No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


S12700 V200R013C00 Command Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
capwap sensitive-info psk

capwap sensitive-info psk


The capwap sensitive-info psk command modifies the pre-shared key (PSK) used for sensitive information encryption.

The undo capwap sensitive-info psk command restores the default PSK used for sensitive information encryption.

The default PSK used for sensitive information encryption is WLAN-KEYSTRING-AES256.


capwap sensitive-info psk psk-value

undo capwap sensitive-info psk






Specifies the PSK used for sensitive information encryption.

The value can be a string of 48 or 68 characters in cipher text (for example, %^%#u(Oz:BL,QKYZw%-JWC*P8aGC,="C&M'OI*Gmt.V(%^%#) or a string of 6 to 32 characters in plain text (for example, a1234567). The key must contain at least two of the following: uppercase letters, lowercase letters, digits, and special characters except the question mark (?) and space.


System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Sensitive information transmitted between the AC and APs is encrypted, such as the FTP user name/password, AP login user name/password, and service configuration-related keys. You can use the capwap sensitive-info psk command to modify the PSK used for sensitive information encryption.


To ensure STA security, you are advised to modify the PSK value.

After the configuration is complete, all online APs will go offline from the AC and go online again.


In hot backup (HSB) and dual-link cold backup scenarios, the PSKs configured on the active and standby ACs must be the same. Otherwise, APs cannot set up CAPWAP tunnels with the standby AC.

The pre-shared key for encrypting sensitive information cannot be modified when an AP is being upgraded on the


# Modify the PSK for encrypting sensitive information to z0020011@11.

<HUAWEI> system-view
[HUAWEI] capwap sensitive-info psk z0020011@11
Warning: This operation may cause devices using CAPWAP connections to go offline. Continue? [Y/N]:y
Updated: 2019-04-09

Document ID: EDOC1100065659

Views: 124842

Downloads: 88

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next