H3C Technologies H3C Intelligent Management Center User Manual
Page 155
133
3.
Click the Comware-Based tab.
4.
In the Network Management area, click the Template Management link.
The Template Management page appears. There are two types of policy templates:
{
Radio Policy Template
{
Service Policy Template
5.
Click the Service Policy Template link.
The Service Policy Template List page appears, displaying all service policy templates.
6.
Click the SSID of the target service policy template to view its details, including the Basic
Information and the Security Information. The Security Information is not available for the
service policy template with the Encryption Mode set to Clear.
Basic Information contents
{
SSID—SSID of the service policy template.
{
Encryption Mode—Encryption mode for the service policy template. Options are:
−
Clear—The clients can access the wireless network without any passwords.
−
Crypto—The clients must enter the correct password to access the wireless network.
{
Hide SSID—Indicates whether to provide the SSID in beacon frames sent by the fit AP. If this
parameter is selected, clients cannot obtain the SSID from the beacon frames and must
configure the SSID before accessing the wireless network. If this parameter is not selected,
clients can obtain the SSID from the beacon frames to access the wireless network.
{
Authentication Mode—Authentication mode of the service policy template. Options are:
−
Open System—Allows all clients requesting for authentication to directly pass
authentication.
−
Shared Key—Requires clients to use the same shared key as that configured on the
device. Select Shared Key only when you select WEP40 or WEP104 as the cipher suite.
−
All—Allows clients to use either the Open System mode or the Shared Key mode, as
needed.
{
Max Clients—Maximum number of clients allowed in the service policy.
{
Layer2 Isolation—Set whether to enable Layer 2 isolation. This parameter must be configured
in combination with the user-isolation vlan command executed on the AC. If the function is
enabled, clients in the permitted MAC address list can communicate with other clients in the
same VLAN. For example, if you execute the user-isolation vlan 1 permit-mac 0000-1111-
2222 command on the AC and enable Layer 2 isolation, client 0000-1111-2222 can visit
other clients in VLAN 1, but other clients cannot visit each other.
NOTE:
To make sure clients can access the internet after Layer 2 isolation is enabled, add the MAC
address of the gateway into the permitted MAC address list first. Otherwise, clients and the
gateway are isolated from each other.
Security Information contents
{
Security IE—Security IE used in the beacon frames and probe responses sent by the fit AP.
Options are None (default), RSN, WPA, and All. None indicates no security IE is configured.
All indicates both RSN and WPA are configured. For more information about RSN and WPA,
see the related device manual.
{
Cipher Suite—Cipher suite used in data frame encryption and decryption. Options are: