1 - 20 WiNG 4.4 Switch System Reference Guide
1.2.5.3 Secure Beacon
Devices in a wireless network use
Service Set Identifiers
(SSIDs) to communicate. An SSID is a text string up to 32 bytes
long. An AP in the network announces its status by using beacons. To avoid others from accessing the network, the most
basic security measure adopted is to change the default SSID to one not easily recognizable, and disable the broadcast of
the SSID.
The SSID is a code attached to all packets on a wireless network to identify each packet as part of that network. All
wireless devices attempting to communicate with each other must share the same SSID. Apart from identifying each
packet, the SSID also serves to uniquely identify a group of wireless network devices used in a given service set.
1.2.5.4 MU to MU Disallow
Use MU to MU Disalllow to restrict MU to MU communication within a WLAN. The default is ‘no’, which allows MUs to
exchange packets with other MUs. It does not prevent MUs on other WLANs from sending packets to this WLAN. You
would have to enable MU to MU Disallow on the other WLAN. To define how MU to MU traffic is permitted for a WLAN,
see
Editing the WLAN Configuration on page 4-27
.
1.2.5.5 802.1x Authentication
802.1x Authentication cannot be disabled (its always enabled). A factory delivered out-of-the-box
AP300 supports 802.1x authentication using a default username and password. EAP-MD5 is used for 802.1x.
When you initially switch packets on an out-of-the-box AP300 port, it immediately attempts to authenticate using 802.1x.
Since 802.1x supports
supplicant initiated
authentication, the AP300 attempts to initiate the authentication process.
On reset (all resets including power-up), the AP300 sends an EAPOL start message every time it sends a Hello message
(periodically every 1 second). The
EAPOL start
is the
supplicant initiated
attempt to become authenticated.
If an appropriate response is received in response to the
EAPOL start
message, the AP300 attempts to proceed with the
authentication process to completion. Upon successful authentication, the AP300 transmits the Hello message and the
download proceeds the way as it does today.
If no response is received from the
EAPOL start
message, or if the authentication attempt is not successful, the AP300
continues to transmit
Hello
messages followed by
LoadMe
messages. If a parent reply is received in response to the
Hello
message,
then downloading continue normally - without authentication. In this case, you need not enable or disable the
port authentication.
802.1x authentication is conducted:
• At power up
• On an AP300 operator initiated reset (such as pulling Ethernet cable)
• When the switch administrator initiates a reset of the AP300.
• When re-authentication is initiated by the Authenticator (say the switch in between)
Change Username/Password after AP Adoption
Once the AP300 is adopted using 802.1x authentication (say default username/password) OR using a non-secure access
method (hub or switch without 802.1x enabled), use the CLI/SNMP/UI to reconfigure the username/password
combination.
Reset Username/Password to Factory Defaults
To restore the AP300 username/password to factory defaults, adopt the AP300 using a non-secure access method (a hub
or switch without 802.1x enabled), then reconfigure the username/password combination.
The Access Port does not make use of any parameters (such as MAC based authentication, VLAN based etc.) configured
on Radius Server.
Summary of Contents for WiNG 4.4
Page 1: ...Motorola Solutions WiNG 4 4 SYSTEM REFERENCE GUIDE ...
Page 2: ......
Page 3: ...MOTOROLA SOLUTIONS WING 4 4 SYSTEM REFERENCE GUIDE 72E 157062 01 Revision A January 2012 ...
Page 6: ...iv WiNG 4 4 Switch System Reference Guide ...
Page 14: ...xii WiNG 4 4 Switch System Reference Guide ...
Page 48: ...1 32 WiNG 4 4 Switch System Reference Guide ...
Page 58: ...2 10 WiNG 4 4 Switch System Reference Guide ...
Page 280: ...4 176 WiNG 4 4 Switch System Reference Guide ...
Page 352: ...5 72 WiNG 4 4 Switch System Reference Guide ...
Page 476: ...6 124 WiNG 4 4 Switch System Reference Guide ...
Page 506: ...7 30 WiNG 4 4 Switch System Reference Guide ...
Page 532: ...8 26 WiNG 4 4 Switch System Reference Guide ...
Page 536: ...A 4 WiNG 4 4 Switch System Reference Guide ...
Page 544: ...B 12 WiNG 4 4 Switch System Reference Guide ...
Page 558: ...B 26 WiNG 4 4 Switch System Reference Guide ...
Page 574: ...C 16 WiNG 4 4 Switch System Reference Guide ...
Page 596: ...E 4 WiNG 4 4 Switch System Reference Guide ...
Page 597: ......