Manual De UsuarioTabla de contenidosAbout This Guide9Conventions9Documentation10Documentation Comments11Getting Started13Hardware Requirements for 3WXM Client13Hardware Requirements for 3WXM Services14Software Requirements14Preparing for Installation15User Privileges15Serial Number, License Key and Activation Key15HP OpenView Network Node Manager16Resource Allocation163WXM Services Options16Installing 3WXM18Unpacking Files18Using the Installation Wizard18Start the 3WXM Services18Connect 3WXM Clients to 3WXM Services19Configure 3WXM Services193WXM Access Control213WXM Interface22Display the Main Window22Using Menu Bar and Toolbars24Setting Preferences24Easy Configuration Using Wizards25View Topology25Shortcut to Wizards and Editing Properties26Getting Help27Planning and Managing Your Wireless Network with 3WXM29Overview29Which Services To Provide?30Network Plan31RF Coverage Area31RF Auto-Tuning32RF Auto-Tuning with Modelling32RF Planning33Which Planning Method Should I Use?33Configuration35Wireless Configuration36AAA Security Configuration38Authentication38Authorization40Accounting40System and Administration Configuration40Configure Basic WX Switch Properties41Configure WX Switch Connection Information42Configure Boot Information42Equipment Installation42Deployment43Management and Monitoring44Network Status44RF Monitoring45Client Monitoring46Rogue Detection46Event Logging47Verification47Reporting47RF Plan Optimization49Configuring Wireless Services51Overview51Configure Employee Access Services52Task Table52Step Summary56Example: Configure Employee Access57Create a Service Profile57Create a Radio Profile59Configure RADIUS Servers61Specify Network Access Rules64Set Up VLANs on WX Switches66What’s Next?68Configure Guest Access Services69Task Table70Step Summary71Optional: Configure Mobility Profiles73Configure Local Authentication74What’s Next?76Configure Voice over Wireless IP Service77Task Table78Step Summary81Configure Local Authentication82Configure Access Control Lists84Example: Creating an ACL for SpectraLink Wireless Phones85Example: Creating an ACL for Avaya Wireless Phones87What’s Next?90Using RF Auto-Tuning91Overview91Place Your Equipment92Configure Initial WX Switch Connectivity92Upload the WX Switch Configuration into a 3WXM Network Plan92Create a Service Profile94Create a Radio Profile and Map the Service Profile to It95Create Your MAPs97Apply a Radio Profile to Each Radio98What’s Next?98Using RF Auto-Tuning with Modelling99Overview99Add Site Information100Insert RF Obstacles104Create Your RF Coverage Area106Create a Wiring Closet106Create Your RF Coverage Area107Add MAPs109Associate MAPs to the Coverage Area110What’s Next?112Using RF Planning113Overview113Prepare the Floor Drawings114Define Site Information115Import a Floor Plan120Set the Scale121Clean Layout122Model RF Obstacles125Import a Site Survey127Plan RF Coverage127Add Wiring Closets127Create Coverage Areas129Compute and Place MAPs134Assign Channel Settings136Calculate Optimal Power138Display Coverage139Generate a Work Order141Install the Equipment142What’s Next?142Managing and Monitoring Your Network143Overview143Deploy Your Configuration144Perform Basic Administrative Tasks146Configuring WX Management Services146Distributing Image and Configuration Files147Using the Image Repository148Distributing System Images148Distributing WX Configuration Files149Saving Versions of Network Plans150Importing or Exporting Switch Configuration Files151Monitoring Examples153Monitor an Individual User153Find the User154Place User on Watch List155Locate the User155Display User Activity157View Long-Term User Statistics158Monitor a Group of Users161Monitor a Rogue163Configuring Countermeasures166Optimizing a Network Plan169Overview169Using RF Measurements from MAPs170Using RF Measurements from an Ekahau Site Survey172Generating an Ekahau Site Survey Work Order173Importing RF Measurements from the Ekahau Site Survey176Optimizing the RF Coverage Model179Locating and Fixing Coverage Holes181Displaying the RF Coverage Area181Locking Down MAPs183Fixing a Coverage Hole184Computing and Placing New MAPs184Replanning Your Network184What’s Next?185Index187Tamaño: 4 MBPáginas: 190Language: EnglishManuales abiertas
Guía Del UsuarioTabla de contenidosAbout This Guide23Conventions23Documentation24Documentation Comments25Using the Command-Line Interface27Overview27CLI Conventions27Command Prompts28Syntax Notation28Text Entry Conventions and Allowed Characters28MAC Address Notation29IP Address and Mask Notation29User Globs, MAC Address Globs, and VLAN Globs30User Globs30MAC Address Globs31VLAN Globs31Matching Order for Globs32Port Lists32Virtual LAN Identification33Command-Line Editing33Keyboard Shortcuts33History Buffer34Tabs34Single-Asterisk (*) Wildcard Character34Double-Asterisk (**) Wildcard Characters34Using CLI Help34Understanding Command Descriptions36WX Setup Methods37Overview37Quick Starts373Com Wireless Switch Manager38CLI38Web Manager38How a WX Switch Gets its Configuration39Web Quick Start (WXR100, WX1200 and WX2200 Only)40Web Quick Start Parameters40Web Quick Start Requirements41Accessing the Web Quick Start41CLI quickstart Command44Quickstart Example46Remote WX Configuration49Opening the QuickStart Network Plan in 3Com Wireless Switch Manager49Configuring AAA for Administrative and Local Access51Overview51Before You Start54About Administrative Access54Access Modes54Types of Administrative Access54First-Time Configuration via the Console55Enabling an Administrator55Setting the WX Switch Enable Password56Setting the WX Enable Password for the First Time563WXM Enable Password57Authenticating at the Console57Customizing AAA with “Globs” and Groups58Setting User Passwords58Adding and Clearing Local Users for Administrative Access59Configuring Accounting for Administrative Users59Displaying the AAA Configuration61Saving the Configuration61Administrative AAA Configuration Scenarios62Local Authentication62Local Authentication for Console Users and RADIUS Authentication for Telnet Users62Authentication When RADIUS Servers Do Not Respond63Local Override and Backup Local Authentication64Managing User Passwords65Overview65Configuring Passwords66Setting Passwords for Local Users66Enabling Password Restrictions67Setting the Maximum Number of Login Attempts67Specifying Minimum Password Length68Configuring Password Expiration Time69Restoring Access to a Locked-Out User70Displaying Password Information70Configuring and Managing Ports and VLANs71Configuring and Managing Ports71Setting the Port Type71Setting a Port for a Directly Connected MAP73Configuring a MAP Connection74Setting a Port for a Wired Authentication User75Clearing a Port76Clearing a Distributed MAP77Configuring a Port Name77Setting a Port Name77Removing a Port Name77Configuring Interface Preference on a Dual-Interface Gigabit Ethernet Port (WX4400 only)78Configuring Port Operating Parameters7910/100 Ports-Autonegotiation and Port Speed79Gigabit Ports - Autonegotiation and Flow Control80Disabling or Reenabling a Port80Disabling or Reenabling Power over Ethernet80Resetting a Port81Displaying Port Information81Displaying Port Configuration and Status81Displaying PoE State82Displaying Port Statistics82Clearing Statistics Counters83Monitoring Port Statistics83Configuring Load-Sharing Port Groups85Load Sharing85Link Redundancy85Configuring a Port Group85Removing a Port Group86Displaying Port Group Information87Interoperating with Cisco Systems EtherChannel87Configuring and Managing VLANs87Understanding VLANs in 3Com MSS87VLANs, IP Subnets, and IP Addressing88Users and VLANs88VLAN Names89Roaming and VLANs89Traffic Forwarding90802.1Q Tagging90Tunnel Affinity90Configuring a VLAN91Creating a VLAN91Adding Ports to a VLAN92Removing an Entire VLAN or a VLAN Port93Changing Tunneling Affinity93Restricting Layer 2 Forwarding Among Clients94Displaying VLAN Information95Managing the Layer 2 Forwarding Database96Types of Forwarding Database Entries96How Entries Enter the Forwarding Database96Displaying Forwarding Database Information97Displaying the Size of the Forwarding Database97Displaying Forwarding Database Entries97Adding an Entry to the Forwarding Database98Removing Entries from the Forwarding Database98Configuring the Aging Timeout Period99Displaying the Aging Timeout Period99Changing the Aging Timeout Period99Port and VLAN Configuration Scenario100Configuring and Managing IP Interfaces and Services103MTU Support103Configuring and Managing IP Interfaces104Adding an IP Interface104Statically Configuring an IP Interface104Enabling the DHCP Client104Disabling or Reenabling an IP Interface107Removing an IP Interface107Displaying IP Interface Information107Configuring the System IP Address108Designating the System IP Address108Displaying the System IP Address108Clearing the System IP Address108Configuring and Managing IP Routes108Displaying IP Routes110Adding a Static Route111Removing a Static Route112Managing the Management Services113Managing SSH113Login Timeouts113Enabling SSH113Adding an SSH User114Changing the SSH Service Port Number115Managing SSH Server Sessions115Managing Telnet116Telnet Login Timers116Enabling Telnet116Adding a Telnet User116Displaying Telnet Status117Changing the Telnet Service Port Number117Resetting the Telnet Service Port Number to Its Default117Managing Telnet Server Sessions117Managing HTTPS118Enabling HTTPS118Displaying HTTPS Information118Changing the Idle Timeout for CLI Management Sessions119Setting a Message of the Day (MOTD) Banner120Prompting the User to Acknowledge the MOTD Banner120Configuring and Managing DNS121Enabling or Disabling the DNS Client121Configuring DNS Servers121Adding a DNS Server121Removing a DNS Server121Configuring a Default Domain Name122Adding the Default Domain Name122Removing the Default Domain Name122Displaying DNS Server Information122Configuring and Managing Aliases123Adding an Alias123Removing an Alias123Displaying Aliases123Configuring and Managing Time Parameters124Setting the Time Zone125Displaying the Time Zone125Clearing the Time Zone125Configuring the Summertime Period125Displaying the Summertime Period126Clearing the Summertime Period126Statically Configuring the System Time and Date127Displaying the Time and Date127Configuring and Managing NTP127Adding an NTP Server128Removing an NTP Server128Changing the NTP Update Interval128Resetting the Update Interval to the Default129Enabling the NTP Client129Displaying NTP Information129Managing the ARP Table130Displaying ARP Table Entries130Adding an ARP Entry131Changing the Aging Timeout131Pinging Another Device132Logging In to a Remote Device132Tracing a Route133IP Interfaces and Services Configuration Scenario135Configuring SNMP139Overview139Configuring SNMP139Setting the System Location and Contact Strings140Enabling SNMP Versions140Configuring Community Strings (SNMPv1 and SNMPv2c Only)140Creating a USM User for SNMPv3141Command Examples143Setting SNMP Security143Configuring a Notification Profile144Command Examples147Configuring a Notification Target148Command Examples150Enabling the SNMP Service151Displaying SNMP Information151Displaying SNMP Version and Status Information151Displaying the Configured SNMP Community Strings151Displaying USM Settings151Displaying Notification Profiles152Displaying Notification Targets152Displaying SNMP Statistics Counters152Configuring and Managing Mobility Domain Roaming153About the Mobility Domain Feature153Configuring a Mobility Domain154Configuring the Seed154Configuring Member WX Switches on the Seed155Configuring a Member155Configuring Mobility Domain Seed Redundancy156Displaying Mobility Domain Status157Displaying the Mobility Domain Configuration157Clearing a Mobility Domain from a WX Switch157Clearing a Mobility Domain Member from a Seed157Configuring WX-WX Security158Monitoring the VLANs and Tunnels in a Mobility Domain159Displaying Roaming Stations159Displaying Roaming VLANs and Their Affinities160Displaying Tunnel Information160Understanding the Sessions of Roaming Users161Requirements for Roaming to Succeed161Effects of Timers on Roaming162Monitoring Roaming Sessions162Mobility Domain Scenario163Configuring Network Domains165About the Network Domain Feature165Network Domain Seed Affinity168Configuring a Network Domain169Configuring Network Domain Seeds169Specifying Network Domain Seed Peers170Configuring Network Domain Members171Displaying Network Domain Information172Clearing Network Domain Configuration from a WX Switch173Clearing a Network Domain Seed from a WX Switch173Clearing a Network Domain Peer from a Network Domain Seed173Clearing Network Domain Seed or Member Configuration from a WX Switch173Network Domain Scenario174Configuring MAP Access Points177MAP Overview177Country of Operation179Directly Connected MAPs and Distributed MAPs179Distributed MAP Network Requirements180Distributed MAPs and STP181Distributed MAPs and DHCP Option 43182MAP Parameters183Resiliency and Dual-Homing Options for MAPs184Dual-Homed Configuration Examples185Boot Process for Distributed MAPs189Establishing Connectivity on the Network189How a Distributed MAP Obtains an IP Address through DHCP189Static IP Address Configuration for Distributed MAPs190Contacting a WX Switch190How a Distributed MAP Contacts a WX Switch (DHCP-Obtained Address)190How a Distributed MAP Contacts a WX Switch (Statically Configured Address)193Loading and Activating an Operational Image195Obtaining Configuration Information from the WX Switch195MAP Boot Examples195Service Profiles202Public and Private SSIDs207Encryption209Radio Profiles209RF Auto-Tuning211Default Radio Profile211Radio-Specific Parameters211Configuring MAPs213Specifying the Country of Operation213Configuring an Auto-AP Profile for Automatic MAP Configuration218How an Unconfigured MAP Finds a WX To Configure It218Configured MAPs Have Precedence Over Unconfigured MAPs219Configuring an Auto-AP Profile220Configuring MAP Port Parameters224Configuring a MAP224Configuring Static IP Addresses on Distributed MAPs225Clearing a MAP from the Configuration227Changing MAP Names227Changing Bias227Disabling or Reenabling Automatic Firmware Upgrades228Forcing a MAP To Download its Operational Image from the WX228Enabling LED Blink Mode229Configuring MAP-WX Security229Encryption Key Fingerprint230Encryption Options230Verifying a MAP Fingerprint on a WX Switch231Setting the MAP Security Requirement on a WX232Fingerprint Log Message233Configuring a Service Profile233Creating a Service Profile233Removing a Service Profile234Changing a Service Profile Setting234Disabling or Reenabling Encryption for an SSID234Disabling or Reenabling Beaconing of an SSID234Changing the Fallthru Authentication Type235Changing Transmit Rates235Enforcing the Data Rates237Disabling Idle-Client Probing238Changing the User Idle Timeout239Changing the Short Retry Threshold239Changing the Long Retry Threshold240Configuring a Radio Profile240Creating a New Profile241Changing Radio Parameters241Resetting a Radio Profile Parameter to its Default Value245Removing a Radio Profile245Configuring Radio-Specific Parameters246Configuring the Channel and Transmit Power246Configuring the External Antenna Model and Location247Specifying the External Antenna Model248Specifying the External Antenna Location249Mapping the Radio Profile to Service Profiles249Assigning a Radio Profile and Enabling Radios249Disabling or Reenabling Radios250Enabling or Disabling Individual Radios250Disabling or Reenabling All Radios Using a Profile250Resetting a Radio to its Factory Default Settings251Restarting a MAP251Configuring Local Packet Switching on MAPs252Configuring Local Switching253Configuring a VLAN Profile253Enabling Local Switching on a MAP253Applying a VLAN Profile to a MAP254Clearing the VLAN Profile from a MAP254Removing a VLAN Profile from the WX Switch255Displaying MAP Information256Displaying MAP Configuration Information256Displaying Connection Information for Distributed MAPs257Displaying a List of Distributed MAPs that Are Not Configured258Displaying Active Connection Information for Distributed MAPs258Displaying Service Profile Information259Displaying Radio Profile Information260Displaying MAP Status Information260Displaying Static IP Address Information for Distributed MAPs261Displaying MAP Statistics Counters262Displaying VLAN Profile Information263Displaying the ARP Table for a MAP263Displaying the Forwarding Database for a MAP264Displaying VLAN Information for a MAP264Displaying ACL Information for a MAP265Configuring RF Load Balancing for MAPs267RF Load Balancing Overview267Configuring RF Load Balancing268Disabling or Re-Enabling RF Load Balancing268Assigning Radios to Load Balancing Groups269Specifying Band Preference for RF Load Balancing269Setting Strictness for RF Load Balancing270Exempting an SSID from RF Load Balancing271Displaying RF Load Balancing Information271Configuring WLAN Mesh Services273WLAN Mesh Services Overview273Configuring WLAN Mesh Services274Configuring the Mesh AP275Configuring the Service Profile for Mesh Services276Configuring Security276Enabling Link Calibration Packets on the Mesh Portal MAP277Deploying the Mesh AP277Configuring Wireless Bridging278Displaying WLAN Mesh Services Information279Configuring User Encryption281Overview281Configuring WPA284WPA Cipher Suites284TKIP Countermeasures287WPA Authentication Methods288WPA Information Element288Client Support289Configuring WPA290Creating a Service Profile for WPA291Enabling WPA291Specifying the WPA Cipher Suites291Changing the TKIP Countermeasures Timer Value292Enabling PSK Authentication292Displaying WPA Settings294Assigning the Service Profile to Radios and Enabling the Radios295Configuring RSN (802.11i)296Creating a Service Profile for RSN296Enabling RSN296Specifying the RSN Cipher Suites297Changing the TKIP Countermeasures Timer Value298Enabling PSK Authentication298Displaying RSN Settings298Assigning the Service Profile to Radios and Enabling the Radios298Configuring WEP299Setting Static WEP Key Values301Assigning Static WEP Keys301Encryption Configuration Scenarios302Enabling WPA with TKIP302Enabling Dynamic WEP in a WPA Network304Configuring Encryption for MAC Clients306Configuring RF Auto-Tuning311Overview311Initial Channel and Power Assignment311How Channels Are Selected312Channel and Power Tuning312Power Tuning313Channel Tuning313Tuning the Transmit Data Rate314RF Auto-Tuning Parameters314Changing RF Auto-Tuning Settings316Selecting Available Channels on the 802.11a Radio316Changing Channel Tuning Settings316Disabling or Reenabling Channel Tuning316Changing the Channel Tuning Interval317Changing the Channel Holddown Interval317Changing Power Tuning Settings317Enabling Power Tuning317Changing the Power Tuning Interval318Changing the Maximum Default Power Allowed On a Radio318Locking Down Tuned Settings318Displaying RF Auto-Tuning Information319Displaying RF Auto-Tuning Settings319Displaying RF Neighbors320Displaying RF Attributes321Configuring MAPs To Be AeroScout Listeners323Configuring MAP Radios to Listen for AeroScout RFID Tags324Locating an RFID Tag325Using an AeroScout Engine325Using 3Com Wireless Switch Manager325Configuring Quality of Service327About QoS327Summary of QoS Features327QoS Mode330WMM QoS Mode331WMM QoS on the WX Switch336WMM QoS on a MAP337SVP QoS Mode340Call Admission Control340Broadcast Control341Static CoS341Overriding CoS341Changing QoS Settings342Changing the QoS Mode342Enabling U-APSD Support342Configuring Call Admission Control343Enabling CAC343Changing the Maximum Number of Active Sessions343Configuring Static CoS343Changing CoS Mappings344Using the Client’s DSCP Value to Classify QoS Level344Enabling Broadcast Control345Displaying QoS Information345Displaying a Radio Profile’s QoS Settings345Displaying a Service Profile’s QoS Settings346Displaying CAC Session Information347Displaying CoS Mappings347Displaying the Default CoS Mappings347Displaying a DSCP-to-CoS Mapping348Displaying a CoS-to-DSCP Mapping348Displaying the DSCP Table349Displaying MAP Forwarding Queue Statistics349Configuring and Managing Spanning Tree Protocol351Overview351Enabling the Spanning Tree Protocol352Changing Standard Spanning Tree Parameters352Bridge Priority352Port Cost353Port Priority353Changing the Bridge Priority353Changing STP Port Parameters354Changing the STP Port Cost354Resetting the STP Port Cost to the Default Value354Changing the STP Port Priority355Resetting the STP Port Priority to the Default Value356Changing the STP Port Priority356Resetting the STP Port Priority to the Default Value356Changing Spanning Tree Timers357Changing the STP Hello Interval357Changing the STP Forwarding Delay357Changing the STP Maximum Age358Configuring and Managing STP Fast Convergence Features358Configuring Port Fast Convergence359Displaying Port Fast Convergence Information360Configuring Backbone Fast Convergence360Displaying the Backbone Fast Convergence State360Configuring Uplink Fast Convergence361Displaying Uplink Fast Convergence Information361Displaying Spanning Tree Information361Displaying STP Bridge and Port Information361Displaying the STP Port Cost on a VLAN Basis362Displaying Blocked STP Ports363Displaying Spanning Tree Statistics363Clearing STP Statistics365Spanning Tree Configuration Scenario365Configuring and Managing IGMP Snooping369Overview369Disabling or Reenabling IGMP Snooping369Disabling or Reenabling Proxy Reporting370Enabling the Pseudo-Querier370Changing IGMP Timers370Changing the Query Interval371Changing the Other-Querier- Present Interval371Changing the Query Response Interval371Changing the Last Member Query Interval371Changing Robustness371Enabling Router Solicitation372Changing the Router Solicitation Interval372Configuring Static Multicast Ports372Adding or Removing a Static Multicast Router Port373Adding or Removing a Static Multicast Receiver Port373Displaying Multicast Information373Displaying Multicast Configuration Information and Statistics373Displaying Multicast Statistics Only374Clearing Multicast Statistics374Displaying Multicast Queriers375Displaying Multicast Routers375Displaying Multicast Receivers376Configuring and Managing Security ACLs377About Security Access Control Lists377Overview of Security ACL Commands377Security ACL Filters378Order in Which ACLs are Applied to Traffic379Traffic Direction379Selection of User ACLs380Creating and Committing a Security ACL380Setting a Source IP ACL380Wildcard Masks382Class of Service382Setting an ICMP ACL383Setting TCP and UDP ACLs385Setting a TCP ACL385Setting a UDP ACL386Determining the ACE Order386Committing a Security ACL387Viewing Security ACL Information387Viewing the Edit Buffer388Viewing Committed Security ACLs388Viewing Security ACL Details388Displaying Security ACL Hits389Clearing Security ACLs390Mapping Security ACLs390Mapping User-Based Security ACLs390Mapping Security ACLs to Ports, VLANs, Virtual Ports, or Distributed MAPs392Displaying ACL Maps to Ports, VLANs, and Virtual Ports392Clearing a Security ACL Map393Modifying a Security ACL394Adding Another ACE to a Security ACL394Placing One ACE before Another395Modifying an Existing Security ACL396Clearing Security ACLs from the Edit Buffer397Using ACLs to Change CoS399Filtering Based on DSCP Values399Using the dscp Option400Using the precedence and tos Options400Enabling Prioritization for Legacy Voice over IP401General Guidelines402Enabling VoIP Support for TeleSym VoIP403Enabling SVP Optimization for SpectraLink Phones404Known Limitations404Configuring a Service Profile for RSN (WPA2)405Configuring a Service Profile for WPA405Configuring a Radio Profile406Configuring a VLAN for Voice Clients407Configuring an ACL to Prioritize Voice Traffic407Setting 802.11b/g Radios to 802.11b (for Siemens SpectraLink VoIP Phones only)409Disabling RF Auto-Tuning Before Upgrading a SpectraLink Phone409Restricting Client-To-Client Forwarding Among IP-Only Clients409Security ACL Configuration Scenario410Managing Keys and Certificates413Why Use Keys and Certificates?413Wireless Security through TLS414PEAP-MS-CHAP-V2 Security414About Keys and Certificates415Public Key Infrastructures416Public and Private Keys416Digital Certificates416PKCS #7, PKCS #10, and PKCS #12 Object Files417Certificates Automatically Generated by MSS418Creating Keys and Certificates419Choosing the Appropriate Certificate Installation Method for Your Network420Creating Public-Private Key Pairs421Generating Self-Signed Certificates422Installing a Key Pair and Certificate from a PKCS #12 Object File423Creating a CSR and Installing a Certificate from a PKCS #7 Object File424Installing a CA’s Own Certificate425Displaying Certificate and Key Information426Key and Certificate Configuration Scenarios427Creating Self-Signed Certificates427Installing CA-Signed Certificates from PKCS #12 Object Files429Installing CA-Signed Certificates Using a PKCS #10 Object File (CSR) and a PKCS #7 Object File431Configuring AAA for Network Users433About AAA for Network Users433Authentication433Authentication Types434Authentication Algorithm435SSID Name “Any”437Last-Resort Processing437User Credential Requirements437Authorization438Accounting440Summary of AAA Features440AAA Tools for Network Users441“Globs” and Groups for Network User Classification442Wildcard “Any” for SSID Matching442AAA Methods for IEEE 802.1X and Web Network Access442AAA Rollover Process443Local Override Exception443Remote Authentication with Local Backup444IEEE 802.1X Extensible Authentication Protocol Types446Ways a WX Switch Can Use EAP447Effects of Authentication Type on Encryption Method448Configuring 802.1X Authentication449Configuring EAP Offload449Using Pass-Through450Authenticating via a Local Database450Binding User Authentication to Machine Authentication451Authentication Rule Requirements452Bonded Auth Period453Bonded Auth Configuration Example454Displaying Bonded Auth Configuration Information454Configuring Authentication and Authorization by MAC Address456Adding and Clearing MAC Users and User Groups Locally456Adding MAC Users and Groups456Clearing MAC Users and Groups457Configuring MAC Authentication and Authorization457Changing the MAC Authorization Password for RADIUS459Configuring Web Portal WebAAA460How WebAAA Portal Works460Display of the Login Page461WebAAA Requirements and Recommendations462WX Switch Requirements462Network Requirements466WX Switch Recommendations466Client NIC Requirements466Client Web Browser Recommendations466Configuring Web Portal WebAAA467Web Portal WebAAA Configuration Example467Displaying Session Information for Web Portal WebAAA Users470Using a Custom Login Page471Copying and Modifying the Web Login Page472Custom Login Page Scenario473Using Dynamic Fields in WebAAA Redirect URLs475Using an ACL Other Than portalacl476Configuring the Web Portal WebAAA Session Timeout Period477Configuring the Web Portal Logout Function478Configuring Last-Resort Access479Configuring Last-Resort Access for Wired Authentication Ports481Configuring AAA for Users of Third-Party APs482Authentication Process for Users of a Third-Party AP482Requirements483Third-Party AP Requirements483WX Switch Requirements484RADIUS Server Requirements484Configuring Authentication for 802.1X Users of a Third-Party AP with Tagged SSIDs484Configuring Authentication for Non-802.1X Users of a Third-Party AP with Tagged SSIDs487Configuring Access for Any Users of a Non-Tagged SSID487Assigning Authorization Attributes487Assigning Attributes to Users and Groups492Assigning SSID Default Attributes to a Service Profile493Assigning a Security ACL to a User or a Group494Assigning a Security ACL Locally494Assigning a Security ACL on a RADIUS Server495Clearing a Security ACL from a User or Group495Assigning Encryption Types to Wireless Users496Assigning and Clearing Encryption Types Locally496Assigning and Clearing Encryption Types on a RADIUS Server497Keeping Users on the Same VLAN Even After Roaming498Overriding or Adding Attributes Locally with a Location Policy499About the Location Policy500How the Location Policy Differs from a Security ACL500Setting the Location Policy501Applying Security ACLs in a Location Policy Rule502Displaying and Positioning Location Policy Rules502Clearing Location Policy Rules and Disabling the Location Policy503Configuring Accounting for Wireless Network Users504Viewing Local Accounting Records505Viewing Roaming Accounting Records505Displaying the AAA Configuration507Avoiding AAA Problems in Configuration Order508Using the Wildcard “Any” as the SSID Name in Authentication Rules508Using Authentication and Accounting Rules Together508Configuration Producing an Incorrect Processing Order509Configuration for a Correct Processing Order509Configuring a Mobility Profile510Network User Configuration Scenarios512General Use of Network User Commands512Enabling RADIUS Pass-Through Authentication514Enabling PEAP-MS-CHAP-V2 Authentication514Enabling PEAP-MS-CHAP-V2 Offload515Combining EAP Offload with Pass-Through Authentication516Overriding AAA-Assigned VLANs516Configuring Communication with RADIUS519RADIUS Overview519Before You Begin521Configuring RADIUS Servers521Configuring Global RADIUS Defaults522Setting the System IP Address as the Source Address523Configuring Individual RADIUS Servers523Deleting RADIUS Servers524Configuring RADIUS Server Groups524Creating Server Groups525Ordering Server Groups525Configuring Load Balancing526Adding Members to a Server Group527Deleting a Server Group527RADIUS and Server Group Configuration Scenario528Managing 802.1X on the WX Switch531Managing 802.1X on Wired Authentication Ports531Enabling and Disabling 802.1X Globally531Setting 802.1X Port Control532Managing 802.1X Encryption Keys533Enabling 802.1X Key Transmission533Configuring 802.1X Key Transmission Time Intervals533Managing WEP Keys534Configuring 802.1X WEP Rekeying534Configuring the Interval for WEP Rekeying535Setting EAP Retransmission Attempts535Managing 802.1X Client Reauthentication536Enabling and Disabling 802.1X Reauthentication536Setting the Maximum Number of 802.1X Reauthentication Attempts536Setting the 802.1X Reauthentication Period537Setting the