which give me an error or something just to see it?

guess maybe the show ap debug tracebuff {mac} or something like that maybe or there are others that can help me to see that there is a problem with this legacy laptop

Thanks

Original Message:
Sent: Feb 01, 2024 09:22 AM
From: schmelzle
Subject: 615 APS with with 6ghz on

Yes. WPA3-Personal in Transition Mode allows the client to negotiate based on what it supports. WPA2 or WPA3.

The majority of legacy WPA2-only clients have no issues with WPA3-Personal in Transition Mode (which advertises AKMs for both PSK and SAE) and will negotiate as WPA2 clients.

------------------------------
Josh

Original Message:
Sent: Feb 01, 2024 09:11 AM
From: Carlos De La Rosa
Subject: 615 APS with with 6ghz on

Hello

So it depends on the client?

It works in some WPA2-only clients that do not support WPA3 and other legacy that are WPA2-only and cannot connect.?

I just want to be clear if I understood correctly

Original Message:
Sent: Jan 29, 2024 03:29 PM
From: JS90
Subject: 615 APS with with 6ghz on

You will need to use WPA3-Personal in transition mode in order to support 6 GHz operation (WPA3 only) and mixed mode (WPA2/WPA3) in 2.4 GHz or 5 GHz.

If the old client doesn't connect to WPA3-Personal transition mode, you will have to use a WPA2-Personal only network for the legacy client. 

------------------------------
Josh

Original Message:
Sent: Jan 29, 2024 03:02 PM
From: cdelarosa
Subject: 615 APS with with 6ghz on

hello I have  a question 

I have a ssid with 6ghz support and a psk 

But let's say I want to connect to an old device that just supports wpa2, I though he would try to connect to the 5ghz because he is unable to see the 6ghz channel with the psk transition option but it's not happening its just can't connect 

The WPA 3 devices can connect without issues but the ones that do not support it cannot

Any idea why this is happening? it should connect to the BSSID of 5ghz or 2.4ghz I think or I'm wrong?

show ap association

show ap debug mgmt-frames

show log user-debug

show log security

------------------------------
Josh

Original Message:
Sent: Feb 28, 2024 01:32 AM
From: Carlos De La Rosa
Subject: 615 APS with with 6ghz on

Hello  thanks for the reply schmelzle, but I don't think the first command will work because it just doesn't connect so I can't see any client connected or anything

I was planning to run tomorrow the second one already but if there are more commands I can run to check if the user can't connect or a command that will give me a reason why is not connecting let me know

Thanks

Original Message:
Sent: Feb 28, 2024 12:21 AM
From: schmelzle
Subject: 615 APS with with 6ghz on

For connected clients try show clients debug advanced which adds a unicast_encr_alg column which will indicate if the client is using WPA2-PSK or WPA3-SAE in this context.

show ap debug auth-trace-buf mac <mac> to show the trace buffer info for a specific MAC address for authentication events associated with the IAP.

------------------------------
Josh

Original Message:
Sent: Feb 28, 2024 12:02 AM
From: cdelarosa
Subject: 615 APS with with 6ghz on

is there a command i can run in which I can see on the instant well it has an issue with wpa3 even if its on transition mode? like a command which give me an error or something just to see it?

guess maybe the show ap debug tracebuff {mac} or something like that maybe or there are others that can help me to see that there is a problem with this legacy laptop

Thanks

Original Message:
Sent: Feb 01, 2024 09:22 AM
From: schmelzle
Subject: 615 APS with with 6ghz on

Yes. WPA3-Personal in Transition Mode allows the client to negotiate based on what it supports. WPA2 or WPA3.

The majority of legacy WPA2-only clients have no issues with WPA3-Personal in Transition Mode (which advertises AKMs for both PSK and SAE) and will negotiate as WPA2 clients.

------------------------------
Josh

Original Message:
Sent: Feb 01, 2024 09:11 AM
From: Carlos De La Rosa
Subject: 615 APS with with 6ghz on

Hello

So it depends on the client?

It works in some WPA2-only clients that do not support WPA3 and other legacy that are WPA2-only and cannot connect.?

I just want to be clear if I understood correctly

Original Message:
Sent: Jan 29, 2024 03:29 PM
From: JS90
Subject: 615 APS with with 6ghz on

You will need to use WPA3-Personal in transition mode in order to support 6 GHz operation (WPA3 only) and mixed mode (WPA2/WPA3) in 2.4 GHz or 5 GHz.

If the old client doesn't connect to WPA3-Personal transition mode, you will have to use a WPA2-Personal only network for the legacy client. 

------------------------------
Josh

Original Message:
Sent: Jan 29, 2024 03:02 PM
From: cdelarosa
Subject: 615 APS with with 6ghz on

hello I have  a question 

I have a ssid with 6ghz support and a psk 

But let's say I want to connect to an old device that just supports wpa2, I though he would try to connect to the 5ghz because he is unable to see the 6ghz channel with the psk transition option but it's not happening its just can't connect 

The WPA 3 devices can connect without issues but the ones that do not support it cannot

Any idea why this is happening? it should connect to the BSSID of 5ghz or 2.4ghz I think or I'm wrong?