Specifications

Configuring Access Points

9-38 Configuring Access Points

Verifying a Fingerprint on the Switch

ToverifyanAP’sfingerprintonaRoamAbout Switch,usethefollowingcommand:

set dap num fingerprint hex

wherehexisthe16‐digithexadecimalnumberofthefingerprint.Useacolonbetweeneachdigit.

MakesurethefingerprintyouentermatchesthefingerprintusedbytheAP.

Example

ThefollowingexamplesetsthefingerprintforDistributedAP8:

RBT-8100# set dap 8 fingerprint b4:f9:2a:52:37:58:f4:d0:10:75:43:2f:45:c9:52:c3

success: change accepted.

Setting the AP Security Requirement on a RoamAbout Switch

ToconfigureAPsecurityrequirements,usethefollowingcommand:

set dap security {require | optional | none}

TherequireoptionenforcesencryptionofmanagementtrafficforallDistributedAPs,and

requiresthekeyfingerprintstobeconfirmedinMSS.Thenoneoptiondisablesencryptionof

managementtrafficforallDistributedAPs.Thedefaultisoptional,whichallowsconnectionto

APswithorwithoutencryption

Example

ThefollowingcommandconfiguresaRoamAboutSwitchtorequireDistributedAPstohave

encryptionkeys:

RBT-8100# set dap security require

Fingerprint Log Message

IfAPencryptionisoptional,andanAPwhosefingerprinthasnotbeenverifiedinMSSestablishes

amanagementsessionwiththeRoamAboutSwitch,MSSgeneratesalogmessagesuchasthe

following:

DAP-HS:(secure optional)configure DAP 0335301065 with fingerprint

c6:98:9c:41:32:ab:37:09:7e:93:79:a4:ca:dc:ec:fb

ThemessageliststheserialnumberandfingerprintoftheAP.Youcancheckthisinformation

againstyourrecordstoverifythattheAPisauthentic.

Note: A change to AP security support does not affect management sessions that are already

established. To apply the new setting to an AP, restart the AP.