ArubaOS 8.6.0.0 Help Center
You are here: Home > Configuring WLANs > WLAN SSID Profiles

WLAN SSID Profiles

An SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. is the network or WLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. that any client sees. A SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile defines the name of the network, authentication type for the network, basic rates, transmit rates, SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. cloaking, and certain WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). settings for the network.

SSID Profile Overview

ArubaOS supports different types of the AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits., TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard., and WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. encryption. AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. is the most secure and recommended encryption method. Most modern devices are AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. capable and AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. should be the default encryption method. Use TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard. only when the network includes devices that do not support AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits.. In these situations, use a separate SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. for devices that are only capable of TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard..

Suite-B Cryptography

The Suite-B (bSec) protocol is a pre-standard protocol that has been proposed to the IEEEInstitute of Electrical and Electronics Engineers. 802.11802.11 is an evolving family of specifications for wireless LANs developed by a working group of the Institute of Electrical and Electronics Engineers (IEEE). 802.11 standards use the Ethernet protocol and Carrier Sense Multiple Access with collision avoidance (CSMA/CA) for path sharing. committee as an alternative to 802.11i802.11i provides improved encryption for networks that use 802.11a, 802.11b, and 802.11g standards. It requires new encryption key protocols, known as Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES).. The main difference between bSec and standard 802.11i802.11i provides improved encryption for networks that use 802.11a, 802.11b, and 802.11g standards. It requires new encryption key protocols, known as Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES). is that bSec implements Suite-B algorithms wherever possible. Notably, AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits.-CCM is replaced by AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits.-GCM, and the Key Derivation Function (KDF) of 802.11i802.11i provides improved encryption for networks that use 802.11a, 802.11b, and 802.11g standards. It requires new encryption key protocols, known as Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES). is upgraded to support SHASecure Hash Algorithm. SHA is a family of cryptographic hash functions. The SHA algorithm includes the SHA, SHA-1, SHA-2 and SHA-3 variants. -256 and SHASecure Hash Algorithm. SHA is a family of cryptographic hash functions. The SHA algorithm includes the SHA, SHA-1, SHA-2 and SHA-3 variants. -384. In order to provide interoperability with standard Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. software drivers, bSec is implemented as a shim layer between standard 802.11802.11 is an evolving family of specifications for wireless LANs developed by a working group of the Institute of Electrical and Electronics Engineers (IEEE). 802.11 standards use the Ethernet protocol and Carrier Sense Multiple Access with collision avoidance (CSMA/CA) for path sharing. Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. and a Layer 3 protocol such as IP. A managed device configured to advertise a bSec SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. will advertise an open network, however only bSec frames will be permitted on the network.

 

This feature requires the ACR license.

The bSec protocol requires that you use VIAVirtual Intranet Access. VIA provides secure remote network connectivity for Android, Apple iOS, Mac OS X, and Windows mobile devices and laptops. It automatically scans and selects the best secure connection to the corporate network. 2.1.1 or greater on the client device. Consult VIAVirtual Intranet Access. VIA provides secure remote network connectivity for Android, Apple iOS, Mac OS X, and Windows mobile devices and laptops. It automatically scans and selects the best secure connection to the corporate network. documentation for more information on configuring and installing VIAVirtual Intranet Access. VIA provides secure remote network connectivity for Android, Apple iOS, Mac OS X, and Windows mobile devices and laptops. It automatically scans and selects the best secure connection to the corporate network..

The bSec protocol is available in 128-bit mode and 256-bit mode. The number of bits specifies the length of the AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits.-GCM encryption key. Using United States Department of Defense classification terminology, bSec-128 is suitable for protection of information up to the SECRET level, while bSec-256 is suitable for protection of information up to the TOP SECRET level.

Suite-B AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits.-128-GCM and AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits.-256-GCM encryption is supported by the ArubaOS hardware.

Wi-Fi Multimedia Protection

Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. Multimedia (WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK).®) is a Wi-FiWi-Fi is a technology that allows electronic devices to connect to a WLAN network, mainly using the 2.4 GHz and 5 GHz radio bands. Wi-Fi can apply to products that use any 802.11 standard. Alliance® certification program that is based on the IEEEInstitute of Electrical and Electronics Engineers. 802.11e802.11e is an enhancement to the 802.11a and 802.11b specifications that enhances the 802.11 Media Access Control layer with a coordinated Time Division Multiple Access (TDMA) construct. It adds error-correcting mechanisms for delay-sensitive applications such as voice and video. The 802.11e specification provides seamless interoperability between business, home, and public environments such as airports and hotels, and offers all subscribers high-speed Internet access with full-motion video, high-fidelity audio, and VoIP. amendment. WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). ensures QoSQuality of Service. It refers to the capability of a network to provide better service and performance to a specific network traffic over various technologies. for latency-sensitive traffic in the air. WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). divides the traffic into four queues or access categories:

voice

video

best effort

background

Management Frame Protection

ArubaOS supports the IEEEInstitute of Electrical and Electronics Engineers. 802.11w standard, also known as Management Frame Protection (MFP). Management Frame Protection makes it difficult for an attacker to deny service by spoofing Deauth and Disassoc management frames. Management Frame Protection uses 802.11i802.11i provides improved encryption for networks that use 802.11a, 802.11b, and 802.11g standards. It requires new encryption key protocols, known as Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES). (Robust Security Network) framework that establishes encryption keys between the client and AP.

Management Frame Protection is configured on a virtual AP as part of the wlanWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. ssidService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.-profile. SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. that support WPA2Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES. opmode support MFP in all forwarding mode except tunnel mode. SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. that support WPA3 opmode support MFP in tunnel mode only. Two MFP related parameters, mfp-capable and mfp-required, cannot be configured through the CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. or WebUI. ArubaOS automatically configures these parameters based on the opmode.

 

Management Frame Protection can only be enabled on SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. that support WPA2Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES. or WPA3.

High-Efficiency WLAN (HE)

ArubaOS 8.4.0.0 supports the IEEEInstitute of Electrical and Electronics Engineers. 802.11ax standard, also known as High-Efficiency WLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. (HE). HE improves spectrum efficiency and area throughput in dense deployment scenarios of APs or stations in both indoor and outdoor environments. HE enhances the 802.11802.11 is an evolving family of specifications for wireless LANs developed by a working group of the Institute of Electrical and Electronics Engineers (IEEE). 802.11 standards use the Ethernet protocol and Carrier Sense Multiple Access with collision avoidance (CSMA/CA) for path sharing. PHY and MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. channels on both 2.4 GHzGigahertz. and 5 GHzGigahertz. frequency bandsBand refers to a specified range of frequencies of electromagnetic radiation..

HE includes the following features:

Backward compatible with 802.11a802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps./b/g/n/ac.

Better power management for longer battery life.

HE is configured on a virtual AP as part of the WLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile. You can configure the High-efficiency SSID profile from the WebUI. For details, see “High-Efficiency (HE) APs” on page 1 “High-Efficiency (HE) APs” on page 1.

Multi Band Operation (MBO)

MBO enables the network to utilize the available spectrum efficiently, and helps in optimizing connectivity experience for the end-users. MBO, also known as Agile Multiband is a pre-requisite for the 802.11ax certification, therefore any AP or STA that supports 802.11ax will have the MBO capabilities.

MBO helps the APs and STAs exchange information to allow the network utilize the available spectrum efficiently. MBO works to facilitate efficient use of multiple frequency bandsBand refers to a specified range of frequencies of electromagnetic radiation. or channels that are available in the APs and the STAs. Starting from ArubaOS 8.6.0.0, 510 Series, 530 Series, and 550 Series access points support the Agile Multiband.

MBO can be configured using the wlanWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. ssidService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile using the WebUI. For details, see Configuring the SSID Profile

WLAN Ageout Refresh Direction

The refresh direction of an SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile is bidirectional by default. Starting from ArubaOS 8.5.0.0, the refresh direction of the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile can be configured to use either bidirectional, receive-only, or transmit-only data frames. Bidirectional indicates data frames from both directions, receive-only indicates data frames that are received, and transmit-only indicates transmitted data only. You can set the required attribute using wlan ssid-profile refresh-direction command. The receive-only mode does not use any null frames for refresh-direction.

The following procedure describes how to configure WLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. ageout refresh direction.

1. In the Managed Network node hierarchy, navigate to the Configuration > System > Profiles tab.

2. From the All Profiles list, select Wireless LAN > SSID.

3. To edit an existing SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile, select the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile you want to edit. To create a new SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile, click + and enter a name for the new SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile in the Profile name field.

4. Select either RX-only or TX-only from the Station Refresh Direction drop-down list. The Station Refresh Direction uses bidirectional data frames by default.

5. Click Submit.

6. Click Pending Changes.

7. In the Pending Changes window, select the check box and click Deploy Changes.

The following CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. command configures WLANWireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection. ageout refresh direction.

