Brocade Communications Systems RFS6000 System Reference Manual page 151

6. Refer to the Update broadcast keys every field to specify a time period (in seconds) for
7.
ASCII Passphrase To use an ASCII passphrase (and not a hexadecimal value), select the checkbox and enter an
256-bit Key
NOTE
The Web UI does not support saving passphrases in encrypted format. To save passphrases in an
encrypted format, configure the passphrases using the Command Line Interface. Refer to the CLI
Reference Guide for details on configuring passphrases using the CLI.
8. Optionally select one of the following from within the Fast Roaming (8021x only) field.
PMK Caching Select Pairwise Master Key (PMK) caching to store Pairwise Master Key derived from 802.1x authentication
between a client device and its authenticator. When a client roams between devices, the client's credentials no
longer need to be completely reauthenticated (a process that can take up to 100 milliseconds). In the instance of a
voice session, the connection would likely be terminated if not using a PMK. PMK cache entries are stored for a
finite amount of time, as configured on the wireless client.
Opportunistic Key Caching
Opportunistic Key
Caching same client when it roams over to another Access Port. Upon roaming, the client does not have to conduct 802.1x
authentication and can start sending/receiving data sooner.
Pre-Authentication Selecting the
another switch (or device) before it roams to it. This enables the roaming client to send and receive data sooner by
not having to conduct an 802.1x authentication after roaming. This is only supported when 802.1x EAP
authentication is enabled.
9. Refer to the Status field for the current state of the requests made from applet. This field
10. Click OK to use the changes to the running configuration and close the dialog.
11. Click Cancel to close the dialog without committing updates to the running configuration.
Brocade Mobility RFS4000, RFS6000, and RFS7000 System Reference Guide
53-1002515-01
Only broadcast key changes when required by associated Clients to reduce the transmissions
of sensitive key information. This value is enabled by default.
broadcasting encryption-key changes to Clients.
Set key broadcasts to a shorter interval (at least 60 seconds) for tighter security on wireless
connections. Set key broadcasts to a longer interval (at most, 86400 seconds) to extend key
times for wireless connections. The default is 7200 seconds.
Configure the Key Settings field as needed to set an ASCII Passphrase and key values.
alphanumeric string of 8 to 63 characters. The alphanumeric string allows character spaces.
The switch converts the string to a numeric value. This passphrase saves the administrator
from entering the 256-bit key each time keys are generated.
To use a hexadecimal value (and not an ASCII passphrase), select the checkbox and enter 16
hexadecimal characters into each of the four fields displayed.
Default (hexadecimal) 256-bit keys for WPA/TKIP include:
•
1011121314151617
•
18191A1B1C1D1E1F
•
2021222324252627
•
28292A2B2C2D2E2F
allows the switch to use a PMK derived with a client on one Access Port with the
Pre-Authentication
displays error messages if something goes wrong in the transaction between the applet and
the switch.
option enables an associated client to carry out an 802.1x authentication with
4
139