Cisco IOS XE Release 3SE, Catalyst 3650 Series Configuration Manual

Lightweight Access Point Configuration Guide, Cisco IOS XE Release
3SE (Catalyst 3650 Switches)

First Published: October 10, 2013

Americas Headquarters

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883

Text Part Number: OL-28697-01

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH
THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY,
CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version
of the UNIX operating system. All rights reserved. Copyright©1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWAREOF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS.
CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT
LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS
HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network
topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional
and coincidental.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http://

www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership

relationship between Cisco and any other company. (1110R)

©

2013 Cisco Systems, Inc. All rights reserved.

CONTENTS

Preface

CHAPTER 1

Preface ix

Document Conventions ix

Related Documentation xi

Obtaining Documentation and Submitting a Service Request xi

Using the Command-Line Interface 1

Information About Using the Command-Line Interface 1

Command Modes 1

Using the Help System 3

Understanding Abbreviated Commands 4

No and Default Forms of Commands 4

CLI Error Messages 4

Configuration Logging 5

How to Use the CLI to Configure Features 5

Configuring the Command History 5

Changing the Command History Buffer Size 6

Recalling Commands 6

Disabling the Command History Feature 7

Enabling and Disabling Editing Features 7

Editing Commands Through Keystrokes 8

Editing Command Lines That Wrap 9

Searching and Filtering Output of show and more Commands 10

Accessing the CLI Through a Console Connection or Through Telnet 11

CHAPTER 2

Using the Web Graphical User Interface 13

Prerequisites for Using the Web GUI 13

Information About Using The Web GUI 13

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 iii

Contents

Web GUI Features 13

Connecting the Console Port of the Switch 15

Logging On to the Web GUI 15

Enabling Web and Secure Web Modes 15

Configuring the Switch Web GUI 16

CHAPTER 3

Configuring the Switch for Access Point Discovery 19

Finding Feature Information 19

Prerequisites for Configuring the Switch for Access Point Discovery 19

Restrictions for Configuring the Switch for Access Point Discovery 20

Information About Configuring the Switch for Access Point Discovery 20

Access Point Communication Protocols 20

Viewing Access Point Join Information 21

Troubleshooting the Access Point Join Process 21

How to Configure Access Point Discovery 22

Configuring the Syslog Server for Access Points (CLI) 22

Monitoring Access Point Join Information (CLI) 23

Searching for Access Point Radios (GUI) 24

Monitoring the Interface Details (GUI) 24

Configuration Examples for Configuring the Switch for Access Point Discovery 25

Displaying the MAC Addresses of all Access Points: Example 25

DHCP Option 43 for Lightweight Cisco Aironet Access Points Configuration Example 26

CHAPTER 4

Configuring Data Encryption 27

Finding Feature Information 27

Prerequisites for Configuring Data Encryption 27

Restrictions for Configuring Data Encryption 27

Information About Data Encryption 28

How to Configure Data Encryption 28

Configuring Data Encryption (CLI) 28

Configuring Data Encryption (GUI) 29

Configuration Examples for Configuring Data Encryption 29

Displaying Data Encryption States for all Access Points: Examples 29

CHAPTER 5

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

iv OL-28697-01

Configuring Retransmission Interval and Retry Count 31

Contents

Finding Feature Information 31

Prerequisites for Configuring the Access Point Retransmission Interval and Retry Count 31

Information About Retransmission Interval and Retry Count 31

How to Configure Access Point Retransmission Interval and Retry Count 32

Configuring the Access Point Retransmission Interval and Retry Count (CLI) 32

Configuring the Access Point Retransmission Interval and Retry Count (GUI) 33

Viewing CAPWAP Maximum Transmission Unit Information (CLI) 34

Viewing CAPWAP Maximum Transmission Unit Information (GUI) 34

Configuration Examples for Configuring Access Point Retransmission Interval and Retry

