No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
capwap dtls inter-controller psk

capwap dtls inter-controller psk

Function

The capwap dtls inter-controller psk command configures a pre-shared key (PSK) for DTLS encryption of an inter-AC tunnel.

The undo capwap dtls inter-controller psk command restores the default PSK used for DTLS encryption.

The default username and password are available in WLAN Default Usernames and Passwords (Enterprise Network or Carrier). If you have not obtained the access permission of the document, see Help on the website to find out how to obtain it.

Format

capwap dtls inter-controller psk psk-value

undo capwap dtls inter-controller psk

Parameters

Parameter

Description

Value

psk-value

Specifies a PSK for DTLS encryption.

The value is string of characters. The PSK contains 48 or 68 characters in ciphertext, for example, %^%#u(Oz:BL,QKYZw%-JWC*P8aGC,="C&M'OI*Gmt.V(%^%#, or contains 6 to 32 characters in plaintext, for example, a1234567. The password must contain at least two types of the following: uppercase letters, lowercase letters, digits, and special characters.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After ACs establish a connection, they start a DTLS session. DTLS supports PSK encryption. When a PSK is used for DTLS encryption, you can use this command to change the value of the PSK on the AC.

Follow-up Procedure

Run the capwap dtls inter-controller control-link encrypt command to enable DTLS encryption for an inter-AC control tunnel or run the capwap dtls inter-controller data-link encrypt command to enable DTLS encryption for an inter-AC data tunnel.

Precautions

If you modify the PSK after an inter-AC tunnel is set up, the modification takes effect at the next tunnel setup.

DTLS encryption must be enabled on ACs at both ends of the tunnel, and the ACs must have the same PSK.

It is recommended that you configure the same PSK on the ACs at both ends before enabling DTLS encryption. In this way, the ACs have the same PSK. If you enable DTLS encryption first, and the ACs have different PSKs, DTLS negotiation fails. As a result, the tunnel cannot be set up between the two ACs.

Example

# Configure the PSK a1234567 for DTLS encryption of an inter-AC tunnel.

<AC6605> system-view
[AC6605] capwap dtls inter-controller psk a1234567
Related Topics
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3224633

Downloads: 605

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :