Manualshelf

Wireless/Redundant Edge Services xl Module Management and Configuration Guide WS.01.03 or greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
341342343344345346347348349350
6-27
Wireless Network Management
AP Detection
Two types of criteria can define APs as approved:
MAC address
SSID
For example, you can list the MAC address of every AP and RP in your network
(not connected to this module) and allow those addresses. Or you can simply
allow all APs and RPs that are members of one of your network’s WLANs (as
defined by the SSID). These solutions are appropriate only in a relatively
secure environment.
For tighter security, you can force the module to match APs to both a MAC
address and an SSID. For example, a rogue AP might mimic your network’s
SSID; if you allow all APs using that SSID, then you will overlook this security
hazard.
You specify these criteria in a series of up to 200 rules, each identified by an
index number. Each rule can specify one of the following:
one MAC address
one SSID
one MAC address and one SSID
For example, if you want to use hardware-based rules to allow APs, and your
network includes 14 RPs adopted by a different module and two APs, then
you must create 16 rules.
To create a rule, complete the following steps:
1. Select Special Features > Intrusion Detection > Allowed APs. This screen
displays the rules that currently select approved APs, listed in order of
index number.
2. To create a rule, click Add.
3. Enter a value between 1 and 200 in the Index field. Each rule must have a
unique index.
4. Create one of the three types of rules:
a. You can allow an AP with a particular MAC address, no matter what
WLAN it supports, as shown in Figure 6-18. Follow these steps:
i. Select the second field under Radio MAC Address and enter the
address.
ii. Under SSID, keep the selection at Any SSID.