[Nebula] Understanding WPA3 SSID

Options
Zyxel_Judy
Zyxel_Judy Posts: 1,009  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited May 2 in SSID

Scenario:
Your network includes a variety of devices with different encryption capabilities, including WPA3. You're considering configuring the security method to WPA3 but are unsure if WPA2 devices will still be able to connect or whether let only devices with WPA3 capability to connect to the WPA3 SSID. This FAQ will help clarify this for you.

For sure, devices that have WPA2 capability can connect to an SSID using the WPA3 encryption method due to the transition mode.

If you want only devices with WPA3 capability to connect to the WPA3 SSID, you can achieve this by configuring each AP through CLI commands.

Configuration:

  1. Identify the specific SSID security profile. 

In this example, let's configure for SSID2_testing. Command:

Router > show wlan-ssid-profile all

2. Disable transition mode for the identified security profile.

Command:

Router> enable

Router# configure terminal

Router(config)# wlan-security-profile SECURITY2

Router(config-wlan-security SECURITY2)# no transition-mode

Router(config-wlan-security SECURITY2)# exit

Verification:

After disabling transition mode, a WPA3 non-supported device will not be able to connect to the SSID, confirming that only WPA3-supported devices can connect.

Note: At the time of this writing, there is no direct way to disable the transition mode from the Nebula front-end configuration.

Be a Community MVP: Win a VIP Deal Dash on Your Next Zyxel Purchase!

Tagged:

Comments

  • Zyxel_Judy
    Zyxel_Judy Posts: 1,009  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Options

    In case there is the incompatibility problems led to certain network interface cards (NICs) are unable to connect to the SSID, please execute the command provided below:

    Router> enable

    Router# configure terminal

    Router(config)# wlan-security-profile SECURITY2

    Router(config-wlan-security SECURITY2)# no transition-mode

    Router(config-wlan-security SECURITY2)# dot11w-op 2

    Router(config-wlan-security SECURITY2)# exit

    Be a Community MVP: Win a VIP Deal Dash on Your Next Zyxel Purchase!