R2511-HP MSR Router Series WLAN Configuration Guide(V5)
38
Ste
p
Command
Remarks
5. Configure the device to start
GTK rekey when a client
goes offline.
gtk-rekey client-offline enable
Optional.
By default, the device does not
start GTK rekey when a client
goes offline.
This command takes effect only
when you execute the gtk-rekey
enable command.
Configuring GTK rekey based on packet
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter WLAN service
template view.
wlan service-template
service-template-number crypto
N/A
3. Enable GTK rekey.
gtk-rekey enable By default, GTK rekey is enabled.
4. Configure GTK rekey based
on packet.
gtk-rekey method packet-based
[ packet ]
The default packet number is
10000000.
5. Configure the device to start
GTK rekey when a client
goes offline.
gtk-rekey client-offline enable
Optional.
By default, the device does not start
GTK rekey when a client goes offline.
This command takes effect only when
you execute the gtk-rekey enable
command.
Configuring security IE
Security IE configurations comprise WPA security IE configuration and RSN security IE configuration,
both of which require open system authentication.
WPA ensures greater protection than WEP. WPA operates in either WPA-PSK (or Personal) mode or
WPA-802.1X (or Enterprise) mode. In Personal mode, a pre-shared key or pass-phrase is used for
authentication. In Enterprise mode, 802.1X and RADIUS servers and the EAP are used for authentication.
Configuring WPA security IE
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter WLAN service
template view.
wlan service-template
service-template-number crypto
N/A
3. Enable the WPA-IE in the
beacon and probe
responses.
security-ie wpa By default, WPA-IE is disabled.
Configuring RSN security IE
An RSN is a security network that only allows the creation of robust security network associations
(RSNAs). An RSN can be identified by the indication in the RSN Information Element (IE) of beacon
frames. It provides greater protection than WEP and WPA.