Installation guide
Basic Configuration
33
5. Configure the Key Settings as needed to set a 256-bit key.
Default (hexadecimal) 256-bit keys for WP2A/CCMP include:
1011121314151617
18191A1B1C1D1E1F
2021222324252627
28292A2B2C2D2E2F
6. Configure the Fast Roaming (802.1x only) field as required to enable additional roaming
and key caching options. This feature is applicable only when using 802.1x EAP
authentication with WPA2/CCMP.
7. Click the Apply button to save the security policy and return to the AP-71XX Quick Setup
screen.
At this point, you can either restrict specific MU access to the access point (using the ACL)
or test the access point for MU interoperability.
3.4.2 Defining an IPSec VPN Tunnel
A secure IPSec VPN tunnel must be established between the AP-7131N-FGR and the external server
providing the access point’s external NTP, syslog or Radius resources. Ensure the IP address of the
external NTP, syslog or Raidus resource is known, as it must be supplied to the access point for the
access point to properly access and communicate with the external resource.
To define the attributes of the VPN tunnel:
256-bit Key Enter 16 hexadecimal characters into each of the four fields.
Pre-Authentication Selecting this option enables an associated MU to carry out an
802.1x authentication with another access point before it roams to
it. The access point caches the keying information of the client until
it roams to the other access point. This enables the roaming client
to start sending and receiving data sooner by not having to do
802.1x authentication after it roams. This feature is only supported
when 802.1x EAP authentication is enabled.
NOTE PMK key caching is enabled internally by default when 802.1x EAP
authentication is enabled.