CLI Reference Guide for HP ProCurve MSM3xx / MSM4xx Access Points
ProCurve 5400zl Switches
ProCurve MSM3xx / MSM4xx Access Points
Installation and Getting Started Guide
CLI Reference Guide
HP ProCurve
MSM3xx / MSM4xx Access Points
CLI Reference Guide
© Copyright 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
This document contains proprietary information, which is protected by copyright. No part of this document may be photocopied, reproduced, or translated into another language without the prior written consent of Hewlett-Packard.
Publication Number
5992-5947 May 2009
Applicable Products
|
USA part |
WW part |
MSM310 Access Point |
J9374A |
J9379A |
MSM310-R Access Point |
J9380A |
J9383A |
MSM320 Access Point |
J9360A |
J9364A |
MSM320-R Access Point |
J9365A |
J9368A |
MSM325 Access Point with Sensor |
J9369A |
J9373A |
MSM335 Access Point with Sensor |
J9356A |
J9357A |
MSM410 Access Point |
J9426A |
J9427A |
MSM422 Access Point |
J9358A |
J9359A |
Trademark Credits
Windows NT®, Windows®, and MS Windows® are US registered trademarks of Microsoft Corporation.
Disclaimer
HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.
The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Hewlett-Packard assumes no responsibility for the use or reliability of its software on equipment that is not furnished by Hewlett-Packard.
Hewlett-Packard Company
8000 Foothills Boulevard Roseville, California 95747-5552 www.procurve.com
In this Contents section, new to 5.3.x contexts and commands are preceded with an asterisk “*” and formatted in green like this:
* new context
* new command
1 Introduction
About this guide ........................................................................................................... |
1-2 |
Products covered................................................................................................... |
1-2 |
HP ProCurve Product Naming............................................................................. |
1-2 |
Important terms..................................................................................................... |
1-3 |
Typographical conventions .................................................................................. |
1-3 |
Command syntax ............................................................................................ |
1-3 |
Management tool ............................................................................................ |
1-4 |
HP ProCurve Networking support............................................................................. |
1-4 |
Before contacting support ............................................................................. |
1-4 |
Online documentation ................................................................................................. |
1-5 |
CLI support in autonomous and controlled modes ................................................. |
1-5 |
Controlled mode .................................................................................................... |
1-5 |
Autonomous mode ................................................................................................ |
1-5 |
Configuring CLI support.............................................................................................. |
1-6 |
SSH client support................................................................................................. |
1-7 |
Entering strings ............................................................................................................ |
1-7 |
Context hierarchy ........................................................................................................ |
1-7 |
Sample CLI session ...................................................................................................... |
1-8 |
2 CLI commands
View context ................................................................................................................. |
2-2 |
arping ...................................................................................................................... |
2-2 |
enable...................................................................................................................... |
2-2 |
iperf ......................................................................................................................... |
2-2 |
nslookup ................................................................................................................. |
2-2 |
iii
ping.......................................................................................................................... |
2-2 |
ps ............................................................................................................................. |
2-3 |
quit........................................................................................................................... |
2-3 |
show license........................................................................................................... |
2-3 |
show logging filtered............................................................................................. |
2-3 |
top............................................................................................................................ |
2-3 |
traceroute ............................................................................................................... |
2-3 |
Enable context.............................................................................................................. |
2-4 |
reboot device.......................................................................................................... |
2-4 |
show certificate ..................................................................................................... |
2-4 |
show certificate binding ....................................................................................... |
2-4 |
iperf ......................................................................................................................... |
2-4 |
ping.......................................................................................................................... |
2-4 |
arping ...................................................................................................................... |
2-5 |
arp............................................................................................................................ |
2-5 |
end ........................................................................................................................... |
2-5 |
quit........................................................................................................................... |
2-5 |
rcapture................................................................................................................... |
2-5 |
show arp ................................................................................................................. |
2-5 |
show bridge ............................................................................................................ |
2-5 |
show bridge forwarding........................................................................................ |
2-6 |
show dns cache...................................................................................................... |
2-6 |
show interfaces...................................................................................................... |
2-6 |
* show ip................................................................................................................. |
2-6 |
show ip route ......................................................................................................... |
2-6 |
show system info ................................................................................................... |
2-6 |
factory reset ........................................................................................................... |
2-6 |
switch operational mode ...................................................................................... |
2-6 |
show dot11 associations....................................................................................... |
2-7 |
show dot11 statistics client-traffic ...................................................................... |
2-7 |
show local mesh .................................................................................................... |
2-7 |
show wireless neighborhood ............................................................................... |
2-7 |
show wireless rogue-ap ........................................................................................ |
2-7 |
show client log ....................................................................................................... |
2-7 |
show discrete pin................................................................................................... |
2-7 |
config....................................................................................................................... |
2-7 |
show all config ....................................................................................................... |
2-8 |
iv
Config context .............................................................................................................. |
2-9 |
certificate................................................................................................................ |
2-9 |
certificate binding.................................................................................................. |
2-9 |
certificate revocation ............................................................................................ |
2-9 |
end ........................................................................................................................... |
2-9 |
factory settings ...................................................................................................... |
2-9 |
interface ethernet .................................................................................................. |
2-9 |
reboot device........................................................................................................ |
2-10 |
show certificate ................................................................................................... |
2-10 |
show certificate binding ..................................................................................... |
2-10 |
show config factory............................................................................................. |
2-10 |
