No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
capwap dtls data-link encrypt (AP system profile view)

capwap dtls data-link encrypt (AP system profile view)

Function

The capwap dtls data-link encrypt command enables or disables CAPWAP data tunnel encryption using DTLS.

The undo capwap dtls data-link encrypt command restores the configuration in the system view.

By default, CAPWAP data tunnel encryption using DTLS is disabled.

Format

capwap dtls data-link encrypt { enable | disable }

undo capwap dtls data-link encrypt

Parameters

Parameter Description Value
enable Enables CAPWAP data tunnel encryption using DTLS. -
disable Disables CAPWAP data tunnel encryption using DTLS. -

Views

AP system profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When the data forwarding mode is tunnel forwarding, service data packets between an AP and an AC are transmitted over a CAPWAP data tunnel. To improve service data security, you can run the capwap dtls data-link encrypt enable command to enable CAPWAP data tunnel encryption using DTLS. This configuration ensures that packets are encrypted and then transmitted over the CAPWAP data tunnel.

Configuration Impact

After this command is executed, all the APs that go online the AC, reference the AP system profile, and support this function will restart. Therefore, exercise caution when using this command.

Precautions

When VRRP hot backup is being enabled or the AP is being upgraded, it is not allowed to change the enabling status of CAPWAP data tunnel encryption using DTLS.

This configuration takes effect for the APs that go online on the AC and support this function. The configuration in the AP system profile view takes precedence over that in the system view.

This function takes effect only when the data forwarding mode is tunnel forwarding.

When the AP system profile is referenced in the AP view or AP group view, APs need to be restarted if the enabling status of CAPWAP data tunnel encryption using DTLS is changed. If the AP system profile is referenced in the AP group view, it takes a long period to restart APs.

Example

# Enable CAPWAP data tunnel encryption using DTLS in the AP system profile system1.

<AC6605> system-view
[AC6605] wlan
[AC6605-wlan-view] ap-system-profile name system1
[AC6605-wlan-ap-system-prof-system1] capwap dtls data-link encrypt enable
Info: This function is supported only by APs with hardware encryption and decryption capabilities.
Warning: This operation will reset the APs that reference this profile. Continue? [Y/N]:y
Related Topics
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3162810

Downloads: 593

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :