Adding a service policy – H3C Technologies H3C Intelligent Management Center User Manual
Page 124
102
−
Shared Key—Requires clients to use the same shared key as that configured on the
device. Specify Shared Key only when you select WEP40 or WEP104 as the cipher suite.
−
All—Allows clients to use either the Open System mode or the Shared Key mode as
needed.
{
Interface ID—ID of the WLAN logical interface that the service policy is bound to.
{
Interface Type—Type of the interface bound to the service policy, which is always WLAN-ESS.
{
Max Clients—Maximum number of clients that can use the service policy to associate with fit
APs.
{
Layer2 Isolation—Set whether to enable Layer 2 isolation. This parameter must be configured
in combination with the user-isolation vlan command executed on the AC. If the function is
enabled, clients in the permitted MAC address list can communicate with other clients in the
same VLAN. For example, if you execute the user-isolation vlan 1 permit-mac 0000-1111-
2222 command on the AC and enable Layer 2 isolation, client 0000-1111-2222 can visit
other clients in VLAN 1, but other clients cannot visit each other.
NOTE:
To make sure clients can access the network after Layer 2 isolation is enabled, add the MAC
address of the gateway into the permitted MAC address list first. Otherwise, clients and the
gateway are isolated from each other.
{
Synchronize AC Configuration—Whether the service policy is applied to all ACs in the
specified AC group of the AC. If this option is not selected, the service policy is applied only
to the current AC.
{
AC Group—AC group to which the service policy is applied. This field does not appear if the
Synchronize AC Configuration option is not selected.
Security Information
{
Security IE—Security IE used in the beacon frames and probe responses sent by the fit AP.
Options are None, RSN, WPA, and All. None indicates no security IE is configured. All
indicates both RSN and WPA are configured. For more information about RSN and WPA,
see the related device manual.
{
Cipher Suite—Cipher suite used in data frame encryption and decryption. Options are TKIP,
CCMP, WEP40, and WEP104.
{
Key Index—Authentication key index for clients.
{
Key—Authentication key for clients.
6.
Click Close.
Adding a service policy
You can add a service policy for an AC in the following methods:
•
Normal method—Add a service policy in Service Policy Management.
•
Express method—Select a service policy template and add a service policy by using the
template. For more information about service policy templates, see "
Before configuring security information for a service policy, configure the security IE and cipher suite
for the AC through the CLI or Web interface. Otherwise, the service policy configuration fails.