Setting The Ap Security Requirement On A Wss; Fingerprint Log Message; Configuring A Service Profile - Nortel 2360 Configuration Manual
Wlan-security switch 2300 series
Hide thumbs
Also See for 2360:
- Reference manual (480 pages) ,
- User manual (218 pages) ,
- Installation and basic configuration manual (172 pages)
Table of Contents
Advertisement
244 Configuring APs
Setting the AP security requirement on a WSS
You can configure the WSS to require all Distributed APs to have encryption keys. In this case, the WSS does not
establish a management session with a Distributed AP unless the AP has a key, and you have confirmed the key's finger-
print in WSS Software.
Note.
A change to AP security support does not affect management sessions that are
already established. To apply the new setting to an AP, restart the AP.
To configure AP security requirements, use the following command:
set ap security {require | optional | none}
The require option enforces encryption of management traffic for all Distributed APs, and requires the key fingerprints
to be confirmed in WSS Software. The none option disables encryption of management traffic for all Distributed APs.
The default is optional, which allows connection to APs with or without encryption.
The following command configures a WSS to require Distributed APs to have encryption keys:
WSS# set ap security require
Fingerprint log message
If AP encryption is optional, and an AP whose fingerprint has not been verified in WSS Software establishes a manage-
ment session with the WSS, WSS Software generates a log message such as the following:
AP-HS:(secure optional)configure AP 0335301065 with fingerprint
c6:98:9c:41:32:ab:37:09:7e:93:79:a4:ca:dc:ec:fb
The message lists the serial number and fingerprint of the AP. You can check this information against your records to
verify that the AP is authentic.
Configuring a service profile
A service profile is a set of parameters that control advertisement (beaconing) and encryption for an SSID, as well as
default authorization attributes that apply to users accessing the SSID.
This section describes how to create a service profile and set some basic SSID parameters. To configure other service
profile parameters, see the following:
•
"Configuring user encryption" (page 291)
•
"Configuring quality of service" (page 343)
•
"Configuring the Web portal Web-based AAA session timeout period" (page 512)
•
"Assigning SSID default attributes to a service profile" (page 529)
•
"Configuring SODA endpoint security for a WSS" (page 591)
(For a list of the parameters controlled by service profiles and their defaults, see
(To display service profile settings, see
NN47250-500 (320657-F Version 02.01)
"Displaying service profile information" (page
Table 5 on page
228.)
275).)
- Quick Links:
- Using the Command-Line Interface
Hide quick links:
Advertisement
Table of Contents
