HP a-msr Скачать руководство пользователя страница 54 | Manualshive

Страница: 54 / 73

HP a-msr Скачать руководство пользователя страница 54

50

A flood attack refers to the case where WLAN devices receive large volumes of frames of the same kind
within a short span of time. When this occurs, the WLAN devices are overwhelmed and, consequently, are
unable to service normal clients.

WIDS attacks detection counters flood attacks by constantly keeping track of the density of traffic generated
by each device. When the traffic density of a device exceeds the limit, the device is considered flooding the
network. If the dynamic blacklist feature is enabled, it is added to the blacklist and is forbidden to access the
WLAN for a period of time.
WIDS inspects the following types of frames:



Authentication requests and de-authentication requests



Association requests, disassociation requests, and reassociation requests



Probe requests



802.11 null data frames



802.11 action frames

Spoofing attack detection

In this kind of attack, a potential attacker can send frames in the air on behalf of another device. For instance,
a client in a WLAN has been associated with an AP and works normally. In this case, a spoofed
de-authentication frame can cause a client to get de-authenticated from the network. This can affect the
normal operation of the WLAN.

At present, spoofing attack detection counters this type of attack by detecting broadcast de-authentication
and disassociation frames sent on behalf of an AP. When such a frame is received, it is identified as a
spoofed frame, and the attack is immediately logged.

Weak IV detection

WEP uses an IV to encrypt each frame. An IV and a key are used to generate a key stream. Thus, encryptions
using the same key have different results. When a WEP frame is sent, the IV used in encrypting the frame is
also sent as part of the frame header.

However, if a WLAN device generates IVs in an insecure way, such as using a fixed IV for all frames, the
shared secret key may be exposed to any potential attackers. When the shared secret key is compromised,
the attacker can access network resources.

Weak IV detection counters this attack by verifying the IVs in WEP frames. Whenever a frame with a weak
IV is detected, it is logged immediately.

WLAN IDS configuration task list

Task

Description

Configuring IDS attack detection

Displaying and maintaining
IDS attack detection

Optional

Configuring IDS attack detection

To configure IDS attack detection:

«
...
52
53
54
55
56
...
»

Содержание a-msr

Страница 1: ...dures These configuration guides also provide configuration examples to help you apply software features to different network scenarios This documentation is intended for network planners field technical support and servicing engineers and network administrators working with the HP A Series products Part number 5998 2030 Software version CMW520 R2207P02 Document version 6PW100 20110810 ...

Страница 2: ... MATERIAL INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE Hewlett Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing performance or use of this material The only warranties for HP products and services are set forth in the express warranty statements accompa...

Страница 3: ...7 Displaying and maintaining WLAN service 18 Configuring WLAN client isolation 19 Enabling WLAN client isolation 19 Configuring SSID based access control 19 Specifying a permitted SSID in a user profile 19 WLAN service configuration examples 20 WLAN service configuration example 20 802 11n configuration example 21 WLAN RRM configuration 23 Configuration task list 23 Configuring data transmit rates...

Страница 4: ...n 51 WLAN IDS frame filtering configuration 52 Blacklist and white list 52 Configuring WLAN IDS frame filtering 53 Displaying and maintaining WLAN IDS frame filtering 54 WLAN IDS frame filtering configuration example 54 WLAN QoS configuration 55 Terminology 55 WMM protocol overview 55 Protocols and standards 57 WMM configuration 57 Displaying and maintaining WMM 59 WMM configuration examples 59 WM...

Страница 5: ...nfiguring a WLAN radio interface To configure a WLAN radio interface To do Use the Command Remarks 1 Enter system view system view 2 Enter WLAN radio interface view interface wlan radio interface number Required 3 Set the description for the interface description text Optional By default the description string of an interface is interface name Interface 4 Restore the default settings of the WLAN r...

Страница 6: ...ser number Optional 256 by default 7 Restore the default settings of the WLAN BSS interface default Optional 8 Shut down the WLAN BSS interface shutdown Optional By default a WLAN BSS interface is up Before you execute the port access vlan command make sure the VLAN specified by the vlan id parameter already exists Use the vlan command to create a VLAN For more information about the port access vl...

Страница 7: ...down mtu description enable snmp trap updown 2 Configure ARP arp max learning num arp proxy enable proxy arp enable 3 Configure the interface as a BOOTP client ip address bootp alloc 4 Configure DHCP Configure DHCP server dhcp select server global pool Configure DHCP relay dhcp relay address check dhcp relay information enable dhcp relay information format dhcp relay information strategy dhcp rela...

Страница 8: ... ipv6 policy based route 13 Configure NAT PT natpt enable 14 Configure IS IS isis authentication mode isis circuit level isis circuit type p2p isis cost isis dis name isis dis priority isis enable isis mesh group isis small hello isis timer csnp isis timer hello isis timer holding multiplier isis timer lsp isis timer retransmit isis silent 15 Configure OSPF ospf authentication mode simple ospf aut...

Страница 9: ...ricin ripng metricout ripng poison reverse ripng split horizon ripng summary address 20 Configure basic MPLS capabilities mpls mpls ldp mpls ldp timer hello hold mpls ldp timer keepalive hold mpls ldp transport address 21 Configure BGP MPLS VPN ip binding vpn instance 22 Configure PPPoE pppoe server bind virtual template pppoe client dial bundle number 23 Configure bridge sets bridge set 24 Config...

Страница 10: ...ery igmp version Configure MLD mld enable mld last listener query interval mld max response time mld require router alert mld send router alert mld robust count mld timer other querier present mld timer query mld version mld static group mld group policy mld fast leave Configure PIM pim bsr boundary pim hello option pim holdtime pim require genid pim sm pim dm pim state refresh capable pim timer g...

Страница 11: ...nce qos max bandwidth 26 Configure firewall firewall ethernet frame filter firewall packet filter firewall packet filter ipv6 firewall aspf 27 Configure NAT nat outbound nat outbound static nat server 28 Configure Portal portal auth network portal server 29 Configure IPsec ipsec policy 30 Configure the backup center standby interface standby threshold standby timer delay standby timer flow check s...

Страница 12: ...tion about WLAN Radio interfaces display interface wlan radio brief down begin exclude include regular expression display interface wlan radio interface number brief begin exclude include regular expression Available in any view Display information about WLAN BSS interfaces display interface wlan bss brief down begin exclude include regular expression display interface wlan bss interface number br...

Страница 13: ...n methods Seamless roaming of WLAN clients in the mobility domain Basic concepts Client A handheld computer or laptop with a wireless NIC can be a WLAN client Access point An AP bridges frames between wireless and wired networks Fat AP A fat AP controls and manages all associated wireless stations and bridges frames between wired and wireless networks SSID Service set identifier A client scans all...

Страница 14: ...er a specified SSID is carried in a probe request A client sends a probe request with the SSID null or the SSID IE length is 0 The client periodically sends a probe request frame on each of its supported channels to scan wireless networks APs that receive the probe request send a probe response which carries the available wireless network information The client associates with the AP with the stro...

Страница 15: ...ts to save battery power Typically VoIP clients adopt the passive scanning mode The passive scanning process is as shown in Figure 4 Figure 4 Passive scanning Authentication To secure wireless links the wireless clients must be authenticated before accessing the AP and only wireless clients passing the authentication can be associated with the AP 802 1 1 links define two authentication mechanisms ...

Страница 16: ...asons such as Receiving a data frame from a client which is authenticated and unassociated Receiving a PS Poll frame from a client which is authenticated and unassociated WLAN topologies WLAN topologies for fat APs consist of Single BSS Multi ESS Single ESS Multi BSS Single BSS The coverage of an AP is a BSS Each BSS is identified by a BSSID The most basic WLAN network can be established with only...

