Enabling secure iapp and secure wireless hops – Allied Telesis AT-WL2411 User Manual
Page 141
AT-WL2411 Version 1.80 Installation and User’s Guide
141
Enabling Secure IAPP and Secure Wireless Hops
Secure IAPP prevents unauthorized AT-WL2411 access points from
joining the spanning tree and it encrypts IAPP frames. If you enable
secure IAPP, when access points communicate with each other through
the radios, they will create secure wireless hops using the Secure
Wireless Authentication Protocol (SWAP). SWAP forces access points to
authenticate each other using an EAP-MD5 challenge.
By default, secure IAPP is disabled. All AT-WL2411 access points have the
same IAPP secret key so they can communicate with each other. You can
enable secure IAPP and secure wireless hops in any type of radio
network.
Note these potential problems:
❑ If you enable secure IAPP on a root access point that is running
software release 1.80 or later and other access points in your
network are running an earlier software release than 1.80, the
access points with the earlier software release will not attach to
the root. The access points with the earlier software release do not
support secure IAPP. If you want to use secure IAPP, upgrade all
access points to software release 1.80.
❑ If you enable secure IAPP on a non-root access point and the root
access point has secure IAPP disabled, the access points will form
separate spanning trees with the same LAN ID. If you want to use
secure IAPP, enable secure IAPP on all access points.
To enable secure IAPP and secure wireless hops, perform the following
procedure:
Note
You do not need to perform this procedure if you are enabling
802.1x authentication in your network. Enabling 802.1x
authentication automatically enables secure IAPP and secure
wireless hops. See
1. From the Main Menu, click Security then 802.1x. The 802.1x screen