Filter
Top Products
244 Configuring APs
NN47250-500 (320657-F Version 02.01)
Setting the AP security requirement on a WSS
You can configure the WSS to require all Distributed APs to have encryption keys. In this case, the WSS does not
establish a management session with a Distributed AP unless the AP has a key, and you have confirmed the key’s finger-
print in WSS Software.
To configure AP security requirements, use the following command:
set ap security {require | optional | none}
The require option enforces encryption of management traffic for all Distributed APs, and requires the key fingerprints
to be confirmed in WSS Software. The none option disables encryption of management traffic for all Distributed APs.
The default is optional, which allows connection to APs with or without encryption.
The following command configures a WSS to require Distributed APs to have encryption keys:
WSS# set ap security require
Fingerprint log message
If AP encryption is optional, and an AP whose fingerprint has not been verified in WSS Software establishes a manage-
ment session with the WSS, WSS Software generates a log message such as the following:
AP-HS:(secure optional)configure AP 0335301065 with fingerprint
c6:98:9c:41:32:ab:37:09:7e:93:79:a4:ca:dc:ec:fb
The message lists the serial number and fingerprint of the AP. You can check this information against your records to
verify that the AP is authentic.
Configuring a service profile
A service profile is a set of parameters that control advertisement (beaconing) and encryption for an SSID, as well as
default authorization attributes that apply to users accessing the SSID.
This section describes how to create a service profile and set some basic SSID parameters. To configure other service
profile parameters, see the following:
• “Configuring user encryption” (page 291)
• “Configuring quality of service” (page 343)
• “Configuring the Web portal Web-based AAA session timeout period” (page 512)
• “Assigning SSID default attributes to a service profile” (page 529)
• “Configuring SODA endpoint security for a WSS” (page 591)
(For a list of the parameters controlled by service profiles and their defaults, see Table 5 on page 228.)
(To display service profile settings, see “Displaying service profile information” (page 275).)
Note. A change to AP security support does not affect management sessions that are
already established. To apply the new setting to an AP, restart the AP.