Wireless
WPS Setup
Cisco Small Business WAP121 and WAP321 Wireless-N Access Point with PoE 100
5
WPS maintains network security by requiring both the users of new client devices
and WLAN administrators to have either physical access to their respective
devices or secure remote access to these devices.
Usage ScenariosThese are typical scenarios for using WPS:
•A user wishes to enroll a client station on a WPS-enabled WLAN. (The
enrolling client device may detect the network, and prompt the user to
enroll, although this is not necessary.) The user triggers the enrollment by
pushing a button on the client device. The WAP device's administrator then
pushes a button on the WAP device. During a brief exchange of WPS
protocol messages, the WAP device supplies the new client with a new
security configuration through Extensible Authentication Protocol (EAP).
The two devices disassociate, and then reassociate and authenticate with
the new settings.
•A user wishes to enroll a client station on a WPS-enabled WLAN by
supplying the WAP device administrator with the PIN of the client device.
The administrator enters this PIN in the configuration utility of the WAP
device and triggers the device enrollment. The new enrollee and the WAP
device exchange WPS messages, including a new security configuration,
disassociate, reassociate, and authenticate.
•A WAP device administrator purchases a new WAP device that has been
certified by the Wi-Fi Alliance to be compliant with WPS version 2.0, and
wishes to add the WAP device to an existing (wired or wireless) network.
The administrator turns on the WAP device, and then accesses a network
host that supports the WPS registration protocol. The administrator enters
the PIN of the WAP device in the configuration utility of this external
registrar, and triggers the WPS registration process. (On a wired LAN, the
WPS protocol messages are transported through Universal Plug and Play,
or UPnP, protocol.) The host registers the WAP as a new network device and
configures the WAP with new security settings.
•A WAP device administrator has just added a new WAP device to an
existing (wireless or wired) network through WPS, and wishes to grant
network access to a new client device. The device is enrolled through
either the PIN or Push-Button Control (PBC) methods described above, but
this time the device enrolls with the external registrar, with the WAP device
acting solely as a proxy.
•A wireless device that does not support WPS must join the WPS-enabled
WLAN. The administrator, who cannot use WPS in this case, instead