Filter
Top Products
set ap security 395
set ap security Sets security requirements for management sessions between a WX and
its Distributed MAPs.
This feature applies to Distributed MAPs only, not to directly connected
MAPs configured on MAP access ports.
The maximum transmission unit (MTU) for encrypted MAP management
traffic is 1498 bytes, whereas the MTU for unencrypted management
traffic is 1474 bytes. Make sure the devices in the intermediate network
between the WX switch and Distributed MAP can support the higher
MTU.
Syntax —
set ap security secsetting {require | optional |
none}
securitiy secsetting — Name of the security security setting.
require — Requires all Distributed MAPs to have encryption keys
that have been verified in the CLI by an administrator. If a MAP does
not have an encryption key or the key has not been verified, the WX
does not establish a management session with the MAP.
optional — Allows MAPs to be managed by the switch even if they
do not have encryption keys or their keys have not been verified by an
administrator. Encryption is used for MAPs that support it.
none — Encryption is not used, even for MAPs that support it.
Defaults — The default setting is optional.
Access — Enabled.
History —Introduced in MSS 4.0. Version 6.0 removed the dap option.
Usage — This parameter applies to all Distributed MAPs managed by the
WX. If you change the setting to required, the WX requires Distributed
MAPs to have encryption keys. The WX also requires their fingerprints to
be verified in MSS. When MAP security is required, a MAP can establish a
management session with the WX only if its fingerprint has been verified
by you in MSS.
A change to MAP security support does not affect management sessions
that are already established. To apply the new setting to a MAP, restart
the MAP.