< Home

Licensing Requirements and Limitations for WLAN Security

Involved Network Elements

AP
  • APs mentioned in this document are Huawei AP products. You are advised to use Huawei APs to connect to the AC.
  • You can run the display ap-type all command to check the default AP types supported by the device.
  • When central APs and RUs are used, ensure that their versions are the same. For example, if the central AP version is V200R007C10, the RU version must be V200R007C10.
Table 1 Mapping between switch versions and AP versions

Product Software Version

AP Software Version

V200R019C10

V200R019C10

V200R019C00

V200R010C00

V200R009C00

V200R008C10

V200R008C00

V200R007C20

V200R007C10

V200R006C20

V200R006C10

V200R019C00

V200R019C00

V200R010C00

V200R009C00

V200R008C10

V200R008C00

V200R007C20

V200R007C10

V200R006C20

V200R006C10

V200R013C00

V200R010C00

V200R009C00

V200R008C10

V200R008C00

V200R007C20

V200R007C10

V200R006C20

V200R006C10

V200R012C00

V200R009C00

V200R008C10

V200R008C00

V200R007C20

V200R007C10

V200R006C20

V200R006C10

V200R011C10

V200R008C10

V200R008C00

V200R007C20

V200R007C10

V200R006C20

V200R006C10

V200R011C00

V200R007C20

V200R007C10

V200R006C20

V200R006C10

V200R010C00

V200R007C10

V200R006C20

V200R006C10

V200R009C00

V200R006C20

V200R006C10

V200R008C00

V200R005C30

V200R005C20

V200R005C10

V200R007

V200R005C20

V200R005C10

V200R006

V200R005C00
AAA server
  • Huawei servers such as the Policy Center and Agile Controller or third-party AAA servers perform authentication, accounting, and authorization on users.
Portal server
  • Huawei servers such as the Policy Center and Agile Controller or third-party Portal servers, receive authentication requests from Portal clients, provide free Portal services and a web authentication interface, and exchange authentication information of the authentication clients with access devices. This component is required only in Portal authentication mode.

Licensing Requirements

When the device is used as a WLAN AC, the number of online APs supported by the device is controlled by licenses. The device supports a maximum of 16 online APs. To increase the number of online APs supported by the device, apply for and purchase a license from the agent.
  • AP resource license-1AP for WLAN access controller
  • AP resource license-16AP for WLAN access controller
  • AP resource license-32AP for WLAN access controller
  • AP resource license-64AP for WLAN access controller
  • AP resource license-128AP for WLAN access controller
  • AP resource license-512AP for WLAN access controller

For details about how to apply for a license, see Obtaining Licenses in the S1720, S5700, and S6700 Series Switches License Usage Guide.

Feature Support in V200R019C10

This feature is supported only by the following models: S5720-HI, S5730-HI, S5731-H, S5731S-H, S5732-H, S6720-HI, S6730S-H, and S6730-H.

Feature Limitations

WIDS/WIPS

  • APs that have WDS or Mesh services configured cannot work in monitor mode.

  • If WIDS, spectrum analysis, background neighbor probing, or terminal location is enabled on a radio, the radio cannot be used to establish a WDS bridge or Mesh link.

  • V200R006C00, V200R007C00, and V200R008C00: When an AP working in hybrid mode periodically scans channels, services may be interrupted for a short time. The AP can only perform containment on the channel used by WLAN services. To perform containment on all channels, you need to configure the AP to work in monitor mode. However, the WLAN services are unavailable in this mode.

  • V200R009C00, V200R010C00 V200R011C00 and V200R011C10: When an AP working in normal mode periodically scans channels, services may be interrupted for a short time. The AP working in normal mode can only perform containment on the channel used by WLAN services. To perform containment on all channels, you need to configure the AP to work in monitor mode. However, WLAN services are unavailable in this mode.

  • V200R011C00 or later: When an AP working in normal mode periodically scans channels, services may be interrupted for a short time. The AP can perform containment on all channels.

  • V200R006C00, V200R007C00, and V200R008C00: The configured WIDS or WIPS takes effect on an AP only after a service set is bound to the AP on the AC and the AC delivers the configurations to the AP.

  • If the number of STAs is larger than 3K, you are advised to disable the WIDS function. This function affects the AC performance and reduces CPU performance by about 10%.

Security Policy

  • The AP7030DE and AP9330DN do not support WAPI.

  • The Air interface attack defense and dynamic blacklist functions are not available for the AirEngine 8760-X1-PRO, AirEngine 8760R-X1, AirEngine 8760R-X1E, AirEngine 6760-X1, AirEngine 6760-X1E, AirEngine 6760R-51, AirEngine 6760R-51E, AirEngine 5760-51, AirEngine 5760-22W, and AirEngine 5760-22WD.
Parent Topic: WLAN Security Configuration
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >