Hub/Switch Reference Guide
284 AP Commands
NN47250-100 (Version 02.51)
set ap security
Sets security requirements for management sessions between a WSS and its APs.
This feature applies to APs only, not to directly connected APs configured on AP access ports.
Syntax
set ap security {require | optional | none}
Defaults
The default setting is optional.
Access
Enabled.
History
Introduced in WSS Software 4.0.
Option dap removed in 6.0.
Usage
This parameter applies to all APs managed by the switch. If you change the setting to required, the
switch requires APs to have encryption keys. The switch also requires their fingerprints to be verified in WSS
Software. When AP security is required, an AP can establish a management session with the WSS only if its
fingerprint has been verified by you in WSS Software.
A change to AP security support does not affect management sessions that are already established. To apply the new
setting to an AP, restart the AP.
Examples
The following command configures a WSS to require APs to have encryption keys:
WSS# set ap security none
success : change accepted.
See Also
• set ap fingerprint on page 257
• show ap config on page 344
• show ap status on page 358
Note. The maximum transmission unit (MTU) for encrypted AP management traffic is
1498 bytes, whereas the MTU for unencrypted management traffic is 1474 bytes. Make
sure the devices in the intermediate network between the WSS and AP can support the
higher MTU.
require Requires all APs to have encryption keys that have been verified in the
CLI by an administrator. If an AP does not have an encryption key or the
key has not been verified, the WSS does not establish a management
session with the AP.
optional Allows APs to be managed by the switch even if they do not have
encryption keys or their keys have not been verified by an administrator.
Encryption is used for APs that support it.
none Encryption is not used, even for APs that support it.