- Table of Contents
- Related Documents
-
Title | Size | Download |
---|---|---|
02-WLAN IP snooping commands | 51.70 KB |
client ip-snooping http-learning enable
client ipv4-snooping arp-learning enable
client ipv4-snooping dhcp-learning enable
client ipv4-snooping dhcp-learning timeout
client ipv6-snooping dhcpv6-learning enable
client ipv6-snooping nd-learning enable
client ipv6-snooping snmp-nd-report enable
WLAN IP snooping commands
client ip-snooping http-learning enable
Use client ip-snooping http-learning enable to enable snooping HTTP and HTTPS requests redirected to the portal server.
Use undo client ip-snooping http-learning enable to disable snooping HTTP and HTTPS requests redirected to the portal server.
Syntax
client ip-snooping http-learning enable
undo client ip-snooping http-learning enable
Default
Snooping HTTP and HTTPS requests is disabled.
Service template view
Predefined user roles
network-admin
Usage guidelines
An AC can use this method to learn IP addresses of clients performing portal authentication. For more information about portal authentication, see User Access and Authentication Configuration Guide.
The priorities for learning IP addresses through snooping DHCP packets, ARP or ND packets, and HTTP/HTTPS requests are in descending order.
Make sure the service template is disabled when you execute this command.
Examples
# Enable snooping HTTP and HTTPS requests.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] client ip-snooping http-learning enable
client ipv4-snooping arp-learning enable
Use client ipv4-snooping arp-learning enable to enable snooping ARP packets.
Use undo client ipv4-snooping arp-learning enable to disable snooping ARP packets.
Syntax
client ipv4-snooping arp-learning enable
undo client ipv4-snooping arp-learning enable
Default
Snooping ARP packets is enabled.
Views
Service template view
Predefined user roles
network-admin
Examples
# Disable snooping ARP packets.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] undo client ipv4-snooping arp-learning enable
client ipv4-snooping dhcp-learning enable
Use client ipv4-snooping dhcp-learning enable to enable snooping DHCPv4 packets.
Use undo client ipv4-snooping dhcp-learning enable to disable snooping DHCPv4 packets.
Syntax
client ipv4-snooping dhcp-learning enable
undo client ipv4-snooping dhcp-learning enable
Default
Snooping DHCPv4 packets is enabled.
Views
Service template view
Predefined user roles
network-admin
Examples
# Disable snooping DHCPv4 packets.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] undo client ipv4-snooping dhcp-learning enable
client ipv4-snooping dhcp-learning timeout
Use client ipv4-snooping dhcp-learning timeout to enable forced logoff of clients that fail to obtain an IPv4 address through DHCP within the specified timeout.
Use undo client ipv4-snooping dhcp-learning timeout to disable forced logoff of clients that fail to obtain an IPv4 address through DHCP.
Syntax
client ipv4-snooping dhcp-learning timeout value
undo client ipv4-snooping dhcp-learning timeout
Default
Forced logoff of clients that fail to obtain an IPv4 address through DHCP is disabled.
Views
Service template view
Predefined user roles
network-admin
Parameters
value: Specifies the timeout in the range of 1 to 600 seconds.
Usage guidelines
This command takes effect only on clients that come online from the AC after the command execution.
Examples
# Enable forced logoff of clients that fail to obtain an IPv4 address through DHCP and set the timeout to 180 seconds.
<Sysname> system-view
[Sysname] wlan service-template 1
[Sysname-wlan-st-1] client ipv4-snooping dhcp-learning timeout 180
client ipv6-snooping dhcpv6-learning enable
Use client ipv6-snooping dhcpv6-learning enable to enable snooping DHCPv6 packets.
Use undo client ipv6-snooping dhcpv6-learning enable to disable snooping DHCPv6 packets.
Syntax
client ipv6-snooping dhcpv6-learning enable
undo client ipv6-snooping dhcpv6-learning enable
Default
Snooping DHCPv6 packets is disabled.
Views
Service template view
Predefined user roles
network-admin
Examples
# Disable snooping DHCPv6 packets.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] client ipv6-snooping dhcpv6-learning enable
client ipv6-snooping nd-learning enable
Use client ipv6-snooping nd-learning enable to enable snooping ND packets.
Use undo client ipv6-snooping nd-learning enable to disable snooping ND packets.
Syntax
client ipv6-snooping nd-learning enable
undo client ipv6-snooping nd-learning enable
Default
Snooping ND packets is disabled.
Views
Service template view
Predefined user roles
network-admin
Examples
# Disable snooping ND packets.
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] undo client ipv6-snooping nd-learning enable
client ipv6-snooping snmp-nd-report enable
Use client ipv6-snooping snmp-nd-report enable to enable SNMP to obtain client IPv6 addresses learned from ND packets.
Use undo client ipv6-snooping snmp-nd-report enable to disable SNMP from obtaining client IPv6 addresses learned from ND packets.
Syntax
client ipv6-snooping snmp-nd-report enable
undo client ipv6-snooping snmp-nd-report enable
Default
SNMP obtains client IPv6 addresses learned from both DHCPv6 and ND packets.
Views
Service template view
Predefined user roles
Usage guidelines
Make sure the service template is disabled when you execute this command.
Examples
# Disable SNMP from obtaining client IPv6 addresses learned from ND packets.
<Sysname> system-view
[Sysname] wlan service-template service1
[Sysname-wlan-st-service1] undo client ipv6-snooping snmp-nd-report enable