Configuring the device expiry timer, Configuring the rules, Configuring the countermeasures mode – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 155
143
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter WLAN IDS view.
wlan ids
N/A
3.
Add the MAC address of a
client or AP to the permitted
MAC address list.
device permit mac-address
mac-address
Optional.
By default, the permitted MAC
address list is empty.
4.
Add an SSID to the permitted
SSID list.
device permit ssid ssid
Optional.
By default, the permitted SSID list is
empty.
5.
Add a vendor ID to the
permitted vendor list.
device permit vendor vendor
Optional.
By default, the vendor list is empty.
Configuring the device expiry timer
This task allows you to set the device expiry interval for device entries in the detected device list. If a
device in the list is not detected within this interval, the device entry is removed from the detected list; if
the deleted entry is that of a rogue, it is moved to the rogue history table.
To configure the device expiry timer:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter WLAN IDS view.
wlan ids
N/A
3.
Configure the device expiry
timer.
device aging-duration duration
Optional.
By default the aging duration is
600 seconds.
Taking countermeasures against attacks from detected rogue
devices
Configuring the rules
You can configure a device as a rogue by adding its MAC address to the static attack list.
To configure the rules:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter WLAN IDS view.
wlan ids
N/A
3.
Add the MAC address of a
client or AP to the static attack
list.
device attack mac-address
mac-address
Optional.
By default, the attack list is empty.
Configuring the countermeasures mode
The countermeasures mode can be set to control which devices countermeasures are taken for. Based on
the configuration, monitor APs can take countermeasures against devices present in its static attack list,