Configuring Mint Protocol - Motorola WiNG 5.5 Reference Manual

5.2.13.2 Configuring MINT Protocol

Advanced Profile Configuration
MINT provides the means to secure access point profile communications at the transport layer. Using MINT, an access point
can be configured to only communicate with other authorized (MINT enabled) access points of the same model.
Virtual Controller AP managed access points can communicate with each other exclusively over a MINT security domain. Keys
can also be generated externally using any application (like openssl). These keys must be present on the access point managing
the domain for key signing to be integrated with the UI. A MAP device that needs to communicate with another first negotiates
a security context with that device. The security context contains the transient keys used for encryption and authentication. A
secure network requires users know about certificates and PKI. However, administrators do not need to define security
parameters for access points to be adopted (secure WISPe being an exception, but that isn't a commonly used feature). Also,
users can replace any device on the network or move devices around and they continue to work. Default security parameters
for MINT are such that these scenarios continue to function as expected, with minimal user intervention required only when a
new network is deployed.
To define an access point profile's MINT configuration:
1. Select MINT Protocol
2. Refer to the Area Identifier
Level 1 Area ID
from the expanded Advanced
Figure 5-102 Advanced Profile Configuration - MINT Protocol screen - Settings tab
field to define the Level 1 Area IDs used by the profile's MINT configuration.
Select this option to enable a spinner control for setting the Level 1 Area ID from 1 -
4,294,967,295. The default value is disabled.
menu. The Settings tab displays by default.
Device Configuration 5 - 165