User's Manual
Wireless Backhaul Security
Installation and User Guide: Airgo Access Point 137
be sure that all APs are configured with identical SSID and PSK-password. This is necessary
because PSK-password is bound to the SSID. A BP radio in a wireless backhaul network uses the
PSK-password tied to the SSID to authenticate with an uplink AP. Even if you configure the BP
backhaul criteria to include the correct uplink AP SSID, it will not form a backhaul if the SSID on
the downlink AP is different from that of the uplink AP.
The WEP or Open option for backhaul security is compatible with either WEP or Open as the
global security policy. If the global security mode is WEP on the AP and the wireless backhaul
security mode is open or WEP on the BP radio, the backhaul will form with WEP security. If the
global security mode is Open on the AP and the backhaul security mode is WEP or Open on the BP
radio, then the backhaul will form with open security. The WEP or Open option is appropriate for
hotspots, other networks that must support legacy clients, or applications such as hospitality suites
that may have no security requirements.
Table 12 lists the available backhaul security options. For detailed information on these options,
see Chapter 7, “Managing Security.”
Table 12: Wireless Security Settings for AP and BP Radios
Wireless Security (AP) Backhaul Security (BP) Comments
Configuration of Wireless
Security on Uplink AP
Configuration Required for
Backhaul Security on
Downlink AP (Any One of
Following)
Security
Portal
Required
Valid BP Authentication
Modes that will Allow
Backhaul to Form
WPA-
EAP
WPA-
PSK
Open
or
WEP Certif. PSK
Open-
or-
WEP
Enable Disable Disable Enable Disable Disable Y BP->AP->security portal
using WPA-EAP
(Certificate)
Disable
Enable Disable Disable Enable Disable N BP->AP using WPA-PSK
only
Disable Disable
Enable Disable Disable Enable N BP->AP using WEP, OR
BP->AP using Open
Enable Enable Enable Enable Disable Disable Y BP->AP->security portal
using WPA-EAP
(Certificate)
Enable Enable Enable Disable Enable Disable Y BP->AP using WPA-PSK
Enable Enable Enable Disable Disable Enable Y BP->AP using WEP, OR
BP->AP using Open
Enable Enable Disable Enable Disable Disable Y BP->AP->security portal
using WPA-EAP
(Certificate)
Enable Enable Disable Disable Enable Disable Y BP->AP using WPA-PSK
Disable
Enable Enable Disable Enable Disable N BP->AP using WPA-PSK
Disable
Enable Enable Disable Disable Enable N BP->AP using WEP, OR
BP->AP using Open