3Com 3CRWEASYA73, WL-575 manual Syntax Pmksa-lifetime minutes

Page 260

CHAPTER 6: COMMAND LINE INTERFACE

Example

Outdoor 11a Building to Building (if-wireless g: VAP[0])#wpa-pre-shared-key ASCII agoodsecret

Outdoor 11a Building to Building (if-wireless g)#

Related Commands

auth (6-140)

pmksa-lifetime

This command sets the time for aging out cached WPA2 Pairwise Master Key Security Association (PMKSA) information for fast roaming.

Syntax

pmksa-lifetime <minutes>

minutes - The time for aging out PMKSA information. (Range: 0 - 14400 minutes)

Default Setting

720 minutes

Command Mode

Interface Configuration (Wireless-VAP)

Command Usage

•WPA2 provides fast roaming for authenticated clients by retaining keys and other security information in a cache, so that if a client roams away from an access point and then returns reauthentication is not required.

•When a WPA2 client is first authenticated, it receives a Pairwise Master Key (PMK) that is used to generate other keys for unicast data encryption. This key and other client information form a Security Association that the access point names and holds in a cache. The lifetime of this security association can be configured with this command. When the lifetime expires, the client security association and keys are deleted from the cache. If the client returns to the access point, it requires full reauthentication.

•The access point can store up to 256 entries in the PMKSA cache.

6-148

Image 260

Contents User Guide 3Com Corporation 350 Campus Drive Marlborough, MA Contents Advanced Setup System Identification Authentication Filter ControlConfiguring Snmp and Trap Message Parameters Configuring SntpCommand Line Interface Straight-Through Wiring Crossover Wiring B-4 Pin DIN to RJ-45 Cable Wiring B-6Terminology Viii Product Features IntroductionRadio Characteristics Approved ChannelsPackage Checklist „ One Quick Start GuideExternal Antenna Options Hardware DescriptionIntegrated HIGH-GAIN Antenna Power Injector Module Ethernet PortGrounding Point Water Tight Test PointWALL- and POLE-MOUNTING Bracket KIT System ConfigurationOperating Modes POINT-TO-POINT Configuration POINT-TO-MULTIPOINT ConfigurationBeam Angle Page Bridge Link Planning Data Rates Radio Path Planning Antenna Height Miles 4.8 km 20 m 17 m 12 m Antenna Position and Orientation Radio Interference Weather ConditionsEthernet Cabling GroundingHardware Installation Mount the Unit Testing Basic Link OperationUsing the POLE-MOUNTING Bracket Fit the edges of the V-shaped Part into the slots Using the WALL-MOUNTING Bracket Page Connect External Antennas Connect the Power Injector Connect Cables to the UnitPage Check the LED Indicators LEDAlign Antennas High 11a Signal Page Networks with a Dhcp Server Networks Without a Dhcp ServerUsing the 3COM Installation CD Launching the 3COM Wireless Interface Device ManagerClick on the Properties button to see the following screen Using the Setup Wizard First Time onlyLogin Home page displays the Main Menu Setup Wizard Step Setup Wizard Step Setup Wizard Step Click Finish Click the OK button to complete the wizard System Configuration Advanced Setup Advanced SetupAdvanced Setup System Identification TCP / IP Settings System Configuration Smart Monitor Radius Radius Authentication Authentication Authentication Authentication Authentication System Configuration Filter Control System Configuration Vlan Filter Control Vlan ID Configuring Snmp and Trap Message Parameters SnmpSnmp Trap Configuration Configuring SNMPV3 Users Configuring SNMPv3 UsersAdministration Changing the PasswordTelnet and SSH Settings Upgrading Firmware System Configuration „ IP Address IP address or host name of the Tftp server WDS and Spanning Tree Settings WDS and Spanning Tree Settings Root bridge acting as the master bridges parent WDS and Spanning Tree Settings Range Default System LOG Enabling System LoggingConfiguring Sntp Error Level DescriptionRssi Rssi Radio Interface Radio Settings a 802.11A InterfaceConfiguring Common Radio Settings Radio Settings a and B/GSystem Configuration Normal Mode Turbo Mode System Configuration 802.11B/G Interface Radio Settings B/G Configuring WI-FI Multimedia WMM Access Categories AccessCategory VoiceWMM Backoff Times System Configuration Key Type See Wired Equivalent Privacy WEP Security Wi-Fi Protected Access WPA or WPA2Wireless Security Considerations MAC Radius Combination Authentication b Server Wired Equivalent Privacy WEP RadiusAuthentication and Encryption WPA Key Management WEP Keys Wi-Fi Protected Access WPA System Configuration Configuration settings for WPA are summarized below WPA Configuration SettingsStatus Information AP StatusStation Status Static The client is using static WEP keys for encryption Security System Configuration Console Connection Using the Command Line InterfaceAccessing the CLI Telnet Connection Entering Commands Keywords and ArgumentsShowing Commands Negating the Effect of Commands Command ModesConfiguration Commands Command Groups Keystroke CommandsGeneral Commands General CommandsConfigure Default Setting Command ModeRelated Commands ExampleCommand Usage ExitPing SyntaxReset Syntax Reset board configurationShow history Show lineCountry System Management CommandsSystem Management Commands Country countrycode Country CodesPrompt Syntax Prompt string no promptSystem name Syntax System name name no system nameUsername Syntax Username namePassword Ip ssh-server enableDefault Setting Command Mode Ip telnet-server enableIp ssh-server port Syntax Ip ssh-server port port-numberSyntax No ip http server Default Setting Ip http portSyntax Ip http port port-numberno ip http port Ip http serverIp https port Syntax Ip https port portnumber no ip https portSyntax No ip https server Default Setting Ip https serverSyntax No web-redirect Default Setting Web-redirectAPmgmtIP APmgmtIP multiple IPaddress subnetmask single IPaddress anySyntax APmgmtUI Snmp Telnet Web enable disable APmgmtUIShow apmanagement Snmp UIShow system US United StatesShow config Show versionSsid PRE Shared KEY WPA PSK Enabled Dot11StationRequestFail Nocountryset Show hardware System Logging CommandsSystem Loggign Commands Logging host Syntax No logging on Default SettingLogging on Logging level Syntax No logging console Default SettingLogging console Logging facility-type Syntax Logging facility-type typeSyntax Logging clear Command Mode Syntax Show logging Command ModeLogging clear Show loggingSystem Clock Commands Syntax Show event-log Command ModeSystem Clock Commands Show event-logSntp-server enable Syntax No sntp-server enableSntp-server ip Syntax Sntp-server ip 1 2 ipSntp-server date-time Sntp-server ip 6-38 show sntpSyntax No sntp-server daylight-saving Default Setting Sntp-server daylight-savingSntp-server timezone Syntax Sntp-server timezone hoursShow sntp TAIPEI, BeijingDhcp Relay Commands Dhcp-relay enableSyntax No dhcp-relay enable Default Setting Dhcp Relay CommandsShow dhcp-relay Dhcp-relaySyntax Dhcp-relay primary secondary ipaddress Snmp Commands Snmp CommandsDisplays the Snmp v3 notification filter assignments Snmp-server community Snmp-server contactSnmp-server location Snmp-server enable server Snmp-server hostHostname Name of the host. Range 1-63 characters Snmp-server trapCommand Line Interface Snmp-server engine-id Snmp-server user Syntax Snmp-server user user-nameSnmp-server targets Snmp-server filter Default Setting Snmp-server filter-assignments Show snmp groupsSyntax Show snmp groups Command Mode Syntax Show snmp users Command ModeShow snmp users Show snmp group-assignmentsSyntax Show snmp group-assignments Command Mode Syntax Show snmp target Command ModeShow snmp target Show snmp filterSyntax Show snmp filter-assignments Command Mode Show snmp filter-assignmentsShow snmp Flash/File Commands BootfileSyntax Bootfile filename Flash/File CommandsSyntax Copy ftp tftp file copy config ftp tftp CopyDelete Dir File information is shown belowShow bootfile Radius ClientSyntax Radius-server secondary port portnumber Radius-server addressRadius-server port Radius-server key Syntax Radius-server secondary key keystringRadius-server retransmit Syntax Radius-server secondary retransmit numberofretriesRadius-server timeout Syntax Radius-server secondary timeout numberofsecondsRadius-server port-accounting Syntax Radius-server secondary port-accounting portnumberRadius-server timeout-interim Radius-server radius-mac-formatShow radius Radius-server vlan-formatSyntax Radius-server vlan-format hex ascii 802.1X Authentication Syntax 802.1x supported required no 802.1X Authentication802.1x Using the Command Line Interface 802.1x broadcast-key-refresh-rate Syntax 802.1x broadcast-key-refresh-rate rateSyntax 802.1x session-key-refresh-rate rate 802.1x session-timeout802.1x session-key-refresh-rate 802.1x-supplicant user Default802.1x-supplicant enable Show authentication MAC Address Authentication Address filter default Syntax Address filter default allowed deniedAddress filter entry Syntax Address filter entry mac-addressallowed deniedAddress filter default 6-79 802.1x-supplicant user Mac-authentication server Syntax Mac-authentication server local remoteAddress filter delete Syntax Address filter delete mac-addressSyntax Mac-authentication session-timeout minutes Filtering CommandsMac-authentication session-timeout Filtering Commands Filter local-bridgeOutdoor 11a Building to Building config#filter local-bridge Syntax No filter ap-manage Default Filter uplink enableSyntax No filter uplink enable Default Filter ap-manageFilter ethernet-type enable Syntax No filter ethernet-type enable DefaultFilter ethernet-type protocol Show filtersWDS Bridge Commands WDS Bridge CommandsBridge mode Syntax Bridge mode master slaveBridge role WDS Syntax Bridge role ap repeater bridge root-bridgeSyntax Bridge channel-auto-sync enable disable Bridge channel-auto-syncBridge-link parent Syntax Bridge-link parent mac-addressBridge-link child Syntax Bridge-link child index mac-addressBridge dynamic-entry age-time Syntax Bridge dynamic-entry age-time secondsSeconds Show bridge aging-time Show bridge filter-entry MAC Syntax Show bridge link ethernet wireless a g index Show bridge linkParent 00-12-34-56-78-9a Child Bridge Commands Spanning Tree CommandsBridge stp enable Syntax No bridge stp enable Default Setting Bridge stp forwarding-delayBridge stp max-age Bridge stp hello-timeSyntax Bridge stp hello-time time No bridge stp hello-time Syntax Bridge stp prioritypriority no bridge stp priority Syntax Bridge stp max-age seconds No bridge stp max-ageBridge stp priority Bridge-link path-cost Syntax Bridge-link path-cost index costShow bridge stp Bridge-link port-prioritySyntax Bridge-link port-priority index priority Ehternet Interface Commands Ethernet Interface CommandsSyntax Show bridge stp Command Mode Interface ethernet Dns serverIp address Ip address ip-address netmask gateway no ip addressSyntax No ip dhcp Default Setting Ip dhcpSyntax No shutdown Default Setting Speed-duplexSyntax Speed-duplex auto 10MH 10MF 100MF 100MH ShutdownSyntax Show interface ethernet Default Setting Show interface ethernetWireless Interface Commands Wireless Interface CommandsInterface wireless Syntax Interface wireless a gSyntax Speed speed VapSpeed Turbo Syntax Turbo static dynamic no turboMulticast-data-rate Syntax Multicast-data-rate speedChannel Syntax Channel channel autoSyntax Radio-mode b g b+g Transmit-powerRadio-mode Syntax Preamble long short-or-long Default Setting +g mode Command ModePreamble Antenna control Syntax Antenna control diversity left rightAntenna id Syntax Antenna id antenna-idAntenna location Syntax Antenna location indoor outdoorBeacon-interval Syntax Beacon-interval intervalDtim-period Syntax Dtim-period intervalFragmentation-length Syntax Fragmentation-length lengthRts-threshold Syntax Rts-threshold thresholdSyntax No super-a Default Setting Super-aDescription Syntax No super-g Default SettingSuper-g Closed-system Syntax No closed-system Default SettingSsid Assoc-timeout-interval Syntax Assoc-timeout-interval minutesMax-association Syntax Max-association countAuth-timeout-value Syntax Auth-timeout-value minutesShow interface wireless Syntax Show interface wireless a g vap-id130 131 132 Rogue AP Detection Commands Show stationRogue-ap enable Rogue AP CommandsRogue-ap authenticate Syntax No rogue-ap authenticate Default SettingRogue-ap interval Rogue-ap durationSyntax Rogue-ap duration milliseconds Syntax Rogue-ap interval minutes Rogue-ap scan138 Show rogue-ap Wireless Security CommandsWireless Security Commands Auth 141 Syntax No encryption Default Setting EncryptionKey Key index size type value no key indexKey 6-143 encryption 6-142 transmit-key Transmit-keySyntax Transmit-key index Cipher-suite Syntax Cipher-suite aes-ccmp tkip wepMicmode Syntax Micmode hardware softwareWpa-pre-shared-key Syntax Wpa-pre-shared-key hex passphrase-keyvaluePmksa-lifetime Syntax Pmksa-lifetime minutesPre-authentication Link Integrity Commands Syntax No link-integrity ping-detect Default SettingLink Integrity Commands Link-integrity ping-detectSyntax Link-integrity ping-interval interval Link-integrity ping-hostLink-integrity ping-interval Link-integrity ethernet-detect Link-integrity ping-fail-retrySyntax Link-integrity ping-fail-retry counts Show link-integrity Iapp CommandsSyntax No link-integrity ethernet-detect Default Setting Iapp Vlan CommandsSyntax No iapp Default Vlan Commands Syntax No vlan enable Default Command DescriptionVlan Management-vlanidVlan-id Syntax Vlan-id vlan-idWMM Commands WMM CommandsWmm Syntax No wmm supported requiredWmm-acknowledge-policy Syntax Wmm-acknowledge-policy acnumber ack noackAP Access Point BSS Wireless client Wmmparam161 162 Troubleshooting Page Page Page Cables and Pinouts TWISTED-PAIR Cable Assignments10/100BASE-TX PIN Assignments STRAIGHT-THROUGH Wiring Crossover Wiring PIN DIN Connector Pinout Pin DIN Ethernet Port PinoutPIN DIN to RJ-45 Cable Wiring Glossary CSMA/CA Infrastructure Radius Virtual LAN Vlan Glossary-6 Index RTS STA

Related manuals

Manual 20 pages 14.36 Kb