38
Step Command Remarks
3. Enable GTK rekey.
gtk-rekey enable
By default, GTK rekey is enabled.
4. Configure GTK rekey
based on packet.
gtk-rekey method
packet-based
[ packet ]
The default packet number is
10000000.
5. Configure the device to
start GTK rekey when a
client goes offline.
gtk-rekey client-offline enable
Optional.
By default, the device does not start
GTK rekey when a client goes
offline.
This command takes effect only
when you execute the
gtk-rekey
enable
command.
Configuring security IE
Security IE configurations comprise WPA security IE configuration and RSN security IE configuration,
both of which require open system authentication.
WPA ensures greater protection than WEP. WPA operates in either WPA-PSK (or Personal) mode or
WPA-802.1X (or Enterprise) mode. In Personal mode, a pre-shared key or pass-phrase is used for
authentication. In Enterprise mode, 802.1X and RADIUS servers and the EAP are used for
authentication.
Configuring WPA security IE
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter WLAN service
template view.
wlan service-template
service-template-number
crypto
N/A
3. Enable the WPA-IE in the
beacon and probe
responses.
security-ie
wpa
By default, WPA-IE is disabled.
Configuring RSN security IE
An RSN is a security network that only allows the creation of robust security network associations
(RSNAs). An RSN can be identified by the indication in the RSN Information Element (IE) of beacon
frames. It provides greater protection than WEP and WPA.
To configure RSN security IE:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enter WLAN service
template view.
wlan service-template
service-template-number
crypto
N/A
3. Enable the RSN-IE in the
beacon and probe
responses.
security-ie
rsn
By default, RSN-IE is disabled.
Configuring cipher suite
A cipher suite is used for data encapsulation and de-encapsulation. It uses the following encryption
methods:
To Next Page
Loading...
Need help?
General
