Siemens SCALANCE W778-1 M12, SCALANCE W734-1 RJ-45, SCALANCE W738-1 M12, SCALANCE W774-1 RJ-45, SCALANCE W774-1 M12 EEC Configuration Manuals

...

SIMATIC NET

Industrial Wireless LAN SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

Introduction

Configuration Manual

Description

Security recommendations

Configuration

Functions specific to SCALANCE

System time

Network structures

Network protocols

Load control

Layer 3 functions

Security and authentication

Diagnostics

09/2017

C79000-G8976-C324-08

Legal information Warning notice system

This manual contains notices you have to observe in order to ensure your personal safety, as well as to prevent damage to property. The notices referring to your personal safety are highlighted in the manual by a safety alert symbol, notices referring only to property damage have no safety alert symbol. These notices shown below are graded according to the degree of danger.

DANGER

indicates that death or severe personal injury will result if proper precautions are not taken.

WARNING

indicates that death or severe personal injury may result if proper precautions are not taken.

CAUTION

indicates that minor personal injury can result if proper precautions are not taken.

NOTICE indicates that property damage can result if proper precautions are not taken.

If more than one degree of danger is present, the warning notice representing the highest degree of danger will be used. A notice warning of injury to persons with a safety alert symbol may also include a warning relating to property damage.

Qualified Personnel

The product/system described in this documentation may be operated only by personnel qualified for the specific task in accordance with the relevant documentation, in particular its warning notices and safety instructions. Qualified personnel are those who, based on their training and experience, are capable of identifying risks and avoiding potential hazards when working with these products/systems.

Proper use of Siemens products

Note the following:

WARNING

Siemens products may only be used for the applications described in the catalog and in the relevant technical documentation. If products and components from other manufacturers are used, these must be recommended or approved by Siemens. Proper transport, storage, installation, assembly, commissioning, operation and maintenance are required to ensure that the products operate safely and without any problems. The permissible ambient conditions must be complied with. The information in the relevant documentation must be observed.

Trademarks

All names identified by ® are registered trademarks of Siemens AG. The remaining trademarks in this publication may be trademarks whose use by third parties for their own purposes could violate the rights of the owner.

Disclaimer of Liability

We have reviewed the contents of this publication to ensure consistency with the hardware and software described. Since variance cannot be precluded entirely, we cannot guarantee full consistency. However, the information in this publication is reviewed regularly and any necessary corrections are included in subsequent editions.

Siemens AG Division Process Industries and Drives Postfach 48 48 90026 NÜRNBERG GERMANY

C79000-G8976-C324-08 Ⓟ 09/2017 Subject to change

1 Introduction.................................................................................................................................................19

1.1 Information on the Configuration Manual...............................................................................19

2 Description..................................................................................................................................................23

2.1 Configuration limits for WBM and CLI....................................................................................23

2.2 Working with the Command Line Interface (CLI)...................................................................25

2.3 CLI modes..............................................................................................................................26

2.4 The CLI command prompt.....................................................................................................27

2.5 Symbols of the CLI commands..............................................................................................28

2.6 Interface identifiers and addresses........................................................................................29

2.6.1 Naming interfaces..................................................................................................................29

2.6.2 Address types, address ranges and address masks.............................................................31

2.6.3 IPv4 / IPv6..............................................................................................................................32

2.6.4 Structure of an IPv4 address..................................................................................................34

2.6.5 IPv6 terms..............................................................................................................................35

2.6.6 Structure of an IPv6 address..................................................................................................36

2.7 General CLI commands.........................................................................................................37

2.7.1 clear screen............................................................................................................................37

2.7.2 do...........................................................................................................................................38

2.7.3 end.........................................................................................................................................38

2.7.4 exit..........................................................................................................................................39

2.7.5 Help functions and supported input........................................................................................39

2.7.5.1 help........................................................................................................................................39

2.7.5.2 The command "?"...................................................................................................................40

2.7.5.3 Completion of command entries............................................................................................41

2.7.5.4 Abbreviated notation of commands........................................................................................42

2.7.5.5 Reusing the last used commands..........................................................................................42

2.7.5.6 The "show" commands..........................................................................................................42

3 Security recommendations.........................................................................................................................45

4 Configuration..............................................................................................................................................49

4.1 System...................................................................................................................................49

4.1.1 show commands....................................................................................................................49

4.1.1.1 show cli-console-timeout........................................................................................................49

4.1.1.2 show coordinates...................................................................................................................50

4.1.1.3 show device information.........................................................................................................50

4.1.1.4 show ethernetip......................................................................................................................51

4.1.1.5 show im..................................................................................................................................51

4.1.1.6 show interfaces......................................................................................................................52

4.1.1.7 show interfaces ... counters...................................................................................................53

4.1.1.8 show interface mtu.................................................................................................................54

4.1.1.9 show ip interface....................................................................................................................54

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 3

Table of contents

4.1.1.10 show ipv6 interface................................................................................................................55

4.1.1.11 show pnio...............................................................................................................................56

4.1.1.12 show lldp neighbors...............................................................................................................57

4.1.1.13 show lldp status......................................................................................................................57

4.1.1.14 show versions........................................................................................................................58

4.1.2 clear counters.........................................................................................................................59

4.1.3 configure terminal...................................................................................................................60

4.1.4 clear line vty...........................................................................................................................60

4.1.5 disable....................................................................................................................................61

4.1.6 enable....................................................................................................................................62

4.1.7 logout.....................................................................................................................................62

4.1.8 ping........................................................................................................................................63

4.1.9 ping ipv6.................................................................................................................................64

4.1.10 Commands in the global configuration mode.........................................................................65

4.1.10.1 coordinates height..................................................................................................................65

4.1.10.2 coordinates latitude................................................................................................................66

4.1.10.3 coordinates longitude.............................................................................................................67

4.1.10.4 ethernetip...............................................................................................................................67

4.1.10.5 interface.................................................................................................................................68

4.1.10.6 no interface............................................................................................................................69

4.1.10.7 cli-console-timeout.................................................................................................................70

4.1.10.8 no cli-console-timeout............................................................................................................71

4.1.10.9 pnio........................................................................................................................................72

4.1.10.10 system contact.......................................................................................................................73

4.1.10.11 system location......................................................................................................................73

4.1.10.12 system name..........................................................................................................................74

4.1.11 Commands in the Interface configuration mode....................................................................74

4.1.11.1 alias........................................................................................................................................75

4.1.11.2 no alias...................................................................................................................................75

4.1.11.3 duplex.....................................................................................................................................76

4.1.11.4 no duplex................................................................................................................................77

4.1.11.5 lldp..........................................................................................................................................78

4.1.11.6 no lldp.....................................................................................................................................79

4.1.11.7 mtu.........................................................................................................................................79

4.1.11.8 shutdown complete................................................................................................................80

4.1.11.9 no shutdown...........................................................................................................................81

4.2 Load and Save.......................................................................................................................82

4.2.1 The "show" commands..........................................................................................................85

4.2.1.1 show loadsave files................................................................................................................85

4.2.1.2 show loadsave tftp.................................................................................................................85

4.2.2 save filetype...........................................................................................................................86

4.2.3 load tftp..................................................................................................................................87

4.2.4 Commands in the global configuration mode.........................................................................88

4.2.4.1 loadsave.................................................................................................................................88

4.2.5 Commands in the LOADSAVE configuration mode...............................................................89

4.2.5.1 delete.....................................................................................................................................89

4.2.5.2 tftp filename............................................................................................................................90

4.2.5.3 tftp load..................................................................................................................................90

4.2.5.4 tftp save..................................................................................................................................91

4.2.5.5 tftp server...............................................................................................................................92

4.2.5.6 sftp filename...........................................................................................................................93

4.2.5.7 sftp load..................................................................................................................................94

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

4 Configuration Manual, 09/2017, C79000-G8976-C324-08

Table of contents

4.2.5.8 sftp save.................................................................................................................................94

4.2.5.9 sftp server..............................................................................................................................95

4.2.5.10 password................................................................................................................................96

4.2.5.11 no password...........................................................................................................................97

4.2.5.12 firmware-in-configpack...........................................................................................................98

4.2.5.13 no firmeware-in-configpack....................................................................................................99

4.3 Reset and Defaults.................................................................................................................99

4.3.1 restart.....................................................................................................................................99

4.4 Configuration Save & Restore..............................................................................................101

4.4.1 The "show" commands........................................................................................................101

4.4.1.1 show running-config.............................................................................................................101

4.4.2 write startup-config...............................................................................................................103

4.4.3 Commands in the global configuration mode.......................................................................104

4.4.3.1 auto-save.............................................................................................................................104

4.4.3.2 no auto-save........................................................................................................................105

4.5 SINEMA...............................................................................................................................106

4.5.1 The "show" commands........................................................................................................106

4.5.1.1 show sinema........................................................................................................................106

4.5.2 Commands in the global configuration mode.......................................................................106

