3com 3CRWX120695A Configuration manual

Category
Software
Type
Configuration manual
http://www.3Com.com/
Part No. 10015909
Published June 2007
Wireless LAN Mobility System
Wireless LAN Switch and Controller
Configuration Guide
WX4400 3CRWX440095A
WX2200 3CRWX220095A
WX1200 3CRWX120695A
WXR100 3CRWXR10095A
3Com Corporation
350 Campus Drive
Marlborough, MA USA
01752-3064
Copyright © 2007, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced
in any form or by any means or used to make any derivative work (such as translation, transformation, or
adaptation) without written permission from 3Com Corporation.
3Com Corporation reserves the right to revise this documentation and to make changes in content from time
to time without obligation on the part of 3Com Corporation to provide notification of such revision or change.
3Com Corporation provides this documentation without warranty, term, or condition of any kind, either
implied or expressed, including, but not limited to, the implied warranties, terms or conditions of
merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or
changes in the product(s) and/or the program(s) described in this documentation at any time.
If there is any software on removable media described in this documentation, it is furnished under a license
agreement included with the product as a separate document, in the hard copy documentation, or on the
removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy,
please contact 3Com and a copy will be provided to you.
UNITED STATES GOVERNMENT LEGEND
If you are a United States government agency, then this documentation and the software described herein are
provided to you subject to the following:
All technical data and computer software are commercial in nature and developed solely at private expense.
Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or
as a “commercial item” as defined in FAR 2.101(a) and as such is provided with only such rights as are
provided in 3Com’s standard commercial license for the Software. Technical data is provided with limited rights
only as provided in DFAR 252.227-7015 (Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable.
You agree not to remove or deface any portion of any legend provided on any licensed program or
documentation contained in, or delivered to you in conjunction with, this User Guide.
Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may
not be registered in other countries.
3Com is a registered trademark of 3Com Corporation. The 3Com logo is a trademark of 3Com Corporation.
Mobility Domain, Managed Access Point, Mobility Profile, Mobility System, Mobility System Software, MP,
MSS, and SentrySweep are trademarks of Trapeze Networks, Inc.
Intel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, Windows XP,
and Windows NT are registered trademarks of Microsoft Corporation.
All other company and product names may be trademarks of the respective companies with which they are
associated.
ENVIRONMENTAL STATEMENT
It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we
are committed to:
Establishing environmental performance standards that comply with national legislation and regulations.
Conserving energy, materials and natural resources in all operations.
Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental
standards. Maximizing the recyclable and reusable content of all products.
Ensuring that all products can be recycled, reused and disposed of safely.
Ensuring that all products are labelled according to recognized environmental standards.
Improving our environmental record on a continual basis.
End of Life Statement
3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components.
Regulated Materials Statement
3Com products do not contain any hazardous or ozone-depleting material.
Environmental Statement about the Documentation
The documentation for this product is printed on paper that comes from sustainable, managed forests; it is
fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and
the inks are vegetable-based with a low heavy-metal content.
CONTENTS
ABOUT THIS GUIDE
Conventions 23
Documentation 24
Documentation Comments 25
1 USING THE COMMAND-LINE INTERFACE
Overview 27
CLI Conventions 27
Command Prompts 28
Syntax Notation 28
Text Entry Conventions and Allowed Characters 28
User Globs, MAC Address Globs, and VLAN Globs 30
Port Lists 32
Virtual LAN Identification 33
Command-Line Editing 33
Keyboard Shortcuts 33
History Buffer 34
Tabs 34
Single-Asterisk (*) Wildcard Character 34
Double-Asterisk (**) Wildcard Characters 34
Using CLI Help 34
Understanding Command Descriptions 36
2 WX SETUP METHODS
Overview 37
Quick Starts 37
3Com Wireless Switch Manager 38
CLI 38
Web Manager 38
How a WX Switch Gets its Configuration 39
Web Quick Start (WXR100, WX1200 and WX2200 Only) 40
Web Quick Start Parameters 40
Web Quick Start Requirements 41
Accessing the Web Quick Start 41
CLI quickstart Command 44
Quickstart Example 46
Remote WX Configuration 49
Opening the QuickStart Network Plan in 3Com Wireless Switch
Manager 49
3 CONFIGURING AAA FOR ADMINISTRATIVE AND LOCAL ACCESS
Overview 51
Before You Start 54
About Administrative Access 54
Access Modes 54
Types of Administrative Access 54
First-Time Configuration via the Console 55
Enabling an Administrator 55
Setting the WX Switch Enable Password 56
Authenticating at the Console 57
Customizing AAA with “Globs” and Groups 58
Setting User Passwords 58
Adding and Clearing Local Users for Administrative Access 59
Configuring Accounting for Administrative Users 59
Displaying the AAA Configuration 61
Saving the Configuration 61
Administrative AAA Configuration Scenarios 62
Local Authentication 62
Local Authentication for Console Users and RADIUS Authentication for
Telnet Users 62
Authentication When RADIUS Servers Do Not Respond 63
Local Override and Backup Local Authentication 64
4 MANAGING USER PASSWORDS
Overview 65
Configuring Passwords 66
Setting Passwords for Local Users 66
Enabling Password Restrictions 67
Setting the Maximum Number of Login Attempts 67
Specifying Minimum Password Length 68
Configuring Password Expiration Time 69
Restoring Access to a Locked-Out User 70
Displaying Password Information 70
5 CONFIGURING AND MANAGING PORTS AND VLANS
Configuring and Managing Ports 71
Setting the Port Type 71
Configuring a Port Name 77
Configuring Interface Preference on a Dual-Interface Gigabit Ethernet
Port (WX4400 only) 78
Configuring Port Operating Parameters 79
Displaying Port Information 81
Configuring Load-Sharing Port Groups 85
Configuring and Managing VLANs 87
Understanding VLANs in 3Com MSS 87
Configuring a VLAN 91
Changing Tunneling Affinity 93
Restricting Layer 2 Forwarding Among Clients 94
Displaying VLAN Information 95
Managing the Layer 2 Forwarding Database 96
Types of Forwarding Database Entries 96
How Entries Enter the Forwarding Database 96
Displaying Forwarding Database Information 97
Adding an Entry to the Forwarding Database 98
Removing Entries from the Forwarding Database 98
Configuring the Aging Timeout Period 99
Port and VLAN Configuration Scenario 100
6 CONFIGURING AND MANAGING IP INTERFACES AND SERVICES
MTU Support 103
Configuring and Managing IP Interfaces 104
Adding an IP Interface 104
Disabling or Reenabling an IP Interface 107
Removing an IP Interface 107
Displaying IP Interface Information 107
Configuring the System IP Address 108
Designating the System IP Address 108
Displaying the System IP Address 108
Clearing the System IP Address 108
Configuring and Managing IP Routes 108
Displaying IP Routes 110
Adding a Static Route 111
Removing a Static Route 112
Managing the Management Services 113
Managing SSH 113
Managing Telnet 116
Managing HTTPS 118
Changing the Idle Timeout for CLI Management Sessions 119
Setting a Message of the Day (MOTD) Banner 120
Prompting the User to Acknowledge the MOTD Banner 120
Configuring and Managing DNS 121
Enabling or Disabling the DNS Client 121
Configuring DNS Servers 121
Configuring a Default Domain Name 122
Displaying DNS Server Information 122
Configuring and Managing Aliases 123
Adding an Alias 123
Removing an Alias 123
Displaying Aliases 123
Configuring and Managing Time Parameters 124
Setting the Time Zone 125
Configuring the Summertime Period 125
Statically Configuring the System Time and Date 127
Displaying the Time and Date 127
Configuring and Managing NTP 127
Adding an NTP Server 128
Removing an NTP Server 128
Changing the NTP Update Interval 128
Resetting the Update Interval to the Default 129
Enabling the NTP Client 129
Displaying NTP Information 129
Managing the ARP Table 130
Displaying ARP Table Entries 130
Adding an ARP Entry 131
Changing the Aging Timeout 131
Pinging Another Device 132
Logging In to a Remote Device 132
Tracing a Route 133
IP Interfaces and Services Configuration Scenario 135
7 CONFIGURING SNMP
Overview 139
Configuring SNMP 139
Setting the System Location and Contact Strings 140
Enabling SNMP Versions 140
Configuring Community Strings (SNMPv1 and SNMPv2c Only) 140
Creating a USM User for SNMPv3 141
Setting SNMP Security 143
Configuring a Notification Profile 144
Configuring a Notification Target 148
Enabling the SNMP Service 151
Displaying SNMP Information 151
Displaying SNMP Version and Status Information 151
Displaying the Configured SNMP Community Strings 151
Displaying USM Settings 151
Displaying Notification Profiles 152
Displaying Notification Targets 152
Displaying SNMP Statistics Counters 152
8 CONFIGURING AND MANAGING MOBILITY DOMAIN ROAMING
About the Mobility Domain Feature 153
Configuring a Mobility Domain 154
Configuring the Seed 154
Configuring Member WX Switches on the Seed 155
Configuring a Member 155
Configuring Mobility Domain Seed Redundancy 156
Displaying Mobility Domain Status 157
Displaying the Mobility Domain Configuration 157
