Page 1
Wireless LAN Mobility System
Wireless LAN Switch and Controller
Command Reference
WX4400 3CRWX440095A
WX1200 3CRWX120695A
WXR100 3CRWXR10095A
WX2200 3CRWX220095A
http://www.3Com.com/
Part No. 10015409 Rev. AA
Published August 2006
Page 2
3Com Corporation
350 Campus Drive
Marlborough, MA USA
01752-3064
Copyright © 2006, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced
in any form or by any means or used to make any derivative work (such as translation, transformation, or
adaptation) without written permission from 3Com Corporation.
3Com Corporation reserves the right to revise this documentation and to make changes in content from time
to time without obligation on the part of 3Com Corporation to provide notification of such revision or change.
3Com Corporation provides this documentation without warranty, term, or condition of any kind, either
implied or expressed, including, but not limited to, the implied warranties, terms or conditions of
merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or
changes in the product(s) and/or the program(s) described in this documentation at any time.
If there is any software on removable media described in this documentation, it is furnished under a license
agreement included with the product as a separate document, in the hard copy documentation, or on the
removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy,
please contact 3Com and a copy will be provided to you.
UNITED STATES GOVERNMENT LEGEND
If you are a United States government agency, then this documentation and the software described herein are
provided to you subject to the following:
All technical data and computer software are commercial in nature and developed solely at private expense.
Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or
as a “commercial item” as defined in FAR 2.101(a) and as such is provided with only such rights as are
provided in 3Com’s standard commercial license for the Software. Technical data is provided with limited rights
only as provided in DFAR 252.227-7015 (Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable.
You agree not to remove or deface any portion of any legend provided on any licensed program or
documentation contained in, or delivered to you in conjunction with, this User Guide.
Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may
not be registered in other countries.
3Com is a registered trademark of 3Com Corporation. The 3Com logo is a trademark of 3Com Corporation.
Mobility Domain, Mobility Point, Mobility Profile, Mobility System, Mobility System Software, MP, MSS, and
SentrySweep are trademarks of Trapeze Networks, Inc.
Intel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, Windows XP,
and Windows NT are registered trademarks of Microsoft Corporation.
All other company and product names may be trademarks of the respective companies with which they are
associated.
ENVIRONMENTAL STATEMENT
It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we
are committed to:
Establishing environmental performance standards that comply with national legislation and regulations.
Conserving energy, materials and natural resources in all operations.
Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental
standards. Maximizing the recyclable and reusable content of all products.
Ensuring that all products can be recycled, reused and disposed of safely.
Ensuring that all products are labelled according to recognized environmental standards.
Improving our environmental record on a continual basis.
End of Life Statement
3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components.
Regulated Materials Statement
3Com products do not contain any hazardous or ozone-depleting material.
Environmental Statement about the Documentation
The documentation for this product is printed on paper that comes from sustainable, managed forests; it is
fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and
the inks are vegetable-based with a low heavy-metal content.
Page 3
CONTENTS
ABOUT THIS GUIDE
Conventions 21
Documentation 22
Documentation Comments 23
1 USING THE COMMAND-LINE INTERFACE
Overview 25
CLI Conventions 26
Command Prompts 26
Syntax Notation 26
Text Entry Conventions and Allowed Characters 27
MAC Address Notation 27
IP Address and Mask Notation 28
User Globs, MAC Address Globs, and VLAN Globs 28
Port Lists 30
Virtual LAN Identification 31
Command-Line Editing 31
Keyboard Shortcuts 31
History Buffer 32
Tabs 32
Single-Asterisk (*) Wildcard Character 32
Double-Asterisk (**) Wildcard Characters 32
Using CLI Help 33
Understanding Command Descriptions 34
2 ACCESS COMMANDS
Commands by Usage 35
disable 35
enable 36
quit 36
set enablepass 37
Page 4
3 SYSTEM SERVICE COMMANDS
Commands by Usage 39
clear banner motd 40
clear history 41
clear prompt 41
clear system 42
display banner motd 43
display base-information 43
display license 44
display load 45
display system 45
help 48
history 49
quickstart 50
set auto-config 50
set banner motd 52
set confirm 53
set length 54
set license 55
set prompt 56
set system contact 57
set system countrycode 58
set system idle-timeout 62
set system ip-address 63
set system location 64
set system name 65
4 PORT COMMANDS
Commands by Usage 67
clear dap 68
clear port counters 69
clear port-group 69
clear port media-type 70
clear port name 70
clear port mirror 71
clear port preference 71
clear port type 72
Page 5
display port counters 73
display port-group 74
display port mirror 75
display port poe 76
display port status 77
display port media-type 79
monitor port counters 80
reset port 85
set dap 85
set port 87
set port-group 88
set port media-type 89
set port mirror 90
set port name 91
set port negotiation 91
set port poe 92
set port speed 93
set port trap 94
set port type ap 95
set port type wired-auth 98
5 VLAN COMMANDS
Commands by usage 101
clear fdb 102
clear security 12-restrict 103
clear security 12-restrict counters 104
clear vlan 105
display fdb 106
display fdb agingtime 108
display fdb count 109
display roaming station 110
display roaming vlan 112
display security 12-restrict 113
display tunnel 114
display vlan config 115
set fdb 117
set fdb agingtime 118
Page 6
set security l2-restrict 118
set vlan name 120
set vlan port 121
set vlan tunnel-affinity 122
6 QUALITY OF SERVICE COMMANDS
Commands by Usage 123
clear qos 124
set qos cos-to-dscp-map 125
set qos dscp-to-cos-map 126
display qos 127
display qos dscp-table 128
7 IP SERVICES COMMANDS
Commands by Usage 129
clear interface 131
clear ip alias 132
clear ip dns domain 133
clear ip dns server 133
clear ip route 134
clear ip telnet 135
clear ntp server 135
clear ntp update-interval 136
clear snmp community 137
clear snmp notify profile 137
clear snmp notify target 138
clear snmp usm 138
clear summertime 139
clear system ip-address 140
clear timezone 140
display arp 141
display dhcp-client 142
display dhcp-server 144
display interface 146
display ip alias 147
display ip dns 148
display ip https 149
Page 7
display ip route 150
display ip telnet 152
display ntp 153
display snmp community 155
display snmp counters 156
display snmp notify profile 156
display snmp notify target 156
display snmp status 157
display snmp usm 158
display summertime 158
display timedate 159
display timezone 159
ping 160
set arp 162
set arp agingtime 163
set interface 164
set interface dhcp-client 165
set interface dhcp-server 166
set interface status 167
set ip alias 168
set ip dns 168
set ip dns domain 169
set ip dns server 170
set ip https server 171
set ip route 171
set ip snmp server 173
set ip ssh 174
set ip ssh server 175
set ip telnet 175
set ip telnet server 176
set ntp 177
set ntp server 178
set ntp update-interval 179
set snmp community 179
set snmp notify profile 181
set snmp notify target 185
SNMPv3 with Informs 185
SNMPv3 with Traps 187
Page 8
SNMPv2c with Informs 187
SNMPv2c with Traps 188
SNMPv1 with Traps 188
set snmp protocol 190
set snmp security 191
set snmp usm 192
set summertime 195
set system ip-address 196
set timedate 197
set timezone 198
telnet 199
traceroute 201
8 AAA COMMANDS
Commands by Usage 205
clear accounting 207
clear authentication admin 208
clear authentication console 209
clear authentication dot1x 210
clear authentication last-resort 211
clear authentication mac 212
clear authentication proxy 213
clear authentication web 213
clear location policy 214
clear mac-user 215
clear mac-user attr 216
clear mac-user group 216
clear mac-usergroup 217
clear mac-usergroup attr 218
clear mobility-profile 219
clear user 219
clear user attr 220
clear user group 221
clear usergroup 221
clear usergroup attr 222
display aaa 223
display accounting statistics 226
Page 9
display location policy 228
display mobility-profile 229
set accounting {admin | console} 229
set accounting {dot1x | mac | web | last-resort} 231
set authentication admin 233
set authentication console 235
set authentication dot1x 237
set authentication last-resort 240
set authentication mac 243
set authentication proxy 245
set authentication web 246
set location policy 248
set mac-user 252
set mac-user attr 253
set mac-usergroup attr 258
set mobility-profile 259
set mobility-profile mode 261
set user 262
set user attr 263
set user group 264
set usergroup 265
set web-portal 266
9 MOBILITY DOMAIN COMMANDS
Commands by Usage 269
clear mobility-domain 270
clear mobility-domain member 270
display mobility-domain config 271
display mobility-domain status 272
set mobility-domain member 273
set mobility-domain mode member seed-ip 274
set mobility-domain mode seed domain-name 275
10 NETWORK DOMAIN COMMANDS
Network Domain Commands by Usage 277
clear network-domain 278
clear network-domain mode 279
Page 10
clear network-domain peer 280
clear network-domain seed-ip 281
display network-domain 282
set network-domain mode member seed-ip 284
set network-domain peer 285
set network-domain mode seed domain-name 286
11 MANAGED ACCESS POINT COMMANDS
MAP Access Point Commands by Usage 287
clear {ap | dap} radio 291
clear dap boot-configuration 293
clear radio-profile 293
clear service-profile 295
display {ap | dap} config 296
display {ap | dap} counters 300
display {ap | dap} qos-stats 306
display {ap | dap} etherstats 307
display {ap | dap} group 309
display {ap | dap} status 310
display auto-tune attributes 317
display auto-tune neighbors 319
display dap boot-configuration 321
display dap connection 322
display dap global 324
display dap unconfigured 325
display radio-profile 327
display service-profile 330
reset {ap | dap} 338
set dap auto 339
set dap auto persistent 341
set dap auto radiotype 342
set dap auto mode 342
set {ap | dap} bias 343
set {ap | dap} blink 345
set dap boot-ip 346
set dap boot-switch 347
set dap boot-vlan 349
Page 11
set dap fingerprint 350
set {ap | dap} group 351
set {ap | dap} name 352
set {ap | dap} radio antennatype 353
set {ap | dap} radio auto-tune max-power 354
set {ap | dap} radio auto-tune max-retransmissions 356
set {ap | dap} radio channel 358
set {ap | dap} radio auto-tune min-client-rate 359
set {ap | dap} radio mode 360
set {ap | dap} radio radio-profile 362
set {ap | dap} radio tx-power 363
set dap security 364
set {ap | dap} upgrade-firmware 365
set radio-profile 11g-only 366
set radio-profile active-scan 366
set radio-profile auto-tune channel-config 367
set radio-profile auto-tune channel-holddown 368
set radio-profile auto-tune channel-interval 369
set radio-profile auto-tune power-backoff- timer 370
set radio-profile auto-tune power-config 371
set radio-profile auto-tune power-interval 372
set radio-profile beacon-interval 373
set radio-profile countermeasures 374
set radio-profile dtim-interval 375
set radio-profile frag-threshold 376
set radio-profile long-retry 377
set radio-profile max-rx-lifetime 378
set radio-profile max-tx-lifetime 379
set radio-profile mode 380
set radio-profile preamble-length 382
set radio-profile qos-mode 383
set radio-profile rts-threshold 384
set radio-profile service-profile 385
set radio-profile short-retry 391
set radio-profile wmm 391
set service-profile attr 391
set service-profile auth-dot1x 393
set service-profile auth-fallthru 394
Page 12
set service-profile auth-psk 395
set service-profile beacon 396
set service-profile cac-mode 397
set service-profile cac-session 398
set service-profile cipher-ccmp 399
set service-profile cipher-tkip 400
set service-profile cipher-wep40 401
set service-profile cipher-wep104 402
set service-profile cos 403
set service-profile dhcp-restrict 404
set service-profile idle-client-probing 405
set service-profile long-retry-count 406
set service-profile no-broadcast 407
set service-profile proxy-arp 408
set service-profile psk-phrase 409
set service-profile psk-raw 410
set service-profile rsn-ie 411
set service-profile shared-key-auth 412
set service-profile short-retry-count 412
set service-profile soda agent-directory 413
set service-profile soda enforce-checks 414
set service-profile soda failure-page 415
set service-profile soda logout-page 416
set service-profile soda mode 418
set service-profile soda remediation-acl 419
set service-profile soda success-page 420
set service-profile ssid-name 421
set service-profile ssid-type 422
set service-profile tkip-mc-time 422
set service-profile static-cos 423
set service-profile transmit-rates 424
set service-profile user-idle-timeout 426
set service-profile web-portal-form 427
set service-profile web-portal-session-timeout 429
set service-profile wep active-multicast-index 430
set service-profile wep active-unicast-index 431
set service-profile wep key-index 432
set service-profile wpa-ie 433
Page 13
12 STP COMMANDS
STP Commands by Usage 435
clear spantree portcost 436
clear spantree portpri 437
clear spantree portvlancost 437
clear spantree portvlanpri 438
clear spantree statistics 439
display spantree 440
display spantree backbonefast 443
display spantree blockedports 444
display spantree portfast 445
display spantree portvlancost 446
display spantree statistics 446
display spantree uplinkfast 452
set spantree 453
set spantree backbonefast 454
set spantree fwddelay 455
set spantree hello 455
set spantree maxage 456
set spantree portcost 457
set spantree portfast 458
set spantree portpri 459
set spantree portvlancost 460
set spantree portvlanpri 461
set spantree priority 462
set spantree uplinkfast 462
13 IGMP SNOOPING COMMANDS
Commands by usage 465
clear igmp statistics 466
display igmp 466
display igmp mrouter 470
display igmp querier 471
display igmp receiver-table 473
display igmp statistics 475
set igmp 477
set igmp lmqi 478
Page 14
set igmp mrouter 479
set igmp mrsol 480
set igmp mrsol mrsi 480
set igmp oqi 481
set igmp proxy-report 482
set igmp qi 483
set igmp qri 484
set igmp querier 485
set igmp receiver 485
set igmp rv 486
14 SECURITY ACL COMMANDS
Security ACL Commands by Usage 489
clear security acl 490
clear security acl map 491
commit security acl 493
display security acl 494
display security acl editbuffer 495
display security acl hits 496
display security acl info 497
display security acl map 498
display security acl resource-usage 499
rollback security acl 503
set security acl 504
set security acl map 509
set security acl hit-sample-rate 511
15 CRYPTOGRAPHY COMMANDS
Commands by Usage 514
crypto ca-certificate 514
crypto certificate 516
crypto generate key 517
crypto generate request 518
crypto generate self-signed 520
crypto otp 522
crypto pkcs12 524
display crypto ca-certificate 525
Page 15
display crypto certificate 526
display crypto key ssh 528
16 RADIUS AND SERVER GROUP COMMANDS
Commands by Usage 529
clear radius 530
clear radius client system-ip 531
clear radius proxy client 532
clear radius proxy port 532
clear radius server 533
clear server group 533
set radius 534
set radius client system-ip 536
set radius proxy client 537
set radius proxy port 538
set radius server 539
set server group 541
set server group load-balance 542
17 802.1X MANAGEMENT COMMANDS
Commands by Usage 545
clear dot1x bonded-period 546
clear dot1x max-req 547
clear dot1x port-control 547
clear dot1x quiet-period 548
clear dot1x reauth-max 549
clear dot1x reauth-period 549
clear dot1x timeout auth-server 550
clear dot1x timeout supplicant 550
clear dot1x tx-period 551
display dot1x 551
set dot1x authcontrol 554
set dot1x bonded-period 555
set dot1x key-tx 556
set dot1x max-req 557
set dot1x port-control 558
set dot1x quiet-period 559
Page 16
set dot1x reauth 559
set dot1x reauth-max 560
set dot1x reauth-period 561
set dot1x timeout auth-server 561
set dot1x timeout supplicant 562
set dot1x tx-period 562
set dot1x wep-rekey 563
set dot1x wep-rekey-period 564
18 SESSION MANAGEMENT COMMANDS
Commands by Usage 565
clear sessions 565
clear sessions network 567
display sessions 568
display sessions network 571
19 RF DETECTION COMMANDS
Commands by Usage 579
clear rfdetect attack-list 580
clear rfdetect black-list 581
clear rfdetect ignore 581
clear rfdetect ssid-list 582
clear rfdetect vendor-list 583
display rfdetect attack-list 583
display rfdetect black-list 584
display rfdetect clients 585
display rfdetect countermeasures 587
display rfdetect counters 588
display rfdetect data 590
display rfdetect ignore 592
display rfdetect mobility-domain 592
display rfdetect ssid-list 597
display rfdetect vendor-list 597
display rfdetect visible 598
set rfdetect active-scan 600
set rfdetect attack-list 601
set rfdetect black-list 602
Page 17
set rf detect countermeasures 602
set rfdetect countermeasures mac 603
set rfdetect ignore 604
set rfdetect log 605
set rfdetect signature 606
set rfdetect ssid-list 607
set rfdetect vendor-list 608
test rflink 609
20 FILE MANAGEMENT COMMANDS
Commands by Usage 611
backup 612
clear boot backup-configuration 614
clear boot config 614
copy 615
delete 617
dir 618
install soda agent 621
display boot 622
display config 623
display version 625
load config 627
md5 629
mkdir 629
reset system 631
restore 632
rmdir 633
save config 633
set boot backup-configuration 634
set boot configuration-file 635
set boot partition 636
uninstall soda agent 636
21 TRACE COMMANDS
Commands by Usage 639
clear log trace 640
clear trace 640
Page 18
display trace 641
save trace 642
set trace authentication 642
set trace authorization 643
set trace dot1x 644
set trace sm 645
22 SNOOP COMMANDS
Commands by Usage 647
clear snoop 648
clear snoop map 648
set snoop 649
set snoop map 652
set snoop mode 653
display snoop 654
display snoop info 654
display snoop map 655
display snoop stats 656
23 SYSTEM LOG COMMANDS
Commands by Usage 659
clear log 659
display log buffer 660
display log config 662
display log trace 663
set log 664
set log mark 667
24 BOOT PROMPT COMMANDS
Boot Prompt Commands by Usage 669
autoboot 670
boot 671
change 673
create 674
delete 675
dhcp 676
Page 19
diag 677
dir 677
display 678
fver 680
help 681
ls 682
next 683
reset 684
test 685
version 686
A OBTAINING SUPPORT FOR YOUR 3COM PRODUCTS
Register Your Product to Gain Service Benefits 687
Solve Problems Online 687
Purchase Extended Warranty and Professional Services 688
Access Software Downloads 688
Contact Us 688
Telephone Technical Support and Repair 689
INDEX
Page 20
Page 21
Conventions 21
ABOUT THIS GUIDE
This command reference explains Mobility System Software (MSS™)
command line interface (CLI) that you enter on a 3Com WXR100 or
WX1200 Wireless Switch or WX4400 or WX2200 Wireless LAN
Controller to configure and manage the Mobility System™ wireless LAN
(WLAN).
Read this reference if you are a network administrator responsible for
managing WXR100, WX1200, WX4400, or WX2200 wireless switches
and their Managed Access Points (MAPs) in a network.
If release notes are shipped with your product and the information there
differs from the information in this guide, follow the instructions in the
release notes.
Most user guides and release notes are available in Adobe Acrobat
Reader Portable Document Format (PDF) or HTML on the 3Com
World Wide Web site:
http://www.3com.com/
Conventions Table 1 and Table 2 list conventions that are used throughout this guide.
Tab le 1 Notice Icons
Icon Notice Type Description
Information note Information that describes important features or
instructions
Caution Information that alerts you to potential loss of data or
potential damage to an application, system, or device
Page 22
22 ABOUT THIS GUIDE
This manual uses the following text and syntax conventions:
Tab le 2 Text Conventions
Convention Description
Monospace text Sets off command syntax or sample commands and system
responses.
Bold text Highlights commands that you enter or items you select.
Italic text Designates command variables that you replace with
appropriate values, or highlights publication titles or words
requiring special emphasis.
[ ] (square brackets) Enclose optional parameters in command syntax.
{ } (curly brackets) Enclose mandatory parameters in command syntax.
| (vertical bar) Separates mutually exclusive options in command syntax.
Keyboard key names If you must press two or more keys simultaneously, the key
names are linked with a plus sign (+). Example:
Press Ctrl+Alt+Del
Words in italics Italics are used to:
Emphasize a point.
Denote a new term at the place where it is defined in the
text.
Highlight an example string, such as a username or SSID.
Documentation The MSS documentation set includes the following documents.
Wireless LAN Switch Manager (3WXM) Release Notes
These notes provide information about the 3WXM software release,
including new features and bug fixes.
Wireless LAN Switch and Controller Release Notes
These notes provide information about the MSS software release,
including new features and bug fixes.
Wireless LAN Switch and Controller Quick Start Guide
This guide provides instructions for performing basic setup of secure
(802.1X) and guest (WebAAA
Domain for roaming, and for accessing a sample network plan in
3WXM for advanced configuration and management.
™) access, for configuring a Mobility
Page 23
Documentation Comments 23
Wireless LAN Switch Manager Reference Manual
This manual shows you how to plan, configure, deploy, and manage a
Mobility System wireless LAN (WLAN) using the 3Com Wireless LAN
Switch Manager (3WXM).
Wireless LAN Switch Manager User’s Guide
This manual shows you how to plan, configure, deploy, and manage the
entire WLAN with the 3WXM tool suite. Read this guide to learn how to
plan wireless services, how to configure and deploy 3Com equipment to
provide those services, and how to optimize and manage your WLAN.
Wireless LAN Switch and Controller Hardware Installation Guide
This guide provides instructions and specifications for installing a WX
wireless switch in a Mobility System WLAN.
Wireless LAN Switch and Controller Configuration Guide
This guide provides instructions for configuring and managing the
system through the Mobility System Software (MSS) CLI.
Wireless LAN Switch and Controller Command Reference
Documentation Comments
This reference provides syntax information for all MSS commands
supported on WX switches.
Your suggestions are very important to us. They will help make our
documentation more useful to you. Please e-mail comments about this
document to 3Com at:
pddtechpubs_comments@3com.com
Please include the following information when contacting us:
Document title
Document part number and revision (on the title page)
Page number (if appropriate)
Example:
Wireless LAN Switch and Controller Configuration Guide
Part number 730-9502-0071, Revision B
Page 25
Page 24
24 ABOUT THIS GUIDE
Please note that we can only respond to comments and questions about
3Com product documentation at this e-mail address. Questions related to
Technical Support or sales should be directed in the first instance to your
network supplier.
Page 25
USING THE COMMAND-LINE
1
INTERFACE
This chapter discusses the 3Com Wireless Switch Manager (3WXM)
command-line interface (CLI). Described are:
CLI conventions (see “CLI Conventions” on page 26)
Editing on the command line (see “Command-Line Editing” on
page 31)
Using the CLI help feature (see “Using CLI Help” on page 33)
Information about the command descriptions in this reference (see
“Understanding Command Descriptions” on page 34)
Overview Mobility System Software (MSS) operates a 3Com Mobility System
wireless LAN (WLAN) consisting of 3Com Wireless Switch Manager
(3WXM) software and 3Com Wireless LAN Switch or 3Com Wireless LAN
Controller (WX switch) and 3Com Wireless LAN Managed Access Point
(MAP) hardware. There is a command-line interface (CLI) on the WX
switch that you can use to configure and manage the WX and its
attached access points.
You configure the wireless LAN switches and access points primarily with
set, clear, and display commands. Use set commands to change
parameters. Use clear commands to reset parameters to their defaults. In
many cases, you can overwrite a parameter with another set command.
Use display commands to show the current configuration and monitor
the status of network operations.
The wireless LAN switches support two connection modes:
Administrative access mode, which enables the network administrator
to connect to the WX switch and configure the network
Network access mode, which enables network users to connect
through the WX switch to access the network
Page 26
26 CHAPTER 1: USING THE COMMAND-LINE INTERFACE
CLI Conventions Be aware of the following MSS CLI conventions for command entry:
“Command Prompts” on page 26
“Syntax Notation” on page 26
“Text Entry Conventions and Allowed Characters” on page 27
“User Globs, MAC Address Globs, and VLAN Globs” on page 28
“Port Lists” on page 30
“Virtual LAN Identification” on page 31
Command Prompts By default, the MSS CLI provides the following prompt for restricted
users. The mmmm portion shows the wireless LAN switch model number
(for example, 1200).
WXmmmm>
After you become enabled as an administrative user by typing enable
and supplying a suitable password, MSS displays the following prompt:
WXmmmm#
For information about changing the CLI prompt on a wireless LAN switch,
see “set prompt” on page 56.
Syntax Notation The MSS CLI uses standard syntax notation:
Bold monospace font identifies the command and keywords you must
type. For example:
set enablepass
Italics indicate a placeholder for a value. For example, you replace
vlan-id in the following command with a virtual LAN (VLAN) ID:
clear interface vlan-id ip
Curly brackets ({}) indicate a mandatory parameter, and square
brackets ([]) indicate an optional parameter. For example, you must
enter dynamic or port and a port list in the following command, but
a VLAN ID is optional:
clear fdb {dynamic | port port-list} [vlan vlan-id]
Page 27
CLI Conventions 27
A vertical bar (|) separates mutually exclusive options within a list of
possibilities. For example, you enter either enable or disable, not
both, in the following command:
set port {enable | disable} port-list
Text Entry
Conventions and
Allowed Characters
MAC Address
Notation
Unless otherwise indicated, the MSS CLI accepts standard ASCII
alphanumeric characters, except for tabs and spaces, and is
case-insensitive.
