Meraki

Community

WPA 3 and RADIUS server - cant set WPA 3 Transition Mode

AxL1971
A model citizen
yesterday
yesterday

WPA 3 and RADIUS server - cant set WPA 3 Transition Mode

Currently we have MR56 that authenticated with ISE RADIUS server and use WPA2

 

We are replacing the AP with CW9166I-MR that supports 6GHZ.

 

For 6Ghz we need to enable WPA3, however as we have some laptops that do not support 6Ghz we need to set the SSID to use WPA 3 Transition Mode

 

However when modifying the SSID configuration I do not see the option to use WPA 3 Transition Mode - only see these options

 

AxL1971_0-1740642272637.png

 

 

 

10 Replies 10
rhbirkelund
Kind of a big deal
Kind of a big deal
11 hours ago
11 hours ago

What firmware version are you running?

If I remember correctly, you need MR31.x to get WPA3 Transition.

rhbirkelund_0-1740643640658.png

 

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
In response to rhbirkelund
rwiesmann
A model citizen
11 hours ago
11 hours ago

Interesting...looks the same for me as @AxL1971 mentioned it. No Tranistion Mode option on the drop down.

And I have MR 31.1.5.1 running on my AP's.

0 Kudos
In response to rhbirkelund
rwiesmann
A model citizen
10 hours ago
10 hours ago

Solved it...switched to the new version of the Access Control Site...tada...transistion mode is available 

rwiesmann
A model citizen
11 hours ago
11 hours ago

Did you check out the configuration guide to WPA 3?

https://documentation.meraki.com/MR/Wi-Fi_Basics_and_Best_Practices/WPA3_Encryption_and_Configuratio...

 

hope this helps

AxL1971
A model citizen
11 hours ago
11 hours ago

we are running the MR 30.x  on the AP's

 

 

0 Kudos
In response to AxL1971
rhbirkelund
Kind of a big deal
Kind of a big deal
7 hours ago
7 hours ago

Then you’ll need to upgrade to MR31.x in order to use WPA3 Enterprise Transition.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
0 Kudos
KarstenI
Kind of a big deal
Kind of a big deal
8 hours ago
8 hours ago

Are you sure that you really need transition mode? If your PCs are not stone old, they likely support "pure" WPA3. With Enterprise Authentication, the difference is not that big to WPA2.

I would add a new Test-SSID with WPA3 and test your oldest devices to check this.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
AxL1971
A model citizen
7 hours ago
7 hours ago

The issue is the old laptops have the Intel AX201 chipset which does not support 6 Ghz and the newer laptop have the newer AX211 chipset which supports 6Ghz. This is  a 50/50 split of laptops

 

We use a single SSID for corpoate wireless, which uses ISE RADIUS for authentication. From my understanding in order to allow both laptops to connect we need WPA 3 transition mode enabled - so the newer laptops connect on the 6Ghz and older on the 5Ghz (we dont use 2.4 Ghz)

0 Kudos
In response to AxL1971
KarstenI
Kind of a big deal
Kind of a big deal
7 hours ago
7 hours ago

It's not really about the band. My advise is to use WPA3-Enterprise in both 5 and 6 GHz. With that you don't need Transition mode.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
AxL1971
A model citizen
7 hours ago
7 hours ago

As stated above I need to upgrade the firmware to 31.x, which I plan to do by next month. 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.