Configuring the close-wait timer, Enabling nat traversal for the cpe – H3C Technologies H3C S6300 Series Switches User Manual
Page 226
213
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter CWMP view.
cwmp
N/A
3.
Configure the maximum
number of connection retries. cwmp cpe connect retry times
By default, the CPE retries a failed
connection until the connection is
established.
Configuring the close-wait timer
The close-wait timer specifies the amount of time the connection to the ACS can be idle before it is
terminated. The CPE terminates the connection to the ACS if no traffic is transmitted before the timer
expires.
The timer also specifies the maximum amount of time the CPE waits for the response to a session request.
The CPE determines that its session attempt has failed when the timer expires.
To configure the close-wait timer for the CPE:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter CWMP view.
cwmp
N/A
3.
Set the close-wait timer.
cwmp cpe wait timeout seconds
By default, the close-wait timer is
30 seconds.
Enabling NAT traversal for the CPE
For the connection request initiated from the ACS to reach the CPE, you must enable NAT traversal
feature on the CPE when a NAT gateway resides between the CPE and the ACS.
The NAT traversal feature complies with RFC 3489 Simple Traversal of UDP Through NATs (STUN). The
feature enables the CPE to discover the NAT gateway, and obtain an open NAT binding (a public IP
address and port binding) through which the ACS can send unsolicited packets. The CPE sends the
binding to the ACS when it initiates a connection to the ACS. For the connection requests sent by the ACS
at any time to reach the CPE, the CPE maintains the open NAT binding.
To enable NAT traversal on the CPE:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter CWMP view.
cwmp
N/A
3.
Enable NAT traversal.
cwmp cpe stun enable
By default, NAT traversal is
disabled on the CPE.
Specifying an SSL client policy for HTTPS connection to ACS
CWMP uses HTTP or HTTPS for data transmission. If the ACS uses HTTPS for secure access, its URL
begins with https://. You must configure an SSL client policy for the CPE to authenticate the ACS for