Just a point I have from the past. WPA + TKIP was only intended as a "workaround" until WPA2 was ratified. That being said, here is a paraphrased note I have from a wireless engineer:
Only WPA-tkip & wpa2-aes are tested & certified as part of the Wif-Fi alliance certification. Enabling both mode is not tested as well. Enabling both WPA-tkip & wpa2-aes should be avoided on infrastructure device when there is decrypt issues because some clients can't do well on mixed mode(which is not a standard). however, it works well with specific vendor infrastructure and their own clients Ex: cisco phone on cisco wlc, Motorola handhelds with their controllers goes well since this combination is tested in their respective labs. By enabling all possible WPA & WPA2 on WLAN would burden the cpu of AP to specifically encrypt & decrypt them & it should be avoided on high density deployment. Mike ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.