Client-Security Intrusion-Protection Timer Temporary-Block - HPE FlexNetwork MSR Series Command Reference Manual

Predefined user roles
network-admin
Usage guidelines
This command is configurable when the service template is disabled, and it takes effect after the
service template is enabled.
When the device receives an association request from an illegal client, the device takes the
predefined protection action on the BSS where the request is received. A client is illegal if its MAC
address fails WLAN authentication. To set the protection action, use the client-security
intrusion-protection action command.
Examples
# Enable the intrusion protection feature for service template service1.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] client-security intrusion-protection enable
Related commands
client-security intrusion-protection action

client-security intrusion-protection timer temporary-block

Use client-security intrusion-protection timer temporary-block to set the period during which a
MAC address is blocked by intrusion protection.
Use undo client-security intrusion-protection timer temporary-block to restore the default.
Syntax
client-security intrusion-protection timer temporary-block time
undo client-security intrusion-protection timer temporary-block
Default
An illegal MAC address is blocked for 180 seconds.
Views
Service template view
Predefined user roles
network-admin
Parameters
time: Specifies the period during which a MAC address is blocked. The value range is 60 to 300
seconds.
Usage guidelines
This command takes effect only when the intrusion protection action is temporary-block.
If you change the blocking period after the service template is enabled, the new setting takes effect
on the subsequent detected illegal packets.
Examples
# Configure service template service1 to block illegal MAC addresses for 120 seconds.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] client-security intrusion-protection enable
85