H3C WX5002 Configuration manual

Category
Network switches
Type
Configuration manual
H3C WX Series Access Controllers
Access Controller Module Configuration Guide
Hangzhou H3C Technologies Co., Ltd.
http://www.h3c.com
Document Version: 6W105-20101124
Copyright © 2008-2010, Hangzhou H3C Technologies Co., Ltd. and its licensors
All Rights Reserved
No part of this manual may be reproduced or transmitted in any form or by any means without prior
written consent of Hangzhou H3C Technologies Co., Ltd.
Trademarks
H3C, , Aolynk, , H
3
Care,
, TOP G, , IRF, NetPilot, Neocean, NeoVTL,
SecPro, SecPoint, SecEngine, SecPath, Comware, Secware, Storware, NQA, VVG, V
2
G, V
n
G, PSPT,
XGbus, N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou H3C Technologies Co.,
Ltd.
All other trademarks that may be mentioned in this manual are the property of their respective owners.
Notice
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Preface
The H3C WX series documentation set describes the software features for the H3C WX Series Access
Controllers and guides you through the software configuration procedures. The configuration guides
also provide configuration examples to help you apply the software features to different network
scenarios.
The Access Controller Module Basic Configuration Guide describes the compatibility matrix between
access controller modules and Ethernet switches, and describes the basic configurations for an access
controller module to cooperate with an Ethernet switch.
This preface includes:
z Audience
z Conventions
z About the H3C WX Series Documentation Set
z Obtaining Documentation
z Technical Support
z Documentation Feedback
Audience
This documentation is intended for:
z Network planners
z Field technical support and servicing engineers
z Network administrators working with the WX series
Conventions
This section describes the conventions used in this documentation set.
Command conventions
Convention Description
Boldface Bold
text represents commands and keywords that you enter literally as shown.
italic
Italic text represents arguments that you replace with actual values.
[ ]
Square brackets enclose syntax choices (keywords or arguments) that are
optional.
{ x | y | ... }
Braces enclose a set of required syntax choices separated by vertical bars,
from which you select one.
[ x | y | ... ]
Square brackets enclose a set of optional syntax choices separated by vertical
bars, from which you select one or none.
{ x | y | ... } *
Asterisk marked braces enclose a set of required syntax choices separated by
vertical bars, from which you select at least one.
Convention Description
[ x | y | ... ] *
Asterisk marked square brackets enclose optional syntax choices separated by
vertical bars, from which you may select multiple choices or none.
&<1-n>
The argument or keyword and argument combination before the ampersand (&)
sign can be entered 1 to n times.
# A line that starts with a pound (#) sign is comments.
GUI conventions
Convention Description
Boldface
Window names, button names, field names, and menu items are in Boldface.
For example, the
New User
window appears; click
OK
.
>
Multi-level menus are separated by angle brackets. For example,
File
>
Create
>
Folder
.
Symbols
Convention Description
Means reader be extremely careful. Improper operation may cause bodily
injury.
Means reader be careful. Improper operation may cause data loss or damage to
equipment.
Means an action or information that needs special attention to ensure
successful configuration or good performance.
Means a complementary description.
Means techniques helpful for you to make configuration with ease.
Network topology icons
Convention Description
Represents a generic network device, such as a router, switch, or firewall.
Represents a routing-capable device, such as a router or Layer 3 switch.
Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router
that supports Layer 2 forwarding and other Layer 2 features.
Represents an access controller, an access controller module, or a switching
engine on a unified switch.
Represents an access point.
Represents a mesh access point.
Convention Description
Represents omnidirectional signals.
Represents directional signals.
About the H3C WX Series Documentation Set
The H3C WX series documentation set includes:
Category Documents Purposes
WX3000 Series Unified Wired and Wireless
Switches Brochure
WX5000 Series Access Controllers Brochure
Product
description and
specifications
WX6000 Series Access Controllers Brochure
Describe product specifications and
benefits.
LSWM1WCM10 Access Controller Module
Card Manual
LSWM1WCM20 Access Controller Module
Card Manual
LSRM1WCM2A1 Access Controller Module
Card Manual
Provide the hardware specifications of the
cards, and describe how to install and
remove the cards.
