By default, a DWS-1008 switch can configure and manage a Distributed AP regardless of whether the
AP has an encryption key, and regardless of whether you have confirmed the fingerprint by setting it in
MSS.
You can configure a switch to require Distributed APs to have an encryption key. In this case, the
switch also requires their fingerprints to be confirmed in MSS. When AP security is required, an AP
can establish a management session with the switch only if its fingerprint has been confirmed by you
in MSS.
If you do not want any APs to use encryption for management information, you can disable the
feature.
The table below lists the AP security options and whether an AP can establish a management session
with a switch based on the option settings.
AP Security Setting
AP Security Required
AP Security Optional
* MSS generates a log message listing the AP serial number and fingerprint so you can verify the AP's
identity.
Verifying an AP's Fingerprint on a Switch
To verify an AP's fingerprint, find the fingerprint and use the set dap fingerprint command to enter the
fingerprint in MSS.
An AP's fingerprint is listed on a label on the back of the AP.
D-Link DWS-1008 User Manual
Encryption Options
AP Has Fingerprint?
Yes
No
Yes
No
Finding the Fingerprint
Fingerprint Verified in
MSS?
Yes
No
Not Applicable
Yes
No
Not Applicable
AP Can Establish Management
Sessionwith Switch?
Yes
No
No
Yes*
Yes*
Yes
1