Auth | 3Com 3CRWEASYA73, WL-575 specification

CHAPTER 6: COMMAND LINE INTERFACE

Command	Function	Mode	Page

pmksa-lifetime	Sets the lifetime PMK security associations	IC-W-VAP 6-148
pre-authentication	Enables WPA2 pre-authentication for fast roaming	IC-W-VAP	6-149

auth

This command configures authentication for the VAP interface.

Syntax

auth <open-system shared-key wpa wpa-psk wpa2 wpa2-psk wpa-wpa2-mixed wpa-wpa2-psk-mixed > <required supported>

•open-system- Accepts the client without verifying its identity using a shared key. “Open” authentication means either there is no encryption (if encryption is disabled) or WEP-only encryption is used (if encryption is enabled).

•shared-key- Authentication is based on a shared key that has been distributed to all stations.

•wpa - Clients using WPA are accepted for authentication.

•wpa-psk- Clients using WPA with a Pre-shared Key are accepted for authentication.

•wpa2 - Clients using WPA2 are accepted for authentication.

•wpa2-psk- Clients using WPA2 with a Pre-shared Key are accepted for authentication.

•wpa-wpa2-mixed- Clients using WPA or WPA2 are accepted for authentication.

•wpa-wpa2-psk-mixed- Clients using WPA or WPA2 with a Pre-shared Key are accepted for authentication

•required - Clients are required to use WPA or WPA2.

•supported - Clients may use WPA or WPA2, if supported.

Default Setting

open-system

Command Mode

Interface Configuration (Wireless-VAP)

Command Usage

•The auth command automatically configures settings for each authentication type, including encryption, 802.1X, and cipher suite. The command auth open-systemdisables encryption and 802.1X.

6-140

Image 252

3Com 3CRWEASYA73, WL-575 manual Auth

Contents

User Guide 3Com Corporation 350 Campus Drive Marlborough, MA Contents Advanced Setup System Identification Authentication Filter ControlConfiguring Snmp and Trap Message Parameters Configuring Sntp Command Line Interface Straight-Through Wiring Crossover Wiring B-4 Pin DIN to RJ-45 Cable Wiring B-6 Terminology Viii Product Features Introduction Radio Characteristics Approved Channels Package Checklist „ One Quick Start Guide Hardware Description Integrated HIGH-GAIN AntennaExternal Antenna Options Power Injector Module Ethernet Port Grounding Point Water Tight Test Point System Configuration Operating ModesWALL- and POLE-MOUNTING Bracket KIT POINT-TO-POINT Configuration POINT-TO-MULTIPOINT Configuration Beam Angle Page Bridge Link Planning Data Rates Radio Path Planning Antenna Height Miles 4.8 km 20 m 17 m 12 m Antenna Position and Orientation Radio Interference Weather Conditions Ethernet Cabling Grounding Hardware Installation Testing Basic Link Operation Using the POLE-MOUNTING BracketMount the Unit Fit the edges of the V-shaped Part into the slots Using the WALL-MOUNTING Bracket Page Connect External Antennas Connect the Power Injector Connect Cables to the UnitPage Check the LED Indicators LED Align Antennas High 11a Signal Page Networks with a Dhcp Server Networks Without a Dhcp Server Using the 3COM Installation CD Launching the 3COM Wireless Interface Device Manager Click on the Properties button to see the following screen Using the Setup Wizard First Time only Login Home page displays the Main Menu Setup Wizard Step Setup Wizard Step Setup Wizard Step Click Finish Click the OK button to complete the wizard System Configuration Advanced Setup Advanced Setup Advanced Setup System Identification TCP / IP Settings System Configuration Smart Monitor Radius Radius Authentication Authentication Authentication Authentication Authentication System Configuration Filter Control System Configuration Vlan Filter Control Vlan ID Configuring Snmp and Trap Message Parameters Snmp Snmp Trap Configuration Configuring SNMPV3 Users Configuring SNMPv3 Users Administration Changing the Password Telnet and SSH Settings Upgrading Firmware System Configuration „ IP Address IP address or host name of the Tftp server WDS and Spanning Tree Settings WDS and Spanning Tree Settings Root bridge acting as the master bridges parent WDS and Spanning Tree Settings Range Default System LOG Enabling System Logging Configuring Sntp Error Level Description Rssi Rssi Radio Interface Radio Settings a 802.11A Interface Configuring Common Radio Settings Radio Settings a and B/G System Configuration Normal Mode Turbo Mode System Configuration 802.11B/G Interface Radio Settings B/G Configuring WI-FI Multimedia WMM Access Categories AccessCategory Voice WMM Backoff Times System Configuration Key Type See Wired Equivalent Privacy WEP Wi-Fi Protected Access WPA or WPA2 Wireless Security ConsiderationsSecurity MAC Radius Combination Authentication b Server Wired Equivalent Privacy WEP Radius Authentication and Encryption WPA Key Management WEP Keys Wi-Fi Protected Access WPA System Configuration Configuration settings for WPA are summarized below WPA Configuration Settings Status Information AP Status Station Status Static The client is using static WEP keys for encryption Security System Configuration Using the Command Line Interface Accessing the CLIConsole Connection Telnet Connection Entering Commands Keywords and Arguments Showing Commands Negating the Effect of Commands Command Modes Configuration Commands Command Groups Keystroke Commands General Commands ConfigureGeneral Commands Default Setting Command ModeRelated Commands Example Command Usage ExitPing Syntax Reset Syntax Reset board configuration Show history Show line System Management Commands System Management CommandsCountry Country countrycode Country Codes Prompt Syntax Prompt string no prompt System name Syntax System name name no system nameUsername Syntax Username name Password Ip ssh-server enable Default Setting Command Mode Ip telnet-server enableIp ssh-server port Syntax Ip ssh-server port port-number Syntax No ip http server Default Setting Ip http portSyntax Ip http port port-numberno ip http port Ip http server Ip https port Syntax Ip https port portnumber no ip https port Syntax No ip https server Default Setting Ip https server Syntax No web-redirect Default Setting Web-redirect APmgmtIP APmgmtIP multiple IPaddress subnetmask single IPaddress any Syntax APmgmtUI Snmp Telnet Web enable disable APmgmtUI Show apmanagement Snmp UI Show system US United States Show config Show version Ssid PRE Shared KEY WPA PSK Enabled Dot11StationRequestFail Nocountryset System Logging Commands System Loggign CommandsShow hardware Syntax No logging on Default Setting Logging onLogging host Syntax No logging console Default Setting Logging consoleLogging level Logging facility-type Syntax Logging facility-type type Syntax Logging clear Command Mode Syntax Show logging Command ModeLogging clear Show logging System Clock Commands Syntax Show event-log Command ModeSystem Clock Commands Show event-log Sntp-server enable Syntax No sntp-server enableSntp-server ip Syntax Sntp-server ip 1 2 ip Sntp-server date-time Sntp-server ip 6-38 show sntp Syntax No sntp-server daylight-saving Default Setting Sntp-server daylight-savingSntp-server timezone Syntax Sntp-server timezone hours Show sntp TAIPEI, Beijing Dhcp Relay Commands Dhcp-relay enableSyntax No dhcp-relay enable Default Setting Dhcp Relay Commands Dhcp-relay Syntax Dhcp-relay primary secondary ipaddressShow dhcp-relay Snmp Commands Snmp Commands Displays the Snmp v3 notification filter assignments Snmp-server community Snmp-server contact Snmp-server location Snmp-server enable server Snmp-server host Hostname Name of the host. Range 1-63 characters Snmp-server trap Command Line Interface Snmp-server engine-id Snmp-server user Syntax Snmp-server user user-name Snmp-server targets Snmp-server filter Default Setting Snmp-server filter-assignments Show snmp groups Syntax Show snmp groups Command Mode Syntax Show snmp users Command ModeShow snmp users Show snmp group-assignments Syntax Show snmp group-assignments Command Mode Syntax Show snmp target Command ModeShow snmp target Show snmp filter Syntax Show snmp filter-assignments