Professional Documents
Culture Documents
01-01 About This Document
01-01 About This Document
Overview
This document provides the configuration commands of each feature supported by
the device, including the syntax, view, default level, description, parameters, usage
guideline, related commands, and example of each command.
This document together with the Configuration Guide provides intended readers
with detailed usage of each command.
Intended Audience
This document is intended for network engineers responsible for WLAN
configuration and management. You should be familiar with basic Ethernet
knowledge and have extensive experience in network deployment and
management.
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Command Conventions
The command conventions that may be found in this document are defined as
follows.
Convention Description
NOTE
The interface types, command outputs, and device models provided in this manual vary
according to device configurations and may differ from the actual information.
To obtain better user experience, you are advised to set the number of columns displayed
on the command line editor to 132 or higher.
Security Conventions
● Password setting
When configuring a password, the cipher text is recommended. To ensure
device security, do not disable password complexity check, and change the
password periodically.
When configuring a plaintext password, do not start and end it with %$%$,
%^%#, %#%#, %@%@, or @%@%, which are considered valid ciphertext
characters. The device can decrypt such as password and display the same
plaintext password as that configured by the user in the configuration file.
Ciphertext passwords starting and ending with %$%$, %^%#, %#%#, %@
%@, or @%@% are valid. However, ciphertext passwords for different
features are not interchangeable. For example, the ciphertext password
generated for Authentication, Authorization, Accounting (AAA) cannot be
configured for other features.
● Encryption algorithm
Currently, the device uses the following encryption algorithms: DES, 3DES,
AES, RSA, SHA1, SHA2, MD5, SMS4, and RC4. The encryption algorithm
depends on the applicable scenario. Use the recommended encryption
algorithm; otherwise, security protection requirements may not be met.
– For the symmetrical encryption algorithm, use AES with the key of 128
bits or more.
– For the asymmetrical encryption algorithm, use RSA with the key of 2048
bits or more.
– For the hash algorithm, use SHA2 with the key of 256 bits or more.
– For the HMAC algorithm, use HMAC-SHA2.
– The encryption algorithms DES/3DES/RSA (RSA-1024 or lower)/MD5 (in
digital signature scenarios and password encryption)/SHA1 (in digital
signature scenarios) have a low security, which may bring security risks. If
protocols allowed, using more secure encryption algorithms, such as
AES/RSA (RSA-2048 or higher)/SHA2/HMAC-SHA2, is recommended.
– SHA2 is irreversible encryption algorithm. The irreversible encryption
algorithm must be used for the administrator password.
● Personal data
Some personal data (such as the MAC or IP addresses of users) may be
obtained or used during operation or fault location of your purchased
products, services, features, so you have an obligation to make privacy policies
and take measures according to the applicable law of the country to protect
personal data.