A WLAN-BSS interface is created.
Step 3 Run:
{ dot1x-authentication | mac-authentication } enable
The authentication mode is configured on the WLAN-BSS interface.
NOTE
l The dot1x-authentication keyword must be configured when WPA/WPA2-dot1x authentication is
used.
l The mac-authentication keyword must be configured when WPA/WPA2-PSK authentication is used.
In this authentication mode, MAC address authentication and WPA/WPA2-PSK authentication are
performed in sequence for WLAN users.
Step 4 Run:
dot1x authentication-method { chap | pap | eap }
The dot1x authentication method is configured.
By default, the Challenge Handshake Authentication Protocol (CHAP) authentication is used.
NOTE
When the dot1x authentication method is set to chap or pap, no guest VLAN or restrict VLAN can be
configured on the interface.
Step 5 (Optional) Run:
dot1x authentication domain domain-name
An AAA domain is bound to the WLAN-BSS interface.
----End
1.4.3 Configuring a Security Policy
A security policy specifies the authentication mode for WLAN users.
Context
WLAN supports the following authentication modes: Wired Equivalent Privacy (WEP)
authentication, Wi-Fi Protected Access (WPA) authentication, WPA2 authentication, and
WLAN Authentication and Privacy Infrastructure (WAPI) authentication.
Procedure
Step 1 Run:
system-view
The system view is displayed.
Step 2 Run:
wlan
The WLAN view is displayed.
Step 3 Run:
security-profile { id profile-id | name profile-name }
*
A security profile is created.
Huawei AR1200 Series Enterprise Routers
Configuration Guide - WLAN 1 WLAN Configuration
Issue 03 (2012-01-06) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
13
To Next Page
Loading...
