Motorola WS5100 Series Migration Giude

Category
Software
Type
Migration Giude
WS5100 Series Switch
Migration Guide
© 2007 Motorola, Inc. All rights reserved.
MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. Symbol is a registered
trademark of Symbol Technologies, Inc. All other product or service names are the property of their respective owners.
Contents
Chapter 1. Overview
Chapter 2. Switch Web UI and Image Upgrades
2.1 Accessing the Switch Web UI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
2.1.1 Web UI Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
2.1.2 Connecting to the Switch Web UI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
2.2 Switch Password Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3
2.2.1 Recovering the Switch Password using the Web UI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3
2.2.2 Recovering the Switch Password using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3
2.3 Shutting Down the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
2.3.1 Shutting Down the Switch using the 1.4.x/2.x Shutdown Command. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
2.3.2 Shutting Down the Switch using the 3.0 Halt Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
2.4 Upgrading the Switch Image. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
2.4.1 Upgrading the Switch Image from 1.4.x or 2.x to Version 3.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
2.5 Downgrading the Switch Image from Version 3.0 to 1.4.x or 2.x. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7
Chapter 3. Use Cases
3.1 Tempest University’s Hotspot Deployment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1
3.2 Tempest University’s Current WS5100 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1
3.3 Migrating the Existing Configuration to the 3.0 Baseline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
3.3.1 Migrating Up to the 3.0 Baseline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
3.3.2 Porting a WS5100 2.0 Configuration to a 3.0 Migrated WS5100. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
3.3.3 Configure New Hotspots on Campus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
3.3.4 Configuring a Windows 2003 IIS Server for Hotspot Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-13
3.3.4.1 IIS Server Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15
3.3.5 Sample HTML Pages / CGI Script for External Hotspots. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-16
3.4 Use Case: Remote VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-18
3.4.1 Network Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-18
3.4.2 Configuring DHCP Sever to serve public IP addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19
3.4.2.1 Adding a New DHCP Pool. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-19
3.4.2.2 Adding a New DHCP Pool. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20
3.4.3 Configuring Crypto Policy (IKE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20
3.4.3.1 Create IKE Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-21
3.4.3.2 Configure Pre-Shared Keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22
3.4.3.3 Enable or Disable IKE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23
3.4.4 Set Global Lifetimes for IPSec Security Associations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23
3.4.5 Define Transform Sets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23
3.4.6 Create Client Related Mode Configuration (Remote Access VPN). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23
TOC-2 WS5100 Series Switch Migration Guide
3.4.7 Configuring IPSec Security Associations (Crypto Map). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24
3.4.7.1 Creating Crypto Map Entry for Establishing Manual Security Associations . . . . . . . . . . . . . . . . 3-24
3.4.7.2 Creating Crypto Map Entry that Use IKE to Establish Security Association . . . . . . . . . . . . . . . . 3-24
3.4.8 Apply Crypto Map Sets to Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-25
3.4.9 Monitor and Maintain IPSec Tunnels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-25
3.4.10 Network Address Translation in IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-25
Chapter 4. Web UI Menu Path Comparison
4.1 Web UI Menu Path Navigation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1
4.1.1 High-Level Device Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1
4.1.2 Configuring the System Time (NTP) Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
4.1.3 Managing Software, Configuration and Log Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
4.1.3.1 WS5100 Switch Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
4.1.3.2 WS5100 Switch Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
4.1.3.3 WS5100 Log Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4
4.1.4 VLAN Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5
4.1.5 Configuring Switch Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6
4.1.5.1 ACL Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6
4.1.5.2 Encryption and Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8
4.1.5.3 Rouge AP Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12
4.1.5.4 Configuring the On-Board Radius Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-13
4.1.6 Viewing Switch Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14
4.1.7 Switch Certificate Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15
Chapter 5. WS5100 LED Behavior Comparison
5.1 WS5100 1.4.x and 2.x Baseline LED Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
5.1.1 Start Up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
5.1.2 Configured as a Primary Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1
5.1.3 Configured as a Standby Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
5.1.4 Error Codes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
5.2 WS5100 LED Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
5.2.1 Start Up . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
5.2.2 Primary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
5.2.3 Standby . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
5.2.4 Error Codes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
Chapter 6. DHCP
6.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-1
6.2 Managing the DHCP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2
6.3 Configuring DHCP Server using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-2
6.3.1 Creating network pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3
6.3.2 Creating host pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3
6.3.3 Troubleshooting DHCP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3
6.3.4 Creating DHCP option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5
6.4 Configuring DHCP Client using SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5
6.5 WS-SW-DHCP-MIB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-5
6.5.1 wsSWDhcpModule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-6
TOC-3
6.5.2 wsSWDhcpClient. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-6
6.5.2.1 wsSWDhcpClient Sub Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-6
6.5.2.2 wsSWDhcpClientSvrInfor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-7
6.6 WS-SW-DHCP-SERVER-MIB. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-9
6.6.1 wsSwDhcpServerModule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-10
6.6.1.1 wsSwDhcpSvrGlobal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-10
6.6.1.2 wsSwDhcpSvrExcludeTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11
6.6.1.3 wsSwDhcpSvrPoolTable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11
6.6.1.4 wsSwDhcpSvrIncludeTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11
6.6.1.5 wsSwDhcpSvrPoolOptionTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-11
6.6.1.6 wsSwDhcpBindingStatusTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-12
6.6.1.7 wsSwDhcpSvrGlobalOptionTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-12
6.6.1.8 wsSwDhcpRelayTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-12
6.6.2 wsSWDhcpSvrGlobal Sub Objects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-12
6.6.2.1 wsSwDhcpSvrBootp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13
6.6.2.2 wsSwDhcpSvrPingInterval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13
6.6.2.3 wsSwDhcpSvrEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13
6.6.2.4 wsSwDhcpSvrRestart. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-13
6.6.3 wsSwDhcpSvrExcludeTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-14
6.6.3.1 wsSwDhcpSvrExcludeEntry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-14
6.6.3.2 wsSwDhcpSvrExcludeLowIpAddr. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15
6.6.3.3 wsSwDhcpSvrExcludeHighIpAddr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15
6.6.3.4 wsSwDhcpSvrExcludeRowStatus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-15
6.6.4 wsSwDhcpSvrPoolTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-16
6.6.4.1 wsSwDhcpSvrPoolEntry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-17
6.6.4.2 wsSwDhcpSvrPoolNameIndex . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-18
6.6.4.3 wsSwDhcpSvrPoolType . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-18
6.6.4.4 wsSwDhcpSvrPoolHostIp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-18
6.6.4.5 wsSwDhcpSvrPoolSubnetIpAndMask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-19
6.6.4.6 wsSwDhcpSvrPoolClientId . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-19
6.6.4.7 wsSwDhcpSvrPoolClientName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-19
6.6.4.8 wsSwDhcpSvrPoolHardWareAddrAndType. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-20
6.6.4.9 wsSwDhcpSvrPoolDomainName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-20
6.6.4.10 wsSwDhcpSvrPoolNetBiosNodeType . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-20
6.6.4.11 wsSwDhcpSvrPoolBootfile. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-21
6.6.4.12 wsSwDhcpSvrPoolDdnsUpdate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-21
6.6.4.13 wsSwDhcpSvrPoolDdnsUpdateAll. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-21
6.6.4.14 wsSwDhcpSvrPoolDdnsIp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-22
6.6.4.15 wsSwDhcpSvrPoolDdnsDomainName. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-22
6.6.4.16 wsSwDhcpSvrPoolDdnsTtl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-23
6.6.4.17 wsSwDhcpSvrPoolDdnsMultiUserClass . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-23
6.6.4.18 wsSwDhcpSvrPoolDefaultRouter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-23
6.6.4.19 wsSwDhcpSvrPoolBootpNextSvrIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-24
6.6.4.20 wsSwDhcpSvrPoolDnsSvrIP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-24
6.6.4.21 wsSwDhcpSvrPoolNetbiosSvrIP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-24
6.6.4.22 wsSwDhcpSvrPoolNoDefault. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-25
TOC-4 WS5100 Series Switch Migration Guide
6.6.4.23 wsSwDhcpSvrPoolLeaseTime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-25
6.6.4.24 wsSwDhcpSvrPoolRowStatus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-25
6.7 Configuring DHCP using the WebUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-26
6.7.1 Creating a Network Pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-26
6.7.2 Creating a Host Pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-29
Chapter 7. Dynamic DNS
7.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1
7.2 Managing DDNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-1
7.3 Configuring DDNS using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2
7.3.1 Creating Pool with DDNS Updates Enabled . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2
7.3.1.1 Important DDNS Configurations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-3
7.4 Configuring DDNS using SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4
7.5 WS-SW-DHCP-SERVER-MIB. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-4
7.5.1 wsSwDNSModule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5
7.5.1.1 wsSwDNSDomainName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5
7.5.1.2 wsSwDNSNameSvrTable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5
7.5.2 wsSwDNSDomainName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-5
7.5.2.1 wsSwDNSDomainNameStatic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-6
7.5.2.2 wsSwDNSDomainNameLookup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-6
7.5.3 wsSwDNSNameSvrTable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-6
7.5.3.1 wsSwDNSNameSvrEntry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-7
7.5.3.2 wsSwDNSNameSvrIP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-7
7.5.3.3 wsSwDNSNameSvrPriority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-8
7.5.3.4 wsSwDNSNameSvrType . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-8
7.5.3.5 wsSwDNSNameSvrRowStatus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-8
7.6 Configuring DDNS using the Web UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-9
Chapter 8. Certificate Management
8.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-1
8.2 Configuring the Certificate Manager using CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
8.2.1 Generating a Self-Signed Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
8.2.2 Generating a Certificate Request and Importing the Server Certificate. . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
8.2.3 Importing CA Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3
8.2.4 Porting the Certificate Onto Another Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3
8.2.4.1 Create a Keypair and Associate it to a Trustpoint. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-3
8.2.4.2 Importing the Certificate to Another Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4
8.2.5 Configuring Trustpoint using the Web UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-4
8.2.5.1 Creating a Trustpoint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-5
8.2.5.2 Uploading the Server Certificate/CA Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8-9
Chapter 9. Radius
9.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-1
9.1.1 User Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
9.1.2 Authentication of Terminal/Management User(s) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
9.1.3 Access Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
9.1.4 Proxy to External Radius Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
TOC-5
9.1.5 LDAP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
9.1.6 Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
9.2 Configuring Onboard Radius Server using CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
9.2.1 Sending an Access Request to the Local Radius Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
9.2.2 Enable Debug Logs for Radius. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-6
9.3 Configuring Radius using GUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-6
9.3.1 Configuring Radius Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-6
9.3.1.1 Configuring a Radius Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-7
9.3.1.2 Authenticating a Local Radius Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-8
9.3.1.3 Creating a Group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-9
9.3.1.4 Creating a User. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-10
9.3.2 Configuring WLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-12
9.3.3 Configuring LDAP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-14
9.4 Use Case – Configuring Onboard RADIUS to use Active Directory
as user database?9-15
Chapter 10. ACL
10.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1
10.1.1 Supported ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-1
10.1.1.1 Router ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2
10.1.1.2 Port ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3
10.1.1.3 Wireless LAN ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3
10.1.2 ACL Actions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-3
10.1.3 Precedence Order. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
10.2 Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-4
10.3 Network Address Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-5
10.3.1 Static NAT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-5
10.3.2 Port NAT. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
10.4 Configuring ACL using CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
10.4.1 Configure an IP Standard ACL/IP Extended ACL or MAC Extended ACL . . . . . . . . . . . . . . . . . . . . . . . . . . 10-6
10.4.1.1 Configuring IP Standard ACL using CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-7
10.4.1.2 Configuring IP Extended ACL using CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-7
10.4.1.3 Configuring MAC Extended ACL using CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8
10.4.2 Applying ACLs to Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8
10.4.2.1 Configuring Port ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-8
10.4.2.2 Configuring Router ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-9
10.4.2.3 Configuring Wireless LAN ACLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-10
10.5 Configuring ACL using the Web UI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-12
10.5.1 Configuring IP Standard ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-12
10.5.2 Configuring MAC Extended ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-14
10.5.3 Attaching an ACL on a WLAN Interface/Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-16
10.5.3.1 Adding a New ACL WLAN Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-17
Chapter 11. VPN
11.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-1
11.1.1 Types of VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2
11.2 Managing VPN in WS5100 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-2
TOC-6 WS5100 Series Switch Migration Guide
11.2.1 Traffic Secured in VPN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3
11.3 Configuring VPN using CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-3
11.3.1 Configure Peer Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-4
11.3.2 Configure Parameters for Control Traffic using ISAKMP Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-4
11.3.2.1 Create IKE Polices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5
11.3.2.2 Configure Pre-Shared Keys. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5
11.3.2.3 Configure Certificate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-5
11.3.2.4 Configuring ISAKMP using CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6
11.3.3 Security Parameters for Data Traffic using Transform Set. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-6
11.3.3.1 Define Transform Sets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7
11.3.3.2 Selecting Appropriate Transform Sets. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7
11.3.3.3 Configuring transform-set using CLI. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-7
11.3.3.4 Set Global Lifetimes for IPSec Security Associations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8
11.3.4 Specifying Traffic to Protect using Crypto ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-8
11.3.5 Binding all Parameters to a Remote Peer using Crypto Map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-9
11.3.6 Activating IPSec to a Remote Peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-10
11.3.7 Configuring for Remote VPN Client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11
11.3.7.1 Configuring Remote VPN using CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-11
11.3.8 Apply Crypto Map Sets to Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-12
11.3.9 Monitor and Maintain IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-12
11.3.10 Network Address Translation in IPSec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-12
11.4 Special Configuration for Windows XP Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-13
11.4.1 Windows XP VPN Client Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-13
11.5 Configuring VPN using the WebUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-18
11.6 Use Case for Remote VPN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-31
11.7 Use Case for Site-to- Site VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-33
Appendix A.Technical Support
About This Guide
Introduction
This guide provides information for those familiar with using the 1.4.x and 2.x version WS5100 switch
software who require orientation to the new WS5100 3.0 switch features and functionality.
Documentation Set
The documentation set for the WS5100 Series Switch is partitioned into the following guides to provide
information for specific user needs.
WS5100 System Reference Guide - describes advanced setup and configuration activities for all
facets of the the WS5100 Series Switch.
WS5100 Installation Guide - describes the basic setup and configuration required to transition to more
advanced configuration of the switch.
WS5100 CLI Reference - describes the Command Line Interface (CLI) and Management Information
Base (MIB) commands used to configure the WS5100 Series Switch.
WS5100 Troubleshooting Guide - describes workarounds to known conditions the user may encounter.
Document Conventions
The following conventions are used in this document to draw your attention to important information:
NOTE: Screens and windows pictured in this guide are samples and can differ from actual
screens.
NOTE: Indicate tips or special requirements.
CAUTION: Indicates conditions that can cause equipment damage or data loss.
WARNING! Indicates a condition or procedure that could result in
personal injury or equipment damage.
!
viii WS5100 Series Switch Migration Guide
Notational Conventions
The following additional notational conventions are used in this document:
Italics are used to highlight the following:
Chapters and sections in this and related documents
Dialog box, window and screen names
Drop-down list and list box names
Check box and radio button names
Icons on a screen.
GUI text is used to highlight the following:
Screen names
Menu items
Button names on a screen.
bullets (•) indicate:
Action items
Lists of alternatives
Lists of required steps that are not necessarily sequential
Sequential lists (e.g., those that describe step-by-step procedures) appear as numbered lists.
Overview
This WS5100 Series Switch Migration Guide is designed to provide users familiar with the 1.4.x and 2.x
switch baselines an overview of the significant changes to the switch Web UI and switch LED activity. The
Web UI used for the new 3.0 baseline shares almost no similarities with the applet used in previous releases.
Therefore, Motorola recommends you familiarize yourself with the following content to make your WS5100
3.0 configuration activity more effective.
Switch Web UI and Image Upgrades.
Use Cases.
Web UI Menu Path Comparison.
WS5100 LED Behavior Comparison.
DHCP.
Dynamic DNS.
Certificate Management.
Radius.
ACL.
VPN.
1-2 WS5100 Series Switch Migration Guide
Switch Web UI and Image Upgrades
This chapter provides information about the following:
Accessing the Switch Web UI.
Switch Password Recovery.
Shutting Down the Switch.
Upgrading the Switch Image.
Downgrading the Switch Image from Version 3.0 to 1.4.x or 2.x.
2.1 Accessing the Switch Web UI
2.1.1 Web UI Requirements
The switch Web UI is accessed using Internet Explorer version 5.5 (or later) and SUN JRE (Java Runtime
Environment) 1.5 (or later). Refer to the Sun Microsystems Web site for information on downloading JRE.
To prepare Internet Explorer to run the Web UI:
1. Open IE’s Tools > Internet Options panel and select the Advanced tab.
2. Uncheck the following checkboxes:
Use HTTP 1.1
Java console enabled (requires restart)
Java logging enabled
JIT compiler for virtual enabled (requires restart).
2.1.2 Connecting to the Switch Web UI
To display the Web UI, launch a Web browser on a computer with the capability of accessing the switch.
NOTE: Ensure you have HTTP connectivity to the switch, as HTTP is a required to launch
the switch Web UI from a browser.
2-2 WS5100 Series Switch Migration Guide
To display the switch Web UI:
1. Point the browser to the IP address assigned to the wired Ethernet port (port 2). Specify a secure
connection using the https:// protocol.
The switch login screen displays:
2. Enter the User ID admin, and Password superuser. Both are case-sensitive. Click the Login button.
Once the Web UI is accessed the Switch main menu item displays a configuration tab with high-level
switch information. Click the Show Dashboard button to display an overall indicator of switch health.
Once the switch is fully configured, the dashboard is the central display for the user to view the version
of firmware running on the switch, quickly assess the last 5 alarms generated by the switch, view the
status of the switch’s Ethernet connections and view switch CPU and memory utilization statistics.
NOTE: If using HTTP to login into the switch, you may encounter a Warning screen if a
self-signed certfificate has not been created and implemented for the switch. This
warning sceen will continue to display on future login attempts until a self-signed
certificate is implemented. Motorola recommends only using the default certificate for
the first few login attempts until a self-signed certficiate can be generated.
NOTE: If your password is lost, there is a means to access the switch, but you are forced
to revert the switch back to its factory default settings and lose your existing
configuration (unless saved to a secure location). Consequently, Motorola recommends
keeping the password in a secure location so it can be retrieved. For information on
password recovery, see Switch Password Recovery on page 2-3.
NOTE: The chapters within this System Reference Guide are arranged to be
complimentary with the main menu items in the menu tree of the switch Web UI. Refer to
this content to configure switch network addressing, security and diagnostics as required.
Switch Web UI and Image Upgrades 2-3
2.2 Switch Password Recovery
With the release of the 3.0 version switch software, your Web UI login password can be recovered, but at
the expense of updates you have made to your configuration file since the default image was updated.
If the switch Web UI password is lost, you cannot get passed the Web UI login screen for any viable switch
configuration activity. Consequently, a password recovery login must be used that will default your switch
back to its factory default configuration. The switch password can be recovered using either the Web UI or
the switch CLI.
If you know your existing password and wish to change it, go to the Switch main menu item, select the
Configuration tab and click the Reset Password button. A screen displays prompting for the existing
password and the new password.
2.2.1 Recovering the Switch Password using the Web UI
To access the switch using a password recovery username and password:
1. Point the browser to the IP address assigned to the wired Ethernet port (port 2).
The switch login screen displays:
2. Enter a password recovery username of restore and password recovery password of
restoreDefaultPassword. Click the Login button.
The switch will login into the Web UI with its reverted default configuration. If you had exported the
switch’s previous configuration to an external location, it now can be imported back to the switch. For
information on importing switch configuration files, see Porting a WS5100 2.0 Configuration to a 3.0
Migrated WS5100 on page 3-3.
2.2.2 Recovering the Switch Password using the CLI
To access the command line interface and using a password recovery username and password:
1. Connect to the CLI using either Telnet, SSH or a Serial cable. You should see the following:
Please press Enter to activate this console.
2. Press Enter and enter cli at the login prompt.
WS5100 login: cli
3. Once you enter the User Access Verification. Enter the username restore and press Enter.
User Access Verification
CAUTION: Using this recovery procedure erases the switch’s current configuration and
data files from the switch /flash dir. Only the switch’s license keys are retained. You
should be able to log in using the default username and password (admin/superuser) and
restore the switchs previous configuration (only if it has been exported to a secure
location before the password recovery procedure was invoked).
CAUTION: Using this recovery procedure erases the switch’s current configuration and
data files from the switch /flash dir. Only the switch’s license keys are retained. You
should be able to log in using the default username and password (admin/superuser) and
restore the switchs previous configuration (only if it has been exported to a secure
location before the password recovery procedure was invoked).
!
!
2-4 WS5100 Series Switch Migration Guide
Username: restore
When prompted to enter a password enter restoreDefaultPassword and press Enter. For security
reasons the password you enter is not displayed.
Password:
4. When the warning prompt appears type y and press Enter. The following will display:
WARNING:This will wipe out the configuration (except license key) and user
data under "flash:/" and reboot the device
Do you want to continue? (y/n):y
Switch will be rebooted with default configuration...
The system is going down NOW !!
5. Once the switch has rebooted login using the default username and password.
2.3 Shutting Down the Switch
The CLI commands used to shutdown the switch have changed with the release of the 3.0 version WS5100
Series Switch. Please refer to the following to differentiate between the shutdown command (1.4.x and
2.x) from the halt command (3.0).
2.3.1 Shutting Down the Switch using the 1.4.x/2.x Shutdown Command
To gracefully shutdown the WS5100, issue the shutdown command from the configure context in the CLI:
WS5000.(Cfg)> shutdown
This command will halt the system.
A manual power cycle will be required to re-start the switch.
Do you want to proceed (yes/no) : yes
System shut down might take a few mins....
Shutting down the switch...
Shutting down dhcp daemon.. done
Shutting down apache server in the OPEN mode...done.
Shutting down cell controller........ done
Shutting down snmpd agent...done.
Shutting down Postgres....done.
INIT: Sending processes the TERM signal
Hostname: WS5000.motorola.com.
Shutting down PacketSwitch interface .....
Shutting down dhcp daemon.. done
Shutting down apache server in the OPEN mode...done.
Cell controller not running.
i2c-core: Device or resource busy
Shutting down Postgres....done.
Stopping periodic command scheduler: cron.
Stopping internet superserver: inetd.
Saving random seed... done.
Stopping deferred execution scheduler: atd.
Stopping kernel log daemon: klogd.
Stopping system log daemon: syslogd.
flushing ide devices: hda
Switch Web UI and Image Upgrades 2-5
System halted.
As directed, wait 10 seconds and turn off the device by toggling the power switch.
2.3.2 Shutting Down the Switch using the 3.0 Halt Command
To shut down the WS5100 from the CLI, issue a halt command, as the halt command is now used to shut
down the WS5100 Series Switch with the release of the 3.0 version WS5100 baseline:
WS5100#halt
Wireless switch will be halted, do you want to continue? (y/n):y
The system is going down NOW !!
% Connection is closed by administrator!
WIOS_SECURITYMGR[395]: DNSALG: Shutting down.
WIOS_SECURITYMGR[395]: FTPALG: Shutting down.
The system is halted.
2.4 Upgrading the Switch Image
The WS510 ships with a factory installed firmware image with the full feature functionality described in this
System Reference Guide. However, Motorola periodically releases switch firmware that includes
enhancements or resolutions to known issues. Verify your current switch firmware version with the latest
version available from the Motorola Web site before determining if your system requires an upgrade.
Additionally, legacy users running either the 1.4.x or 2.x version switch firmware may want to upgrade to the
new 3.0 baseline to take complete advantage of the new diverse feature set available to them. This chapter
describes the method to upgrade from either the 1.4.x or 2.x baseline to the new 3.0 baseline.
NOTE: The WS5100 will power off after issuing a halt command through a software
toggle of the power supply. Be sure to flip the power switch to the Off position. If the
power cord is removed and reinstalled, or power is lost and restored, the switch will
power back on.
CAUTION: Motorola recommends caution when upgrading your WS5100 switch image to
the 3.0 baseline as portions of your configuration will be lost and unrecoverable. Ensure
that you have exported your switch configuration to a secure location before upgrading
your switch. The upgrade.log file will contain a list of the issues found in the conversion
of the configuration file to the new format.
CAUTION: If using a 1.4.x or 2.x admin user password shorter than 8 characters (such as
the default Motorola password), the password will be converted to the 3.0 baseline admin
password of “password” upon a successful update to the 3.0 baseline. Ensure your
existing 1.4.x or 2.x admin password is longer than 8 characters before updating, or leave
as is and use “superuser” to login into an updated 3.0 baseline.
CAUTION: After upgrading the switch baseline from 1.4.x or 2.x to the 3.0 baseline,
applet caching can produce unpredictable results and contents. After the upgrade, ensure
your browser is restarted. Otherwise, the credibility of the upgrade can come into
question.
!
!
!
2-6 WS5100 Series Switch Migration Guide
2.4.1 Upgrading the Switch Image from 1.4.x or 2.x to Version 3.0
To upgrade a switch running either a 1.4.x or 2.x version to the latest 3.0 version switch firmware:
1. Execute the PreUpgradeScript utility (or use the CLI) to ensure there is enough space on your system to
perform the upgrade. The PreUpgradeScript utility should be in the same directory as the upgrade files.
2. Install the Cfgupgrade1.x-setup utility on a Windows desktop system by double clicking the
Cfgupgrade 1.x-setup file.
Follow the prompts displayed by the installer to install Cfgupgrade 1.x-setup.
A WS5100 Configuration Upgrade icon gets created within the Program Files folder. The icon can be
optionally created on your Windows desktop as well.
3. From the WS5100 running either 1.4.x or 2.x, create a configuration and save it on the switch.
WS5100# save <file name> <.cfg>
This is the configuration that will be upgraded to the new 3.0 baseline.
4. Copy the configuration file <.cfg> from the legacy WS5100 to the Windows system where the conversion
utility resides.
Use ftp or tftp to transfer the file.
5. Click on the WS5100 configuration Upgrade icon (from the Windows system).
6. Select the config file copied on to the windows system and run it.
A folder having the same name as the config file is created. The folder contains the converted startup-
config file (in the new upgraded format) along with other log files.
7. Copy the startup-config file back to the WS5100 running using either tftp or ftp.
8. Download or copy the image file <WS5100-3.0.0.0-XX.v1> or
<WS5100-3.0.0.0-XX.v2> to the WS5100 running the legacy switch firmware.
9. On the WS5100, type:
WS5100#service
WS5100#password "password"
exec
Upon reboot, the switch runs the 3.0 image using startup-config as the running configuration.
10.Repeat the instructions above for additional switch upgrades, ensuring that <WS5100-3.0.0.0-
XX.v1> is used for 1.4.x version upgrades, and <WS5100-3.0.0.0-XX.v2> is used for 2.x
version upgrades.
NOTE: Motorola recommends saving a copy of the switch configurartion to a secure
location before the upgrade. If an error occurs with the upgrade a viable configuration will
be needed to restore on the switch.
NOTE: If upgrading a 1.4.x version WS5100 to the new 3.0 baseline, be sure you are
using the <WS5100-3.0.0.0-XX.v1> image file. If upgrading a 2.x version
WS5100 to the new 3.0 baseline, be sure you are using the <WS5100-3.0.0.0-
XX.v2> image file.
Switch Web UI and Image Upgrades 2-7
2.5 Downgrading the Switch Image from Version 3.0 to 1.4.x or 2.x
If for some reason you want to downgrade your WS5100 back down to a 1.4.x or 2.x version firmware image,
use one of the two following image files:
WS5100-1.4.3.0-012R.img
WS5100-2.1.0.0-029R.img
2-8 WS5100 Series Switch Migration Guide
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64
  • Page 65 65
  • Page 66 66
  • Page 67 67
  • Page 68 68
  • Page 69 69
  • Page 70 70
  • Page 71 71
  • Page 72 72
  • Page 73 73
  • Page 74 74
  • Page 75 75
  • Page 76 76
  • Page 77 77
  • Page 78 78
  • Page 79 79
  • Page 80 80
  • Page 81 81
  • Page 82 82
  • Page 83 83
  • Page 84 84
  • Page 85 85
  • Page 86 86
  • Page 87 87
  • Page 88 88
  • Page 89 89
  • Page 90 90
  • Page 91 91
  • Page 92 92
  • Page 93 93
  • Page 94 94
  • Page 95 95
  • Page 96 96
  • Page 97 97
  • Page 98 98
  • Page 99 99
  • Page 100 100
  • Page 101 101
  • Page 102 102
  • Page 103 103
  • Page 104 104
  • Page 105 105
  • Page 106 106
  • Page 107 107
  • Page 108 108
  • Page 109 109
  • Page 110 110
  • Page 111 111
  • Page 112 112
  • Page 113 113
  • Page 114 114
  • Page 115 115
  • Page 116 116
  • Page 117 117
  • Page 118 118
  • Page 119 119
  • Page 120 120
  • Page 121 121
  • Page 122 122
  • Page 123 123
  • Page 124 124
  • Page 125 125
  • Page 126 126
  • Page 127 127
  • Page 128 128
  • Page 129 129
  • Page 130 130
  • Page 131 131
  • Page 132 132
  • Page 133 133
  • Page 134 134
  • Page 135 135
  • Page 136 136
  • Page 137 137
  • Page 138 138
  • Page 139 139
  • Page 140 140
  • Page 141 141
  • Page 142 142
  • Page 143 143
  • Page 144 144
  • Page 145 145
  • Page 146 146
  • Page 147 147
  • Page 148 148
  • Page 149 149
  • Page 150 150
  • Page 151 151
  • Page 152 152
  • Page 153 153
  • Page 154 154
  • Page 155 155
  • Page 156 156
  • Page 157 157
  • Page 158 158
  • Page 159 159
  • Page 160 160
  • Page 161 161
  • Page 162 162
  • Page 163 163
  • Page 164 164
  • Page 165 165
  • Page 166 166
  • Page 167 167
  • Page 168 168
  • Page 169 169
  • Page 170 170
  • Page 171 171
  • Page 172 172
  • Page 173 173
  • Page 174 174
  • Page 175 175
  • Page 176 176
  • Page 177 177
  • Page 178 178
  • Page 179 179
  • Page 180 180
  • Page 181 181
  • Page 182 182
  • Page 183 183
  • Page 184 184
  • Page 185 185
  • Page 186 186
  • Page 187 187
  • Page 188 188
  • Page 189 189
  • Page 190 190
  • Page 191 191
  • Page 192 192
  • Page 193 193
  • Page 194 194
  • Page 195 195
  • Page 196 196
  • Page 197 197
  • Page 198 198

Motorola WS5100 Series Migration Giude

Category
Software
Type
Migration Giude

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI