Overview 1-21

If no response is received from the EAPOL start message, or if the authentication attempt is not successful, the AP300 continues to transmit Hello messages followed by LoadMe messages. If a parent reply is received in response to the Hello, then downloading continue normally - without authentication. In this case, you need not enable or disable the port authentication.

802.1x authentication is conducted:

At power up

At an AP300 operator initiated reset (such as pulling Ethernet cable)

When the switch administrator initiates a reset of the AP300.

When re-authentication is initiated by the Authenticator (say the switch in between)

Change Username/Password after AP Adoption

Once the AP300 is adopted using 802.1x authentication (say default username/password) OR using a non- secure access method (hub or switch without 802.1x enabled), use the CLI/SNMP/UI to reconfigure the username/password combination.

Reset Username/Password to Factory Defaults

To restore the AP300 username/password to factory defaults, adopt the AP300 using a non-secure access method (a hub or switch without 802.1x enabled), then reconfigure the username/password combination.

The access port does not make use of any parameters (such as MAC based authentication, VLAN based etc.) configured on Radius Server.

1.2.5.8IEEE 802.1AB LLDP

The access port implements a Link Layer Discovery Protocol (LLDP) agent and operates in Transmit- mode only (it only transmits the information about the capabilities and the current status of the local system).

The following modes are not supported:

Receive-only mode — The LLDP agent can only receive information about the capabilities and the current status of the remote systems

Transmit and receive mode — The LLDP agent can transmit the local system capabilities and status information as well as receive remote system's capabilities and status information.

The LLDP agent uses a high frequency (sending LLDP advertisements every 1 second) only until the AP receives Hello Response i.e. after the AP sees Hello Response, no LLDPDUs are transmitted by the access port. After AP has been adopted, the LLDP advertisements are sent at lower frequency (sending LLDP advertisements every 30 seconds).

On reset (all resets including power-up), an access port sends a LLDP advertisement every time it sends the "Hello" message. This is in addition to 802.1x EAPOL messages.

NOTE: LLDPDUs are transmitted untagged.

LLDP is always enabled and cannot be disabled.

1.2.5.9 WIPS

The Motorola Wireless Intrusion Protection System (WIPS) monitors for any presence of unauthorized rogue access points. Unauthorized attempts to access the WLAN is generally accompanied by anomalous behavior

Page 31
Image 31
Motorola WS5100 Change Username/Password after AP Adoption, Reset Username/Password to Factory Defaults, Ieee 802.1AB Lldp