Clearing a Mobility Domain from a WX Switch 157
Clearing a Mobility Domain Member from a Seed 157
Configuring WX-WX Security 158
Monitoring the VLANs and Tunnels in a Mobility Domain 159
Displaying Roaming Stations 159
Displaying Roaming VLANs and Their Affinities 160
Displaying Tunnel Information 160
Understanding the Sessions of Roaming Users 161
Requirements for Roaming to Succeed 161
Effects of Timers on Roaming 162
Monitoring Roaming Sessions 162
Mobility Domain Scenario 163
9 CONFIGURING NETWORK DOMAINS
About the Network Domain Feature 165
Network Domain Seed Affinity 168
Configuring a Network Domain 169
Configuring Network Domain Seeds 169
Specifying Network Domain Seed Peers 170
Configuring Network Domain Members 171
Displaying Network Domain Information 172
Clearing Network Domain Configuration from a WX Switch 173
Clearing a Network Domain Seed from a WX Switch 173
Clearing a Network Domain Peer from a Network Domain Seed 173
Clearing Network Domain Seed or Member Configuration from a WX
Switch 173
Network Domain Scenario 174
10 CONFIGURING MAP ACCESS POINTS
MAP Overview 177
Country of Operation 179
Directly Connected MAPs and Distributed MAPs 179
Boot Process for Distributed MAPs 189
Contacting a WX Switch 190
Loading and Activating an Operational Image 195
Obtaining Configuration Information from the WX Switch 195
Service Profiles 202
Radio Profiles 209
Configuring MAPs 213
Specifying the Country of Operation 213
Configuring an Auto-AP Profile for Automatic MAP Configuration 218
Configuring MAP Port Parameters 224
Configuring MAP-WX Security 229
Configuring a Service Profile 233
Configuring a Radio Profile 240
Configuring Radio-Specific Parameters 246
Mapping the Radio Profile to Service Profiles 249
Assigning a Radio Profile and Enabling Radios 249
Disabling or Reenabling Radios 250
Enabling or Disabling Individual Radios 250
Disabling or Reenabling All Radios Using a Profile 250
Resetting a Radio to its Factory Default Settings 251
Restarting a MAP 251
Configuring Local Packet Switching on MAPs 252
Configuring Local Switching 253
Displaying MAP Information 256
Displaying MAP Configuration Information 256
Displaying Connection Information for Distributed MAPs 257
Displaying a List of Distributed MAPs that Are Not Configured 258
Displaying Active Connection Information for Distributed MAPs 258
Displaying Service Profile Information 259
Displaying Radio Profile Information 260
Displaying MAP Status Information 260
Displaying Static IP Address Information for Distributed MAPs 261
Displaying MAP Statistics Counters 262
Displaying the Forwarding Database for a MAP 264
Displaying VLAN Information for a MAP 264
Displaying ACL Information for a MAP 265
11 CONFIGURING RF LOAD BALANCING FOR MAPS
RF Load Balancing Overview 267
Configuring RF Load Balancing 268
Disabling or Re-Enabling RF Load Balancing 268
Assigning Radios to Load Balancing Groups 269
Specifying Band Preference for RF Load Balancing 269
Setting Strictness for RF Load Balancing 270
Exempting an SSID from RF Load Balancing 271
Displaying RF Load Balancing Information 271
12 CONFIGURING WLAN MESH SERVICES
WLAN Mesh Services Overview 273
Configuring WLAN Mesh Services 274
Configuring the Mesh AP 275
Configuring the Service Profile for Mesh Services 276
Configuring Security 276
Enabling Link Calibration Packets on the Mesh Portal MAP 277
Deploying the Mesh AP 277
Configuring Wireless Bridging 278
Displaying WLAN Mesh Services Information 279
13 CONFIGURING USER ENCRYPTION
Overview 281
Configuring WPA 284
WPA Cipher Suites 284
TKIP Countermeasures 287
WPA Authentication Methods 288
WPA Information Element 288
Client Support 289
Configuring WPA 290
Configuring RSN (802.11i) 296
Creating a Service Profile for RSN 296
Enabling RSN 296
Specifying the RSN Cipher Suites 297
Changing the TKIP Countermeasures Timer Value 298
Enabling PSK Authentication 298
Displaying RSN Settings 298
Assigning the Service Profile to Radios and Enabling the Radios 298
Configuring WEP 299
Setting Static WEP Key Values 301
Assigning Static WEP Keys 301
Encryption Configuration Scenarios 302
Enabling WPA with TKIP 302
Enabling Dynamic WEP in a WPA Network 304
Configuring Encryption for MAC Clients 306
14 CONFIGURING RF AUTO-TUNING
Overview 311
Initial Channel and Power Assignment 311
Channel and Power Tuning 312
RF Auto-Tuning Parameters 314
Changing RF Auto-Tuning Settings 316
Selecting Available Channels on the 802.11a Radio 316
Changing Channel Tuning Settings 316
Changing Power Tuning Settings 317
Locking Down Tuned Settings 318
Displaying RF Auto-Tuning Information 319
Displaying RF Auto-Tuning Settings 319
Displaying RF Neighbors 320
Displaying RF Attributes 321
15 CONFIGURING MAPS TO BE AEROSCOUT LISTENERS
Configuring MAP Radios to Listen for AeroScout RFID Tags 324
Locating an RFID Tag 325
Using an AeroScout Engine 325
Using 3Com Wireless Switch Manager 325
16 CONFIGURING QUALITY OF SERVICE
About QoS 327
Summary of QoS Features 327
QoS Mode 330
WMM QoS Mode 331
WMM QoS on a MAP 337
Call Admission Control 340
Broadcast Control 341
Static CoS 341
Overriding CoS 341
Changing QoS Settings 342
Changing the QoS Mode 342
Enabling U-APSD Support 342
Configuring Call Admission Control 343
Configuring Static CoS 343
Changing CoS Mappings 344
Using the Client’s DSCP Value to Classify QoS Level 344
Enabling Broadcast Control 345
Displaying QoS Information 345
Displaying a Radio Profile’s QoS Settings 345
Displaying a Service Profile’s QoS Settings 346
Displaying CoS Mappings 347
Displaying the DSCP Table 349
Displaying MAP Forwarding Queue Statistics 349
17 CONFIGURING AND MANAGING SPANNING TREE PROTOCOL
Overview 351
Enabling the Spanning Tree Protocol 352
Changing Standard Spanning Tree Parameters 352
Bridge Priority 352
Port Cost 353
Port Priority 353
Changing the Bridge Priority 353
Changing STP Port Parameters 354
Changing Spanning Tree Timers 357
Configuring and Managing STP Fast Convergence Features 358
Configuring Port Fast Convergence 359
Displaying Port Fast Convergence Information 360
Configuring Backbone Fast Convergence 360
Displaying the Backbone Fast Convergence State 360
Configuring Uplink Fast Convergence 361
Displaying Uplink Fast Convergence Information 361
Displaying Spanning Tree Information 361
Displaying STP Bridge and Port Information 361
Displaying the STP Port Cost on a VLAN Basis 362
Displaying Blocked STP Ports 363
Displaying Spanning Tree Statistics 363
Clearing STP Statistics 365
Spanning Tree Configuration Scenario 365
18 CONFIGURING AND MANAGING IGMP SNOOPING
Overview 369
Disabling or Reenabling IGMP Snooping 369
Disabling or Reenabling Proxy Reporting 370
Enabling the Pseudo-Querier 370
Changing IGMP Timers 370
Changing the Query Interval 371
Changing the Other-Querier-
Present Interval 371
Changing the Query Response Interval 371
Changing the Last Member Query Interval 371
Changing Robustness 371
Enabling Router Solicitation 372
Changing the Router Solicitation Interval 372
Configuring Static Multicast Ports 372
Adding or Removing a Static Multicast Router Port 373
Adding or Removing a Static Multicast Receiver Port 373
Displaying Multicast Information 373
Displaying Multicast Configuration Information and Statistics 373
Displaying Multicast Queriers 375
Displaying Multicast Routers 375
Displaying Multicast Receivers 376
19 CONFIGURING AND MANAGING SECURITY ACLS
About Security Access Control Lists 377
Overview of Security ACL Commands 377
Security ACL Filters 378
Order in Which ACLs are Applied to Traffic 379
Creating and Committing a Security ACL 380
Setting a Source IP ACL 380
Setting an ICMP ACL 383
Setting TCP and UDP ACLs 385
Determining the ACE Order 386
Committing a Security ACL 387
Viewing Security ACL Information 387
Clearing Security ACLs 390
Mapping Security ACLs 390
Mapping User-Based Security ACLs 390
Mapping Security ACLs to Ports, VLANs, Virtual Ports, or Distributed
MAPs 392
Modifying a Security ACL 394
Adding Another ACE to a Security ACL 394
Placing One ACE before Another 395
Modifying an Existing Security ACL 396
Clearing Security ACLs from the Edit Buffer 397
Using ACLs to Change CoS 399
Filtering Based on DSCP Values 399
Enabling Prioritization for Legacy Voice over IP 401
General Guidelines 402
Enabling VoIP Support for TeleSym VoIP 403
Enabling SVP Optimization for SpectraLink Phones 404
Restricting Client-To-Client Forwarding Among IP-Only Clients 409
Security ACL Configuration Scenario 410
20 MANAGING KEYS AND CERTIFICATES
Why Use Keys and Certificates? 413
Wireless Security through TLS 414
PEAP-MS-CHAP-V2 Security 414
About Keys and Certificates 415
Public Key Infrastructures 416
Public and Private Keys 416
Digital Certificates 416
PKCS #7, PKCS #10, and PKCS #12 Object Files 417
Certificates Automatically Generated by MSS 418
Creating Keys and Certificates 419
Choosing the Appropriate Certificate Installation Method for Your
Network 420
Creating Public-Private Key Pairs 421
Generating Self-Signed Certificates 422
Installing a Key Pair and Certificate from a PKCS #12 Object File 423
Creating a CSR and Installing a Certificate from a PKCS #7 Object
File 424
Installing a CAs Own Certificate 425
Displaying Certificate and Key Information 426
Key and Certificate Configuration Scenarios 427
Creating Self-Signed Certificates 427
Installing CA-Signed Certificates from PKCS #12 Object Files 429
Installing CA-Signed Certificates Using a PKCS #10 Object File (CSR) and a
PKCS #7 Object File 431
21 CONFIGURING AAA FOR NETWORK USERS
About AAA for Network Users 433
Authentication 433
Authorization 438
Accounting 440
Summary of AAA Features 440
AAA Tools for Network Users 441
“Globs” and Groups for Network User Classification 442
AAA Methods for IEEE 802.1X and Web Network Access 442
IEEE 802.1X Extensible Authentication Protocol Types 446
Ways a WX Switch Can Use EAP 447
Effects of Authentication Type on Encryption Method 448
Configuring 802.1X Authentication 449
Configuring EAP Offload 449
Using Pass-Through 450
Authenticating via a Local Database 450
Binding User Authentication to Machine Authentication 451
Configuring Authentication and Authorization by MAC Address 456
Adding and Clearing MAC Users and User Groups Locally 456
Configuring MAC Authentication and Authorization 457
Changing the MAC Authorization Password for RADIUS 459
Configuring Web Portal WebAAA 460
How WebAAA Portal Works 460
WebAAA Requirements and Recommendations 462
Configuring Web Portal WebAAA 467
Using a Custom Login Page 471
Using Dynamic Fields in WebAAA Redirect URLs 475
Using an ACL Other Than portalacl 476
Configuring the Web Portal WebAAA Session Timeout Period 477
Configuring the Web Portal Logout Function 478
Configuring Last-Resort Access 479
Configuring Last-Resort Access for Wired Authentication Ports 481
Configuring AAA for Users of Third-Party APs 482
Authentication Process for Users of a Third-Party AP 482
Requirements 483
Configuring Authentication for 802.1X Users of a Third-Party AP with
Tagged SSIDs 484
Configuring Authentication for Non-802.1X Users of a Third-Party AP
with Tagged SSIDs 487
Configuring Access for Any Users of a Non-Tagged SSID 487
Assigning Authorization Attributes 487
Assigning Attributes to Users and Groups 492
Assigning SSID Default Attributes to a Service Profile 493
Assigning a Security ACL to a User or a Group 494
Clearing a Security ACL from a User or Group 495
Assigning Encryption Types to Wireless Users 496
Keeping Users on the Same VLAN Even After Roaming 498
Overriding or Adding Attributes Locally with a Location Policy 499
About the Location Policy 500
How the Location Policy Differs from a Security ACL 500
Setting the Location Policy 501
Clearing Location Policy Rules and Disabling the Location Policy 503
Configuring Accounting for Wireless Network Users 504
Viewing Local Accounting Records 505
Viewing Roaming Accounting Records 505
Displaying the AAA Configuration 507
Avoiding AAA Problems in Configuration Order 508
Using the Wildcard “Any” as the SSID Name in Authentication
Rules 508
Using Authentication and Accounting Rules Together 508
Configuring a Mobility Profile 510
Network User Configuration Scenarios 512
General Use of Network User Commands 512
Enabling RADIUS Pass-Through Authentication 514
Enabling PEAP-MS-CHAP-V2 Authentication 514
Enabling PEAP-MS-CHAP-V2 Offload 515
Combining EAP Offload with Pass-Through Authentication 516
Overriding AAA-Assigned VLANs 516
22 CONFIGURING COMMUNICATION WITH RADIUS
RADIUS Overview 519
Before You Begin 521
Configuring RADIUS Servers 521
Configuring Global RADIUS Defaults 522
Setting the System IP Address as the Source Address 523
Configuring Individual RADIUS Servers 523
Deleting RADIUS Servers 524
Configuring RADIUS Server Groups 524
Creating Server Groups 525
Deleting a Server Group 527
RADIUS and Server Group Configuration Scenario 528
23 MANAGING 802.1X ON THE WX SWITCH
Managing 802.1X on Wired Authentication Ports 531
Enabling and Disabling 802.1X Globally 531
Setting 802.1X Port Control 532
Managing 802.1X Encryption Keys 533
Enabling 802.1X Key Transmission 533
Configuring 802.1X Key Transmission Time Intervals 533
Managing WEP Keys 534
Setting EAP Retransmission Attempts 535
Managing 802.1X Client Reauthentication 536
Enabling and Disabling 802.1X Reauthentication 536
Setting the Maximum Number of 802.1X Reauthentication
Attempts 536
Setting the 802.1X Reauthentication Period 537
Setting the Bonded Authentication Period 538
Managing Other Timers 538
Setting the 802.1X Quiet Period 538
Setting the 802.1X Timeout for an Authorization Server 539
Setting the 802.1X Timeout for a Client 539
Displaying 802.1X Information 540
Viewing 802.1X Clients 540
Viewing the 802.1X Configuration 540
Viewing 802.1X Statistics 541
24 CONFIGURING SODA ENDPOINT SECURITY FOR A WX SWITCH
About SODA Endpoint Security 543
SODA Endpoint Security Support on WX Switches 544
How SODA Functionality Works on WX Switches 545
Configuring SODA Functionality 546
Configuring Web Portal WebAAA for the Service Profile 547
Creating the SODA Agent with SODA Manager 547
Copying the SODA Agent to the WX Switch 549
Installing the SODA Agent Files on the WX Switch 549
Enabling SODA Functionality for the Service Profile 550
Disabling Enforcement of SODA Agent Checks 550
Specifying a SODA Agent Success Page 551
Specifying a SODA Agent Failure Page 551
Specifying a Remediation ACL 552
Specifying a SODA Agent Logout Page 553
Specifying an Alternate SODA Agent Directory for a Service Profile 554
Uninstalling the SODA Agent Files from the WX Switch 554
Displaying SODA Configuration Information 555
25 MANAGING SESSIONS
About the Session Manager 557
Displaying and Clearing Administrative Sessions 557
