3Com WX2200 3CRWX220095A, WX1200 3CRWX120695A, WX4400 3CRWX440095A, WXR100 3CRWXR10095A User Manual

Wireless LAN Mobility System

Wireless LAN Switch and Controller
Command Reference

WX4400 3CRWX440095A
WX2200 3CRWX220095A
WX1200 3CRWX120695A
WXR100 3CRWXR10095A

http://www.3Com.com/

Part No. 10015910 Rev AB
Published December 2007

3Com Corporation
350 Campus Drive
Marlborough, MA USA
01752-3064

Copyright © 2007, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced
in any form or by any means or used to make any derivative work (such as translation, transformation, or
adaptation) without written permission from 3Com Corporation.

3Com Corporation reserves the right to revise this documentation and to make changes in content from time
to time without obligation on the part of 3Com Corporation to provide notification of such revision or change.

3Com Corporation provides this documentation without warranty, term, or condition of any kind, either
implied or expressed, including, but not limited to, the implied warranties, terms or conditions of
merchantability, satisfactory quality, and fitness for a particular purpose. 3Com may make improvements or
changes in the product(s) and/or the program(s) described in this documentation at any time.

If there is any software on removable media described in this documentation, it is furnished under a license
agreement included with the product as a separate document, in the hard copy documentation, or on the
removable media in a directory file named LICENSE.TXT or !LICENSE.TXT. If you are unable to locate a copy,
please contact 3Com and a copy will be provided to you.

UNITED STATES GOVERNMENT LEGEND

If you are a United States government agency, then this documentation and the software described herein are
provided to you subject to the following:

All technical data and computer software are commercial in nature and developed solely at private expense.
Software is delivered as “Commercial Computer Software” as defined in DFARS 252.227-7014 (June 1995) or
as a “commercial item” as defined in FAR 2.101(a) and as such is provided with only such rights as are
provided in 3Com’s standard commercial license for the Software. Technical data is provided with limited rights
only as provided in DFAR 252.227-7015 (Nov 1995) or FAR 52.227-14 (June 1987), whichever is applicable.
You agree not to remove or deface any portion of any legend provided on any licensed program or
documentation contained in, or delivered to you in conjunction with, this User Guide.

Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may
not be registered in other countries.

3Com is a registered trademark of 3Com Corporation. The 3Com logo is a trademark of 3Com Corporation.
Mobility Domain, Managed Access Point, Mobility Profile, Mobility System, Mobility System Software, MP,

MSS, and SentrySweep are trademarks of Trapeze Networks.
Intel and Pentium are registered trademarks of Intel Corporation. Microsoft, MS-DOS, Windows, Windows XP,

and Windows NT are registered trademarks of Microsoft Corporation.
All other company and product names may be trademarks of the respective companies with which they are

associated.

ENVIRONMENTAL STATEMENT

It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we
are committed to:

Establishing environmental performance standards that comply with national legislation and regulations.
Conserving energy, materials and natural resources in all operations.
Reducing the waste generated by all operations. Ensuring that all waste conforms to recognized environmental

standards. Maximizing the recyclable and reusable content of all products.
Ensuring that all products can be recycled, reused and disposed of safely.
Ensuring that all products are labelled according to recognized environmental standards.
Improving our environmental record on a continual basis.

End of Life Statement

3Com processes allow for the recovery, reclamation and safe disposal of all end-of-life electronic components.

Regulated Materials Statement

3Com products do not contain any hazardous or ozone-depleting material.

Environmental Statement about the Documentation

The documentation for this product is printed on paper that comes from sustainable, managed forests; it is
fully biodegradable and recyclable, and is completely chlorine-free. The varnish is environmentally-friendly, and
the inks are vegetable-based with a low heavy-metal content.

CONTENTS

ABOUT THIS GUIDE

Conventions 23
Documentation 24
Documentation Comments 25

1 USING THE COMMAND-LINE INTERFACE

Overview 27
CLI Conventions 28

Command Prompts 28
Syntax Notation 28
Text Entry Conventions and Allowed Characters 29
MAC Address Notation 29
IP Address and Mask Notation 30
User Globs, MAC Address Globs, and VLAN Globs 30
Port Lists 32
Virtual LAN Identification 33

Command-Line Editing 33

Keyboard Shortcuts 33
History Buffer 34
Tabs 34
Single-Asterisk (*) Wildcard Character 34

Double-Asterisk (**) Wildcard Characters 34
Using CLI Help 35
Understanding Command Descriptions 36

2 ACCESS COMMANDS

Commands by Usage 37
disable 37
enable 38
quit 38
set enablepass 39

3 SYSTEM SERVICE COMMANDS

Commands by Usage 41
clear banner motd 42
clear history 43
clear prompt 43
clear system 44
display banner motd 45
display base-information 45
display license 46
display load 47
display system 47
help 50
history 51
quickstart 52
set auto-config 52
set banner acknowledge 54
set banner motd 56
set confirm 57
set length 57
set license 58
set prompt 59
set system contact 60
set system countrycode 61
set system idle-timeout 65
set system ip-address 66
set system location 67
set system name 68

4 PORT COMMANDS

Commands by Usage 69
clear ap 70
clear port counters 71
clear port-group 71
clear port media-type 72
clear port name 72
clear port mirror 73
clear port preference 73

clear port type 74
display port counters 75
display port-group 76
display port mirror 77
display port poe 78
display port status 79
display port media-type 81
monitor port counters 82
reset port 87
set ap 87
set port 89
set port-group 90
set port media-type 91
set port mirror 92
set port name 93
set port negotiation 93
set port poe 94
set port speed 95
set port trap 96
set port type ap 97
set port type wired-auth 100

5 VLAN COMMANDS

Commands by usage 103
clear fdb 104
clear security 12-restrict 105
clear security 12-restrict counters 106
clear vlan 107
clear vlan-profile 108
display fdb 109
display fdb agingtime 111
display fdb count 112
display roaming station 113
display roaming vlan 115
display security 12-restrict 116
display tunnel 117
display vlan config 118

display vlan-profile 120
set fdb 121
set fdb agingtime 122
set security l2-restrict 123
set vlan name 124
set vlan port 125
set vlan tunnel-affinity 126
set vlan profile 127

6 QUALITY OF SERVICE COMMANDS

Commands by Usage 129
clear qos 129
set qos cos-to-dscp-map 131
set qos dscp-to-cos-map 132
display qos 133
display qos dscp-table 134

7 IP SERVICES COMMANDS

Commands by Usage 135
clear interface 137
clear ip alias 138
clear ip dns domain 139
clear ip dns server 139
clear ip route 140
clear ip telnet 141
clear ntp server 141
clear ntp update-interval 142
clear snmp community 143
clear snmp notify profile 143
clear snmp notify target 144
clear snmp usm 144
clear summertime 145
clear system ip-address 146
clear timezone 146
display arp 147
display dhcp-client 148
display dhcp-server 150

display interface 152
display ip alias 153
display ip dns 154
display ip https 155
display ip route 156
display ip telnet 158
display ntp 159
display snmp community 161
display snmp counters 162
display snmp notify profile 162
display snmp notify target 162
display snmp status 163
display snmp usm 164
display summertime 164
display timedate 165
display timezone 165
ping 166
set arp 168
set arp agingtime 169
set interface 170
set interface dhcp-client 171
set interface dhcp-server 172
set interface status 173
set ip alias 174
set ip dns 175
set ip dns domain 175
set ip dns server 176
set ip https server 177
set ip route 178
set ip snmp server 180
set ip ssh 180
set ip ssh server 181
set ip telnet 181
set ip telnet server 182
set ntp 183
set ntp server 184
set ntp update-interval 185
set snmp community 185

set snmp notify profile 187
set snmp notify target 192

SNMPv3 with Informs 192
SNMPv3 with Traps 193
SNMPv2c with Informs 194
SNMPv2c with Traps 195

SNMPv1 with Traps 195
set snmp protocol 197
set snmp security 198
set snmp usm 199
set summertime 202
set system ip-address 203
set timedate 204
set timezone 205
telnet 206
traceroute 207

8 AAA COMMANDS

Commands by Usage 211
clear accounting 213
clear authentication admin 214
clear authentication console 215
clear authentication dot1x 216
clear authentication mac 217
clear authentication proxy 218
clear authentication web 218
clear location policy 219
clear mac-user 220
clear mac-user attr 221
clear mac-user group 221
clear mac-usergroup 222
clear mac-usergroup attr 223
clear mobility-profile 224
clear user 224
clear user attr 225
clear user group 226
clear user lockout 226

clear usergroup 227
clear usergroup attr 228
display aaa 229
display accounting statistics 232
display location policy 234
display mobility-profile 235
set accounting {admin | console} 235
set accounting {dot1x | mac | web | last-resort} 237
set authentication admin 239
set authentication console 241
set authentication dot1x 243
set authentication mac 247
set authentication max-attempts 249
set authentication max-attempts 250
set authentication minimum-password-length 251
set authentication password-restrict 252
set authentication proxy 253
set authentication web 254
set location policy 256
set mac-user 260
set mac-user attr 261
set mac-usergroup attr 267
set mobility-profile 269
set mobility-profile mode 271
set user 271
set user attr 273
set user expire-password-in 274
set user group 275
set usergroup 275
set usergroup expire-password-in 277
set web-portal 278

9 MOBILITY DOMAIN COMMANDS

Commands by Usage 279
clear mobility-domain 280
clear mobility-domain member 280
display mobility-domain 281

display mobility-domain config 282
display mobility-domain status 283
set mobility-domain member 284
set mobility-domain mode member secondary seed-ip 285
set mobility-domain mode member seed-ip 286
set mobility-domain mode secondary-seed domain-name 287
set mobility-domain mode seed domain-name 288
set domain security 289

10 NETWORK DOMAIN COMMANDS

Network Domain Commands by Usage 291
clear network-domain 292
clear network-domain mode 293
clear network-domain peer 294
clear network-domain seed-ip 295
display network-domain 296
set network-domain mode member seed-ip 298
set network-domain peer 299
set network-domain mode seed domain-name 300

11 MANAGED ACCESS POINT COMMANDS

MAP Access Point Commands by Usage 301
clear ap local-switching vlan-profile 307
clear ap radio 308
clear ap boot-configuration 310
clear ap radio load-balancing group 311
clear radio-profile 312
clear service-profile 313
display ap arp 314
display ap config 316
display ap counters 319
display ap fdb 325
display ap qos-stats 326
display ap etherstats 327
display ap group 329
display ap mesh-links 329
display ap status 331

display ap vlan 337
display auto-tune attributes 338
display auto-tune neighbors 340
display ap boot-configuration 342
display ap connection 343
display ap global 345
display ap unconfigured 347
display load-balancing group 348
display radio-profile 350
display service-profile 353
reset ap 362
set ap auto 362
set ap auto persistent 364
set ap auto radiotype 365
set ap auto mode 366
set ap bias 367
set ap blink 368
set ap boot- configuration ip 369
set ap boot- configuration mesh mode 370
set ap boot-configuration mesh psk-phrase 371
set ap boot-configuration mesh psk-raw 372
set ap boot-configuration mesh ssid 373
set ap boot- configuration switch 374
set ap boot-configuration vlan 375
set ap contact 376
set ap fingerprint 376
set ap force-image-

download 378
set ap group 379
set ap location 379
set ap local-switching mode 379
set ap local-switching vlan-profile 380
set ap name 381
set ap radio antenna-location 382
set ap radio antennatype 383
set ap radio auto-tune max-power 384
set ap radio auto-tune max-

retransmissions 385

set ap radio channel 387
set ap radio link-calibration 388
set ap radio load balancing 389
set ap radio load balancing group 390
set ap radio mode 391
set ap radio radio-profile 392
set ap radio tx-power 393
set ap security 395
set ap upgrade-firmware 396
set band-preference 397
set load-balancing mode 398
set load-balancing strictness 399
set radio-profile 11g-only 400
set radio-profile active-scan 400
set radio-profile auto-tune 11a-channel-range 401
set radio-profile auto-tune channel-config 402
set radio-profile auto-tune channel-holddown 403
set radio-profile auto-tune channel-interval 404
set radio-profile auto-tune channel-lockdown 405
set radio-profile auto-tune power-config 406
set radio-profile auto-tune power-interval 407
set radio-profile auto-tune power-lockdown 408
set radio-profile auto-tune power-ramp-interval 409
set radio-profile beacon-interval 409
set radio-profile countermeasures 410
set radio-profile dtim-interval 412
set radio-profile frag-threshold 413
set radio-profile long-retry 414
set radio-profile max-rx-lifetime 414
set radio-profile max-tx-lifetime 415
set radio-profile mode 416
set radio-profile preamble-length 419
set radio-profile qos-mode 420
set radio-profile rfid-mode 421
set radio-profile rate-enforcement 421
set radio-profile rts-threshold 423
set radio-profile service-profile 424
set radio-profile short-retry 430

set radio-profile wmm 430
set radio-profile wmm-powersave 430
set service-profile attr 431
set service-profile auth-dot1x 433
set service-profile auth-fallthru 434
set service-profile auth-psk 435
set service-profile beacon 436
set service-profile bridging 437
set service-profile cac-mode 438
set service-profile cac-session 439
set service-profile cipher-ccmp 440
set service-profile cipher-tkip 441
set service-profile cipher-wep104 442
set service-profile cipher-wep40 443
set service-profile cos 444
set service-profile dhcp-restrict 445
set service-profile idle-client-probing 446
set service-profile keep-initial-vlan 447
set service-profile load-balancing-

exempt 448
set service-profile long-retry-count 449
set service-profile mesh 450
set service-profile no-broadcast 451
set service-profile proxy-arp 452
set service-profile psk-phrase 453
set service-profile psk-raw 454
set service-profile rsn-ie 455
set service-profile shared-key-auth 456
set service-profile short-retry-count 456
set service-profile soda agent-directory 457
set service-profile soda enforce-checks 458
set service-profile soda failure-page 459
set service-profile soda logout-page 460
set service-profile soda mode 462
set service-profile soda remediation-acl 463
set service-profile soda success-page 464
set service-profile ssid-name 465
set service-profile ssid-type 466

set service-profile tkip-mc-time 466
set service-profile static-cos 467
set service-profile transmit-rates 468
set service-profile use-client-dscp 470
set service-profile user-idle-timeout 471
set service-profile web-portal-acl 472
set service-profile web-portal-form 473
set service-profile web-portal-logout logout-url 475
set service-profile web-portal-logout mode 476
set service-profile web-portal-session-timeout 477
set service-profile wep active-multicast-

index 478
set service-profile wep active-unicast-

index 479
set service-profile wep key-index 480
set service-profile wpa-ie 481

12 STP COMMANDS

STP Commands by Usage 483
clear spantree portcost 484
clear spantree portpri 485
clear spantree portvlancost 485
clear spantree portvlanpri 486
clear spantree statistics 487
display spantree 488
display spantree backbonefast 491
display spantree blockedports 492
display spantree portfast 493
display spantree portvlancost 494
display spantree statistics 494
display spantree uplinkfast 500
set spantree 501
set spantree backbonefast 502
set spantree fwddelay 503
set spantree hello 503
set spantree maxage 504
set spantree portcost 505
set spantree portfast 506

set spantree portpri 507
set spantree portvlancost 508
set spantree portvlanpri 509
set spantree priority 510
set spantree uplinkfast 510

13 IGMP SNOOPING COMMANDS

Commands by usage 513
clear igmp statistics 514
display igmp 514
display igmp mrouter 518
display igmp querier 519
display igmp receiver-table 521
display igmp statistics 523
set igmp 525
set igmp lmqi 526
set igmp mrouter 527
set igmp mrsol 528
set igmp mrsol mrsi 528
set igmp oqi 529
set igmp proxy-report 530
set igmp qi 531
set igmp qri 532
set igmp querier 533
set igmp receiver 533
set igmp rv 534

14 SECURITY ACL COMMANDS

Security ACL Commands by Usage 537
clear security acl 538
clear security acl map 539
commit security acl 541
display security acl 542
display security acl editbuffer 543
display security acl hits 544
display security acl info 545
display security acl map 546

display security acl resource-usage 547
rollback security acl 551
set security acl 552
set security acl map 557
set security acl hit-sample-rate 559

15 CRYPTOGRAPHY COMMANDS

Commands by Usage 562
crypto ca-certificate 562
crypto certificate 564
crypto generate key 565
crypto generate request 566
crypto generate self-signed 568
crypto otp 570
crypto pkcs12 572
display crypto ca-certificate 573
display crypto certificate 574
display crypto key domain 576
display crypto key ssh 576

16 RADIUS AND SERVER GROUP COMMANDS

Commands by Usage 577
clear radius 578
clear radius client system-ip 579
clear radius proxy client 580
clear radius proxy port 580
clear radius server 581
clear server group 581
set radius 582
set radius client system-ip 584
set radius proxy client 585
set radius proxy port 586
set radius server 587
set server group 589
set server group load-balance 590

17 802.1X MANAGEMENT COMMANDS

Commands by Usage 593
clear dot1x bonded-period 594
clear dot1x max-req 595
clear dot1x port-control 595
clear dot1x quiet-period 596
clear dot1x reauth-max 597
clear dot1x reauth-period 597
clear dot1x timeout auth-server 598
clear dot1x timeout supplicant 598
clear dot1x tx-period 599
display dot1x 599
set dot1x authcontrol 602
set dot1x bonded-period 603
set dot1x key-tx 604
set dot1x max-req 605
set dot1x port-control 606
set dot1x quiet-period 607
set dot1x reauth 607
set dot1x reauth-max 608
set dot1x reauth-period 609
set dot1x timeout auth-server 609
set dot1x timeout supplicant 610
set dot1x tx-period 610
set dot1x wep-rekey 611
set dot1x wep-rekey-period 612

18 SESSION MANAGEMENT COMMANDS

Commands by Usage 613
clear sessions 613
clear sessions network 615
display sessions 616
display sessions mesh-ap 619
display sessions network 620

19 RF DETECTION COMMANDS

Commands by Usage 629
clear rfdetect attack-list 630
clear rfdetect black-list 631
clear rfdetect ignore 631
clear rfdetect ssid-list 632
clear rfdetect vendor-list 633
rfping 634
display rfdetect attack-list 635
display rfdetect black-list 636
display rfdetect clients 637
display rfdetect countermeasures 639
display rfdetect counters 640
display rfdetect data 642
display rfdetect ignore 644
display rfdetect mobility-domain 644
display rfdetect ssid-list 649
display rfdetect vendor-list 649
display rfdetect visible 650
set rfdetect active-scan 652
set rfdetect attack-list 653
set rfdetect black-list 654
set rf detect countermeasures 654
set rfdetect countermeasures mac 655
set rfdetect ignore 656
set rfdetect log 657
set rfdetect signature 658
set rfdetect signature key 659
set rfdetect ssid-list 659
set rfdetect vendor-list 660
test rflink 661

20 FILE MANAGEMENT COMMANDS

Commands by Usage 663
backup 664
clear boot backup-configuration 666
clear boot config 666

copy 667
delete 669
dir 670
install soda agent 673
display boot 674
display config 675
display version 677
load config 679
md5 681
mkdir 681
reset system 683
restore 684
rmdir 685
save config 685
set boot backup-configuration 686
set boot configuration-file 687
set boot partition 688
uninstall soda agent 688

21 TRACE COMMANDS

Commands by Usage 691
clear log trace 692
clear trace 692
display trace 693
save trace 694
set trace authentication 694
set trace authorization 695
set trace dot1x 696
set trace sm 697

22 SNOOP COMMANDS

Commands by Usage 699
clear snoop 700
clear snoop map 700
set snoop 701
set snoop map 704
set snoop mode 705

display snoop 706
display snoop info 706
display snoop map 707
display snoop stats 708

23 SYSTEM LOG COMMANDS

Commands by Usage 711
clear log 711
display log buffer 712
display log config 714
display log trace 715
set log 716
set log mark 719

24 BOOT PROMPT COMMANDS

Boot Prompt Commands by Usage 721
autoboot 722
boot 723
change 725
create 726
delete 727
dhcp 728
diag 729
dir 729
display 730
fver 732
help 733
ls 734
next 735
reset 736
test 737
version 738

A OBTAINING SUPPORT FOR YOUR 3COM PRODUCTS

Register Your Product to Gain Service Benefits 739
Solve Problems Online 739

Purchase Extended Warranty and Professional Services 740
Access Software Downloads 740
Contact Us 740

Telephone Technical Support and Repair 741

INDEX

Conventions 23

ABOUT THIS GUIDE

This command reference explains Mobility System Software (MSS™)
command line interface (CLI) that you enter on a 3Com WXR100 or
WX1200 Wireless Switch or WX4400 or WX2200 Wireless LAN
Controller to configure and manage the Mobility System™ wireless LAN
(WLAN).

Read this reference if you are a network administrator responsible for
managing WXR100, WX1200, WX4400, or WX2200 wireless switches
and their Managed Access Points (MAPs) in a network.

If release notes are shipped with your product and the information there
differs from the information in this guide, follow the instructions in the
release notes.

Most user guides and release notes are available in Adobe Acrobat
Reader Portable Document Format (PDF) or HTML on the 3Com
World Wide Web site:

http://www.3com.com/

Conventions Table 1 and Table 2 list conventions that are used throughout this guide.

Tab le 1 Notice Icons

Icon Notice Type Description

Information note Information that describes important features or

instructions

Caution Information that alerts you to potential loss of data or

potential damage to an application, system, or device

24 ABOUT THIS GUIDE

This manual uses the following text and syntax conventions:

Tab le 2 Text Conventions

Convention Description

Monospace text Sets off command syntax or sample commands and system

responses.

Bold text Highlights commands that you enter or items you select.
Italic text Designates command variables that you replace with

appropriate values, or highlights publication titles or words

requiring special emphasis.
[ ] (square brackets) Enclose optional parameters in command syntax.
{ } (curly brackets) Enclose mandatory parameters in command syntax.
| (vertical bar) Separates mutually exclusive options in command syntax.
Keyboard key names If you must press two or more keys simultaneously, the key

names are linked with a plus sign (+). Example:

Press Ctrl+Alt+Del

Words in italics Italics are used to:

 Emphasize a point.

 Denote a new term at the place where it is defined in the

text.

 Highlight an example string, such as a username or SSID.

Documentation The MSS documentation set includes the following documents.

 Wireless Switch Manager (3WXM) Release Notes

These notes provide information about the 3WXM software release,
including new features and bug fixes.

 Wireless LAN Switch and Controller Release Notes

These notes provide information about the MSS software release,
including new features and bug fixes.

 Wireless LAN Switch and Controller Quick Start Guide

This guide provides instructions for performing basic setup of secure
(802.1X) and guest (WebAAA
Domain for roaming, and for accessing a sample network plan in
3WXM for advanced configuration and management.

™) access, for configuring a Mobility

Documentation Comments 25

 Wireless Switch Manager Reference Manual

This manual shows you how to plan, configure, deploy, and manage a
Mobility System wireless LAN (WLAN) using the 3Com Wireless Switch
Manager (3WXM).

 Wireless Switch Manager User’s Guide

This manual shows you how to plan, configure, deploy, and manage the
entire WLAN with the 3WXM tool suite. Read this guide to learn how to
plan wireless services, how to configure and deploy 3Com equipment to
provide those services, and how to optimize and manage your WLAN.

 Wireless LAN Switch and Controller Hardware Installation Guide

This guide provides instructions and specifications for installing a WX
wireless switch in a Mobility System WLAN.

 Wireless LAN Switch and Controller Configuration Guide

This guide provides instructions for configuring and managing the
system through the Mobility System Software (MSS) CLI.

 Wireless LAN Switch and Controller Command Reference

Documentation Comments

This reference provides syntax information for all MSS commands
supported on WX switches.

Your suggestions are very important to us. They will help make our
documentation more useful to you. Please e-mail comments about this
document to 3Com at:

pddtechpubs_comments@3com.com

Please include the following information when contacting us:

 Document title
 Document part number and revision (on the title page)
 Page number (if appropriate)

Example:

 Wireless LAN Switch and Controller Configuration Guide
 Part number 730-9502-0071, Revision B
 Page 25

26 ABOUT THIS GUIDE

Please note that we can only respond to comments and questions about
3Com product documentation at this e-mail address. Questions related to
Technical Support or sales should be directed in the first instance to your
network supplier.

USING THE COMMAND-LINE

1

INTERFACE

This chapter discusses the 3Com Wireless Switch Manager (3WXM)
command-line interface (CLI). Described are:

 CLI conventions (see “CLI Conventions” on page 28)
 Editing on the command line (see “Command-Line Editing” on

page 33)

 Using the CLI help feature (see “Using CLI Help” on page 35)
 Information about the command descriptions in this reference (see

“Understanding Command Descriptions” on page 36)

Overview Mobility System Software (MSS) operates a 3Com Mobility System

wireless LAN (WLAN) consisting of 3Com Wireless Switch Manager
(3WXM) software and 3Com Wireless LAN Switch or 3Com Wireless LAN
Controller (WX switch) and 3Com Wireless LAN Managed Access Point
(MAP) hardware. There is a command-line interface (CLI) on the WX
switch that you can use to configure and manage the WX and its
attached access points.

You configure the wireless LAN switches and access points primarily with
set, clear, and display commands. Use set commands to change
parameters. Use clear commands to reset parameters to their defaults. In
many cases, you can overwrite a parameter with another set command.
Use display commands to show the current configuration and monitor
the status of network operations.

The wireless LAN switches support two connection modes:

 Administrative access mode, which enables the network administrator

to connect to the WX switch and configure the network

 Network access mode, which enables network users to connect

through the WX switch to access the network

28 CHAPTER 1: USING THE COMMAND-LINE INTERFACE

CLI Conventions Be aware of the following MSS CLI conventions for command entry:

 “Command Prompts” on page 28
 “Syntax Notation” on page 28
 “Text Entry Conventions and Allowed Characters” on page 29
 “User Globs, MAC Address Globs, and VLAN Globs” on page 30
 “Port Lists” on page 32
 “Virtual LAN Identification” on page 33

Command Prompts By default, the MSS CLI provides the following prompt for restricted

users. The mmmm portion shows the wireless LAN switch model number
(for example, 1200).

WXmmmm>

After you become enabled as an administrative user by typing enable
and supplying a suitable password, MSS displays the following prompt:

WXmmmm#

For information about changing the CLI prompt on a wireless LAN switch,
see “set prompt” on page 59.

Syntax Notation The MSS CLI uses standard syntax notation:

 Bold monospace font identifies the command and keywords you must

type. For example:

set enablepass

 Italics indicate a placeholder for a value. For example, you replace

vlan-id in the following command with a virtual LAN (VLAN) ID:

clear interface vlan-id ip

 Curly brackets ({}) indicate a mandatory parameter, and square

brackets ([]) indicate an optional parameter. For example, you must
enter dynamic or port and a port list in the following command, but
a VLAN ID is optional:

clear fdb {dynamic | port port-list} [vlan vlan-id]

CLI Conventions 29

 A vertical bar (|) separates mutually exclusive options within a list of

possibilities. For example, you enter either enable or disable, not
both, in the following command:

set port {enable | disable} port-list

Text Entry

Conventions and

Allowed Characters

MAC Address

Notation

Unless otherwise indicated, the MSS CLI accepts standard ASCII
alphanumeric characters, except for tabs and spaces, and is
case-insensitive.

The CLI has specific notation requirements for MAC addresses, IP
addresses, and masks, and allows you to group usernames, MAC
addresses, virtual LAN (VLAN) names, and ports in a single command.

3Com recommends that you do not use the same name with different
capitalizations for VLANs or access control lists (ACLs). For example, do
not configure two separate VLANs with the names red and RED.

The CLI does not support the use of special characters including the
following in any named elements such as SSIDs and VLANs: ampersand
(&), angle brackets (< >), number sign (#), question mark (?), or quotation
marks (“”).

In addition, the CLI does not support the use of international characters
such as the accented É in DÉCOR.

MSS displays MAC addresses in hexadecimal numbers with a colon (:)
delimiter between bytes — for example, 00:01:02:1a:00:01. You can
enter MAC addresses with either hyphen (-) or colon (:) delimiters, but
colons are preferred.

For shortcuts:

 You can exclude leading zeros when typing a MAC address. MSS

displays of MAC addresses include all leading zeros.

 In some specified commands, you can use the single-asterisk (*)

wildcard character to represent from 1 byte to 5 bytes of a MAC
address. (For more information, see “MAC Address Globs” on
page 31.)

30 CHAPTER 1: USING THE COMMAND-LINE INTERFACE

IP Address and Mask

Notation

MSS displays IP addresses in dotted decimal notation — for example,

192.168.1.111. MSS makes use of both subnet masks and wildcard
masks.

Subnet Masks

Unless otherwise noted, use classless interdomain routing (CIDR) format
to express subnet masks — for example, 192.168.1.112/24. You indicate
the subnet mask with a forward slash (/) and specify the number of bits in
the mask.

Wildcard Masks

Security access control lists (ACLs) use source and destination IP addresses and
wildcard masks to determine whether the wireless LAN switch filters or
forwards IP packets. Matching packets are either permitted or denied network
access. The ACL checks the bits in IP addresses that correspond to any 0s
(zeros) in the mask, but does not check the bits that correspond to 1s (ones) in
the mask. You specify the wildcard mask in dotted decimal notation.

For example, the address 10.0.0.0 and mask 0.255.255.255 match all IP
addresses that begin with 10 in the first octet.

The ACL mask must be a contiguous set of zeroes starting from the first
bit. For example, 0.255.255.255, 0.0.255.255, and 0.0.0.255 are valid
ACL masks. However, 0.255.0.255 is not a valid ACL mask.

User Globs, MAC

Address Globs, and

VLAN Globs

Name “globbing” is a way of using a wildcard pattern to expand a single
element into a list of elements that match the pattern. MSS accepts user
globs, MAC address globs, and VLAN globs. The order in which globs
appear in the configuration is important, because once a glob is matched,
processing stops on the list of globs.

User Globs

A user glob is shorthand method for matching an authentication,
authorization, and accounting (AAA) command to either a single user or
a set of users.

A user glob can be up to 80 characters long and cannot contain spaces or
tabs. The double-asterisk (**) wildcard characters with no delimiter
characters match all usernames. The single-asterisk (*) wildcard character
matches any number of characters up to, but not including, a delimiter
character in the glob. Valid user glob delimiter characters are the at (@)
sign and the period (.).