Filter
Top Products
Authenticating and Validating Access Points 71
4 Installing the D-Link Unified Access System
managed by another WCS, it looks up the MAC address of the AP in the local or RADIUS
Valid AP database. If it finds the MAC address in the database, the switch validates the AP
and assumes management. If you have not added the MAC address of the AP to the database,
the AP appears in the Authentication Failed Access Points list, and the failure type is No
Database Entry.
Optionally, you can require that the AP is authenticated before the WCS manages it. You can
add authentication information about the AP when you add its MAC address to the local or
RADIUS database.If you enable authentication, it takes place immediately after the switch
validates the AP.
NOTE:When a switch successfully validates an AP, it sends an AP Profile to the
access point. The AP Profile contains all of the access point configuration
information, such as the radio, security, and SSID settings. You can configure
all of the AP settings before the switch validates an AP. For information about
configuring the default AP profile, see Chapter 5, “Configuring Access Point
Settings” on page 77.
Configuring AP Authentication
Unless access to the wired network is secured with IEEE 802.1x authentication or another
security mechanism, the AP should always use authentication so that Rogue APs do not
automatically associate with the switch.
If you require the AP to authenticate itself to the switch, you must perform the following three
steps:
1. Enable AP authentication on the switch, which is described in this section.
2. Connect to the access point CLI and configure a pass phrase as described in “Preparing the
Access Points” on page 54.
3. Enter the pass phrase in the Valid AP database.
To enter a pass phrase in the local database, see “Using the Local Database for AP
Validation” on page 72. To enter a pass phrase in the RADIUS database, see “Using the
RADIUS Database for AP Validation” on page 74.