Configuring Wlan Firewall Settings - Motorola WiNG 5.7.1 System Reference Manual

6 - 26 WiNG 5.7.1 Access Point System Reference Guide
5. Configure the following Keyguard settings:
Generate Keys
Keys 1-4
Restore Default WEP
Keys
Default WEP Keyguard keys are as follows:
• Key 1 101112131415161718191A1B1C
• Key 2 202122232425262728292A2B2C
• Key 3 303132333435363738393A3B3C
• Key 4 404142434445464748494A4B4C
6. Select OK when completed to update the WLAN's Keyguard encryption configuration. Select
back to its last saved configuration.
Keyguard Deployment Considerations
Keyguard
Before defining a Keyguard configuration on a WLAN, refer to the following deployment guidelines to ensure the configuration
is optimally effective:
• WiNG proprietary authentication techniques, can also be enabled on WLANs supporting other WiNG proprietary
techniques, such as KeyGuard.
• A WLAN using KeyGuard to support legacy devices should also use largely limited to the support of just those legacy clients
using KeyGuard.
• KeyGuard is not supported on AP6511 model access points.
• If WEP support is needed for WLAN legacy device support, 802.1X EAP authentication should be also configured in order
for the WLAN to provide authentication and dynamic key derivation and rotation.

6.2.1 Configuring WLAN Firewall Settings

Wireless LANs
A Firewall is a mechanism enforcing access control, and is considered a first line of defense in protecting proprietary
information within an access point managed WLAN. The means by which this is accomplished varies, but in principle, a Firewall
is a mechanism that blocks and permits data traffic. For a Firewall overview, see
WLANs use Firewalls like Access Control Lists (ACLs) to filter/mark packets based on the WLAN from which they arrive, as
opposed to filtering packets on Layer 2 ports. An ACL contains an ordered list of Access Control Entries (ACEs). Each ACE
specifies an action and a set of conditions (rules) a packet must satisfy to match the ACE. The order of conditions in the list is
critical because the access point stops testing conditions after the first match.
IP based Firewall rules are specific to source and destination IP addresses and the unique rules and precedence orders
assigned. Both IP and non-IP traffic on the same Layer 2 interface can be filtered by applying both an IP ACL and a MAC.
Specify a 4 to 32 character Pass Key and click the Generate button. The pass key can be
any alphanumeric string. WiNG clients use the algorithm to convert an ASCII string to the
same hexadecimal number. Clients without these WiNG adapters need to use keys
manually configured as hexadecimal numbers.
Use the Key #1-4 areas to specify key numbers. For Keyguard (104-bit key), the keys are 26
hexadecimal characters in length. Select one of these keys for default activation by clicking
its radio button. Selecting Show displays a key in exposed plain text.
If you feel it necessary to restore the Keyguard algorithm back to its default settings, click
the Restore Default WEP Keys button. This may be the case if the latest defined algorithm
has been compromised and no longer provides its former measure of data security.
Reset to revert the screen
Wireless Firewall on page 8-2.