How it Works
3COM
Loading...
WX1200
User Manual
516 pgs4.11 Mb0
User Manual
646 pgs4.69 Mb0
Installation Guide
66 pgs1.08 Mb0
Table of contents
Loading...

3COM WX1200 User Manual

Wireless LAN Mobility System
Wireless LAN Switch and Controller Command Reference
WX4400 3CRWX440095A WX1200 3CRWX120695A WXR100 3CRWXR10095A
http://www.3com.com/
Part No. 10015086 Published April 2006
3Com Corporation 350 Campus Drive Marlborough, MA USA 01752-3064
Copyright © 2006, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation.
3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation to provide notification of such revision or change.
3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or changes in the product(s) and/or the program(s) described in this documentation at any time.
If there is any software on removable media described in this documentation, it is furnished under a license agreement included with the product as a separate document, in the hard copy documentation, or on the removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy, please contact 3Com and a copy will be provided to you.
UNITED STATES GOVERNMENT LEGEND
If you are a United States government agency, then this documentation and the software described herein are provided to you subject to the following:
All technical data and computer software are commercial in nature and developed solely at private expense. Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or as a “commercial item” as defined in FAR 2.101(a) and as such is provided with only such rights as are provided in 3Com’s standard commercial license for the Software. Technical data is provided with limited rights only as provided in DFAR 252.227-7015 (Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable. You agree not to remove or deface any portion of any legend provided on any licensed program or documentation contained in, or delivered to you in conjunction with, this User Guide.
Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not be registered in other countries.
3Com is a registered trademark of 3Com Corporation. The 3Com logo is a trademark of 3Com Corporation. Mobility Domain, Mobility Point, Mobility Profile, Mobility System, Mobility System Software, MP, MSS, and
SentrySweep are trademarks of Trapeze Networks, Inc. Intel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, Windows XP,
and Windows NT are registered trademarks of Microsoft Corporation. All other company and product names may be trademarks of the respective companies with which they are
associated.
ENVIRONMENTAL STATEMENT
It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we are committed to:
Establishing environmental performance standards that comply with national legislation and regulations. Conserving energy, materials and natural resources in all operations. Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental
standards. Maximizing the recyclable and reusable content of all products. Ensuring that all products can be recycled, reused and disposed of safely. Ensuring that all products are labelled according to recognized environmental standards. Improving our environmental record on a continual basis.
End of Life Statement
3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components.
Regulated Materials Statement
3Com products do not contain any hazardous or ozone-depleting material.
Environmental Statement about the Documentation
The documentation for this product is printed on paper that comes from sustainable, managed forests; it is fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and the inks are vegetable-based with a low heavy-metal content.
CONTENTS
ABOUT THIS GUIDE
Conventions 19 Documentation 20 Documentation Comments 21
1 USING THE COMMAND-LINE INTERFACE
Overview 23 CLI Conventions 24
Command Prompts 24 Syntax Notation 24 Text Entry Conventions and Allowed Characters 25 MAC Address Notation 25 IP Address and Mask Notation 26 User Globs, MAC Address Globs, and VLAN Globs 26 Port Lists 28 Virtual LAN Identification 29
Command-Line Editing 29
Keyboard Shortcuts 29 History Buffer 30 Tabs 30 Single-Asterisk (*) Wildcard Character 30
Double-Asterisk (**) Wildcard Characters 30 Using CLI Help 31 Understanding Command Descriptions 32
2 ACCESS COMMANDS
Commands by Usage 33 disable 33 enable 34 quit 34 set enablepass 35
3 SYSTEM SERVICE COMMANDS
Commands by Usage 37 clear banner motd 38 clear history 39 clear prompt 39 clear system 40 display banner motd 41 display base-information 41 display license 42 display load 43 display system 43 help 46 history 47 quickstart 48 set auto-config 48 set banner motd 51 set confirm 52 set length 53 set license 53 set prompt 54 set system contact 55 set system countrycode 56 set system idle-timeout 58 set system ip-address 59 set system location 59 set system name 60
4 PORT COMMANDS
Commands by Usage 63 clear dap 64 clear port counters 65 clear port-group 65 clear port media-type 66 clear port name 66 clear port preference 67 clear port type 68 display port counters 69
display port-group 70 display port poe 71 display port preference 72 display port status 73 display port media-type 75 monitor port counters 76 reset port 81 set dap 81 set port 83 set port-group 84 set port media-type 85 set port name 86 set port negotiation 86 set port poe 87 set port preference 88 set port speed 89 set port trap 90 set port type ap 91 set port type wired-auth 94
5 VLAN COMMANDS
Commands by usage 97 clear fdb 98 clear security 12-restrict 99 clear security 12-restrict counters 100 clear vlan 101 display fdb 102 display fdb agingtime 104 display fdb count 105 display roaming station 106 display roaming vlan 108 display security 12-restrict 109 display tunnel 110 display vlan config 111 set fdb 113 set fdb agingtime 114 set security l2-restrict 114
set vlan name 116 set vlan port 117 set vlan tunnel-affinity 118
6 QUALITY OF SERVICE COMMANDS
Commands by Usage 119 clear qos 120 set qos cos-to-dscp-map 121 set qos dscp-to-cos-map 122 display qos 123 display qos dscp-table 124
7 IP SERVICES COMMANDS
Commands by Usage 125 clear interface 127 clear ip alias 128 clear ip dns domain 129 clear ip dns server 129 clear ip route 130 clear ip telnet 131 clear ntp server 131 clear ntp update-interval 132 clear snmp community 133 clear snmp notify profile 133 clear snmp notify target 134 clear snmp usm 134 clear summertime 135 clear system ip-address 136 clear timezone 136 display arp 137 display dhcp-client 138 display dhcp-server 140 display interface 142 display ip alias 143 display ip dns 144 display ip https 145 display ip route 146
display ip telnet 148 display ntp 149 display snmp community 151 display snmp counters 152 display snmp notify profile 152 display snmp notify target 152 display snmp status 153 display snmp usm 154 display summertime 154 display timedate 155 display timezone 155 ping 156 set arp 158 set arp agingtime 159 set interface 160 set interface dhcp-client 161 set interface dhcp-server 162 set interface status 163 set ip alias 164 set ip dns 164 set ip dns domain 165 set ip dns server 166 set ip https server 167 set ip route 167 set ip snmp server 169 set ip ssh 170 set ip ssh server 171 set ip telnet 171 set ip telnet server 172 set ntp 173 set ntp server 174 set ntp update-interval 175 set snmp community 175 set snmp notify profile 177 set snmp notify target 181
SNMPv3 with Informs 181
SNMPv3 with Traps 183
SNMPv2c with Informs 183
SNMPv2c with Traps 184
SNMPv1 with Traps 184 set snmp protocol 186 set snmp security 187 set snmp usm 188 set summertime 191 set system ip-address 192 set timedate 193 set timezone 194 telnet 195 traceroute 197
8 AAA COMMANDS
Commands by Usage 201 clear accounting 203 clear authentication admin 204 clear authentication console 205 clear authentication dot1x 206 clear authentication last-resort 207 clear authentication mac 208 clear authentication proxy 209 clear authentication web 209 clear location policy 210 clear mac-user 211 clear mac-user attr 212 clear mac-user group 212 clear mac-usergroup 213 clear mac-usergroup attr 214 clear mobility-profile 215 clear user 215 clear user attr 216 clear user group 217 clear usergroup 217 clear usergroup attr 218 display aaa 219 display accounting statistics 222 display location policy 224
display mobility-profile 224 set accounting {admin | console} 225 set accounting {dot1x | mac | web | last-resort} 227 set authentication admin 229 set authentication console 231 set authentication dot1x 233 set authentication last-resort 236 set authentication mac 239 set authentication proxy 241 set authentication web 242 set location policy 244 set mac-user 248 set mac-user attr 249 set mac-usergroup attr 254 set mobility-profile 255 set mobility-profile mode 257 set user 258 set user attr 259 set user group 260 set usergroup 261 set web-portal 262
9 MOBILITY DOMAIN COMMANDS
Commands by Usage 265 clear mobility-domain 266 clear mobility-domain member 266 display mobility-domain config 267 display mobility-domain status 267 set mobility-domain member 269 set mobility-domain mode member seed-ip 270 set mobility-domain mode seed domain-name 271
10 NETWORK DOMAIN COMMANDS
Network Domain Commands by Usage 273 clear network-domain 274 clear network-domain mode 275 clear network-domain peer 276
clear network-domain seed-ip 277 display network-domain 278 set network-domain mode member seed-ip 280 set network-domain peer 281 set network-domain mode seed domain-name 282
11 MANAGED ACCESS POINT COMMANDS
MAP Access Point Commands by Usage 283 clear {ap | dap} radio 286 clear radio-profile 288 clear service-profile 289 display {ap | dap} config 290 display {ap | dap} counters 294 display {ap | dap} qos-stats 300 display {ap | dap} etherstats 301 display {ap | dap} group 303 display {ap | dap} status 304 display auto-tune attributes 309 display auto-tune neighbors 311 display dap connection 313 display dap global 314 display dap unconfigured 316 display radio-profile 317 display service-profile 321 reset {ap | dap} 324 set dap auto 325 set dap auto radiotype 326 set dap auto mode 327 set {ap | dap} bias 328 set {ap | dap} blink 330 set dap fingerprint 331 set {ap | dap} group 332 set {ap | dap} name 333 set {ap | dap} radio antennatype 334 set {ap | dap} radio auto-tune max-power 335 set {ap | dap} radio auto-tune max-retransmissions 337 set {ap | dap} radio channel 339
set {ap | dap} radio auto-tune min-client-rate 340 set {ap | dap} radio mode 341 set {ap | dap} radio radio-profile 343 set {ap | dap} radio tx-power 344 set dap security 345 set {ap | dap} upgrade-firmware 346 set radio-profile 11g-only 347 set radio-profile active-scan 348 set radio-profile auto-tune channel-config 349 set radio-profile auto-tune channel-holddown 350 set radio-profile auto-tune channel-interval 351 set radio-profile auto-tune power-backoff- timer 352 set radio-profile auto-tune power-config 353 set radio-profile auto-tune power-interval 354 set radio-profile beacon-interval 355 set radio-profile countermeasures 355 set radio-profile dtim-interval 357 set radio-profile frag-threshold 358 set radio-profile long-retry 359 set radio-profile max-rx-lifetime 360 set radio-profile max-tx-lifetime 361 set radio-profile mode 362 set radio-profile preamble-length 364 set radio-profile rts-threshold 365 set radio-profile service-profile 366 set radio-profile short-retry 369 set radio-profile wmm 370 set service-profile attr 371 set service-profile auth-dot1x 373 set service-profile auth-fallthru 374 set service-profile auth-psk 375 set service-profile beacon 376 set service-profile cipher-ccmp 377 set service-profile cipher-tkip 378 set service-profile cipher-wep104 379 set service-profile cipher-wep40 380 set service-profile psk-phrase 381 set service-profile psk-raw 382
set service-profile rsn-ie 383 set service-profile shared-key-auth 384 set service-profile ssid-name 384 set service-profile ssid-type 385 set service-profile tkip-mc-time 386 set service-profile web-portal-form 387 set service-profile wep active-multicast-index 388 set service-profile wep active-unicast-index 389 set service-profile wep key-index 390 set service-profile wpa-ie 391
12 STP COMMANDS
STP Commands by Usage 393 clear spantree portcost 394 clear spantree portpri 395 clear spantree portvlancost 395 clear spantree portvlanpri 396 clear spantree statistics 397 display spantree 398 display spantree backbonefast 400 display spantree blockedports 401 display spantree portfast 402 display spantree portvlancost 403 display spantree statistics 403 display spantree uplinkfast 409 set spantree 410 set spantree backbonefast 411 set spantree fwddelay 412 set spantree hello 412 set spantree maxage 413 set spantree portcost 414 set spantree portfast 415 set spantree portpri 416 set spantree portvlancost 417 set spantree portvlanpri 418 set spantree priority 419 set spantree uplinkfast 419
13 IGMP SNOOPING COMMANDS
Commands by usage 421 clear igmp statistics 422 display igmp 422 display igmp mrouter 426 display igmp querier 427 display igmp receiver-table 429 display igmp statistics 431 set igmp 433 set igmp lmqi 434 set igmp mrouter 435 set igmp mrsol 436 set igmp mrsol mrsi 436 set igmp oqi 437 set igmp proxy-report 438 set igmp qi 439 set igmp qri 440 set igmp querier 441 set igmp receiver 441 set igmp rv 442
14 SECURITY ACL COMMANDS
Security ACL Commands by Usage 445 clear security acl 446 clear security acl map 447 commit security acl 449 display security acl 450 display security acl hits 451 display security acl info 452 display security acl map 453 display security acl resource-usage 454 rollback security acl 458 set security acl 459 set security acl map 464 set security acl hit-sample-rate 466
15 CRYPTOGRAPHY COMMANDS
Commands by Usage 469 crypto ca-certificate 470 crypto certificate 471 crypto generate key 473 crypto generate request 474 crypto generate self-signed 476 crypto otp 478 crypto pkcs12 479 display crypto ca-certificate 481 display crypto certificate 482 display crypto key ssh 483
16 RADIUS AND SERVER GROUP COMMANDS
Commands by Usage 485 clear radius 486 clear radius client system-ip 487 clear radius proxy client 488 clear radius proxy port 488 clear radius server 489 clear server group 489 set radius 490 set radius client system-ip 491 set radius proxy client 492 set radius proxy port 493 set radius server 494 set server group 496 set server group load-balance 497
17 802.1X MANAGEMENT COMMANDS
Commands by Usage 499 clear dot1x bonded-period 500 clear dot1x max-req 501 clear dot1x port-control 501 clear dot1x quiet-period 502 clear dot1x reauth-max 503
clear dot1x reauth-period 503 clear dot1x timeout auth-server 504 clear dot1x timeout supplicant 504 clear dot1x tx-period 505 display dot1x 505 set dot1x authcontrol 508 set dot1x bonded-period 509 set dot1x key-tx 510 set dot1x max-req 511 set dot1x port-control 512 set dot1x quiet-period 513 set dot1x reauth 513 set dot1x reauth-max 514 set dot1x reauth-period 515 set dot1x timeout auth-server 515 set dot1x timeout supplicant 516 set dot1x tx-period 516 set dot1x wep-rekey 517 set dot1x wep-rekey-period 518
18 SESSION MANAGEMENT COMMANDS
Commands by Usage 519 clear sessions 519 clear sessions network 521 display sessions 522 display sessions network 525
19 RF DETECTION COMMANDS
Commands by Usage 533 clear rfdetect attack-list 534 clear rfdetect black-list 535 clear rfdetect ignore 535 clear rfdetect ssid-list 536 clear rfdetect vendor-list 537 display rfdetect attack-list 537 display rfdetect black-list 538 display rfdetect clients 539
display rfdetect countermeasures 541 display rfdetect counters 542 display rfdetect data 544 display rfdetect ignore 546 display rfdetect mobility-domain 546 display rfdetect ssid-list 550 display rfdetect vendor-list 551 display rfdetect visible 552 set rfdetect active-scan 554 set rfdetect attack-list 554 set rfdetect black-list 555 set rf detect countermeasures 556 set rfdetect countermeasures mac 557 set rfdetect ignore 558 set rfdetect log 559 set rfdetect signature 560 set rfdetect ssid-list 560 set rfdetect vendor-list 561
20 FILE MANAGEMENT COMMANDS
Commands by Usage 563 backup 564 clear boot backup-configuration 566 clear boot config 566 copy 567 delete 569 dir 570 display boot 573 display config 574 display version 576 load config 578 md5 580 mkdir 580 reset system 582 restore 583 rmdir 584 save config 584
set boot backup-configuration 585 set boot configuration-file 586 set boot partition 587
21 TRACE COMMANDS
Commands by Usage 589 clear log trace 590 clear trace 590 display trace 591 save trace 592 set trace authentication 592 set trace authorization 593 set trace dot1x 594 set trace sm 595
22 SNOOP COMMANDS
Commands by Usage 597 clear snoop 598 clear snoop map 598 set snoop 599 set snoop map 602 set snoop mode 603 display snoop 604 display snoop info 604 display snoop map 605 display snoop stats 606
23 SYSTEM LOG COMMANDS
Commands by Usage 609 clear log 609 display log buffer 610 display log config 612 display log trace 613 set log 614 set log mark 616
24 BOOT PROMPT COMMANDS
Boot Prompt Commands by Usage 619 autoboot 620 boot 621 change 623 create 624 delete 625 dhcp 626 diag 627 dir 627 display 628 fver 630 help 631 ls 632 next 633 reset 634 test 635 version 636
A OBTAINING SUPPORT FOR YOUR PRODUCT
Register Your Product 637 Purchase Value-Added Services 637 Troubleshoot Online 638 Access Software Downloads 638 Telephone Technical Support and Repair 638 Contact Us 639
INDEX

