config wireless-controller wids-profile
Configure wireless intrusion detection system (WIDS) profiles.
config wireless-controller wids-profile Description: Configure wireless intrusion detection system (WIDS) profiles. edit <name> set ap-auto-suppress [enable|disable] set ap-bgscan-disable-schedules <name1>, <name2>, ... set ap-bgscan-duration {integer} set ap-bgscan-idle {integer} set ap-bgscan-intv {integer} set ap-bgscan-period {integer} set ap-bgscan-report-intv {integer} set ap-fgscan-report-intv {integer} set ap-scan [disable|enable] set ap-scan-channel-list-2G-5G <chan1>, <chan2>, ... set ap-scan-channel-list-6G <chan1>, <chan2>, ... set ap-scan-passive [enable|disable] set ap-scan-threshold {string} set asleap-attack [enable|disable] set assoc-flood-thresh {integer} set assoc-flood-time {integer} set assoc-frame-flood [enable|disable] set auth-flood-thresh {integer} set auth-flood-time {integer} set auth-frame-flood [enable|disable] set comment {string} set deauth-broadcast [enable|disable] set deauth-unknown-src-thresh {integer} set eapol-fail-flood [enable|disable] set eapol-fail-intv {integer} set eapol-fail-thresh {integer} set eapol-logoff-flood [enable|disable] set eapol-logoff-intv {integer} set eapol-logoff-thresh {integer} set eapol-pre-fail-flood [enable|disable] set eapol-pre-fail-intv {integer} set eapol-pre-fail-thresh {integer} set eapol-pre-succ-flood [enable|disable] set eapol-pre-succ-intv {integer} set eapol-pre-succ-thresh {integer} set eapol-start-flood [enable|disable] set eapol-start-intv {integer} set eapol-start-thresh {integer} set eapol-succ-flood [enable|disable] set eapol-succ-intv {integer} set eapol-succ-thresh {integer} set invalid-mac-oui [enable|disable] set long-duration-attack [enable|disable] set long-duration-thresh {integer} set null-ssid-probe-resp [enable|disable] set sensor-mode [disable|foreign|...] set spoofed-deauth [enable|disable] set weak-wep-iv [enable|disable] set wireless-bridge [enable|disable] next end
config wireless-controller wids-profile
Parameter |
Description |
Type |
Size |
Default |
||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
ap-auto-suppress |
Enable/disable on-wire rogue AP auto-suppression. |
option |
- |
disable |
||||||||
|
|
|||||||||||
ap-bgscan-disable-schedules |
Firewall schedules for turning off FortiAP radio background scan. Background scan will be disabled when at least one of the schedules is valid. Separate multiple schedule names with a space. Schedule name. |
string |
Maximum length: 35 |
|
||||||||
ap-bgscan-duration |
Listen time on scanning a channel. |
integer |
Minimum value: 10 Maximum value: 1000 |
30 |
||||||||
ap-bgscan-idle |
Wait time for channel inactivity before scanning this channel. |
integer |
Minimum value: 0 Maximum value: 1000 |
20 |
||||||||
ap-bgscan-intv |
Period between successive channel scans. |
integer |
Minimum value: 1 Maximum value: 600 |
3 |
||||||||
ap-bgscan-period |
Period between background scans. |
integer |
Minimum value: 10 Maximum value: 3600 |
600 |
||||||||
ap-bgscan-report-intv |
Period between background scan reports. |
integer |
Minimum value: 15 Maximum value: 600 |
30 |
||||||||
ap-fgscan-report-intv |
Period between foreground scan reports. |
integer |
Minimum value: 15 Maximum value: 600 |
15 |
||||||||
ap-scan |
Enable/disable rogue AP detection. |
option |
- |
disable |
||||||||
|
|
|||||||||||
ap-scan-channel-list-2G-5G |
Selected ap scan channel list for 2.4G and 5G bands. Channel number. |
string |
Maximum length: 3 |
|
||||||||
ap-scan-channel-list-6G |
Selected ap scan channel list for 6G band. Channel 6g number. |
string |
Maximum length: 3 |
|
||||||||
ap-scan-passive |
Enable/disable passive scanning. Enable means do not send probe request on any channels. |
option |
- |
disable |
||||||||
|
|
|||||||||||
ap-scan-threshold |
Minimum signal level/threshold in dBm required for the AP to report detected rogue AP. |
string |
Maximum length: 7 |
-90 |
||||||||
asleap-attack |
Enable/disable asleap attack detection. |
option |
- |
disable |
||||||||
|
|
|||||||||||
assoc-flood-thresh |
The threshold value for association frame flooding. |
integer |
Minimum value: 1 Maximum value: 100 |
30 |
||||||||
assoc-flood-time |
Number of seconds after which a station is considered not connected. |
integer |
Minimum value: 5 Maximum value: 120 |
10 |
||||||||
assoc-frame-flood |
Enable/disable association frame flooding detection. |
option |
- |
disable |
||||||||
|
|
|||||||||||
auth-flood-thresh |
The threshold value for authentication frame flooding. |
integer |
Minimum value: 1 Maximum value: 100 |
30 |
||||||||
auth-flood-time |
Number of seconds after which a station is considered not connected. |
integer |
Minimum value: 5 Maximum value: 120 |
10 |
||||||||
auth-frame-flood |
Enable/disable authentication frame flooding detection. |
option |
- |
disable |
||||||||
|
|
|||||||||||
comment |
Comment. |
string |
Maximum length: 63 |
|
||||||||
deauth-broadcast |
Enable/disable broadcasting de-authentication detection. |
option |
- |
disable |
||||||||
|
|
|||||||||||
deauth-unknown-src-thresh |
Threshold value per second to deauth unknown src for DoS attack (0: no limit). |
integer |
Minimum value: 0 Maximum value: 65535 |
10 |
||||||||
eapol-fail-flood |
Enable/disable EAPOL-Failure flooding. |
option |
- |
disable |
||||||||
|
|
|||||||||||
eapol-fail-intv |
The detection interval for EAPOL-Failure flooding. |
integer |
Minimum value: 1 Maximum value: 3600 |
1 |
||||||||
eapol-fail-thresh |
The threshold value for EAPOL-Failure flooding in specified interval. |
integer |
Minimum value: 2 Maximum value: 100 |
10 |
||||||||
eapol-logoff-flood |
Enable/disable EAPOL-Logoff flooding. |
option |
- |
disable |
||||||||
|
|
|||||||||||
eapol-logoff-intv |
The detection interval for EAPOL-Logoff flooding. |
integer |
Minimum value: 1 Maximum value: 3600 |
1 |
||||||||
eapol-logoff-thresh |
The threshold value for EAPOL-Logoff flooding in specified interval. |
integer |
Minimum value: 2 Maximum value: 100 |
10 |
||||||||
eapol-pre-fail-flood |
Enable/disable premature EAPOL-Failure flooding. |
option |
- |
disable |
||||||||
|
|
|||||||||||
eapol-pre-fail-intv |
The detection interval for premature EAPOL-Failure flooding. |
integer |
Minimum value: 1 Maximum value: 3600 |
1 |
||||||||
eapol-pre-fail-thresh |
The threshold value for premature EAPOL-Failure flooding in specified interval. |
integer |
Minimum value: 2 Maximum value: 100 |
10 |
||||||||
eapol-pre-succ-flood |
Enable/disable premature EAPOL-Success flooding. |
option |
- |
disable |
||||||||
|
|
|||||||||||
eapol-pre-succ-intv |
The detection interval for premature EAPOL-Success flooding. |
integer |
Minimum value: 1 Maximum value: 3600 |
1 |
||||||||
eapol-pre-succ-thresh |
The threshold value for premature EAPOL-Success flooding in specified interval. |
integer |
Minimum value: 2 Maximum value: 100 |
10 |
||||||||
eapol-start-flood |
Enable/disable EAPOL-Start flooding. |
option |
- |
disable |
||||||||
|
|
|||||||||||
eapol-start-intv |
The detection interval for EAPOL-Start flooding. |
integer |
Minimum value: 1 Maximum value: 3600 |
1 |
||||||||
eapol-start-thresh |
The threshold value for EAPOL-Start flooding in specified interval. |
integer |
Minimum value: 2 Maximum value: 100 |
10 |
||||||||
eapol-succ-flood |
Enable/disable EAPOL-Success flooding. |
option |
- |
disable |
||||||||
|
|
|||||||||||
eapol-succ-intv |
The detection interval for EAPOL-Success flooding. |
integer |
Minimum value: 1 Maximum value: 3600 |
1 |
||||||||
eapol-succ-thresh |
The threshold value for EAPOL-Success flooding in specified interval. |
integer |
Minimum value: 2 Maximum value: 100 |
10 |
||||||||
invalid-mac-oui |
Enable/disable invalid MAC OUI detection. |
option |
- |
disable |
||||||||
|
|
|||||||||||
long-duration-attack |
Enable/disable long duration attack detection based on user configured threshold. |
option |
- |
disable |
||||||||
|
|
|||||||||||
long-duration-thresh |
Threshold value for long duration attack detection. |
integer |
Minimum value: 1000 Maximum value: 32767 |
8200 |
||||||||
name |
WIDS profile name. |
string |
Maximum length: 35 |
|
||||||||
null-ssid-probe-resp |
Enable/disable null SSID probe response detection. |
option |
- |
disable |
||||||||
|
|
|||||||||||
sensor-mode |
Scan nearby WiFi stations. |
option |
- |
disable |
||||||||
|
|
|||||||||||
spoofed-deauth |
Enable/disable spoofed de-authentication attack detection. |
option |
- |
disable |
||||||||
|
|
|||||||||||
weak-wep-iv |
Enable/disable weak WEP IV. |
option |
- |
disable |
||||||||
|
|
|||||||||||
wireless-bridge |
Enable/disable wireless bridge detection. |
option |
- |
disable |
||||||||
|
|