LSQM1WCMB0 Access Controller Module
Installation Manual
Hardware
specifications
and installation
LSBM1WCM2A0 Access Controller Module
Installation Manual
Guide you through hardware
specifications and installation methods to
help you install your AC.
WX Series Access Controllers Getting Started
Guides
Guide you through the main functions of
your AC, and describes how to install and
log in to your AC, perform basic
configurations, maintain software, and
troubleshoot your AC.
WX Series Access Controllers Configuration
Guides
Describe software features and
configuration procedures.
WX Series Access Controllers Command
References
Provide a quick reference to all available
commands.
Software
configuration
WX Series Access Controllers Web-based
Configuration Guides
Describes configuration procedures
through the web interface.
WX3000 Series Unified Switches Release
Notes
WX5002 Series Access Controllers Release
Notes
WX5004 Series Access Controllers Release
Notes
Operations and
maintenance
WX6103 Series Access Controllers Release
Notes
Provide information about the product
release, including the version history,
hardware and software compatibility
matrix, version upgrade information,
technical support information, and
software upgrading.
Obtaining Documentation
You can access the most up-to-date H3C product documentation on the World Wide Web at
http://www.h3c.com
.
Click the links on the top navigation bar to obtain different categories of product documentation:
[Technical Support & Documents > Technical Documents]
– Provides hardware installation, software
upgrading, getting started, and software feature configuration and maintenance documentation.
[Products & Solutions]
Provides information about products and technologies, as well as solutions.
[Technical Support & Documents > Software Download]
– Provides the documentation released with
the software version.
Technical Support
customer_service@h3c.com
http://www.h3c.com
Documentation Feedback
You can e-mail your comments about product documentation to [email protected].
We appreciate your comments.
z Read Compatibility Matrixes before using an H3C WX series access controller.
z Support of the H3C WX series access controllers for features and commands may vary by AC
model. For more information, see Feature Matrixes and Command Matrixes in Compatibility
Matrixes.
z The term AC in this document refers to H3C access controllers, access controller modules, and
H3C WX series unified switches' access controller engines.
z The interface types and the number of interfaces vary by AC model.
z The models listed in this manual are not applicable to all regions. Please consult your local sales
office for the models applicable to your region.
i
Table of Contents
1 Applicable Models and Software Versions·····························································································1-1
2 Typical Network Scenarios·······················································································································2-1
AC Networking········································································································································2-1
Access Controller Module Networking····································································································2-1
Unified Switch Networking ······················································································································2-2
3 Feature Matrixes········································································································································3-1
Feature Matrix for the WX5000 Series····································································································3-1
Feature Matrix for the WX6000 Series····································································································3-7
Feature Matrix for the WX3000 Series··································································································3-11
4 Command Matrixes····································································································································4-1
Command Matrix for the WX5000 Series·······························································································4-1
Command Matrix for the WX6000 Series·····························································································4-15
Command Matrix for the WX3000 Series·····························································································4-24
5 Access Controller Module Basic Configuration·····················································································5-1
Access Controller Module and Ethernet Switch Compatibility Matrix·····················································5-1
6 Access Controller Module Basic Configuration·····················································································6-1
Access Controller Module Basic Configuration·······················································································6-1
Configuring the Internal Ports of the Switch····················································································6-1
Configuring the Access Controller Module······················································································6-2
Configuration Examples··························································································································6-3
Configuring LS8M1WCMA0············································································································6-3
Configuring LSQM1WCMB0, LSBM1WCM2A0, or LSRM1WCM2A1············································6-3
Configuring LSWM1WCM20 or LSWM1WCM10············································································6-4
7 Index ···························································································································································7-1
1-1
1 Applicable Models and Software Versions
H3C WX series access controllers include the WX3000 series unified switches, and WX5000 and
WX6000 series access controllers. Table 1-1
shows the applicable models and software versions.
Table 1-1 Applicable models and software versions
Model Software version
WX3024 unified switches
WX3010 unified switches
WX3008 unified switches
LSWM1WCM20 access controller module
WX3000-CMW520-R3111P03
WX5002 access controller
LS8M1WCMA0 access controller module
WX5002-CMW520-R1112
WX5002V2 access controller
WX5004 access controller
LSWM1WCM10 access controller module
WX5004-CMW520-R2107P04
WX6103 access controller
LSQM1WCMB0 access controller module
LSBM1WCM2A0 access controller module
LSRM1WCM2A1 access controller module
WX6103-CMW520-R2115P08
2-1
2 Typical Network Scenarios
AC Networking
As shown in the following figure, the AC is connected to Switch (Layer 2 or Layer 3) through GE1/0/1,
which can be connected to APs directly or connected to APs over an IP network. Clients can be
connected to the network through the APs to implement WLAN user access.
Figure 2-1 AC networking
AC
GE 1/0/1
Server
AP 1 AP 2
Client A Client B
Scheme 1
IP network
Access Controller Module Networking
As shown in the following figure, installed with an access controller module, Switch (Layer 2 or Layer 3)
can be connected to APs directly or connected to APs over an IP network. Clients can be connected to
the network through the APs to implement WLAN user access.
2-2
Figure 2-2 Access controller module networking
Unified Switch Networking
As shown in Figure 2-3, Unified switch (functions as both an AC and a Layer 2 switch) can be connected
to APs directly or connected to APs over an IP network. Clients can be connected to the network
through the APs to implement WLAN user access.
Figure 2-3 Unified switch networking diagram
3-1
3 Feature Matrixes
In this document, Yes means a feature or command is supported, and No means not supported.
Feature Matrix for the WX5000 Series
The LS8M1WCMA0, LSWM1WCM10, and LSWM1WCM20 on the WX5000 series adopt the OAP architecture. Installed on the expansion slots of switches,
they work as OAP cards to exchange data and status and control information with the switches through their internal service interfaces. Do not configure
services such as QoS rate limiting and 802.1X authentication on GE interfaces on the LS8M1WCMA0, XGE 1/0/1 on the LSWM1WCM10, and the logical
interface BAGG1 aggregated by GE 1/0/1 and GE 1/0/2 on the LSWM1WCM20.
Table 3-1 Feature matrix for the WX5000 series
Document Module Feature WX5002 WX5002V2 LS8M1WCMA0 WX5004 LSWM1WCM10 LSWM1WCM20
AUX user interface Yes No Yes No Yes Yes
Console user interface No Yes No Yes No No
Login configuration
Telnet Yes Yes Yes Yes Yes Yes
Fundamentals
Configuration
Guide
User interface
configuration
User interface type
Console
user
interface not
supported
AUX user
interface not
supported
Yes
AUX user
interface
not
supported
Console user
interface not
supported
Console user
interface not
supported
3-2
Document Module Feature WX5002 WX5002V2 LS8M1WCMA0 WX5004 LSWM1WCM10 LSWM1WCM20
File system
management
configuration
Configuration file
encryption
No No No No No Yes
Storage media
supported
Flash CF Flash CF CF Flash
Device management
configuration
License
Supports 32
concurrent
APs by
default, and
can be
extended to
support 64.
No on the
WX5002-12
8
Supports 32
concurrent
APs by
default, and
can be
extended to
support 64.
No
Supports
64
concurren
t APs by
default,
and can
be
extended
to support
256.
Supports 64
concurrent APs
by default, and
can be extended
to support 256.
Supports 32
concurrent APs
by default, and
can be extended
to support 128.
Hot AC backup No Yes No Yes Yes No
WLAN
Configuration
Guide
WLAN services
configuration
Maximum number of
SSIDs supported
128 256 128 256 256 128
Combo port
configuration
Yes Yes No Yes
No No
Shutting down an
Ethernet interface
Yes Yes Yes Yes
Yes.
Do not use the
shutdown
command on
internal
interfaces;
otherwise, the
normal
operation of the
device will be
affected.
Yes.
Do not use the
shutdown
command on
internal
interfaces;
otherwise, the
normal
operation of the
device will be
affected.
Layer 2 – LAN
Switching
Configuration
Guide
Ethernet interface
configuration
Configuring flow
control on an Ethernet
interface
Yes Yes Yes Yes
No No
3-3
Document Module Feature WX5002 WX5002V2 LS8M1WCMA0 WX5004 LSWM1WCM10 LSWM1WCM20
Configuring loopback
detection on an
Ethernet interface
Yes on GE
interfaces
only
Yes on GE
interfaces
only
Internal loopback
testing supported
on GE interfaces
only
Yes on
GE
interfaces
only
Internal
loopback testing
supported on
XGE interfaces
only
Internal
loopback testing
supported on
GE interfaces
only
Link aggregation
configuration
Link aggregation Yes Yes No Yes No Yes
MSTP Configuration STP No Yes No Yes No No
Layer 2 forwarding
configuration
Layer 2 forwarding Yes No Yes No No No
Port mirroring
configuration
Port mirroring
Remote port
mirroring
and
cross-board
mirroring not
supported
Remote port
mirroring
and
cross-board
mirroring not
supported
No
Remote
port
mirroring
and
cross-boa
rd
mirroring
not
supported
No No
DNS configuration
IPv6 DNS
configuration
Yes Yes Yes Yes Yes Yes
IP performance
optimization
configuration
Configuring ICMP to
send error packets
Yes No No No No No
Adjacency table
configuration
Displaying and
maintaining adjacency
table
No Yes No Yes Yes Yes
IPv6 basics
configuration
IPv6 basics
configuration
Yes Yes Yes Yes Yes Yes
Layer 3 – IP
Services
Configuration
Guide
IPv6 application
configuration
IPv6 application
configuration
Yes Yes Yes Yes Yes Yes
Layer 3 – IP
Routing
IP routing basics
configuration
IPv6 features Yes Yes Yes Yes Yes Yes
3-4
Document Module Feature WX5002 WX5002V2 LS8M1WCMA0 WX5004 LSWM1WCM10 LSWM1WCM20
Configuration
Guide
IPv6 static routing
configuration
IPv6 static routing
configuration
Yes Yes Yes Yes Yes Yes
MLD snooping
configuration
MLD snooping Yes Yes Yes Yes Yes Yes
IP Multicast
Configuration
Guide
IPv6 multicast VLAN
configuration
IPv6 multicast VLAN Yes Yes Yes Yes Yes Yes
ACL configuration IPv6 ACL Yes Yes Yes Yes Yes Yes
Configuring line rate Yes Yes Yes Yes Yes Yes
ACL and QoS
Configuration
Guide
QoS
Configuring CAR
applicable to all traffic
of online users
No Yes No Yes Yes Yes
AAA
Specifying the device
ID to be used in
stateful failover mode
No Yes No Yes Yes No
Configuring Layer 3
portal authentication
No Yes No Yes Yes Yes
Specifying the portal
group to which the
portal service backup
interface belongs
No Yes No Yes Yes No
Specifying the device
ID to be used in
stateful failover mode
No Yes No Yes Yes No
Portal configuration
Specifying the backup
source IP address for
RADIUS packets to be
sent
No Yes No Yes Yes No
Security
Configuration
Guide
SSH2.0 configuration
Specifying a source
IPv6 address or
interface for an SSH
client
Yes Yes Yes Yes Yes Yes
3-5
Document Module Feature WX5002 WX5002V2 LS8M1WCMA0 WX5004 LSWM1WCM10 LSWM1WCM20
Establishing a
connection between
an SSH client and an
IPv6 SSH server
Yes Yes Yes Yes Yes Yes
Specifying a source
IPv6 address or
interface for an SFTP
client
Yes Yes Yes Yes Yes Yes
Establishing a
connection between
an SFTP client and an
IPv6 SFTP server
Yes Yes Yes Yes Yes Yes
IPv6 SFTP client Yes Yes Yes Yes Yes Yes
Security protection
configuration
Management protocol
packets supported
Telnet,
SNMP, and
web
managemen
t packets
whose
destination
IP address
is the local
host
ICMP, IEC,
Telnet, and
SNMP
packets
whose
destination
IP address
is the local
host
Telnet, SNMP,
and web
management
packets whose
destination IP
address is the
local host
ICMP,
IEC,
Telnet,
and
SNMP
packets
whose
destinatio
n IP
address is
the local
host
ICMP, IEC,
Telnet, and
SNMP packets
whose
destination IP
address is the
local host
ICMP, IEC,
Telnet, and
SNMP packets
whose
destination IP
address is the
local host
3-6
Document Module Feature WX5002 WX5002V2 LS8M1WCMA0 WX5004 LSWM1WCM10 LSWM1WCM20
Other protocol packets
supported
11MAC/802.
1X/ARP/DH
CP/HWTAC
AS/ICMP/IG
MP/MLD/L
WAPP/ND/
NTP/PIM/R
ADIUS
Data
packets: all
packets
except the
above
packets.
UDP/TCP/8
02.1X/DHC
P/IGMP/NT
P/ARP/LWA
PP/LooPbac
k/PPPoE/IA
CTP/ACSEI/
STP/LWAP
P_DATA/De
fault
11MAC/802.1X/
ARP/DHCP/HW
TACAS/ICMP/IG
MP/MLD/LWAP
P/ND/NTP/PIM
/RADIUS
Data packets: all
packets except
the above
packets.
UDP/TCP/
802.1X/D
HCP/IGM
P/NTP/AR
P/LWAPP
/LooPbac
k/PPPoE/I
ACTP/AC
SEI/
STP/LWA
PP_DATA
/Default
UDP/TCP/802.1
X/DHCP/IGMP/
NTP/ARP/LWA
PP/LooPback/P
PPoE/IACTP/A
CSEI/
STP/LWAPP_D
ATA/Default
UDP/TCP/802.1
X/DHCP/IGMP/
NTP/ARP/LWA
PP/LooPback/P
PPoE/IACTP/A
CSEI/
STP/LWAPP_D
ATA/Default
Enabling attack
prevention for
protocols
No Yes No Yes Yes Yes
Configuring rate limits
for a protocol
No Yes No Yes Yes Yes
Network
Management
and Monitoring
Configuration
Guide
Information center
configuration
Logfile No Yes No Yes Yes No
OAP module
configuration
No Yes No Yes No No
ACSEI server
configuration
No Yes No Yes No No
OAA
Configuration
Guide
OAA configuration
ACSEI client
configuration
No Yes Yes Yes Yes Yes
Access
Controller
Module Basic
Configuration
Guide
Access Controller
Module Basic
Configuration
Access Controller
Module Basic
Configuration
No No Yes No Yes Yes
3-7
Feature Matrix for the WX6000 Series
The switch interface module on the WX6103, and the LSQM1WCMB0, LSBM1WCM2A0, and LSRM1WCM2A1 access controller modules on the WX6000
series adopt the OAP architecture. Installed on the expansion slots of switches, they work as OAP cards to exchange data and status and control information
with the switches through their internal service interfaces. The XGE interfaces on the switch interface module on the WX6103, and the LSQM1WCMB0,
LSBM1WCM2A0, and LSWM1WCM10 access controller modules are internal interfaces. Do not configure services such as QoS rate limiting and 802.1X
authentication on them.
Table 3-2 Feature matrix for the WX6000 series
Volume Module Feature WX6103 LSQM1WCMB0 LSBM1WCM2A0 LSRM1WCM2A1
AUX user interface No No No Yes
Console user interface Yes Yes Yes Yes
Login configuration
Telnet Yes Yes
Yes (IPv6 telnet not
supported)
Yes
User interface
configuration
User interface type
AUX user interface
not supported
AUX user interface
not supported
AUX user interface
not supported
AUX user interface
not supported
File management
configuration
Configuration file
encryption
No No No No
Storage media supported CF and USB CF and USB CF and USB CF and USB
Fundamentals
Configuration Guide
Device management
configuration
License
128 APs at most by
default, and can be
extended to 640
APs.
128 APs at most by
default, and can be
extended to 640
APs.
128 APs at most by
default, and can be
extended to 640
APs.
128 APs at most by
default, and can be
extended to 640
APs.
WLAN Configuration WLAN services
Hot AC backup Yes Yes Yes Yes
3-8
Volume Module Feature WX6103 LSQM1WCMB0 LSBM1WCM2A0 LSRM1WCM2A1
Guide configuration
Maximum number of
SSIDs supported
512 512 512 512
Combo port configuration
The MPU does not
support the Combo
port.
No No No
Shutting down an
Ethernet interface
Yes Yes Yes Yes
Configuring flow control
on an Ethernet interface
Internal loopback
testing supported
on XGE interfaces
only
Internal loopback
testing supported
on XGE interfaces
only
Internal loopback
testing supported
on XGE interfaces
only
Internal loopback
testing supported
on XGE interfaces
only
Ethernet interface
configuration
Loopback detection on
an Ethernet interface
No No No No
Link aggregation
configuration
Link aggregation No No No No
MSTP Configuration STP No No No No
Layer 2 forwarding
configuration
Layer 2 forwarding No No No No
Layer 2 – LAN Switching
Configuration Guide
Port mirroring
configuration
Port mirroring No No No No
DNS configuration IPv6 DNS configuration Yes Yes No Yes
IP performance
optimization
configuration
Configuring ICMP to
send error packets
No No No No
Adjacency table
configuration
Displaying and
maintaining adjacency
table
Yes Yes Yes Yes
IPv6 basics
configuration
IPv6 basics configuration Yes Yes No Yes
Layer 3 – IP Services
Configuration Guide
IPv6 application
configuration
IPv6 application
configuration
Yes Yes No Yes
3-9
Volume Module Feature WX6103 LSQM1WCMB0 LSBM1WCM2A0 LSRM1WCM2A1
IP routing basics
configuration
IPv6-related displaying
and maintaining
commands
Yes Yes No Yes
Layer 3 – IP Routing
Configuration Guide
IPv6 static routing
configuration
IPv6 static routing
configuration
Yes Yes No Yes
MLD snooping
configuration
MLD snooping Yes Yes No No
IP Multicast
Configuration Guide
IPv6 multicast VLAN
configuration
IPv6 multicast VLAN Yes Yes No No
ACL configuration IPv6 ACL Yes Yes No Yes
Configuring line rate No No No No
ACL and QoS
Configuration Guide
QoS
Configuring CAR
applicable to all traffic of
online users
Yes Yes Yes Yes
AAA configuration
Specifying the device ID
to be used in stateful
failover mode
Yes Yes Yes Yes
Configuring Layer 3
portal authentication
Yes Yes Yes Yes
Specifying the portal
group to which the portal
service backup interface
belongs
Yes Yes Yes Yes
Specifying the device ID
to be used in stateful
failover mode
Yes Yes Yes Yes
Portal configuration
Specifying the backup
source IP address for
RADIUS packets to be
sent
Yes Yes Yes Yes
Security Configuration
Guide
SSH2.0 configuration
Specifying a source IPv6
address or interface for
an SSH client
Yes Yes No Yes
  • Page 1 1
  • Page 2 2
  • Page 3 3
  • Page 4 4
  • Page 5 5
  • Page 6 6
  • Page 7 7
  • Page 8 8
  • Page 9 9
  • Page 10 10
  • Page 11 11
  • Page 12 12
  • Page 13 13
  • Page 14 14
  • Page 15 15
  • Page 16 16
  • Page 17 17
  • Page 18 18
  • Page 19 19
  • Page 20 20
  • Page 21 21
  • Page 22 22
  • Page 23 23
  • Page 24 24
  • Page 25 25
  • Page 26 26
  • Page 27 27
  • Page 28 28
  • Page 29 29
  • Page 30 30
  • Page 31 31
  • Page 32 32
  • Page 33 33
  • Page 34 34
  • Page 35 35
  • Page 36 36
  • Page 37 37
  • Page 38 38
  • Page 39 39
  • Page 40 40
  • Page 41 41
  • Page 42 42
  • Page 43 43
  • Page 44 44
  • Page 45 45
  • Page 46 46
  • Page 47 47
  • Page 48 48
  • Page 49 49
  • Page 50 50
  • Page 51 51
  • Page 52 52
  • Page 53 53
  • Page 54 54
  • Page 55 55
  • Page 56 56
  • Page 57 57
  • Page 58 58
  • Page 59 59
  • Page 60 60
  • Page 61 61
  • Page 62 62
  • Page 63 63
  • Page 64 64

H3C WX5002 Configuration manual

Category
Network switches
Type
Configuration manual

Ask a question and I''ll find the answer in the document

Finding information in a document is now easier with AI