diff --git a/src/cntlr_cmdu.c b/src/cntlr_cmdu.c
index fafca4cc4f34afc89fae5decf94b8c66f34a8767..087cc5b6ac6ef5fcf8ead78335dadba4f8e959cb 100644
--- a/src/cntlr_cmdu.c
+++ b/src/cntlr_cmdu.c
@@ -579,7 +579,7 @@ struct cmdu_buff *cntlr_gen_ap_autoconfig_wsc(struct controller *c,
 		struct node *n, struct cmdu_buff *rx_cmdu, uint8_t *radio_id,
 		struct tlv *wsc, uint16_t mid)
 {
-	struct iface_credential *cred;
+	struct iface_credential *cred = NULL;
 	struct cmdu_buff *resp;
 	uint16_t msglen;
 	uint8_t *msg;
@@ -631,14 +631,19 @@ struct cmdu_buff *cntlr_gen_ap_autoconfig_wsc(struct controller *c,
 	if (ret)
 		goto out;
 
+	ret = 1;
 	list_for_each_entry(cred, &c->cfg.aplist, list) {
 		if (cred->band != e_band)
 			continue;
 
 		/* Will return non-zero if band did not match OR on failure */
-		cntlr_gen_wsc(c, resp, cred, msg, msglen, e_band, e_auth);
+		ret = cntlr_gen_wsc(c, resp, cred, msg, msglen, e_band, e_auth);
 	}
 
+	/*This means that none of the ap in the radio is enabled so set a tear down bit for this*/
+	if (ret == 1)
+		cntlr_gen_wsc(c, resp, NULL, msg, msglen, e_band, e_auth);
+
 	hwaddr_ntoa(radio_id, macstr);
 	hwaddr_ntoa(rx_cmdu->origin, alidstr);
 	if (e_band == BAND_2)
diff --git a/src/cntlr_tlv.c b/src/cntlr_tlv.c
index c926dae8f2d08ff0fbe98cd6fe8e6ade510b72cd..edc773196ba70f8c4a9ee856d208f712e42445be 100644
--- a/src/cntlr_tlv.c
+++ b/src/cntlr_tlv.c
@@ -234,49 +234,62 @@ int cntlr_gen_wsc(struct controller *c, struct cmdu_buff *frm,
 
 	t->type = TLV_TYPE_WSC;
 	cred.band = band;
-	memcpy(cred.ssid, (char *)iface_cred->ssid, strlen((char *)iface_cred->ssid));
-	cred.ssidlen = strlen((char *)iface_cred->ssid);
-	cred.auth_type = wifi_sec_to_auth_types(iface_cred->sec);
-	if (cred.auth_type == WPS_AUTH_OPEN)
-		cred.enc_type = WPS_ENCR_NONE;
-	else /* by default use encryption type AES */
-		cred.enc_type = WPS_ENCR_AES; /* TODO: TKIP? */
-
-	memcpy(cred.key, (char *)iface_cred->key, strlen((char *)iface_cred->key));
-	cred.keylen = strlen((char *)iface_cred->key);
-
-	/* backhaul BSS */
-	cred.mapie |= (iface_cred->multi_ap & 0x01) << 6;
-	/* fronthaul BSS */
-	cred.mapie |= (iface_cred->multi_ap & 0x02) << 4;
-	/* backhaul STA */
-	cred.mapie |= (iface_cred->disallow_bsta << 2);
-	/* teardown bit */
-	cred_auth = wifi_sec_to_auth_types(iface_cred->sec);
-
-	/* if m1 does not support cred auth or cred auth is strictly higher,
-	 * reject and teardown
-	 */
-	if ((cred_auth & m1_auth) != cred_auth) {
+
+	if (iface_cred == NULL) {
 		cred.mapie |= 1 << 4;
-		warn("|%s:%d| setting teardown bit (m1 auth:%04x "\
-		     "creds auth:%04x)\n", __func__, __LINE__,
-		     m1_auth, cred_auth);
-	}
+		warn("|%s:%d| setting teardown bit as all ap in radio is disabled\n", __func__, __LINE__);
+		ret = wsc_build_m2(msg, msglen, &cred,
+			NULL, 0, &m2, &m2_size);
+		if (ret) {
+			dbg("Error building m2!\n");
+			return ret;
+		}
+	} else {
 
-	strncpy(cred.manufacturer, iface_cred->manufacturer, 64);
-	strncpy(cred.model_name, iface_cred->model_name, 32);
-	strncpy(cred.device_name, iface_cred->device_name, 32);
-	memcpy(cred.model_number, iface_cred->model_number, 32);
-	memcpy(cred.serial_number, iface_cred->serial_number, 32);
-	memcpy(cred.device_type, iface_cred->device_type, 8);
+		memcpy(cred.ssid, (char *)iface_cred->ssid, strlen((char *)iface_cred->ssid));
+		cred.ssidlen = strlen((char *)iface_cred->ssid);
+		cred.auth_type = wifi_sec_to_auth_types(iface_cred->sec);
+		if (cred.auth_type == WPS_AUTH_OPEN)
+			cred.enc_type = WPS_ENCR_NONE;
+		else /* by default use encryption type AES */
+			cred.enc_type = WPS_ENCR_AES; /* TODO: TKIP? */
+
+		memcpy(cred.key, (char *)iface_cred->key, strlen((char *)iface_cred->key));
+		cred.keylen = strlen((char *)iface_cred->key);
+
+		/* backhaul BSS */
+		cred.mapie |= (iface_cred->multi_ap & 0x01) << 6;
+		/* fronthaul BSS */
+		cred.mapie |= (iface_cred->multi_ap & 0x02) << 4;
+		/* backhaul STA */
+		cred.mapie |= (iface_cred->disallow_bsta << 2);
+		/* teardown bit */
+		cred_auth = wifi_sec_to_auth_types(iface_cred->sec);
+
+		/* if m1 does not support cred auth or cred auth is strictly higher,
+		* reject and teardown
+		*/
+		if ((cred_auth & m1_auth) != cred_auth) {
+			cred.mapie |= 1 << 4;
+			warn("|%s:%d| setting teardown bit (m1 auth:%04x "\
+				"creds auth:%04x)\n", __func__, __LINE__,
+				m1_auth, cred_auth);
+		}
 
-	ret = wsc_build_m2(msg, msglen, &cred,
-			   (struct wsc_vendor_ie *) iface_cred->ven_ies,
-			   iface_cred->num_ven_ies, &m2, &m2_size);
-	if (ret) {
-		dbg("Error building m2!\n");
-		return ret;
+		strncpy(cred.manufacturer, iface_cred->manufacturer, 64);
+		strncpy(cred.model_name, iface_cred->model_name, 32);
+		strncpy(cred.device_name, iface_cred->device_name, 32);
+		memcpy(cred.model_number, iface_cred->model_number, 32);
+		memcpy(cred.serial_number, iface_cred->serial_number, 32);
+		memcpy(cred.device_type, iface_cred->device_type, 8);
+
+		ret = wsc_build_m2(msg, msglen, &cred,
+				(struct wsc_vendor_ie *) iface_cred->ven_ies,
+				iface_cred->num_ven_ies, &m2, &m2_size);
+		if (ret) {
+			dbg("Error building m2!\n");
+			return ret;
+		}
 	}
 
 	t->len = m2_size;