Count 35

Viewing the CAPWAP Retransmission Details: Example 35

Viewing Maximum Transmission Unit Information: Example 35

CHAPTER 6

CHAPTER 7

Configuring Adaptive Wireless Intrusion Prevention System 37

Finding Feature Information 37

Prerequisites for Configuring wIPS 37

How to Configure wIPS on Access Points 38

Configuring wIPS on an Access Point (CLI) 38

Configuring wIPS on an Access Point (GUI) 39

Monitoring wIPS Information 40

Configuration Examples for Configuring wIPS on Access Points 41

Displaying the Monitor Configuration Channel Set: Example 41

Displaying wIPS Information: Examples 41

Configuring Authentication for Access Points 43

Finding Feature Information 43

Prerequisites for Configuring Authentication for Access Points 43

Restrictions for Configuring Authentication for Access Points 44

Information about Configuring Authentication for Access Points 44

How to Configure Authentication for Access Points 44

Configuring Global Credentials for Access Points (CLI) 44

Configuring Global Credentials for Access Points (GUI) 46

Configuring Authentication for Access Points (CLI) 47

Configuring Authentication for Access Points (GUI) 49

Configuring the Switch for Authentication (CLI) 50

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 v

Contents

Configuration Examples for Configuring Authentication for Access Points 51

Displaying the Authentication Settings for Access Points: Examples 51

CHAPTER 8

Converting Autonomous Access Points to Lightweight Mode 53

Finding Feature Information 53

Prerequisites for Converting Autonomous Access Points to Lightweight Mode 53

Information About Autonomous Access Points Converted to Lightweight Mode 54

Reverting from Lightweight Mode to Autonomous Mode 54

Using DHCP Option 43 and DHCP Option 60 54

How Converted Access Points Send Crash Information to the Switch 55

Uploading Memory Core Dumps from Converted Access Points 55

Displaying MAC Addresses for Converted Access Points 55

Configuring a Static IP Address for a Lightweight Access Point 55

How to Convert a Lightweight Access Point Back to an Autonomous Access Point 56

Converting a Lightweight Access Point Back to an Autonomous Access Point (CLI) 56

Converting a Lightweight Access Point Back to an Autonomous Access Point (Using the

Mode Button and a TFTP Server) 56

Authorizing Access Points (CLI) 57

Authorizing Access Points (GUI) 58

CHAPTER 9

Disabling the Reset Button on Converted Access Points (CLI) 59

Monitoring the AP Crash Log Information 60

How to Configure a Static IP Address on an Access Point 61

Configuring a Static IP Address on an Access Point (CLI) 61

Configuring a Static IP Address on an Access Point (GUI) 62

Recovering the Access Point Using the TFTP Recovery Procedure 63

Configuration Examples for Converting Autonomous Access Points to Lightweight Mode 63

Displaying the IP Address Configuration for Access Points: Example 63

Displaying Access Point Crash File Information: Example 64

Using Cisco Workgroup Bridges 65

Finding Feature Information 65

Information About Cisco Workgroup Bridges and non-Cisco Workgroup bridges 65

Monitoring the Status of Workgroup Bridges 66

Debugging WGB Issues (CLI) 66

Configuration Examples for Configuring Workgroup Bridges 68

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

vi OL-28697-01

Contents

WGB Configuration: Example 68

CHAPTER 10

CHAPTER 11

CHAPTER 12

Configuring Probe Request Forwarding 69

Finding Feature Information 69

Information About Configuring Probe Request Forwarding 69

How to Configure Probe Request Forwarding (CLI) 69

Optimizing RFID Tracking 71

Finding Feature Information 71

Optimizing RFID Tracking on Access Points 71

How to Optimize RFID Tracking on Access Points 71

Optimizing RFID Tracking on Access Points (CLI) 71

Configuration Examples for Optimizing RFID Tracking 72

Displaying all the Access Points in Monitor Mode: Example 72

Configuring Country Codes 75

Finding Feature Information 75

Prerequisites for Configuring Country Codes 75

CHAPTER 13

Information About Configuring Country Codes 76

How to Configure Country Codes (CLI) 76

Configuration Examples for Configuring Country Codes 79

Displaying Channel List for Country Codes: Example 79

Configuring Link Latency 81

Finding Feature Information 81

Prerequisites for Configuring Link Latency 81

Restrictions for Configuring Link Latency 81

Information About Configuring Link Latency 82

TCP MSS 82

Link Tests 82

How to Configure Link Latency 83

Configuring Link Latency (CLI) 83

Configuring Link Latency (GUI) 85

How to Configure TCP MSS 86

Configuring TCP MSS (CLI) 86

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 vii

Contents

Configuring TCP MSS (GUI) 86

Performing a Link Test (CLI) 87

Configuration Examples for Configuring Link Latency 88

Running a Link Test: Example 88

Displaying Link Latency Information: Example 88

Displaying TCP MSS Settings: Example 89

CHAPTER 14

Configuring Power over Ethernet 91

Finding Feature Information 91

Information About Configuring Power over Ethernet 91

How to Configure Power over Ethernet 91

Configuring Power over Ethernet (CLI) 91

Configuring Power over Ethernet (GUI) 92

Configuration Examples for Configuring Power over Ethernet 93

Displaying Power over Ethernet Information: Example 93

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

viii OL-28697-01

Preface

Document Conventions, page ix

•

Related Documentation, page xi

•

Obtaining Documentation and Submitting a Service Request, page xi

•

Document Conventions

This document uses the following conventions:

DescriptionConvention

^ or Ctrl

Italic font

...

|

[x | y]

Both the ^ symbol and Ctrl represent the Control (Ctrl) key on a keyboard. For
example, the key combination ^D or Ctrl-D means that you hold down the Control
key while you press the D key. (Keys are indicated in capital letters but are not
case sensitive.)

Commands and keywords and user-entered text appear in bold font.bold font

Document titles, new or emphasized terms, and arguments for which you supply
values are in italic font.

Terminal sessions and information the system displays appear in courier font.Courier font

Bold Courier font indicates text that the user must enter.Bold Courier font

Elements in square brackets are optional.[x]

An ellipsis (three consecutive nonbolded periods without spaces) after a syntax
element indicates that the element can be repeated.

A vertical line, called a pipe, indicates a choice within a set of keywords or
arguments.

Optional alternative keywords are grouped in brackets and separated by vertical
bars.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 ix

Document Conventions

Preface

DescriptionConvention

Note

{x | y}

Required alternative keywords are grouped in braces and separated by vertical
bars.

[x {y | z}]

Nested set of square brackets or braces indicate optional or required choices
within optional or required elements. Braces and a vertical bar within square
brackets indicate a required choice within an optional element.

string

A nonquoted set of characters. Do not use quotation marks around the string or
the string will include the quotation marks.

Nonprinting characters such as passwords are in angle brackets.< >

Default responses to system prompts are in square brackets.[ ]

!, #

An exclamation point (!) or a pound sign (#) at the beginning of a line of code
indicates a comment line.

Reader Alert Conventions

This document may use the following conventions for reader alerts:

Means reader take note. Notes contain helpful suggestions or references to material not covered in the
manual.

Tip

Caution

Timesaver

Warning

Means the following information will help you solve a problem.

Means reader be careful. In this situation, you might do something that could result in equipment damage
or loss of data.

Means the described action saves time. You can save time by performing the action described in the
paragraph.

Means reader be warned. In this situation, you might perform an action that could result in bodily
injury.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

x OL-28697-01

Preface

Related Documentation

Related Documentation

Before installing or upgrading the switch, refer to the switch release notes.Note

Error Message Decoder, located at:

•

https://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information,
see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco
technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed
and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free
service and Cisco currently supports RSS version 2.0.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 xi

Obtaining Documentation and Submitting a Service Request

Preface

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

xii OL-28697-01

CHAPTER 1

Using the Command-Line Interface

Information About Using the Command-Line Interface, page 1

•

How to Use the CLI to Configure Features, page 5

•

Information About Using the Command-Line Interface

Command Modes

The Cisco IOS user interface is divided into many different modes. The commands available to you depend
on which mode you are currently in. Enter a question mark (?) at the system prompt to obtain a list of commands
available for each command mode.

You can start a CLI session through a console connection, through Telnet, a SSH, or by using the browser.

When you start a session, you begin in user mode, often called user EXEC mode. Only a limited subset of
the commands are available in user EXEC mode. For example, most of the user EXEC commands are one-time
commands, such as show commands, which show the current configuration status, and clear commands,
which clear counters or interfaces. The user EXEC commands are not saved when the switch reboots.

To have access to all commands, you must enter privileged EXEC mode. Normally, you must enter a password
to enter privileged EXEC mode. From this mode, you can enter any privileged EXEC command or enter
global configuration mode.

Using the configuration modes (global, interface, and line), you can make changes to the running configuration.
If you save the configuration, these commands are stored and used when the switch reboots. To access the
various configuration modes, you must start at global configuration mode. From global configuration mode,
you can enter interface configuration mode and line configuration mode.

This table describes the main command modes, how to access each one, the prompt you see in that mode, and
how to exit the mode.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 1

Command Modes

Using the Command-Line Interface

Table 1: Command Mode Summary

About This ModeExit MethodPromptAccess MethodMode

User EXEC

Privileged EXEC

Global
configuration

Begin a session
using Telnet, SSH,
or console.

While in user EXEC
mode, enter the
enable command.

While in privileged
EXEC mode, enter
the configure
command.

Switch>

Switch#

Switch(config)#

Enter logout or
quit.

Enter disable to
exit.

To exit to privileged
EXEC mode, enter

exit or end, or press
Ctrl-Z.

Use this mode to

Change

•

terminal
settings.

Perform basic

•

tests.

Display

•

system
information.

Use this mode to
verify commands
that you have
entered. Use a
password to protect
access to this mode.

Use this mode to
configure
parameters that
apply to the entire
switch.

VLAN
configuration

Interface
configuration

While in global
configuration mode,
enter the vlan
vlan-id command.

While in global
configuration mode,
enter the interface
command (with a
specific interface).

Switch(config-vlan)#

Switch(config-if)#

To exit to global
configuration mode,
enter the exit
command.

To return to
privileged EXEC
mode, press Ctrl-Z
or enter end.

To exit to global
configuration mode,
enter exit.

To return to
privileged EXEC
mode, press Ctrl-Z
or enter end.

Use this mode to
configure VLAN
parameters. When
VTP mode is
transparent, you can
create
extended-range
VLANs (VLAN IDs
greater than 1005)
and save
configurations in the
switch startup
configuration file.

Use this mode to
configure
parameters for the
Ethernet ports.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

2 OL-28697-01

Using the Command-Line Interface

Using the Help System

About This ModeExit MethodPromptAccess MethodMode

Line configuration Use this mode to

Using the Help System

You can enter a question mark (?) at the system prompt to display a list of commands available for each
command mode. You can also obtain a list of associated keywords and arguments for any command.

SUMMARY STEPS

help

1.

abbreviated-command-entry ?

2.

abbreviated-command-entry <Tab>

3.

?

4.

command ?

5.

command keyword ?

6.

While in global
configuration mode,
specify a line with
the line vty or line
console command.

Switch(config-line)#

To exit to global
configuration mode,
enter exit.

To return to
privileged EXEC
mode, press Ctrl-Z
or enter end.

configure
parameters for the
terminal line.

DETAILED STEPS

Step 1

Step 2

Step 3

help

Example:

Switch# help

abbreviated-command-entry ?

Example:

Switch# di?
dir disable disconnect

abbreviated-command-entry <Tab>

Example:

Switch# sh conf<tab>
Switch# show configuration

PurposeCommand or Action

Obtains a brief description of the help system in any
command mode.

Obtains a list of commands that begin with a particular
character string.

Completes a partial command name.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 3

Understanding Abbreviated Commands

Using the Command-Line Interface

PurposeCommand or Action

Step 4

Step 5

Step 6

?

Example:

Switch> ?

command ?

Example:

Switch> show ?

command keyword ?

Example:

Switch(config)# cdp holdtime ?

<10-255> Length of time (in sec) that receiver

must keep this packet

Understanding Abbreviated Commands

You need to enter only enough characters for the switch to recognize the command as unique.

This example shows how to enter the show configuration privileged EXEC command in an abbreviated form:

Lists all commands available for a particular command
mode.

Lists the associated keywords for a command.

Lists the associated arguments for a keyword.

Switch# show conf

No and Default Forms of Commands

Almost every configuration command also has a no form. In general, use the no form to disable a feature or
function or reverse the action of a command. For example, the no shutdown interface configuration command
reverses the shutdown of an interface. Use the command without the keyword no to reenable a disabled feature
or to enable a feature that is disabled by default.

Configuration commands can also have a default form. The default form of a command returns the command
setting to its default. Most commands are disabled by default, so the default form is the same as the no form.
However, some commands are enabled by default and have variables set to certain default values. In these
cases, the default command enables the command and sets variables to their default values.

CLI Error Messages

This table lists some error messages that you might encounter while using the CLI to configure your switch.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

4 OL-28697-01

Using the Command-Line Interface

Table 2: Common CLI Error Messages

% Ambiguous command: "show
con"

You did not enter enough
characters for your switch to
recognize the command.

Configuration Logging

How to Get HelpMeaningError Message

Reenter the command followed by
a question mark (?) without any
space between the command and
the question mark.

The possible keywords that you can
enter with the command appear.

% Incomplete command.

% Invalid input detected at
‘^’ marker.

Configuration Logging

You can log and view changes to the switch configuration. You can use the Configuration Change Logging
and Notification feature to track changes on a per-session and per-user basis. The logger tracks each
configuration command that is applied, the user who entered the command, the time that the command was
entered, and the parser return code for the command. This feature includes a mechanism for asynchronous
notification to registered applications whenever the configuration changes. You can choose to have the
notifications sent to the syslog.

You did not enter all of the
keywords or values required by this
command.

You entered the command
incorrectly. The caret (^) marks the
point of the error.

Reenter the command followed by
a question mark (?) with a space
between the command and the
question mark.

The possible keywords that you can
enter with the command appear.

Enter a question mark (?) to display
all of the commands that are
available in this command mode.

The possible keywords that you can
enter with the command appear.

Only CLI or HTTP changes are logged.Note

How to Use the CLI to Configure Features

Configuring the Command History

The software provides a history or record of commands that you have entered. The command history feature
is particularly useful for recalling long or complex commands or entries, including access lists. You can
customize this feature to suit your needs.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 5

Configuring the Command History

Changing the Command History Buffer Size

By default, the switch records ten command lines in its history buffer. You can alter this number for a current
terminal session or for all sessions on a particular line. This procedure is optional.

SUMMARY STEPS

terminal history [size number-of-lines]

1.

DETAILED STEPS

Using the Command-Line Interface

PurposeCommand or Action

Step 1

terminal history [size number-of-lines]

Example:

Switch# terminal history size 200

Recalling Commands

SUMMARY STEPS

DETAILED STEPS

Changes the number of command lines that the switch records during
the current terminal session in privileged EXEC mode. You can
configure the size from 0 to 256.

To recall commands from the history buffer, perform one of the actions listed in this table. These actions are
optional.

The arrow keys function only on ANSI-compatible terminals such as VT100s.Note

Ctrl-P or use the up arrow key

1.

Ctrl-N or use the down arrow key

2.

show history

3.

Step 1

Step 2

6 OL-28697-01

Ctrl-P or use the up arrow key

Ctrl-N or use the down arrow key

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

PurposeCommand or Action

Recalls commands in the history buffer, beginning with the most recent command.
Repeat the key sequence to recall successively older commands.

Returns to more recent commands in the history buffer after recalling commands
with Ctrl-P or the up arrow key. Repeat the key sequence to recall successively
more recent commands.

Using the Command-Line Interface

Enabling and Disabling Editing Features

PurposeCommand or Action

Step 3

show history

Example:

Switch# show history

Disabling the Command History Feature

The command history feature is automatically enabled. You can disable it for the current terminal session or
for the command line. This procedure is optional.

SUMMARY STEPS

terminal no history

1.

DETAILED STEPS

Step 1

terminal no history

Example:

Switch# terminal no history

Lists the last several commands that you just entered in privileged EXEC mode.
The number of commands that appear is controlled by the setting of the terminal
history global configuration command and the history line configuration
command.

PurposeCommand or Action

Disables the feature during the current terminal session in
privileged EXEC mode.

Enabling and Disabling Editing Features

Although enhanced editing mode is automatically enabled, you can disable it and reenable it.

SUMMARY STEPS

terminal editing

1.

terminal no editing

2.

DETAILED STEPS

Step 1

OL-28697-01 7

terminal editing

Example:

Switch# terminal editing

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

PurposeCommand or Action

Reenables the enhanced editing mode for the current terminal
session in privileged EXEC mode.

Enabling and Disabling Editing Features

Using the Command-Line Interface

PurposeCommand or Action

Step 2

terminal no editing

Example:

Switch# terminal no editing

Editing Commands Through Keystrokes

The keystrokes help you to edit the command lines. These keystrokes are optional.

The arrow keys function only on ANSI-compatible terminals such as VT100s.Note

Table 3: Editing Commands

Ctrl-A

Disables the enhanced editing mode for the current terminal
session in privileged EXEC mode.

DescriptionEditing Commands

Moves the cursor back one character.Ctrl-B or use the left arrow key

Moves the cursor forward one character.Ctrl-F or use the right arrow key

Moves the cursor to the beginning of the command
line.

Ctrl-T

Ctrl-K

Ctrl-U or Ctrl-X

Moves the cursor to the end of the command line.Ctrl-E

Moves the cursor back one word.Esc B

Moves the cursor forward one word.Esc F

Transposes the character to the left of the cursor with
the character located at the cursor.

Erases the character to the left of the cursor.Delete or Backspace key

Deletes the character at the cursor.Ctrl-D

Deletes all characters from the cursor to the end of
the command line.

Deletes all characters from the cursor to the beginning
of the command line.

Deletes the word to the left of the cursor.Ctrl-W

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

8 OL-28697-01

Using the Command-Line Interface

Enabling and Disabling Editing Features

Deletes from the cursor to the end of the word.Esc D

Capitalizes at the cursor.Esc C

Changes the word at the cursor to lowercase.Esc L

Esc U

Ctrl-V or Esc Q

Return key

Ctrl-L or Ctrl-R

Editing Command Lines That Wrap

Capitalizes letters from the cursor to the end of the
word.

Designates a particular keystroke as an executable
command, perhaps as a shortcut.

Scrolls down a line or screen on displays that are
longer than the terminal screen can display.

Note

The More prompt is used for any output that
has more lines than can be displayed on the
terminal screen, including show command
output. You can use the Return and Space
bar keystrokes whenever you see the More
prompt.

Scrolls down one screen.Space bar

Redisplays the current command line if the switch
suddenly sends a message to your screen.

SUMMARY STEPS

You can use a wraparound feature for commands that extend beyond a single line on the screen. When the
cursor reaches the right margin, the command line shifts ten spaces to the left. You cannot see the first ten
characters of the line, but you can scroll back and check the syntax at the beginning of the command. The
keystroke actions are optional.

To scroll back to the beginning of the command entry, press Ctrl-B or the left arrow key repeatedly. You can
also press Ctrl-A to immediately move to the beginning of the line.

The arrow keys function only on ANSI-compatible terminals such as VT100s.Note

The following example shows how to wrap a command line that extends beyond a single line on the screen.

access-list

1.

Ctrl-A

2.

Return key

3.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 9

Searching and Filtering Output of show and more Commands

DETAILED STEPS

Using the Command-Line Interface

PurposeCommand or Action

Step 1

Step 2

Step 3

access-list

Example:

Switch(config)# access-list 101 permit tcp

10.15.22.25 255.255.255.0 10.15.22.35

Switch(config)# $ 101 permit tcp

10.15.22.25 255.255.255.0 10.15.22.35

255.25
Switch(config)# $t tcp 10.15.22.25

255.255.255.0 131.108.1.20 255.255.255.0
eq
Switch(config)# $15.22.25 255.255.255.0

10.15.22.35 255.255.255.0 eq 45

Example:

Switch(config)# access-list 101 permit tcp

10.15.22.25 255.255.255.0 10.15.2$

Displays the global configuration command entry that extends beyond
one line.

When the cursor first reaches the end of the line, the line is shifted ten
spaces to the left and redisplayed. The dollar sign ($) shows that the
line has been scrolled to the left. Each time the cursor reaches the end
of the line, the line is again shifted ten spaces to the left.

Checks the complete syntax.Ctrl-A

The dollar sign ($) appears at the end of the line to show that the line
has been scrolled to the right.

Execute the commands.Return key

The software assumes that you have a terminal screen that is 80 columns
wide. If you have a different width, use the terminal width privileged
EXEC command to set the width of your terminal.

Use line wrapping with the command history feature to recall and
modify previous complex command entries.

Searching and Filtering Output of show and more Commands

You can search and filter the output for show and more commands. This is useful when you need to sort
through large amounts of output or if you want to exclude output that you do not need to see. Using these
commands is optional.

SUMMARY STEPS

{show | more} command | {begin | include | exclude} regular-expression

1.

DETAILED STEPS

Step 1

{show | more} command | {begin | include | exclude}
regular-expression

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

10 OL-28697-01

PurposeCommand or Action

Searches and filters the output.

Using the Command-Line Interface

Accessing the CLI Through a Console Connection or Through Telnet

PurposeCommand or Action

Expressions are case sensitive. For example, if you enter

Example:

Switch# show interfaces | include protocol
Vlan1 is up, line protocol is up
Vlan10 is up, line protocol is down
GigabitEthernet1/0/1 is up, line protocol is down
GigabitEthernet1/0/2 is up, line protocol is up

| exclude output, the lines that contain output are not
displayed, but the lines that contain output appear.

Accessing the CLI Through a Console Connection or Through Telnet

Before you can access the CLI, you must connect a terminal or a PC to the switch console or connect a PC to
the Ethernet management port and then power on the switch, as described in the hardware installation guide
that shipped with your switch.

If your switch is already configured, you can access the CLI through a local console connection or through a
remote Telnet session, but your switch must first be configured for this type of access.

You can use one of these methods to establish a connection with the switch:

Connect the switch console port to a management station or dial-up modem, or connect the Ethernet

•

management port to a PC. For information about connecting to the console or Ethernet management
port, see the switch hardware installation guide.

Use any Telnet TCP/IP or encrypted Secure Shell (SSH) package from a remote management station.

•

The switch must have network connectivity with the Telnet or SSH client, and the switch must have an
enable secret password configured.

The switch supports up to 16 simultaneous Telnet sessions. Changes made by one Telnet user are

•

reflected in all other Telnet sessions.

The switch supports up to five simultaneous secure SSH sessions.

•

After you connect through the console port, through the Ethernet management port, through a Telnet
session or through an SSH session, the user EXEC prompt appears on the management station.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 11

Accessing the CLI Through a Console Connection or Through Telnet

Using the Command-Line Interface

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

12 OL-28697-01

Using the Web Graphical User Interface

Prerequisites for Using the Web GUI, page 13

•

Information About Using The Web GUI, page 13

•

Connecting the Console Port of the Switch , page 15

•

Logging On to the Web GUI, page 15

•

Enabling Web and Secure Web Modes , page 15

•

Configuring the Switch Web GUI, page 16

•

Prerequisites for Using the Web GUI

The GUI must be used on a PC running Windows 7, Windows XP SP1 (or later releases), or Windows

•

2000 SP4 (or later releases).

CHAPTER 2

The switch GUI is compatible with Microsoft Internet Explorer version 10.x, Mozilla Firefox 20.x, or

•

Google Chrome 26.x.

Information About Using The Web GUI

A web browser, or graphical user interface (GUI), is built into each switch.

You can use either the service port interface or the management interface to access the GUI. We recommend
that you use the service-port interface. Click Help at the top of any page in the GUI to display online help.
You might need to disable your browser’s pop-up blocker to view the online help.

Web GUI Features

The switch web GUI supports the following:

The Configuration Wizard—After initial configuration of the IP address and the local username/password or
auth via the authentication server (privilege 15 needed), the wizard provides a method to complete the initial

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 13

Web GUI Features

Using the Web Graphical User Interface

wireless configuration. Start the wizard through Configuration -> Wizard and follow the nine-step process to
configure the following:

Admin Users

•

SNMP System Summary

•

Management Port

•

Wireless Management

•

RF Mobility and Country code

•

Mobility configuration

•

WLANs

•

802.11 Configuration

•

Set Time

•

The Monitor tab:

Displays summary details of switch, clients, and access points.

•

Displays all radio and AP join statistics.

•

Displays air quality on access points.

•

Displays list of all Cisco Discovery Protocol (CDP) neighbors on all interfaces and the CDP traffic

•

information.

Displays all rogue access points based on their classification-friendly, malicious, ad hoc, classified, and

•

unclassified.

The Configuration tab:

Enables you to configure the switch for all initial operation using the web Configuration Wizard. The

•

wizard allows you to configure user details, management interface, and so on.

Enables you to configure the system, internal DHCP server, management, and mobility management

•

parameters.

Enables you to configure the switch, WLAN, and radios.

•

Enables you to configure and set security policies on your switch.

•

Enables you to access the switch operating system software management commands.

•

The Administration tab enables you to configure system logs.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

14 OL-28697-01

Using the Web Graphical User Interface

Connecting the Console Port of the Switch

Before You Begin

Before you can configure the switch for basic operations, you need to connect it to a PC that uses a VT-100
terminal emulation program (such as HyperTerminal, ProComm, Minicom, or Tip).

Connecting the Console Port of the Switch

Step 1

Step 2

Step 3

Connect one end of a null-modem serial cable to the switch's RJ-45 console port and the other end to your PC's serial
port.

Plug the AC power cord into the switch and a grounded 100 to 240 VAC, 50/60-Hz electrical outlet. Turn on the power
supply. The bootup script displays operating system software initialization (code download and power-on self-test
verification) and basic configuration. If the switch passes the power-on self-test, the bootup script runs the configuration
wizard, which prompts you for basic configuration input.

Enter yes. Proceed with basic initial setup configuration parameters in the CLI setup wizard. Specify the IP address for
the service port which is the gigabitethernet 0/0 interface.
After entering the configuration parameters in the configuration wizard, you can access the Web GUI. Now, the switch
is configured with the IP address for service port.

Logging On to the Web GUI

Step 1

Step 2

Enter the switch IP address in your browser’s address line. For a secure connection, enter https://ip-address. For a less
secure connection, enter http://ip-address.

Enabling Web and Secure Web Modes

Step 1

Step 2

OL-28697-01 15

Choose Configuration > Management > Protocol Management > HTTP-HTTPS.

The HTTP-HTTPS Configuration page appears.

To enable web mode, which allows users to access the switch GUI using “http://ip-address,” choose Enabled from the
HTTP Access drop-down list. Otherwise, choose Disabled. Web mode (HTTP) is not a secure connection.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

Configuring the Switch Web GUI

Using the Web Graphical User Interface

Step 3

Step 4
Step 5
Step 6
Step 7

Step 8

Step 9

Step 10
Step 11

To enable secure web mode, which allows users to access the switch GUI using “https://ip-address,” choose Enabled
from the HTTPS Access drop-down list. Otherwise, choose Disabled. Secure web mode (HTTPS) is a secure connection.

Choose to track the device in the IP Device Tracking check box.

Choose to enable the trust point in the Enable check box.

Choose the trustpoints from the Trustpoints drop-down list.

Enter the amount of time, in seconds, before the web session times out due to inactivity in the HTTP Timeout-policy (1
to 600 sec) text box.
The valid range is from 1 to 600 seconds.

Enter the server life time in the Server Life Time (1 to 86400 sec) text box.
The valid range is from1 to 86400 seconds.

Enter the maximum number of connection requests that the server can accept in the Maximum number of Requests (1
to 86400) text box.
The valid range is from 1 to 86400 connections.

Click Apply.

Click Save Configuration.

Configuring the Switch Web GUI

Step 1

Step 2

Step 3
Step 4

Step 5

The configuration wizard enables you to configure basic settings on the switch. You can run the wizard after
you receive the switch from the factory or after the switch has been reset to factory defaults. The configuration
wizard is available in both GUI and CLI formats.

Connect your PC to the service port and configure an IPv4 address to use the same subnet as the switch. The switch is
loaded with IOS XE image and the service port interface is configured as gigabitethernet 0/0.

Start Internet Explorer 10 (or later), Firefox 2.0.0.11 (or later), or Google Chrome on your PC and enter the management
interface IP address on the browser window. The management interface IP address is same as the gigabitethernet 0/0
(also known as service port interface). When you log in for the first time, you need to enter HTTP username and password.
By default, the username is admin and the password is cisco.
You can use both HTTP and HTTPS when using the service port interface. HTTPS is enabled by default and HTTP can
also be enabled.

When you log in for the first time, the <Model Number> <Hostname> page appears.

On the page, click the Wireless Web GUI link to access switch web GUI Home page.

Choose Configuration > Wizard to perform all steps that you need to configure the switch initially.
The Admin Users page appears.

On the Admin Users page, enter the administrative username to be assigned to this switch in the User Name text box
and the administrative password to be assigned to this switch in the Password and Confirm Password text boxes. Click
Next.
The default username is admin and the default password is cisco. You can also create a new administrator user for the
switch. You can enter up to 24 ASCII characters for username and password.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

16 OL-28697-01

Using the Web Graphical User Interface

The SNMP System Summary page appears.

Configuring the Switch Web GUI

Step 6

Step 7

On the SNMP System Summary page, enter the following SNMP system parameters for the switch, and click Next:

Customer-definable switch location in the Location text box.

•

Customer-definable contact details such as phone number with names in the Contact text box.

•

Choose enabled to send SNMP notifications for various SNMP traps or disabled not to send SNMP notifications

•

for various SNMP traps from the SNMP Global Trap drop-down list.

Choose enabled to send system log messages or disabled not to send system log messages from the SNMP Logging

•

drop-down list.

Note

The SNMP trap server, must be reachable through the distribution ports (and not through the gigabitethernet0/0
service or management interface).

The Management Port page appears.

In the Management Port page, enter the following parameters for the management port interface (gigabitethernet 0/0)
and click Next.

Interface IP address that you assigned for the service port in the IP Address text box.

•

Network mask address of the management port interface in the Netmask text box.

•

The IPv4 Dynamic Host Configuration Protocol (DHCP) address for the selected port in the IPv4 DHCP Server

•

text box.

The Wireless Management page appears.

Step 8

Step 9

Step 10

In the Wireless Management page, enter the following wireless interface management details, and click Next.

• Choose the interface—VLAN, or Ten Gigabit Ethernet from the Select Interface drop-down list.

VLAN tag identifier, or 0 for no VLAN tag in the VLAN id text box.

•

IP address of wireless management interface where access points are connected in the IP Address text box.

•

Network mask address of the wireless management interface in the Netmask text box.

•

DHCP IPv4 IP address in the IPv4 DHCP Server text box.

•

When selecting VLAN as interface, you can specify the ports as –Trunk or Access ports from the selected list displayed
in the Switch Port Configuration text box.

The RF Mobility and Country Code page appears.

In the RF Mobility and Country Code page, enter the RF mobility domain name in the RF Mobility text box, choose
current country code from the Country Code drop-down list, and click Next. From the GUI, you can select only one
country code.

Note

Before configuring RF grouping parameters and mobility configuration, ensure that you refer to the relevant
conceptual content and then proceed with the configuration.

The Mobility Configuration page with mobility global configuration settings appears.

In the WLANs page, enter the following WLAN configuration parameters, and click Next.

WLAN identifier in the WLAN ID text box.

•

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

OL-28697-01 17

Configuring the Switch Web GUI

SSID of the WLAN that the client is associated with in the SSID text box.

•

Name of the WLAN used by the client in the Profile Name text box.

•

The 802.11 Configuration page appears.

Using the Web Graphical User Interface

Step 11

Step 12

Step 13

In the 802.11 Configuration page, check either one or both 802.11a/n/ac and 802.11b/g/n check boxes to enable the

802.11 radios, and click Next.
The Set Time page appears.

In the Set Time page, you can configure the time and date on the switch based on the following parameters, and click
Next.

Displays current timestamp on the switch in the Current Time text box.

•

Choose either Manual or NTP from the Mode drop-down list.

•

On using the NTP server, all access points connected to the switch, synchronizes its time based on the NTP server
settings available.

Choose date on the switch from the Year, Month, and Day drop-down list.

•

Choose time from the Hours, Minutes, and Seconds drop-down list.

•

Enter the time zone in the Zone text box and select the off setting required when compared to the current time

•

configured on the switch from the Offset drop-down list.

The Save Wizard page appears.

In the Save Wizard page, you can review the configuration settings performed on the switch using these steps, and if
you wish to change any configuration value, click Previous and navigate to that page.
You can save the switch configuration created using the wizard only if a success message is displayed for all the wizards.
If the Save Wizard page displays errors, you must recreate the wizard for initial configuration of the switch.

Lightweight Access Point Configuration Guide, Cisco IOS XE Release 3SE (Catalyst 3650 Switches)

18 OL-28697-01