username .............................................................................................................. |
2-10 |
interface ip............................................................................................................ |
2-10 |
interface wireless ................................................................................................ |
2-10 |
local mesh profile ................................................................................................ |
2-11 |
interface gre ......................................................................................................... |
2-11 |
virtual ap............................................................................................................... |
2-11 |
* admin local authentication.............................................................................. |
2-11 |
* admin radius authentication ........................................................................... |
2-11 |
* admin radius authentication server ............................................................... |
2-12 |
ip http port............................................................................................................ |
2-12 |
ip https port.......................................................................................................... |
2-12 |
snmp-server trap certificate-expired................................................................. |
2-12 |
snmp-server trap certificate-expires-soon ....................................................... |
2-12 |
snmp-server trap web-fail................................................................................... |
2-13 |
snmp-server trap web-login................................................................................ |
2-13 |
snmp-server trap web-logout ............................................................................. |
2-13 |
web admin kickout.............................................................................................. |
2-13 |
web allow.............................................................................................................. |
2-13 |
world-mode dot11 country code........................................................................ |
2-14 |
web access port-1 ................................................................................................ |
2-14 |
web access port-2 ................................................................................................ |
2-14 |
web access wireless ............................................................................................ |
2-14 |
web access interface vlan................................................................................... |
2-14 |
web access interface gre .................................................................................... |
2-14 |
web access local mesh........................................................................................ |
2-15 |
clock...................................................................................................................... |
2-15 |
* clock auto adjust dst........................................................................................ |
2-15 |
clock timezone..................................................................................................... |
2-15 |
v
* clock use custom dst rules.............................................................................. |
2-15 |
ntp protocol.......................................................................................................... |
2-16 |
ntp server.............................................................................................................. |
2-16 |
* clock custom dst begins .................................................................................. |
2-16 |
* clock custom dst begins format ..................................................................... |
2-16 |
* clock custom dst ends ..................................................................................... |
2-17 |
* clock custom dst ends format ........................................................................ |
2-17 |
ntp server.............................................................................................................. |
2-17 |
ntp server failure trap ......................................................................................... |
2-17 |
config-update automatic..................................................................................... |
2-18 |
config-update operation...................................................................................... |
2-18 |
config-update time............................................................................................... |
2-18 |
config-update uri.................................................................................................. |
2-18 |
config-update weekday....................................................................................... |
2-18 |
snmp-server trap config-change ........................................................................ |
2-18 |
snmp-server trap config-update......................................................................... |
2-19 |
logging destination .............................................................................................. |
2-19 |
snmp-server trap syslog-severity ....................................................................... |
2-19 |
snmp-server.......................................................................................................... |
2-19 |
snmp-server access port-1.................................................................................. |
2-19 |
snmp-server allow ............................................................................................... |
2-20 |
snmp-server chassis-id........................................................................................ |
2-20 |
snmp-server contact............................................................................................ |
2-20 |
snmp-server heartbeat period............................................................................ |
2-20 |
snmp-server location........................................................................................... |
2-20 |
snmp-server port.................................................................................................. |
2-21 |
snmp-server readonly.......................................................................................... |
2-21 |
snmp-server readwrite ........................................................................................ |
2-21 |
snmp-server trap.................................................................................................. |
2-21 |
snmp-server trap community ............................................................................. |
2-21 |
snmp-server trap destination ............................................................................. |
2-22 |
snmp-server trap heartbeat ................................................................................ |
2-22 |
snmp-server trap link-state................................................................................. |
2-22 |
snmp-server trap snmp-authentication............................................................. |
2-22 |
* snmp-server version 1...................................................................................... |
2-22 |
* snmp-server version 2c.................................................................................... |
2-23 |
* snmp-server version 3...................................................................................... |
2-23 |
snmp-server access interface vlan .................................................................... |
2-23 |
snmp-server access local mesh.......................................................................... |
2-23 |
vi
snmp-server access interface gre ...................................................................... |
2-23 |
snmp-server access wireless.............................................................................. |
2-24 |
snmp-server access port-2.................................................................................. |
2-24 |
* snmp-server user .............................................................................................. |
2-24 |
* snmp-server notification receiver .................................................................. |
2-24 |
soap-server ........................................................................................................... |
2-24 |
soap-server access interface vlan...................................................................... |
2-25 |
soap-server access port-1 ................................................................................... |
2-25 |
soap-server access port-2 ................................................................................... |
2-25 |
soap-server allow................................................................................................. |
2-25 |
soap-server http authentication......................................................................... |
2-25 |
soap-server http authentication password....................................................... |
2-26 |
soap-server http authentication username....................................................... |
2-26 |
soap-server port................................................................................................... |
2-26 |
soap-server ssl...................................................................................................... |
2-26 |
soap-server ssl with client certificate ............................................................... |
2-26 |
soap-server access interface gre........................................................................ |
2-26 |
soap-server access wireless ............................................................................... |
2-27 |
soap-server access local mesh........................................................................... |
2-27 |
snmp-server trap low-snr.................................................................................... |
2-27 |
snmp-server trap low-snr interval ..................................................................... |
2-27 |
snmp-server trap low-snr level .......................................................................... |
2-27 |
snmp-server trap new-association..................................................................... |
2-27 |
snmp-server trap new-association interval ...................................................... |
2-28 |
snmp-server trap vpn-connection...................................................................... |
2-28 |
snmp-server trap wireless-association-fail....................................................... |
2-28 |
snmp-server trap wireless-association-success............................................... |
2-28 |
snmp-server trap wireless-authentication-fail ................................................. |
2-28 |
snmp-server trap wireless-authentication-success ......................................... |
2-28 |
snmp-server trap wireless-deauthentication-fail ............................................. |
2-29 |
snmp-server trap wireless-deauthentication-success ..................................... |
2-29 |
snmp-server trap wireless-disassociation-fail.................................................. |
2-29 |
snmp-server trap wireless-disassociation-success.......................................... |
2-29 |
snmp-server trap wireless-reassociation-fail ................................................... |
2-29 |
snmp-server trap wireless-reassociation-success ........................................... |
2-29 |
snmp-server trap syslog-matches ...................................................................... |
2-30 |
snmp-server trap syslog-matches regex ........................................................... |
2-30 |
snmp-server trap syslog-severity level.............................................................. |
2-30 |
snmp-server trap network-trace ........................................................................ |
2-30 |
vii
firmware-update automatic................................................................................ |
2-30 |
firmware-update start ......................................................................................... |
2-31 |
firmware-update time.......................................................................................... |
2-31 |
firmware-update uri ............................................................................................ |
2-31 |
firmware-update weekday.................................................................................. |
2-31 |
snmp-server trap firmware-update.................................................................... |
2-31 |
access-controller restrict location..................................................................... |
2-32 |
service-sensor ...................................................................................................... |
2-32 |
service-sensor ...................................................................................................... |
2-32 |
service-sensor poll............................................................................................... |
2-32 |
service-sensor retry............................................................................................. |
2-33 |
service-sensor timeout........................................................................................ |
2-33 |
ip name-server...................................................................................................... |
2-33 |
ip name-server cache .......................................................................................... |
2-33 |
ip name-server dynamic...................................................................................... |
2-34 |
ip name-server interception ............................................................................... |
2-34 |
ip name-server switch-on-servfail ..................................................................... |
2-34 |
ip name-server switch-over ................................................................................ |
2-34 |
snmp-server trap unauthorized-ap .................................................................... |
2-34 |
snmp-server trap unauthorized-ap interval ...................................................... |
2-35 |
wireless-scan........................................................................................................ |
2-35 |
wireless-scan period............................................................................................ |
2-35 |
wireless-scan url .................................................................................................. |
2-35 |
access controller shared secret ......................................................................... |
2-35 |
radius-server profile ............................................................................................ |
2-36 |
ip-qos profile ........................................................................................................ |
2-36 |
dot11 igmp snooping-helper............................................................................... |
2-36 |
discovery protocol............................................................................................... |
2-36 |
discovery protocol device-id.............................................................................. |
2-36 |
bridge priority ...................................................................................................... |
2-37 |
bridge protocol ieee ............................................................................................ |
2-37 |
bridge protocol ieee vlan .................................................................................... |
2-37 |
ip route gateway .................................................................................................. |
2-37 |
dot1x reauth ......................................................................................................... |
2-38 |
dot1x reauth period............................................................................................. |
2-38 |
dot1x reauth terminate ....................................................................................... |
2-38 |
dot1x supplicant timeout.................................................................................... |
2-38 |
dynamic key ......................................................................................................... |
2-38 |
dynamic key interval ........................................................................................... |
2-39 |
viii
add wireless ip-qos profile.................................................................................. |
2-39 |
delete wireless ip-qos profile all ........................................................................ |
2-39 |
delete wireless ip-qos profile ............................................................................. |
2-39 |
wireless link qos .................................................................................................. |
2-39 |
sensor discovery mode ....................................................................................... |
2-39 |
sensor network detector..................................................................................... |
2-40 |
sensor server id.................................................................................................... |
2-40 |
sensor server name ............................................................................................. |
2-40 |
config-version....................................................................................................... |
2-40 |
Port-2 interface context............................................................................................. |
2-41 |
end ......................................................................................................................... |
2-41 |
duplex ................................................................................................................... |
2-41 |
speed ..................................................................................................................... |
2-41 |
vlan ........................................................................................................................ |
2-41 |
vlan compatibility mode ..................................................................................... |
2-42 |
vlan-management filter ....................................................................................... |
2-42 |
interface vlan........................................................................................................ |
2-42 |
Port-1 interface context............................................................................................. |
2-43 |
end ......................................................................................................................... |
2-43 |
duplex ................................................................................................................... |
2-43 |
speed ..................................................................................................................... |
2-43 |
vlan ........................................................................................................................ |
2-43 |
vlan compatibility mode ..................................................................................... |
2-44 |
vlan-management filter ....................................................................................... |
2-44 |
interface vlan........................................................................................................ |
2-44 |
WAN IP interface context.......................................................................................... |
2-45 |
pppoe client user ................................................................................................. |
2-45 |
ip address mode................................................................................................... |
2-45 |
ip address.............................................................................................................. |
2-45 |
ip default-gateway ............................................................................................... |
2-45 |
ip address dhcp client-id..................................................................................... |
2-46 |
end ......................................................................................................................... |
2-46 |
pppoe auto-reconnect ......................................................................................... |
2-46 |
pppoe mru ............................................................................................................ |
2-46 |
pppoe mtu............................................................................................................. |
2-46 |
pppoe unnumbered ............................................................................................. |
2-47 |
ix
Wireless context ......................................................................................................... |
2-48 |
end ......................................................................................................................... |
2-48 |
radio active........................................................................................................... |
2-48 |
rts threshold ......................................................................................................... |
2-48 |
distance................................................................................................................. |
2-48 |
dot11...................................................................................................................... |
2-49 |
transmit power..................................................................................................... |
2-49 |
antenna bidirectionnal ........................................................................................ |
2-50 |
antenna gain ......................................................................................................... |
2-50 |
autochannel skip.................................................................................................. |
2-50 |
beacon interval .................................................................................................... |
2-50 |
dot11 automatic frequency................................................................................. |
2-50 |
dot11 automatic frequency period .................................................................... |
2-51 |
dot11 automatic frequency time ........................................................................ |
2-51 |
dot11 automatic transmit-power ....................................................................... |
2-51 |
dot11 automatic transmit-power period........................................................... |
2-51 |
multicast rate ....................................................................................................... |
2-51 |
station distance.................................................................................................... |
2-51 |
dot11 mode........................................................................................................... |
2-52 |
spectralink view................................................................................................... |
2-52 |
dot11n channel extension................................................................................... |
2-52 |
dot11n channel width.......................................................................................... |
2-52 |
dot11n guard interval .......................................................................................... |
2-52 |
dot11n multicast rate .......................................................................................... |
2-52 |
bandwidth............................................................................................................. |
2-53 |
bandwidth max .................................................................................................... |
2-53 |
Virtual AP context ...................................................................................................... |
2-54 |
virtual ap name .................................................................................................... |
2-54 |
ingress interface .................................................................................................. |
2-54 |
guest-mode ........................................................................................................... |
2-54 |
max-association ................................................................................................... |
2-54 |
ssid name .............................................................................................................. |
2-55 |
vlan ........................................................................................................................ |
2-55 |
encryption key 1 .................................................................................................. |
2-55 |
encryption key format......................................................................................... |
2-55 |
transmit key.......................................................................................................... |
2-56 |
authentication server access controller ........................................................... |
2-56 |
authentication server accounting...................................................................... |
2-56 |
authentication server accounting radius profile ............................................. |
2-56 |
x
authentication server radius .............................................................................. |
2-56 |
dot1x authentication ........................................................................................... |
2-56 |
wpa-psk................................................................................................................. |
2-57 |
authentication server accounting radius stationid case................................. |
2-57 |
authentication server accounting radius stationid delimiter......................... |
2-57 |
wireless filters...................................................................................................... |
2-57 |
wireless filters mac ............................................................................................. |
2-57 |
wireless filters rule input.................................................................................... |
2-58 |
wireless filters rule output ................................................................................. |
2-58 |
wireless filters type ............................................................................................. |
2-58 |
mac-filters local ................................................................................................... |
2-59 |
mac-filters............................................................................................................. |
2-60 |
mac-filters mode .................................................................................................. |
2-60 |
mac authentication accounting ......................................................................... |
2-60 |
mac authentication accounting radius profile ................................................. |
2-60 |
mandatory authentication .................................................................................. |
2-60 |
mac authentication radius profile ..................................................................... |
2-61 |
mac authentication radius stationid case......................................................... |
2-61 |
mac authentication radius stationid delimiter................................................. |
2-61 |
mac authentication.............................................................................................. |
2-61 |
add ip filter ........................................................................................................... |
2-61 |
delete ip filter ....................................................................................................... |
2-62 |
delete ip filter all.................................................................................................. |
2-62 |
ip filters................................................................................................................. |
2-62 |
active ..................................................................................................................... |
2-62 |
beacon dtim count............................................................................................... |
2-62 |
beacon transmit power ....................................................................................... |
2-63 |
data rate ................................................................................................................ |
2-63 |
public forwarding ................................................................................................ |
2-63 |
fast authentication............................................................................................... |
2-63 |
layer3 mobility ..................................................................................................... |
2-63 |
add ip-qos profile ................................................................................................. |
2-63 |
delete ip-qos profile all........................................................................................ |
2-64 |
delete ip-qos profile............................................................................................. |
2-64 |
qos ......................................................................................................................... |
2-64 |
upstream diffserv tagging ................................................................................... |
2-65 |
wmm advertising ................................................................................................. |
2-65 |
location-aware group .......................................................................................... |
2-65 |
end ......................................................................................................................... |
2-65 |
xi
security ................................................................................................................. |
2-66 |
VLAN interface context ............................................................................................. |
2-67 |
end ......................................................................................................................... |
2-67 |
ip address.............................................................................................................. |
2-67 |
ip address mode................................................................................................... |
2-67 |
vlan name.............................................................................................................. |
2-68 |
Local mesh context.................................................................................................... |
2-69 |
end ......................................................................................................................... |
2-69 |
active ..................................................................................................................... |
2-69 |
interface................................................................................................................ |
2-69 |
local mesh name .................................................................................................. |
2-69 |
remote mac........................................................................................................... |
2-69 |
security ................................................................................................................. |
2-70 |
security mode....................................................................................................... |
2-70 |
security psk .......................................................................................................... |
2-70 |
security wep ......................................................................................................... |
2-70 |
speed ..................................................................................................................... |
2-70 |
interface vlan........................................................................................................ |
2-70 |
accept forced links .............................................................................................. |
2-71 |
allowed downtime ............................................................................................... |
2-71 |
dynamic local mesh............................................................................................. |
2-71 |
dynamic mode...................................................................................................... |
2-71 |
initial discovery time........................................................................................... |
2-71 |
mesh id.................................................................................................................. |
2-71 |
minimum snr ........................................................................................................ |
2-71 |
preserve master link............................................................................................ |
2-72 |
promiscuous mode .............................................................................................. |
2-72 |
promiscuous mode startup delay ...................................................................... |
2-72 |
snr cost per hop ................................................................................................... |
2-72 |
RADIUS context ......................................................................................................... |
2-73 |
end ......................................................................................................................... |
2-73 |
radius-server accounting port............................................................................ |
2-73 |
radius-server alternate hosts.............................................................................. |
2-73 |
radius-server authentication method................................................................ |
2-73 |
radius-server authentication port...................................................................... |
2-73 |
radius-server deadtime ....................................................................................... |
2-74 |
radius-server host ................................................................................................ |
2-74 |
radius-server key 2 .............................................................................................. |
2-74 |
xii
radius-server message-authenticator ................................................................ |
2-74 |
radius-server name .............................................................................................. |
2-74 |
radius-server nasid .............................................................................................. |
2-75 |
radius-server timeout .......................................................................................... |
2-75 |
radius-server timeout .......................................................................................... |
2-75 |
IP_QOS context .......................................................................................................... |
2-76 |
end ......................................................................................................................... |
2-76 |
end-port................................................................................................................. |
2-76 |
priority .................................................................................................................. |
2-76 |
profile name ......................................................................................................... |
2-76 |
protocol................................................................................................................. |
2-76 |
start-port ............................................................................................................... |
2-76 |
GRE interface context ............................................................................................... |
2-78 |
end force............................................................................................................... |
2-78 |
gre name ............................................................................................................... |
2-78 |
ip address.............................................................................................................. |
2-78 |
peer ip address..................................................................................................... |
2-78 |
remote ip address ................................................................................................ |
2-78 |
Syslog destination context........................................................................................ |
2-79 |
active ..................................................................................................................... |
2-79 |
logging facility...................................................................................................... |
2-79 |
logging host .......................................................................................................... |
2-79 |
logging prefix ....................................................................................................... |
2-79 |
name...................................................................................................................... |
2-79 |
end ......................................................................................................................... |
2-80 |
level ....................................................................................................................... |
2-80 |
level ....................................................................................................................... |
2-80 |
matches................................................................................................................. |
2-80 |
message................................................................................................................. |
2-80 |
message................................................................................................................. |
2-81 |
process.................................................................................................................. |
2-81 |
process.................................................................................................................. |
2-81 |
* SNMP user context.................................................................................................. |
2-82 |
* access level ....................................................................................................... |
2-82 |
* end...................................................................................................................... |
2-82 |
* password ........................................................................................................... |
2-82 |
* security .............................................................................................................. |
2-82 |
xiii
* user name .......................................................................................................... |
2-82 |
* SNMP notification receiver context...................................................................... |
2-83 |
* community ........................................................................................................ |
2-83 |
* end...................................................................................................................... |
2-83 |
* port..................................................................................................................... |
2-83 |
* receiver .............................................................................................................. |
2-83 |
* user..................................................................................................................... |
2-83 |
* version ............................................................................................................... |
2-83 |
xiv
In this alphabetical list, new to 5.3.x commands are preceded by an asterisk “*” and formatted in green like this:
* command 2-xxx
accept forced links 2-71
access controller shared secret 2-35 * access level 2-82
access-controller restrict location 2-32 active 2-62
active 2-69 active 2-79
add ip filter 2-61
add ip-qos profile 2-63
add wireless ip-qos profile 2-39
*admin local authentication 2-11
*admin radius authentication 2-11
*admin radius authentication server 2-12 allowed downtime 2-71
antenna bidirectionnal 2-50 antenna gain 2-50
arp 2-5 arping 2-2 arping 2-5
authentication server access controller 2-56 authentication server accounting 2-56 authentication server accounting radius profile 2-56
authentication server accounting radius stationid case 2-57 authentication server accounting radius stationid delimiter 2-57
authentication server radius 2-56 autochannel skip 2-50 bandwidth 2-53
bandwidth max 2-53 beacon dtim count 2-62 beacon interval 2-50 beacon transmit power 2-63 bridge priority 2-37
bridge protocol ieee 2-37 bridge protocol ieee vlan 2-37 certificate 2-9
certificate binding 2-9 certificate revocation 2-9 clock 2-15
*clock auto adjust dst 2-15
*clock custom dst begins 2-16
*clock custom dst begins format 2-16
*clock custom dst ends 2-17
*clock custom dst ends format 2-17
clock timezone 2-15
*clock use custom dst rules 2-15
*community 2-83
config 2-7
config-update automatic 2-18 config-update operation 2-18 config-update time 2-18 config-update uri 2-18 config-update weekday 2-18 config-version 2-40
data rate 2-63 delete ip filter 2-62
delete ip filter all 2-62
delete ip-qos profile 2-64 delete ip-qos profile all 2-64
delete wireless ip-qos profile 2-39 delete wireless ip-qos profile all 2-39 discovery protocol 2-36
discovery protocol device-id 2-36 distance 2-48
dot11 2-49
dot11 automatic frequency 2-50
dot11 automatic frequency period 2-51 dot11 automatic frequency time 2-51 dot11 automatic transmit-power 2-51
dot11 automatic transmit-power period 2-51 dot11 igmp snooping-helper 2-36
dot11 mode 2-52
dot11n channel extension 2-52 dot11n channel width 2-52 dot11n guard interval 2-52 dot11n multicast rate 2-52 dot1x authentication 2-56 dot1x reauth 2-38
dot1x reauth period 2-38 dot1x reauth terminate 2-38 dot1x supplicant timeout 2-38 duplex 2-41
duplex 2-43 dynamic key 2-38
dynamic key interval 2-39 dynamic local mesh 2-71 dynamic mode 2-71 enable 2-2
encryption key 1 2-55 encryption key format 2-55 end force 2-78
end-port 2-76 factory reset 2-6 factory settings 2-9
fast authentication 2-63 firmware-update automatic 2-30 firmware-update start 2-31 firmware-update time 2-31 firmware-update uri 2-31 firmware-update weekday 2-31 gre name 2-78
guest-mode 2-54 ingress interface 2-54
initial discovery time 2-71 interface 2-69
interface ethernet 2-9 interface gre 2-11 interface ip 2-10 interface vlan 2-42 interface vlan 2-44 interface vlan 2-70 interface wireless 2-10 ip address 2-45
ip address 2-67 ip address 2-78
ip address dhcp client-id 2-46 ip address mode 2-45
ip address mode 2-67 ip default-gateway 2-45 ip filters 2-62
xv
ip http port 2-12 ip https port 2-12
ip name-server 2-33
ip name-server cache 2-33 ip name-server dynamic 2-34
ip name-server interception 2-34
ip name-server switch-on-servfail 2-34 ip name-server switch-over 2-34
ip route gateway 2-37 iperf 2-2
iperf 2-4
ip-qos profile 2-36 layer3 mobility 2-63 level 2-80
level 2-80
local mesh name 2-69 local mesh profile 2-11 location-aware group 2-65 logging destination 2-19 logging facility 2-79 logging host 2-79
logging prefix 2-79
mac authentication 2-61
mac authentication accounting 2-60
mac authentication accounting radius profile 2-60 mac authentication radius profile 2-61
mac authentication radius stationid case 2-61 mac authentication radius stationid delimiter 2-61 mac-filters 2-60
mac-filters local 2-59 mac-filters mode 2-60 mandatory authentication 2-60 matches 2-80
max-association 2-54 mesh id 2-71 message 2-80 message 2-81 minimum snr 2-71 multicast rate 2-51 name 2-79
nslookup 2-2 ntp protocol 2-16 ntp server 2-16 ntp server 2-17
ntp server failure trap 2-17
*password 2-82 peer ip address 2-78 ping 2-2
ping 2-4
*port 2-83
pppoe auto-reconnect 2-46 pppoe client user 2-45 pppoe mru 2-46
pppoe mtu 2-46
pppoe unnumbered 2-47 preserve master link 2-72 priority 2-76
process 2-81 process 2-81 profile name 2-76
promiscuous mode 2-72 promiscuous mode startup delay 2-72 protocol 2-76
ps 2-3
public forwarding 2-63 qos 2-64
quit 2-3 quit 2-5
radio active 2-48
radius-server accounting port 2-73 radius-server alternate hosts 2-73 radius-server authentication method 2-73 radius-server authentication port 2-73 radius-server deadtime 2-74 radius-server host 2-74
radius-server key 2 2-74
radius-server message-authenticator 2-74 radius-server name 2-74
radius-server nasid 2-75 radius-server profile 2-36 radius-server timeout 2-75 radius-server timeout 2-75 rcapture 2-5
reboot device 2-10 reboot device 2-4
*receiver 2-83 remote ip address 2-78 remote mac 2-69
rts threshold 2-48 security 2-66 security 2-70
*security 2-82 security mode 2-70 security psk 2-70 security wep 2-70
sensor discovery mode 2-39 sensor network detector 2-40 sensor server id 2-40
sensor server name 2-40 service-sensor 2-32 service-sensor 2-32 service-sensor poll 2-32 service-sensor retry 2-33 service-sensor timeout 2-33 show all config 2-8
show arp 2-5 show bridge 2-5
show bridge forwarding 2-6 show certificate 2-10
show certificate 2-4
show certificate binding 2-10 show certificate binding 2-4 show client log 2-7
show config factory 2-10 show discrete pin 2-7 show dns cache 2-6
show dot11 associations 2-7
show dot11 statistics client-traffic 2-7 show interfaces 2-6
*show ip 2-6
show ip route 2-6 show license 2-3 show local mesh 2-7
show logging filtered 2-3 show system info 2-6
show wireless neighborhood 2-7 show wireless rogue-ap 2-7 snmp-server 2-19
snmp-server access interface gre 2-23 snmp-server access interface vlan 2-23 snmp-server access local mesh 2-23 snmp-server access port-1 2-19
xvi
snmp-server access port-2 2-24 snmp-server access wireless 2-24 snmp-server allow 2-20 snmp-server chassis-id 2-20 snmp-server contact 2-20 snmp-server heartbeat period 2-20 snmp-server location 2-20
*snmp-server notification receiver 2-24 snmp-server port 2-21
snmp-server readonly 2-21 snmp-server readwrite 2-21 snmp-server trap 2-21
snmp-server trap certificate-expired 2-12 snmp-server trap certificate-expires-soon 2-12 snmp-server trap community 2-21 snmp-server trap config-change 2-18 snmp-server trap config-update 2-19 snmp-server trap destination 2-22 snmp-server trap firmware-update 2-31 snmp-server trap heartbeat 2-22
snmp-server trap link-state 2-22 snmp-server trap low-snr 2-27 snmp-server trap low-snr interval 2-27 snmp-server trap low-snr level 2-27 snmp-server trap network-trace 2-30 snmp-server trap new-association 2-27
snmp-server trap new-association interval 2-28 snmp-server trap snmp-authentication 2-22 snmp-server trap syslog-matches 2-30 snmp-server trap syslog-matches regex 2-30 snmp-server trap syslog-severity 2-19 snmp-server trap syslog-severity level 2-30 snmp-server trap unauthorized-ap 2-34 snmp-server trap unauthorized-ap interval 2-35 snmp-server trap vpn-connection 2-28 snmp-server trap web-fail 2-13
snmp-server trap web-login 2-13 snmp-server trap web-logout 2-13
snmp-server trap wireless-association-fail 2-28 snmp-server trap wireless-association-success 2-28 snmp-server trap wireless-authentication-fail 2-28 snmp-server trap wireless-authentication-success 2-28 snmp-server trap wireless-deauthentication-fail 2-29 snmp-server trap wireless-deauthentication-success 2-29 snmp-server trap wireless-disassociation-fail 2-29 snmp-server trap wireless-disassociation-success 2-29 snmp-server trap wireless-reassociation-fail 2-29 snmp-server trap wireless-reassociation-success 2-29
*snmp-server user 2-24
*snmp-server version 1 2-22
*snmp-server version 2c 2-23
*snmp-server version 3 2-23
snr cost per hop 2-72 soap-server 2-24
soap-server access interface gre 2-26 soap-server access interface vlan 2-25 soap-server access local mesh 2-27 soap-server access port-1 2-25 soap-server access port-2 2-25 soap-server access wireless 2-27 soap-server allow 2-25
soap-server http authentication 2-25 soap-server http authentication password 2-26 soap-server http authentication username 2-26 soap-server port 2-26
soap-server ssl 2-26
soap-server ssl with client certificate 2-26 spectralink view 2-52
speed 2-41 speed 2-43 speed 2-70 ssid name 2-55 start-port 2-76
station distance 2-51
switch operational mode 2-6 top 2-3
traceroute 2-3 transmit key 2-56 transmit power 2-49
upstream diffserv tagging 2-65
*user 2-83
*user name 2-82 username 2-10
*version 2-83 virtual ap 2-11 virtual ap name 2-54 vlan 2-41
vlan 2-43 vlan 2-55
vlan compatibility mode 2-42 vlan compatibility mode 2-44 vlan name 2-68 vlan-management filter 2-42 vlan-management filter 2-44 web access interface gre 2-14 web access interface vlan 2-14 web access local mesh 2-15 web access port-1 2-14
web access port-2 2-14 web access wireless 2-14 web admin kickout 2-13 web allow 2-13
wireless filters 2-57 wireless filters mac 2-57
wireless filters rule input 2-58 wireless filters rule output 2-58 wireless filters type 2-58 wireless link qos 2-39 wireless-scan 2-35 wireless-scan period 2-35 wireless-scan url 2-35
wmm advertising 2-65
world-mode dot11 country code 2-14 wpa-psk 2-57
xvii
xviii
1
Introduction
Contents
About this guide ........................................................................................................... |
1-2 |
Products covered................................................................................................... |
1-2 |
HP ProCurve Product Naming............................................................................. |
1-2 |
Important terms..................................................................................................... |
1-3 |
Typographical conventions .................................................................................. |
1-3 |
HP ProCurve Networking support............................................................................. |
1-4 |
Online documentation ................................................................................................. |
1-5 |
CLI support in autonomous and controlled modes ................................................. |
1-5 |
Controlled mode .................................................................................................... |
1-5 |
Autonomous mode ................................................................................................ |
1-5 |
Configuring CLI support.............................................................................................. |
1-6 |
SSH client support................................................................................................. |
1-7 |
Entering strings ............................................................................................................ |
1-7 |
Context hierarchy ........................................................................................................ |
1-7 |
Sample CLI session ...................................................................................................... |
1-8 |
Introduction
Note
About this guide
This guide explains how to work with the Command Line Interface (CLI) on HP ProCurve Networking MSM3xx and MSM4xx APs.
This guide covers the following products:
|
Part number |
|
|
|
|
|
USA |
Worldwide |
Model |
version |
version |
|
|
|
MSM310 Access Point |
J9374A |
J9379A |
|
|
|
MSM310-R Access Point |
J9380A |
J9383A |
|
|
|
MSM320 Access Point |
J9360A |
J9364A |
|
|
|
MSM320-R Access Point |
J9365A |
J9368A |
|
|
|
MSM325 Access Point with Sensor |
J9369A |
J9373A |
|
|
|
MSM335 Access Point with Sensor |
J9356A |
J9357A |
|
|
|
MSM410 Access Point |
J9426A |
J9427A |
|
|
|
MSM422 Access Point |
J9358A |
J9359A |
|
|
|
As of October 1st, 2008, Colubris Networks was acquired by HP ProCurve. HP ProCurve has begun integrating the Colubris product line into the HP ProCurve Networking product portfolio (www.procurve.com/news/colubris-10-01-08.htm).
In the online help and this manual, Colubris product names have been changed to their equivalent HP ProCurve product names.
SOAP and SNMP MIBs retain the Colubris naming so you do not need to change your existing SOAP and MIB usage.
The Colubris Networks product names and their corresponding new HP ProCurve product names are as follows:
Colubris name |
HP ProCurve name |
|
|
MSC-5100 MultiService Controller |
MSM710 Controller |
|
|
MSC-5200 MultiService Controller |
MSM730 Controller |
|
|
MSC-5500 MultiService Controller |
MSM750 Controller |
|
|
1-2
Introduction
About this guide
Colubris name |
HP ProCurve name |
|
|
MAP-320 MultiService Access Point |
MSM310 Access Point |
|
|
MAP-320R MultiService Access Point |
MSM310-R Access Point |
|
|
MAP-330 MultiService Access Point |
MSM320 Access Point |
|
|
MAP-330R MultiService Access Point |
MSM320-R Access Point |
|
|
MAP-330 AP+Sensor MultiService Access Point |
MSM325 Access Point with Sensor |
|
|
MAP-625 MultiService Access Point |
MSM422 Access Point |
|
|
MAP-630 AP+Sensor MultiService Access Point |
MSM335 Access Point with Sensor |
|
|
WCB-200 Wireless Client Bridge |
M111 Client Bridge |
|
|
Visitor Management Tool |
Guest Management Software |
|
|
RF Manager 1500 Enterprise |
RF Manager 100 IDS/IPS system |
|
|
RF Manager 1300 Basic |
RF Manager 50 IDS/IPS system |
|
|
RF Planner |
RF Planner |
|
|
The following terms are used in this guide.
Term |
Description |
|
|
AP |
Refers to any HP ProCurve Networking MSM3xx or MSM4xx |
|
Access Point. |
|
|
service controller |
Refers to any HP ProCurve Networking MSM7xx Controller, |
|
including both Access Controller and Mobility Controller |
|
variants. |
|
|
VSC, Virtual ap, VAP |
These terms are used interchangeably to refer to VSC (Virtual |
|
Service Community). |
|
|
Command syntax is formatted in a monospaced font as follows:
Example |
Description |
|
|
web admin kickout |
Items in plain text must be entered as shown. |
|
|
ip http port <number> |
Items in italics and enclosed in < > are parameters for |
|
which you must supply a value. In this example, you |
|
must supply a value for <number>. |
|
|
1-3
Introduction
Example |
Description |
|
|
end [force] |
Items enclosed in square brackets are optional. You |
|
can either include them or not. Do not include the |
|
brackets. In this example you can either include |
|
“force” or omit it. |
|
|
firewall mode (high|low|none) |
Items enclosed in parenthesis and separated by a |
|
vertical line indicate a choice. Specify only one of the |
|
items. In this example, you must specify ’high’, ’low’, or |
|
’none’. |
|
|
When referring to the management tool interface, the Main menu name is presented first followed by a right angle-bracket and then the sub-menu name, as in Network > Ports.
HP ProCurve Networking support
HP ProCurve Networking offers support 24 hours a day, seven days a week through a number of automated electronic services. See the Customer Support/Warranty booklet included with your product.
The HP ProCurve Networking Web site, www.procurve.com/customercare provides up-to date support information.
Additionally, your HP-authorized network reseller can provide you with assistance, both with services that they offer and with services offered by HP.
To make the support process most efficient, before calling your networking dealer or HP Support, you first should collect the following information:
Collect this information |
Where to find it |
|
|
Product identification. |
On the rear of the product. |
|
|
Software version. |
The service controller management tool |
|
Login page. |
|
|
Network topology map, including the |
Your network administrator. |
addresses assigned to all relevant devices. |
|
|
|
1-4
Note
Introduction
Online documentation
For the latest documentation, visit the HP ProCurve Networking manuals Web page at: www.procurve.com/manuals.
An AP operates in either controlled mode or autonomous mode.
Controlled mode is the factory default mode for all APs.
When in controlled mode, an AP establishes a control channel with a service controller. The service controller manages the AP and provides all configuration settings. Discovery of the service controller is automatic if default settings are used on all devices.
In controlled mode, access to the CLI is possible only before any control channel is established, which can occur in the following scenarios:
Network failures prevent a control channel from being created.
After an AP is restarted, prior to establishment of the control channel (during the brief service controller discovery process).
When the AP is in controlled mode, a reduced number of CLI commands are available. The most notable command is switch operational mode, which enables you to switch the AP to autonomous mode. The config context is not available.
When in autonomous mode, the AP operates as a stand-alone unit. You can configure and manage the AP using the AP management tool, SNMP, CLI, or SOAP. Autonomous mode supports all CLI commands.
1-5
Introduction
Configuring CLI support
Using the AP management tool, open the page Management > CLI. Use this page to enable/ disable CLI support via an SSH or serial connection. A maximum of three concurrent CLI sessions are supported regardless of the connection type.
The CLI supports SSH on the standard TCP port (22).
Connectivity and login credentials for SSH connections use the same settings as defined for the management tool manager on the Management > Management tool page.
SSH connections to the CLI can be made on any active interface. Support for each interface must be explicitly enabled under Security.
The login credentials for SSH connections are the same as those defined under Manager account. By default, both username and password are set to admin.
Note |
SSH logins always use the local manager username and password, even if Administrative |
|
user authentication is set to use a RADIUS server. |
|
|
1-6
Introduction
The following SSH clients have been tested with the CLI. Others may work as well:
OpenSSH
Tectia
SecureCRT
Putty
Entering strings
When entering a value that contains spaces, you must enclose it in quotation marks. For example, if the command syntax is:
ssid <name>
you must specify one of the following:
ssid ANameWithNoSpaces ssid "A name with spaces"
CLI commands are grouped into functional contexts. The following table shows the context hierarchy and the command used to switch from the parent context.
Context hierarchy |
Command to switch from parent context |
|
View context |
|
(This is the first context. No command is needed.) |
|
|
|
Enable context |
enable |
|
|
|
|
Config context |
config |
|
|
|
|
WAN IP |
interface context |
interface ip |
|
|
|
Port-2 interface context |
interface ethernet port-2 |
|
|
|
|
VLAN |
interface context |
interface vlan <id>[-<id2>] |
|
|
|
Port-1 interface context |
interface ethernet port-1 |
|
|
|
|
VLAN |
interface context |
interface vlan <id>[-<id2>] |
|
|
|
Wireless context |
interface wireless <number> |
|
|
|
|
Local mesh context |
local mesh profile <name> |
|
|
|
|
VLAN |
interface context |
interface vlan <number> |
|
|
|
GRE interface context |
interface gre <name> |
|
|
|
|
Virtual AP context |
virtual ap <name> |
|
|
|
|
Syslog |
destination context |
logging destination <name> |
|
|
|
SNMP user context |
snmp-server user <name> |
|
|
|
|
SNMP notification receiver context |
snmp-server notification receiver <host> |
|
|
|
|
RADIUS context |
radius-server profile <name> |
|
|
|
|
IP_QOS context |
ip-qos profile <name> |
|
|
|
|
1-7
Introduction
Sample CLI session
This sample CLI session shows you how to set the wireless port to support 802.11a on channel 60 with medium distance between access points. (The CLI prompt is shown in bold.)
CLI> enable
CLI# config
CLI(config)# interface wireless
CLI(config-if-wlan)# dot11 a 60
CLI(config-if-wlan)# distance medium
CLI(config-if-wlan)# end
CLI(config)# end
CLI# quit
1-8
2
CLI commands
CLI commands
Path: View
This is the root of the command tree.
Supported on: MSM310 MSM320 MSM335 MSM410 MSM422
arping [ -AbDfhqUV] [ -c <count>] [ -w <deadline>] [ -s <source>] -I <interface> <destination>
Pings a destination on a device interface using ARP packets.
Supported on: MSM310 MSM320 MSM335 MSM410 MSM422
enable
Switches to the enable context.
Supported on: MSM310 MSM320 MSM335 MSM410 MSM422
iperf -c host [-t time]
Runs a performance throughput test.
Parameters
<-c |
host> |
The IP address or DNS name of the iperf server to connect to. |
<-t |
length> |
Length of the throughput test in seconds. |
Supported on: MSM310 MSM320 MSM335 MSM410 MSM422
nslookup [ -option authentication ] [ <host-to-find> | - [< server> ]]
Queries DNS servers for information on hosts or domains.
Supported on: MSM310 MSM320 MSM335 MSM410 MSM422
ping <host> [-c <count>] [-s <length>] [-q]
Determines if the specified remote IP address is active.
Parameters
<-c host> |
The IP address or DNS name of the host to ping. |
|
<-c |
count> |
Number of pings. |
<-s |
length> |
Length of the ping datagram. |
<-q> |
Quiet mode. No output. |
2-2