diff --git a/core/mac/src/pe/lim/lim_process_sme_req_messages.c b/core/mac/src/pe/lim/lim_process_sme_req_messages.c
index fa5aa08b28..bc22f333d1 100644
--- a/core/mac/src/pe/lim/lim_process_sme_req_messages.c
+++ b/core/mac/src/pe/lim/lim_process_sme_req_messages.c
@@ -53,6 +53,7 @@
 #include "cds_regdomain.h"
 #include "lim_process_fils.h"
 #include "wlan_utility.h"
+#include <wlan_crypto_global_api.h>
 
 /* SME REQ processing function templates */
 static bool __lim_process_sme_sys_ready_ind(struct mac_context *, uint32_t *);
@@ -1133,6 +1134,88 @@ static QDF_STATUS lim_send_ft_reassoc_req(struct pe_session *session,
 }
 #endif
 
+#ifdef WLAN_FEATURE_11W
+#ifdef WLAN_CONV_CRYPTO_IE_SUPPORT
+/**
+ * lim_set_rmf_enabled() - set rmf enabled
+ * @mac: mac context
+ * @session: pe session
+ * @csr_join_req: csr join req
+ *
+ * Return: void
+ */
+static void lim_set_rmf_enabled(struct mac_context *mac,
+				struct pe_session *session,
+				struct join_req *csr_join_req)
+{
+	struct wlan_objmgr_vdev *vdev;
+	uint16_t rsn_caps;
+
+	vdev = wlan_objmgr_get_vdev_by_id_from_psoc(mac->psoc,
+						    csr_join_req->sessionId,
+						    WLAN_LEGACY_SME_ID);
+	if (!vdev) {
+		pe_err("Invalid vdev");
+		return;
+	}
+	rsn_caps = (uint16_t)wlan_crypto_get_param(vdev,
+						   WLAN_CRYPTO_PARAM_RSN_CAP);
+	if (wlan_crypto_vdev_has_mgmtcipher(
+				vdev,
+				(1 << WLAN_CRYPTO_CIPHER_AES_GMAC) |
+				(1 << WLAN_CRYPTO_CIPHER_AES_GMAC_256) |
+				(1 << WLAN_CRYPTO_CIPHER_AES_CMAC)) &&
+	    (rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_ENABLED) &&
+	    (rsn_caps & WLAN_CRYPTO_RSN_CAP_MFP_REQUIRED))
+		session->limRmfEnabled = 1;
+
+	wlan_objmgr_vdev_release_ref(vdev, WLAN_LEGACY_SME_ID);
+
+	pe_debug("vdev %d limRmfEnabled %d rsn_caps 0x%x",
+		 csr_join_req->sessionId, session->limRmfEnabled,
+		 rsn_caps);
+}
+#else
+/**
+ * lim_set_rmf_enabled() - set rmf enabled
+ * @mac: mac context
+ * @session: pe session
+ * @csr_join_req: csr join req
+ *
+ * Return: void
+ */
+static void lim_set_rmf_enabled(struct mac_context *mac,
+				struct pe_session *session,
+				struct join_req *csr_join_req)
+{
+	if ((eSIR_ED_AES_128_CMAC == csr_join_req->MgmtEncryptionType) ||
+	    (eSIR_ED_AES_GMAC_128 == csr_join_req->MgmtEncryptionType) ||
+	    (eSIR_ED_AES_GMAC_256 == csr_join_req->MgmtEncryptionType))
+		session->limRmfEnabled = 1;
+	else
+		session->limRmfEnabled = 0;
+
+	pe_debug("mgmt encryption type %d limRmfEnabled %d",
+		 csr_join_req->MgmtEncryptionType, session->limRmfEnabled);
+}
+#endif
+#else
+/**
+ * lim_set_rmf_enabled() - set rmf enabled
+ * @mac: mac context
+ * @session: pe session
+ * @csr_join_req: csr join req
+ *
+ * Return: void
+ */
+static inline void lim_set_rmf_enabled(struct mac_context *mac,
+				       struct pe_session *session,
+				       struct join_req *csr_join_req)
+
+{
+}
+#endif
+
 /**
  * __lim_process_sme_join_req() - process SME_JOIN_REQ message
  * @mac_ctx: Pointer to Global MAC structure
@@ -1402,15 +1485,7 @@ __lim_process_sme_join_req(struct mac_context *mac_ctx, void *msg_buf)
 
 
 		/* Record if management frames need to be protected */
-#ifdef WLAN_FEATURE_11W
-		if ((eSIR_ED_AES_128_CMAC ==
-					    sme_join_req->MgmtEncryptionType) ||
-		   (eSIR_ED_AES_GMAC_128 == sme_join_req->MgmtEncryptionType) ||
-		   (eSIR_ED_AES_GMAC_256 == sme_join_req->MgmtEncryptionType))
-			session->limRmfEnabled = 1;
-		else
-			session->limRmfEnabled = 0;
-#endif
+		lim_set_rmf_enabled(mac_ctx, session, sme_join_req);
 
 #ifdef FEATURE_WLAN_DIAG_SUPPORT_LIM
 		session->rssi = bss_desc->rssi;