4.5.2.1 sinema..................................................................................................................................107

4.5.2.2 no sinema.............................................................................................................................107

5 Functions specific to SCALANCE.............................................................................................................109

5.1 PLUG...................................................................................................................................109

5.1.1 The "show" commands........................................................................................................109

5.1.1.1 show plug.............................................................................................................................109

5.1.2 Commands in the global configuration mode.......................................................................110

5.1.2.1 plug......................................................................................................................................110

5.1.3 Commands in the Plug Configuration mode........................................................................110

5.1.3.1 factoryclean..........................................................................................................................111

5.1.3.2 firmware-on-plug..................................................................................................................111

5.1.3.3 no firmware on plug..............................................................................................................112

5.1.3.4 write......................................................................................................................................112

5.1.3.5 presetplug............................................................................................................................113

5.2 WBM....................................................................................................................................114

5.2.1 The "show" commands........................................................................................................114

5.2.1.1 show web-session-timeout...................................................................................................114

5.2.2 Commands in the global configuration mode.......................................................................114

5.2.2.1 web-session-timeout............................................................................................................115

5.2.2.2 no web-session-timeout.......................................................................................................115

5.3 Signal recorder.....................................................................................................................116

5.3.1 The "show" commands........................................................................................................116

5.3.1.1 show wlan signal-recorder (Client).......................................................................................116

5.3.2 wlan signal-recorder start (client).........................................................................................117

5.3.3 wlan signal-recorder stop (client).........................................................................................119

5.3.4 wlan signal-recorder display (client).....................................................................................120

5.3.5 wlan signal-recorder display sample_number (Client).........................................................121

5.4 iPCF.....................................................................................................................................123

5.4.1 The "show" commands........................................................................................................123

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 5

Table of contents

5.4.1.1 show wlan ipcf......................................................................................................................123

5.4.2 WLAN Interface Configuration mode...................................................................................124

5.4.2.1 wlan ipcf...............................................................................................................................124

5.4.2.2 no wlan ipcf..........................................................................................................................125

5.4.2.3 wlan ipcf protocol-support pnio (access point).....................................................................126

5.4.2.4 no wlan ipcf protocol-support (access point)........................................................................127

5.4.2.5 wlan ipcf cycle-time (access point).......................................................................................127

5.4.2.6 wlan ipcf scan-mode (access point).....................................................................................128

5.4.2.7 wlan ipcf signal-quality-threshold (access point)..................................................................129

5.5 iPCF-HT...............................................................................................................................131

5.5.1 The "show" commands........................................................................................................131

5.5.1.1 show wlan ipcf-ht..................................................................................................................131

5.5.2 WLAN Interface Configuration mode...................................................................................132

5.5.2.1 wlan ipcf-ht...........................................................................................................................132

5.5.2.2 no wlan ipcf-ht......................................................................................................................133

5.5.2.3 wlan ipcf-ht protocol-support (Access Point)........................................................................134

5.5.2.4 no wlan ipcf-ht protocol-support (Access Point)...................................................................135

5.5.2.5 wlan ipcf-ht cycle-time (Access Point)..................................................................................135

5.5.2.6 wlan ipcf-ht scan-mode (access point).................................................................................137

5.5.2.7 wlan ipcf-ht signal-quality-threshold (access point)..............................................................138

5.6 iPCF-MC..............................................................................................................................139

5.6.1 The "show" commands........................................................................................................139

5.6.1.1 show wlan ipcf-mc................................................................................................................139

5.6.2 Commands in the WLAN configuration mode......................................................................140

5.6.2.1 wlan ipcf-mc.........................................................................................................................140

5.6.2.2 no wlan ipcf-mc....................................................................................................................141

5.6.2.3 wlan ipcf-mc protocol-support (access point).......................................................................142

5.6.2.4 wlan ipcf-mc cycle-time (access point).................................................................................143

5.6.2.5 wlan ipcf-mc mgmt-scan-period (client)...............................................................................144

5.6.2.6 wlan ipcf-mc roaming-filter (client).......................................................................................145

5.6.2.7 no wlan ipcf-mc roaming-filter (client)..................................................................................146

5.7 iPRP.....................................................................................................................................147

5.7.1 The "show" commands........................................................................................................147

5.7.1.1 show wlan iprp information...................................................................................................147

5.7.2 Commands in the WLAN configuration mode......................................................................148

5.7.2.1 wlan iprp...............................................................................................................................148

5.7.3 Commands in the WLAN iPRP configuration mode.............................................................149

5.7.3.1 wlan iprp interface................................................................................................................149

5.7.3.2 no wlan iprp interface...........................................................................................................150

5.7.3.3 wlan iprp network.................................................................................................................151

5.7.3.4 no wlan iprp network............................................................................................................152

5.8 AeroScout............................................................................................................................152

5.8.1 The "show" commands........................................................................................................153

5.8.1.1 show wlan aeroscout............................................................................................................153

5.8.2 WLAN Interface configuration mode....................................................................................154

5.8.2.1 wlan aeroscout.....................................................................................................................154

5.8.2.2 no wlan aeroscout................................................................................................................155

5.9 Spectrum analyzer...............................................................................................................155

5.9.1 The "show" commands........................................................................................................156

5.9.1.1 show wlan spectrumanalyzer (Access Point).......................................................................156

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

6 Configuration Manual, 09/2017, C79000-G8976-C324-08

Table of contents

5.9.2 WLAN Interface configuration mode....................................................................................157

5.9.2.1 wlan spectrumanalyzer centerfrequency (Access Point).....................................................157

5.9.2.2 wlan spectrumanalyzer start (Access Point)........................................................................158

5.9.2.3 wlan spectrumanalyzer stop (Access Point)........................................................................159

5.10 Remote capture....................................................................................................................159

5.10.1 show remote capture............................................................................................................160

5.10.2 Commands in the global configuration mode.......................................................................160

5.10.2.1 remote capture.....................................................................................................................161

5.10.3 Commands in the remote capture configuration mode........................................................161

5.10.3.1 activate-after-restart.............................................................................................................161

5.10.3.2 no-activate-after-restart........................................................................................................162

5.10.3.3 capture.................................................................................................................................163

5.10.3.4 no capture............................................................................................................................165

6 System time..............................................................................................................................................167

6.1 System time setting..............................................................................................................167

6.1.1 The "show" commands........................................................................................................167

6.1.1.1 show time.............................................................................................................................167

6.1.1.2 show dst info........................................................................................................................167

6.1.2 Commands in the global configuration mode.......................................................................168

6.1.2.1 time......................................................................................................................................168

6.1.2.2 time set.................................................................................................................................169

6.1.2.3 time dst date.........................................................................................................................170

6.1.2.4 time dst recurring.................................................................................................................171

6.1.2.5 no time dst............................................................................................................................172

6.2 NTP client.............................................................................................................................172

6.2.1 The "show" commands........................................................................................................173

6.2.1.1 show ntp info........................................................................................................................173

6.2.2 Commands in the global configuration mode.......................................................................173

6.2.2.1 ntp........................................................................................................................................173

6.2.3 Commands in the NTP configuration mode.........................................................................174

6.2.3.1 ntp server.............................................................................................................................174

6.2.3.2 no ntp server........................................................................................................................175

6.2.3.3 ntp time diff...........................................................................................................................176

6.3 SNTP client..........................................................................................................................177

6.3.1 The "show" commands........................................................................................................177

6.3.1.1 show sntp broadcast-mode status.......................................................................................177

6.3.1.2 show sntp status..................................................................................................................178

6.3.1.3 show sntp unicast-mode status............................................................................................178

6.3.2 Commands in the global configuration mode.......................................................................179

6.3.2.1 sntp......................................................................................................................................179

6.3.3 Commands in the SNTP configuration mode.......................................................................179

6.3.3.1 sntp time diff.........................................................................................................................180

6.3.3.2 sntp unicast-server...............................................................................................................181

6.3.3.3 no sntp unicast-server..........................................................................................................182

6.3.3.4 sntp client addressing-mode................................................................................................183

7 Network structures....................................................................................................................................185

7.1 WLAN...................................................................................................................................185

7.1.1 The "show" commands........................................................................................................185

7.1.1.1 show wlan advanced............................................................................................................185

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 7

Table of contents

7.1.1.2 show wlan allowed channels................................................................................................186

7.1.1.3 show wlan antennas.............................................................................................................187

7.1.1.4 show wlan ap (access point)................................................................................................187

7.1.1.5 show wlan advanced-11n.....................................................................................................188

7.1.1.6 show wlan available-ap-list (client).......................................................................................189

7.1.1.7 show wlan basic...................................................................................................................190

7.1.1.8 show wlan client (Client)......................................................................................................191

7.1.1.9 show wlan client-list (access point)......................................................................................192

7.1.1.10 show wlan client-list-vap (access point)...............................................................................193

7.1.1.11 show wlan data rates (access point)....................................................................................193

7.1.1.12 show wlan device.................................................................................................................194

7.1.1.13 show wlan force roaming ip-down (Access Point)................................................................195

7.1.1.14 show wlan noise-floor...........................................................................................................196

7.1.1.15 show wlan overlap-ap-list (access point).............................................................................196

7.1.1.16 show wlan overview.............................................................................................................197

7.1.1.17 show wlan statistics .............................................................................................................198

7.1.1.18 show wlan ssid-table (client)................................................................................................199

7.1.1.19 show wlan vap (access point)..............................................................................................200

7.1.1.20 show wlan wds (access point)..............................................................................................201

7.1.1.21 show wlan wds-list (access point)........................................................................................202

7.1.1.22 show wlan ip-mapping..........................................................................................................203

7.1.2 clear wlan statistics..............................................................................................................203

7.1.3 Commands in the global configuration mode.......................................................................204

7.1.3.1 wlan......................................................................................................................................204

7.1.4 Commands in the WLAN configuration mode......................................................................205

7.1.4.1 device mode.........................................................................................................................205

7.1.4.2 commit mode........................................................................................................................206

7.1.4.3 commit wlan-settings............................................................................................................207

7.1.4.4 country.................................................................................................................................207

7.1.4.5 force roaming ip-down (Access Point).................................................................................208

7.1.4.6 no force roaming ip-down (Access Point)............................................................................209

7.1.5 Commands in the WLAN Interface configuration mode.......................................................210

7.1.5.1 wlan allowed channels.........................................................................................................210

7.1.5.2 wlan allowed channels only..................................................................................................212

7.1.5.3 no wlan allowed channels only.............................................................................................212

7.1.5.4 wlan alternative channel (access point)...............................................................................213

7.1.5.5 wlan ampdu..........................................................................................................................214

7.1.5.6 no wlan ampdu.....................................................................................................................215

7.1.5.7 wlan ampdu bytes-limit.........................................................................................................216

7.1.5.8 wlan ampdu frames-limit......................................................................................................216

7.1.5.9 wlan amsdu..........................................................................................................................217

7.1.5.10 no wlan amsdu.....................................................................................................................218

7.1.5.11 wlan amsdu packet-size.......................................................................................................218

7.1.5.12 wlan antenna additional-attenuation....................................................................................219

7.1.5.13 wlan antenna cable-length...................................................................................................220

7.1.5.14 wlan antenna gain-2-4GHz..................................................................................................221

7.1.5.15 wlan antenna gain-5GHz......................................................................................................221

7.1.5.16 wlan antenna type................................................................................................................222

7.1.5.17 wlan antenna mode..............................................................................................................223

7.1.5.18 wlan any ssid (Client)...........................................................................................................224

7.1.5.19 no wlan any ssid (client).......................................................................................................225

7.1.5.20 wlan background scan interval (client).................................................................................226

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

8 Configuration Manual, 09/2017, C79000-G8976-C324-08

Table of contents

7.1.5.21 wlan background scan mode (client)....................................................................................226

7.1.5.22 wlan background scan threshold (Client).............................................................................227

7.1.5.23 wlan beacon interval (access point).....................................................................................228

7.1.5.24 wlan channel (Access Point)................................................................................................229

7.1.5.25 wlan client mac mode (client)...............................................................................................230

7.1.5.26 wlan client mac address (client)...........................................................................................231

7.1.5.27 wlan data rates-11abg selected only (access point)............................................................232

7.1.5.28 no wlan data rates-11abg selected only (access point).......................................................233

7.1.5.29 wlan data rates-11n selected only (access point)................................................................233

7.1.5.30 no wlan data rates-11n selected only (access point)...........................................................234

7.1.5.31 wlan data rate-11abg (access point)....................................................................................235

7.1.5.32 wlan data rate-11n (access point)........................................................................................237

7.1.5.33 wlan data rate-11abg defaults (access point)......................................................................238

7.1.5.34 wlan data rate-11n defaults (Access Point)..........................................................................239

7.1.5.35 wlan dfs................................................................................................................................240

7.1.5.36 no wlan dfs...........................................................................................................................240

7.1.5.37 wlan dfs prefer-configured-channel......................................................................................241

7.1.5.38 no wlan dfs prefer-configured-channel.................................................................................242

7.1.5.39 wlan dfs multi-radar-detection..............................................................................................243

7.1.5.40 no wlan dfs multi-radar-detection.........................................................................................244

7.1.5.41 wlan dhcp renew (Client)......................................................................................................244

7.1.5.42 no wlan dhcp renew (Client).................................................................................................245

7.1.5.43 wlan dtim (access point).......................................................................................................246

7.1.5.44 wlan min-ap-signal-strength (Client)....................................................................................247

7.1.5.45 wlan ssid-table edit (client)...................................................................................................248

7.1.5.46 wlan force roaming eth-down (access point)........................................................................249

7.1.5.47 no wlan force roaming eth-down (access point)...................................................................250

7.1.5.48 wlan fragmentation threshold...............................................................................................250

7.1.5.49 wlan frequency band (access point).....................................................................................251

7.1.5.50 wlan frequency band (client)................................................................................................252

7.1.5.51 wlan guard interval (access point)........................................................................................253

7.1.5.52 wlan ht channel width (access point)...................................................................................254

7.1.5.53 wlan hw-retries.....................................................................................................................255

7.1.5.54 wlan max tx-power...............................................................................................................255

7.1.5.55 wlan mode (access point)....................................................................................................256

7.1.5.56 wlan mode (client)................................................................................................................258

7.1.5.57 wlan outdoor.........................................................................................................................259

7.1.5.58 no wlan outdoor....................................................................................................................260

7.1.5.59 wlan overlap-ap aging (access point)...................................................................................261

7.1.5.60 wlan roaming threshold (client)............................................................................................262

7.1.5.61 wlan rts-cts threshold...........................................................................................................263

7.1.6 Commands in the VAP Interface Configuration mode.........................................................263

7.1.6.1 vap wds id (access point).....................................................................................................264

7.1.6.2 vap ssid (access point).........................................................................................................265

7.1.6.3 vap broadcast ssid (access point)........................................................................................266

7.1.6.4 no vap broadcast ssid (access point)...................................................................................267

7.1.6.5 vap wds only (access point).................................................................................................268

7.1.6.6 no vap wds only (access point)............................................................................................268

7.1.7 Commands in the WDS Interface Configuration mode........................................................269

7.1.7.1 wds partner id-type (access point).......................................................................................270

7.1.7.2 wds partner mac (access point)...........................................................................................271

7.1.7.3 wds partner wds-id (access point)........................................................................................272

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 9

Table of contents

7.1.7.4 wds connection over (access point).....................................................................................273

7.1.8 Commands in the force roaming configuration mode..........................................................273

7.1.8.1 Introductory sentence for the force roaming configuration mode.........................................273

7.1.8.2 dest-addr (Access Point)......................................................................................................274

7.1.8.3 lost (Access Point)...............................................................................................................275

7.1.8.4 interval (Access Point).........................................................................................................276

7.1.8.5 port (Access Point)...............................................................................................................277

7.1.8.6 no port (Access Point)..........................................................................................................278

7.2 VLAN....................................................................................................................................278

7.2.1 The "show" commands........................................................................................................279

7.2.1.1 show dot1d mac-address-table............................................................................................279

7.2.1.2 show mac-address-table......................................................................................................280

7.2.1.3 show mac-address-table dynamic unicast...........................................................................281

7.2.1.4 show mac-address-table count............................................................................................282

7.2.1.5 show vlan.............................................................................................................................282

7.2.1.6 show vlan device info...........................................................................................................283

7.2.1.7 show vlan learning params..................................................................................................284

7.2.1.8 show vlan port config...........................................................................................................284

7.2.2 Commands in the global configuration mode.......................................................................285

7.2.2.1 mac-address-table aging......................................................................................................285

7.2.2.2 no mac-address-table aging.................................................................................................286

7.2.2.3 vlan.......................................................................................................................................287

7.2.2.4 no vlan..................................................................................................................................288

7.2.2.5 base bridge-mode................................................................................................................288

7.2.2.6 mgmt vlan ............................................................................................................................289

7.2.3 Commands in the interface configuration mode...................................................................290

7.2.3.1 switchport acceptable-frame-type........................................................................................290

7.2.3.2 switchport access vlan.........................................................................................................291

7.2.3.3 no switchport access vlan....................................................................................................292

7.2.3.4 switchport ingress-filter........................................................................................................292

7.2.3.5 no switchport ingress-filter...................................................................................................293

7.2.3.6 switchport priority default.....................................................................................................294

7.2.3.7 no switchport priority default................................................................................................294

7.2.3.8 switchport pvid.....................................................................................................................295

7.2.3.9 no switchport pvid................................................................................................................296

7.2.4 Commands in the VLAN configuration mode.......................................................................297

7.2.4.1 name....................................................................................................................................297

7.2.4.2 no name...............................................................................................................................298

7.2.4.3 ports.....................................................................................................................................298

7.2.4.4 no ports................................................................................................................................300

7.3 Spanning Tree......................................................................................................................301

7.3.1 The "show" commands........................................................................................................301

7.3.1.1 show spanning-tree..............................................................................................................301

7.3.1.2 show spanning-tree active...................................................................................................302

7.3.1.3 show spanning-tree bridge...................................................................................................303

7.3.1.4 show spanning-tree detail....................................................................................................303

7.3.1.5 show spanning-tree interface...............................................................................................304

7.3.1.6 show spanning-tree l2t-edge................................................................................................305

7.3.1.7 show spanning-tree mst configuration.................................................................................306

7.3.1.8 show spanning-tree mst.......................................................................................................306

7.3.1.9 show spanning-tree mst interface........................................................................................307

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

10 Configuration Manual, 09/2017, C79000-G8976-C324-08

Table of contents

7.3.1.10 show spanning-tree root.......................................................................................................308

7.3.2 clear spanning-tree counters................................................................................................309

7.3.3 Commands in the global configuration mode.......................................................................309

7.3.3.1 spanning-tree.......................................................................................................................310

7.3.3.2 no spanning-tree..................................................................................................................310

7.3.3.3 spanning-tree compatibility..................................................................................................311

7.3.3.4 no spanning-tree compatibility.............................................................................................312

7.3.3.5 spanning-tree l2t-auto-edge.................................................................................................313

7.3.3.6 no spanning-tree l2t-auto-edge............................................................................................313

7.3.3.7 spanning-tree l2t-edge.........................................................................................................314

7.3.3.8 no spanning-tree l2t-edge....................................................................................................315

7.3.3.9 spanning-tree mst configuration...........................................................................................315

7.3.3.10 spanning-tree mst instance-id root.......................................................................................316

7.3.3.11 no spanning-tree mst instance-id root..................................................................................317

7.3.3.12 spanning-tree mst max-hops................................................................................................318

7.3.3.13 no spanning-tree mst max-hops...........................................................................................319

7.3.3.14 spanning-tree priority...........................................................................................................319

7.3.3.15 no spanning-tree priority......................................................................................................320

7.3.3.16 Time settings for the Spanning Tree protocol......................................................................321

7.3.4 Commands in the interface configuration mode...................................................................324

7.3.4.1 spanning-tree.......................................................................................................................324

7.3.4.2 no spanning-tree..................................................................................................................326

7.3.4.3 spanning-tree auto-edge......................................................................................................327

7.3.4.4 no spanning-tree auto-edge.................................................................................................328

7.3.4.5 spanning-tree bdpufilter.......................................................................................................328

7.3.4.6 spanning-tree bpdu-receive.................................................................................................329

7.3.4.7 spanning-tree bpdu-transmit................................................................................................330

7.3.4.8 spanning-tree mst................................................................................................................330

7.3.4.9 no spanning-tree mst...........................................................................................................332

7.3.4.10 spanning-tree mst hello-time................................................................................................333

7.3.4.11 no spanning-tree mst hello-time...........................................................................................334

7.3.5 Commands in the MSTP configuration mode......................................................................334

7.3.5.1 instance................................................................................................................................335

7.3.5.2 no instance...........................................................................................................................336

7.3.5.3 name....................................................................................................................................337

7.3.5.4 no name...............................................................................................................................337

7.3.5.5 revision.................................................................................................................................338

7.3.5.6 no revision............................................................................................................................339

8 Network protocols.....................................................................................................................................341

8.1 IPv4 protocol........................................................................................................................341

8.1.1 The "show" commands........................................................................................................341

8.1.1.1 show dcp forwarding............................................................................................................341

8.1.1.2 show dcp server...................................................................................................................342

8.1.1.3 show ip route........................................................................................................................342

8.1.1.4 show ip telnet.......................................................................................................................343

8.1.1.5 show ip dns..........................................................................................................................343

8.1.1.6 show ip dns cache................................................................................................................344

8.1.1.7 show ip dns name-server.....................................................................................................344

8.1.1.8 show ip dns statistics...........................................................................................................345

8.1.2 Commands in the global configuration mode.......................................................................345

8.1.2.1 telnet-server.........................................................................................................................346

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 11

Table of contents

8.1.2.2 no telnet-server....................................................................................................................346

8.1.2.3 ip echo-reply.........................................................................................................................347

8.1.2.4 no ip echo-reply....................................................................................................................348

8.1.2.5 ip route.................................................................................................................................348

8.1.2.6 no ip route............................................................................................................................349

8.1.2.7 dcp server............................................................................................................................350

8.1.2.8 no dcp server.......................................................................................................................350

8.1.2.9 ip domain lookup..................................................................................................................351

8.1.2.10 no ip domain lookup.............................................................................................................351

8.1.2.11 ip domain used server..........................................................................................................352

8.1.2.12 ip name server.....................................................................................................................353

8.1.2.13 no ip name-server................................................................................................................354

8.1.3 Commands in the interface configuration mode...................................................................355

8.1.3.1 ip address.............................................................................................................................355

8.1.3.2 no ip address........................................................................................................................356

8.1.3.3 ip address dhcp....................................................................................................................357

8.1.3.4 dcp forwarding......................................................................................................................358

8.2 IPv6 protocol........................................................................................................................358

8.2.1 Configuration matrix.............................................................................................................358

8.2.2 The "show" commands........................................................................................................359

8.2.2.1 show ipv6 neighbors............................................................................................................359

8.2.2.2 show ipv6 pmtu....................................................................................................................359

8.2.2.3 show ipv6 route....................................................................................................................360

8.2.2.4 show ipv6 static route...........................................................................................................360

8.2.2.5 show ipv6 traffic...................................................................................................................361

8.2.3 Commands in the global configuration mode.......................................................................362

8.2.3.1 ipv6 neighbor........................................................................................................................362

8.2.3.2 no ipv6 neighbor...................................................................................................................363

8.2.3.3 ipv6 path mtu........................................................................................................................364

8.2.3.4 no ipv6 path mtu...................................................................................................................365

8.2.3.5 ipv6 path mtu discover.........................................................................................................366

8.2.3.6 no ipv6 path mtu discover....................................................................................................366

8.2.3.7 ipv6 default route..................................................................................................................367

8.2.3.8 no ipv6 default route.............................................................................................................368

8.2.4 Commands in the Interface configuration mode..................................................................369

8.2.4.1 ipv6 address.........................................................................................................................370

8.2.4.2 no ipv6 address....................................................................................................................371

8.2.4.3 ipv6 address autoconfig.......................................................................................................372

8.2.4.4 no ipv6 address autoconfig..................................................................................................373

8.2.4.5 ipv6 address dhcp................................................................................................................373

8.2.4.6 no ipv6 address dhcp...........................................................................................................374

8.2.4.7 ipv6 address link-local..........................................................................................................375

8.2.4.8 no ipv6 address link-local.....................................................................................................376

8.2.4.9 ipv6 enable...........................................................................................................................377

8.2.4.10 no ipv6 enable......................................................................................................................378

8.3 DHCPv4 client (IPv4)...........................................................................................................378

8.3.1 The "show" commands........................................................................................................378

8.3.1.1 show ip dhcp client stats......................................................................................................378

8.3.1.2 show ip dhcp client ..............................................................................................................379

8.3.2 Commands in the global configuration mode.......................................................................379

8.3.2.1 ip dhcp config-file-request....................................................................................................380

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

12 Configuration Manual, 09/2017, C79000-G8976-C324-08

Table of contents

8.3.2.2 no ip dhcp config-file-request...............................................................................................380

8.3.2.3 ip dhcp client mode..............................................................................................................381

8.4 DHCPv6 client (IPv6)...........................................................................................................382

8.4.1 clear ipv6 dhcp client statistics.............................................................................................382

8.4.2 The "show" commands........................................................................................................383

8.4.2.1 show ipv6 dhcp....................................................................................................................383

8.4.2.2 show ipv6 dhcp interface......................................................................................................383

8.4.2.3 show ipv6 dhcp client statistics............................................................................................384

8.4.3 Commands in the Interface configuration mode..................................................................385

8.4.3.1 ipv6 dhcp client request.......................................................................................................385

8.4.3.2 no ipv6 dhcp client request..................................................................................................386

8.5 DHCP server........................................................................................................................387

8.5.1 The "show" commands........................................................................................................388

8.5.1.1 show ip dhcp-server pools...................................................................................................388

8.5.1.2 show ip dhcp-server bindings...............................................................................................389

8.5.2 Commands in the global configuration mode.......................................................................389

8.5.2.1 ip dhcp-server......................................................................................................................390

8.5.2.2 no ip dhcp-server.................................................................................................................390

8.5.2.3 ip dhcp-server icmp-probe...................................................................................................391

8.5.2.4 ip dhcp-server pool...............................................................................................................392

8.5.2.5 no ip dhcp-server pool..........................................................................................................393

