Encryption key fingerprint, Encryption options – 3Com WX4400 3CRWX440095A User Manual

230

C

HAPTER

10: C

ONFIGURING

MAP A

CCESS

P

OINTS

The maximum transmission unit (MTU) for encrypted MAP management
traffic is 1498 bytes, whereas the MTU for unencrypted management
traffic is 1474 bytes. Make sure the devices in the intermediate network
between the WX switch and Distributed MAP can support the higher MTU.

Encryption Key Fingerprint

MAPs are configured with an encryption key pair at the factory. The
fingerprint for the public key is displayed on a label on the back of the
MAP, in the following format:

RSA
aaaa:aaaa:aaaa:aaaa:
aaaa:aaaa:aaaa:aaaa

If the MAP is already installed, you can display the fingerprint in MSS.
(See “Finding the Fingerprint” on page 231.)

Encryption Options

By default, a WX can configure and manage a Distributed MAP regardless
of whether the MAP has an encryption key, and regardless of whether
you have confirmed the fingerprint by setting it in MSS.

You can configure a WX to require Distributed MAPs to have an
encryption key. In this case, the WX also requires their fingerprints to be
confirmed in MSS. When MAP security is required, a MAP can establish a
management session with the WX only if its fingerprint has been
confirmed in MSS.

If you do not want any MAPs to use encryption for management
information, you can disable the feature.