No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Rogue Device Device Containment

Configuring Rogue Device Device Containment


After the AP identifies a rogue device, you can configure the APs to contain the rogue device. After the containment mode is set, the APs periodically send control frames to disconnect authorized users from the rogue device or disconnect unauthorized users.

Currently, the AP supports rogue device containment against rogue APs using spoofing SSIDs and open-authentication rogue APs. The monitor AP uses the MAC address of a rogue AP using a spoofing SSID or an open-authentication rogue AP to broadcast deauthentication frames to counter the rogue AP, preventing STAs from connecting to the rogue AP again. After the containment mode is set against rogue STAs or Adhoc devices, the monitor AP uses the MAC address of a rogue device to continuously send unicast deauthentication frames.


  1. Run:


    The system view is displayed.

  2. Run:

    interface wlan-radio wlan-radio-number

    The radio interface view is displayed.

  3. Run:

    wids contain enable

    Rogue device containment is enabled.

    By default, rogue device containment is disabled on an AP radio.

  4. Run:


    Return to the system view.

  5. Run:


    The WLAN view is displayed.

  6. Run:


    The WIDS view is displayed.

  7. Run:

    contain-mode { all | spoof-ssid-ap | client [ blacklist ] | adhoc }

    The rogue device containment mode is configured for APs.

    By default, no containment mode against rogue devices is set.

Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 114129

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next