ZyWALL Series CLI Reference Guide
93
[no] accounting interim-
interval <1..1440>
Sets the time interval for how often the AP is to send an interim
update message with current client statistics to the accounting
server. Use the no parameter to clear the interval setting.
[no] accounting interim-update
Sets the AP to send accounting update messages to the
accounting server at the specified interval. Use the no
parameter to disable it.
description description
Sets the description for the profile. You may use up to 60
alphanumeric characters, underscores (_), or dashes (-). This
value is case-sensitive
[no] dot11r activate
Turns on IEEE 802.11r fast roaming on the AP. Use the no
parameter to turn it off.
[no] dot11r over-the-ds
activate
Sets the clients to communicate with the target AP through the
current AP. The communication between the client and the
target AP is carried in frames between the client and the
current AP, and is then sent to the target AP through the wired
Ethernet connection.
Use the no parameter to have the clients communicate
directly with the target AP.
[no] dot1x-eap
Enables 802.1x secure authentication. Use the no parameter to
disable it.
[no] dot11w
Data frames in 802.11 WLANs can be encrypted and
authenticated with WEP, WPA or WPA2. But 802.11
management frames, such as beacon/probe response,
association request, association response, de-authentication
and disassociation are always unauthenticated and
unencrypted. IEEE 802.11w Protected Management Frames
allows APs to use the existing security mechanisms (encryption
and authentication methods defined in IEEE 802.11i WPA/
WPA2) to protect management frames. This helps prevent
wireless DoS attacks.
Enables management frame protection (MFP) to add security
to 802.11 management frames. Use the no parameter to
disable it.
dot11w-op <1..2>
Sets whether wireless clients have to support management
frame protection in order to access the wireless network.
1: if you do not require the wireless clients to support MFP.
Management frames will be encrypted if the clients support
MFP.
2: wireless clients must support MFP in order to join the AP’s
wireless network.
eap {external | internal
auth_method}
Sets the 802.1x authentication method.
group-key <30..30000>
Sets the interval (in seconds) at which the AP updates the
group WPA/WPA2 encryption key.
The default is 3000.
idle <30..30000>
Sets the idle interval (in seconds) that a client can be idle
before authentication is discontinued.
The default is 300.
[no] internal-eap-proxy
activate
Allows the Zyxel Device to act as a proxy server and forward
the authentication packets to the connected RADIUS server.
Use the no parameter to disable it.
Table 25 Command Summary: Security Profile (continued)
COMMAND DESCRIPTION
To Next Page
Loading...