Страница 17: ... can be configured on the fat AP The fat AP can be configured to accept clients in these ESS domains once their credentials are acceptable Single ESS Multi BSS the multi radio case This topology describes a scenario where a fat AP has two radios that are in the same ESS but belong to different BSSs Figure 7 Single ESS multiple BSS network Use this network scenario when both 802 1 1a and 802 1 1b g...

Страница 18: ...mand Remarks 1 Enter system view system view 2 Configure the client idle timeout interval wlan client idle timeout interval Optional By default the idle timeout interval is 3600 seconds 3 Configure the client keep alive interval wlan client keep alive interval Optional By default keep alive function is disabled 4 Enable the fat AP to respond to the probe requests with the SSID null sent by the cli...

Страница 19: ...template with type as crypto To configure a service template To do Use the command Remarks 1 Enter system view system view 2 Create a WLAN service template and enter WLAN service template view wlan service template service template number clear crypto Required 3 Specify the service set identifier ssid ssid name Required By default no SSID is set 4 Hide the SSID in beacon frames beacon ssid hide Op...

Страница 20: ...io power varies with country codes channels AP models radio types and antenna types If 802 11n is adopted the maximum radio power also depends on the bandwidth mode 7 Specify the type of preamble preamble long short Optional By default the short preamble is supported This command does not apply to 802 11a radios Configuring the radio of the AP To configure the radio of the AP To do Use the command...

Страница 21: ... 20 MHz channels can either work separately with one channel acting as the primary channel and the other acting as the secondary channel or both can work together as a 40 MHz channel This provides a simple way of doubling the data rate 2 Improving channel usage through these methods 802 1 1n introduces the A MPDU frame format By using only one PHY header each A MPDU can accommodate multiple MPDUs ...

Страница 22: ...a SIC_WLAN module that supports 802 11n Available for routers with a SIC_WLAN module that supports 802 11n Available for routers with a SIC_WLAN module that supports 802 11n Available for routers with a SIC_WLAN module that supports 802 11n Displaying and maintaining WLAN service To do Use the command Remarks Display WLAN client information display wlan client interface wlan radio radio number mac...

Страница 23: ...ctly or learn one another s MAC and IP addresses Enabling WLAN client isolation To enable WLAN client isolation To do Use the command Remarks 1 Enter system view system view 2 Enable WLAN client isolation wlan client isolation enable Optional Disabled by default Configuring SSID based access control When a user wants to access a WLAN temporarily the administrator can specify a permitted SSID in th...

Страница 24: ...ion Guide WLAN service configuration examples WLAN service configuration example Network requirements As shown in Figure 9 enable the client to access the internal network resources at any time The AP provides a plain text wireless access service with SSID service 802 1 1g is adopted Figure 9 Network diagram for WLAN service configuration Configuration procedure 1 Configure the fat AP Create a WLA...

Страница 25: ... with a SIC_WLAN module that supports 802 11n Network requirements As shown in Figure 10 deploy an 802 1 1n network to provide high bandwidth access for multi media applications The AP provides a plain text wireless service with SSID service 802 1 1gn is adopted to inter work with the existing 802 1 1g network and protect the current investment Figure 10 Network diagram for 802 11n configuration C...

Страница 26: ...20 AP WLAN Radio2 0 service template 1 interface WLAN BSS 1 2 Verify the configuration The clients can associate with the APs and access the WLAN You can use the display wlan verbose command to view the online clients The 802 1 1n client information is displayed in the output information of the command ...

Страница 27: ...enced personnel to implement regularly which brings high maintenance costs WLAN RRM is a scalable radio resource management solution It delivers a real time intelligent integrated radio resource management solution which enables a WLAN network to quickly adapt to radio environment changes and keep staying in a healthy state Configuration task list Complete the following tasks to configure WLAN RRM...

Страница 28: ...ata rate table 40 MHz is shown in Table 2 For the whole table see IEEE P802 1 1n D2 00 As shown in the two tables MCS 0 through MCS 7 use one spatial stream and the data rate corresponding to MCS 7 is the highest MCS 8 through MCS 15 use two spatial streams and the data rate corresponding to MCS 15 is the highest Table 1 MCS data rate table 20 MHz MCS index Number of spatial streams Modulation Dat...

Страница 29: ...es supported by the AP besides the mandatory rates Supported rates allow some clients that support both mandatory and supported rates to choose higher rates when communicating with the AP Multicast rates Multicast rates supported by the AP besides the mandatory rates Multicast rates allow clients to send multicast traffic at the multicast rates When you specify the maximum MCS index you actually s...

Страница 30: ...r WLAN RRM view wlan rrm 3 Configure non 802 1 1h channel scanning autochannel set avoid dot11h Optional By default all channels of the country code are scanned Enabling 802 11g protection When both 802 1 1b and 802 1 1g clients access a WLAN network interference easily occurs and access rate is greatly degraded because they adopt different modulation modes To enable both 802 1 1b and 802 1 1g cli...

Страница 31: ...1g protection enable Optional Disabled by default NOTE Enabling 802 11g protection reduces network performance Displaying and maintaining WLAN RRM To do Use the command Remarks Display WLAN RRM configuration information display wlan rrm begin exclude include regular expression Available in any view ...

Страница 32: ...lgorithms Essentially it is a null authentication algorithm Any client that requests authentication with this algorithm can be authenticated Open system authentication is not required to be successful as an AP may decline to authenticate the client Open system authentication involves a two step authentication process In the first step the wireless client sends a request for authentication In the s...

Страница 33: ...security Compared with WEP encryption TKIP encryption uses 128 bit RC4 encryption algorithm and increases the length of IVs from 24 bits to 48 bits Second TKIP allows for dynamic key negotiation to avoid static key configuration TKIP replaces a single static key with a base key generated by an authentication server TKIP dynamic keys cannot be easily deciphered Third TKIP offers MIC and countermeas...

Страница 34: ...words the MAC addresses of allowed clients is created on the wireless access device and the clients are authenticated by the wireless access device Only clients whose MAC addresses are included in the list can pass the authentication and access the WLAN MAC address authentication through RADIUS server The wireless access device serves as the RADIUS client and sends the MAC address of each requesti...

Страница 35: ...tional Enabling an authentication method You can enable open system or shared key authentication or both To enable an authentication method To do Use the command Remarks Enter system view system view 1 Enter WLAN service template view wlan service template service template number crypto 2 Enable the authentication method authentication method open system shared key Optional Open system authenticat...

Страница 36: ... occurs Packet based GTK rekey After the specified number of packets is sent GTK rekey occurs You can also configure the device to start GTK rekey when a client goes offline Configuring GTK rekey based on time To configure GTK rekey based on time To do Use the command Remarks 1 Enter system view system view 2 Enter WLAN service template view wlan service template service template number crypto 3 E...

Страница 37: ...ation includes WPA and RSN configuration For WPA and RSN configuration open system authentication is required WPA ensures greater protection than WEP WPA operates in either WPA PSK or Personal mode or WPA 802 1X or Enterprise mode In Personal mode a pre shared key or pass phrase is used for authentication In Enterprise mode 802 1X and RADIUS servers and the EAP are used for authentication Configur...

Страница 38: ...er has a different key from the sender it discards the packets received from the sender In shared key authentication mode the WEP key is used for both encryption and authentication If the key of a client is different from that of the authenticator the client cannot go online To configure WEP encryption To do Use the command Remarks 1 Enter system view system view 2 Enter WLAN service template view...

Страница 39: ...l Configuring CCMP cipher suite CCMP adopts the AES encryption algorithm To configure the CCMP cipher suite To do Use the command Remarks 1 Enter system view system view 2 Enter WLAN service template view wlan service template service template number crypto 3 Enable the CCMP cipher suite cipher suite ccmp Required By default no cipher suite is enabled Configuring port security The authentication t...

Страница 40: ...ce number Required 3 Enable 802 1 1key negotiation port security tx key type 11key Required Not enabled by default 4 Enable the 802 1X port security mode port security port mode userlogin secure ext Required port security port mode userlogin secure Configuring MAC authentication To configure MAC authentication To do Use the command Remarks 1 Enter system view system view 2 Enter WLAN BSS interface...

Страница 41: ...on interface interface list Available in any view Display the MAC address information of port security display port security mac address security interface interface type interface number vlan vlan id count Available in any view Display the PSK user information of port security display port security preshared key user interface interface type interface number Available in any view Display the conf...

Страница 42: ...ice template 1 crypto Sysname wlan st 1 ssid psktest Sysname wlan st 1 security ie rsn Sysname wlan st 1 cipher suite ccmp Sysname wlan st 1 authentication method open system Sysname wlan st 1 service template enable Sysname wlan st 1 quit Bind interface WLAN BSS 1 to service template 1 on interface WLAN radio 2 0 Sysname interface wlan radio 2 0 Sysname WLAN Radio2 0 radio type dot11g Sysname WLA...

Страница 43: ...MP cipher suite Sysname wlan st 1 security ie rsn Sysname wlan st 1 cipher suite ccmp Configure the open system authentication and enable the service template Sysname wlan st 1 authentication method open system Sysname wlan st 1 service template enable Sysname wlan st 1 quit Configure a RADIUS scheme named rad and configure the IP addresses of the primary authentication server and accounting serve...

Страница 44: ... bss 1 2 Configure the RADIUS server IMC PLAT 5 0 The following takes the IMC the IMC versions are IMC PLAT 5 0 and IMC UAM 5 0 as an example to illustrate the basic configurations of the RADIUS server Add an access device Log in to the IMC management platform Select the Service tab and then select User Access Manager Access Device Management Access Device from the navigation tree to enter the acc...

Страница 45: ...s 00146c8a43ff Select the service mac Figure 17 Add account 3 Verify the configuration After the client passes the MAC authentication the client can associate with the AP and access the WLAN You can use the display wlan client command display connection command and display mac authentication command to view the online clients 802 1X authentication configuration example Network requirements As show...

Страница 46: ...omain Sysname radius radius1 quit Configure AAA domain imc by referencing RADIUS scheme rad Sysname domain imc Sysname isp imc authentication lan access radius scheme rad Sysname isp imc authorization lan access radius scheme rad Sysname isp imc accounting lan access radius scheme rad Sysname isp imc quit Configure the default ISP domain Sysname domain default enable imc Set the port mode for WLAN...

Страница 47: ...0 See Configure the RADIUS server IMC PLAT 5 0 3 Configure the wireless card Double click the icon at the bottom right corner of your desktop The Wireless Network Connection Status window appears Click the Properties button in the General tab The Wireless Network Connection Properties window appears In the Wireless Networks tab select wireless network with the SSID dot1x and then click Properties ...

Страница 48: ...44 Figure 19 Configure the wireless card I ...

Страница 49: ...45 Figure 20 Configure the wireless card II ...

Страница 50: ...ion introduces the combinations that can be used during the cipher suite configuration RSN For RSN the WLAN WSEC module supports only CCMP and TKIP ciphers as the pair wise ciphers and WEP cipher suites are only used as group cipher suites Below are the cipher suite combinations that WLAN WSEC supports for RSN WEP40 WEP104 and WEP128 are mutually exclusive Unicast cipher Broadcast cipher Authentic...

Страница 51: ...P and TKIP ciphers as the pair wise ciphers and WEP cipher suites are only used as group cipher suites Below are the cipher suite combinations that WLAN WSEC supports for WPA WEP40 WEP104 and WEP128 are mutually exclusive Unicast cipher Broadcast cipher Authentication method Security Type CCMP WEP40 PSK WPA CCMP WEP104 PSK WPA CCMP WEP128 PSK WPA CCMP TKIP PSK WPA CCMP CCMP PSK WPA TKIP WEP40 PSK ...

Страница 52: ...supports only WEP cipher suites WEP40 WEP104 and WEP128 are mutually exclusive Unicast cipher Broadcast cipher Authentication method Security Type WEP40 WEP40 Open system no Sec Type WEP104 WEP104 Open system no Sec Type WEP128 WEP128 Open system no Sec Type WEP40 WEP40 Shared key no Sec Type WEP104 WEP104 Shared key no Sec Type WEP128 WEP128 Shared key no Sec Type ...

Страница 53: ...ny vulnerability occurs on the AP the hacker has an opportunity to compromise your network security Rogue client An unauthorized or malicious client on the network Rogue wireless bridge Unauthorized wireless bridge on the network Monitor AP An AP that scans or listens to 802 1 1 frames to detect wireless attacks in the network Ad hoc mode Sets the working mode of a wireless client to ad hoc An ad ...

Страница 54: ...d de authentication frame can cause a client to get de authenticated from the network This can affect the normal operation of the WLAN At present spoofing attack detection counters this type of attack by detecting broadcast de authentication and disassociation frames sent on behalf of an AP When such a frame is received it is identified as a spoofed frame and the attack is immediately logged Weak ...

Страница 55: ...all the attacks detected by WLAN IDS IPS display wlan ids history begin exclude include regular expression Available in any view Display the count of attacks detected by WLAN IDS IPS display wlan ids statistics begin exclude include regular expression Available in any view Clear the history of attacks detected by the WLAN system reset wlan ids history Available in user view Clear the statistics of...

Страница 56: ... other clients are discarded Static blacklist Contains the MAC addresses of clients forbidden to access the WLAN This list is configured manually Dynamic blacklist Contains the MAC addresses of clients forbidden to access the WLAN A client is added dynamically to the list if it is considered sending attacking frames until the timer of the entry expires A dynamic blacklist can collaborate with ARP ...

Страница 57: ...enied Whenever WLAN IDS detects a flood attack the attacking device is added into the dynamic blacklist You can set a lifetime in seconds for dynamic blacklist entries After the lifetime of an entry expires the device entry is removed from the dynamic blacklist If a flood attack from the device is detected again before the lifetime expires the entry is refreshed To configure WLAN IDS frame filteri...

Страница 58: ...wlan dynamic blacklist mac address mac address all Available in user view WLAN IDS frame filtering configuration example Network requirements As shown in Figure 23 Client 1 0000 000f 121 1 is a rogue client To ensure WLAN security add the MAC address of the client into the blacklist on the AC to disable it from accessing the wireless network through any AP Figure 23 WLAN IDS frame filtering config...

Страница 59: ...ories They are AC VO voice queue AC VI video queue AC BE best effort queue and AC BK background queue in the descending order of priority When contending for a channel a high priority AC queue preempts a low priority AC queue 4 CAC CAC limits the number of clients that are using high priority AC queues including AC VO and AC VI queues to guarantee sufficient bandwidth for existing high priority tr...

Страница 60: ... for transmission thus guaranteeing bandwidth to the clients that have gained access CAC controls real time traffic AC VO and AC VI traffic but not common data traffic AC BE and AC BK traffic If a client wants to use a high priority AC queue it must send a request to the AP The AP returns a positive or negative response based on either of the following admission control policy Channel utilization ...

Страница 61: ...ue SVP stipulates that random backoff is not performed for SVP packets Therefore you can set both ECWmin and ECWmax to 0 when there are only SVP packets in an AC queue ACK policy WMM defines two ACK policies Normal ACK and No ACK When the No ACK policy is used the recipient does not acknowledge received packets during wireless packet exchange This policy is suitable in the environment where commun...

Страница 62: ...P uses the default EDCA parameters shown in Table 4 and uses the Normal ACK policy 7 Set the CAC policy wmm cac policy channelutilization channelutilization value users users number Optional By default the users based admission policy applies with the maximum number of users being 20 8 Map SVP packets to a specified AC queue wmm svp map ac ac vi ac vo ac be ac bk Optional By default the SVP packet...

