Configuring ap operating mode, Configuring attack detection, Displaying and maintaining attack detection – H3C Technologies H3C MSR 50 User Manual
Page 68
59
Configuring AP operating mode
A WLAN consists of various APs that span across the building offering WLAN services to the clients. The
administrator may want some of these APs to detect rogue devices. The administrator can configure an
AP to operate in any of the three modes, normal, monitor, or hybrid.
•
In normal mode, an AP provides WLAN data services but does not perform any scanning.
•
In monitor mode, an AP scans all Dot11 frames in the WLAN, but cannot provide WLAN services.
An AP operating in this mode cannot provide WLAN service, and you do not need to configure a
service template.
•
In hybrid mode, an AP can both scan devices in the WLAN and provide WLAN services. For an AP
operating in this mode, you need to configure a service template so that the AP can provide WLAN
service when scanning devices.
To configure the AP operating mode:
Step Command
Remarks
206.
Enter system view.
system-view
N/A
207.
Configure the AP operating
mode.
•
Configure the AP operating
mode as monitor:
wlan work-mode monitor
•
Configure the AP operating
mode as hybrid:
wlan device-detection enable
Use either command.
By default, the AP operating mode
is normal.
•
When an AP has its operating
mode changed from normal to
monitor, it does not restart.
•
When an AP has its operating
mode changed from monitor to
normal, it restarts.
Configuring attack detection
Configuring attack detection
Step Command
Remarks
208.
Enter system view.
system-view
N/A
209.
Enter IDS view.
wlan ids
N/A
210.
Enable IDS attack
detection.
attack-detection enable { all | flood |
spoof | weak-iv }
By default, IDS attack detection is
disabled.
Displaying and maintaining attack detection
Task Command
Remarks
Display all the attacks detected by
WLAN IDS IPS.
display wlan ids history [ | { begin
| exclude | include }
regular-expression ]
Available in any view.