Conventions 19

ABOUT THIS GUIDE

This command reference explains Mobility System Software (MSS™) command line interface (CLI) that you enter on a 3Com WXR100 or WX1200 Wireless Switch or WX4400 Wireless LAN Controller to configure and manage the Mobility System™ wireless LAN (WLAN).
Read this reference if you are a network administrator responsible for managing WXR100, WX1200 or WX4400 wireless switches and their Managed Access Points (MAPs) in a network.
If release notes are shipped with your product and the information there differs from the information in this guide, follow the instructions in the release notes.
Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the 3Com World Wide Web site:
http://www.3com.com/
Conventions Table 1 and Table 2 list conventions that are used throughout this guide.
Tab le 1 Notice Icons
Icon Notice Type Description
Information note Information that describes important features or
Caution Information that alerts you to potential loss of data or
instructions
potential damage to an application, system, or device
20 ABOUT THIS GUIDE
This manual uses the following text and syntax conventions:
Tab le 2 Text Conventions
Convention Description
Monospace text Sets off command syntax or sample commands and system
responses.
Bold text Highlights commands that you enter or items you select. Italic text Designates command variables that you replace with
appropriate values, or highlights publication titles or words
requiring special emphasis. [ ] (square brackets) Enclose optional parameters in command syntax. { } (curly brackets) Enclose mandatory parameters in command syntax. | (vertical bar) Separates mutually exclusive options in command syntax. Keyboard key names If you must press two or more keys simultaneously, the key
names are linked with a plus sign (+). Example:
Press Ctrl+Alt+Del
Words in italics Italics are used to:
Emphasize a point.
Denote a new term at the place where it is defined in the
text.
Highlight an example string, such as a username or SSID.

Documentation The MSS documentation set includes the following documents.

Wireless LAN Switch Manager (3WXM) Release Notes
These notes provide information about the system software release, including new features and bug fixes.
Wireless LAN Switch and Controller Release Notes
These notes provide information about the system software release, including new features and bug fixes.
Wireless LAN Switch and Controller Quick Start Guide
This guide provides instructions for performing basic setup of secure (802.1X) and guest (WebAAA Domain for roaming, and for accessing a sample network plan in 3WXM for advanced configuration and management.
) access, for configuring a Mobility
Documentation Comments 21
Wireless LAN Switch Manager Reference Manual
This manual shows you how to plan, configure, deploy, and manage a Mobility System wireless LAN (WLAN) using the 3Com Wireless LAN Switch Manager (3WXM).
Wireless LAN Switch Manager User’s Guide
This manual shows you how to plan, configure, deploy, and manage the entire WLAN with the 3WXM tool suite. Read this guide to learn how to plan wireless services, how to configure and deploy 3Com equipment to provide those services, and how to optimize and manage your WLAN.
Wireless LAN Switch and Controller Hardware Installation Guide
This guide provides instructions and specifications for installing a WX wireless switch in a Mobility System WLAN.
Wireless LAN Switch and Controller Configuration Guide
This guide provides instructions for configuring and managing the system through the Mobility System Software (MSS) CLI.
Wireless LAN Switch and Controller Command Reference

Documentation Comments

This reference provides syntax information for all MSS commands supported on WX switches.
Your suggestions are very important to us. They will help make our documentation more useful to you. Please e-mail comments about this document to 3Com at:
pddtechpubs_comments@3com.com
Please include the following information when contacting us:
Document titleDocument part number and revision (on the title page)Page number (if appropriate)
Example:
Wireless LAN Switch and Controller Configuration GuidePart number 730-9502-0071, Revision BPage 25
22 ABOUT THIS GUIDE
Please note that we can only respond to comments and questions about 3Com product documentation at this e-mail address. Questions related to Technical Support or sales should be directed in the first instance to your network supplier.
USING THE COMMAND-LINE
1
INTERFACE
This chapter discusses the 3Com Wireless Switch Manager (3WXM) command-line interface (CLI). Described are:
CLI conventions (see “CLI Conventions” on page 24) Editing on the command line (see “Command-Line Editing” on
page 29)
Using the CLI help feature (see “Using CLI Help” on page 31) Information about the command descriptions in this reference (see
“Understanding Command Descriptions” on page 32)

Overview Mobility System Software (MSS) operates a 3Com Mobility System

wireless LAN (WLAN) consisting of 3Com Wireless Switch Manager (3WXM) software and 3Com Wireless LAN Switch or 3Com Wireless LAN Controller (WX switch) and 3Com Wireless LAN Managed Access Point (MAP) hardware. There is a command-line interface (CLI) on the WX switch that you can use to configure and manage the WX and its attached access points.
You configure the wireless LAN switches and access points primarily with set, clear, and display commands. Use set commands to change parameters. Use clear commands to reset parameters to their defaults. In many cases, you can overwrite a parameter with another set command. Use display commands to show the current configuration and monitor the status of network operations.
The wireless LAN switches support two connection modes:
Administrative access mode, which enables the network administrator
to connect to the WX switch and configure the network
Network access mode, which enables network users to connect
through the WX switch to access the network
24 CHAPTER 1: USING THE COMMAND-LINE INTERFACE

CLI Conventions Be aware of the following MSS CLI conventions for command entry:

“Command Prompts” on page 24 “Syntax Notation” on page 24 “Text Entry Conventions and Allowed Characters” on page 25 “User Globs, MAC Address Globs, and VLAN Globs” on page 26 “Port Lists” on page 28 “Virtual LAN Identification” on page 29

Command Prompts By default, the MSS CLI provides the following prompt for restricted

users. The mmmm portion shows the wireless LAN switch model number (for example, 1200).
WXmmmm>
After you become enabled as an administrative user by typing enable and supplying a suitable password, MSS displays the following prompt:
WXmmmm#
For information about changing the CLI prompt on a wireless LAN switch, see “set prompt” on page 54.

Syntax Notation The MSS CLI uses standard syntax notation:

Bold monospace font identifies the command and keywords you must
type. For example:
set enablepass
Italics indicate a placeholder for a value. For example, you replace
vlan-id in the following command with a virtual LAN (VLAN) ID:
clear interface vlan-id ip
Curly brackets ({}) indicate a mandatory parameter, and square
brackets ([]) indicate an optional parameter. For example, you must enter dynamic or port and a port list in the following command, but a VLAN ID is optional:
clear fdb {dynamic | port port-list} [vlan vlan-id]
CLI Conventions 25
A vertical bar (|) separates mutually exclusive options within a list of
possibilities. For example, you enter either enable or disable, not both, in the following command:
set port {enable | disable} port-list
Text Entry
Conventions and
Allowed Characters
MAC Address
Notation
Unless otherwise indicated, the MSS CLI accepts standard ASCII alphanumeric characters, except for tabs and spaces, and is case-insensitive.
The CLI has specific notation requirements for MAC addresses, IP addresses, and masks, and allows you to group usernames, MAC addresses, virtual LAN (VLAN) names, and ports in a single command.
3Com recommends that you do not use the same name with different capitalizations for VLANs or access control lists (ACLs). For example, do not configure two separate VLANs with the names red and RED.
The CLI does not support the use of special characters including the following in any named elements such as SSIDs and VLANs: ampersand (&), angle brackets (< >), number sign (#), question mark (?), or quotation marks (“”).
In addition, the CLI does not support the use of international characters such as the accented É in DÉCOR.
MSS displays MAC addresses in hexadecimal numbers with a colon (:) delimiter between bytes — for example, 00:01:02:1a:00:01. You can enter MAC addresses with either hyphen (-) or colon (:) delimiters, but colons are preferred.
For shortcuts:
You can exclude leading zeros when typing a MAC address. MSS
displays of MAC addresses include all leading zeros.
In some specified commands, you can use the single-asterisk (*)
wildcard character to represent from 1 byte to 5 bytes of a MAC address. (For more information, see “MAC Address Globs” on page 27.)
26 CHAPTER 1: USING THE COMMAND-LINE INTERFACE
IP Address and Mask
Notation
User Globs, MAC
Address Globs, and
VLAN Globs
MSS displays IP addresses in dotted decimal notation — for example,
192.168.1.111. MSS makes use of both subnet masks and wildcard masks.
Subnet Masks
Unless otherwise noted, use classless interdomain routing (CIDR) format to express subnet masks — for example, 192.168.1.112/24. You indicate the subnet mask with a forward slash (/) and specify the number of bits in the mask.
Wildcard Masks
Security access control lists (ACLs) use source and destination IP addresses and wildcard masks to determine whether the wireless LAN switch filters or forwards IP packets. Matching packets are either permitted or denied network access. The ACL checks the bits in IP addresses that correspond to any 0s (zeros) in the mask, but does not check the bits that correspond to 1s (ones) in the mask. You specify the wildcard mask in dotted decimal notation.
For example, the address 10.0.0.0 and mask 0.255.255.255 match all IP addresses that begin with 10 in the first octet.
Name “globbing” is a way of using a wildcard pattern to expand a single element into a list of elements that match the pattern. MSS accepts user globs, MAC address globs, and VLAN globs. The order in which globs appear in the configuration is important, because once a glob is matched, processing stops on the list of globs.
User Globs
A user glob is shorthand method for matching an authentication, authorization, and accounting (AAA) command to either a single user or a set of users.
A user glob can be up to 80 characters long and cannot contain spaces or tabs. The double-asterisk (**) wildcard characters with no delimiter characters match all usernames. The single-asterisk (*) wildcard character matches any number of characters up to, but not including, a delimiter character in the glob. Valid user glob delimiter characters are the at (@) sign and the period (.).
CLI Conventions 27
Table 3 gives examples of user globs.
Tab le 3 User Globs
User Glob User(s) Designated
jose@example.com User jose at example.com *@example.com All users at example.com whose usernames do not
*@marketing.example.com All marketing users at example.com whose
*.*@marketing.example.com All marketing users at example.com whose
* All users with usernames that have no delimiters EXAMPLE\* All users in the Windows Domain EXAMPLE with
EXAMPLE\*.* All users in the Windows Domain EXAMPLE whose
** All users
contain periods — for example, jose@example.com and tamara@example.com, but not nin.wong@example.com, because nin.wong contains a period
usernames do not contain periods
usernames contain periods
usernames that have no delimiters
usernames contain periods
MAC Address Globs
A media access control (MAC) address glob is a similar method for matching some authentication, authorization, and accounting (AAA) and forwarding database (FDB) commands to one or more 6-byte MAC addresses. In a MAC address glob, you can use a single asterisk (*) as a wildcard to match all MAC addresses, or as follows to match from 1 byte to 5 bytes of the MAC address:
00:* 00:01:* 00:01:02:* 00:01:02:03:* 00:01:02:03:04:*
For example, the MAC address glob 02:06:8c* represents all MAC addresses starting with 02:06:8c. Specifying only the first 3 bytes of a MAC address allows you to apply commands to MAC addresses based on an organizationally unique identity (OUI).
28 CHAPTER 1: USING THE COMMAND-LINE INTERFACE
VLAN Globs
A VLAN glob is a method for matching one of a set of local rules on an wireless LAN switch, known as the location policy, to one or more users. MSS compares the VLAN glob, which can optionally contain wildcard characters, against the VLAN-Name attribute returned by AAA, to determine whether to apply the rule.
To match all VLANs, use the double-asterisk (**) wildcard characters with no delimiters. To match any number of characters up to, but not including, a delimiter character in the glob, use the single-asterisk (*) wildcard. Valid VLAN glob delimiter characters are the at (@) sign and the period (.).
For example, the VLAN glob bldg4.* matches bldg4.security and bldg4.hr and all other VLAN names with bldg4. at the beginning.
Matching Order for Globs
In general, the order in which you enter AAA commands determines the order in which MSS matches the user, MAC address, or VLAN to a glob. To verify the order, view the output of the display aaa or display config command. MSS checks globs that appear higher in the list before items lower in the list and uses the first successful match.

Port Lists The physical Ethernet ports on a WX switch can be set for connection to

MAP access points, authenticated wired users, or the network backbone. You can include a single port or multiple ports in one MSS CLI command by using the appropriate list format.
The ports on a WX switch are numbered 1 through 4 (for the 3Com Wireless LAN Controller WX4400) and 1 through 8 (for the 3Com Wireless Lan Switch WX1200). No port 0 exists on the WX switch. You can include a single port or multiple ports in a command that includes port port-list. Use one of the following formats for port-list:
A single port number. For example:
WX1200# set port enable 6
A comma-separated list of port numbers, with no spaces. For
example:
WX1200# display port poe 1,2,4
Command-Line Editing 29
A hyphen-separated range of port numbers, with no spaces. For
example:
WX1200# reset port 1-3
Any combination of single numbers, lists, and ranges. Hyphens take
precedence over commas. For example:
WX1200# display port status 1-3,6
Virtual LAN
Identification
The names of virtual LANs (VLANs), which are used in Mobility Domain™ communications, are set by you and can be changed. In contrast, VLAN ID numbers, which the wireless LAN uses locally, are determined when the VLAN is first configured and cannot be changed. Unless otherwise indicated, you can refer to a VLAN by either its VLAN name or its VLAN number. CLI set and display commands use a VLAN’s name or number to uniquely identify the VLAN within the WX.

Command-Line Editing

MSS editing functions are similar to those of many other network operating systems.
Keyboard Shortcuts The following table lists the keyboard shortcuts for entering and editing
CLI commands.

Tab le 4 Keyboard Shortcuts

Keyboard Shortcut(s) Function
Ctrl+A Jumps to the first character of the command line. Ctrl+B or Left Arrow key Moves the cursor back one character. Ctrl+C Escapes and terminates prompts and tasks. Ctrl+D Deletes the character at the cursor. Ctrl+E Jumps to the end of the current command line. Ctrl+F or Right Arrow key Moves the cursor forward one character. Ctrl+K Deletes from the cursor to the end of the command
Ctrl+L or Ctrl+R Repeats the current command line on a new line. Ctrl+N or Down Arrow key Enters the next command line in the history buffer. Ctrl+P or Up Arrow key Enters the previous command line in the history
line.
buffer.
30 CHAPTER 1: USING THE COMMAND-LINE INTERFACE
Tab le 4 Keyboard Shortcuts (continued)
Keyboard Shortcut(s) Function
Ctrl+U or Ctrl+X Deletes characters from the cursor to the beginning
Ctrl+W Deletes the last word typed. Esc B Moves the cursor back one word. Esc D Deletes characters from the cursor forward to the
Delete key or Backspace key Erases mistake made during command entry. Reenter

History Buffer The history buffer stores the last 63 commands you entered during a

terminal session. You can use the Up Arrow and Down Arrow keys to select a command that you want to repeat from the history buffer.

Ta bs The MSS CLI uses the Tab key for command completion. You can type

the first few characters of a command and press the Tab key to show the command(s) that begin with those characters. For example:
WX1200# display i <Tab> ifm display interfaces maintained by the interface manager igmp display igmp information interface display interfaces ip display ip information
of the command line.
end of the word.
the command after using this key.
Single-Asterisk (*)
Wildcard Character
Double-Asterisk (**)
Wildcard Characters
You can use the single-asterisk (*) wildcard character in globbing. (For details, see “User Globs, MAC Address Globs, and VLAN Globs” on page 26.)
The double-asterisk (**) wildcard character matches all usernames. For details, see “User Globs” on page 26.
Loading...
+ 616 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use