User manual

ManualsBrandsAlvarion ManualsComputer equipmentBreezeACCESS 4900

151

152

153

154

155

156

157

158

159

160

Chapter 2 - Managing a Single Device/Cell Security Parameters Page

AlvariCRAFT Device Manager 142 User Manual

Promiscuous

Authentication

Applicable only for AU and BU. The Promiscuous Authentication

mode enables a new SU/RB to join an active cell where Shared Key

operation and/or Data Encryption are used, even if this SU/RB does

not have the correct security parameters. In promiscuous mode, all

downlink transmissions (from AU/BU to SU/RB) are not encrypted,

allowing remote configuration of security parameters, regardless of

the current settings in the SU/RB of the parameters related to data

encryption. After a new SU/RB joins the cell it should be remotely

configured with the proper parameters (or upgraded). When the

SU/RB is configured properly, the Promiscuous Mode should be

disabled.

Note: Do not leave the AU/BU in the enabled Promiscuous

Authentication mode for prolonged periods. Use it only when

absolutely necessary, perform the required actions as quickly as

possible and disable it. The unit will return automatically to

Promiscuous Authentication disabled mode after reset.

Multicast Default Key Applicable only for AU and BU. The Multicast Default Key defines the

Key to be used for encrypting/decrypting multicasts and broadcasts

when Data Encryption is enabled.

Available values range from Key #1 to Key #4.

Default Key Applicable only for SU and RB. The Default Key defines the Key to be

used for encrypting/decrypting the authentication messages (Shared

Key mode) and/or data frames (Data Encryption enabled). The

AU/BU learns the Default Key from the SU/RB provided it is one of

the Keys defined in the AU/BU. An AU may use different keys when

authenticating and/or communicating with different SUs.

Available values range from Key #1 to Key #4.

Key #1 to Key #4 Key #1 to Key #4 options enable defining the encryption key to be

used for initializing the pseudo-random number generator that forms

part of the encryption/decryption process. The Keys must be set

before the Shared Key authentication algorithm or Data Encryption

can be used. To support proper operation, both the Key # and the

content must be identical at both sides of a wireless link.

Each Key is a string of 32 hexadecimal numbers. For security

reasons, it is a "write only" parameter, displayed as a string of

asterisks ("*"). The key 000…0 (a string of 32 zeros, which is the

default), means no key.