3Com WX2200 3CRWX220095A, WX1200 3CRWX120695A, WX4400 3CRWX440095A, WXR100 3CRWXR10095A User Manual

Wireless LAN Mobility System
Wireless LAN Switch and Controller Command Reference
WX4400 3CRWX440095A WX2200 3CRWX220095A WX1200 3CRWX120695A WXR100 3CRWXR10095A
http://www.3Com.com/
Part No. 10015910 Rev AB Published December 2007
3Com Corporation 350 Campus Drive Marlborough, MA USA 01752-3064
Copyright © 2007, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or adaptation) without written permission from 3Com Corporation.
3Com Corporation reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of 3Com Corporation to provide notification of such revision or change.
3Com Corporation provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or changes in the product(s) and/or the program(s) described in this documentation at any time.
If there is any software on removable media described in this documentation, it is furnished under a license agreement included with the product as a separate document, in the hard copy documentation, or on the removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy, please contact 3Com and a copy will be provided to you.
UNITED STATES GOVERNMENT LEGEND
If you are a United States government agency, then this documentation and the software described herein are provided to you subject to the following:
All technical data and computer software are commercial in nature and developed solely at private expense. Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or as a “commercial item” as defined in FAR 2.101(a) and as such is provided with only such rights as are provided in 3Com’s standard commercial license for the Software. Technical data is provided with limited rights only as provided in DFAR 252.227-7015 (Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable. You agree not to remove or deface any portion of any legend provided on any licensed program or documentation contained in, or delivered to you in conjunction with, this User Guide.
Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not be registered in other countries.
3Com is a registered trademark of 3Com Corporation. The 3Com logo is a trademark of 3Com Corporation. Mobility Domain, Managed Access Point, Mobility Profile, Mobility System, Mobility System Software, MP,
MSS, and SentrySweep are trademarks of Trapeze Networks. Intel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, Windows XP,
and Windows NT are registered trademarks of Microsoft Corporation. All other company and product names may be trademarks of the respective companies with which they are
associated.
ENVIRONMENTAL STATEMENT
It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we are committed to:
Establishing environmental performance standards that comply with national legislation and regulations. Conserving energy, materials and natural resources in all operations. Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental
standards. Maximizing the recyclable and reusable content of all products. Ensuring that all products can be recycled, reused and disposed of safely. Ensuring that all products are labelled according to recognized environmental standards. Improving our environmental record on a continual basis.
End of Life Statement
3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components.
Regulated Materials Statement
3Com products do not contain any hazardous or ozone-depleting material.
Environmental Statement about the Documentation
The documentation for this product is printed on paper that comes from sustainable, managed forests; it is fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and the inks are vegetable-based with a low heavy-metal content.
CONTENTS
ABOUT THIS GUIDE
Conventions 23 Documentation 24 Documentation Comments 25
1 USING THE COMMAND-LINE INTERFACE
Overview 27 CLI Conventions 28
Command Prompts 28 Syntax Notation 28 Text Entry Conventions and Allowed Characters 29 MAC Address Notation 29 IP Address and Mask Notation 30 User Globs, MAC Address Globs, and VLAN Globs 30 Port Lists 32 Virtual LAN Identification 33
Command-Line Editing 33
Keyboard Shortcuts 33 History Buffer 34 Tabs 34 Single-Asterisk (*) Wildcard Character 34
Double-Asterisk (**) Wildcard Characters 34 Using CLI Help 35 Understanding Command Descriptions 36
2 ACCESS COMMANDS
Commands by Usage 37 disable 37 enable 38 quit 38 set enablepass 39
3 SYSTEM SERVICE COMMANDS
Commands by Usage 41 clear banner motd 42 clear history 43 clear prompt 43 clear system 44 display banner motd 45 display base-information 45 display license 46 display load 47 display system 47 help 50 history 51 quickstart 52 set auto-config 52 set banner acknowledge 54 set banner motd 56 set confirm 57 set length 57 set license 58 set prompt 59 set system contact 60 set system countrycode 61 set system idle-timeout 65 set system ip-address 66 set system location 67 set system name 68
4 PORT COMMANDS
Commands by Usage 69 clear ap 70 clear port counters 71 clear port-group 71 clear port media-type 72 clear port name 72 clear port mirror 73 clear port preference 73
clear port type 74 display port counters 75 display port-group 76 display port mirror 77 display port poe 78 display port status 79 display port media-type 81 monitor port counters 82 reset port 87 set ap 87 set port 89 set port-group 90 set port media-type 91 set port mirror 92 set port name 93 set port negotiation 93 set port poe 94 set port speed 95 set port trap 96 set port type ap 97 set port type wired-auth 100
5 VLAN COMMANDS
Commands by usage 103 clear fdb 104 clear security 12-restrict 105 clear security 12-restrict counters 106 clear vlan 107 clear vlan-profile 108 display fdb 109 display fdb agingtime 111 display fdb count 112 display roaming station 113 display roaming vlan 115 display security 12-restrict 116 display tunnel 117 display vlan config 118
display vlan-profile 120 set fdb 121 set fdb agingtime 122 set security l2-restrict 123 set vlan name 124 set vlan port 125 set vlan tunnel-affinity 126 set vlan profile 127
6 QUALITY OF SERVICE COMMANDS
Commands by Usage 129 clear qos 129 set qos cos-to-dscp-map 131 set qos dscp-to-cos-map 132 display qos 133 display qos dscp-table 134
7 IP SERVICES COMMANDS
Commands by Usage 135 clear interface 137 clear ip alias 138 clear ip dns domain 139 clear ip dns server 139 clear ip route 140 clear ip telnet 141 clear ntp server 141 clear ntp update-interval 142 clear snmp community 143 clear snmp notify profile 143 clear snmp notify target 144 clear snmp usm 144 clear summertime 145 clear system ip-address 146 clear timezone 146 display arp 147 display dhcp-client 148 display dhcp-server 150
display interface 152 display ip alias 153 display ip dns 154 display ip https 155 display ip route 156 display ip telnet 158 display ntp 159 display snmp community 161 display snmp counters 162 display snmp notify profile 162 display snmp notify target 162 display snmp status 163 display snmp usm 164 display summertime 164 display timedate 165 display timezone 165 ping 166 set arp 168 set arp agingtime 169 set interface 170 set interface dhcp-client 171 set interface dhcp-server 172 set interface status 173 set ip alias 174 set ip dns 175 set ip dns domain 175 set ip dns server 176 set ip https server 177 set ip route 178 set ip snmp server 180 set ip ssh 180 set ip ssh server 181 set ip telnet 181 set ip telnet server 182 set ntp 183 set ntp server 184 set ntp update-interval 185 set snmp community 185
set snmp notify profile 187 set snmp notify target 192
SNMPv3 with Informs 192 SNMPv3 with Traps 193 SNMPv2c with Informs 194 SNMPv2c with Traps 195
SNMPv1 with Traps 195 set snmp protocol 197 set snmp security 198 set snmp usm 199 set summertime 202 set system ip-address 203 set timedate 204 set timezone 205 telnet 206 traceroute 207
8 AAA COMMANDS
Commands by Usage 211 clear accounting 213 clear authentication admin 214 clear authentication console 215 clear authentication dot1x 216 clear authentication mac 217 clear authentication proxy 218 clear authentication web 218 clear location policy 219 clear mac-user 220 clear mac-user attr 221 clear mac-user group 221 clear mac-usergroup 222 clear mac-usergroup attr 223 clear mobility-profile 224 clear user 224 clear user attr 225 clear user group 226 clear user lockout 226
clear usergroup 227 clear usergroup attr 228 display aaa 229 display accounting statistics 232 display location policy 234 display mobility-profile 235 set accounting {admin | console} 235 set accounting {dot1x | mac | web | last-resort} 237 set authentication admin 239 set authentication console 241 set authentication dot1x 243 set authentication mac 247 set authentication max-attempts 249 set authentication max-attempts 250 set authentication minimum-password-length 251 set authentication password-restrict 252 set authentication proxy 253 set authentication web 254 set location policy 256 set mac-user 260 set mac-user attr 261 set mac-usergroup attr 267 set mobility-profile 269 set mobility-profile mode 271 set user 271 set user attr 273 set user expire-password-in 274 set user group 275 set usergroup 275 set usergroup expire-password-in 277 set web-portal 278
9 MOBILITY DOMAIN COMMANDS
Commands by Usage 279 clear mobility-domain 280 clear mobility-domain member 280 display mobility-domain 281
display mobility-domain config 282 display mobility-domain status 283 set mobility-domain member 284 set mobility-domain mode member secondary seed-ip 285 set mobility-domain mode member seed-ip 286 set mobility-domain mode secondary-seed domain-name 287 set mobility-domain mode seed domain-name 288 set domain security 289
10 NETWORK DOMAIN COMMANDS
Network Domain Commands by Usage 291 clear network-domain 292 clear network-domain mode 293 clear network-domain peer 294 clear network-domain seed-ip 295 display network-domain 296 set network-domain mode member seed-ip 298 set network-domain peer 299 set network-domain mode seed domain-name 300
11 MANAGED ACCESS POINT COMMANDS
MAP Access Point Commands by Usage 301 clear ap local-switching vlan-profile 307 clear ap radio 308 clear ap boot-configuration 310 clear ap radio load-balancing group 311 clear radio-profile 312 clear service-profile 313 display ap arp 314 display ap config 316 display ap counters 319 display ap fdb 325 display ap qos-stats 326 display ap etherstats 327 display ap group 329 display ap mesh-links 329 display ap status 331
display ap vlan 337 display auto-tune attributes 338 display auto-tune neighbors 340 display ap boot-configuration 342 display ap connection 343 display ap global 345 display ap unconfigured 347 display load-balancing group 348 display radio-profile 350 display service-profile 353 reset ap 362 set ap auto 362 set ap auto persistent 364 set ap auto radiotype 365 set ap auto mode 366 set ap bias 367 set ap blink 368 set ap boot- configuration ip 369 set ap boot- configuration mesh mode 370 set ap boot-configuration mesh psk-phrase 371 set ap boot-configuration mesh psk-raw 372 set ap boot-configuration mesh ssid 373 set ap boot- configuration switch 374 set ap boot-configuration vlan 375 set ap contact 376 set ap fingerprint 376 set ap force-image-
download 378 set ap group 379 set ap location 379 set ap local-switching mode 379 set ap local-switching vlan-profile 380 set ap name 381 set ap radio antenna-location 382 set ap radio antennatype 383 set ap radio auto-tune max-power 384 set ap radio auto-tune max-
retransmissions 385
set ap radio channel 387 set ap radio link-calibration 388 set ap radio load balancing 389 set ap radio load balancing group 390 set ap radio mode 391 set ap radio radio-profile 392 set ap radio tx-power 393 set ap security 395 set ap upgrade-firmware 396 set band-preference 397 set load-balancing mode 398 set load-balancing strictness 399 set radio-profile 11g-only 400 set radio-profile active-scan 400 set radio-profile auto-tune 11a-channel-range 401 set radio-profile auto-tune channel-config 402 set radio-profile auto-tune channel-holddown 403 set radio-profile auto-tune channel-interval 404 set radio-profile auto-tune channel-lockdown 405 set radio-profile auto-tune power-config 406 set radio-profile auto-tune power-interval 407 set radio-profile auto-tune power-lockdown 408 set radio-profile auto-tune power-ramp-interval 409 set radio-profile beacon-interval 409 set radio-profile countermeasures 410 set radio-profile dtim-interval 412 set radio-profile frag-threshold 413 set radio-profile long-retry 414 set radio-profile max-rx-lifetime 414 set radio-profile max-tx-lifetime 415 set radio-profile mode 416 set radio-profile preamble-length 419 set radio-profile qos-mode 420 set radio-profile rfid-mode 421 set radio-profile rate-enforcement 421 set radio-profile rts-threshold 423 set radio-profile service-profile 424 set radio-profile short-retry 430
set radio-profile wmm 430 set radio-profile wmm-powersave 430 set service-profile attr 431 set service-profile auth-dot1x 433 set service-profile auth-fallthru 434 set service-profile auth-psk 435 set service-profile beacon 436 set service-profile bridging 437 set service-profile cac-mode 438 set service-profile cac-session 439 set service-profile cipher-ccmp 440 set service-profile cipher-tkip 441 set service-profile cipher-wep104 442 set service-profile cipher-wep40 443 set service-profile cos 444 set service-profile dhcp-restrict 445 set service-profile idle-client-probing 446 set service-profile keep-initial-vlan 447 set service-profile load-balancing-
exempt 448 set service-profile long-retry-count 449 set service-profile mesh 450 set service-profile no-broadcast 451 set service-profile proxy-arp 452 set service-profile psk-phrase 453 set service-profile psk-raw 454 set service-profile rsn-ie 455 set service-profile shared-key-auth 456 set service-profile short-retry-count 456 set service-profile soda agent-directory 457 set service-profile soda enforce-checks 458 set service-profile soda failure-page 459 set service-profile soda logout-page 460 set service-profile soda mode 462 set service-profile soda remediation-acl 463 set service-profile soda success-page 464 set service-profile ssid-name 465 set service-profile ssid-type 466
set service-profile tkip-mc-time 466 set service-profile static-cos 467 set service-profile transmit-rates 468 set service-profile use-client-dscp 470 set service-profile user-idle-timeout 471 set service-profile web-portal-acl 472 set service-profile web-portal-form 473 set service-profile web-portal-logout logout-url 475 set service-profile web-portal-logout mode 476 set service-profile web-portal-session-timeout 477 set service-profile wep active-multicast-
index 478 set service-profile wep active-unicast-
index 479 set service-profile wep key-index 480 set service-profile wpa-ie 481
12 STP COMMANDS
STP Commands by Usage 483 clear spantree portcost 484 clear spantree portpri 485 clear spantree portvlancost 485 clear spantree portvlanpri 486 clear spantree statistics 487 display spantree 488 display spantree backbonefast 491 display spantree blockedports 492 display spantree portfast 493 display spantree portvlancost 494 display spantree statistics 494 display spantree uplinkfast 500 set spantree 501 set spantree backbonefast 502 set spantree fwddelay 503 set spantree hello 503 set spantree maxage 504 set spantree portcost 505 set spantree portfast 506