The CLI has specific notation requirements for MAC addresses, IP
addresses, and masks, and allows you to group usernames, MAC
addresses, virtual LAN (VLAN) names, and ports in a single command.
3Com recommends that you do not use the same name with different
capitalizations for VLANs or access control lists (ACLs). For example, do
not configure two separate VLANs with the names red and RED.
The CLI does not support the use of special characters including the
following in any named elements such as SSIDs and VLANs: ampersand
(&), angle brackets (< >), number sign (#), question mark (?), or quotation
marks (“”).
In addition, the CLI does not support the use of international characters
such as the accented É in DÉCOR.
MSS displays MAC addresses in hexadecimal numbers with a colon (:)
delimiter between bytes — for example, 00:01:02:1a:00:01. You can
enter MAC addresses with either hyphen (-) or colon (:) delimiters, but
colons are preferred.
For shortcuts:
You can exclude leading zeros when typing a MAC address. MSS
displays of MAC addresses include all leading zeros.
In some specified commands, you can use the single-asterisk (*)
wildcard character to represent from 1 byte to 5 bytes of a MAC
address. (For more information, see “MAC Address Globs” on
page 29.)
Page 28
28 CHAPTER 1: USING THE COMMAND-LINE INTERFACE
IP Address and Mask
Notation
User Globs, MAC
Address Globs, and
VLAN Globs
MSS displays IP addresses in dotted decimal notation — for example,
192.168.1.111. MSS makes use of both subnet masks and wildcard
masks.
Subnet Masks
Unless otherwise noted, use classless interdomain routing (CIDR) format
to express subnet masks — for example, 192.168.1.112/24. You indicate
the subnet mask with a forward slash (/) and specify the number of bits in
the mask.
Wildcard Masks
Security access control lists (ACLs) use source and destination IP addresses
and wildcard masks to determine whether the wireless LAN switch filters
or forwards IP packets. Matching packets are either permitted or denied
network access. The ACL checks the bits in IP addresses that correspond
to any 0s (zeros) in the mask, but does not check the bits that correspond
to 1s (ones) in the mask. You specify the wildcard mask in dotted decimal
notation.
For example, the address 10.0.0.0 and mask 0.255.255.255 match all IP
addresses that begin with 10 in the first octet.
Name “globbing” is a way of using a wildcard pattern to expand a single
element into a list of elements that match the pattern. MSS accepts user
globs, MAC address globs, and VLAN globs. The order in which globs
appear in the configuration is important, because once a glob is matched,
processing stops on the list of globs.
User Globs
A user glob is shorthand method for matching an authentication,
authorization, and accounting (AAA) command to either a single user or
a set of users.
A user glob can be up to 80 characters long and cannot contain spaces or
tabs. The double-asterisk (**) wildcard characters with no delimiter
characters match all usernames. The single-asterisk (*) wildcard character
matches any number of characters up to, but not including, a delimiter
character in the glob. Valid user glob delimiter characters are the at (@)
sign and the period (.).
Page 29
CLI Conventions 29
Table 3 gives examples of user globs.
Tab le 3 User Globs
User Glob User(s) Designated
jose@example.com User jose at example.com
*@example.com All users at example.com whose usernames do not
*@marketing.example.com All marketing users at example.com whose
*.*@marketing.example.com All marketing users at example.com whose
* All users with usernames that have no delimiters
EXAMPLE\* All users in the Windows Domain EXAMPLE with
EXAMPLE\*.* All users in the Windows Domain EXAMPLE whose
** All users
contain periods — for example, jose@example.com
and tamara@example.com, but not
nin.wong@example.com, because nin.wong
contains a period
usernames do not contain periods
usernames contain periods
usernames that have no delimiters
usernames contain periods
MAC Address Globs
A media access control (MAC) address glob is a similar method for
matching some authentication, authorization, and accounting (AAA) and
forwarding database (FDB) commands to one or more 6-byte MAC
addresses. In a MAC address glob, you can use a single asterisk (*) as a
wildcard to match all MAC addresses, or as follows to match from 1 byte
to 5 bytes of the MAC address:
00:*
00:01:*
00:01:02:*
00:01:02:03:*
00:01:02:03:04:*
For example, the MAC address glob 02:06:8c* represents all MAC
addresses starting with 02:06:8c. Specifying only the first 3 bytes of a
MAC address allows you to apply commands to MAC addresses based on
an organizationally unique identity (OUI).
Page 30
30 CHAPTER 1: USING THE COMMAND-LINE INTERFACE
VLAN Globs
A VLAN glob is a method for matching one of a set of local rules on an
wireless LAN switch, known as the location policy, to one or more users.
MSS compares the VLAN glob, which can optionally contain wildcard
characters, against the VLAN-Name attribute returned by AAA, to
determine whether to apply the rule.
To match all VLANs, use the double-asterisk (**) wildcard characters with
no delimiters. To match any number of characters up to, but not
including, a delimiter character in the glob, use the single-asterisk (*)
wildcard. Valid VLAN glob delimiter characters are the at (@) sign and the
period (.).
For example, the VLAN glob bldg4.* matches bldg4.security and bldg4.hr
and all other VLAN names with bldg4. at the beginning.
Matching Order for Globs
In general, the order in which you enter AAA commands determines the
order in which MSS matches the user, MAC address, or VLAN to a glob.
To verify the order, view the output of the display aaa or display config
command. MSS checks globs that appear higher in the list before items
lower in the list and uses the first successful match.
Port Lists The physical Ethernet ports on a WX switch can be set for connection to
MAP access points, authenticated wired users, or the network backbone.
You can include a single port or multiple ports in one MSS CLI command
by using the appropriate list format.
The ports on a WX switch are numbered 1 through 4 (for the 3Com
Wireless LAN Controller WX4400) and 1 through 8 (for the 3Com
Wireless Lan Switch WX1200). No port 0 exists on the WX switch. You
can include a single port or multiple ports in a command that includes
port port-list. Use one of the following formats for port-list:
A single port number. For example:
WX1200# set port enable 6
A comma-separated list of port numbers, with no spaces. For
example:
WX1200# display port poe 1,2,4
Page 31
Command-Line Editing 31
A hyphen-separated range of port numbers, with no spaces. For
example:
WX1200# reset port 1-3
Any combination of single numbers, lists, and ranges. Hyphens take
precedence over commas. For example:
WX1200# display port status 1-3,6
Virtual LAN
Identification
The names of virtual LANs (VLANs), which are used in Mobility Domain™
communications, are set by you and can be changed. In contrast, VLAN
ID numbers, which the wireless LAN uses locally, are determined when
the VLAN is first configured and cannot be changed. Unless otherwise
indicated, you can refer to a VLAN by either its VLAN name or its VLAN
number. CLI set and display commands use a VLAN’s name or number
to uniquely identify the VLAN within the WX.
Command-Line Editing
MSS editing functions are similar to those of many other network
operating systems.
Keyboard Shortcuts The following table lists the keyboard shortcuts for entering and editing
CLI commands.
Tab le 4 Keyboard Shortcuts
Keyboard Shortcut(s) Function
Ctrl+A Jumps to the first character of the command line.
Ctrl+B or Left Arrow key Moves the cursor back one character.
Ctrl+C Escapes and terminates prompts and tasks.
Ctrl+D Deletes the character at the cursor.
Ctrl+E Jumps to the end of the current command line.
Ctrl+F or Right Arrow key Moves the cursor forward one character.
Ctrl+K Deletes from the cursor to the end of the command
Ctrl+L or Ctrl+R Repeats the current command line on a new line.
Ctrl+N or Down Arrow key Enters the next command line in the history buffer.
Ctrl+P or Up Arrow key Enters the previous command line in the history
line.
buffer.
Page 32
32 CHAPTER 1: USING THE COMMAND-LINE INTERFACE
Tab le 4 Keyboard Shortcuts (continued)
Keyboard Shortcut(s) Function
Ctrl+U or Ctrl+X Deletes characters from the cursor to the beginning
Ctrl+W Deletes the last word typed.
Esc B Moves the cursor back one word.
Esc D Deletes characters from the cursor forward to the
Delete key or Backspace key Erases mistake made during command entry. Reenter
History Buffer The history buffer stores the last 63 commands you entered during a
terminal session. You can use the Up Arrow and Down Arrow keys to
select a command that you want to repeat from the history buffer.
Ta bs The MSS CLI uses the Tab key for command completion. You can type the
first few characters of a command and press the Tab key to show the
command(s) that begin with those characters. For example:
WX1200# display i <Tab>
ifm display interfaces maintained by the interface
manager
igmp display igmp information
interface display interfaces
ip display ip information
of the command line.
end of the word.
the command after using this key.
Single-Asterisk (*)
Wildcard Character
Double-Asterisk (**)
Wildcard Characters
You can use the single-asterisk (*) wildcard character in globbing. (For
details, see “User Globs, MAC Address Globs, and VLAN Globs” on
page 28.)
The double-asterisk (**) wildcard character matches all usernames. For
details, see “User Globs” on page 28.
Page 33
Using CLI Help 33
Using CLI Help The CLI provides online help. To see the full range of commands available
at your access level, type the help command. For example:
WX1200# help
Commands:
------------------------------------------------------------------------clear Clear, use 'clear help' for more information
commit Commit the content of the ACL table
copy Copy from filename (or url) to filename (or url)
crypto Crypto, use 'crypto help' for more information
delete Delete url
dir Show list of files on flash device
disable Disable privileged mode
display Display, use 'display help' for more information
exit Exit from the Admin session
help Show this help screen
history Show contents of history substitution buffer
load Load, use 'load help' for more information
logout Exit from the Admin session
monitor Monitor, use 'monitor help' for more information
ping Send echo packets to hosts
quit Exit from the Admin session
reset Reset, use 'reset help' for more information
rollback Remove changes to the edited ACL table
save Save the running configuration to persistent storage
set Set, use 'set help' for more information
telnet telnet IP address [server port]
traceroute Print the route packets take to network host
For more information on help, see “help” on page 48.
To see a subset of the online help, type the command for which you want
more information. For example, to show all the commands that begin
with the letter i, type the following command:
WX1200# display i?
ifm Show interfaces maintained by the interface manager
igmp Show igmp information
interface Show interfaces
ip Show ip information
Page 34
34 CHAPTER 1: USING THE COMMAND-LINE INTERFACE
To see all the variations, type one of the commands followed by a
question mark (?). For example:
WX1200# display ip ?
alias display ip aliases
dns display DNS status
https display ip https
route display ip route table
telnet display ip telnet
To determine the port on which Telnet is running, type the following
command:
WX1200# display ip telnet
Server Status Port
---------------------------------Enabled 23
Understanding Command Descriptions
Each command description in the 3Com Mobility System Software
Command Reference contains the following elements:
A command name, which shows the keywords but not the variables.
For example, the following command name appears at the top of a
command description and in the index:
set {ap | dap} name
The set {ap | dap} name command has the following complete syntax:
set {ap port-list | dap dap-num} name name
A brief description of the command’s functions.
The full command syntax.
Any command defaults.
The command access, which is either enabled or all. All indicates that
anyone can access this command. Enabled indicates that you must
enter the enable password before entering the command.
The command history, which identifies the MSS version in which the command
was introduced and the version numbers of any subsequent updates.
Special tips for command usage. These are omitted if the command
requires no special usage.
One or more examples of the command in context, with the
appropriate system prompt and response.
One or more related commands.
Page 35
2
ACCESS COMMANDS
This chapter describes access commands used to control access to the
Mobility Software System (MSS) command-line interface (CLI).
Commands by Usage
disable Changes the CLI session from enabled mode to restricted access.
This chapter presents access services commands alphabetically. Use
Table 5 to located commands in this chapter based on their use.
Tab le 5 Access Commands by Usage
Type Command
Access Privileges enable on page 36
set enablepass on page 37
disable on page 35
quit on page 36
Syntax —
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Examples — The following command restricts access to the CLI for the
current session:
WX1200# disable
WX1200>
disable
See Also
enable on page 36
Page 36
36 CHAPTER 2: ACCESS COMMANDS
enable Places the CLI session in enabled mode, which provides access to all
commands required for configuring and monitoring the system.
Syntax —
enable
Access — All.
History — Introduced in MSS Version 3.0.
Usage — MSS displays a password prompt to challenge you with the
enable password. To enable a session, your or another administrator must
have configured the enable password to this WX switch with the set
enablepass command.
Examples — The following command plus the enable password provides
enabled access to the CLI for the current sessions:
WX1200> enable
Enter password: password
WX1200#
See Also
set enablepass on page 37
set confirm on page 53
quit Exit from the CLI session.
Syntax — quit
Defaults — None.
Access — All.
History — Introduced in MSS Version 3.0.
Examples — To end the administrator’s session, type the following
command:
WX1200> quit
Page 37
set enablepass 37
set enablepass Sets the password that provides enabled access (for configuration and
monitoring) to the WX switch.
Syntax —
set enablepass
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — After typing the set enablepass command, press Enter. If you
are entering the first enable password on this WX switch, press Enter at
the Enter old password prompt. Otherwise, type the old password.
Then type a password of up to 32 alphanumeric characters with no
spaces, and reenter it at the Retype new password prompt.
CAUTION: Be sure to use a password that you will remember. If you lose
the enable password, the only way to restore it causes the system to
return to its default settings and wipes out the configuration.
Examples — The following example illustrates the prompts that the
system displays when the enable password is changed. The passwords
you enter are not displayed.
WX1200# set enablepass
Enter old password: old-password
Enter new password: new-password
Retype new password: new-password
Password changed
See Also
disable on page 35
enable on page 36
Page 38
38 CHAPTER 2: ACCESS COMMANDS
Page 39
3
SYSTEM SERVICE COMMANDS
Use system services commands to configure and monitor system
information for a WX switch.
Commands by Usage
This chapter presents system service commands alphabetically. Use
Table 6 to locate commands in this chapter based on their use.
Tab le 6 System Services Commands by Usage
Type Command
Configuration quickstart on page 50
Auto-Config set auto-config on page 50
Display clear banner motd on page 40
quickstart on page 50
display banner motd on page 43
set confirm on page 53
set length on page 54
System Identification set prompt on page 56
set system name on page 65
set system location on page 64
set system contact on page 57
set system countrycode on page 58
set system idle-timeout on page 62
set system idle-timeout on page 62
display load on page 45
display system on page 45
clear system on page 42
Page 40
40 CHAPTER 3: SYSTEM SERVICE COMMANDS
Tab le 6 System Services Commands by Usage (continued)
Type Command
clear prompt on page 41
Help help on page 48
History history on page 49
clear history on page 41
License display license on page 44
set license on page 55
Technical Support display base-information on page 43
clear banner motd Deletes the message-of-the-day (MOTD) banner that is displayed before
the login prompt for each CLI session on the wireless LAN switch.
Syntax —
clear banner motd
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Examples — To clear a banner, type the following command:
WX4400# clear banner motd
success: change accepted
As an alternative to clearing the banner, you can overwrite the existing
banner with an empty banner by typing the following command:
set banner motd ^^
See Also
display banner motd on page 43
quickstart on page 50
Page 41
clear history 41
clear history Deletes the command history buffer for the current CLI session.
Syntax —
clear history
Defaults — None.
Access — All.
History — Introduced in MSS Version 3.0.
Examples — To clear the history buffer, type the following command:
WX4400# clear history
success: command buffer was flushed.
See Also
history on page 49
clear prompt Resets the system prompt to its previously configured value. If the prompt
was not configured previously, this command resets the prompt to its
default.
Syntax —
Defaults — None.
clear prompt
Access — Enabled.
History — Introduced in MSS Version 3.0.
Examples — To reset the prompt, type the following command:
wildebeest# clear prompt
success: change accepted.
WX4400#
See Also
set prompt on page 56. (For information about default prompts, see
“Command Prompts” on page 26.)
Page 42
42 CHAPTER 3: SYSTEM SERVICE COMMANDS
clear system Clears the system configuration of the specified information.
CAUTION: If you change the IP address, any currently configured
Mobility Domain operations cease. You must reset the Mobility Domain.
Syntax —
clear system [contact | countrycode | idle-timeout
| ip-address | location | name]
contact — Resets the name of contact person for the WX switch to
null.
countrycode — Resets the country code for the WX switch to null.
idle-timeout — Resets the number of seconds a CLI management
session can remain idle to the default value (3600 seconds).
ip-address — Resets the IP address of the WX switch to null.
location — Resets the location of the WX switch to null.
name — Resets the name of the WX switch to the default system
name, which is the model number.
Defaults — None.
Access — Enabled.
History — —Introduced in MSS Version 3.0. Option idle-timeout added
in MSS Version 4.1.
Examples — To clear the location of the WX switch, type the following
command:
WX4400# clear system location
success: change accepted.
See Also
display config on page 623
display system on page 45
set system contact on page 57
set system countrycode on page 58
set system idle-timeout on page 62
set system idle-timeout on page 62
set system location on page 64
Page 43
display banner motd 43
display banner motd
display base-information
Shows the banner that was configured with the set banner motd
command.
Syntax —
display banner motd
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Examples — To show the banner with the message of the day, type the
following command:
WX4400# display banner motd
hello world
See Also
clear banner motd on page 40
quickstart on page 50
Provides an in-depth snapshot of the status of the wireless LAN switch,
which includes details about the boot image, the version, ports, and
other configuration values. This command also displays the last 100 log
messages.
Syntax —
[file [subdirname/]filename]
[subdirname/]filename — Optional subdirectory name, and a string
display base-information
up to 32 alphanumeric characters. The command’s output is saved
into a file with the specified name in nonvolatile storage.
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — Enter this command before calling for Technical Support. See
“Obtaining Support for Your 3Com Products” on page 687 for more
information.
Page 44
44 CHAPTER 3: SYSTEM SERVICE COMMANDS
See Also
display boot on page 622
display config on page 623
display license on page 44
display system on page 45
display version on page 625
display license Displays information about the license currently installed on the WX
switch.
Syntax —
display license
Defaults — None.
Access — All.
Examples — To view the WX switch license, type the following
command:
WX4400# display license
Serial Number : M8XE4IBB8DB10
License Number : 245
License Key : WXL-076E-93E9-62DA-54D8
Activation key : WXA-3E04-4CC2-430D-B508
Feature : 24 additional ports
Expires : Never
The additional ports refers to the number of additional MAPs the switch
can boot and actively manage.
See Also
set license on page 55
Page 45
display load Displays CPU usage on a WX switch.
display load 45
Syntax —
display load
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 4.1.
Examples — To display the CPU load recorded from the time the WX
switch was booted, as well as from the previous time the display load
command was run, type the following command:
WX4400# display load
System Load: overall: 2% delta: 5%
The overall field shows the CPU load as a percentage from the time the
WX switch was booted. The delta field shows CPU load as a percentage
from the last time the display load command was entered.
See Also
display system on page 45
display system Shows system information.
Syntax — display system
Defaults — None.
Access — Enabled.
Page 46
46 CHAPTER 3: SYSTEM SERVICE COMMANDS
Examples — To show system information, type the following command:
WX4400# display system
===============================================================================
Product Name: WX4400
System Name: WX-bldg3
System Countrycode: US
System Location: first-floor-bldg3
System Contact: tamara@example.com
System IP: 192.168.12.7
System idle timeout: 3600
System MAC: 00:0B:0E:00:04:30
===============================================================================
Boot Time: 2003-11-07 15:45:49
Uptime: 13 days 04:29:10
===============================================================================
Fan status: fan1 OK fan2 OK fan3 OK
Temperature: temp1 ok temp2 ok temp3 ok
PSU Status: Lower Power Supply DC ok AC ok Upper Power Supply missing
Memory: 97.04/744.03 (13%)
Total Power Over Ethernet : 29.000
===============================================================================
Table 7 describes the fields of display system output.
Tab le 7 display system output
Field Description
Product Name Switch model number.
System Name System name (factory default, or optionally configured
with set system name).
System Countrycode Country-specific 802.11 code required for MAP operation
System Location Record of the WX switch’s physical location (optionally
System Contact Contact information about the system administrator or
System IP Common interface, source, and default IP address for the
(configured with set system countrycode).
configured with set system location).
another person to contact about the system (optionally
configured with set system contact).
device, in dotted decimal notation (configured with set
system ip-address).
Page 47
display system 47
Tab le 7 display system output (continued)
Field Description
System idle timeout Number of seconds MSS allows a CLI management session
(console, Telnet, or SSH) to remain idle before terminating
the session. (The system idle timeout can be configured
using the set system idle-timeout command.)
System MAC WX switch’s media access control (MAC) machine address
set at the factory, in 6-byte hexadecimal format.
License License level installed on the WX switch (if applicable).
Boot Time Date and time of the last system reboot.
Uptime Number of days, hours, minutes, and seconds that the WX
has been operating since its last restart.
Fan status Operating status of the WX switch’s three cooling fans:
OK — Fan is operating.
Failed — Fan is not operating. MSS sends an alert to
the system log every 5 minutes until this condition is
corrected.
Fan 1 is located nearest the front of the chassis, and fan 3
is located nearest the back.
Temperature Status of temperature sensors at three locations in the WX
switch:
ok — Temperature is within the acceptable range of
0° C to 50° C (32° F to 122° F).
Alarm — Temperature is above or below the
acceptable range. MSS sends an alert to the system log
every 5 minutes until this condition is corrected.
PSU Status Status of the lower and upper power supply units:
missing — Power supply is not installed or is
inoperable.
DC ok — Power supply is producing DC power.
DC output failure — Power supply is not producing
DC power. MSS sends an alert to the system log every
5 minutes until this condition is corrected.
AC ok — Power supply is receiving AC power.
AC not present — Power supply is not receiving AC
power.
Page 48
48 CHAPTER 3: SYSTEM SERVICE COMMANDS
Tab le 7 display system output (continued)
Field Description
Memory Current size (in megabytes) of nonvolatile memory
Total Power Over
Ethernet
See Also
clear system on page 42
set system contact on page 57
set system countrycode on page 58
set system idle-timeout on page 62
set system location on page 64
set system name on page 65
(NVRAM) and synchronous dynamic RAM (SDRAM), plus
the percentage of total memory space in use, in the
following format:
NVRAM size /SDRAM size (percent of total)
Total power that the device is currently supplying to its
directly connected MAP access points, in watts.
help Displays a list of commands that can be used to configure and monitor
the WX switch.
Syntax —
Defaults — None.
Access — All.
History — Introduced in MSS Version 3.0.
Examples — Use this command to see a list of available commands. If
you have restricted access, you see fewer commands than if you have
enabled access. To show a list of CLI commands available at the enabled
access level, type the following command at the enabled access level:
WX4400# help
Commands:
------------------------------------------------------------------------clear Clear, use 'clear help' for more information
commit Commit the content of the ACL table
copy Copy from filename (or url) to filename (or url)
help
Page 49
history 49
crypto Crypto, use 'crypto help' for more information
delete Delete url
dir Show list of files on flash device
disable Disable privileged mode
display Display, use 'display help' for more information
disp tech support Display technical support information
exit Exit from the Admin session
help Show this help screen
history Show contents of history substitution buffer
hit-sample-rate Set NP hit-counter sample rate
load Load, use 'load help' for more information
logout Exit from the Admin session
monitor Monitor, use 'monitor help' for more information
ping Send echo packets to hosts
quit Exit from the Admin session
reset Reset, use 'reset help' for more information
rollback Remove changes to the edited ACL table
save Save the running configuration to persistent storage
set Set, use 'set help' for more information
telnet telnet IP address [server port]
traceroute Print the route packets take to network host
See Also
Using CLI Help on page 33
history Displays the command history buffer for the current CLI session.
Syntax —
Defaults — None.
Access — All.
History — Introduced in MSS Version 3.0.
Examples — To show the history of your session, type the following
command:
WX4400> history
Show History (most recent first)
-------------------------------[00] display config
[01] display version
[02] enable
history
Page 50
50 CHAPTER 3: SYSTEM SERVICE COMMANDS
See Also
clear history on page 41
quickstart Runs a script that interactively helps you configure a new switch.
(For more information, see the “CLI quickstart Command” section of the
“WX Setup Methods” chapter in the Wireless LAN Switch and Controller
Configuration Guide.)
CAUTION: The quickstart command is for configuration of a new switch
only. After prompting you for verification, the command erases the
switch’s configuration before continuing. If you run this command on a
switch that already has a configuration, the configuration will be erased.
In addition, error messages such as “Critical AP Notice” for directly
connected MAPs can appear.
set auto-config Enables a WX switch to contact a 3WXM server for its configuration.
Syntax — set auto-config {enable | disable}
enable — Enables the switch to contact a 3WXM server to request a
configuration.
disable— Disables the auto-config option.
Defaults — The auto-config option is automatically enabled on an
unconfigured WXR100 when the factory reset switch is pressed during
power on. However, auto-config is disabled by default on other models.
Access — Enabled.
History — Introduced in MSS Version 4.0.
