The wapi msk command sets the interval for updating an MSK, and number of retransmissions of MSK negotiation packets.
The undo wapi msk command restores the default interval for updating an MSK, and number of retransmissions of MSK negotiation packets.
By default, the interval for updating an MSK is 86400s; the number of retransmissions of MSK negotiation packets is 3.
wapi { msk-update-interval msk-interval | msk-retrans-count msk-count }
undo wapi { msk-update-interval | msk-retrans-count }
Parameter |
Description |
Value |
|---|---|---|
msk-update-interval msk-interval |
Specifies the interval for updating an MSK. When the MSK update mode is set to time-based update using the wapi key-update command, the interval for updating an MSK needs to be set. |
The value is an integer that ranges from 600 to 604800, in seconds. |
msk-retrans-count msk-count |
Specifies the number of retransmissions of MSK negotiation packets. |
The value is an integer that ranges from 1 to 10. |
WAPI defines a dynamic key negotiation mechanism, but there are still security risks if a STA uses the same encryption key for a long time. Both the USK and MSK have a lifetime. The USK or MSK needs to be updated when its lifetime ends.
# Set the interval for updating an MSK to 10000s, and number of retransmissions of MSK negotiation packets to 5.
<HUAWEI> system-view [HUAWEI] wlan [HUAWEI-wlan-view] security-profile name p1 [HUAWEI-wlan-sec-prof-p1] wapi msk key-update time-based [HUAWEI-wlan-sec-prof-p1] wapi msk-update-interval 10000 [HUAWEI-wlan-sec-prof-p1] wapi msk-retrans-count 5