Displaying and Clearing All Administrative Sessions 558
Displaying and Clearing an Administrative Console Session 558
Displaying and Clearing Administrative Telnet Sessions 559
Displaying and Clearing Client Telnet Sessions 559
Displaying and Clearing Network Sessions 560
Displaying Verbose Network Session Information 561
Displaying and Clearing Network Sessions by Username 562
Displaying and Clearing Network Sessions by MAC Address 563
Displaying and Clearing Network Sessions by VLAN Name 563
Displaying and Clearing Network Sessions by Session ID 564
Displaying and Changing Network Session Timers 565
Disabling Keepalive Probes 566
Changing or Disabling the User Idle Timeout 566
26 ROGUE DETECTION AND COUNTERMEASURES
Overview 567
About Rogues and RF Detection 567
Rogue Access Points and Clients 567
RF Detection Scans 571
Countermeasures 572
Mobility Domain Requirement 572
Summary of Rogue Detection Features 573
Configuring Rogue Detection Lists 574
Configuring a Permitted Vendor List 574
Configuring a Permitted SSID List 576
Configuring a Client Black List 577
Configuring an Attack List 578
Configuring an Ignore List 579
Enabling Countermeasures 580
Using On-Demand Countermeasures in a Mobility Domain 581
Disabling or Reenabling Active Scan 582
Enabling MAP Signatures 582
Creating an Encrypted RF Fingerprint Key as a MAP Signature 583
Disabling or Reenabling Logging of Rogues 584
Enabling Rogue and Countermeasures Notifications 584
IDS and DoS Alerts 584
Flood Attacks 585
DoS Attacks 585
Netstumbler and Wellenreiter Applications 586
Wireless Bridge 586
Ad-Hoc Network 586
Weak WEP Key Used by Client 587
Disallowed Devices or SSIDs 587
Displaying Statistics Counters 587
IDS Log Message Examples 587
Displaying RF Detection Information 590
Displaying Rogue Clients 592
Displaying Rogue Detection Counters 593
Displaying SSID or BSSID Information for a Mobility Domain 594
Displaying RF Detect Data 596
Displaying the APs Detected by MAP Radio 596
Displaying Countermeasures Information 597
27 MANAGING SYSTEM FILES
About System Files 599
Displaying Software Version Information 599
Displaying Boot Information 601
Working with Files 602
Displaying a List of Files 602
Copying a File 604
Using an Image File’s MD5 Checksum To Verify Its Integrity 606
Deleting a File 607
Creating a Subdirectory 608
Removing a Subdirectory 608
Managing Configuration Files 609
Displaying the Running Configuration 609
Saving Configuration Changes 610
Specifying the Configuration File to Use After the Next Reboot 611
Loading a Configuration File 611
Specifying a Backup Configuration File 612
Resetting to the Factory Default Configuration 612
Backing Up and Restoring the System 613
Managing Configuration Changes 615
Backup and Restore Examples 615
Upgrading the System Image 616
Preparing the WX Switch for the Upgrade 616
Upgrading an Individual Switch Using the CLI 617
Command Changes During Upgrade 618
A TROUBLESHOOTING A WX SWITCH
Fixing Common WX Setup Problems 619
Recovering the System When the Enable Password is Lost 622
WXR100 622
WX1200, WX2200, or WX4400 622
Configuring and Managing the System Log 623
Log Message Components 623
Logging Destinations and Levels 623
Using Log Commands 625
Running Traces 631
Using the Trace Command 631
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64
  • Page 65 65
  • Page 66 66
  • Page 67 67
  • Page 68 68
  • Page 69 69
  • Page 70 70
  • Page 71 71
  • Page 72 72
  • Page 73 73
  • Page 74 74
  • Page 75 75
  • Page 76 76
  • Page 77 77
  • Page 78 78
  • Page 79 79
  • Page 80 80
  • Page 81 81
  • Page 82 82
  • Page 83 83
  • Page 84 84
  • Page 85 85
  • Page 86 86
  • Page 87 87
  • Page 88 88
  • Page 89 89
  • Page 90 90
  • Page 91 91
  • Page 92 92
  • Page 93 93
  • Page 94 94
  • Page 95 95
  • Page 96 96
  • Page 97 97
  • Page 98 98
  • Page 99 99
  • Page 100 100
  • Page 101 101
  • Page 102 102
  • Page 103 103
  • Page 104 104
  • Page 105 105
  • Page 106 106
  • Page 107 107
  • Page 108 108
  • Page 109 109
  • Page 110 110
  • Page 111 111
  • Page 112 112
  • Page 113 113
  • Page 114 114
  • Page 115 115
  • Page 116 116
  • Page 117 117
  • Page 118 118
  • Page 119 119
  • Page 120 120
  • Page 121 121
  • Page 122 122
  • Page 123 123
  • Page 124 124
  • Page 125 125
  • Page 126 126
  • Page 127 127
  • Page 128 128
  • Page 129 129
  • Page 130 130
  • Page 131 131
  • Page 132 132
  • Page 133 133
  • Page 134 134
  • Page 135 135
  • Page 136 136
  • Page 137 137
  • Page 138 138
  • Page 139 139
  • Page 140 140
  • Page 141 141
  • Page 142 142
  • Page 143 143
  • Page 144 144
  • Page 145 145
  • Page 146 146
  • Page 147 147
  • Page 148 148
  • Page 149 149
  • Page 150 150
  • Page 151 151
  • Page 152 152
  • Page 153 153
  • Page 154 154
  • Page 155 155
  • Page 156 156
  • Page 157 157
  • Page 158 158
  • Page 159 159
  • Page 160 160
