Silex technology SX-500-1402 manual Configuration, Required Setting, WPA2 AES-CCMP

When the module enters an error state, all Data Input and Data Output interfaces are disabled. If an error state is encountered, the LED interface will indicate the error by blinking for several seconds, and then the unit will reset. The unit will not send or receive any data until the reset is complete.

The SX-500 performs cryptographic self tests during initialization after power up or a firmware induced reset. Until the self tests are complete, no data input or output interfaces are active. If the self test fails, the unit will enter an error state.

Configuration

The Cryptographic Officer is responsible for configuring the unit for use in the target environment. See Chapter 3 and Appendix A for instructions on configuring the unit. The peripheral unit (usually a PC) being used to configure the SX-500 must be directly connected to the unit via a crossover cable or local hub which is not connected to any LAN, WLAN or other larger network. This will enable manual transport and electronic entry of secret and private keys (RSA private key and WPA Pre-Shared Key) in a plaintext form. Even if RSA private keys are protected with a PEM passphrase when entered, they are still considered to be in plaintext form.

For the SX-500 to operate in FIPS 140-2 approved mode, the wireless security configuration must be set as follows:

The SX-500 allows other security settings for interoperability in non FIPS 140 environments. However, use of the SX-500 with any settings other than those indicated above is not FIPS 140-2 compliant.