Configuring The Gtk Rekey Method - H3C MSR Series Configuration Manual

Comware 5 wlan

Hide thumbs Also See for MSR Series:

Command reference manual (1187 pages)

Manual (33 pages)

Configuration manual (29 pages)

Table Of Contents

Table of Contents

To configure the PTK lifetime:

Step

Enter system view.

Enter WLAN service

template view.

Configure the PTK lifetime.

Configuring the GTK rekey method

A fat AP generates a group temporal key (GTK) and sends the GTK to a client during the

authentication process between an AP and the client through group key handshake or the 4-way

handshake. The client uses the GTK to decrypt broadcast and multicast packets. The Robust

Security Network (RSN) negotiates the GTK through the 4-way handshake or group key handshake,

and Wi-Fi Protected Access (WPA) negotiates the GTK only through group key handshake.

Two GTK rekey methods can be configured:

•

Time-based GTK rekey—After the specified interval elapses, GTK rekey occurs.

•

Packet-based GTK rekey—After the specified number of packets is sent, GTK rekey occurs.

By default, time-based GTK rekey is adopted, and the rekey interval is 86400 seconds.

Configuring a new GTK rekey method overwrites the previous one. For example, if time-based GTK

rekey is configured after packet-based GTK rekey is configured, time-based GTK rekey takes effect.

You can also configure the device to start GTK rekey when a client goes offline.

Configuring GTK rekey based on time

Step

Enter system view.

Enter WLAN service

template view.

Enable GTK rekey.

Configure the GTK rekey

interval.

Configure the device to

start GTK rekey when a

client goes offline.

Configuring GTK rekey based on packet

Step

Enter system view.

Enter WLAN service

template view.

Command

system-view

wlan service-template

service-template-number crypto

ptk-lifetime time

Command

system-view

wlan service-template

service-template-number crypto

gtk-rekey enable

gtk-rekey method time-based

[ time ]

gtk-rekey client-offline enable

Command

system-view

wlan service-template

service-template-number crypto

Remarks

N/A

Optional.

By default, the PTK lifetime is

43200 seconds.

Remarks

N/A

By default, GTK rekey is

enabled.

By default, the interval is 86400

seconds.

Optional.

By default, the device does not

start GTK rekey when a client

goes offline.

This command takes effect only

when you execute the

gtk-rekey enable command.

Remarks

N/A

Table of Contents

Show Quick Links

Quick Links:
Configuring Wlan Interfaces

Hide quick links:

Table of Contents

This manual is also suitable for:

Msr 800 Msr 900-e Msr 900 Msr 930 Msr 20-1x H3c msr 50 ... Show all

Configuring The Gtk Rekey Method - H3C MSR Series Configuration Manual

Configuring the GTK rekey method

Hide quick links:

Related Manuals for H3C MSR Series

Related Content for H3C MSR Series

This manual is also suitable for:

Table of Contents