8 ieee 802.1ab lldp, 9 wips, Ieee 802.1ab lldp – Motorola Series Switch WS5100 User Manual

Overview

1-21

If no response is received from the EAPOL start message, or if the authentication attempt is not successful,
the AP300 continues to transmit Hello messages followed by LoadMe messages. If a parent reply is received
in response to the Hello, then downloading continue normally - without authentication. In this case, you need
not enable or disable the port authentication.

802.1x authentication is conducted:

• At power up

• At an AP300 operator initiated reset (such as pulling Ethernet cable)

• When the switch administrator initiates a reset of the AP300.

• When re-authentication is initiated by the Authenticator (say the switch in between)

Change Username/Password after AP Adoption

Once the AP300 is adopted using 802.1x authentication (say default username/password) OR using a non-
secure access method (hub or switch without 802.1x enabled), use the CLI/SNMP/UI to reconfigure the
username/password combination.

Reset Username/Password to Factory Defaults

To restore the AP300 username/password to factory defaults, adopt the AP300 using a non-secure access
method (a hub or switch without 802.1x enabled), then reconfigure the username/password combination.

The access port does not make use of any parameters (such as MAC based authentication, VLAN based etc.)
configured on Radius Server.

1.2.5.8 IEEE 802.1AB LLDP

The access port implements a Link Layer Discovery Protocol (LLDP) agent and operates in Transmit- mode
only (it only transmits the information about the capabilities and the current status of the local system).

The following modes are not supported:

• Receive-only mode — The LLDP agent can only receive information about the capabilities and the current

status of the remote systems

• Transmit and receive mode — The LLDP agent can transmit the local system capabilities and status

information as well as receive remote system's capabilities and status information.

The LLDP agent uses a high frequency (sending LLDP advertisements every 1 second) only until the AP
receives Hello Response i.e. after the AP sees Hello Response, no LLDPDUs are transmitted by the access
port. After AP has been adopted, the LLDP advertisements are sent at lower frequency (sending LLDP
advertisements every 30 seconds).

On reset (all resets including power-up), an access port sends a LLDP advertisement every time it sends the
"Hello" message. This is in addition to 802.1x EAPOL messages.

LLDP is always enabled and cannot be disabled.

1.2.5.9 WIPS

The Motorola Wireless Intrusion Protection System (WIPS) monitors for any presence of unauthorized rogue
access points. Unauthorized attempts to access the WLAN is generally accompanied by anomalous behavior

NOTE: LLDPDUs are transmitted untagged.