Filter
Top Products
Configuring and managing Mobility Domain roaming 171
Nortel WLAN—Security Switch 2300 Series Configuration Guide
• On the Mobility Domain seed switch, when you specify the IP addresses and public keys for each member switch,
the member switches’ public keys need to be obtained from each member switch by issuing the show crypto domain
key command on each member switch.
• On the Mobility Domain member switches, when you specify the IP address and public key for the seed switch, the
public key used is obtained from the seed switch by issuing the show crypto domain key command on the Mobility
Domain seed switch.
To configure Secure WSS to WSS communications:
• Set Mobility Domain security on each switch to required. The default setting is none. Secure WSS to WSS
communications can be disabled or enabled on a Mobility Domain basis. The feature must have the same setting
(required or none) on all switches in the Mobility Domain. Use the following command on the seed and on each
member switch to enable Secure WSS to WSS communications:
set domain security required
• Generate the public keys on the Mobility Domain seed a member switches by issuing the crypto generate key
domain 128 command.
Seed Switch Example:
WSS-1# crypto generate key domain 128
key pair generated
Member 1 Switch Example:
WSS-2# crypto generate key domain 128
key pair generated
Member 2 Switch Example:
WSS-3# crypto generate key domain 128
key pair generated
• Obtain the public keys from the Mobility Domain seed and member switches by issuing the show crypto domain
key command.
Seed Switch Example:
WSS-1# show crypto key domain
Domain public key:
ae:03:ca:0c:19:ac:af:f5:8e:10:cf:df:02:7a:00:d5
Member Switch 1 Example:
WSS-2# show crypto key domain
Domain public key:
c6:9b:d0:07:e7:61:9a:40:24:b0:02:4c:fd:d6:1b:9b
Member Switch 2 Example:
WSS-3# show crypto key domain
Domain public key:
93:b6:d2:70:f6:ff:b7:b0:fe:a3:df:4b:66:e0:53:6f:ab
Note. This command also creates a certificate.