Wps Roles; Enabling And Disabling Wps On A Vap - Cisco WAP121 Administration Manual

Wireless
WPS Setup
NOTE
Cisco Small Business WAP121 and WAP321 Wireless-N Access Point with PoE
manually configures the device with the SSID, public shared key, and
cryptography modes of the WPS-enabled WAP device. The device joins
the network.
The PIN is either an eight-digit number that uses its last digit as a checksum value,
or a four-digit number with no checksum. Each of these numbers may contain
leading zeroes.

WPS Roles

The WPS standard assigns specific roles to the various components in its
architecture:
• Enrollee—A device that can join the wireless network.
• AP—A device that provides wireless access to the network.
• Registrar—An entity that issues security credentials to enrollees and
configures APs.
The WAP devices act as AP devices and support a built-in registrar. They do not
function as an enrollee.

Enabling and Disabling WPS on a VAP

The administrator can enable or disable WPS on only one VAP. WPS is operational
only if this VAP meets these conditions:
• The WAP device is configured to broadcast the VAP SSID.
• MAC address filtering is disabled on the VAP.
• WEP encryption is disabled on the VAP.
• The VAP is configured to use either WPA-Personal security or none. If
WPA2-PSK encryption mode is enabled, then a valid pre-shared key (PSK)
must be configured and CCMP (AES) encryption must be enabled.
• The VAP is operationally enabled.
WPS is operationally disabled on the VAP if any of these conditions are not met.
Disabling WPS on a VAP does not cause disassociation of any clients previously
authenticated through WPS on that VAP.
5
101