Command Mode Show snmp filter-assignments Show snmp Flash/File Commands BootfileSyntax Bootfile filename Flash/File Commands Syntax Copy ftp tftp file copy config ftp tftp Copy Delete Dir File information is shown below Show bootfile Radius Client Radius-server address Radius-server portSyntax Radius-server secondary port portnumber Radius-server key Syntax Radius-server secondary key keystringRadius-server retransmit Syntax Radius-server secondary retransmit numberofretries Radius-server timeout Syntax Radius-server secondary timeout numberofsecondsRadius-server port-accounting Syntax Radius-server secondary port-accounting portnumber Radius-server timeout-interim Radius-server radius-mac-format Radius-server vlan-format Syntax Radius-server vlan-format hex asciiShow radius 802.1X Authentication 802.1X Authentication 802.1xSyntax 802.1x supported required no Using the Command Line Interface 802.1x broadcast-key-refresh-rate Syntax 802.1x broadcast-key-refresh-rate rate 802.1x session-timeout 802.1x session-key-refresh-rateSyntax 802.1x session-key-refresh-rate rate Default 802.1x-supplicant enable802.1x-supplicant user Show authentication MAC Address Authentication Address filter default Syntax Address filter default allowed deniedAddress filter entry Syntax Address filter entry mac-addressallowed denied Address filter default 6-79 802.1x-supplicant user Mac-authentication server Syntax Mac-authentication server local remoteAddress filter delete Syntax Address filter delete mac-address Filtering Commands Mac-authentication session-timeoutSyntax Mac-authentication session-timeout minutes Filtering Commands Filter local-bridge Outdoor 11a Building to Building config#filter local-bridge Syntax No filter ap-manage Default Filter uplink enableSyntax No filter uplink enable Default Filter ap-manage Filter ethernet-type enable Syntax No filter ethernet-type enable Default Filter ethernet-type protocol Show filters WDS Bridge Commands WDS Bridge Commands Bridge mode Syntax Bridge mode master slaveBridge role WDS Syntax Bridge role ap repeater bridge root-bridge Syntax Bridge channel-auto-sync enable disable Bridge channel-auto-sync Bridge-link parent Syntax Bridge-link parent mac-addressBridge-link child Syntax Bridge-link child index mac-address Bridge dynamic-entry age-time Syntax Bridge dynamic-entry age-time seconds Seconds Show bridge aging-time Show bridge filter-entry MAC Syntax Show bridge link ethernet wireless a g index Show bridge link Parent 00-12-34-56-78-9a Child Spanning Tree Commands Bridge stp enableBridge Commands Syntax No bridge stp enable Default Setting Bridge stp forwarding-delay Bridge stp hello-time Syntax Bridge stp hello-time time No bridge stp hello-timeBridge stp max-age Syntax Bridge stp max-age seconds No bridge stp max-age Bridge stp prioritySyntax Bridge stp prioritypriority no bridge stp priority Bridge-link path-cost Syntax Bridge-link path-cost index cost Bridge-link port-priority Syntax Bridge-link port-priority index priorityShow bridge stp Ethernet Interface Commands Syntax Show bridge stp Command ModeEhternet Interface Commands Interface ethernet Dns server Ip address Ip address ip-address netmask gateway no ip address Syntax No ip dhcp Default Setting Ip dhcp Syntax No shutdown Default Setting Speed-duplexSyntax Speed-duplex auto 10MH 10MF 100MF 100MH Shutdown Syntax Show interface ethernet Default Setting Show interface ethernet Wireless Interface Commands Wireless Interface Commands Interface wireless Syntax Interface wireless a g Vap SpeedSyntax Speed speed Turbo Syntax Turbo static dynamic no turbo Multicast-data-rate Syntax Multicast-data-rate speed Channel Syntax Channel channel auto Transmit-power Radio-modeSyntax Radio-mode b g b+g Default Setting +g mode Command Mode PreambleSyntax Preamble long short-or-long Antenna control Syntax Antenna control diversity left right Antenna id Syntax Antenna id antenna-idAntenna location Syntax Antenna location indoor outdoor Beacon-interval Syntax Beacon-interval interval Dtim-period Syntax Dtim-period interval Fragmentation-length Syntax Fragmentation-length lengthRts-threshold Syntax Rts-threshold threshold Syntax No super-a Default Setting Super-a Syntax No super-g Default Setting Super-gDescription Syntax No closed-system Default Setting SsidClosed-system Assoc-timeout-interval Syntax Assoc-timeout-interval minutesMax-association Syntax Max-association count Auth-timeout-value Syntax Auth-timeout-value minutes Show interface wireless Syntax Show interface wireless a g vap-id 130 131 132 Rogue AP Detection Commands Show station Rogue-ap enable Rogue AP Commands Rogue-ap authenticate Syntax No rogue-ap authenticate Default Setting Rogue-ap duration Syntax Rogue-ap duration millisecondsRogue-ap interval Syntax Rogue-ap interval minutes Rogue-ap scan 138 Wireless Security Commands Wireless Security CommandsShow rogue-ap Auth 141 Syntax No encryption Default Setting Encryption Key Key index size type value no key index Transmit-key Syntax Transmit-key indexKey 6-143 encryption 6-142 transmit-key Cipher-suite Syntax Cipher-suite aes-ccmp tkip wep Micmode Syntax Micmode hardware software Wpa-pre-shared-key Syntax Wpa-pre-shared-key hex passphrase-keyvalue Pmksa-lifetime Syntax Pmksa-lifetime minutes Pre-authentication Link Integrity Commands Syntax No link-integrity ping-detect Default SettingLink Integrity Commands Link-integrity ping-detect Link-integrity ping-host Link-integrity ping-intervalSyntax Link-integrity ping-interval interval Link-integrity ping-fail-retry Syntax Link-integrity ping-fail-retry countsLink-integrity ethernet-detect Iapp Commands Syntax No link-integrity ethernet-detect Default SettingShow link-integrity Vlan Commands Syntax No iapp DefaultIapp Vlan Commands Syntax No vlan enable Default Command DescriptionVlan Management-vlanid Vlan-id Syntax Vlan-id vlan-id WMM Commands WMM CommandsWmm Syntax No wmm supported required Wmm-acknowledge-policy Syntax Wmm-acknowledge-policy acnumber ack noack AP Access Point BSS Wireless client Wmmparam 161 162 Troubleshooting Page Page Page Cables and Pinouts TWISTED-PAIR Cable Assignments 10/100BASE-TX PIN Assignments STRAIGHT-THROUGH Wiring Crossover Wiring PIN DIN Connector Pinout Pin DIN Ethernet Port Pinout PIN DIN to RJ-45 Cable Wiring Glossary CSMA/CA Infrastructure Radius Virtual LAN Vlan Glossary-6 Index RTS STA