Configuring Mint - Motorola WiNG 5 System Reference Manual

5.3.11.2 Configuring MINT

MINT provides the means to secure access point profile communications at the transport layer. Using MINT, an access
point can be configured to only communicate with other authorized (MINT enabled) access points of the same model.
Virtual Controller AP managed access points can communicate with each other exclusively over a MINT security domain.
Keys can also be generated externally using any application (like openssl). These keys must be present on the access point
managing the domain for key signing to be integrated with the UI. A MAP device that needs to communicate with another
first negotiates a security context with that device. The security context contains the transient keys used for encryption
and authentication. A secure network requires users know about certificates and PKI. However, administrators do not need
to define security parameters for access points to be adopted (secure WISPe being an exception, but that isn't a commonly
used feature). Also, users can replace any device on the network or move devices around and they continue to work.
Default security parameters for MINT are such that these scenarios continue to function as expected, with minimal user
intervention required only when a new network is deployed.
To define an access point profile's MINT configuration:
1. Select MINT Protocol
The Settings
2. Refer to the Area Identifier field to define the Level 1 and Level 2 Area IDs used by the profile's MINT configuration.
Level 1 Area ID
from the expanded Advanced menu.
Figure 5-82 Advanced Profile MINT screen - Settings tab
tab displays by default.
Select the check box to enable a spinner control for setting the Level 1 Area
ID between 1 - 4,294,967,295. The default value is disabled.
Device Configuration 5 - 149