  • Page 161 161
  • Page 162 162
  • Page 163 163
  • Page 164 164
  • Page 165 165
  • Page 166 166
  • Page 167 167
  • Page 168 168
  • Page 169 169
  • Page 170 170
  • Page 171 171
  • Page 172 172
  • Page 173 173
  • Page 174 174
  • Page 175 175
  • Page 176 176
  • Page 177 177
  • Page 178 178
  • Page 179 179
  • Page 180 180
  • Page 181 181
  • Page 182 182
  • Page 183 183
  • Page 184 184
  • Page 185 185
  • Page 186 186
  • Page 187 187
  • Page 188 188
  • Page 189 189
  • Page 190 190
  • Page 191 191
  • Page 192 192
  • Page 193 193
  • Page 194 194
  • Page 195 195
  • Page 196 196
  • Page 197 197
  • Page 198 198
  • Page 199 199
  • Page 200 200
  • Page 201 201
  • Page 202 202
  • Page 203 203
  • Page 204 204
  • Page 205 205
  • Page 206 206
  • Page 207 207
  • Page 208 208
  • Page 209 209
  • Page 210 210
  • Page 211 211
  • Page 212 212
  • Page 213 213
  • Page 214 214
  • Page 215 215
  • Page 216 216
  • Page 217 217
  • Page 218 218
  • Page 219 219
  • Page 220 220
  • Page 221 221
  • Page 222 222
  • Page 223 223
  • Page 224 224
  • Page 225 225
  • Page 226 226
  • Page 227 227
  • Page 228 228
  • Page 229 229
  • Page 230 230
  • Page 231 231
  • Page 232 232
  • Page 233 233
  • Page 234 234
  • Page 235 235
  • Page 236 236
  • Page 237 237
  • Page 238 238
  • Page 239 239
  • Page 240 240
  • Page 241 241
  • Page 242 242
  • Page 243 243
  • Page 244 244
  • Page 245 245
  • Page 246 246
  • Page 247 247
  • Page 248 248
  • Page 249 249
  • Page 250 250
  • Page 251 251
  • Page 252 252
  • Page 253 253
  • Page 254 254
  • Page 255 255
  • Page 256 256
  • Page 257 257
  • Page 258 258
  • Page 259 259
  • Page 260 260
  • Page 261 261
  • Page 262 262
  • Page 263 263
  • Page 264 264
  • Page 265 265
  • Page 266 266
  • Page 267 267
  • Page 268 268
  • Page 269 269
  • Page 270 270
  • Page 271 271
  • Page 272 272
  • Page 273 273
  • Page 274 274
  • Page 275 275
  • Page 276 276
  • Page 277 277
  • Page 278 278
  • Page 279 279
  • Page 280 280
  • Page 281 281
  • Page 282 282
  • Page 283 283
  • Page 284 284
  • Page 285 285
  • Page 286 286
  • Page 287 287
  • Page 288 288
  • Page 289 289
  • Page 290 290
  • Page 291 291
  • Page 292 292
  • Page 293 293
  • Page 294 294
  • Page 295 295
  • Page 296 296
  • Page 297 297
  • Page 298 298
  • Page 299 299
  • Page 300 300
  • Page 301 301
  • Page 302 302
  • Page 303 303
  • Page 304 304
  • Page 305 305
  • Page 306 306
  • Page 307 307
  • Page 308 308
  • Page 309 309
  • Page 310 310
  • Page 311 311
  • Page 312 312
  • Page 313 313
  • Page 314 314
  • Page 315 315
  • Page 316 316
  • Page 317 317
  • Page 318 318
  • Page 319 319
  • Page 320 320
  • Page 321 321
  • Page 322 322
  • Page 323 323
  • Page 324 324
  • Page 325 325
  • Page 326 326
  • Page 327 327
  • Page 328 328
  • Page 329 329
  • Page 330 330
  • Page 331 331
  • Page 332 332
  • Page 333 333
  • Page 334 334
  • Page 335 335
  • Page 336 336
  • Page 337 337
  • Page 338 338
  • Page 339 339
  • Page 340 340
  • Page 341 341
  • Page 342 342
  • Page 343 343
  • Page 344 344
  • Page 345 345
  • Page 346 346
  • Page 347 347
  • Page 348 348
  • Page 349 349
  • Page 350 350
  • Page 351 351
  • Page 352 352
  • Page 353 353
  • Page 354 354
  • Page 355 355
  • Page 356 356
  • Page 357 357
  • Page 358 358
  • Page 359 359
  • Page 360 360
  • Page 361 361
  • Page 362 362
  • Page 363 363
  • Page 364 364
  • Page 365 365
  • Page 366 366
  • Page 367 367
  • Page 368 368
  • Page 369 369
  • Page 370 370
  • Page 371 371
  • Page 372 372
  • Page 373 373
  • Page 374 374
  • Page 375 375
  • Page 376 376
  • Page 377 377
  • Page 378 378
  • Page 379 379
  • Page 380 380
  • Page 381 381
  • Page 382 382
  • Page 383 383
  • Page 384 384
  • Page 385 385
  • Page 386 386
  • Page 387 387
  • Page 388 388
  • Page 389 389
  • Page 390 390
  • Page 391 391
  • Page 392 392
  • Page 393 393
  • Page 394 394
  • Page 395 395
  • Page 396 396
  • Page 397 397
  • Page 398 398
  • Page 399 399
  • Page 400 400
  • Page 401 401
  • Page 402 402
  • Page 403 403
  • Page 404 404
  • Page 405 405
  • Page 406 406
  • Page 407 407
  • Page 408 408
  • Page 409 409
  • Page 410 410
  • Page 411 411
  • Page 412 412
  • Page 413 413
  • Page 414 414
  • Page 415 415
  • Page 416 416
  • Page 417 417
  • Page 418 418
  • Page 419 419
  • Page 420 420
  • Page 421 421
  • Page 422 422
  • Page 423 423
  • Page 424 424
  • Page 425 425
  • Page 426 426
  • Page 427 427
  • Page 428 428
  • Page 429 429
  • Page 430 430
  • Page 431 431
  • Page 432 432
  • Page 433 433
  • Page 434 434
  • Page 435 435
  • Page 436 436
  • Page 437 437
  • Page 438 438
  • Page 439 439
  • Page 440 440
  • Page 441 441
  • Page 442 442
  • Page 443 443
  • Page 444 444
  • Page 445 445
  • Page 446 446
  • Page 447 447
  • Page 448 448
  • Page 449 449
  • Page 450 450
  • Page 451 451
  • Page 452 452
  • Page 453 453
  • Page 454 454
  • Page 455 455
  • Page 456 456
  • Page 457 457
  • Page 458 458
  • Page 459 459
  • Page 460 460
  • Page 461 461
  • Page 462 462
  • Page 463 463
  • Page 464 464
  • Page 465 465
  • Page 466 466
  • Page 467 467
  • Page 468 468
  • Page 469 469
  • Page 470 470
  • Page 471 471
  • Page 472 472
  • Page 473 473
  • Page 474 474
  • Page 475 475
  • Page 476 476
  • Page 477 477
  • Page 478 478
  • Page 479 479
  • Page 480 480
  • Page 481 481
  • Page 482 482
  • Page 483 483
  • Page 484 484
  • Page 485 485
  • Page 486 486
  • Page 487 487
  • Page 488 488
  • Page 489 489
  • Page 490 490
  • Page 491 491
  • Page 492 492
  • Page 493 493
  • Page 494 494
  • Page 495 495
  • Page 496 496
  • Page 497 497
  • Page 498 498
  • Page 499 499
  • Page 500 500
  • Page 501 501
  • Page 502 502
  • Page 503 503
  • Page 504 504
  • Page 505 505
  • Page 506 506
  • Page 507 507
  • Page 508 508
  • Page 509 509
  • Page 510 510
  • Page 511 511
  • Page 512 512
  • Page 513 513
  • Page 514 514
  • Page 515 515
  • Page 516 516
  • Page 517 517
  • Page 518 518
  • Page 519 519
  • Page 520 520
  • Page 521 521
  • Page 522 522
  • Page 523 523
  • Page 524 524
  • Page 525 525
  • Page 526 526
  • Page 527 527
  • Page 528 528
  • Page 529 529
  • Page 530 530
  • Page 531 531
  • Page 532 532
  • Page 533 533
  • Page 534 534
  • Page 535 535
  • Page 536 536
  • Page 537 537
  • Page 538 538
  • Page 539 539
  • Page 540 540
  • Page 541 541
  • Page 542 542
  • Page 543 543
  • Page 544 544
  • Page 545 545
  • Page 546 546
  • Page 547 547
  • Page 548 548
  • Page 549 549
  • Page 550 550
  • Page 551 551
  • Page 552 552
  • Page 553 553
  • Page 554 554
  • Page 555 555
  • Page 556 556
  • Page 557 557
  • Page 558 558
  • Page 559 559
  • Page 560 560
  • Page 561 561
  • Page 562 562
  • Page 563 563
  • Page 564 564
  • Page 565 565
  • Page 566 566
  • Page 567 567
  • Page 568 568
  • Page 569 569
  • Page 570 570
  • Page 571 571
  • Page 572 572
  • Page 573 573
  • Page 574 574
  • Page 575 575
  • Page 576 576
  • Page 577 577
  • Page 578 578
  • Page 579 579
  • Page 580 580
  • Page 581 581
  • Page 582 582
  • Page 583 583
  • Page 584 584
  • Page 585 585
  • Page 586 586
  • Page 587 587
  • Page 588 588
  • Page 589 589
  • Page 590 590
  • Page 591 591
  • Page 592 592
  • Page 593 593
  • Page 594 594
  • Page 595 595
  • Page 596 596
  • Page 597 597
  • Page 598 598
  • Page 599 599
  • Page 600 600
  • Page 601 601
  • Page 602 602
  • Page 603 603
  • Page 604 604
  • Page 605 605
  • Page 606 606
  • Page 607 607
  • Page 608 608
  • Page 609 609
  • Page 610 610
  • Page 611 611
  • Page 612 612
  • Page 613 613
  • Page 614 614
  • Page 615 615
  • Page 616 616
  • Page 617 617
  • Page 618 618
  • Page 619 619
  • Page 620 620
  • Page 621 621
  • Page 622 622
  • Page 623 623
  • Page 624 624
  • Page 625 625
  • Page 626 626
  • Page 627 627
  • Page 628 628
  • Page 629 629
  • Page 630 630
  • Page 631 631
  • Page 632 632
  • Page 633 633
  • Page 634 634
  • Page 635 635
  • Page 636 636
  • Page 637 637
  • Page 638 638
  • Page 639 639
  • Page 640 640
  • Page 641 641
  • Page 642 642
  • Page 643 643
  • Page 644 644
  • Page 645 645
  • Page 646 646
  • Page 647 647
  • Page 648 648
  • Page 649 649
  • Page 650 650
  • Page 651 651
  • Page 652 652
  • Page 653 653
  • Page 654 654
  • Page 655 655
  • Page 656 656
  • Page 657 657
  • Page 658 658
  • Page 659 659
  • Page 660 660
  • Page 661 661
  • Page 662 662
  • Page 663 663
  • Page 664 664
  • Page 665 665
  • Page 666 666
  • Page 667 667
  • Page 668 668
  • Page 669 669
  • Page 670 670
  • Page 671 671
  • Page 672 672
  • Page 673 673
  • Page 674 674
  • Page 675 675
  • Page 676 676
  • Page 677 677
  • Page 678 678
  • Page 679 679
  • Page 680 680
  • Page 681 681
  • Page 682 682
  • Page 683 683
  • Page 684 684
  • Page 685 685
  • Page 686 686
  • Page 687 687
  • Page 688 688
  • Page 689 689
  • Page 690 690
  • Page 691 691
  • Page 692 692
  • Page 693 693
  • Page 694 694
  • Page 695 695
  • Page 696 696
  • Page 697 697
  • Page 698 698
  • Page 699 699
  • Page 700 700
  • Page 701 701
  • Page 702 702
  • Page 703 703
  • Page 704 704
  • Page 705 705
  • Page 706 706
  • Page 707 707
  • Page 708 708
  • Page 709 709
  • Page 710 710
  • Page 711 711
  • Page 712 712
  • Page 713 713
  • Page 714 714
  • Page 715 715
  • Page 716 716
  • Page 717 717
  • Page 718 718
  • Page 719 719
  • Page 720 720
  • Page 721 721
  • Page 722 722
  • Page 723 723
  • Page 724 724
  • Page 725 725
  • Page 726 726
  • Page 727 727
  • Page 728 728

3com 3CRWX120695A Configuration manual

Category
Software
Type
Configuration manual

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI