Wireless
WPS Setup
Cisco Small Business WAP551 and WAP561 Wireless-N Access Point 97
5
The WAP devices act as AP devices and support a built-in registrar. They do not
function as an enrollee.
The administrator can enable or disable WPS on only one VAP. WPS is operational
only if this VAP meets these conditions:
The WAP device is configured to broadcast the VAP SSID.
MAC address filtering is disabled on the VAP.
WEP encryption is disabled on the VAP.
The VAP is configured to use either WPA-Personal security or none. If
WPA2-PSK encryption mode is enabled, then a valid pre-shared key (PSK)
must be configured and CCMP (AES) encryption must be enabled.
The VAP is operationally enabled.
WPS is operationally disabled on the VAP if any of these conditions are not met.
NOTE Disabling WPS on a VAP does not cause disassociation of any clients previously
authenticated through WPS on that VAP.
It is not necessary for the WAP devices to handle the registration of clients on the
network themselves. The WAP device can either use its built-in registrar, or act as
a proxy for an external registrar. The external registrar may be accessed through
the wired or wireless LAN. An external registrar may also configure the SSID,
encryption mode, and public shared key of a WPS-enabled BSS. This capability is
very useful for out-of-box deployments; that is, when an administrator simply
attaches a new WAP device to a LAN for the first time.
If the WAP device is using a built-in registrar, it enrolls new clients using the
configuration of the VAP associated with the WPS service, whether this
configuration was configured directly on the WAP device or acquired by an
external registrar through WPS.
Push-button Control
The WAP device enrolls 802.11 clients through WPS by one of two methods: the
Push-Button Control (PBC) method, or the Personal Identification Number (PIN)
method.