GPO WPA - Setting

Question

Hi,
currently i plan to move from WPA2 to WPA3.
If in the GPO "WPA2" is set as authentication for wireless clients, i saw in tests, that clients can also connect with WPA3.
Currently we are using Windows Server 2016 where no WPA3 Option is available in the GPO.

My Questions are now:
Is it an expected behaviour that clients can connect with WPA3 if WPA2 is set in the GPO? So can in this case WPA2 be seen as the "minimum requirement"?

And what happens if we move to a Windows Server Version where the WPA3-Setting is available? Will WPA3 still work for clients if the Authentication-Option is still set to WPA2?

Will WPA2 also work if we then set the option to WPA3? (i guess, no)

Thanks in advance

Answer 1

Hello,

Thank you for posting in Q&A forum.

Please kindly find answers to your questions below:

1.Is it an expected behavior that clients can connect with WPA3 if WPA2 is set in the GPO? So can in this case WPA2 be seen as the "minimum requirement"?

Yes, it's an expected behaviour and WPA2 can be considered as minimum requirement.

2.And what happens if we move to a Windows Server Version where the WPA3-Setting is available? Will WPA3 still work for clients if the Authentication-Option is still set to WPA2?

Once you move to Windows Server that support WPA3 and it's set as WPA2 in group policy, WPA3 still works as it's backward compatible with WPA2.

3.Will WPA2 also work if we then set the option to WPA3? (i guess, no)

No, WPA2 will not work if you set it as WPA3.

To help other customers who may be facing the same issue, please don't forget to vote if the reply is helpful.

Best Regards

Zunhui