8.5.2.6 no ip dhcp-server icmp-probe..............................................................................................394

8.5.3 Commands in the DHCPPOOL configuration mode............................................................394

8.5.3.1 lease-time.............................................................................................................................395

8.5.3.2 network.................................................................................................................................396

8.5.3.3 option (IP address)...............................................................................................................397

8.5.3.4 option value-hex...................................................................................................................398

8.5.3.5 option value-string................................................................................................................399

8.5.3.6 no option..............................................................................................................................400

8.5.3.7 pool-enable..........................................................................................................................401

8.5.3.8 no pool-enable.....................................................................................................................402

8.5.3.9 set-interface.........................................................................................................................402

8.5.3.10 static-lease...........................................................................................................................404

8.5.3.11 no static-lease......................................................................................................................405

8.6 SNMP...................................................................................................................................405

8.6.1 The "show" commands........................................................................................................407

8.6.1.1 show snmp...........................................................................................................................407

8.6.1.2 show snmp community.........................................................................................................407

8.6.1.3 show snmp engineID............................................................................................................408

8.6.1.4 show snmp filter...................................................................................................................408

8.6.1.5 show snmp group.................................................................................................................409

8.6.1.6 show snmp group access.....................................................................................................409

8.6.1.7 show snmp inform statistics.................................................................................................410

8.6.1.8 show snmp notif...................................................................................................................410

8.6.1.9 show snmp targetaddr..........................................................................................................411

8.6.1.10 show snmp targetparam.......................................................................................................411

8.6.1.11 show snmp user...................................................................................................................412

8.6.1.12 show snmp viewtree.............................................................................................................412

8.6.2 Commands in the global configuration mode.......................................................................413

8.6.2.1 snmpagent...........................................................................................................................413

8.6.2.2 no snmpagent......................................................................................................................414

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 13

Table of contents

8.6.2.3 snmp agent version..............................................................................................................414

8.6.2.4 snmp access........................................................................................................................415

8.6.2.5 no snmp access...................................................................................................................416

8.6.2.6 snmp community index........................................................................................................417

8.6.2.7 no snmp community index...................................................................................................418

8.6.2.8 snmp engineid migrate.........................................................................................................419

8.6.2.9 no snmp engineid migrate....................................................................................................420

8.6.2.10 snmp filterprofile...................................................................................................................421

8.6.2.11 no snmp filterprofile..............................................................................................................422

8.6.2.12 snmp group..........................................................................................................................423

8.6.2.13 no snmp group.....................................................................................................................424

8.6.2.14 snmp notify...........................................................................................................................424

8.6.2.15 no snmp notify......................................................................................................................425

8.6.2.16 snmp targetaddr...................................................................................................................426

8.6.2.17 no snmp targetaddr..............................................................................................................428

8.6.2.18 snmp targetparams..............................................................................................................428

8.6.2.19 no snmp targetparams.........................................................................................................430

8.6.2.20 snmp v1-v2 readonly............................................................................................................431

8.6.2.21 no snmp v1-v2 readonly.......................................................................................................431

8.6.2.22 snmp user............................................................................................................................432

8.6.2.23 no snmp user.......................................................................................................................433

8.6.2.24 snmp view............................................................................................................................434

8.6.2.25 no snmp view.......................................................................................................................435

8.7 SMTP client..........................................................................................................................436

8.7.1 The "show" commands........................................................................................................436

8.7.1.1 show events smtp-server.....................................................................................................436

8.7.1.2 show events sender email....................................................................................................436

8.7.1.3 show events smtp-port.........................................................................................................437

8.7.2 Commands in the Events configuration mode.....................................................................437

8.7.2.1 smtp-server..........................................................................................................................438

8.7.2.2 no smtp-server.....................................................................................................................439

8.7.2.3 sender mail-address.............................................................................................................439

8.7.2.4 no sender mail-address........................................................................................................440

8.7.2.5 smtp-port..............................................................................................................................441

8.7.2.6 no smtp-port.........................................................................................................................441

8.8 HTTP server.........................................................................................................................442

8.8.1 The "show" commands........................................................................................................442

8.8.1.1 show ip http server status....................................................................................................442

8.8.2 Commands in the Global Configuration mode.....................................................................443

8.8.2.1 ip http...................................................................................................................................443

8.8.2.2 no ip http..............................................................................................................................444

8.9 HTTPS server......................................................................................................................444

8.9.1 The "show" commands........................................................................................................444

8.9.1.1 show ip http secure server status.........................................................................................445

8.9.1.2 show ssl server-cert.............................................................................................................445

8.10 ARP......................................................................................................................................446

8.10.1 The "show" commands........................................................................................................446

8.10.1.1 show ip arp...........................................................................................................................446

8.11 SSH server...........................................................................................................................447

8.11.1 The "show" commands........................................................................................................447

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

14 Configuration Manual, 09/2017, C79000-G8976-C324-08

Table of contents

8.11.1.1 show ip ssh..........................................................................................................................447

8.11.2 Commands in the Global Configuration mode.....................................................................447

8.11.2.1 ssh-server............................................................................................................................448

8.11.2.2 no ssh-server.......................................................................................................................448

9 Load control..............................................................................................................................................451

9.1 Dynamic MAC aging............................................................................................................451

9.1.1 The "show" commands........................................................................................................451

9.1.1.1 show mac-address-table aging-time....................................................................................451

9.1.1.2 show mac-address-table aging-status.................................................................................452

9.1.2 Commands in the global configuration mode.......................................................................452

9.1.2.1 mac-address-table aging-time..............................................................................................452

10 Layer 3 functions......................................................................................................................................455

10.1 NAT......................................................................................................................................455

10.1.1 The "show" commands........................................................................................................455

10.1.1.1 show nat connections...........................................................................................................455

10.1.1.2 Introductory sentence to the section with the "show" commands........................................455

10.1.1.3 show nat (Client)..................................................................................................................456

10.1.2 Commands in the global configuration mode.......................................................................456

10.1.2.1 nat (client)............................................................................................................................457

10.1.3 Commands in the NAT configuration mode.........................................................................457

10.1.3.1 ipv6 transparent mode (Client).............................................................................................458

10.1.3.2 no ipv6 transparent mode (Client)........................................................................................458

10.1.3.3 nat (Client)............................................................................................................................459

10.1.3.4 no nat (Client).......................................................................................................................461

10.1.3.5 nat local ip address (Client)..................................................................................................462

10.1.3.6 nat interface (Client).............................................................................................................463

10.1.3.7 no nat interface (Client)........................................................................................................464

10.1.3.8 nat ipv4 multicast forward global-to-local (Client)................................................................464

10.1.3.9 no nat ipv4 multicast forward global-to-local (Client)...........................................................465

10.1.3.10 nat ipv4 multicast forward local-to-global (Client)................................................................466

10.1.3.11 no nat ipv4 multicast forward local-to-global (Client)...........................................................467

10.1.3.12 nat timeout (Client)...............................................................................................................468

10.1.3.13 no nat timeout (Client)..........................................................................................................469

11 Security and authentication......................................................................................................................471

11.1 User rights management......................................................................................................471

11.1.1 change password.................................................................................................................471

11.1.2 whoami.................................................................................................................................472

11.1.3 The "show" commands........................................................................................................472

11.1.3.1 show password-policy..........................................................................................................473

11.1.3.2 show function-rights.............................................................................................................473

11.1.3.3 show roles............................................................................................................................474

11.1.3.4 show user-accounts.............................................................................................................474

11.1.3.5 show user-groups.................................................................................................................475

11.1.3.6 show users...........................................................................................................................476

11.1.4 Commands in the global configuration mode.......................................................................476

11.1.4.1 role.......................................................................................................................................477

11.1.4.2 no role..................................................................................................................................478

11.1.4.3 user-account........................................................................................................................479

11.1.4.4 no user-account...................................................................................................................481

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 15

Table of contents

11.1.4.5 user-account-ext..................................................................................................................481

11.1.4.6 no user-account-ext.............................................................................................................483

11.1.4.7 user-group............................................................................................................................483

11.1.4.8 no user-group.......................................................................................................................485

11.1.4.9 username.............................................................................................................................485

11.1.4.10 password policy....................................................................................................................486

11.2 RADIUS client......................................................................................................................487

11.2.1 The "show" commands........................................................................................................487

11.2.1.1 show radius statistics...........................................................................................................488

11.2.1.2 show radius server...............................................................................................................488

11.2.2 Commands in the global configuration mode.......................................................................489

11.2.2.1 login authentication..............................................................................................................489

11.2.2.2 no login authentication.........................................................................................................490

11.2.2.3 radius authorization-mode....................................................................................................491

11.2.2.4 radius-server........................................................................................................................492

11.2.2.5 no radius-server...................................................................................................................493

11.3 WLAN...................................................................................................................................494

11.3.1 The "show" commands........................................................................................................495

11.3.1.1 show wlan security...............................................................................................................495

11.3.1.2 show wlan security ap-radius-authenticator (Access Point).................................................496

11.3.1.3 show wlan security keys.......................................................................................................497

11.3.1.4 show wlan inter-ap-blocking allowed addresses..................................................................498

11.3.2 Commands in the WLAN configuration mode......................................................................499

11.3.2.1 wlan security ap-radius-authenticator..................................................................................499

11.3.2.2 no wlan security ap-radius-authenticator.............................................................................500

11.3.2.3 wlan security ap-radius-authenticator address.....................................................................501

11.3.2.4 wlan security ap-radius-authenticator max-retransmit.........................................................502

11.3.2.5 wlan security ap-radius-authenticator port-number..............................................................503

11.3.2.6 wlan security ap-radius-authenticator primary.....................................................................504

11.3.2.7 no wlan security ap-radius-authenticator primary................................................................505

11.3.2.8 wlan security ap-radius-authenticator reauth-interval..........................................................506

11.3.2.9 wlan security ap-radius-authenticator reauth-mode.............................................................507

11.3.2.10 wlan security ap-radius-authenticator shared-secret...........................................................508

11.3.2.11 wlan security context (Client)...............................................................................................509

11.3.2.12 no wlan security context (Client)..........................................................................................510

11.3.2.13 vap inter-ap-blocking refresh time........................................................................................511

11.3.3 Commands in the WLAN Interface configuration mode.......................................................511

11.3.3.1 wlan security edit key...........................................................................................................512

11.3.3.2 wlan security ssid.................................................................................................................513

11.3.4 Commands in the security context configuration mode.......................................................514

11.3.4.1 wlan security authentication (client).....................................................................................514

11.3.4.2 wlan security cipher (client)..................................................................................................515

11.3.4.3 wlan security default-key (client)..........................................................................................517

11.3.4.4 wlan security dot1x check-server-certificate (client).............................................................517

11.3.4.5 no wlan security dot1x check-server-certificate (client)........................................................518

11.3.4.6 wlan security dot1x eap-authentication-type (client)............................................................519

11.3.4.7 wlan security dot1x username (client)..................................................................................520

11.3.4.8 wlan security dot1x password (client)..................................................................................521

11.3.4.9 wlan security encryption (client)...........................................................................................522

11.3.4.10 no wlan security encryption (client)......................................................................................523

11.3.4.11 wlan security wpa-psk-passphrase (client)..........................................................................524

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

16 Configuration Manual, 09/2017, C79000-G8976-C324-08

Table of contents

11.3.5 Commands in the VAP Interface configuration mode..........................................................525

11.3.5.1 vap security authentication (access point)...........................................................................525

11.3.5.2 vap security cipher (access point)........................................................................................527

11.3.5.3 vap security default-key (access point)................................................................................528

11.3.5.4 vap security encryption (access point).................................................................................529

11.3.5.5 no vap security encryption (access point)............................................................................530

11.3.5.6 vap security wpa-group-key-update-interval (Access Point)................................................531

11.3.5.7 vap security wpa-psk-passphrase (access point)................................................................532

11.3.5.8 vap communication with own-vap (access point).................................................................533

11.3.5.9 no vap communication with own-vap (access point)............................................................534

11.3.5.10 vap communication with other-vaps (access point).............................................................535

11.3.5.11 no vap communication with other-vaps (access point)........................................................536

11.3.5.12 vap communication with ethernet (access point).................................................................537

11.3.5.13 no vap communication with ethernet (access point)............................................................537

11.3.5.14 vap inter-ap-blocking allowed address.................................................................................538

11.3.5.15 no vap inter-ap-blocking allowed address............................................................................539

11.3.5.16 vap inter-ap-blocking............................................................................................................540

11.3.5.17 no vap inter-ap-blocking.......................................................................................................541

11.3.5.18 vap inter-ap-blocking block gratuitous arp...........................................................................542

11.3.5.19 no vap inter-ap-blocking block gratuitous arp......................................................................543

11.3.5.20 vap inter-ap-blocking block non-ip-traffic.............................................................................543

11.3.5.21 no vap inter-ap-blocking block non-ip-traffic........................................................................544

11.4 MAC access control list........................................................................................................545

11.4.1 The "show" commands........................................................................................................545

11.4.1.1 show access-lists.................................................................................................................545

11.4.1.2 show interface access lists...................................................................................................546

11.4.2 Commands in the global configuration mode.......................................................................546

11.4.2.1 mac access-list extended.....................................................................................................547

11.4.2.2 no mac access-list extended................................................................................................548

11.4.3 Commands in the interface configuration mode...................................................................548

11.4.3.1 mac access-group................................................................................................................549

11.4.3.2 no mac access-group...........................................................................................................549

11.4.4 Commands in the MAC ACL configuration mode ...............................................................550

11.4.4.1 permit...................................................................................................................................551

11.4.4.2 deny.....................................................................................................................................552

11.5 IP access control list............................................................................................................553

11.5.1 The "show" commands........................................................................................................553

11.5.1.1 show access-lists.................................................................................................................554

11.5.1.2 show interface access lists...................................................................................................554

11.5.2 Commands in the Global Configuration mode.....................................................................555

11.5.2.1 ip access-list.........................................................................................................................555

11.5.2.2 no ip access-list....................................................................................................................556

11.5.3 Commands in the Interface Configuration mode..................................................................557

11.5.3.1 ip access-group....................................................................................................................557

11.5.3.2 no ip access-group...............................................................................................................558

11.5.4 Commands in the Interface configuration mode VLAN........................................................559

11.5.4.1 ip access-group....................................................................................................................560

11.5.4.2 no ip access-group...............................................................................................................561

11.5.5 Commands in the ACL standard configuration mode..........................................................561

11.5.5.1 permit...................................................................................................................................562

11.5.5.2 deny.....................................................................................................................................564

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 17

Table of contents

11.5.5.3 permit icmp...........................................................................................................................565

11.5.5.4 deny icmp.............................................................................................................................567

11.5.5.5 permit tcp.............................................................................................................................569

11.5.5.6 deny tcp................................................................................................................................571

11.5.5.7 permit udp............................................................................................................................573

11.5.5.8 deny udp..............................................................................................................................575

11.6 Management Access Control List........................................................................................577

11.6.1 The "show" commands........................................................................................................577

11.6.1.1 show authorized-managers..................................................................................................577

11.6.2 Commands in the global configuration mode.......................................................................578

11.6.2.1 authorized-manager ip-source.............................................................................................578

11.6.2.2 no authorized-manager ip-source........................................................................................579

12 Diagnostics...............................................................................................................................................581

12.1 Diagnostics...........................................................................................................................581

12.1.1 The "show" commands........................................................................................................581

12.1.1.1 show authlog........................................................................................................................581

12.1.1.2 show events config...............................................................................................................582

12.1.1.3 show events severity............................................................................................................583

12.1.1.4 show events faults config.....................................................................................................583

12.1.1.5 show events faults status.....................................................................................................584

12.1.1.6 show fault counter................................................................................................................584

12.1.1.7 show logbook.......................................................................................................................585

12.1.1.8 show power-line-state..........................................................................................................586

12.1.1.9 show rmon............................................................................................................................586

12.1.2 clear authlog.........................................................................................................................587

12.1.3 clear logbook........................................................................................................................587

12.1.4 fault report ack.....................................................................................................................588

12.1.5 Commands in the global configuration mode.......................................................................589

12.1.5.1 events...................................................................................................................................589

12.1.6 Commands in the Events configuration mode.....................................................................589

12.1.6.1 add log.................................................................................................................................590

12.1.6.2 client config..........................................................................................................................590

12.1.6.3 no client config.....................................................................................................................591

12.1.6.4 event config..........................................................................................................................592

12.1.6.5 no event config.....................................................................................................................594

12.1.6.6 link........................................................................................................................................596

12.1.6.7 no link...................................................................................................................................596

12.1.6.8 power...................................................................................................................................597

12.1.6.9 no power..............................................................................................................................598

12.1.6.10 power pnio redundancy........................................................................................................599

12.1.6.11 send test mail.......................................................................................................................600

12.1.6.12 severity.................................................................................................................................601

12.1.6.13 no severity............................................................................................................................602

12.2 Syslog client.........................................................................................................................603

12.2.1 The "show" commands........................................................................................................603

12.2.1.1 show events syslogserver....................................................................................................603

12.2.2 Commands in the Events configuration mode.....................................................................603

12.2.2.1 syslogserver.........................................................................................................................604

12.2.2.2 no syslogserver....................................................................................................................605

Index.........................................................................................................................................................607

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

18 Configuration Manual, 09/2017, C79000-G8976-C324-08

Introduction

1.1 Information on the Configuration Manual

Validity of the configuration manual

This Configuration Manual covers the following products:

● SCALANCE W774-1 RJ-45

● SCALANCE W774-1 M12 EEC

● SCALANCE W734-1 RJ-45

● SCALANCE W778‑1 M12

● SCALANCE W778-1 M12 EEC

● SCALANCE W738-1 M12

This Configuration Manual applies to the following software version:

● SCALANCE W700 firmware as of version V 6.2

Purpose of the Configuration Manual

This Configuration Manual contains the CLI commands that are supported by SCALANCE W700 devices.

Orientation in the documentation

Apart from the Configuration Manual you are currently reading, the following documentation is also available from SIMATIC NET on the topic of Industrial Wireless LANs:

● Configuration Manual: SCALANCE W770 / W730 Web Based Management This Configuration Manual is intended to provide you with the information you require to commission and operate SCALANCE W700 devices correctly. It explains how to configure the SCALANCE W700 devices and how to integrate SCALANCE W700 devices in a WLAN network.

● Performance data 802.11 abgn SCALANCE W770/W730 This document contains information about the frequency, modulation, transmit power and receiver sensitivity.

● SCALANCE W774-1/W734-1 Operating Instructions This document contains information on installing and connecting up the following products and their approvals.

– SCALANCE W734-1 RJ-45

– SCALANCE W774-1 RJ-45

– SCALANCE W774-1 M12 EEC

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 19

Introduction

1.1 Information on the Configuration Manual

● Operating Instructions SCALANCE W778-1/W738-1 This document contains information on installing and connecting up the following products and their approvals.

– SCALANCE W778‑1 M12

– SCALANCE W778-1 M12 EEC

– SCALANCE W738-1 M12

● System Manual Structure of an Industrial Wireless LAN Apart from the description of the physical basics and a presentation of the main IEEE standards, this also contains information on data security and a description of the industrial applications of wireless LAN. You should read this manual if you want to set up WLAN networks with a more complex structure (not simply a connection between two SCALANCE W700 devices).

● System manual RCoax This system manual contains both an explanation of the fundamental technical aspects as well as a description of the individual RCoax components and their functionality. Installation/ commissioning and connection of RCoax components and their operating principle are explained. The possible applications of the various SIMATIC NET components are described.

● System manual - Passive Network Components IWLAN This system manual explains the entire IWLAN cabling that you require for your IWLAN application. For a flexible combination and installation of the individual IWLAN components both indoors and outdoors, a wide ranging selection of compatible coaxial accessories are available. The system manual also covers connecting cables as well as a variety of plugin connectors, lightning protectors, a power splitter and an attenuator.

SIMATIC NET manuals

You will find SIMATIC NET manuals on the Internet pages of Siemens Industry Online Support:

● Using the search function: support.automation.siemens.com (http://support.automation.siemens.com/WW/llisapi.dll?

func=cslib.csinfo2&aktprim=99&lang=en)

Enter the entry ID of the relevant manual as the search item.

● In the navigation panel on the left-hand side in the area "Industrial Communication": Industrial communication (http://support.automation.siemens.com/WW/llisapi.dll?

func=cslib.csinfo&lang=de&siteid=csius&aktprim=0&extranet=standard&viewreg=WW&o bjid=10805878&treeLang=en)

Go to the required product group and make the following settings: tab "Entry list", Entry type "Manuals"

You will find the documentation for the SIMATIC NET products relevant here on the data storage medium that ships with some products:

● Product CD / product DVD

● SIMATIC NET Manual Collection

● SIMATIC NET IWLAN CD

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

20 Configuration Manual, 09/2017, C79000-G8976-C324-08

Further documentation

The "SIMATIC NET Industrial Ethernet Network Manual" contains information on other SIMATIC NET products that you can operate along with the SCALANCE W700 devices of this product line in an Industrial Ethernet network. There, you will find among other things optical performance data of the communication partners that you require for the installation.

The "SIMATIC NET Industrial Ethernet Network Manual" can be found on the Internet pages of Siemens Industry Online Support under the following entry ID: 27069465 (

Terms used

The designation . . . stands for . . . IPv4 address IPv4 address

IPv6 address IPv6 address IP address IPv4/IPv6 address IPv4 interface Interface that supports IPv4. IPv6 interface Interface that supports IPv6. The interface can have more than one IPv6

IP interface Interface that supports both IPv4 and IPv6. As default the IPv4 support

Introduction

1.1 Information on the Configuration Manual

http://support.automation.siemens.com/WW/view/en/27069465)

address The IPv6 addresses have different ranges (scope), e.g. link local

is already activated. The IPv6 support needs to be activated extra.

Security information

Siemens provides products and solutions with industrial security functions that support the secure operation of plants, systems, machines and networks.

In order to protect plants, systems, machines and networks against cyber threats, it is necessary to implement – and continuously maintain – a holistic, state-of-the-art industrial security concept. Siemens’ products and solutions constitute one element of such a concept. Siemens’ products and solutions only form one element of such a concept.

Customers are responsible for preventing unauthorized access to their plants, systems, machines and networks. Such systems, machines and components should only be connected to an enterprise network or the internet if and to the extent such a connection is necessary and only when appropriate security measures (e.g. firewalls and/or network segmentation) are in place.

Additionally, Siemens’ guidance on appropriate security measures should be taken into account. For additional information on industrial security measures that may be implemented, please visit Link (

Siemens’ products and solutions undergo continuous development to make them more secure. Siemens strongly recommends that product updates are applied as soon as they are available and that the latest product versions are used. Use of product versions that are no longer supported, and failure to apply the latest updates may increase customer’s exposure to cyber threats.

To stay informed about product updates, subscribe to the Siemens Industrial Security RSS Feed under Link (https://www.siemens.com/industrialsecurity).

https://www.siemens.com/industrialsecurity)

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 21

Introduction

1.1 Information on the Configuration Manual

SIMATIC NET glossary

Explanations of many of the specialist terms used in this documentation can be found in the SIMATIC NET glossary.

You will find the SIMATIC NET glossary here:

● SIMATIC NET Manual Collection or product DVD The DVD ships with certain SIMATIC NET products.

● On the Internet under the following address: 50305045 (

http://support.automation.siemens.com/WW/view/en/50305045)

License conditions

Note Open source software

Read the license conditions for open source software carefully before using the product.

You will find license conditions in the following documents on the supplied data medium:

Trademarks

Firmware

● OSS_Scalance-W700_86.htm

The following and possibly other names not identified by the registered trademark sign ® are registered trademarks of Siemens AG:

SIMATIC NET, SCALANCE, C-PLUG, RCoax

The firmware is signed and encrypted. This ensures that only firmware created by Siemens can be downloaded to the device.

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

22 Configuration Manual, 09/2017, C79000-G8976-C324-08

Description

2.1 Configuration limits for WBM and CLI

Configuration limits of the device

The following table lists the configuration limits for Web Based Management and the Command Line Interface of the device.

Depending on your device, some functions are not available.

Configurable function Maximum number System Syslog server 3

SMTP server 3 SNMPv1 trap recipient 10 SNTP server 2 NTP server 1 DHCP pools 1 IPv4 addresses managed by the DHCP server (dynam‐

ic + static) DHCP static assignments per DHCP pool 20 DHCP options 20

Interfa‐ ces

Layer 2 Virtual LANs (port-based; including VLAN 1) 16

Force destination addresses for roaming 10

Multiple Spanning Tree instances 16

100

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 23

Description

2.1 Configuration limits for WBM and CLI

Configurable function Maximum number Security IP addresses from RADIUS servers

Management ACLs (access rules for management) 10 MAC ACL rule configuration 20 Ingress and egress rules for MAC ACL (total) 40 per interface (20 ingress rules /

IP ACL rule configuration 20 Ingress and egress rules for port ACL IP (total) 40 per interface (20 ingress rules /

User roles 28 User groups 32 Users 28

● AAA: 4

● WLAN: 2

20 egress rules)

● Client: 80 (P1, WLAN)

● Access point: 680 (P1, WDS

1.Y, VAP 1.Y)

20 egress rules)

● Client: 120 (P1, WLAN, management VLAN)

● Access point: 720 (P1, WDS

1.Y, VAP 1.Y, management VLAN)

Support of IPv6

The following system functions do not support IPv6 addresses:

● Inter AP blocking

● Force roaming

● IP ACL

● Management ACL

Note Interruption of the WLAN communication

The WLAN communication can be influenced by high frequency interference signals and can be totally interrupted.

Remember this and take suitable action.

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

24 Configuration Manual, 09/2017, C79000-G8976-C324-08

2.2 Working with the Command Line Interface (CLI)

Introduction

All the configuration settings for the device can be made using the Command Line Interface (CLI). The CLI therefore provides the same options as Web Based Management (WBM). You should read the detailed explanations of the parameters in the relevant configuration manual "Web Based Management". The CLI allows remote configuration over Telnet.

Note Use with Windows 7

If you want to access the Command Line Interface in Windows 7, make sure that the functions required for this are enabled in Windows 7.

Starting the CLI in a Windows console

Follow the steps outlined below to start the Command Line Interface in a Windows console:

Description

1. Open a Windows console and type in the command "telnet" followed by the IP address of the device you are configuring:

C:\>telnet <IP address>

2. Enter your login and password.

As an alternative, you can also enter the command "telnet" followed by the IP address of the device you are configuring in the Start > Run menu.

Note Requirement for use of the CLI

You should only use the command line interface if you are an experienced user.

Even commands that bring about fundamental changes to the configuration are executed without a prompt for confirmation.

Errors in the configuration can mean that no further operation is possible in the entire network.

Note

Command sets depend on the logged-on user. Changing configuration data is possible only with the "admin" role.

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 25

MSTP

LOADSAVE

NAT

User EXEC Mode Privileged EXEC Mode

Global Configuration Mode

SNTP

Interface Configuration

NTP

VLAN

PLUG

EVENT

WLAN

Description

2.3 CLI modes

Grouping of the commands in the various modes

The commands of the Command Line Interface are grouped according to various modes. Apart from a few exceptions (help, exit), commands can only be called up in the mode to which they are assigned. This grouping allows different levels of access rights for each individual group of commands. The following graphic is an overview of the available modes.

User EXEC mode

This mode is active after you log in as "user" in a console window. In this mode, you can use show commands to display the current values of configuration parameters. You are logged out with the exit command.

It is not possible to modify parameters in this mode. To be able to modify configuration parameters, you need to change to the Privileged EXEC mode.

Privileged EXEC mode

In this mode, you can you display the configuration data and change it.

If you log with the "admin" user, you change directly to the Privileged EXEC mode.

To change from the User EXEC Mode to the Privileged EXEC mode, enter the enable command. When the command executes, you will be prompted to enter the password for the "admin" user. You are logged out with the exit command.

26 Configuration Manual, 09/2017, C79000-G8976-C324-08

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

Global Configuration mode

In this mode, you can make basic configuration settings. In addition to this, you can also call up modes for the configuration of special interfaces or functions, for example to configure a VLAN or a PLUG. You change to this mode by entering configure terminal in the Privileged EXEC mode. You exit this mode by entering end or exit.

Other configuration modes

From the Global Configuration mode, you can change to other configuration modes for special tasks. These are either general configuration modes (for example line configuration, interface configuration) or protocol-specific configuration modes (FTP, NTP).

2.4 The CLI command prompt

Overview

The Command Line Interface prompt shows the following information:

Description

2.4 The CLI command prompt

● The mode in which the CLI is currently operating. Most commands can only be called in a particular mode. You should therefore check the CLI mode based on the command prompt.

– User Exec mode: CLI>

– Privileged Exec mode and configuration modes: CLI(...)#

● The selected interface when the CLI is in an Interface Configuration mode. In the Interface Configuration mode, the parameters are configured for one specific interface. The command prompt is displayed in the form CLI(config-if-$$$)# where the placeholder $$$ is replaced by the identifier of the Interface. You select the Interface by setting suitable parameters for the interface command.

● An identifier when the Trial mode is enabled. If you first test changes to the configuration and then want to discard them, disable the Auto save function with the no auto-save command. You are then in Trial mode. Changes to the configuration that you have not saved are indicated by an asterisk in front of the command prompt: *CLI(...)#. You save the changes to the configuration with the command write startup-config. With the auto-save command, you enable the Auto save function again.

Note Upper and lower case

The Command Line Interface does not distinguish between upper case and lower case letters.

Make sure, however, that names used by the operating system or other programs are correctly written.

Blank

To use blanks in a text, enter the text in quotes, for example "H e l l o"

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 27

Description

2.5 Symbols of the CLI commands

Note Question mark "?" in the user name/password

In the CLI the question mark "?" is a command. If the user name or the password contains a "?" for example for the login to the RADIUS server, it will be interpreted as a command. Configure this user name and password using the WBM.

2.5 Symbols of the CLI commands

Symbols for representing CLI commands

When setting parameters for CLI commands, the following characters are used:

Charac‐ ter

< ... > mandatory parameter Instead of the expression in parenthesis, enter a value. [ ... ] optional parameter Instead of the expression in parenthesis, you can enter a value. ( ... ) Value or range of values Instead of the expression in parenthesis, enter a value. ( ... - ... ) Range of values Enter a value from this range. { ... } Selection list Select one more elements from the list. { ... | ... } exclusive selection Select exactly one element from this list.

Meaning

These characters are used in combinations to describe mandatory and optional entries.

There is a general description of some of these combinations below:

Character combinations Meaning < Parameter > Instead of the expression in parentheses<>, enter a

permitted value.

< < Unit (a - b) > Instead of the expression in parentheses <>, enter a

value from the range "a" to "b". The unit to be used is specified before the brackets ()

and is also replaced by the entry.

[<Parameter 1 >< Parameter 2 >] The parameter pair is optional.

If you use the parameter assignment, you need to en‐ ter a permitted value to replace both expressions in parenthesis <>.

[ [ Keyword < Unit (a - b)>] The parameter assignment is optional.

If you use the keyword, you need to enter a value from the range "a" to "b" to replace the expression in paren‐ thesis <>.

[keyword { A | B | C }] The parameter assignment is optional.

If you use the keyword, you need to specify exactly one of the values "A", "B" or "C".

Keyword [A] [B] [C] After the keyword, enter no or several of the values

"A", "B" or "C".

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

28 Configuration Manual, 09/2017, C79000-G8976-C324-08

2.6 Interface identifiers and addresses

2.6.1 Naming interfaces

Addressing interfaces

The device has several types of interface that are addressed in different ways:

Addressing physical interfaces

This notation also applies to other commands that address an Interface.

● Enter the command "interface".

● Specify the interface type <interface-type>.

● After a space, enter the interface identifier, <interface-id>. The interface identifier is made up of the module number and the port number separated by a slash. The interfaces permanently installed in the device are identified with module 0.

Examples:

Description

2.6 Interface identifiers and addresses

Fast Ethernet: interface fa 0/1

WLAN1: interface wlan 0/1

Addressing logical interfaces

This notation also applies to other commands that address a logical interface.

● VAP / WDS

– Enter the command "interface".

– Specify the interface type <interface-type>.

– After a space, enter the interface identifier, <interface-id>.

The interface identifier is made up of the module number and the port number separated by a slash. The interfaces permanently installed in the device are identified with module

Example: VAP 2.3: interface vap2 0/3

● VLAN

– Enter the command "interface".

– Enter the keyword for the VLAN interface.

– After a space, enter the number of the VLAN interface you assigned when you created

it.

Example: VLAN 2: interface vlan 2

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface Configuration Manual, 09/2017, C79000-G8976-C324-08 29

Description

2.6 Interface identifiers and addresses

Available physical interfaces

Device Interfaces interface-type interface-id W774-1 RJ-45

W734-1 RJ-45

2 x Fast Ethernet fa: fast-ethernet X = 2 fa 0/X 1 x WLAN wlan X = 1 wlan 0/X

Available logical interfaces

● VLAN The device supports up to 24 virtual networks. To be able to use a VLAN, create it with the vlan command.

● VAP / WDS The WLAN interface supports up to 4 virtual access points (VAP) and up to 4 WDS interfaces

Device interface-type interface-id W734-1 RJ-45 vap

W774-1 RJ-45

X = 1

vap

wds X = 1

Y = 1 ... 4 X = 1 Y = 1 ... 4

Y = 1 ... 4

vapX 0/Y

wdsX 0/Y

Identification of the interfaces in the command prompt of the Interface Configuration mode

To configure the interface use the command interface in the global configuration mode.

Since you configure precisely one of the existing interfaces in the Interface Configuration mode, the command prompt shows not only the mode but also the identifier of this interface.

The command prompt is as follows:

cli(config-if-$$$)#

The placeholder $$$ is replaced by the following name of the interface:

Type of interface Command prompt

wlan 0/X cli(config-if-wlan-0-X)#

vapX 0/Y cli(config-if-vapX-0-Y)#

wdsX 0/Y cli(config-if-wdsX-0-Y)#

fa 0/X cli(config-if-Fa-0-X)#

vlan$ cli(config-if-vlan-$)#

The placeholders X, Y, $ stand for the numbering of the interface.

SCALANCE W770/W730 acc. to IEEE 802.11n Command Line Interface

30 Configuration Manual, 09/2017, C79000-G8976-C324-08

+ 586 hidden pages

Siemens SCALANCE W778-1 M12, SCALANCE W734-1 RJ-45, SCALANCE W738-1 M12, SCALANCE W774-1 RJ-45, SCALANCE W774-1 M12 EEC Configuration Manuals

Specifications and Main Features

Frequently Asked Questions

User Manual

Table of contents

Introduction

1.1 Information on the Configuration Manual

Description

2.1 Configuration limits for WBM and CLI

2.2 Working with the Command Line Interface (CLI)

2.3 CLI modes

2.4 The CLI command prompt

2.5 Symbols of the CLI commands

2.6.1 Naming interfaces

2.6 Interface identifiers and addresses