Bonded Authentication Period538Managing Other Timers538Setting the 802.1X Quiet Period538Setting the 802.1X Timeout for an Authorization Server539Setting the 802.1X Timeout for a Client539Displaying 802.1X Information540Viewing 802.1X Clients540Viewing the 802.1X Configuration540Viewing 802.1X Statistics541Configuring SODA Endpoint Security for a WX Switch543About SODA Endpoint Security543SODA Endpoint Security Support on WX Switches544How SODA Functionality Works on WX Switches545Configuring SODA Functionality546Configuring Web Portal WebAAA for the Service Profile547Creating the SODA Agent with SODA Manager547Copying the SODA Agent to the WX Switch549Installing the SODA Agent Files on the WX Switch549Enabling SODA Functionality for the Service Profile550Disabling Enforcement of SODA Agent Checks550Specifying a SODA Agent Success Page551Specifying a SODA Agent Failure Page551Specifying a Remediation ACL552Specifying a SODA Agent Logout Page553Specifying an Alternate SODA Agent Directory for a Service Profile554Uninstalling the SODA Agent Files from the WX Switch554Displaying SODA Configuration Information555Managing Sessions557About the Session Manager557Displaying and Clearing Administrative Sessions557Displaying and Clearing All Administrative Sessions558Displaying and Clearing an Administrative Console Session558Displaying and Clearing Administrative Telnet Sessions559Displaying and Clearing Client Telnet Sessions559Displaying and Clearing Network Sessions560Displaying Verbose Network Session Information561Displaying and Clearing Network Sessions by Username562Displaying and Clearing Network Sessions by MAC Address563Displaying and Clearing Network Sessions by VLAN Name563Displaying and Clearing Network Sessions by Session ID564Displaying and Changing Network Session Timers565Disabling Keepalive Probes566Changing or Disabling the User Idle Timeout566Rogue Detection and Countermeasures567Overview567About Rogues and RF Detection567Rogue Access Points and Clients567Rogue Classification568Rogue Detection Lists569RF Detection Scans571Dynamic Frequency Selection (DFS)571Countermeasures572Mobility Domain Requirement572Summary of Rogue Detection Features573Configuring Rogue Detection Lists574Configuring a Permitted Vendor List574Configuring a Permitted SSID List576Configuring a Client Black List577Configuring an Attack List578Configuring an Ignore List579Enabling Countermeasures580Using On-Demand Countermeasures in a Mobility Domain581Disabling or Reenabling Active Scan582Enabling MAP Signatures582Creating an Encrypted RF Fingerprint Key as a MAP Signature583Disabling or Reenabling Logging of Rogues584Enabling Rogue and Countermeasures Notifications584IDS and DoS Alerts584Flood Attacks585DoS Attacks585Netstumbler and Wellenreiter Applications586Wireless Bridge586Ad-Hoc Network586Weak WEP Key Used by Client587Disallowed Devices or SSIDs587Displaying Statistics Counters587IDS Log Message Examples587Displaying RF Detection Information590Displaying Rogue Clients592Displaying Rogue Detection Counters593Displaying SSID or BSSID Information for a Mobility Domain594Displaying RF Detect Data596Displaying the APs Detected by MAP Radio596Displaying Countermeasures Information597Managing System Files599About System Files599Displaying Software Version Information599Displaying Boot Information601Working with Files602Displaying a List of Files602Copying a File604Using an Image File’s MD5 Checksum To Verify Its Integrity606Deleting a File607Creating a Subdirectory608Removing a Subdirectory608Managing Configuration Files609Displaying the Running Configuration609Saving Configuration Changes610Specifying the Configuration File to Use After the Next Reboot611Loading a Configuration File611Specifying a Backup Configuration File612Resetting to the Factory Default Configuration612Backing Up and Restoring the System613Managing Configuration Changes615Backup and Restore Examples615Upgrading the System Image616Preparing the WX Switch for the Upgrade616Upgrading an Individual Switch Using the CLI617Upgrade Scenario618Command Changes During Upgrade618Troubleshooting a WX Switch619Fixing Common WX Setup Problems619Recovering the System When the Enable Password is Lost622WXR100622WX1200, WX2200, or WX4400622Configuring and Managing the System Log623Log Message Components623Logging Destinations and Levels623Using Log Commands625Logging to the Log Buffer626Logging to the Console627Logging Messages to a Syslog Server628Setting Telnet Session Defaults628Changing the Current Telnet Session Defaults629Logging to the Trace Buffer629Enabling Mark Messages629Saving Trace Messages in a File630Displaying the Log Configuration630Running Traces631Using the Trace Command631Tracing Authentication Activity631Tracing Session Manager Activity631Tracing Authorization Activity632Tracing 802.1X Sessions632Displaying a Trace632Stopping a Trace632About Trace Results633Displaying Trace Results633Copying Trace Results to a Server634Clearing the Trace Log634List of Trace Areas634Using display Commands635Viewing VLAN Interfaces635Viewing AAA Session Statistics635Viewing FDB Information636Viewing ARP Information636Port Mirroring637Configuration Requirements637Configuring Port Mirroring637Displaying the Port Mirroring Configuration637Clearing the Port Mirroring Configuration637Remotely Monitoring Traffic638How Remote Traffic Monitoring Works638Using Snoop Filters on Radios That Use Active Scan638All Snooped Traffic Is Sent in the Clear638Best Practices for Remote Traffic Monitoring639Configuring a Snoop Filter639Displaying Configured Snoop Filters641Editing a Snoop Filter641Deleting a Snoop Filter641Mapping a Snoop Filter to a Radio641Displaying the Snoop Filters Mapped to a Radio642Displaying the Snoop Filter Mappings for All Radios642Removing Snoop Filter Mappings642Enabling or Disabling a Snoop Filter643Displaying Remote Traffic Monitoring Statistics643Preparing an Observer and Capturing Traffic643Capturing System Information and Sending it to Technical Support645The display tech-support Command645Core Files646Debug Messages647Sending Information to 3Com Technical Support648Enabling and Logging Into Web View649System Requirements649Browser Requirements649WX Switch Requirements649Logging Into Web View650Supported RADIUS Attributes651Supported Standard and Extended Attributes6523Com Vendor-Specific Attributes659Traffic Ports Used by MSS661DHCP Server663How the MSS DHCP Server Works664Configuring the DHCP Server665Displaying DHCP Server Information666Obtaining Support for Your 3Com Products667Register Your Product to Gain Service Benefits667Solve Problems Online667Purchase Extended Warranty and Professional Services668Access Software Downloads668Contact Us668Telephone Technical Support and Repair669Glossary671Index707Command Index723Tamaño: 5 MBPáginas: 728Language: EnglishManuales abiertas
Guía Del UsuarioTabla de contenidosAbout This Guide23Conventions23Documentation24Documentation Comments25Using the Command-Line Interface27Overview27CLI Conventions27Command Prompts28Syntax Notation28Text Entry Conventions and Allowed Characters28MAC Address Notation29IP Address and Mask Notation29User Globs, MAC Address Globs, and VLAN Globs30User Globs30MAC Address Globs31VLAN Globs31Matching Order for Globs32Port Lists32Virtual LAN Identification33Command-Line Editing33Keyboard Shortcuts33History Buffer34Tabs34Single-Asterisk (*) Wildcard Character34Double-Asterisk (**) Wildcard Characters34Using CLI Help34Understanding Command Descriptions36WX Setup Methods37Overview37Quick Starts373Com Wireless Switch Manager38CLI38Web Manager38How a WX Switch Gets its Configuration39Web Quick Start (WXR100, WX1200 and WX2200 Only)40Web Quick Start Parameters40Web Quick Start Requirements41Accessing the Web Quick Start41CLI quickstart Command44Quickstart Example46Remote WX Configuration49Opening the QuickStart Network Plan in 3Com Wireless Switch Manager49Configuring AAA for Administrative and Local Access51Overview51Before You Start54About Administrative Access54Access Modes54Types of Administrative Access54First-Time Configuration via the Console55Enabling an Administrator55Setting the WX Switch Enable Password56Setting the WX Enable Password for the First Time563WXM Enable Password57Authenticating at the Console57Customizing AAA with “Globs” and Groups58Setting User Passwords58Adding and Clearing Local Users for Administrative Access59Configuring Accounting for Administrative Users59Displaying the AAA Configuration61Saving the Configuration61Administrative AAA Configuration Scenarios62Local Authentication62Local Authentication for Console Users and RADIUS Authentication for Telnet Users62Authentication When RADIUS Servers Do Not Respond63Local Override and Backup Local Authentication64Managing User Passwords65Overview65Configuring Passwords66Setting Passwords for Local Users66Enabling Password Restrictions67Setting the Maximum Number of Login Attempts67Specifying Minimum Password Length68Configuring Password Expiration Time69Restoring Access to a Locked-Out User70Displaying Password Information70Configuring and Managing Ports and VLANs71Configuring and Managing Ports71Setting the Port Type71Setting a Port for a Directly Connected MAP73Configuring a MAP Connection74Setting a Port for a Wired Authentication User75Clearing a Port76Clearing a Distributed MAP77Configuring a Port Name77Setting a Port Name77Removing a Port Name77Configuring Interface Preference on a Dual-Interface Gigabit Ethernet Port (WX4400 only)78Configuring Port Operating Parameters7910/100 Ports-Autonegotiation and Port Speed79Gigabit Ports - Autonegotiation and Flow Control80Disabling or Reenabling a Port80Disabling or Reenabling Power over Ethernet80Resetting a Port81Displaying Port Information81Displaying Port Configuration and Status81Displaying PoE State82Displaying Port Statistics82Clearing Statistics Counters83Monitoring Port Statistics83Configuring Load-Sharing Port Groups85Load Sharing85Link Redundancy85Configuring a Port Group85Removing a Port Group86Displaying Port Group Information87Interoperating with Cisco Systems EtherChannel87Configuring and Managing VLANs87Understanding VLANs in 3Com MSS87VLANs, IP Subnets, and IP Addressing88Users and VLANs88VLAN Names89Roaming and VLANs89Traffic Forwarding90802.1Q Tagging90Tunnel Affinity90Configuring a VLAN91Creating a VLAN91Adding Ports to a VLAN92Removing an Entire VLAN or a VLAN Port93Changing Tunneling Affinity93Restricting Layer 2 Forwarding Among Clients94Displaying VLAN Information95Managing the Layer 2 Forwarding Database96Types of Forwarding Database Entries96How Entries Enter the Forwarding Database96Displaying Forwarding Database Information97Displaying the Size of the Forwarding Database97Displaying Forwarding Database Entries97Adding an Entry to the Forwarding Database98Removing Entries from the Forwarding Database98Configuring the Aging Timeout Period99Displaying the Aging Timeout Period99Changing the Aging Timeout Period99Port and VLAN Configuration Scenario100Configuring and Managing IP Interfaces and Services103MTU Support103Configuring and Managing IP Interfaces104Adding an IP Interface104Statically Configuring an IP Interface104Enabling the DHCP Client104Disabling or Reenabling an IP Interface107Removing an IP Interface107Displaying IP Interface Information107Configuring the System IP Address108Designating the System IP Address108Displaying the System IP Address108Clearing the System IP Address108Configuring and Managing IP Routes108Displaying IP Routes110Adding a Static Route111Removing a Static Route112Managing the Management Services113Managing SSH113Login Timeouts113Enabling SSH113Adding an SSH User114Changing the SSH Service Port Number115Managing SSH Server Sessions115Managing Telnet116Telnet Login Timers116Enabling Telnet116Adding a Telnet User116Displaying Telnet Status117Changing the Telnet Service Port Number117Resetting the Telnet Service Port Number to Its Default117Managing Telnet Server Sessions117Managing HTTPS118Enabling HTTPS118Displaying HTTPS Information118Changing the Idle Timeout for CLI Management Sessions119Setting a Message of the Day (MOTD) Banner120Prompting the User to Acknowledge the MOTD Banner120Configuring and Managing DNS121Enabling or Disabling the DNS Client121Configuring DNS Servers121Adding a DNS Server121Removing a DNS Server121Configuring a Default Domain Name122Adding the Default Domain Name122Removing the Default Domain Name122Displaying DNS Server Information122Configuring and Managing Aliases123Adding an Alias123Removing an Alias123Displaying Aliases123Configuring and Managing Time Parameters124Setting the Time Zone125Displaying the Time Zone125Clearing the Time Zone125Configuring the Summertime Period125Displaying the Summertime Period126Clearing the Summertime Period126Statically Configuring the System Time and Date127Displaying the Time and Date127Configuring and Managing NTP127Adding an NTP Server128Removing an NTP Server128Changing the NTP Update Interval128Resetting the Update Interval to the Default129Enabling the NTP Client129Displaying NTP Information129Managing the ARP Table130Displaying ARP Table Entries130Adding an ARP Entry131Changing the Aging Timeout131Pinging Another Device132Logging In to a Remote Device132Tracing a Route133IP Interfaces and Services Configuration Scenario135Configuring SNMP139Overview139Configuring SNMP139Setting the System Location and Contact Strings140Enabling SNMP Versions140Configuring Community Strings (SNMPv1 and SNMPv2c Only)140Creating a USM User for SNMPv3141Command Examples143Setting SNMP Security143Configuring a Notification Profile144Command Examples147Configuring a Notification Target148Command Examples150Enabling the SNMP Service151Displaying SNMP Information151Displaying SNMP Version and Status Information151Displaying the Configured SNMP Community Strings151Displaying USM Settings151Displaying Notification Profiles152Displaying Notification Targets152Displaying SNMP Statistics Counters152Configuring and Managing Mobility Domain Roaming153About the Mobility Domain Feature153Configuring a Mobility Domain154Configuring the Seed154Configuring Member WX Switches on the Seed155Configuring a Member155Configuring Mobility Domain Seed Redundancy156Displaying Mobility Domain Status157Displaying the Mobility Domain Configuration157Clearing a Mobility Domain from a WX Switch157Clearing a Mobility Domain Member from a Seed157Configuring WX-WX Security158Monitoring the VLANs and Tunnels in a Mobility Domain159Displaying Roaming Stations159Displaying Roaming VLANs and Their Affinities160Displaying Tunnel Information160Understanding the Sessions of Roaming Users161Requirements for Roaming to Succeed161Effects of Timers on Roaming162Monitoring Roaming Sessions162Mobility Domain Scenario163Configuring Network Domains165About the Network Domain Feature165Network Domain Seed Affinity168Configuring a Network Domain169Configuring Network Domain Seeds169Specifying Network Domain Seed Peers170Configuring Network Domain Members171Displaying Network Domain Information172Clearing Network Domain Configuration from a WX Switch173Clearing a Network Domain Seed from a WX Switch173Clearing a Network Domain Peer from a Network Domain Seed173Clearing Network Domain Seed or Member Configuration from a WX Switch173Network Domain Scenario174Configuring MAP Access Points177MAP Overview177Country of Operation179Directly Connected MAPs and Distributed MAPs179Distributed MAP Network Requirements180Distributed MAPs and STP181Distributed MAPs and DHCP Option 43182MAP Parameters183Resiliency and Dual-Homing Options for MAPs184Dual-Homed Configuration Examples185Boot Process for Distributed MAPs189Establishing Connectivity on the Network189How a Distributed MAP Obtains an IP Address through DHCP189Static IP Address Configuration for Distributed MAPs190Contacting a WX Switch190How a Distributed MAP Contacts a WX Switch (DHCP-Obtained Address)190How a Distributed MAP Contacts a WX Switch (Statically Configured Address)193Loading and Activating an Operational Image195Obtaining Configuration Information from the WX Switch195MAP Boot Examples195Service Profiles202Public and Private SSIDs207Encryption209Radio Profiles209RF Auto-Tuning211Default Radio Profile211Radio-Specific Parameters211Configuring MAPs213Specifying the Country of Operation213Configuring an Auto-AP Profile for Automatic MAP Configuration218How an Unconfigured MAP Finds a WX To Configure It218Configured MAPs Have Precedence Over Unconfigured MAPs219Configuring an Auto-AP Profile220Configuring MAP Port Parameters224Configuring a MAP224Configuring Static IP Addresses on Distributed MAPs225Clearing a MAP from the Configuration227Changing MAP Names227Changing Bias227Disabling or Reenabling Automatic Firmware Upgrades228Forcing a MAP To Download its Operational Image from the WX228Enabling LED Blink Mode229Configuring MAP-WX Security229Encryption Key Fingerprint230Encryption Options230Verifying a MAP Fingerprint on a WX Switch231Setting the MAP Security Requirement on a WX232Fingerprint Log Message233Configuring a Service Profile233Creating a Service Profile233Removing a Service Profile234Changing a Service Profile Setting234Disabling or Reenabling Encryption for an SSID234Disabling or Reenabling Beaconing of an SSID234Changing the Fallthru Authentication Type235Changing Transmit Rates235Enforcing the Data Rates237Disabling Idle-Client Probing238Changing the User Idle Timeout239Changing the Short Retry Threshold239Changing the Long Retry Threshold240Configuring a Radio Profile240Creating a New Profile241Changing Radio Parameters241Resetting a Radio Profile Parameter to its Default Value245Removing a Radio Profile245Configuring Radio-Specific Parameters246Configuring the Channel and Transmit Power246Configuring the External Antenna Model and Location247Specifying the External Antenna Model248Specifying the External Antenna Location249Mapping the Radio Profile to Service Profiles249Assigning a Radio Profile and Enabling Radios249Disabling or Reenabling Radios250Enabling or Disabling Individual Radios250Disabling or Reenabling All Radios Using a Profile250Resetting a Radio to its Factory Default Settings251Restarting a MAP251Configuring Local Packet Switching on MAPs252Configuring Local Switching253Configuring a VLAN Profile253Enabling Local Switching on a MAP253Applying a VLAN Profile to a MAP254Clearing the VLAN Profile from a MAP254Removing a VLAN Profile from the WX Switch255Displaying MAP Information256Displaying MAP Configuration Information256Displaying Connection Information for Distributed MAPs257Displaying a List of Distributed MAPs that Are Not Configured258Displaying Active Connection Information for Distributed MAPs258Displaying Service Profile Information259Displaying Radio Profile Information260Displaying MAP Status Information260Displaying Static IP Address Information for Distributed MAPs261Displaying MAP Statistics Counters262Displaying VLAN Profile Information263Displaying the ARP Table for a MAP263Displaying the Forwarding Database for a MAP264Displaying VLAN Information for a MAP264Displaying ACL Information for a MAP265Configuring RF Load Balancing for MAPs267RF Load Balancing Overview267Configuring RF Load Balancing268Disabling or Re-Enabling RF Load Balancing268Assigning Radios to Load Balancing Groups269Specifying Band Preference for RF Load Balancing269Setting Strictness for RF Load Balancing270Exempting an SSID from RF Load Balancing271Displaying RF Load Balancing Information271Configuring WLAN Mesh Services273WLAN Mesh Services Overview273Configuring WLAN Mesh Services274Configuring the Mesh AP275Configuring the Service Profile for Mesh Services276Configuring Security276Enabling Link Calibration Packets on the Mesh Portal MAP277Deploying the Mesh AP277Configuring Wireless Bridging278Displaying WLAN Mesh Services Information279Configuring User Encryption281Overview281Configuring WPA284WPA Cipher Suites284TKIP Countermeasures287WPA Authentication Methods288WPA Information Element288Client Support289Configuring WPA290Creating a Service Profile for WPA291Enabling WPA291Specifying the WPA Cipher Suites291Changing the TKIP Countermeasures Timer Value292Enabling PSK Authentication292Displaying WPA Settings294Assigning the Service Profile to Radios and Enabling the Radios295Configuring RSN (802.11i)296Creating a Service Profile for RSN296Enabling RSN296Specifying the RSN Cipher Suites297Changing the TKIP Countermeasures Timer Value298Enabling PSK Authentication298Displaying RSN Settings298Assigning the Service Profile to Radios and Enabling the Radios298Configuring WEP299Setting Static WEP Key Values301Assigning Static WEP Keys301Encryption Configuration Scenarios302Enabling WPA with TKIP302Enabling Dynamic WEP in a WPA Network304Configuring Encryption for MAC Clients306Configuring RF Auto-Tuning311Overview311Initial Channel and Power Assignment311How Channels Are Selected312Channel and Power Tuning312Power Tuning313Channel Tuning313Tuning the Transmit Data Rate314RF Auto-Tuning Parameters314Changing RF Auto-Tuning Settings316Selecting Available Channels on the 802.11a Radio316Changing Channel Tuning Settings316Disabling or Reenabling Channel Tuning316Changing the Channel Tuning Interval317Changing the Channel Holddown Interval317Changing Power Tuning Settings317Enabling Power Tuning317Changing the Power Tuning Interval318Changing the Maximum Default Power Allowed On a Radio318Locking Down Tuned Settings318Displaying RF Auto-Tuning Information319Displaying RF Auto-Tuning Settings319Displaying RF Neighbors320Displaying RF Attributes321Configuring MAPs To Be AeroScout Listeners323Configuring MAP Radios to Listen for AeroScout RFID Tags324Locating an RFID Tag325Using an AeroScout Engine325Using 3Com Wireless Switch Manager325Configuring Quality of Service327About QoS327Summary of QoS Features327QoS Mode330WMM QoS Mode331WMM QoS on the WX Switch336WMM QoS on a MAP337SVP QoS Mode340Call Admission Control340Broadcast Control341Static CoS341Overriding CoS341Changing QoS Settings342Changing the QoS Mode342Enabling U-APSD Support342Configuring Call Admission Control343Enabling CAC343Changing the Maximum Number of Active Sessions343Configuring Static CoS343Changing CoS Mappings344Using the Client’s DSCP Value to Classify QoS Level344Enabling Broadcast Control345Displaying QoS Information345Displaying a Radio Profile’s QoS Settings345Displaying a Service Profile’s QoS Settings346Displaying CAC Session Information347Displaying CoS Mappings347Displaying the Default CoS Mappings347Displaying a DSCP-to-CoS Mapping348Displaying a CoS-to-DSCP Mapping348Displaying the DSCP Table349Displaying MAP Forwarding Queue Statistics349Configuring and Managing Spanning Tree Protocol351Overview351Enabling the Spanning Tree Protocol352Changing Standard Spanning Tree Parameters352Bridge Priority352Port Cost353Port Priority353Changing the Bridge Priority353Changing STP Port Parameters354Changing the STP Port Cost354Resetting the STP Port Cost to the Default Value354Changing the STP Port Priority355Resetting the STP Port Priority to the Default Value356Changing the STP Port Priority356Resetting the STP Port Priority to the Default Value356Changing Spanning Tree Timers357Changing the STP Hello Interval357Changing the STP Forwarding Delay357Changing the STP Maximum Age358Configuring and Managing STP Fast Convergence Features358Configuring Port Fast Convergence359Displaying Port Fast Convergence Information360Configuring Backbone Fast Convergence360Displaying the Backbone Fast Convergence State360Configuring Uplink Fast Convergence361Displaying Uplink Fast Convergence Information361Displaying Spanning Tree Information361Displaying STP Bridge and Port Information361Displaying the STP Port Cost on a VLAN Basis362Displaying Blocked STP Ports363Displaying Spanning Tree Statistics363Clearing STP Statistics365Spanning Tree Configuration Scenario365Configuring and Managing IGMP Snooping369Overview369Disabling or Reenabling IGMP Snooping369Disabling or Reenabling Proxy Reporting370Enabling the Pseudo-Querier370Changing IGMP Timers370Changing the Query Interval371Changing the Other-Querier- Present Interval371Changing the Query Response Interval371Changing the Last Member Query Interval371Changing Robustness371Enabling Router Solicitation372Changing the Router Solicitation Interval372Configuring Static Multicast Ports372Adding or Removing a Static Multicast Router Port373Adding or Removing a Static Multicast Receiver Port373Displaying Multicast Information373Displaying Multicast Configuration Information and Statistics373Displaying Multicast Statistics Only374Clearing Multicast Statistics374Displaying Multicast Queriers375Displaying Multicast Routers375Displaying Multicast Receivers376Configuring and Managing Security ACLs377About Security Access Control Lists377Overview of Security ACL Commands377Security ACL Filters378Order in Which ACLs are Applied to Traffic379Traffic Direction379Selection of User ACLs380Creating and Committing a Security ACL380Setting a Source IP ACL380Wildcard Masks382Class of Service382Setting an ICMP ACL383Setting TCP and UDP ACLs385Setting a TCP ACL385Setting a UDP ACL386Determining the ACE Order386Committing a Security ACL387Viewing Security ACL Information387Viewing the Edit Buffer388Viewing Committed Security ACLs388Viewing Security ACL Details388Displaying Security ACL Hits389Clearing Security ACLs390Mapping Security ACLs390Mapping User-Based Security ACLs390Mapping Security ACLs to Ports, VLANs, Virtual Ports, or Distributed MAPs392Displaying ACL Maps to Ports, VLANs, and Virtual Ports392Clearing a Security ACL Map393Modifying a Security ACL394Adding Another ACE to a Security ACL394Placing One ACE before Another395Modifying an Existing Security ACL396Clearing Security ACLs from the Edit Buffer397Using ACLs to Change CoS399Filtering Based on DSCP Values399Using the dscp Option400Using the precedence and tos Options400Enabling Prioritization for Legacy Voice over IP401General Guidelines402Enabling VoIP Support for TeleSym VoIP403Enabling SVP Optimization for SpectraLink Phones404Known Limitations404Configuring a Service Profile for RSN (WPA2)405Configuring a Service Profile for WPA405Configuring a Radio Profile406Configuring a VLAN for Voice Clients407Configuring an ACL to Prioritize Voice Traffic407Setting 802.11b/g Radios to 802.11b (for Siemens SpectraLink VoIP Phones only)409Disabling RF Auto-Tuning Before Upgrading a SpectraLink Phone409Restricting Client-To-Client Forwarding Among IP-Only Clients409Security ACL Configuration Scenario410Managing Keys and Certificates413Why Use Keys and Certificates?413Wireless Security through TLS414PEAP-MS-CHAP-V2 Security414About Keys and Certificates415Public Key Infrastructures416Public and Private Keys416Digital Certificates416PKCS #7, PKCS #10, and PKCS #12 Object Files417Certificates Automatically Generated by MSS418Creating Keys and Certificates419Choosing the Appropriate Certificate Installation Method for Your Network420Creating Public-Private Key Pairs421Generating Self-Signed Certificates422Installing a Key Pair and Certificate from a PKCS #12 Object File423Creating a CSR and Installing a Certificate from a PKCS #7 Object File424Installing a CA’s Own Certificate425Displaying Certificate and Key Information426Key and Certificate Configuration Scenarios427Creating Self-Signed Certificates427Installing CA-Signed Certificates from PKCS #12 Object Files429Installing CA-Signed Certificates Using a PKCS #10 Object File (CSR) and a PKCS #7 Object File431Configuring AAA for Network Users433About AAA for Network Users433Authentication433Authentication Types434Authentication Algorithm435SSID Name “Any”437Last-Resort Processing437User Credential Requirements437Authorization438Accounting440Summary of AAA Features440AAA Tools for Network Users441“Globs” and Groups for Network User Classification442Wildcard “Any” for SSID Matching442AAA Methods for IEEE 802.1X and Web Network Access442AAA Rollover Process443Local Override Exception443Remote Authentication with Local Backup444IEEE 802.1X Extensible Authentication Protocol Types446Ways a WX Switch Can Use EAP447Effects of Authentication Type on Encryption Method448Configuring 802.1X Authentication449Configuring EAP Offload449Using Pass-Through450Authenticating via a Local Database450Binding User Authentication to Machine Authentication451Authentication Rule Requirements452Bonded Auth Period453Bonded Auth Configuration Example454Displaying Bonded Auth Configuration Information454Configuring Authentication and Authorization by MAC Address456Adding and Clearing MAC Users and User Groups Locally456Adding MAC Users and Groups456Clearing MAC Users and Groups457Configuring MAC Authentication and Authorization457Changing the MAC Authorization Password for RADIUS459Configuring Web Portal WebAAA460How WebAAA Portal Works460Display of the Login Page461WebAAA Requirements and Recommendations462WX Switch Requirements462Network Requirements466WX Switch Recommendations466Client NIC Requirements466Client Web Browser Recommendations466Configuring Web Portal WebAAA467Web Portal WebAAA Configuration Example467Displaying Session Information for Web Portal WebAAA Users470Using a Custom Login Page471Copying and Modifying the Web Login Page472Custom Login Page Scenario473Using Dynamic Fields in WebAAA Redirect URLs475Using an ACL Other Than portalacl476Configuring the Web Portal WebAAA Session Timeout Period477Configuring the Web Portal Logout Function478Configuring Last-Resort Access479Configuring Last-Resort Access for Wired Authentication Ports481Configuring AAA for Users of Third-Party APs482Authentication Process for Users of a Third-Party AP482Requirements483Third-Party AP Requirements483WX Switch Requirements484RADIUS Server Requirements484Configuring Authentication for 802.1X Users of a Third-Party AP with Tagged SSIDs484Configuring Authentication for Non-802.1X Users of a Third-Party AP with Tagged SSIDs487Configuring Access for Any Users of a Non-Tagged SSID487Assigning Authorization Attributes487Assigning Attributes to Users and Groups492Assigning SSID Default Attributes to a Service Profile493Assigning a Security ACL to a User or a Group494Assigning a Security ACL Locally494Assigning a Security ACL on a RADIUS Server495Clearing a Security ACL from a User or Group495Assigning Encryption Types to Wireless Users496Assigning and Clearing Encryption Types Locally496Assigning and Clearing Encryption Types on a RADIUS Server497Keeping Users on the Same VLAN Even After Roaming498Overriding or Adding Attributes Locally with a Location Policy499About the Location Policy500How the Location Policy Differs from a Security ACL500Setting the Location Policy501Applying Security ACLs in a Location Policy Rule502Displaying and Positioning Location Policy Rules502Clearing Location Policy Rules and Disabling the Location Policy503Configuring Accounting for Wireless Network Users504Viewing Local Accounting Records505Viewing Roaming Accounting Records505Displaying the AAA Configuration507Avoiding AAA Problems in Configuration Order508Using the Wildcard “Any” as the SSID Name in Authentication Rules508Using Authentication and Accounting Rules Together508Configuration Producing an Incorrect Processing Order509Configuration for a Correct Processing Order509Configuring a Mobility Profile510Network User Configuration Scenarios512General Use of Network User Commands512Enabling RADIUS Pass-Through Authentication514Enabling PEAP-MS-CHAP-V2 Authentication514Enabling PEAP-MS-CHAP-V2 Offload515Combining EAP Offload with Pass-Through Authentication516Overriding AAA-Assigned VLANs516Configuring Communication with RADIUS519RADIUS Overview519Before You Begin521Configuring RADIUS Servers521Configuring Global RADIUS Defaults522Setting the System IP Address as the Source Address523Configuring Individual RADIUS Servers523Deleting RADIUS Servers524Configuring RADIUS Server Groups524Creating Server Groups525Ordering Server Groups525Configuring Load Balancing526Adding Members to a Server Group527Deleting a Server Group527RADIUS and Server Group Configuration Scenario528Managing 802.1X on the WX Switch531Managing 802.1X on Wired Authentication Ports531Enabling and Disabling 802.1X Globally531Setting 802.1X Port Control532Managing 802.1X Encryption Keys533Enabling 802.1X Key Transmission533Configuring 802.1X Key Transmission Time Intervals533Managing WEP Keys534Configuring 802.1X WEP Rekeying534Configuring the Interval for WEP Rekeying535Setting EAP Retransmission Attempts535Managing 802.1X Client Reauthentication536Enabling and Disabling 802.1X Reauthentication536Setting the Maximum Number of 802.1X Reauthentication Attempts536Setting the 802.1X Reauthentication Period537Setting the Bonded Authentication Period538Managing Other Timers538Setting the 802.1X Quiet Period538Setting the 802.1X Timeout for an Authorization Server539Setting the 802.1X Timeout for a Client539Displaying 802.1X Information540Viewing 802.1X Clients540Viewing the 802.1X Configuration540Viewing 802.1X Statistics541Configuring SODA Endpoint Security for a WX Switch543About SODA Endpoint Security543SODA Endpoint Security Support on WX Switches544How SODA Functionality Works on WX Switches545Configuring SODA Functionality546Configuring Web Portal WebAAA for the Service Profile547Creating the SODA Agent with SODA Manager547Copying the SODA Agent to the WX Switch549Installing the SODA Agent Files on the WX Switch549Enabling SODA Functionality for the Service Profile550Disabling Enforcement of SODA Agent Checks550Specifying a SODA Agent Success Page551Specifying a SODA Agent Failure Page551Specifying a Remediation ACL552Specifying a SODA Agent Logout Page553Specifying an Alternate SODA Agent Directory for a Service Profile554Uninstalling the SODA Agent Files from the WX Switch554Displaying SODA Configuration Information555Managing Sessions557About the Session Manager557Displaying and Clearing Administrative Sessions557Displaying and Clearing All Administrative Sessions558Displaying and Clearing an Administrative Console Session558Displaying and Clearing Administrative Telnet Sessions559Displaying and Clearing Client Telnet Sessions559Displaying and Clearing Network Sessions560Displaying Verbose Network Session Information561Displaying and Clearing Network Sessions by Username562Displaying and Clearing Network Sessions by MAC Address563Displaying and Clearing Network Sessions by VLAN Name563Displaying and Clearing Network Sessions by Session ID564Displaying and Changing Network Session Timers565Disabling Keepalive Probes566Changing or Disabling the User Idle Timeout566Rogue Detection and Countermeasures567Overview567About Rogues and RF Detection567Rogue Access Points and Clients567Rogue Classification568Rogue Detection Lists569RF Detection Scans571Dynamic Frequency Selection (DFS)571Countermeasures572Mobility Domain Requirement572Summary of Rogue Detection Features573Configuring Rogue Detection Lists574Configuring a Permitted Vendor List574Configuring a Permitted SSID List576Configuring a Client Black List577Configuring an Attack List578Configuring an Ignore List579Enabling Countermeasures580Using On-Demand Countermeasures in a Mobility Domain581Disabling or Reenabling Active Scan582Enabling MAP Signatures582Creating an Encrypted RF Fingerprint Key as a MAP Signature583Disabling or Reenabling Logging of Rogues584Enabling Rogue and Countermeasures Notifications584IDS and DoS Alerts584Flood Attacks585DoS Attacks585Netstumbler and Wellenreiter Applications586Wireless Bridge586Ad-Hoc Network586Weak WEP Key Used by Client587Disallowed Devices or SSIDs587Displaying Statistics Counters587IDS Log Message Examples587Displaying RF Detection Information590Displaying Rogue Clients592Displaying Rogue Detection Counters593Displaying SSID or BSSID Information for a Mobility Domain594Displaying RF Detect Data596Displaying the APs Detected by MAP Radio596Displaying Countermeasures Information597Managing System Files599About System Files599Displaying Software Version Information599Displaying Boot Information601Working with Files602Displaying a List of Files602Copying a File604Using an Image File’s MD5 Checksum To Verify Its Integrity606Deleting a File607Creating a Subdirectory608Removing a Subdirectory608Managing Configuration Files609Displaying the Running Configuration609Saving Configuration Changes610Specifying the Configuration File to Use After the Next Reboot611Loading a Configuration File611Specifying a Backup Configuration File612Resetting to the Factory Default Configuration612Backing Up and Restoring the System613Managing Configuration Changes615Backup and Restore Examples615Upgrading the System Image616Preparing the WX Switch for the Upgrade616Upgrading an Individual Switch Using the CLI617Upgrade Scenario618Command Changes During Upgrade618Troubleshooting a WX Switch619Fixing Common WX Setup Problems619Recovering the System When the Enable Password is Lost622WXR100622WX1200, WX2200, or WX4400622Configuring and Managing the System Log623Log Message Components623Logging Destinations and Levels623Using Log Commands625Logging to the Log Buffer626Logging to the Console627Logging Messages to a Syslog Server628Setting Telnet Session Defaults628Changing the Current Telnet Session Defaults629Logging to the Trace Buffer629Enabling Mark Messages629Saving Trace Messages in a File630Displaying the Log Configuration630Running Traces631Using the Trace Command631Tracing Authentication Activity631Tracing Session Manager Activity631Tracing Authorization Activity632Tracing 802.1X Sessions632Displaying a Trace632Stopping a Trace632About Trace Results633Displaying Trace Results633Copying Trace Results to a Server634Clearing the Trace Log634List of Trace Areas634Using display Commands635Viewing VLAN Interfaces635Viewing AAA Session Statistics635Viewing FDB Information636Viewing ARP Information636Port Mirroring637Configuration Requirements637Configuring Port Mirroring637Displaying the Port Mirroring Configuration637Clearing the Port Mirroring Configuration637Remotely Monitoring Traffic638How Remote Traffic Monitoring Works638Using Snoop Filters on Radios That Use Active Scan638All Snooped Traffic Is Sent in the Clear638Best Practices for Remote Traffic Monitoring639Configuring a Snoop Filter639Displaying Configured Snoop Filters641Editing a Snoop Filter641Deleting a Snoop Filter641Mapping a Snoop Filter to a Radio641Displaying the Snoop Filters Mapped to a Radio642Displaying the Snoop Filter Mappings for All Radios642Removing Snoop Filter Mappings642Enabling or Disabling a Snoop Filter643Displaying Remote Traffic Monitoring Statistics643Preparing an Observer and Capturing Traffic643Capturing System Information and Sending it to Technical Support645The display tech-support Command645Core Files646Debug Messages647Sending Information to 3Com Technical Support648Enabling and Logging Into Web View649System Requirements649Browser Requirements649WX Switch Requirements649Logging Into Web View650Supported RADIUS Attributes651Supported Standard and Extended Attributes6523Com Vendor-Specific Attributes659Traffic Ports Used by MSS661DHCP Server663How the MSS DHCP Server Works664Configuring the DHCP Server665Displaying DHCP Server Information666Obtaining Support for Your 3Com Products667Register Your Product to Gain Service Benefits667Solve Problems Online667Purchase Extended Warranty and Professional Services668Access Software Downloads668Contact Us668Telephone Technical Support and Repair669Glossary671Index707Command Index723Tamaño: 6 MBPáginas: 728Language: EnglishManuales abiertas
Guía De ReferenciaTabla de contenidosAbout This Guide17Conventions17Documentation18Documentation Comments19Using the Command-Line Interface21Overview21CLI Conventions22Command Prompts22Syntax Notation22Text Entry Conventions and Allowed Characters23MAC Address Notation23IP Address and Mask Notation24Subnet Masks24Wildcard Masks24User Globs, MAC Address Globs, and VLAN Globs24User Globs24MAC Address Globs25VLAN Globs26Matching Order for Globs26Port Lists26Virtual LAN Identification27Command-Line Editing27Keyboard Shortcuts27History Buffer28Tabs28Single-Asterisk (*) Wildcard Character28Double-Asterisk (**) Wildcard Characters28Using CLI Help29Understanding Command Descriptions30Access Commands33Commands by Usage33disable33enable34quit34set enablepass35System Service Commands37Commands by Usage37clear banner motd38clear history38clear prompt39clear system39display banner motd40display base-information41display license41display system42help45history46set banner motd46set confirm47set length48set license49set prompt50set system contact51set system countrycode51set system ip-address53set system location54set system name55Port Commands57Commands by Usage57clear dap58clear port counters58clear port-group59clear port name59clear port preference60clear port type61display port counters62display port-group63display port poe64display port preference65display port status66monitor port counters68reset port73set dap73set port76set port-group76set port name78set port negotiation78set port poe79set port preference80set port speed81set port trap81set port type ap82set port type wired-auth86VLAN Commands89Commands by usage89clear fdb90clear vlan91display fdb92display fdb agingtime94display fdb count95display roaming station96display roaming vlan97display tunnel98display vlan config99set fdb101set fdb agingtime102set vlan name103set vlan port104set vlan tunnel-affinity105IP Services Commands107Commands by Usage107clear interface109clear ip alias110clear ip dns domain110clear ip dns server111clear ip route111clear ip telnet112clear ntp server113clear ntp update-interval113clear snmp trap receiver114clear summertime115clear system ip-address115clear timezone116display arp117display interface118display ip alias119display ip dns120display ip https121display ip route123display ip telnet125display ntp125display snmp configuration127display summertime129display timedate130display timezone131ping131set arp133set arp agingtime134set interface135set interface status136set ip alias136set ip dns137set ip dns domain138set ip dns server138set ip https server139set ip route140set ip snmp server142set ip ssh143set ip ssh absolute-timeout143set ip ssh idle-timeout144set ip ssh server145set ip telnet146set ip telnet server146set ntp147set ntp server148set ntp update-interval149set snmp community149set snmp trap150set snmp trap receiver153set summertime153set system ip-address155set timedate156set timezone157telnet158traceroute159AAA Commands163Commands by Usage163clear accounting165clear authentication admin165clear authentication console166clear authentication dot1x167clear authentication last-resort168clear authentication mac169clear authentication web170clear location policy171clear mac-user172clear mac-user attr172clear mac-user group173clear mac-usergroup174clear mac-usergroup attr175clear mobility-profile176clear user176clear user attr177clear user group177clear usergroup178clear usergroup attr179display aaa180display accounting statistics182display location policy184display mobility-profile185set accounting {admin | console}186set accounting {dot1x | mac | web}187set authentication admin189set authentication console191set authentication dot1x193set authentication last-resort197set authentication mac199set authentication web201set location policy203set mac-user206set mac-user attr207set mac-usergroup attr213set mobility-profile214set mobility-profile mode216set user217set user attr218set user group219set usergroup219set web-aaa220Mobility Domain Commands223Commands by Usage223clear mobility-domain223clear mobility-domain member224display mobility-domain config225display mobility-domain status225set mobility-domain member226set mobility-domain mode member seed-ip227set mobility-domain mode seed domain-name228Managed Access Point Commands229MAP Access Point Commands by Usage229clear {ap | dap} radio232clear radio-profile233display {ap | dap} config234display {ap | dap} counters238display {ap | dap} etherstats240display {ap | dap} group242display {ap | dap} status243display auto-tune attributes246display auto-tune neighbors248display dap connection250display dap global251display dap unconfigured253display radio-profile254display service-profile257reset {ap | dap}260set {ap | dap} bias261set {ap | dap} blink262set {ap | dap} group263set {ap | dap} name264set {ap | dap} radio antennatype265set {ap | dap} radio auto-tune max-power266set {ap | dap} radio auto-tune max- retransmissions267set {ap | dap} radio channel269set {ap | dap} radio min-client-rate270set {ap | dap} radio mode271set {ap | dap} radio radio-profile272set {ap | dap} radio tx-power273set {ap | dap} upgrade-firmware275set radio-profile 11g-only275set radio-profile auto-tune channel-config276set radio-profile auto-tune channel-holddown277set radio-profile auto-tune channel-interval278set radio-profile auto-tune power-backoff- timer279set radio-profile auto-tune power-config280set radio-profile auto-tune power-interval281set radio-profile beacon-interval282set radio-profile dtim-interval283set radio-profile frag-threshold283set radio-profile long-retry284set radio-profile max-rx-lifetime285set radio-profile max-tx-lifetime286set radio-profile mode287set radio-profile preamble-length289set radio-profile rts-threshold290set radio-profile service-profile291set radio-profile short-retry294set service-profile auth-dot1x295set service-profile auth-fallthru296set service-profile auth-psk298set service-profile beacon299set service-profile cipher-ccmp299set service-profile cipher-tkip300set service-profile cipher-wep104301set service-profile cipher-wep40302set service-profile psk-phrase303set service-profile psk-raw304set service-profile rsn-ie305set service-profile shared-key-auth306set service-profile ssid-name307set service-profile ssid-type307set service-profile tkip-mc-time308set service-profile web-aaa-form308set service-profile wep active-multicast- index310set service-profile wep active-unicast- index311set service-profile wep key-index311set service-profile wpa-ie312STP Commands315STP Commands by Usage315clear spantree portcost316clear spantree portpri317clear spantree portvlancost317clear spantree portvlanpri318clear spantree statistics319display spantree320display spantree backbonefast322display spantree blockedports323display spantree portfast324display spantree portvlancost325display spantree statistics325display spantree uplinkfast331set spantree332set spantree backbonefast333set spantree fwddelay334set spantree hello334set spantree maxage335set spantree portcost336set spantree portfast337set spantree portpri337set spantree portvlancost338set spantree portvlanpri339set spantree priority340set spantree uplinkfast341IGMP Snooping Commands343Commands by usage343clear igmp statistics344display igmp344display igmp mrouter348display igmp querier349display igmp receiver-table351display igmp statistics352set igmp355set igmp lmqi356set igmp mrouter356set igmp mrsol357set igmp mrsol mrsi358set igmp oqi359set igmp proxy-report360set igmp qi360set igmp qri361set igmp querier362set igmp receiver363set igmp rv364Security ACL Commands365Security ACL Commands by Usage365clear security acl366clear security acl map367commit security acl369display security acl370display security acl hits371display security acl info372display security acl map373display security acl resource-usage374hit-sample-rate378rollback security acl379set security acl380set security acl map385Cryptography Commands389Commands by Usage389crypto ca-certificate389crypto certificate391crypto generate key392crypto generate request393crypto generate self-signed395crypto otp397crypto pkcs12399display crypto ca-certificate400display crypto certificate401RADIUS and Server Group Commands403Commands by Usage403clear radius403clear radius client system-ip405clear radius server405clear server group406set radius407set radius client system-ip408set radius server409set server group411set server group load-balance412802.1X Management Commands415Commands by Usage415clear dot1x bonded-period416clear dot1x max-req417clear dot1x port-control417clear dot1x quiet-period418clear dot1x reauth-max418clear dot1x reauth-period419clear dot1x timeout auth-server419clear dot1x timeout supplicant420clear dot1x tx-period420display dot1x421set dot1x authcontrol425set dot1x bonded-period426set dot1x key-tx426set dot1x max-req427set dot1x port-control428set dot1x quiet-period429set dot1x reauth429set dot1x reauth-max430set dot1x reauth-period430set dot1x timeout auth-server431set dot1x timeout supplicant431set dot1x tx-period432set dot1x wep-rekey433set dot1x wep-rekey-period433Session Management Commands435Commands by Usage435clear sessions435clear sessions network436display sessions438display sessions network440RF Detection Commands449Commands by Usage449clear rfdetect countermeasures mac450clear rfdetect ignore451display rfdetect countermeasures452display rfdetect data453display rfdetect ignore455display rfdetect mobility-domain455display rfdetect visible457set rfdetect active-scan458set rf detect countermeasures459set rfdetect countermeasures mac460set rfdetect ignore461set rfdetect log462File Management Commands463Commands by Usage463clear boot config463copy464delete466dir467display boot469display config470display version472load config474mkdir475reset system476rmdir477save config478set boot configuration-file479set boot partition480Trace Commands481Commands by Usage481clear log trace481clear trace482display trace483save trace484set trace authentication484set trace authorization485set trace dot1x486set trace sm486System Log Commands489Commands by Usage489clear log489display log buffer490display log config492display log trace492set log494set log trace mbytes496Boot Prompt Commands499Boot Prompt Commands by Usage499autoboot500boot501change503create504delete505diag505dir506display507fver508help509ls510next511reset512test513version514Obtaining Support for your Product517Register Your Product517Purchase Value-Added Services517Troubleshoot Online517Access Software Downloads518Telephone Technical Support and Repair518Contact Us519Index521Tamaño: 4 MBPáginas: 526Language: EnglishManuales abiertas