set spantree portpri 507 set spantree portvlancost 508 set spantree portvlanpri 509 set spantree priority 510 set spantree uplinkfast 510
13 IGMP SNOOPING COMMANDS
Commands by usage 513 clear igmp statistics 514 display igmp 514 display igmp mrouter 518 display igmp querier 519 display igmp receiver-table 521 display igmp statistics 523 set igmp 525 set igmp lmqi 526 set igmp mrouter 527 set igmp mrsol 528 set igmp mrsol mrsi 528 set igmp oqi 529 set igmp proxy-report 530 set igmp qi 531 set igmp qri 532 set igmp querier 533 set igmp receiver 533 set igmp rv 534
14 SECURITY ACL COMMANDS
Security ACL Commands by Usage 537 clear security acl 538 clear security acl map 539 commit security acl 541 display security acl 542 display security acl editbuffer 543 display security acl hits 544 display security acl info 545 display security acl map 546
display security acl resource-usage 547 rollback security acl 551 set security acl 552 set security acl map 557 set security acl hit-sample-rate 559
15 CRYPTOGRAPHY COMMANDS
Commands by Usage 562 crypto ca-certificate 562 crypto certificate 564 crypto generate key 565 crypto generate request 566 crypto generate self-signed 568 crypto otp 570 crypto pkcs12 572 display crypto ca-certificate 573 display crypto certificate 574 display crypto key domain 576 display crypto key ssh 576
16 RADIUS AND SERVER GROUP COMMANDS
Commands by Usage 577 clear radius 578 clear radius client system-ip 579 clear radius proxy client 580 clear radius proxy port 580 clear radius server 581 clear server group 581 set radius 582 set radius client system-ip 584 set radius proxy client 585 set radius proxy port 586 set radius server 587 set server group 589 set server group load-balance 590
17 802.1X MANAGEMENT COMMANDS
Commands by Usage 593 clear dot1x bonded-period 594 clear dot1x max-req 595 clear dot1x port-control 595 clear dot1x quiet-period 596 clear dot1x reauth-max 597 clear dot1x reauth-period 597 clear dot1x timeout auth-server 598 clear dot1x timeout supplicant 598 clear dot1x tx-period 599 display dot1x 599 set dot1x authcontrol 602 set dot1x bonded-period 603 set dot1x key-tx 604 set dot1x max-req 605 set dot1x port-control 606 set dot1x quiet-period 607 set dot1x reauth 607 set dot1x reauth-max 608 set dot1x reauth-period 609 set dot1x timeout auth-server 609 set dot1x timeout supplicant 610 set dot1x tx-period 610 set dot1x wep-rekey 611 set dot1x wep-rekey-period 612
18 SESSION MANAGEMENT COMMANDS
Commands by Usage 613 clear sessions 613 clear sessions network 615 display sessions 616 display sessions mesh-ap 619 display sessions network 620
19 RF DETECTION COMMANDS
Commands by Usage 629 clear rfdetect attack-list 630 clear rfdetect black-list 631 clear rfdetect ignore 631 clear rfdetect ssid-list 632 clear rfdetect vendor-list 633 rfping 634 display rfdetect attack-list 635 display rfdetect black-list 636 display rfdetect clients 637 display rfdetect countermeasures 639 display rfdetect counters 640 display rfdetect data 642 display rfdetect ignore 644 display rfdetect mobility-domain 644 display rfdetect ssid-list 649 display rfdetect vendor-list 649 display rfdetect visible 650 set rfdetect active-scan 652 set rfdetect attack-list 653 set rfdetect black-list 654 set rf detect countermeasures 654 set rfdetect countermeasures mac 655 set rfdetect ignore 656 set rfdetect log 657 set rfdetect signature 658 set rfdetect signature key 659 set rfdetect ssid-list 659 set rfdetect vendor-list 660 test rflink 661
20 FILE MANAGEMENT COMMANDS
Commands by Usage 663 backup 664 clear boot backup-configuration 666 clear boot config 666
copy 667 delete 669 dir 670 install soda agent 673 display boot 674 display config 675 display version 677 load config 679 md5 681 mkdir 681 reset system 683 restore 684 rmdir 685 save config 685 set boot backup-configuration 686 set boot configuration-file 687 set boot partition 688 uninstall soda agent 688
21 TRACE COMMANDS
Commands by Usage 691 clear log trace 692 clear trace 692 display trace 693 save trace 694 set trace authentication 694 set trace authorization 695 set trace dot1x 696 set trace sm 697
22 SNOOP COMMANDS
Commands by Usage 699 clear snoop 700 clear snoop map 700 set snoop 701 set snoop map 704 set snoop mode 705
display snoop 706 display snoop info 706 display snoop map 707 display snoop stats 708
23 SYSTEM LOG COMMANDS
Commands by Usage 711 clear log 711 display log buffer 712 display log config 714 display log trace 715 set log 716 set log mark 719
24 BOOT PROMPT COMMANDS
Boot Prompt Commands by Usage 721 autoboot 722 boot 723 change 725 create 726 delete 727 dhcp 728 diag 729 dir 729 display 730 fver 732 help 733 ls 734 next 735 reset 736 test 737 version 738
A OBTAINING SUPPORT FOR YOUR 3COM PRODUCTS
Register Your Product to Gain Service Benefits 739 Solve Problems Online 739
Purchase Extended Warranty and Professional Services 740 Access Software Downloads 740 Contact Us 740
Telephone Technical Support and Repair 741
INDEX

Conventions 23

ABOUT THIS GUIDE

This command reference explains Mobility System Software (MSS™) command line interface (CLI) that you enter on a 3Com WXR100 or WX1200 Wireless Switch or WX4400 or WX2200 Wireless LAN Controller to configure and manage the Mobility System™ wireless LAN (WLAN).
Read this reference if you are a network administrator responsible for managing WXR100, WX1200, WX4400, or WX2200 wireless switches and their Managed Access Points (MAPs) in a network.
If release notes are shipped with your product and the information there differs from the information in this guide, follow the instructions in the release notes.
Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the 3Com World Wide Web site:
http://www.3com.com/
Conventions Table 1 and Table 2 list conventions that are used throughout this guide.
Tab le 1 Notice Icons
Icon Notice Type Description
Information note Information that describes important features or
instructions
Caution Information that alerts you to potential loss of data or
potential damage to an application, system, or device
24 ABOUT THIS GUIDE
This manual uses the following text and syntax conventions:
Tab le 2 Text Conventions
Convention Description
Monospace text Sets off command syntax or sample commands and system
responses.
Bold text Highlights commands that you enter or items you select. Italic text Designates command variables that you replace with
appropriate values, or highlights publication titles or words
requiring special emphasis. [ ] (square brackets) Enclose optional parameters in command syntax. { } (curly brackets) Enclose mandatory parameters in command syntax. | (vertical bar) Separates mutually exclusive options in command syntax. Keyboard key names If you must press two or more keys simultaneously, the key
names are linked with a plus sign (+). Example:
Press Ctrl+Alt+Del
Words in italics Italics are used to:
Emphasize a point.
Denote a new term at the place where it is defined in the
text.
Highlight an example string, such as a username or SSID.

Documentation The MSS documentation set includes the following documents.

Wireless Switch Manager (3WXM) Release Notes
These notes provide information about the 3WXM software release, including new features and bug fixes.
Wireless LAN Switch and Controller Release Notes
These notes provide information about the MSS software release, including new features and bug fixes.
Wireless LAN Switch and Controller Quick Start Guide
This guide provides instructions for performing basic setup of secure (802.1X) and guest (WebAAA Domain for roaming, and for accessing a sample network plan in 3WXM for advanced configuration and management.
) access, for configuring a Mobility
Documentation Comments 25
Wireless Switch Manager Reference Manual
This manual shows you how to plan, configure, deploy, and manage a Mobility System wireless LAN (WLAN) using the 3Com Wireless Switch Manager (3WXM).
Wireless Switch Manager User’s Guide
This manual shows you how to plan, configure, deploy, and manage the entire WLAN with the 3WXM tool suite. Read this guide to learn how to plan wireless services, how to configure and deploy 3Com equipment to provide those services, and how to optimize and manage your WLAN.
Wireless LAN Switch and Controller Hardware Installation Guide
This guide provides instructions and specifications for installing a WX wireless switch in a Mobility System WLAN.
Wireless LAN Switch and Controller Configuration Guide
This guide provides instructions for configuring and managing the system through the Mobility System Software (MSS) CLI.
Wireless LAN Switch and Controller Command Reference

Documentation Comments

This reference provides syntax information for all MSS commands supported on WX switches.
Your suggestions are very important to us. They will help make our documentation more useful to you. Please e-mail comments about this document to 3Com at:
pddtechpubs_comments@3com.com
Please include the following information when contacting us:
Document titleDocument part number and revision (on the title page)Page number (if appropriate)
Example:
Wireless LAN Switch and Controller Configuration GuidePart number 730-9502-0071, Revision BPage 25
26 ABOUT THIS GUIDE
Please note that we can only respond to comments and questions about 3Com product documentation at this e-mail address. Questions related to Technical Support or sales should be directed in the first instance to your network supplier.
USING THE COMMAND-LINE
1
INTERFACE
This chapter discusses the 3Com Wireless Switch Manager (3WXM) command-line interface (CLI). Described are:
CLI conventions (see “CLI Conventions” on page 28) Editing on the command line (see “Command-Line Editing” on
page 33)
Using the CLI help feature (see “Using CLI Help” on page 35) Information about the command descriptions in this reference (see
“Understanding Command Descriptions” on page 36)

Overview Mobility System Software (MSS) operates a 3Com Mobility System

wireless LAN (WLAN) consisting of 3Com Wireless Switch Manager (3WXM) software and 3Com Wireless LAN Switch or 3Com Wireless LAN Controller (WX switch) and 3Com Wireless LAN Managed Access Point (MAP) hardware. There is a command-line interface (CLI) on the WX switch that you can use to configure and manage the WX and its attached access points.
You configure the wireless LAN switches and access points primarily with set, clear, and display commands. Use set commands to change parameters. Use clear commands to reset parameters to their defaults. In many cases, you can overwrite a parameter with another set command. Use display commands to show the current configuration and monitor the status of network operations.
The wireless LAN switches support two connection modes:
Administrative access mode, which enables the network administrator
to connect to the WX switch and configure the network
Network access mode, which enables network users to connect
through the WX switch to access the network
28 CHAPTER 1: USING THE COMMAND-LINE INTERFACE

CLI Conventions Be aware of the following MSS CLI conventions for command entry:

“Command Prompts” on page 28 “Syntax Notation” on page 28 “Text Entry Conventions and Allowed Characters” on page 29 “User Globs, MAC Address Globs, and VLAN Globs” on page 30 “Port Lists” on page 32 “Virtual LAN Identification” on page 33

Command Prompts By default, the MSS CLI provides the following prompt for restricted

users. The mmmm portion shows the wireless LAN switch model number (for example, 1200).
WXmmmm>
After you become enabled as an administrative user by typing enable and supplying a suitable password, MSS displays the following prompt:
WXmmmm#
For information about changing the CLI prompt on a wireless LAN switch, see “set prompt” on page 59.

Syntax Notation The MSS CLI uses standard syntax notation:

Bold monospace font identifies the command and keywords you must
type. For example:
set enablepass
Italics indicate a placeholder for a value. For example, you replace
vlan-id in the following command with a virtual LAN (VLAN) ID:
clear interface vlan-id ip
Curly brackets ({}) indicate a mandatory parameter, and square
brackets ([]) indicate an optional parameter. For example, you must enter dynamic or port and a port list in the following command, but a VLAN ID is optional:
clear fdb {dynamic | port port-list} [vlan vlan-id]
CLI Conventions 29
A vertical bar (|) separates mutually exclusive options within a list of
possibilities. For example, you enter either enable or disable, not both, in the following command:
set port {enable | disable} port-list
Text Entry
Conventions and
Allowed Characters
MAC Address
Notation
Unless otherwise indicated, the MSS CLI accepts standard ASCII alphanumeric characters, except for tabs and spaces, and is case-insensitive.
The CLI has specific notation requirements for MAC addresses, IP addresses, and masks, and allows you to group usernames, MAC addresses, virtual LAN (VLAN) names, and ports in a single command.
3Com recommends that you do not use the same name with different capitalizations for VLANs or access control lists (ACLs). For example, do not configure two separate VLANs with the names red and RED.
The CLI does not support the use of special characters including the following in any named elements such as SSIDs and VLANs: ampersand (&), angle brackets (< >), number sign (#), question mark (?), or quotation marks (“”).
In addition, the CLI does not support the use of international characters such as the accented É in DÉCOR.
MSS displays MAC addresses in hexadecimal numbers with a colon (:) delimiter between bytes — for example, 00:01:02:1a:00:01. You can enter MAC addresses with either hyphen (-) or colon (:) delimiters, but colons are preferred.
For shortcuts:
You can exclude leading zeros when typing a MAC address. MSS
displays of MAC addresses include all leading zeros.
In some specified commands, you can use the single-asterisk (*)
wildcard character to represent from 1 byte to 5 bytes of a MAC address. (For more information, see “MAC Address Globs” on page 31.)
30 CHAPTER 1: USING THE COMMAND-LINE INTERFACE
IP Address and Mask
Notation
MSS displays IP addresses in dotted decimal notation — for example,
192.168.1.111. MSS makes use of both subnet masks and wildcard masks.
Subnet Masks
Unless otherwise noted, use classless interdomain routing (CIDR) format to express subnet masks — for example, 192.168.1.112/24. You indicate the subnet mask with a forward slash (/) and specify the number of bits in the mask.
Wildcard Masks
Security access control lists (ACLs) use source and destination IP addresses and wildcard masks to determine whether the wireless LAN switch filters or forwards IP packets. Matching packets are either permitted or denied network access. The ACL checks the bits in IP addresses that correspond to any 0s (zeros) in the mask, but does not check the bits that correspond to 1s (ones) in the mask. You specify the wildcard mask in dotted decimal notation.
For example, the address 10.0.0.0 and mask 0.255.255.255 match all IP addresses that begin with 10 in the first octet.
The ACL mask must be a contiguous set of zeroes starting from the first bit. For example, 0.255.255.255, 0.0.255.255, and 0.0.0.255 are valid ACL masks. However, 0.255.0.255 is not a valid ACL mask.
User Globs, MAC
Address Globs, and
VLAN Globs
Name “globbing” is a way of using a wildcard pattern to expand a single element into a list of elements that match the pattern. MSS accepts user globs, MAC address globs, and VLAN globs. The order in which globs appear in the configuration is important, because once a glob is matched, processing stops on the list of globs.
User Globs
A user glob is shorthand method for matching an authentication, authorization, and accounting (AAA) command to either a single user or a set of users.
A user glob can be up to 80 characters long and cannot contain spaces or tabs. The double-asterisk (**) wildcard characters with no delimiter characters match all usernames. The single-asterisk (*) wildcard character matches any number of characters up to, but not including, a delimiter character in the glob. Valid user glob delimiter characters are the at (@) sign and the period (.).
Loading...
+ 720 hidden pages