Brocade Communications Systems RFS6000 System Reference Manual page 34

1
On reset (all resets including power-up), the Brocade Mobility 300 Access Point sends an EAPOL
start message every time it sends a Hello message (periodically every 1 second). The EAPOL start
is the supplicant initiated attempt to become authenticated.
If an appropriate response is received in response to the EAPOL start message, the Brocade
Mobility 300 Access Point attempts to proceed with the authentication process to completion.
Upon successful authentication, the Brocade Mobility 300 Access Point transmits the Hello
message and the download proceeds the way as it does today.
If no response is received from the EAPOL start message, or if the authentication attempt is not
successful, the Brocade Mobility 300 Access Point continues to transmit Hello messages followed
by LoadMe messages. If a parent reply is received in response to the Hello message, then
downloading continue normally - without authentication. In this case, you need not enable or
disable the port authentication.
802.1x authentication is conducted:
•
•
•
•
Change Username/Password after AP Adoption
Once the Brocade Mobility 300 Access Point is adopted using 802.1x authentication (say default
username/password) OR using a non-secure access method (hub or switch without 802.1x
enabled), use the CLI/SNMP/UI to reconfigure the username/password combination.
Reset Username/Password to Factory Defaults
To restore the Brocade Mobility 300 Access Point username/password to factory defaults, adopt
the Brocade Mobility 300 Access Point using a non-secure access method (a hub or switch without
802.1x enabled), then reconfigure the username/password combination.
The Access Port does not make use of any parameters (such as MAC based authentication, VLAN
based etc.) configured on Radius Server.
WIPS
The Wireless Intrusion Protection Software (WIPS) monitors for any presence of unauthorized rogue
Access Points. Unauthorized attempts to access the WLAN is generally accompanied by anomalous
behavior as intruding Clients try to find network vulnerabilities. Basic forms of this behavior can be
monitored and reported without needing a dedicated WIPS. When the parameters exceed a
configurable threshold, the switch generates an SNMP trap and reports the result via the
management interfaces. Basic WIPS functionality does not require monitoring APs and does not
perform off-channel scanning.
NOTE
When converting an Brocade Mobility 300 Access Point to an Intrusion Detection Sensor, the
conversion requires approximately 60 seconds.
22
At power up
On an Brocade Mobility 300 Access Point operator initiated reset (such as pulling Ethernet
cable)
When the switch administrator initiates a reset of the Brocade Mobility 300 Access Point.
When re-authentication is initiated by the Authenticator (say the switch in between)
Brocade Mobility RFS4000, RFS6000, and RFS7000 System Reference Guide
53-1002515-01