Configuring the device expiry timer, Configuring the rules, Configuring the countermeasures mode – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

143

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter WLAN IDS view.

wlan ids

N/A

3.

Add the MAC address of a

client or AP to the permitted
MAC address list.

device permit mac-address
mac-address

Optional.
By default, the permitted MAC
address list is empty.

4.

Add an SSID to the permitted
SSID list.

device permit ssid ssid

Optional.
By default, the permitted SSID list is
empty.

5.

Add a vendor ID to the

permitted vendor list.

device permit vendor vendor

Optional.
By default, the vendor list is empty.

Configuring the device expiry timer

This task allows you to set the device expiry interval for device entries in the detected device list. If a
device in the list is not detected within this interval, the device entry is removed from the detected list; if

the deleted entry is that of a rogue, it is moved to the rogue history table.
To configure the device expiry timer:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter WLAN IDS view.

wlan ids

N/A

3.

Configure the device expiry
timer.

device aging-duration duration

Optional.
By default the aging duration is
600 seconds.

Taking countermeasures against attacks from detected rogue
devices

Configuring the rules

You can configure a device as a rogue by adding its MAC address to the static attack list.
To configure the rules:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter WLAN IDS view.

wlan ids

N/A

3.

Add the MAC address of a
client or AP to the static attack

list.

device attack mac-address
mac-address

Optional.
By default, the attack list is empty.

Configuring the countermeasures mode

The countermeasures mode can be set to control which devices countermeasures are taken for. Based on
the configuration, monitor APs can take countermeasures against devices present in its static attack list,