Wips - Motorola RFS7000 Series System Reference Manual

When you initially switch packets on an out-of-the-box AP300 port, it immediately attempts to authenticate
using 802.1x. Since 802.1x supports supplicant initiated authentication, the AP300 attempts to initiate the
authentication process.
On reset (all resets including power-up), an AP300 sends an EAPOL start message every time it sends a Hello
message (periodically every 1 second). The EAPOL start is the supplicant initiated attempt to become
authenticated.
If an appropriate response is received in response to the EAPOL start message, the AP300 attempts to proceed
with the authentication process to completion. Upon successful authentication, the AP300 transmits the Hello
message and the download proceeds the way as it does today.
If no response is received from the EAPOL start message, or if the authentication attempt is not successful,
the AP300 continues to transmit Hello messages followed by LoadMe messages. If a parent reply is received
in response to the Hello message, then downloading continue normally - without authentication. In this case,
you need not enable or disable the port authentication.
802.1x authentication is conducted:
• At power up
• At an AP300 operator initiated reset (such as pulling Ethernet cable)
• When the switch administrator initiates a reset of the AP300.
• When re-authentication is initiated by the Authenticator (say the switch in between)
Change Username/Password after AP Adoption
Once the AP300 is adopted using 802.1x authentication (say default username/password) OR using a non-
secure access method (hub or switch without 802.1x enabled), use the CLI/SNMP/UI to reconfigure the
username/password combination.
Reset Username/Password to Factory Defaults
To restore the AP300 username/password to factory defaults, adopt the AP300 using a non-secure access
method (a hub or switch without 802.1x enabled), then reconfigure the username/password combination.
The access port does not make use of any parameters (such as MAC based authentication, VLAN based etc.)
configured on Radius Server.

1.2.5.8 WIPS

The Motorola Wireless Intrusion Protection System (WIPS) monitors for the presence of unauthorized rogue
devices. Unauthorized attempts to access the WLAN is generally accompanied by anomalous behavior as
intruding MUs try to find network vulnerabilities. Basic forms of this behavior can be monitored and reported
without needing a dedicated WIPS. When the parameters exceed a configurable threshold, the switch
generates an SNMP trap and reports the result via the management interfaces. Basic WIPS functionality does
not require monitoring APs and does not perform off-channel scanning.
NOTE When converting an AP300 to an Intrusion Detection Sensor, the conversion
requires approximately 60 seconds.
1-25
Overview