Страница 63: ...ess begin exclude include regular expression Available in any view Display radio or client WMM configuration information display wlan wmm radio interface wlan radio wlan radio number client all interface wlan radio wlan radio number mac address mac address begin exclude include regular expression Available in any view Clear radio or client WMM statistics reset wlan wmm radio interface wlan radio w...

Страница 64: ...on method open system Sysname wlan st 1 service template enable Configure the radio type as 802 1 1g for radio interface WLAN Radio 2 0 and map service template 1 to interface WLAN BSS1 on the radio interface Sysname interface wlan radio 2 0 Sysname WLAN Radio2 0 radio type dot11g Sysname WLAN Radio2 0 service template 1 interface wlan bss 1 Enable WMM on radio interface WLAN Radio 2 0 Sysname WLA...

Страница 65: ...1 authentication method open system Sysname wlan st 1 service template enable Configure the radio type as 802 1 1g for radio interface WLAN Radio 2 0 and map service template 1 to interface WLAN BSS1 on the radio interface Sysname interface wlan radio 2 0 Sysname WLAN Radio2 02 radio type dot11g Sysname WLAN Radio2 0 service template 1 interface wlan bss 1 Configure radio interface WLAN radio 2 0 ...

Страница 66: ...e interface wlan bss 1 Sysname WLAN BSS1 qos trust dot11e Sysname WLAN BSS1 quit Configure interface Ethernet 1 0 to use the 802 1p priority of received packets for priority mapping Sysname interface ethernet 1 0 Sysname Ethernet1 0 qos trust dot1p Sysname Ethernet1 0 quit Create a clear type WLAN service template configure its SSID as market configure its authentication method as Open System and ...

Страница 67: ...me command to view the support of the radio chip for the EDCA parameters Make sure the configured EDCA parameters are supported by the radio chip 2 Check that the values configured for the EDCA parameters are valid SVP or CAC configuration failure Symptom The SVP packet priority mapping function configured with the wmm svp map ac command does not take effect CAC configured with the wmm edca client...

Страница 68: ... wwalerts After registering you will receive email notification of product enhancements new driver versions firmware updates and other product resources Related information Documents To find related documents browse to the Manuals page of the HP Business Support Center website http www hp com support manuals For related documentation navigate to the Networking section and select a networking categ...

Страница 69: ...parated by vertical bars from which you select one choice multiple choices or none 1 n The argument or keyword and argument combination before the ampersand sign can be entered 1 to n times A line that starts with a pound sign is comments GUI conventions Convention Description Boldface Window names button names field names and menu items are in bold text For example the New User window appears cli...

Страница 70: ...ing capable device such as a router or Layer 3 switch Represents a generic switch such as a Layer 2 or Layer 3 switch or a router that supports Layer 2 forwarding and other Layer 2 features Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device ...

Страница 71: ... 32 GTK rekey based on time 32 GTK rekey method 32 HP customer support and resources 64 document conventions 65 documents and manuals 64 icons used 65 subscription service 64 support contact information 64 symbols used 65 websites 64 icons 65 IDS attack detection 50 displaying and maintaining 51 MAC and PSK authentication example 38 MAC authentication 36 manuals 64 multi ESS 13 non dot1 1h channel...

Страница 72: ...echanism 57 WMM configuration 57 WMM protocol overview 55 WLAN QoS configuration 55 WLAN QoS examples CAC service configuration example 60 network requirements 59 60 62 SVP service example 62 WMM basic configuration 59 WMM configuration examples 59 WLAN QoS protocols and standards 57 WLAN QoS troubleshooting 63 EDCA parameter configuration failure 63 SVP or CAC configuration failure 63 WLAN RRM 80...

Страница 73: ... the AP 16 radio parameters 15 scanning 10 single BSS 12 single ESS Multi BSS the multi radio case 13 specifying a permitted SSID in a user profile 19 SSID 9 SSID based access control 19 task list 14 topologies 12 wireless client access 9 wireless medium 9 WLAN client isolation 19 WLAN service examples 20 WLAN service template 15 WLAN service configuration 9 WLAN service configuration example 20 W...

Отзывы:

Нет отзывов

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды