This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
RUCKUS Self Help |   ASK the Pack
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

WPA2/WPA3-Mixed 192-bit & Transition Disable Indication

Escaflowne
New Contributor

‎03-12-2022 11:51 AM

I have a WPA2/WPA3-Mixed network authenticating with EAP-TLS on a RADIUS server. Android 12 devices connect to this network using WPA2, whereas I would prefer they connect using WPA3. However, when I set up a WPA3-only network (not mixed), leaving all other settings identical, the devices connect using WPA3 192-bit mode.

  1. Is the behaviour using WPA2/WPA3-Mixed expected? Has anyone successfully connected their Android 12 devices using WPA3 to a WPA2/WPA3-Mixed mode network?
  2. Is there a way to indicate preference for WPA3 over WPA2 in a mixed-mode network?
  3. Android 12 supports Transition Disable indication in the WPA3 standard. Is it possible to enable this in Unleashed 200.12 if it's not already enabled by default?

APs: R510, Unleashed (200.12.10.5.234)

STAs: Pixel 3a, Android 12 (SP2A.220305.012)

Thanks in advance!

0 Kudos
10 REPLIES 10

BobaEnjoyer
New Contributor III
In response to sanjay_kumar

‎04-07-2023 09:04 PM

Oh, with Open authentication, that's WPA3-Personal (SAE).  Mine shows as WPA3 in unleashed as well.  I think OP was having issues with WPA2/WPA3-Enterprise mixed mode, and the clients would choose only WPA2-Enterprise.

I'm having a similar problem, but a phone connects as only WPA3-Enterprised but Unleashed shows WPA2-Enterprise for that phone...

I don't know if the Unleashed firmware is at fault or if this is user error or just very strange phones and laptops.

0 Kudos

sanjay_kumar
RUCKUS Team Member
In response to BobaEnjoyer

‎04-07-2023 09:12 PM

Let me check on this with EAP-TLS as well.

0 Kudos

BobaEnjoyer
New Contributor III
In response to sanjay_kumar

‎04-14-2023 05:24 PM

Any luck with EAP-TLS WPA3 instead of EAP-TLS WPA2?

0 Kudos

sanjay_kumar
RUCKUS Team Member
In response to BobaEnjoyer

‎04-17-2023 01:03 AM

Hi @BobaEnjoyer @Escaflowne 
Apologies for the delay, I was working on this with internal team to understand more on the behavior. Below are some details:

When configuring "WPA2/WPA3-Mixed with 802.1X EAP Authentication" in unleashed,  

  • WPA2 means :“WPA2-Enterprise” + PMF set to disable
  • WPA3 means : “WPA3-Enterprise only mode”, and is essentially “WPA2-Enterprise” + PMF set to required + “AKM WPA SHA256”  (when PFM is set to required, the AMK need to be "WPA SHA256”)

    Currently the GUI displaying WPA2 will be fixed to show Encryption as WPA3. I believe it will be in 200.15 as 200.14 is almost ready to release.

BobaEnjoyer
New Contributor III
In response to sanjay_kumar

‎04-19-2023 11:56 PM

Thank you and the internal team for this clarification.  It set me on a course to read more about WPA3-Enterprise and also the transition/mixed mode, since all the AKM stuff is new to me.

I found https://mrncciew.com/2020/08/17/wpa3-enterprise/ very helpful in the AKM suites for everything and hope that Ruckus also follows the standard perfectly.

0 Kudos
Copyright © 2025 Khoros, LLC
Top

Type a product name