Intermec WA21 System Manual page 158

Chapter 6 — Configuring Security
144
When deciding on which type of spanning tree security to use, the
supplicant access point and the authenticator will negotiate an
authentication method that can be used by both. If the Allow SWAP
check box is checked on both access points, SWAP will always be used. If
the Allow SWAP check box is cleared on one or both of the access points,
either TTLS or TLS will be used, depending on the setting of the
Preferred Protocol field of the supplicant access point.
Note these potential problems:
• If you enable secure IAPP on a root access point that is running software
release 1.80 or later and other access points in your network are running
an earlier software release than 1.80, the access points with the earlier
software release will not attach to the root. The access points with the
earlier software release do not support secure IAPP. If you want to use
secure IAPP, upgrade all access points to software release 1.80.
• If you enable secure IAPP on a non-root access point and the root access
point has secure IAPP disabled, the access points will form separate
spanning trees with the same LAN ID. If you want to use secure IAPP,
enable secure IAPP on all access points.
To create a secure spanning tree
Note: You do not need to perform this procedure if you are implementing
an 802.1x security solution. 802.1x authentication automatically enables
secure IAPP and secure wireless hops. See "Implementing an 802.1x
Security Solution" on page 152.
1 From the main menu, click Security > Spanning Tree Security. The
Spanning Tree Security screen appears.
MobileLAN access WA2X System Manual