User guide
Managing security Chapter 7: Operation
7-54
phn-2513_004v000 (Oct 2012)
Unprotected link
To change the AES encryption key for an unprotected link, proceed as follows:
1
Select menu option Configuration. The System Configuration page is displayed
(Figure 172).
2
If the encryption attributes are not displayed, or if the Encryption Key attribute
is set to ‘None’, see Configuring AES encryption on page 6-29.
3
Update the Encryption Key attribute.
4
Select Submit Updated System Configuration. The Configuration Change
Reboot dialog is displayed.
5
Select Reboot Wireless Unit. The Reboot Confirmation dialog is displayed.
6
Select OK. The reboot progress message is displayed. On completion, the unit
restarts with AES encryption enabled, using the new key.
1+1 Hot Standby link
This procedure must be performed for all units. When upgrading each pair of units, then
either the web interface can be opened simultaneously for each CMU, or the remote
system can be configured and then the local system configured.
Before changing encryption keys, check that no alarms are outstanding for the units to be
upgraded. See Managing alarms on page 7-15.
It is expected that this procedure will normally take place from an initial status of
Primary to Primary, especially for an asymmetric coupler or for a protected antenna when
the inactive unit has a lower capacity.
To change the AES encryption key for a 1+1 Hot Standby link, proceed as follows:
1
Disable local and remote protection switching, as described in Enabling and
disabling fault protection on page 7-43.
2
Force a protection switch at the local end of the wireless link, as described in
Forcing protection switches on page 7-37, so that the link is operating between
a primary and a secondary unit.
3
Change AES Encryption keys for both inactive PTP 800 units, as defined in
Unprotected link on page 7-54.
If an incorrect encryption key is entered at the remote end, then it may be
necessary to go to the remote end to correct the encryption key.