No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R010C00 Command Reference

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
spoof-ssid

spoof-ssid

Function

The spoof-ssid command configures a fuzzy matching rule for spoofing SSIDs.

The undo spoof-ssid command deletes a fuzzy matching rule for spoofing SSIDs.

By default, no fuzzy matching rule is configured for spoofing SSIDs.

Format

spoof-ssid fuzzy-match regex regex-value

undo spoof-ssid { fuzzy-match regex regex-value | all }

Parameters

Parameter

Description

Value

fuzzy-match

Configure a fuzzy matching rule to identify spoofing SSIDs.

-

regex regex-value

Specifies the regular expression for an SSID. If an SSID matches the regular expression, the SSID is considered a spoofing SSID.

The value is in text format and can contain 1 to 48 case-sensitive characters. It supports Chinese characters or mixture of Chinese and English characters.

When the regular expression is used, you can press Ctrl+T to enter a question mark (?). For how to set the regular expression, see Filtering the Command Outputs in Configuration Guide.

NOTE:

You can only use a command editor of the UTF-8 encoding format to edit Chinese characters.

all

Delete all fuzzy matching rules.

-

Views

WIDS spoof SSID profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

WLAN services are available in public places, such as banks and airports. Users can connect to the WLANs after associating with corresponding SSIDs. If a rogue AP is deployed and provides spoofing SSIDs similar to authorized SSIDs, the users may be misled and connect to the rogue AP, which brings security risks. To address this problem, configure a fuzzy matching rule to identify spoofing SSIDs. The device compares a detected SSID with the matching rule. If the SSID matches the rule, the SSID is considered a spoofing SSID. The AP using the spoofing SSID is a rogue AP. After rogue AP containment is configured, the device contains the rogue AP and disconnects users from the spoofing SSID.

Precautions

To make fuzzy matching rules for spoofing SSIDs take effect, enable device detection and rogue device containment so that the device can take countermeasures against rogue APs.

Example

# Configure a fuzzy matching rule using the regular expression ^HUAWE[1l]$ to identify spoofing IDs HUAWE1 or HUAWEl similar to HUAWEI.

<Huawei> system-view
[Huawei] wlan 
[Huawei-wlan-view] wids-spoof-profile name huawei 
[Huawei-wlan-wids-spoof-prof-huawei] spoof-ssid fuzzy-match regex ^HUAWE[1l]$
Translation
Download
Updated: 2019-11-21

Document ID: EDOC1100064352

Views: 200077

Downloads: 122

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next