No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the STA Blacklist and Whitelist

Configuring the STA Blacklist and Whitelist

STA blacklist and whitelist are used to control access from wireless terminals. You can add trusted STAs to a whitelist profile to allow their access to the WLAN and add suspected and problematic STAs to a blacklist profile to forbid their access to the WLAN.

Pre-configuration Tasks

Before configuring STA blacklist and whitelist, configure basic WLAN services.

Procedure

STA blacklist and whitelist are configured using profiles. Figure 25-35 shows the configuration flowchart.

Figure 25-35  STA blacklist and whitelist configuration flowchart

The configuration procedure is as follows:

Configuring a STA Whitelist Profile

Context

A STA whitelist profile contains MAC addresses of STAs allowed to connect to the WLAN. To allow only some STAs to connect to the WLAN, configure a STA whitelist profile and apply the STA whitelist profile to an AP system profile or a VAP profile.

The effective scope of the STA whitelist profile differs according to the profiles to which it is applied.
  • AP system profile: The STA whitelist profile takes effect based on the AP. APs using the AP system profile will use the STA whitelist. The STA whitelist profile takes effect on all STAs connected to the APs (all VAPs).
  • VAP profile: The STA whitelist profile takes effect based on the VAP. If the STA whitelist profile is applied to an AP, the STA whitelist profile applies only to STAs connected to the corresponding VAPs.

If the STA blacklist or whitelist profiles are configured in both an AP system profile and a VAP profile, a STA can connect to the WLAN only when it is permitted by both the configuration in the AP system profile and VAP profile.

NOTE:
If a STA whitelist profile is empty, no STA can connect to the WLAN to access network resources.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    wlan

    The WLAN view is displayed.

  3. Run:

    sta-whitelist-profile name profile-name

    A STA whitelist profile is created and the STA whitelist profile view is displayed.

    By default, no STA whitelist profile is created.

  4. Run:

    sta-mac mac-address

    The MAC address of a STA is added.

    You can configure a maximum of 32768 STA MAC addresses in a STA whitelist profile.

    By default, the MAC address of a STA is not added to the whitelist.

Configuring a STA Blacklist Profile

Context

A STA blacklist profile contains MAC addresses of wireless terminals forbidden to connect to the WLAN. To forbid some STAs to connect to the WLAN, configure a STA blacklist profile and apply the STA blacklist profile to an AP system profile or a VAP profile.

The effective scope of the STA blacklist profile differs according to the profiles to which it is applied.
  • AP system profile: The STA blacklist profile takes effect based on the AP. APs using the AP system profile will use the STA blacklist profile. The STA blacklist profile takes effect on all STAs connected to the APs (all VAPs).
  • VAP profile: The STA blacklist profile takes effect based on the VAP. If the STA blacklist profile is applied to an AP, the STA blacklist profile applies only to STAs connected to the corresponding VAPs.

If the STA blacklist or whitelist profiles are configured in both an AP system profile and a VAP profile, a STA can connect to the WLAN only when it is permitted by both the configuration in the AP system profile and VAP profile.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    wlan

    The WLAN view is displayed.

  3. Run:

    sta-blacklist-profile name profile-name

    A STA blacklist profile is created and the STA blacklist profile view is displayed.

    By default, no STA blacklist profile is created.

  4. Run:

    sta-mac mac-address

    The MAC address of a STA is added.

    You can configure a maximum of 32768 STA MAC addresses in a STA blacklist profile.

    By default, the MAC address of a STA is not added to the blacklist.

Applying the Configuration to a VAP Profile or an AP system profile

Context

You can configure multiple STA whitelist and blacklist profiles on the device and apply the profiles to different VAP profiles or AP system profiles. In a VAP profile or AP system profile, either the STA whitelist profile or STA blacklist profile takes effect at one time.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    wlan

    The WLAN view is displayed.

  3. Apply the configuration to make it take effect.

    • Applying the configuration to a VAP profile

      1. Run the vap-profile name profile-name command to enter the VAP profile view.

      2. Run the sta-access-mode { blacklist | whitelist } profile-name command to specify whether the STA blacklist or STA whitelist profile takes effect.

        By default, no STA blacklist or whitelist profile applies to a VAP profile.

    • Applying the configuration to an AP system profile.

      1. Run the ap-system-profile name profile-name command to enter the AP system profile view.
      2. Run the sta-access-mode { blacklist | whitelist } profile-name command to specify whether the STA blacklist or STA whitelist profile takes effect.

        By default, no STA blacklist or whitelist profile is bound to an AP system profile.

Checking the Configuration

Context

After the STA blacklist and whitelist configuration is complete, you can check STA whitelist and blacklist profiles on the device, including their configuration and profile reference information.

Procedure

  • Run the display sta-whitelist-profile { all | name profile-name } command to check information about the STA whitelist profile.
  • Run the display sta-blacklist-profile { all | name profile-name } command to check information about the STA blacklist profile.
  • Run the display references sta-whitelist-profile name profile-name command to check reference information about the STA whitelist profile.
  • Run the display references sta-blacklist-profile name profile-name command to check reference information about the STA blacklist profile.
Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 115583

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next