How to configure the attack detection function on AC devices

For V200R003 and V200R005, you can perform the following steps on the AC to configure the attack detection function:
1. Run the ap ap-id radio radio-id command in the WLAN view to display the radio view for a specified AP.
2. Run the attack detection enable { all | flood | weak-iv | spoof | wpa-psk | wpa2-psk | wapi-psk | wep-share-key } command in the radio view to enable the attack detection function on the AP radio.
3. To enable detection on flood attacks, WPA/WPA2/WAPI pre-shared key (PSK) cracking, and WEP shared key cracking, you must perform the following operations to identify attacks:
a. Run the ap id ap-id command in the WLAN view to display the AP view.
b. Run the attack detection flood interval intvalue times timesvalue command in the AP view to set the interval for flood attack detection and the maximum number of packets of the same type that an AP can receive within the interval. The variable intvalue specifies the interval for flood attack detection, and timesvalue specifies the number of packets of the same type that an AP can receive within the interval.
c. Run the attack detection psk interval intvalue times timesvalue command in the AP view to set the interval for brute force PSK cracking detection and the number of key negotiation failures allowed within the interval. The variable intvalue specifies the interval for brute force PSK cracking detection, and timesvalue specifies the number of key negotiation failures within the interval.
4. Run the commit { all | ap ap-id } command in the WLAN view to deliver configurations to the APs.

Scroll to top