Chapter 7 Wireless
VMG1312-B Series User’s Guide
121
Figure 48
How WPS works
The roles of registrar and enrollee last only as long as the WPS setup process is active (two
minutes). The next time you use WPS, a different device can be the registrar if necessary.
The WPS connection process is like a handshake; only two devices participate in each WPS
transaction. If you want to add more devices you should repeat the process with one of the existing
networked devices and the new device.
Note that the access point (AP) is not always the registrar, and the wireless client is not always the
enrollee. All WPS-certified APs can be a registrar, and so can some WPS-enabled wireless clients.
By default, a WPS devices is “unconfigured”. This means that it is not part of an existing network
and can act as either enrollee or registrar (if it supports both functions). If the registrar is
unconfigured, the security settings it transmits to the enrollee are randomly-generated. Once a
WPS-enabled device has connected to another device using WPS, it becomes “configured”. A
configured wireless client can still act as enrollee or registrar in subsequent WPS connections, but a
configured access point can no longer act as enrollee. It will be the registrar in all subsequent WPS
connections in which it is involved. If you want a configured AP to act as an enrollee, you must reset
it to its factory defaults.
7.10.9.4
Example WPS Network Setup
This section shows how security settings are distributed in an example WPS setup.
The following figure shows an example network. In step
1
, both
AP1
and
Client 1
are
unconfigured. When WPS is activated on both, they perform the handshake. In this example,
AP1
is the registrar, and
Client 1
is the enrollee. The registrar randomly generates the security
information to set up the network, since it is unconfigured and has no existing information.
SECURE TUNNEL
SECURITY INFO
WITHIN 2 MINUTES
COMMUNICATION
ACTIVATE
WPS
ACTIVATE
WPS
WPS HANDSHAKE
REGISTRAR
ENROLLEE