Motorola WiNG 5 System Reference Manual page 364

6 - 16 WiNG 5 Access Point System Reference Guide
Broadcast Rotation
Interval
7. Define the
Using 802.11i can speed up the roaming process from one access point to another. Instead of doing a complete
802.1x authentication each time a client roams between access points, 802.11i allows a client to re-use previous
PMK authentication credentials and perform a four-way handshake. This speeds up the roaming process. In
addition to reusing PMKs on previously visited APs, Opportunistic Key Caching allows multiple APs to share PMKs
amongst themselves. This allows a client to roam to an AP it has not previously visited and reuse a PMK from
another AP to skip 802.1x authentication.
Pre-Authentication
8. Set the following
TKIP Countermeasure
Hold Time
Exclude WPA2-TKIP
9. Select OK
revert the screen back to its last saved configuration.
When enabled, the key indices used for encrypting/decrypting broadcast
traffic will be alternatively rotated based on the defined interval Define an
interval for broadcast key transmission in seconds (30-86,400). Key rotation
enhances the broadcast traffic security on the WLAN. This feature is disabled
by default.
Fast Roaming configuration used only with 802.1x EAP-WPA/WPA2 authentication.
Selecting the Pre-Authentication option enables an associated client to carry
out an 802.1x authentication with another access point before it roams to it.
This enables a roaming client to send and receive data sooner by not having to
conduct an 802.1x authentication after roaming. With pre authentication, a
client can perform an 802.1X authentication with other detected access points
while still connected to its current access point. When a device roams to a
neighboring access point, the device is already authenticated on the access
point, thus providing faster re-association. This feature is enabled by default.
Advanced settings for the WPA/WPA2-TKIP encryption scheme
The TKIP countermeasure hold-time is the time during which the use of the
WLAN is disabled, if TKIP countermeasures have been invoked on the WLAN.
Use the drop-down menu to define a value in either Hours (0-18), Minutes
(0-1,092) or Seconds (0-65,535). The default setting is 60 seconds.
Select this option to advertise and enable support for only WPA-TKIP. This
option can be used if certain older clients are not compatible with newer
WPA2-TKIP information elements. Enabling this option allows backwards
compatibility for clients that support WPA-TKIP and WPA2-TKIP, but do not
support WPA2-CCMP. Motorola Solutions Solutions recommends enabling this
feature if WPA-TKIP or WPA2-TKIP supported clients operate in a WLAN
populated by WPA2-CCMP enabled clients. This feature is disabled by default.
when completed to update the WLAN's WPA/WPA2-TKIP encryption configuration. Select
NOTE: WPA-TKIP is not supported on radios configured to exclusively use 802.11n.
Reset to