basically true, i'm not certain it is possible to completely stop your
aps from broadcasting OTAP information, but it is possible to protect
your controllers from rogue ap's attempting to associate.
-Justin
Daniel Husand wrote:
On 25/08/2009 19:16, Justin Hao wrote:
completely because it just imports a random list of controllers from any
nearby otap capable ap. and then it tries every controller on the list
simultaneously. the first controller to respond with an "ok" message is
where the ap will go to download code/configuration info. there are 2
caveats.
How about the following statement taken from
http://supportwiki.cisco.com/ViewWiki/index.php/Understanding_Over-the-Air_Provisioning_%28OTAP%29
"Note: OTAP enabled on the controller indicates to the controller
whether or not to respond to discovery requests with the OTAP bit set.
It does not prevent the LAPs already joined to the controller from
transmitting the controller’s management IP address in the clear in
RRM neighbor packets."
So basically disabling OTAP on the controller does not disable the
discovery done by the APs? If so is it even possible to disable it fully?
--
Justin Hao
Network Engineer
Texas A&M University
Networking and Information Security
[email protected]
(979)862-2162
**********
Participation and subscription information for this EDUCAUSE Constituent Group
discussion list can be found at http://www.educause.edu/groups/.
