Configuring WPA3 Security
The Wi-Fi 6E radio protocol requires WPA3 security for the 6-GHz band. WPA3 is not backward compatible,
even when the WPA3 Transition mode is enabled.
You have three options when creating a WLAN.
• All-In: You must reconfigure all the WLANs to WPA3 only.
• One-SSID: You configure one SSID name for 2.4/5 GHz and 6 GHz with support for WPA2 and WPA3
in legacy bands and WPA3 only in the 6–GHz band.
• Multiple SSID: Reconfigure SSIDs by adding SSID/WLAN with specific security settings.
For more information, see WPA3 Deployment Guide at the following URL:
https://www.cisco.com/c/en/us/products/collateral/wireless/catalyst-9100ax-access-points/
wpa3-dep-guide-og.html
Procedure
Step 1 Log in to the Cisco Catalyst 9800 Controller.
Step 2 Choose Configuration > Tags & Profiles > WLANs
Perform either of the the following steps as applicable:
• To create a new WLAN for the 6-GHz radio, click Add and enter the profile and SSID names.
• You can choose from an existing WLAN.
The Edit WLAN window is displayed
Step 3 Select the type of security protocol for the WLAN.
Enable one of the following security protocol:
• Configuring the WPA3 security protocol.
a. Choose Security > Layer2 tab.
b. Select the WPA3 tab.
c. Check one of the Auth Key Mgmt check boxes.
• OWE
• SAE
• 802.1X-SHA256
d. Enable Protected Management Frame (PMF)
Select the PMF state from Required or Optional from the drop-down list.
• Configuring WPA2 + WPA3 security protocol.
a. Choose Security > Layer2 tab.
b. Select the WPA2 + WPA3 tab.
Cisco Catalyst Wireless 9163E Access Point Hardware Installation and Deployment Guide
46
Network Deployment
Configuring WPA3 Security
To Next Page
Loading...
