Installation guide

ManualsBrandsMotorola ManualsComputer equipmentRFS7000 Series

131

132

133

134

135

136

137

138

139

140

Network Setup

4-54

Only broadcast key changes when required to reduce the transmissions of sensitive key information.

This value is enabled by default.

6. Refer to the Update broadcast keys every field to specify a time period (in seconds) for

broadcasting encryption-key changes to MUs.

Set key broadcasts to a shorter interval (at least 60 seconds) for tighter security on wireless

connections. Set key broadcasts to a longer interval (at most, 86400 seconds) to extend key times for

wireless connections. The default is 7200 seconds.

7. Configure the Key Settings field as needed to set an ASCII Passphrase and key values.

Default (hexadecimal) 256-bit keys for WPA/TKIP include:

• 1011121314151617

• 18191A1B1C1D1E1F

• 2021222324252627

• 28292A2B2C2D2E2F

8. Optionally select one of the following from within the Fast Roaming (8021x only) field.

9. Refer to the Status field for the current state of the requests made from applet. This field displays

error messages if something goes wrong in the transaction between the applet and the switch.

ASCII Passphrase To use an ASCII passphrase (and not a hexadecimal value), select

the checkbox and enter an alphanumeric string of 8 to 63

characters. The alphanumeric string allows character spaces. The

switch converts the string to a numeric value. This passphrase

saves the administrator from entering the 256-bit key each time

keys are generated.

256-bit Key To use a hexadecimal value (and not an ASCII passphrase), select

the checkbox and enter 16 hexadecimal characters into each of the

four fields displayed.

PMK Caching Select Pairwise Master Key (PMK) caching to create a shared key

between a client device and its authenticator. When a client roams

between devices, the client’s credentials no longer need to

completely reauthenticated (a process that can take up to 100

milliseconds). In the instance of a voice session, the connection

would likely be terminated if not using a PMK. PMK cache entries

are stored for a finite amount of time, as configured on the wireless

client.

Opportunistic Key

Caching

Opportunistic Key Caching allows the switch to use a PMK

derived with a client on one access port with the same client when

it roams over to another access port. Upon roaming, the client does

not have to conduct 802.1x authentication and can start

sending/receiving data sooner.

Pre-Authentication Selecting the Pre-Authentication option enables an associated

MU to carry out an 802.1x authentication with another switch (or

device) before it roams to it. This enables the roaming client to

send and receive data sooner by not having to conduct an 802.1x

authentication after roaming. This is only supported when 802.1x

EAP authentication is enabled.