Owners manual
Figure 97 Adding anIAP in VisualRF
PSK-based and Certificate-based Authentication
On the DHCP server, two formats for option 43 are supported:
l <organization>,<ams-ip>,<ams-key>— If you choose this format, the IAP authenticates the AirWave
Management Platform server using the Pre-Shared Key (PSK) login process.
l <organization>,<ams-domain>— If you choose this format, the IAP resolves the AirWave domain name into
one or two IP addresses as AirWave Primary or AirWave Backup, and then IAP starts a certificate-based
authentication with AirWave Management platform server, instead of the PSK login. When the AirWave
Management platform domain name is used, the IAP performs certificate-based authentication with the AirWave
Management platform server. The IAP initiates an SSL connection with the AirWave server. The AirWave server
verifies the signature and public key certificate from the IAP. If the signature matches, the AirWave responds to
the IAP with the login request.
Configurable Port for IAP and AirWave Management Server Communication
You can now customize the port number of the AirWave management server through the server_host:server_port
format, for example, amp.aruba.com:4343.
Configuring Organization String
The Organization string is a set of colon-separated strings created by the AirWave administrator to accurately
represent the deployment of each IAP. This string is defined by the installation personnel on the site.
You can use any of the following strings:
l AMP Role— "Org Admin" (initially disabled)
l AMP User— "Org Admin" (assigned to the role "Org Admin")
l Folder— "Org" (under the Top folder in AMP)
l Configuration Group— "Org"
You can also assign additional strings to create a hierarchy of sub folders under the folder named "Org". For
example:
n subfolder1 for a folder under the "Org" folder
n subfolder2 for a folder under subfolder1
Aruba Instant 6.4.0.2-4.1 | User Guide IAP Management and Monitoring | 278