Usage — A network administrator at the corporate office can
preconfigure the switch in a 3WXM network plan. The switch
configuration must have a name for the switch, the model must be
WXR100, and the serial number must match the switch’s serial number.
The configuration should also include all other settings required for the
deployment, including MAP configuration, SSIDs, AAA settings, and so
on.
Page 51
set auto-config 51
When the 3WXM server in the corporate network receives the
configuration request, the server looks in the currently open network
plan for a switch configuration with the same model and serial number as
the one in the configuration request.
If the network plan contains a configuration with a matching model
and serial number, 3WXM sends the configuration to the switch and
restarts the switch. The switch boots using the configuration it
received from 3WXM.
If the network plan does not have a configuration with a matching
model and serial number, a verification warning appears in 3WXM.
The warning lists the switch’s serial number and IP address. The
network administrator can upload the switch into the network plan,
configure switch parameters, and deploy the configuration to the
switch.
To use the auto-config option with a new (unconfigured) WXR100, insert
a paperclip or similar object into the WXR100’s factory reset hole to press
the switch. The factory reset switch must be held for about 3 seconds
while the factory reset LED (the right LED above port 1) is lit. Normally,
this LED remains solidly lit for 3 seconds after power on. However, when
the factory reset switch is pressed, the LED flashes for 3 seconds instead.
If you want another WX switch model to be able to access a 3WXM
server for a configuration, you also must preconfigure the WX with the
following information:
IP address
Gateway address
Domain name and DNS server address
You can enable the switch to use the MSS DHCP client to obtain this
information from a DHCP server in the local network where the switch
will be deployed. Alternatively, you can statically configure the
information.
The IP address and DNS information are configured independently. You
can configure the combination of settings that work with the network
resources available at the deployment site. The following examples show
some of the combinations you can configure.
Page 52
52 CHAPTER 3: SYSTEM SERVICE COMMANDS
Examples — The following commands stage a WX switch to use the
auto-config option. The network where the switch is installed has a DHCP
server, so the switch is configured to use the MSS DHCP client to obtain
an IP address, default gateway address, DNS domain name, and DNS
server IP addresses:
1 Configure a VLAN:
WX-1200# set vlan 1 port 7
success: change accepted.
2 Enable the DHCP client on VLAN 1:
WX-1200# set interface 1 ip dhcp-client enable
success: change accepted.
3 Enable the auto-config option:
WX-1200# set auto-config enable
success: change accepted.
4 Save the configuration changes:
WX-1200# save config
success: configuration saved.
See Also
crypto generate key on page 517
crypto generate self-signed on page 520
save config on page 633
set interface dhcp-client on page 165
set vlan port on page 121
set banner motd Configures the banner string that is displayed before the beginning of
each login prompt for each CLI session on the WX switch.
Syntax —
^ — Delimiting character that begins and ends the message.
text — Up to 2000 alphanumeric characters, including tabs and
carriage returns, but not the delimiting character (^). The maximum
number of characters is approximately 24 lines by 80 characters.
Defaults — None.
set banner motd ^text^
Page 53
set confirm 53
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — Type a caret (^), then the message, then another caret.
Do not use the following characters with commands in which you set text
to be displayed on the WX switch, such as message-of-the-day (MOTD)
banners:
Ampersand (&)
Angle brackets (< >)
Double quotation marks (“”)
Number sign (#)
Question mark (?)
Single quotation mark (')
Examples — To create a banner that says Update meeting at 3 p.m.,
type the following command:
WX4400# set banner motd ^Update meeting at 3 p.m.^
success: change accepted.
See Also
clear banner motd on page 40
display banner motd on page 43
set confirm Enables or disables the display of confirmation messages for commands
that might have a large impact on the network.
Syntax —
on — Enables confirmation messages.
off — Disables confirmation messages.
Defaults — Configuration messages are enabled.
Access — Enabled.
History — Introduced in MSS Version 3.0.
set confirm {on | off}
Page 54
54 CHAPTER 3: SYSTEM SERVICE COMMANDS
Usage — This command remains in effect for the duration of the session,
until you enter a quit command, or until you enter another set confirm
command.
MSS displays a message requiring confirmation when you enter certain
commands that can have a potentially large impact on the network. For
example:
WX4400# clear vlan red
This may disrupt user connectivity.
Do you wish to continue? (y/n) [n]
Examples — To turn off these confirmation messages, type the
following command:
WX4400# set confirm off
success: Confirm state is off
set length Defines the number of lines of CLI output to display between paging
prompts. MSS displays the set number of lines and waits for you to press
any key to display another set, or type q to quit the display.
Syntax —
number-of-lines — Number of lines of text to display between
set length number-of-lines
paging prompts. You can specify from 0 to 512. The 0 value disables
the paging prompt action entirely.
Defaults — MSS displays 24 lines by default.
Access — All.
History — Introduced in MSS Version 3.0.
Usage — Use this command if the output of a CLI command is greater
than the number of lines allowed by default for a terminal type.
Examples — To set the number of lines displayed to 100, type the
following command:
WX4400# set length 100
success: screen length for this session set to 100
Page 55
set license Installs an upgrade license, for managing more MAPs.
set license 55
Syntax —
license-key — License key, starting with WXL. You can enter the
set license license-key activation-key
key with or without the hyphens.
activation-key — Activation key, starting with WXA. You can enter
the key with or without the hyphens.
Defaults — The WX4400 can boot and manage 24 MAPs by default.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — The license key is shipped with the switch. To obtain the
activation key, access the 3Com web site. Each license and activation key
pair allows the switch to actively manage an additional 24 MAPs. You can
install up to three upgrade license and activation key pairs, to actively
manage up to 96 MAPs.
Examples — To install an upgrade license and activation key, type the
following command:
WX4400# set license WXL-076E-93E9-62DA-54D8
WXA-3E04-4CC2-430D-B508
Serial Number : M8XE4IBB8DB10
License Number : 245
License Key : WXL-076E-93E9-62DA-54D8
Activation key : WXA-3E04-4CC2-430D-B508
Feature : 24 additional ports
Expires : Never
48 ports are enabled
success: license was installed
The additional ports refers to the number of additional MAPs the switch
can boot and actively manage.
See Also
display license on page 44
Page 56
56 CHAPTER 3: SYSTEM SERVICE COMMANDS
set prompt Changes the CLI prompt for the WX switch to a string you specify.
Syntax —
string — Alphanumeric string up to 32 characters long. To include
set prompt string
spaces in the prompt, you must enclose the string in double quotation
marks (“”).
Defaults — The factory default for the WX switch name is the model
number (WX1200 for the 3Com Wireless LAN Switch WX1200, WX4400
for the 3Com Wireless LAN Controller WX4400).
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — When you first log in for the initial configuration of the WX
switch, the CLI provides a WX1200> or WX4400> prompt, depending on
your model. After you become enabled by typing enable and giving a
suitable password, the WX1200# or WX4400# prompt is displayed.
If you use the set system name command to change the default system
name, MSS uses that name in the prompt, unless you also change the
prompt with set prompt.
Examples — The following example sets the prompt from WX4400 to
happy_days:
WX4400# set prompt happy_days
success: change accepted.
happy_days#
See Also
clear prompt on page 41
display config on page 623
set system name on page 65
Page 57
set system contact Stores a contact name for the WX switch.
set system contact 57
Syntax —
string — Alphanumeric string up to 256 characters long, with no
set system contact string
blank spaces.
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
To view the system contact string, type the display system command.
Examples — The following command sets the system contact
information to tamara@example.com:
WX1200# set system contact tamara@example.com
success: change accepted.
See Also
clear system on page 42
display system on page 45
set system location on page 64
set system name on page 65
Page 58
58 CHAPTER 3: SYSTEM SERVICE COMMANDS
set system countrycode
Defines the country-specific IEEE 802.11 regulations to enforce on the
WX switch.
Syntax —
code — Two-letter code for the country of operation for the WX
set system countrycode code
switch. You can specify one of the codes listed in Table 8.
Tab le 8 Country Codes
Country Code
Algeria DZ
Argentina AR
Australia AU
Austria AT
Belgium BE
Bolivia BO
Brazil BR
Bulgaria BG
Canada CA
Chile CL
China CN
Colombia CO
Costa Rica CR
Cote d’Ivoire CI
Croatia HR
Cyprus CY
Czech Republic CZ
Denmark DK
Dominican Republic DO
Ecuador EC
El Salvador SV
Egypt EG
Estonia EE
Finland FI
(continued)
Page 59
Tab le 8 Country Codes (continued)
Country Code
France FR
Germany DE
Greece GR
Guatemala GT
Honduras HN
Hong Kong HK
Hungary HU
Iceland IS
India IN
Indonesia ID
Ireland IE
Israel IL
Italy IT
Jamaica JM
Japan JP
Jordan JO
Kazakhstan KZ
Kenya KE
Kuwait KW
Latvia LV
Lebanon LB
Liechtenstein LI
Lithuania LT
Luxembourg LU
Malaysia MY
Malta MT
Mauritius MU
Mexico MX
Morocco MA
Namibia NA
Netherlands NL
New Zealand NZ
(continued)
set system countrycode 59
Page 60
60 CHAPTER 3: SYSTEM SERVICE COMMANDS
Tab le 8 Country Codes (continued)
Country Code
Nigeria NG
Norway NO
Oman OM
Pakistan PK
Panama PA
Paraguay PY
Peru PE
Philippines PH
Poland PL
Portugal PT
Puerto Rico PR
Romania RO
Russia RU
Saudi Arabia SA
Serbia CS
Singapore SG
Slovakia SK
Slovenia SI
South Africa ZA
South Korea KR
Spain ES
Sri Lanka LK
Sweden SE
Switzerland CH
Taiwan TW
Thailand TH
Trinidad and Tobago TT
Tunisia TN
Turkey TR
Ukraine UA
United Arab Emirates AE
United Kingdom GB
(continued)
Page 61
set system countrycode 61
Tab le 8 Country Codes (continued)
Country Code
United States US
Uruguay UY
Venezuela VE
Vietnam VN
Defaults — The factory default country code is None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — You must set the system county code to a valid value before
using any set ap commands to configure a MAP.
Examples — To set the country code to Canada, type the following
command:
WX1200# set system country code CA
success: change accepted.
See Also
display config on page 623
Page 62
62 CHAPTER 3: SYSTEM SERVICE COMMANDS
set system idle-timeout
Specifies the maximum number of seconds a CLI management session
with the switch can remain idle before MSS terminates the session.
Syntax —
seconds — Number of seconds a CLI management session can remain
set system idle-timeout seconds
idle before MSS terminates the session. You can specify from 0 to
86400 seconds (one day). If you specify 0, the idle timeout is disabled.
The timeout interval is in 30-second increments. For example, the
interval can be 0, or 30 seconds, or 60 seconds, or 90 seconds, and so
on. If you enter an interval that is not divisible by 30, the CLI rounds
up to the next 30-second increment. For example, if you enter 31, the
CLI rounds up to 60.
Defaults — 3600 seconds (one hour).
Access — Enabled.
History — Introduced in MSS Version 4.1.
Usage — This command applies to all types of CLI management sessions:
console, Telnet, and SSH. The timeout change applies to existing sessions
only, not to new sessions.
Examples — The following command sets the idle timeout to 1800
seconds (one half hour):
WX1200# set system idle-timeout 1800
success: change accepted.
See Also
clear system on page 42
display system on page 45
Page 63
set system ip-address 63
set system ip-address
Sets the system IP address so that it can be used by various services in the
WX switch.
CAUTION: Any currently configured Mobility Domain operations cease if
you change the IP address. If you change the address, you must reset the
Mobility Domain.
Syntax —
ip-addr — IP address, in dotted decimal notation.
set system ip-address ip-addr
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Examples — The following command sets the IP address of the WX
switch to 192.168.253.1:
WX4400# set system ip-address 192.168.253.1
success: change accepted.
See Also
clear system on page 42
set interface on page 164
display system on page 45
Page 64
64 CHAPTER 3: SYSTEM SERVICE COMMANDS
set system location Stores location information for the WX switch.
Syntax —
string — Alphanumeric string up to 256 characters long, with no
set system location string
blank spaces.
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — You cannot include spaces in the system location string.
To view the system location string, type the display system command.
Examples — To store the location of the WX switch in the WX’s
configuration, type the following command:
WX4400# set system location first-floor-bldg3
success: change accepted.
See Also
clear system on page 42
display system on page 45
set system contact on page 57
set system name on page 65
Page 65
set system name 65
set system name Changes the name of the WX switch from the default system name and
also provides content for the CLI prompt, if you do not specify a prompt.
Syntax —
string — Alphanumeric string up to 256 characters long, with no
set system name string
blank spaces. Use a unique name for each WX switch.
Defaults — By default, the system name and command prompt have the
same value. The factory default for both is the model number (WX1200
for the 3Com Wireless LAN Switch WX1200, WX4400 for the 3Com
Wireless LAN Controller WX4400).
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — Entering set system name with no string resets the system
name to the factory default.
To view the system name string, type the display system command.
Examples — The following example sets the system name to a name
that identifies the WX switch:
WX4400# set system name WX-bldg3
success: change accepted.
WX-bldg3#
See Also
clear system on page 42
display system on page 45
set prompt on page 56
set system contact on page 57
set system location on page 64
Page 66
66 CHAPTER 3: SYSTEM SERVICE COMMANDS
Page 67
4
PORT COMMANDS
Use port commands to configure and manage individual ports and
load-sharing port groups.
Commands by Usage
This chapter presents port commands alphabetically. Use Table 9 to
locate commands in this chapter based on their use.
Tab le 9 Port Commands by Usage
Type Command
Port Type set port type ap on page 95
set dap on page 85
set port type wired-auth on page 98
clear port type on page 72
clear dap on page 68
Name set port name on page 91
clear port name on page 70
State set port on page 87
reset port on page 85
display port status on page 77
Gigabit Interface Type display port media-type on page 79
set port media-type on page 89
clear port media-type on page 70
Speed set port speed on page 93
Autonegotiation set port negotiation on page 91
PoE set port poe on page 92
display port poe on page 76
SNMP set port trap on page 94
Page 68
68 CHAPTER 4: PORT COMMANDS
Tab le 9 Port Commands by Usage (continued)
Type Command
Port Groups set port-group on page 88
display port-group on page 74
clear port-group on page 69
Port Mirroring display port mirror on page 75
clear port mirror on page 71
set port mirror on page 90
Statistics display port counters on page 73
monitor port counters on page 80
clear port counters on page 69
clear dap Removes a Distributed MAP.
CAUTION: When you clear a Distributed MAP, MSS ends user sessions
that are using the MAP.
Syntax —
dap-num — Number of the Distributed MAP(s) you want to remove.
clear dap dap-num
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Examples — The following command clears Distributed MAP 1:
WX4400# clear dap 1
This will clear specified DAP devices.
Would you like to continue? (y/n) [n]y
See Also
set dap on page 85
set port type ap on page 95
Page 69
clear port counters 69
clear port counters Clears port statistics counters and resets them to 0.
Syntax —
clear port counters
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Examples — The following command clears all port statistics counters
and resets them to 0:
WX4400# clear port counters
success: cleared port counters
See Also
display port counters on page 73
monitor port counters on page 80
clear port-group Removes a port group.
Syntax — clear port-group name name
name name — Name of the port group.
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Examples — The following command clears port group server1:
WX4400# clear port-group name server1
success: change accepted.
See Also
set port-group on page 88
display port-group on page 74
Page 70
70 CHAPTER 4: PORT COMMANDS
clear port media-type
Disables the copper interface and reenables the fiber interface on an
WX4400 gigabit Ethernet port.
Syntax —
port-list—List of physical ports. MSS disables the copper interface
clear port media-type port-list
and reenables the fiber interface on all the specified ports.
Defaults — The GBIC (fiber) interface is enabled, and the copper
interface is disabled, by default.
Access — Enabled.
History — Introduced in MSS Version 4.0.
Usage — This command applies only to the WX4400. This command
does not affect a link that is already active on the port.
Examples — The following command disables the copper interface and
reenables the fiber interface on port 2:
WX4400# clear port media-type 2
See Also
set port media-type on page 89
display port media-type on page 79
clear port name Removes the name assigned to a port.
Syntax — clear port port-list name
port-list — List of physical ports. MSS removes the names from all
the specified ports.
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Page 71
Examples — The following command clears the names of ports 1
through 3:
WX4400# clear port 1-3 name
See Also
display port status on page 77
set port name on page 91
clear port mirror Removes a port mirroring configuration.
Syntax — clear port mirror
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 4.2.
Examples — The following command clears the port mirroring
configuration from the switch:
clear port mirror 71
clear port preference
WX4400# clear port mirror
See Also
display port mirror on page 75
set port mirror on page 90
Resets a gigabit Ethernet port on a WX4400 to use the GBIC (fiber)
interface for the active link.
Syntax —
port-list — List of physical ports. MSS clears the preference on all
clear port preference port-list
the specified ports.
Defaults — When both the copper and fiber interfaces of a gigabit
Ethernet port are connected, the GBIC (fiber) interface is the active link.
The RJ-45 (copper) link is unused.
Access — Enabled.
Page 72
72 CHAPTER 4: PORT COMMANDS
History — Introduced in MSS Version 3.0.
Usage — This command applies only to the WX4400. This command
does not affect a link that is already active on the port.
Examples — The following command clears the preference set on port 2
on a WX4400 switch:
WX4400# clear port preference 2
See Also
display port status on page 77
clear port type Removes all configuration settings from a port and resets the port as a
network port.
CAUTION: When you clear a port, MSS ends user sessions that are using
the port.
Syntax —
port-list — List of physical ports. MSS resets and removes the
clear port type port-list
configuration from all the specified ports.
Defaults — The cleared port becomes a network port but is not placed
in any VLANs.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — Use this command to change a port back to a network port. All
configuration settings specific to the port type are removed. For example,
if you clear a MAP access point port, all MAP-specific settings are
removed. Table 10 lists the default network port settings that MSS
applies when you clear a port’s type.
Page 73
display port counters 73
Table 10 Network port defaults
Port Parameter Setting
VLAN membership None.
Note: Although the command changes a port to a
network port, the command does not place the port
in any VLAN. To use the port in a VLAN, you must
add the port to the VLAN.
Spanning Tree Protocol (STP) Based on the VLAN(s) you add the port to.
802.1X No authorization.
Port groups None.
Internet Group Management
Enabled as port is added to VLANs.
Protocol (IGMP) snooping
Access point and radio
Not applicable
parameters
Maximum user sessions Not applicable
Examples — The following command clears port 5:
WX1200# clear port type 5
This may disrupt currently authenticated users.
Are you sure? (y/n) [n]y
success: change accepted.
display port counters
See Also
set port type ap on page 95
set port type wired-auth on page 98
Displays port statistics.
Syntax — display port counters
[octets | packets | receive-errors | transmit-errors |
collisions | receive-etherstats |
transmit-etherstats] [port port-list]
octets — Shows octet statistics.
packets — Shows packet statistics.
receive-errors— Shows errors in received packets.
transmit-errors — Shows errors in transmitted packets.
collisions — Shows collision statistics.
Page 74
74 CHAPTER 4: PORT COMMANDS
receive-etherstats — Shows Ethernet statistics for received
packets.
transmit-etherstats — Shows Ethernet statistics for transmitted
packets.
port port-list — List of physical ports. If you do not specify a port
list, MSS shows statistics for all ports.
Defaults — None.
Access — All.
History — Introduced in MSS Version 3.0.
Usage — You can specify one statistic type with the command.
Examples — The following command shows octet statistics for port 3:
WX1200> display port counters octets port 3
Port Status Rx Octets Tx Octets
=============================================================================
3 Up 27965420 34886544
This command’s output has the same fields as the monitor port counters
command. For descriptions of the fields, see Table 16 on page 82.
See Also
clear port counters on page 69
monitor port counters on page 80
display port-group Shows port group information.
Syntax — display port-group [name group-name]
name group-name — Shows information for the specified port group.
Defaults — None.
Access — All.
History — Introduced in MSS Version 3.0. In Version 4.2 the option all
was removed for simplicity. You can display information for all groups by
entering the command without specifying a group name.
Page 75
display port mirror 75
Examples — The following command displays the configuration of port
group server2:
WX1200# display port-group name server2
Port group: server2 is up
Ports: 5, 7
Table 11 describes the fields in the display port-group output.
Table 11 Output for display port-group
Field Description
Port group Name and state (enabled or disabled) of the port
group.
Ports Ports contained in the port group.
See Also
clear port-group on page 69
set port-group on page 88
display port mirror Displays the port mirroring configuration.
Syntax —
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 4.2.
Examples — The following command displays the port mirroring
configuration on the switch:
WX4400# display port mirror
Port 1 is mirrored to port 2
If port mirroring is not configured, the message in the following example
is displayed instead:
WX4400# display port mirror
No ports are mirrored
show port mirror
Page 76
76 CHAPTER 4: PORT COMMANDS
See Also
display port mirror on page 75
set port mirror on page 90
display port poe Displays status information for ports on which Power over Ethernet (PoE)
is enabled.
Syntax —
port-list — List of physical ports. If you do not specify a port list,
display port poe [port-list]
PoE information is displayed for all ports.
Defaults — None.
Access — All.
History — Introduced in MSS Version 3.0.
Examples — The following command displays PoE information for all
ports on a WX1200 switch:
WX1200# display port poe
Link Port PoE PoE
Port Name Status Type config Draw
============================================================
1 1 up - disabled off
2 2 down - disabled off
3 3 down - disabled off
4 4 down MAP enabled 1.44
5 5 down - disabled off
6 6 down - disabled off
Table 12 describes the fields in this display.
Table 12 Output for display port poe
Field Description
Port Port number.
Name Port name. If the port does not have a name, the
port number is listed.
Page 77
display port status 77
Table 12 Output for display port poe (continued)
Field Description
Link status Link status of the port:
up—The port is connected.
down—The port is not connected.
Port type Port type:
MAP —The port is a MAP access port.
- (The port is not a MAP access port.)
PoE config PoE state:
enabled
disabled
PoE Draw Power draw on the port, in watts.
For 10/100 Ethernet ports on which PoE is disabled,
this field displays off. For gigabit Ethernet ports, this
field displays invalid, because PoE is not supported
on gigabit Ethernet ports.
The value overcurrent indicates a PoE problem such
as a short in the cable.
See Also
set port poe on page 92
display port status Displays configuration and status information for ports.
Syntax — display port status [port-list]
port-list — List of physical ports. If you do not specify a port list,
information is displayed for all ports.
Defaults — None.
Access — All.
History — Introduced in MSS Version 3.0.
Page 78
78 CHAPTER 4: PORT COMMANDS
Examples — The following command displays information for all ports
on a WX1200 switch:
WX1200# display port status
Port Name Admin Oper Config Actual Type Media
===============================================================================
1 1 up up auto 100/full network 10/100BaseTx
2 2 up up auto 100/full ap 10/100BaseTx
3 3 up up auto 100/full network 10/100BaseTx
4 4 up down auto network 10/100BaseTx
5 5 up down auto network 10/100BaseTx
6 6 up down auto network 10/100BaseTx
7 7 up down auto network 10/100BaseTx
8 8 up down auto network 10/100BaseTx
Table 13 describes the fields in this display.
Table 13 Output for display port status
Field Description
Port Port number.
Name Port name. If the port does not have a name, the
port number is listed.
Admin Administrative status of the port:
up — The port is enabled.
down — The port is disabled.
Oper Operational status of the port:
up — The port is operational.
down — The port is not operational.
Config Port speed configured on the port:
10 — 10 Mbps.
100 — 100 Mbps.
1000 — 1000 Mbps.
auto — The port sets its own speed.
Actual Speed and operating mode in effect on the port.
Type Port type:
ap — MAP access point port
network — Network port
wa — Wired authentication port
Page 79
Table 13 Output for display port status (continued)
Field Description
Media Link type:
10/100BaseTX — 10/100BASE-T.
GBIC — 1000BASE-SX or 1000BASE-LX GBIC.
1000BaseT — 1000BASE-T.
No connector — GBIC slot is empty.
See Also
clear port type on page 72
set port on page 87
set port name on page 91
set port negotiation on page 91
set port speed on page 93
set port type ap on page 95
set port type wired-auth on page 98
display port media-type 79
display port media-type
Displays the enabled interface types on a WX4400 switch’s gigabit
Ethernet ports.
See Also —
port-list — List of physical ports. MSS displays the enabled
display port media-type [port-list]
interface types for all the specified ports.
Defaults — None.
Access — All.
History — Introduced in MSS Version 4.0.
Usage — This command applies only to the WX4400.
Page 80
80 CHAPTER 4: PORT COMMANDS
Examples — The following command displays the enabled interface
types on all four ports of a WX4400 switch:
WX4400# display port media-type
Port Media Type
===========================================================
1 GBIC
2 RJ45
3 GBIC
4 GBIC
Table 14 describes the fields in this display.
Table 14 Output for display port media-type
Field Description
Port Port number.
Preference Preference setting:
GBIC—The GBIC (fiber) interface is enabled.
RJ45—The RJ-45 (copper) interface is enabled.
monitor port counters
See Also
clear port media-type on page 70
set port media-type on page 89
Displays and continually updates port statistics.
Syntax —
[octets | packets | receive-errors | transmit-errors |
collisions | receive-etherstats | transmit-etherstats]
octets — Displays octet statistics first.
packets — Displays packet statistics first.
receive-errors — Displays errors in received packets first.
transmit-errors — Displays errors in transmitted packets first.
collisions — Displays collision statistics first.
receive-etherstats — Displays Ethernet statistics for received
monitor port counters
packets first.
Page 81
monitor port counters 81
transmit-etherstats — Displays Ethernet statistics for transmitted
packets first.
Defaults — All types of statistics are displayed for all ports. MSS
refreshes the statistics every 5 seconds. This interval cannot be
configured. Statistics types are displayed in the following order by
default:
Octets
Packets
Receive errors
Transmit errors
Collisions
Receive Ethernet statistics
Transmit Ethernet statistics
Access — All.
History—Introduced in MSS Version 3.0.
Usage — Each type of statistic is displayed separately. Press the Spacebar
to cycle through the displays for each type.
If you use an option to specify a statistic type, the display begins with that
statistic type. You can use one statistic option with the command.
Use the keys listed in Table 15 to control the monitor display.
Table 15 Key Controls for Monitor Port Counters Display
Field Description
Spacebar Advances to the next statistic type.
Esc Exits the monitor. MSS stops displaying the statistics and displays a new
command prompt.
c Clears the statistics counters for the currently displayed statistics type. The
counters begin incrementing again.
Page 82
82 CHAPTER 4: PORT COMMANDS
For error reporting, the cyclic redundancy check (CRC) errors include
misalignment errors. Jumbo packets with valid CRCs are not counted. A
short packet can be reported as a short packet, a CRC error, or an
overrun. In some circumstances, the transmitted octets counter might
increment a small amount for a port with nothing attached.
Examples — The following command starts the port statistics monitor
beginning with octet statistics (the default):
WX4400# monitor port counters
As soon as you press Enter, MSS clears the window and displays statistics
at the top of the window.
Port Status Rx Octets Tx Octets
===============================================================================
1 Up 27965420 34886544
...
To cycle the display to the next set of statistics, press the Spacebar. In this
example, packet statistics are displayed next:
Port Status Rx Unicast Rx NonUnicast Tx Unicast Tx NonUnicast
===============================================================================
1 Up 54620 62144 68318 62556
...
Table 16 describes the port statistics displayed by each statistics option.
The Port and Status fields are displayed for each option.
Table 16 Output for monitor port counters
Statistics Option Field Description
Displayed for All
Options
octets
Port Port the statistics are displayed for.
Status Port status. The status can be Up or Down.
Rx Octets Total number of octets received by the port.
This number includes octets received in frames
that contained errors.
Tx Octets Total number of octets received.
This number includes octets received in frames
that contained errors.
Page 83
monitor port counters 83
Table 16 Output for monitor port counters (continued)
Statistics Option Field Description
packets Rx Unicast Number of unicast packets received.
This number does not include packets that
contain errors.
Rx
NonUnicast
Tx Unicast Number of unicast packets transmitted.
Tx
NonUnicast
receive-errors Rx Crc Number of frames received by the port that had
Rx Error Total number of frames received in which the
Rx Short Number of frames received by the port that
Rx Overrun Number of frames received by the port that
transmit-errors Tx Crc Number of frames transmitted by the port that
Tx Short Number of frames transmitted by the port that
Tx Fragment Total number of frames transmitted that were
Tx Abort Total number of frames that had a link pointer
Number of broadcast and multicast packets
received.
This number does not include packets that
contain errors.
This number does not include packets that
contain errors.
Number of broadcast and multicast packets
transmitted.
This number does not include packets that
contain errors.
the correct length but contained an invalid
frame check sequence (FCS) value. This statistic
includes frames with misalignment errors.
Physical layer (PHY) detected an error.
were fewer than 64 bytes long.
were valid but were longer than 1518 bytes.
This statistic does not include jumbo packets
with valid CRCs.
had the correct length but contained an invalid
FCS value.
were fewer than 64 bytes long.
less than 64 octets long and had invalid CRCs.
parity error.
Page 84
84 CHAPTER 4: PORT COMMANDS
Table 16 Output for monitor port counters (continued)
Statistics Option Field Description
collisions Single Coll Total number of frames transmitted that
receive-etherstats Rx 64 Number of packets received that were 64 bytes
transmit-etherstats Tx 64 Number of packets transmitted that were 64
experienced one collision before 64 bytes of the
frame were transmitted on the network.
Multiple Coll Total number of frames transmitted that
experienced more than one collision before 64
bytes of the frame were transmitted on the
network.
Excessive Coll Total number of frames that experienced more
than 16 collisions during transmit attempts.
These frames are dropped and not transmitted.
Total Coll Best estimate of the total number of collisions
on this Ethernet segment.
long.
Rx 127 Number of packets received that were from 65
through 127 bytes long.
Rx 255 Number of packets received that were from 128
through 255 bytes long.
Rx 511 Number of packets received that were from 256
through 511 bytes long.
Rx 1023 Number of packets received that were from 512
through 1023 bytes long.
Rx 1518 Number of packets received that were from
1024 through 1518 bytes long.
bytes long.
Tx 127 Number of packets transmitted that were from
65 through 127 bytes long.
Tx 255 Number of packets transmitted that were from
128 through 255 bytes long.
Tx 511 Number of packets transmitted that were from
256 through 511 bytes long.
Tx 1023 Number of packets transmitted that were from
512 through 1023 bytes long.
Tx 1518 Number of packets transmitted that were from
1024 through 1518 bytes long.
See Also
display port counters on page 73
Page 85
reset port 85
reset port Resets a port by toggling its link state and Power over Ethernet (PoE)
state.
Syntax —
port-list — List of physical ports. MSS resets all the specified ports.
reset port port-list
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — The reset command disables the port’s link and PoE (if
applicable) for at least 1 second, then reenables them. This behavior is
useful for forcing a MAP access point that is connected to two WX
switches to reboot over the link to the other switch.
Examples — The following command resets port 5:
WX1200# reset port 5
See Also
set port on page 87
set dap Configures a Distributed MAP for a MAP access point that is indirectly
connected to the WX switch through an intermediate Layer 2 or Layer 3
network.
Before configuring a Distributed MAP, you must use the set
system countrycode command to set the IEEE 802.11 country-specific
regulations on the WX switch. See “set system countrycode” on page 58.
For a MAP that is directly connected to the WX switch, use the set port
type ap command to configure a MAP access port.
Syntax —
{ap2750 | ap3750| ap7250 | ap8250 | ap8750 | mp-52 | mp-241 |
mp-252 | mp-262 | mp-341 | mp-352 | mp-372 | mp-372-CN |
mp-37-JP | mp-620} [radiotype {11a | 11b | 11g}]
set dap dap-num serial-id serial-ID model
Page 86
86 CHAPTER 4: PORT COMMANDS
dap-num — Number for the Distributed MAP. The range of valid
serial-id serial-ID — MAP access point serial ID. The serial ID is
radiotype 11a | 11b| 11g — Radio type:
Defaults — The default values are the same as the defaults for the
set port type ap command.
Access — Enabled.
connection numbers depends on the WX switch model:
For a WX4400, you can specify a number from 1 to 256.
For a WX1200, you can specify a number from 1 to 30.
listed on the MAP case. To show the serial ID using the CLI, use the
display version details command.
11a — 802.11a
11b — 802.11b
11g — 802.11g
This option applies only to single-radio models.
History — Introduced in MSS Version 3.0. New values for model option
added in Version 4.1:
AP3750
AP2750
mp-620
Examples — The following command configures Distributed MAP 1 for
MAP model AP2750 with serial-ID M9DE48B012F00:
WX4400# set dap 1 serial-id M9DE48B012F00 model ap2750
success: change accepted.
The following command removes Distributed MAP 1:
WX4400# clear dap 1
This will clear specified DAP devices.
Would you like to continue? (y/n) [n]y
See Also
clear dap on page 68
Page 87
clear port type on page 72
set port type ap on page 95
set system countrycode on page 58
set port Administratively disables or reenables a port.
Syntax — set port {enable | disable} port-list
enable — Enables the specified ports.
disable — Disables the specified ports.
port-list — List of physical ports. MSS disables or reenables all the
specified ports.
Defaults — All ports are enabled.
Access — Enabled.
History — Introduced in MSS Version 3.0.
set port 87
Usage — A port that is administratively disabled cannot send or receive
packets. This command does not affect the link state of the port.
Examples — The following command disables port 6:
WX1200# set port disable 6
success: set "disable" on port 6
The following command reenables the port:
WX1200# set port enable 6
success: set "enable" on port 6
See Also
reset port on page 85
Page 88
88 CHAPTER 4: PORT COMMANDS
set port-group Configures a load-sharing port group. All ports in the group function as a
single logical link.
Syntax —
mode {on | off}
name group-name — Alphanumeric string of up to 255 characters,
set port-group name group-name port-list
with no spaces.
port-list — List of physical ports. All the ports you specify are
configured together as a single logical link.
mode {on | off} — State of the group. Use on to enable the group
or off to disable the group. The group is enabled by default.
Defaults — Once configured, a group is enabled by default.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — You can configure up to 8 ports in a port group, in any
combination of ports. The port numbers do not need to be contiguous
and you can use 10/100 Ethernet ports and gigabit Ethernet ports in the
same port group.
After you add a port to a port group, you cannot configure port
parameters on the individual port. Instead, change port parameters on
the entire group. Specify the group name instead of an individual port
name or number in port configuration commands.
To add or remove ports in a group that is already configured, change the
mode to off, add or remove the ports, then change the mode to on.
Examples — The following command configures a port group named
server1 containing ports 1 through 5, and enables the link:
WX1200# set port-group name server1 1-5 mode on
success: change accepted.
The following commands disable the link for port group server1,
change the list of ports in the group, and reenable the link:
WX1200# set port-group name server1 1-5 mode off
success: change accepted.
WX1200# set port-group name server1 1-4,7 mode on
success: change accepted.
Page 89
set port media-type 89
See Also
clear port-group on page 69
display port-group on page 74
set port media-type Disables the fiber interface and enables the copper interface on an
WX4400 gigabit Ethernet port.
Syntax —
port-list—List of physical ports. MSS sets the preference on all the
set port media-type port-list rj45
specified ports.
rj45—Uses the copper interface.
Defaults — The GBIC (fiber) interface is enabled, and the copper
interface is disabled, by default.
Access — Enabled.
History — Introduced in MSS Version 4.0.
Usage — This command applies only to the WX4400.
If you set the port interface to RJ-45 on a port that already has an active
fiber link, MSS immediately changes the link to the copper interface.
Examples — The following command disables the fiber interface and
enables the copper interface on port 2:
WX4400# set port media-type 2 rj45
See Also
clear port media-type on page 70
display port media-type on page 79
Page 90
90 CHAPTER 4: PORT COMMANDS
set port mirror Configures port mirroring. Port mirroring is a troubleshooting feature
that copies (mirrors) traffic sent or received by a WX port (the source port)
to another port (the observer) on the same WX. You can attach a
protocol analyzer to the observer port to examine the source port’s
traffic. Both traffic directions (send and receive) are mirrored.
Syntax —
source-port — Number of the port whose traffic you want to
set port mirror source-port observer observer-port
analyze. You can specify only one port.
observer-port — Number of the port to which you want the switch
to copy the source port’s traffic.
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 4.2.
Usage — The switch can have one port mirroring pair (one source port
and one observer port) at a time. The source port can be a network port,
MAP access port, or wired authentication port. However, the observer
port must be a network port, and cannot be a member of any VLAN or
port group.
Examples — The following command sets port 2 to monitor port 1’s
traffic:
WX4400# set port 1 observer 2
See Also
clear port name on page 70
display port status on page 77
Page 91
set port name 91
set port name Assigns a name to a port. After naming a port, you can use the port
name or number in other CLI commands.
Syntax —
port — Number of a physical port. You can specify only one port.
name name — Alphanumeric string of up to 16 characters, with no
set port port name name
spaces.
Defaults — None.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — To simplify configuration and avoid confusion between a port’s
number and its name, 3Com recommends that you do not use numbers
as port names.
Examples — The following command sets the name of port 7 to
adminpool:
WX1200# set port 7 name adminpool
success: change accepted.
See Also
clear port name on page 70
display port status on page 77
set port negotiation Disables or reenables autonegotiation on gigabit Ethernet or 10/100
Ethernet ports.
Syntax —
port-list — List of physical ports. MSS disables or reenables
autonegotiation on all the specified ports.
enable — Enables autonegotiation on the specified ports.
disable — Disables autonegotiation on the specified ports.
Defaults — Autonegotiation is enabled on all Ethernet ports by default.
set port negotiation port-list {enable | disable}
Page 92
92 CHAPTER 4: PORT COMMANDS
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — WX1200 10/100 Ethernet ports support half-duplex and
full-duplex operation.
3Com recommends that you do not configure the mode of an WX port
so that one side of the link is set to autonegotiation while the other side
is set to full-duplex. Although MSS allows this configuration, it can result
in slow throughput on the link. The slow throughput occurs because the
side that is configured for autonegotiation falls back to half-duplex. A
stream of large packets sent to an WX port in such a configuration can
cause forwarding on the link to stop.
Examples — The following command disables autonegotiation on ports
3 and 5:
WX1200# set port negotiation 3,5 disable
The following command enables autonegotiation on port 2:
WX1200# set port negotiation 2 enable
set port poe Enables or disables Power over Ethernet (PoE) on ports connected to MAP
access points.
CAUTION: When you set the port type for MAP use, you can enable PoE
on the port. Use the WX switch’s PoE to power 3Com MAP access points
only. If you enable PoE on ports connected to other devices, damage can
result.
Syntax —
port-list — List of physical ports. MSS disables or reenables PoE on
all the specified ports.
enable — Enables PoE on the specified ports.
disable — Disables PoE on the specified ports.
Defaults — PoE is disabled on network and wired authentication ports.
The state on MAP access point ports depends on whether you enabled or
disabled PoE when setting the port type. See set port type ap on
page 95.
set port poe port-list enable | disable
Page 93
set port speed 93
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — This command does not apply to any gigabit Ethernet ports or
to ports 7 and 8 on the WX1200 switch.
Examples — The following command disables PoE on ports 4 and 5,
which are connected to a MAP access point:
WX1200# set port poe 4,5 disable
If you are enabling power on these ports, they must be connected only to approved
PoE devices with the correct wiring. Do you wish to continue? (y/n) [n]y
The following command enables PoE on ports 4 and 5:
WX1200# set port poe 4,5 enable
If you are enabling power on these ports, they must be connected only to approved
PoE devices with the correct wiring. Do you wish to continue? (y/n) [n]y
See Also
set port type ap on page 95
set port type wired-auth on page 98
set port speed Changes the speed of a port.
Syntax —
port-list — List of physical ports. MSS sets the port speed on all the
specified ports.
10 — Sets the port speed of a 10/100 Ethernet port to 10 Mbps and
sets the operating mode to full-duplex.
100 — Sets the port speed of a 10/100 Ethernet port to 100 Mbps
and sets the operating mode to full-duplex.
1000 — Sets the port speed of a gigabit Ethernet port to 1000 Mbps
and sets the operating mode to full-duplex.
auto — Enables a port to detect the speed and operating mode of the
traffic on the link and set itself accordingly.
Defaults — All ports are set to auto.
Access — Enabled.
set port speed port-list {10 | 100 | 1000 | auto}
Page 94
94 CHAPTER 4: PORT COMMANDS
History — Introduced in MSS Version 3.0.
Usage — 3Com recommends that you do not configure the mode of a
WX port so that one side of the link is set to autonegotiation while the
other side is set to full-duplex. Although MSS allows this configuration, it
can result in slow throughput on the link. The slow throughput occurs
because the side that is configured for autonegotiation falls back to
half-duplex. A stream of large packets sent to an WX port in such a
configuration can cause forwarding on the link to stop.
Examples — The following command sets the port speed on ports 1 and
3 through 4 to 10 Mbps and sets the operating mode to full-duplex:
WX1200# set port speed 1,3-4 10
set port trap Enables or disables Simple Network Management Protocol (SNMP) linkup
and linkdown traps on an individual port.
Syntax —
port-list — List of physical ports.
enable — Enables the Telnet server.
disable — Disables the Telnet server.
set port trap port-list {enable | disable}
Defaults — SNMP linkup and linkdown traps are disabled by default.
Access — Enabled.
History — Introduced in MSS Version 3.0.
Usage — The set port trap command overrides the global setting of the
set snmp trap command.
The set port type command does not affect the global trap information
displayed by the display snmp configuration command. For example, if
you globally enable linkup and linkdown traps but then disable the traps
on a single port, the display snmp configuration command still
indicates that the traps are globally enabled.
Examples — The following command enables SNMP linkup and
linkdown traps on ports 3 and 4:
WX1200# set port trap 3-4 enable
Page 95
set port type ap 95
See Also
set ip snmp server on page 173
set snmp community on page 179
set port type ap Configures an WX switch port for a MAP access point.
CAUTION: When you set the port type for MAP use, you must specify
the PoE state (enable or disable) of the port. Use the WX switch’s PoE to
power 3Com MAP access points only. If you enable PoE on a port
connected to another device, physical damage to the device can result.
Before configuring a port as a MAP access point port, you must use the
set system countrycode command to set the IEEE 802.11
country-specific regulations on the WX switch. See “set system
countrycode” on page 58.
For a MAP that is indirectly connected to the WX switch through an
intermediate Layer 2 or Layer 3 network, use the
configure a Distributed MAP.
set dap command to
Before changing the port type from ap to wired-auth or from
wired-auth to ap, you must reset the port with the clear port type
command.
Syntax —
ap7250 | ap8250 | ap8750 | mp-52 | mp-241 | mp-252 | mp-262 |
mp-341 | mp-352 | mp-372 | mp-372-CN | mp-37-JP | mp-620}
poe {enable | disable}
[radiotype {11a | 11b | 11g}]
port-list — List of physical ports.
model {ap2750 | ap3750| ap7250 | ap8250 | ap8750 | mp-52 |
mp-241 | mp-252 | mp-262 | mp-341 | mp-352 | mp-372 |
mp-372-CN | mp-37-JP | mp-620}
poe enable | disable — Power over Ethernet (PoE) state.
radiotype 11a | 11b | 11g — Radio type:
11a — 802.11a
11b — 802.11b
11g — 802.11g
set port type ap port-list model {ap2750 | ap3750|
— MAP access point model:
Page 96
96 CHAPTER 4: PORT COMMANDS
This option does not apply to single-radio models.
Defaults — All WX ports are network ports by default.
MAP access point models AP2750, MAP-241, and MAP-341 have a single
radio that can be configured for 802.11a or 802.11b/g. Other MAP
models have two radios. On two-radio models, one radio is always
802.11a. The other radio is 802.11b/g, but can be configured for
802.11b or 802.11g exclusively. If the country of operation specified by
the set system countrycode command does not allow 802.11g, the
default is 802.11b.
The radios in models MAP-620 require external antennas, and model
MAP-262 requires an external antenna for the 802.11b/g radio. The
following models have internal antennas but also have connectors for
optional use of external antennas instead: AP2750, AP3750, AP7250,
AP8250, AP8750, MAP-372, MAP-372-CN, and MAP-372-JP. (Antenna
support on a specific model is limited to the antennas certified for use
with that model.) To specify the antenna model, use the set {ap | dap}
radio antennatype command.
Access — Enabled.
History — Introduced in MSS Version 3.0. New values for model option
added in Version 4.1:
AP3750
AP2750
Usage — You cannot set a port’s type if the port is a member of a port
VLAN. To remove a port from a VLAN, use the clear vlan command. To
reset a port as a network port, use the clear port type command.
When you change port type, MSS applies default settings appropriate for
the port type. Table 17 lists the default settings that MSS applies when
you set a port’s type to ap.
Page 97
set port type ap 97
Table 17 MAP Access Port Defaults
Port Parameter Setting
VLAN membership Removed from all VLANs. You cannot assign a MAP access
Spanning Tree Protocol
(STP)
802.1X Uses authentication parameters configured for users.
Port groups Not applicable
IGMP snooping Enabled as users are authenticated and join VLANs.
Maximum user
sessions
port to a VLAN. MSS automatically assigns MAP access
ports to VLANs based on user traffic.
Not applicable
Not applicable
This command does not apply to any gigabit Ethernet ports or to ports 7
and 8 on the WX1200 switch. To manage a MAP access point on a switch
model that does not have 10/100 Ethernet ports, use the set dap
command to configure a Distributed MAP connection on the switch.
Examples — The following command sets ports 1 through 3 and port 5
for MAP access point model AP2750 and enables PoE on the ports:
WX1200# set port type ap 1-3,5 model ap2750 poe enable
This may affect the power applied on the configured ports.
Would you like to continue? (y/n) [n]y
The following command sets ports 1 through 3 and port 5 for MAP
access point model AP7250 and enables PoE on the ports:
WX1200# set port type ap 1-3,5 model ap7250 poe enable
This may affect the power applied on the configured ports.
Would you like to continue? (y/n) [n]y
The following command sets ports 1 through 3 and port 5 for MAP
access point model AP8250 and enables PoE on the ports:
WX1200# set port type ap 1-3,5 model ap8250 poe enable
This may affect the power applied on the configured ports.
Would you like to continue? (y/n) [n]y
The following command sets ports 1 through 3 and port 5 for MAP
access point model AP8750 and enables PoE on the ports:
WX1200# set port type ap 1-3,5 model ap8750 poe enable
This may affect the power applied on the configured ports.
Would you like to continue? (y/n) [n]y
Page 98
98 CHAPTER 4: PORT COMMANDS
The following command resets port 5 by clearing it:
WX1200# clear port type 5
This may disrupt currently authenticated users.
Are you sure? (y/n) [n]y
success: change accepted.
See Also
clear dap on page 68
clear port type on page 72
set {ap | dap} radio antennatype on page 353
set dap on page 85
set port type wired-auth on page 98
set system countrycode on page 58
set port type wired-auth
Configures a WX switch port for a wired authentication user.
Before changing the port type from ap to wired-auth or from
wired-auth to ap, you must reset the port with the clear port type
command.
Syntax —
[max-sessions num] [auth-fall-thru {last-resort | none |
web-portal}]
port-list — List of physical ports.
tag-list — One or more numbers between 1 and 4094 that
set port type wired-auth port-list [tag tag-list]
subdivide a wired authentication port into virtual ports.
num — Maximum number of simultaneous user sessions supported.
last-resort — Automatically authenticates the user, without
requiring a username and password.
none — Denies authentication and prohibits the user from accessing
the network over this port.
web-portal — Serves the user a web page from the WX switch’s
nonvolatile storage for secure login to the network.
Defaults — The default tag-list is null (no tag values). The default
number of sessions is 1. The default fallthru authentication type is none.
Page 99
set port type wired-auth 99
Access — Enabled.
History—Introduced in MSS Version 3.0. Option for WebAAA fallthru
authentication type changed from web-auth to web-portal in MSS
Version 4.0.
Usage — You cannot set a port’s type if the port is a member of a port
VLAN. To remove a port from a VLAN, use the clear vlan command. To
reset a port as a network port, use the clear port type command.
When you change port type, MSS applies default settings appropriate for
the port type. Table 18 lists the default settings that MSS applies when
you set a port’s type to ap.
Table 18 Wired Authentication Port Details
Port Parameter Setting
VLAN membership Removed from all VLANs. You cannot assign a MAP access
Spanning Tree
Protocol (STP)
802.1X Uses authentication parameters configured for users.
Port groups Not applicable
IGMP snooping Enabled as users are authenticated and join VLANs.
Maximum user sessions 1 (one).
Fallthru authentication
type
port to a VLAN. MSS automatically assigns MAP access ports
to VLANs based on user traffic.
Not applicable
None
For 802.1X clients, wired authentication works only if the clients are
directly attached to the wired authentication port, or are attached
through a hub that does not block forwarding of packets from the client
to the PAE group address (01:80:c2:00:00:03).
Wired authentication works in accordance with the 802.1X specification,
which prohibits a client from sending traffic directly to an authenticator’s
MAC address until the client is authenticated. Instead of sending traffic to
the authenticator’s MAC address, the client sends packets to the PAE
group address.
The 802.1X specification prohibits networking devices from forwarding
PAE group address packets, because this would make it possible for
multiple authenticators to acquire the same client.
Page 100
100 CHAPTER 4: PORT COMMANDS
For non-802.1X clients, who use MAC authentication, WebAAA, or
last-resort authentication, wired authentication works if the clients are
directly attached or indirectly attached.
Examples — The following command sets port 2 for a wired
authentication user:
WX1200# set port type wired-auth 2
success: change accepted
The following command sets port 7 for a wired authentication user and
specifies a maximum of three simultaneous user sessions:
WX1200# set port type wired-auth 7 max-sessions 3
success: change accepted
See Also
clear port type on page 72
set port type ap on page 95
Loading...