No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
security wapi

security wapi

Function

The security wapi command configures the WAPI authentication mode.

The undo security command restores the default security policy.

By default, the security policy is open system.

Format

security wapi psk { pass-phrase | hex } key-value

security wapi certificate

undo security

Parameters

Parameter

Description

Value

certificate

Configures WAPI certificate authentication.

-

psk

Configures WAPI pre-shared key authentication.

-

pass-phrase

Specifies the key phrase.

-

hex

Specifies a hexadecimal number.

The password of hex does not have enough complexity, so pass-phrase is recommended.

-

key-value

Specifies a password in cipher text.

In pass-phrase mode, the key is a string of 8 to 64 characters in plain text or 48 or 68 or 88 or 108 characters in cipher text. In hex mode, the key is a string of 8 to 32 hexadecimal numbers, in which case the length of the string must be an even, or a string of 48 or 68 or 88 or 108 characters in cipher text.

A password cannot contain the space and double quotation mark (") at the same time. When the password contains a space, add the double quotation mark (") to the beginning and end of the string when entering the password. For example, if the password is abc123 ABC, enter "abc123 ABC".

NOTE:
To improve security, you are advised to configure a password that contains at least two of the following: digits, lowercase letters, uppercase letters, and special characters.

Views

Security profile view

Default Level

2: Configuration level

Usage Guidelines

Application Scenario

WAPI supports two authentication modes: certificate authentication and pre-shared key authentication. When pre-shared key authentication is used, a pre-shared key must be configured.

  • If WAPI authentication is specified as a security policy in a security profile, you can run the wapi authentication-method command to configure the WAPI authentication mode.
  • The wapi authentication-method command determines the WAPI authentication and key management mode. When certificate authentication and key management are configured, authentication involves identity authentication and key negotiation, and the authentication server and certificate need to be configured. When pre-shared key authentication is configured, a pre-shared key needs to be configured, and STAs also need to know the pre-shared key. In this situation, authentication just involves key negotiation.

Precautions

The system displays the message only when the security profile has been bound to the other profiles.

If the password is changed to one starting or ending with a space on the device (for example, huawei123abc), some terminals (such as terminals running Windows 7) may filter out the space when you change the password on the terminals. This will lead to an association failure. Therefore, it is not recommended that a password starting or ending with a space be set on the device. If such a password has been configured on the device, delete the existing SSID on a terminal, reassociate the terminal with the SSID, and enter the password. For detailed terminal types, refer to the Test Report on Terminal Compatibility of Huawei's WLAN Products.

Example

# Set the WAPI authentication mode to pre-shared key authentication and specify the key.

<Huawei> system-view
[Huawei] wlan
[Huawei-wlan-view] security-profile name p1
[Huawei-wlan-sec-prof-p1] security wapi psk pass-phrase testpassword123
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 205339

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next