(host) [mynode] (config) #wlan ssid-profile <profile-name> refresh-direction <bidirectional / rx-only / tx-only>

Configuring the SSID Profile

The following procedure describes how to configure the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile:

1. In the Managed Network node hierarchy, navigate to the Configuration > System > Profiles tab.

2. From the All Profiles list, select Wireless LAN > SSID.

3. To edit an existing SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile, select the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile you want to edit. To create a new SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile, click + and enter a name for the new SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile in the Profile name field.

4. Configure your SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. settings. The configuration parameters are described in SSID Profile Parameters.

5. Click Submit.

6. Click Pending Changes.

7. In the Pending Changes window, select the check box and click Deploy Changes.

Table 1: SSID Profile Parameters

Parameter

Description

Advanced

SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. Enable

Click this check box to enable or disable the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.. The SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. is enabled by default.

ESSIDExtended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set.

Name that uniquely identifies a wireless network. The network name, or ESSIDExtended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set. can be up to 32 ASCIIAmerican Standard Code for Information Interchange. An ASCII code is a numerical representation of a character or an action. characters, if it contains unicode, depending on the language, the maximum characters vary. For example, ESSIDExtended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set. could be up to 10 Chinese characters. If the ESSIDExtended Service Set Identifier. ESSID refers to the ID used for identifying an extended service set. includes spaces, you must enclose it in quotation marks.

WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. Passphrase

Enter the WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. passphrase.

If the encryption type is wpa2-psk-aes, enter one of WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. passphrase, WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. Hexkey, or MPSK passphrase. The MPSK passphrase requires MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication against a ClearPass Policy Manager server.

If WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. passphrase, WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. Hexkey, and MPSK passphrase are entered, the MPSK passphrase takes precedence and a client has to use the MPSK passphrase as received from the ClearPass Policy Manager server. The MPSK passphrase requires MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. authentication against a ClearPass Policy Manager server.

If WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. passphrase and WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. Hexkey are configured, that is, the encryption type is not mpsk-aes, only WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. Hexkey is considered.

Encryption

Select one of the following encryption types:

    xSec

Encryption and tunneling of Layer-2 traffic between the controller and wired or wireless clients, or between controllers. To use xSec encryption, you must use a RADIUSRemote Authentication Dial-In User Service. An Industry-standard network access protocol for remote authentication. It allows authentication, authorization, and accounting of remote users who want to access network resources.  authentication server. For clients, you must install the Funk Odyssey client software.

Requires installation of the xSec license. For xSec between managed devices, you must install an xSec license in each managed device.

    enhanced open

Enhanced open encryption with or without PMKPairwise Master Key. PMK is a shared secret key that is generated after PSK or 802.1X authentication.  caching.

    wpa3-sae-aes

WPA3 with AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. encryption using Simultaneous

Authentication of Equals(SAE).

    wpa3-aes-ccm-128

WPA3 with AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. CCM encryption and dynamic keys using 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority..

    wpa3-cnsa

WPA3 with AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. GCM-256 encryption using CNSA (192 bit).

    wpa3-aes-gcm-256

WPA3 with AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. GCM-256 encryption.

    static-wep

WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. with static keys.

    dynamic-wep

WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. with dynamic keys.

    wpa-tkip

WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. with TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard. encryption and dynamic keys using 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority..

    wpa-aes

WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. with AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. encryption and dynamic keys using 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority..

    wpa-psk-tkip

WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. with TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard. encryption using a preshared key.

    wpa-psk-aes

WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. with AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. encryption using a preshared key.

    wpa2-aes

WPA2Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES. with AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. encryption and dynamic keys using 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority..

    wpa2-psk-aes

WPA2Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES. with AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. encryption using a preshared key.

    wpa2-psk-tkip

WPA2Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES. with TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard. encryption using a preshared key.

    wpa2-tkip

WPA2Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES. with TKIPTemporal Key Integrity Protocol. A part of the WPA encryption standard for wireless networks. TKIP is the next-generation Wired Equivalent Privacy (WEP) that provides per-packet key mixing to address the flaws encountered in the WEP standard. encryption and dynamic keys using 802.1X802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority..

   mpsk-aes

MPSK with AESAdvanced Encryption Standard. AES is an encryption standard used for encrypting and protecting electronic data. The AES encrypts and decrypts data in blocks of 128 bits (16 bytes), and can use keys of 128 bits, 192 bits, and 256 bits. encryption.

Opmode transition

Enable backward compatibility for

enhanced-open/wpa3-sae-aes opmodes.

Enable Management Frame Protection

When selected, the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. supports MFP-capable and traditional clients.

Management Frame Protection can only be enabled on SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. that support WPA2Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES..

Require Management Frame Protection

When selected, the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. supports Management Frame Protection-capable clients only.

Management Frame Protection can only be enabled on SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. that support WPA2Wi-Fi Protected Access 2. WPA2 is a certification program maintained by IEEE that oversees standards for security over wireless networks. WPA2 supports IEEE 802.1X/EAP authentication or PSK technology, but includes advanced encryption mechanism using CCMP that is referred to as AES..

DTIMDelivery Traffic Indication Message. DTIM is a kind of traffic indication map. A DTIM interval determines when the APs must deliver broadcast and multicast frames to their associated clients in power save mode. Interval

Specifies the interval, in milliseconds, between the sending of DTIMDelivery Traffic Indication Message. DTIM is a kind of traffic indication map. A DTIM interval determines when the APs must deliver broadcast and multicast frames to their associated clients in power save mode. in the beacon. This is the maximum number of beacon cycles before unacknowledged network broadcasts are flushed. When using wireless clients that employ power management features to sleep, the client must revive at least once during the DTIMDelivery Traffic Indication Message. DTIM is a kind of traffic indication map. A DTIM interval determines when the APs must deliver broadcast and multicast frames to their associated clients in power save mode. period to receive broadcasts

802.11a802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps. Basic Rates

Select the set of supported 802.11a802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps. rates, in MbpsMegabits per second, that are advertised in beacon frames and probe responses.

802.11a802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps. Transmit Rates

Select the set of 802.11a802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps. rates at which the AP is allowed to send data. The actual transmit rate depends on what the client is able to handle, based on information sent at the time of association and on the current error/loss rate of the client.

802.11g802.11g offers transmission over relatively short distances at up to 54 Mbps, compared with the 11 Mbps theoretical maximum of 802.11b standard. 802.11g employs Orthogonal Frequency Division Multiplexing (OFDM), the modulation scheme used in 802.11a, to obtain higher data speed. Computers or terminals set up for 802.11g can fall back to speed of 11 Mbps, so that 802.11b and 802.11g devices can be compatible within a single network. Basic Rates

Select the set of supported 802.11b802.11b is a WLAN standard often called Wi-Fi and is backward compatible with 802.11. Instead of the Phase-Shift Keying (PSK) modulation method used in 802.11 standards, 802.11b uses Complementary Code Keying (CCK) that allows higher data speeds and makes it less susceptible to multipath-propagation interference. 802.11b operates in the 2.4 GHz band and the maximum data transfer rate is 11 Mbps./g rates that are advertised in beacon frames and probe responses.

802.11g802.11g offers transmission over relatively short distances at up to 54 Mbps, compared with the 11 Mbps theoretical maximum of 802.11b standard. 802.11g employs Orthogonal Frequency Division Multiplexing (OFDM), the modulation scheme used in 802.11a, to obtain higher data speed. Computers or terminals set up for 802.11g can fall back to speed of 11 Mbps, so that 802.11b and 802.11g devices can be compatible within a single network. Transmit Rates

Select the set of 802.11b802.11b is a WLAN standard often called Wi-Fi and is backward compatible with 802.11. Instead of the Phase-Shift Keying (PSK) modulation method used in 802.11 standards, 802.11b uses Complementary Code Keying (CCK) that allows higher data speeds and makes it less susceptible to multipath-propagation interference. 802.11b operates in the 2.4 GHz band and the maximum data transfer rate is 11 Mbps./g rates at which the AP is allowed to send data. The actual transmit rate depends on what the client is able to handle, based on information sent at the time of association and on the current error/loss rate of the client.

Station Ageout Time

Time, in seconds, that a client is allowed to remain idle before being aged out.

Station Refresh Direction

The refresh direction the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile. Select RX-only to use Receive-only data frames for refresh direction. Select TX-only to use Transmit-only data frames for refresh direction.

Default: bidirectional.

Max Transmit Attempts

Maximum number of retries allowed for the AP to send a frame.

RTSRequest to Send. RTS refers to the data transmission and protection mechanism used by the 802.11 wireless networking protocol to prevent frame collision occurrences. See CTS. Threshold

Wireless clients transmitting frames larger than this threshold must issue RTSRequest to Send. RTS refers to the data transmission and protection mechanism used by the 802.11 wireless networking protocol to prevent frame collision occurrences. See CTS. and wait for the AP to respond with CTSClear to Send. The CTS refers to the data transmission and protection mechanism used by the 802.11 wireless networking protocol to prevent frame collision occurrences. See RTS. . This helps prevent mid-air collisions for wireless clients that are not within wireless peer range and cannot detect when other wireless clients are transmitting.

Default: 2333

Short Preamble

Click this check box to enable or disable a short preamble for 802.11b802.11b is a WLAN standard often called Wi-Fi and is backward compatible with 802.11. Instead of the Phase-Shift Keying (PSK) modulation method used in 802.11 standards, 802.11b uses Complementary Code Keying (CCK) that allows higher data speeds and makes it less susceptible to multipath-propagation interference. 802.11b operates in the 2.4 GHz band and the maximum data transfer rate is 11 Mbps./g radios. Network performance may be higher when short preamble is enabled. In mixed radio environments, some 802.11b802.11b is a WLAN standard often called Wi-Fi and is backward compatible with 802.11. Instead of the Phase-Shift Keying (PSK) modulation method used in 802.11 standards, 802.11b uses Complementary Code Keying (CCK) that allows higher data speeds and makes it less susceptible to multipath-propagation interference. 802.11b operates in the 2.4 GHz band and the maximum data transfer rate is 11 Mbps. wireless client stations may experience difficulty associating with the AP using short preamble. To use only long preamble, disable short preamble. Legacy client devices that use only long preamble generally can be updated to support short preamble.

Max Associations

Maximum number of wireless clients per radio for the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. (subject to an AP limit of 255 clients per radio).

Default: 64

Wireless Multimedia (WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK).)

Enables or disables WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK)., also known as IEEEInstitute of Electrical and Electronics Engineers. 802.11e802.11e is an enhancement to the 802.11a and 802.11b specifications that enhances the 802.11 Media Access Control layer with a coordinated Time Division Multiple Access (TDMA) construct. It adds error-correcting mechanisms for delay-sensitive applications such as voice and video. The 802.11e specification provides seamless interoperability between business, home, and public environments such as airports and hotels, and offers all subscribers high-speed Internet access with full-motion video, high-fidelity audio, and VoIP. Enhanced Distribution Coordination Function. WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). provides prioritization of specific traffic relative to other traffic in the network.

Wireless Multimedia U-APSDUnscheduled Automatic Power Save Delivery. U-APSD is a part of 802.11e and helps considerably in increasing the battery life of VoWLAN terminals. (WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK).-UAPSD) Powersave

Enable WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). UAPSD powersave.

 

WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). TSPECTraffic Specification. TSPEC allows an 802.11e client or a QoS-capable wireless client to signal its traffic requirements to the AP. Min Inactivity Interval

Specify the minimum inactivity time-out threshold of WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). traffic. This setting is useful in environments where low inactivity interval time-outs are advertised, which may cause unwanted timeouts.

The supported range is 0-3,600,000 milliseconds, and the default value is 0 milliseconds.

DSCPDifferentiated Services Code Point. DSCP is a 6-bit packet header value used for traffic classification and priority assignment. mapping for WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). voice ACAccess Category. As per the IEEE 802.11e standards, AC refers to various levels of traffic prioritization in Enhanced Distributed Channel Access (EDCA) operation mode. The WLAN applications prioritize traffic based on the Background, Best Effort, Video, and Voice access categories. AC can also refer to Alternating Current, a form of electric energy that flows when the appliances are plugged to a wall socket. (0-63)

DSCPDifferentiated Services Code Point. DSCP is a 6-bit packet header value used for traffic classification and priority assignment. used to map WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). voice traffic.

The supported range is 0-63.

DSCPDifferentiated Services Code Point. DSCP is a 6-bit packet header value used for traffic classification and priority assignment. mapping for WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). video ACAccess Category. As per the IEEE 802.11e standards, AC refers to various levels of traffic prioritization in Enhanced Distributed Channel Access (EDCA) operation mode. The WLAN applications prioritize traffic based on the Background, Best Effort, Video, and Voice access categories. AC can also refer to Alternating Current, a form of electric energy that flows when the appliances are plugged to a wall socket. (0-63)

Select the DSCPDifferentiated Services Code Point. DSCP is a 6-bit packet header value used for traffic classification and priority assignment. used to map WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). video traffic.

The supported range is 0-63.

