C
HAPTER
27
| Wireless Security Commands
– 219 –
pmksa-lifetime This command sets the time for aging out cached WPA2 Pairwise Master
Key Security Association (PMKSA) information for fast roaming.
SYNTAX
pmksa-lifetime <minutes>
minutes - The time for aging out PMKSA information.
(Range: 0 - 14400 minutes)
DEFAULT SETTING
720 minutes
COMMAND MODE
Interface Configuration (Wireless-VAP)
COMMAND USAGE
â—† WPA2 provides fast roaming for authenticated clients by retaining keys
and other security information in a cache, so that if a client roams away
from an access point and then returns reauthentication is not required.
â—† When a WPA2 client is first authenticated, it receives a Pairwise Master
Key (PMK) that is used to generate other keys for unicast data
encryption. This key and other client information form a Security
Association that the access point names and holds in a cache. The
lifetime of this security association can be configured with this
command. When the lifetime expires, the client security association
and keys are deleted from the cache. If the client returns to the access
point, it requires full reauthentication.
EXAMPLE
AP(if-wireless 0: VAP[0])# pmksa-lifetime 600
This setting has not been effective !
If want to take effect, please execute make-security-effective command !
AP(if-wireless 0: VAP[0])#
make-security-
effective
This command implements all wireless security changes made in the
current CLI session.
SYNTAX
make-security-effective
DEFAULT SETTING
None
COMMAND MODE
Interface Configuration (Wireless-VAP)
To Next Page
Loading...
Need help?
General
