[Huawei-wlan-sec-prof-security-2] security-policy wep
[Huawei-wlan-sec-prof-security-2] quit
l Configure a security policy for security profile security-3.
# Configure 802.1x+PEAP for WPA1 authentication and configure TKIP encryption.
[Huawei-wlan-view] security-profile name security-3
[Huawei-wlan-sec-prof-security-3] wpa authentication-method dot1x peap
encryption-method tkip
[Huawei-wlan-sec-prof-security-3] security-policy wpa
[Huawei-wlan-sec-prof-security-3] quit
l Configure a security policy for security profile security-4.
# Configure 802.1x+PEAP for WPA2 authentication and configure CCMP encryption.
[Huawei-wlan-view] security-profile name security-4
[Huawei-wlan-sec-prof-security-4] wpa2 authentication-method dot1x peap
encryption-method ccmp
[Huawei-wlan-sec-prof-security-4] security-policy wpa2
[Huawei-wlan-sec-prof-security-4] quit
l Configure a security policy for security profile security-5.
# Configure certificate authentication for WAPI authentication.
[Huawei-wlan-view] security-profile name security-5
[Huawei-wlan-sec-prof-security-5] wapi authentication-method certificate
# Configure an ASU server's IP address 10.10.10.1, certificate file huawei-ap.cer of the
AR1200, ASU certificate file huawei-asu.cer, issuer certificate file huawei-issuer.cer,
and private key certificate file huawei-ap.cer.
[Huawei-wlan-sec-prof-security-5] wapi asu ip 10.10.10.1
[Huawei-wlan-sec-prof-security-5] wapi import certificate ap file-name flash:/
huawei-ap.cer
[Huawei-wlan-sec-prof-security-5] wapi import certificate asu file-name flash:/
huawei-asu.cer
[Huawei-wlan-sec-prof-security-5] wapi import certificate issuer file-name
flash:/huawei-issuer.cer
[Huawei-wlan-sec-prof-security-5] wapi import private-key file-name flash:/
huawei-ap.cer
[Huawei-wlan-sec-prof-security-5] security-policy wapi
[Huawei-wlan-sec-prof-security-5] quit
Step 4 Create service sets and VAPs.
l # Create service set ss-1, specify SSID huawei-1 for it, bind traffic profile ctc, security
profile security-1 and WLAN-BSS interface wlan-bss 0 to it, and deliver VAP parameters
to radio 0.
[Huawei-wlan-view] traffic-profile name
ctc
[Huawei-wlan-traffic-prof-ctc] quit
[Huawei-wlan-view] wmm-profile name
wmm-1
[Huawei-wlan-wmm-prof-wmm-1] quit
[Huawei-wlan-view]quit
[Huawei]interface wlan-bss 0
[Huawei-Wlan-Bss0] port hybrid tagged vlan 1
[Huawei-Wlan-Bss0]quit
[Huawei]wlan
[Huawei-wlan-view] radio-profile name radio-1
[Huawei-wlan-radio-prof-radio-1] wmm-profile name wmm-1
[Huawei-wlan-radio-prof-radio-1] quit
[Huawei-wlan-view] service-set name ss-1
[Huawei-wlan-service-set-ss-1] ssid huawei-1
[Huawei-wlan-service-set-ss-1] traffic-profile name ctc
[Huawei-wlan-service-set-ss-1] security-profile name security-1
[Huawei-wlan-service-set-ss-1] wlan-bss 0
[Huawei-wlan-service-set-ss-1] quit
[Huawei-wlan-view] quit
[Huawei] interface wlan-radio 0/0/0
Huawei AR1200 Series Enterprise Routers
Configuration Guide - WLAN 2 WLAN Security Configuration
Issue 03 (2012-01-06) Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
36
To Next Page
Loading...