DSCPDifferentiated Services Code Point. DSCP is a 6-bit packet header value used for traffic classification and priority assignment. mapping for WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). best-effort ACAccess Category. As per the IEEE 802.11e standards, AC refers to various levels of traffic prioritization in Enhanced Distributed Channel Access (EDCA) operation mode. The WLAN applications prioritize traffic based on the Background, Best Effort, Video, and Voice access categories. AC can also refer to Alternating Current, a form of electric energy that flows when the appliances are plugged to a wall socket. (0-63)

Select the DSCPDifferentiated Services Code Point. DSCP is a 6-bit packet header value used for traffic classification and priority assignment. value used to map WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). best-effort traffic.

The supported range is 0-63.

DSCPDifferentiated Services Code Point. DSCP is a 6-bit packet header value used for traffic classification and priority assignment. mapping for WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). background ACAccess Category. As per the IEEE 802.11e standards, AC refers to various levels of traffic prioritization in Enhanced Distributed Channel Access (EDCA) operation mode. The WLAN applications prioritize traffic based on the Background, Best Effort, Video, and Voice access categories. AC can also refer to Alternating Current, a form of electric energy that flows when the appliances are plugged to a wall socket. (0-63)

Select the DSCPDifferentiated Services Code Point. DSCP is a 6-bit packet header value used for traffic classification and priority assignment. used to map WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). background traffic.

The supported range is 0-63.

Hide SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.

Select this check box to enable or disable the hiding of the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. name in beacon frames. Note that hiding the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. does very little to increase security.

Deny_Broadcast Probes

When a client sends a broadcast probe request frame to search for all available SSIDsService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network., this option controls whether or not the system responds for this SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.. When enabled, no response is sent and clients have to know the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. in order to associate to the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network.. When disabled, a probe response frame is sent for this SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network..

Local Probe Request Threshold (dBDecibel. Unit of measure for sound or noise and is the difference or ratio between two signal levels.)

Enter the SNRSignal-to-Noise Ratio. SNR is used for comparing the level of a desired signal with the level of background noise. threshold below which incoming probe requests will get ignored. The supported range of values is 0-100 dBDecibel. Unit of measure for sound or noise and is the difference or ratio between two signal levels.. A value of 0 disables this feature.

Disable Probe Retry

Click this check box to enable or disable battery MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. level retries for probe response frames. By default this parameter is enabled, which mean that MACMedia Access Control. A MAC address is a unique identifier assigned to network interfaces for communications on a network. level retries for probe response frames is disabled.

NOTE: This parameter is not supported for 200 Series access points.

Battery Boost

Converts multicast traffic to unicast before delivery to the client, thus allowing you to set a longer DTIMDelivery Traffic Indication Message. DTIM is a kind of traffic indication map. A DTIM interval determines when the APs must deliver broadcast and multicast frames to their associated clients in power save mode. interval. The longer interval keeps associated wireless clients from activating their radios for multicast indication and delivery, leaving them in power-save mode longer and thus lengthening battery life.

This parameter requires the PEFNGPolicy Enforcement Firewall. PEF also known as PEFNG provides context-based controls to enforce application-layer security and prioritization. The customers using Aruba mobility controllers can avail PEF features and services by obtaining a PEF license. PEF for VPN users—Customers with PEF for VPN license can apply firewall policies to the user traffic routed to a controller through a VPN tunnel. license.

WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. Key 1

First static WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. key associated with the key index. Can be 10 or 26 hex characters in length.

WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. Key 2

Second static WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. key associated with the key index. Can be 10 or 26 hex characters in length.

WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. Key 3

Third Static WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. key associated with the key index. Can be 10 or 26 hex characters in length.

WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. Key 4

Fourth Static WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. key associated with the key index. Can be 10 or 26 hex characters in length.

WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. Transmit Key Index

Key index that specifies which static WEPWired Equivalent Privacy. WEP is a security protocol that is specified in 802.11b and is designed to provide a WLAN with a level of security and privacy comparable to what is usually expected of a wired LAN. key is to be used. Can be 1, 2, 3, or 4.

WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. Hexkey

WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. PSKPre-shared key. A unique shared secret that was previously shared between two parties by using a secure channel. This is used with WPA security, which requires the owner of a network to provide a passphrase to users for network access. .

WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. Passphrase

WPAWi-Fi Protected Access. WPA is an interoperable wireless security specification subset of the IEEE 802.11 standard. This standard provides authentication capabilities and uses TKIP for data encryption. passphrase with which to generate a PSKPre-shared key. A unique shared secret that was previously shared between two parties by using a secure channel. This is used with WPA security, which requires the owner of a network to provide a passphrase to users for network access. .

Maximum Transmit Failures

The AP assumes the client has left and should be deauthorized when the AP detects this number of consecutive frames were not delivered because the maximum retry threshold has been exceeded.

BC/MC Rate Optimization

Click this check box to enable or disable scanning of all active stations currently associated to an AP to select the lowest transmission rate for broadcast and multicast frames. This option only applies to broadcast and multicast data frames; 802.11802.11 is an evolving family of specifications for wireless LANs developed by a working group of the Institute of Electrical and Electronics Engineers (IEEE). 802.11 standards use the Ethernet protocol and Carrier Sense Multiple Access with collision avoidance (CSMA/CA) for path sharing. management frames are transmitted at the lowest configured rate.

NOTE: Do not enable this parameter unless instructed to do so by your Aruba technical support representative.

Rate Optimization for delivering EAPOL frames

Click this check box to use a more conservative rate for more reliable delivery of EAPOL frames.

Default: Enabled

Strict Spectralink Voice Protocol (SVPSpectraLink Voice Priority. SVP is an open, straightforward QoS approach that has been adopted by most leading vendors of WLAN APs. SVP favors isochronous voice packets over asynchronous data packets when contending for the wireless medium and when transmitting packets onto the wired LAN.)

Click this check box to enable Strict SVPSpectraLink Voice Priority. SVP is an open, straightforward QoS approach that has been adopted by most leading vendors of WLAN APs. SVP favors isochronous voice packets over asynchronous data packets when contending for the wireless medium and when transmitting packets onto the wired LAN.

802.11g802.11g offers transmission over relatively short distances at up to 54 Mbps, compared with the 11 Mbps theoretical maximum of 802.11b standard. 802.11g employs Orthogonal Frequency Division Multiplexing (OFDM), the modulation scheme used in 802.11a, to obtain higher data speed. Computers or terminals set up for 802.11g can fall back to speed of 11 Mbps, so that 802.11b and 802.11g devices can be compatible within a single network. Beacon Rate

Click this drop-down list to select the beacon rate for 802.11g802.11g offers transmission over relatively short distances at up to 54 Mbps, compared with the 11 Mbps theoretical maximum of 802.11b standard. 802.11g employs Orthogonal Frequency Division Multiplexing (OFDM), the modulation scheme used in 802.11a, to obtain higher data speed. Computers or terminals set up for 802.11g can fall back to speed of 11 Mbps, so that 802.11b and 802.11g devices can be compatible within a single network. (use for DASDistributed Antenna System. DAS is a network of antenna nodes strategically placed around a geographical area or structure for additional cellular coverage. only). Using this parameter in normal operation may cause connectivity problems.

802.11a802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps. Beacon Rate

Click this drop-down list to select the beacon rate for 802.11a802.11a provides specifications for wireless systems. Networks using 802.11a operate at radio frequencies in the 5 GHz band. The specification uses a modulation scheme known as orthogonal frequency-division multiplexing (OFDM) that is especially well suited to use in office settings. The maximum data transfer rate is 54 Mbps. (use for DASDistributed Antenna System. DAS is a network of antenna nodes strategically placed around a geographical area or structure for additional cellular coverage. only). Using this parameter in normal operation may cause connectivity problems.

Video Multicast Rate Optimization

When configured, the managed device chooses the rate for video multicast frames. You can configure MCSModulation and Coding Scheme. MCS is used as a parameter to determine the data rate of a wireless connection for high throughput. rates as well. MCSModulation and Coding Scheme. MCS is used as a parameter to determine the data rate of a wireless connection for high throughput. is an important setting because it provides for potentially greater throughput.

NOTE: The following information displays the MCSModulation and Coding Scheme. MCS is used as a parameter to determine the data rate of a wireless connection for high throughput. rate if the Short guard interval in 20 MHz mode setting in High-throughput SSID profile is either enabled or disabled:

MCS Streams 20 MHz 20 MHz SGI

--- ------- ------ ----------

0 1 6.5 7.2

1 1 13.0 14.4

2 1 19.5 21.7

3 1 26.0 28.9

4 1 39.0 43.3

5 1 52.0 57.8

6 1 58.5 65.0

7 1 65.0 72.2

8 2 13.0 14.4

9 2 26.0 28.9

10 2 39.0 43.3

11 2 52.0 57.8

12 2 78.0 86.7

13 2 104.0 115.6

14 2 117.0 130.0

15 2 130.0 144.4

NOTE: The MCSModulation and Coding Scheme. MCS is used as a parameter to determine the data rate of a wireless connection for high throughput. rates for video multicast are supported in all 802.11n802.11n is a wireless networking standard to improve network throughput over the two previous standards, 802.11a and 802.11g. With 802.11n, there will be a significant increase in the maximum raw data rate from 54 Mbps to 600 Mbps with the use of four spatial streams at a channel width of 40 MHz. -capable APs. This is not supported in 320 Series AP.

Advertise QBSS Load IE

Click this check box to enable the AP to advertise the QBSS load element. The element includes the following parameters that provide information on the traffic situation:

Station count: The total number of stations associated to the QBSS.

Channel utilization: The percentage of time (normalized to 255) the channel is sensed to be busy. The access point uses either the physical or the virtual carrier sense mechanism to sense a busy channel.

Available admission capacity: The remaining amount of medium time (measured as number of 32us/s) available for a station via explicit admission control.

The QAP uses these parameters to decide whether to accept an admission control request. A wireless station uses these parameters to choose the appropriate access points.

NOTE: Ensure that WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). is enabled for legacy APs to advertise the QBSS load element. For 802.11n802.11n is a wireless networking standard to improve network throughput over the two previous standards, 802.11a and 802.11g. With 802.11n, there will be a significant increase in the maximum raw data rate from 54 Mbps to 600 Mbps with the use of four spatial streams at a channel width of 40 MHz. APs, ensure that either WMMWi-Fi Multimedia. WMM is also known as WME. It refers to a Wi-Fi Alliance interoperability certification, based on the IEEE 802.11e standard. It provides basic QoS features to IEEE 802.11 networks. WMM prioritizes traffic according to four ACs: voice (AC_VO), video (AC_VI), best effort (AC_BE), and background (AC_BK). or high throughput is enabled.

Advertise Location Info

When this option is enabled, APs broadcast their location within an IE carried in Beacon frames and Probe Response frames. The AP’s latitude, longitude and altitude can be configured on the Configuration > Wireless> AP Installation page of the managed device WebUI, or using the provision-ap command in the managed device command-line interface.

Advertise AP Name

If this parameter is enabled, APs will broadcast the AP name configured by the ap-name command.

Default: Disabled

Enforce user vlanVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. for open stations

Select this option to restrict data traffic from open stations to the VLANVirtual Local Area Network. In computer networking, a single Layer 2 network may be partitioned to create multiple distinct broadcast domains, which are mutually isolated so that packets can only pass between them through one or more routers; such a domain is referred to as a Virtual Local Area Network, Virtual LAN, or VLAN. assigned to the user. This option is disabled by default.

Enable OKCOpportunistic Key Caching. OKC is a technique available for authentication between multiple APs in a network where those APs are under common administrative control. Using OKC, a station roaming to any AP in the network will not have to complete a full authentication exchange, but will instead just perform the 4-way handshake to establish transient encryption keys.

OKCOpportunistic Key Caching. OKC is a technique available for authentication between multiple APs in a network where those APs are under common administrative control. Using OKC, a station roaming to any AP in the network will not have to complete a full authentication exchange, but will instead just perform the 4-way handshake to establish transient encryption keys. is a similar technique, not defined by 802.11i802.11i provides improved encryption for networks that use 802.11a, 802.11b, and 802.11g standards. It requires new encryption key protocols, known as Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES)., available for authentication between multiple APs in a network where those APs are under common administrative control. An Aruba deployment with multiple APs under the control of a single managed device is one such example. Using OKCOpportunistic Key Caching. OKC is a technique available for authentication between multiple APs in a network where those APs are under common administrative control. Using OKC, a station roaming to any AP in the network will not have to complete a full authentication exchange, but will instead just perform the 4-way handshake to establish transient encryption keys. , a station roaming to any AP in the network will not have to complete a full authentication exchange, but will instead just perform the 4-way handshake to establish transient encryption keys.

General

Enable Agile Multiband (MBO)

Select this option to enable or disable Agile Multiband on the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile.

Advertize Cellular Data Capability attribute of MBO

Select this option for the AP to advertize Cellular Data Capability (CDC) for MBO.

The following CLICommand-Line Interface. A console interface with a command line shell that allows users to execute text input as commands and convert these commands to appropriate functions. command configures the SSIDService Set Identifier. SSID is a name given to a WLAN and is used by the client to access a WLAN network. profile:

(config) #wlan ssid-profile <profile>

/*]]>*/