Wireless LAN Mobility System
3CRWX120695A, 3CRWX440095A
3Com Corporation 350 Campus Drive Marlborough, MA USA
Contents
Clear banner motd Clear history Clear prompt
Set system location
Vlan Commands
144
131 Ping 132 Set arp 133 Set arp agingtime 134
142 Set ip ssh 143
147 Set ntp 148
169
183
Display location policy 185 Display mobility-profile
234
MAP Access Point Commands by Usage
228
241
254 Display dap unconfigured 256 Display radio-profile 257
261 Reset ap dap 264
326
311
319
327
337
335
Set spantree
345
Clear security acl 370 Clear security acl map 371
Commands by Usage 393
369
373
435
444
446
Set rfdetect ignore 467 Set rfdetect log 468
465 Set rf detect countermeasures
466
480
496 Set trace sm 497
Commands by Usage 491 Clear log trace Clear trace 492
Fver 519 Help 520 Next 521 Reset 522 Test 523
517
Version
Register Your Product 527
Conventions
List conventions that are used throughout this guide
„ Wireless LAN Switch Manager 3WXM Release Notes
„ Wireless LAN Switch and Controller Release Notes
Documentation
„ Document title
Comments
Pddtechpubscomments@3com.com
„ Document part number and revision on the title
About this Guide
Overview
Set enablepass
Clear interface vlan-idip
Clear fdb dynamic port port-list vlan vlan-id
MAC Address
Text Entry
Conventions
Notation
Wildcard Masks
Masks
Subnet Masks
User Globs
Gives examples of user globs
MAC Address Globs
User Globs
Matching Order for Globs
WX1200# set port enable
Vlan Globs
„ a single port number. For example
Editing
Command-Line
WX1200# reset port
Operating systems
WX1200# display i Tab
Using CLI Help
At your access level, type the help command. For example
WX1200# display i?
WX1200# display ip ?
Understanding Command Descriptions
Set ap dap name command has the following complete syntax
WX1200# display ip telnet
Understanding Command Descriptions
Using the COMMAND-LINE Interface
To located commands in this chapter based on their use
Commands by
Disable
Syntax disable Defaults None
Enable
Quit
Set enablepass
Access Commands
System Service Commands
To located commands in this chapter based on their use
Clear history
Banner with an empty banner by typing the following command
Clear banner motd
„ display banner motd on
Clear prompt
Clear system
Display banner
Motd
Display
Base-information
Display license
„ set license on
Defaults None Access All
Display system
Shows system information
Describes the fields of display system output
Display system output
Nvram size /SDRAM size percent of total
WX switch
Help
Syntax help
History
Syntax history
See Also „ clear history on
That might have a large impact on the network
Set confirm
See Also „ clear banner motd on „ display banner motd on
Syntax set confirm on off
WX4400# clear vlan red
Set length
Examples To turn off these confirmation messages, type
WX4400# set confirm off
Installs an upgrade license, for managing more MAPs
Set license
See Also „ display license on
Set prompt
Syntax set prompt string
Countrycode
Set system contact Stores a contact name for the WX switch
Set system
Syntax set system contact string
Country Code
Ip-address
Defaults The factory default country code is None
Using any set ap commands to configure a MAP
Mobility Domain
See Also „ clear system on „ display system on
Syntax set system location string
„ set system contact on „ set system name on
Syntax set system name string
System Service Commands
Port Commands
Locate commands in this chapter based on their use
Removes a Distributed MAP
That are using the MAP
Clear dap
„ set dap on
See Also „ set port-groupon „ display port-groupon
Clear port-group
„ name name Name of the port group
Clear port name Removes the name assigned to a port
See Also „ display port status on „ set port name on
Clear port
Preference
Interface for the active link
Network port
Network port defaults
Clear port type
Port
Display port
Counters
Display port-groupShows port group information
Describes the fields in the display port-group output
Output for display port-group
Output for display port poe
See Also „ clear port-groupon „ set port-groupon
Describes the fields in this display
Syntax display port poe port-list
„ set port poe on
Usage This command applies only to the WX4400
All four ports of a WX4400 switch
Specified ports
Output for display port preference
Syntax display port status port-list
Output for display port status
WX1200# display port status
„ set port negotiation on
Monitor port
See Also „ clear port type on
„ set port speed on
Key Controls for Monitor Port Counters Display
Output for monitor port counters
WX4400# monitor port counters
Correct length but contained an invalid
See Also „ display port counters on
Reset port
Set dap
Port Commands
Set dap
Administratively disables or reenables a port
Examples The following command disables port
Fol1owing command reenables the port
Set port
Configured together as a single logical link
Single logical link
With no spaces
See Also „ clear port-groupon „ display port-groupon
Name or number in other CLI commands
Set port name
See Also „ clear port name on „ display port status on
Set port negotiation
Set port poe
Result
WX1200# set port poe 4,5 disable
Following command enables PoE on ports 4
See Also „ set port type ap on „ set port type wired-authon
WX1200# set port poe 4,5 enable
WX4400# set port preference 2 rj45
Set port speed
Changes the speed of a port
Syntax set port speed port-list10 100 1000 auto
Set snmp trap command
Set port trap
Set port type ap
Defaults All WX ports are network ports by default
Antenna model, use the following command
„ poe enable disable Power over Ethernet PoE state
„ 11a 802.11a „ 11b 802.11b „ 11g 802.11g
MAP Access Port Defaults
STP
Wired-auth
Set port type
Wired Authentication Port Details
WX1200# set port type wired-auth 2 success change accepted
See Also „ clear port type on „ set port type ap on
Vlan Commands
Syntax clear fdb perm static dynamic
Clear fdb
Deletes an entry from the forwarding database FDB
WX4400# clear fdb static vlan blue success change accepted
Clear vlan
„ display fdb on
Port from the VLAN, make sure you specify the port number
Display fdb
Following command completely removes Vlan marigold
See Also „ set vlan port on „ display vlan config on
Displays entries in the forwarding database
WX4400# display fdb all
See Also „ clear fdb on
Agingtime
Describes the fields in the display fdb output
Output for display fdb
See Also „ set fdb agingtime on
WX1200# display fdb agingtime
Syntax display fdb count perm static dynamic
Display roaming
Station
Describes the fields in the display
See Also „ display roaming vlan on
Output for display roaming station
Output for display roaming vlan
Syntax display roaming vlan
WX4400# display roaming vlan
Output for display tunnel
See Also „ display vlan config on
Display tunnel
Syntax display tunnel
Syntax display vlan config vlan-id
Display vlan config
Output for display vlan config
WX1200# display vlan config burgundy
Set fdb
Adds a permanent or static entry to the forwarding database
Syntax set fdb perm static
See Also „ clear fdb on „ display fdb on
Vlan 4094 is reserved for WebAAA
Set vlan name
See Also „ display fdb agingtime on
Creates a Vlan and assigns a number and name to it
Set vlan port
Set vlan
Tunnel-affinity
See Also „ display roaming vlan on „ display vlan config on
IP Services Commands
To locate commands in this chapter based on their use
IP Services Commands by Usage
DNS
Clear interface
Removes an IP interface
Syntax clear interface vlan-idip
See Also „ display ip alias on
Access Enabled
History Introduced in MSS Version
WX1200# clear ip dns domain
„ set ip dns domain on
Clear ip dns server
Clear ip route
„ set ip dns server on
Clear ip telnet
„ display ip route on
„ set ip route on
Update-interval
Clear ntp server
Clear ntp
Receiver
„ set ntp server on „ set ntp update-intervalon
Clear snmp trap
See Also „ clear ntp server on „ display ntp on
Clear summertime
Clear timezone
Command
Following command
Examples To clear the system IP address, type the following
Display timezone on
Display arp
Display timedate on
Shows the ARP table
„ set arp on
„ set arp agingtime on
Syntax display interface vlan-id
See Also „ set interface on „ set interface status on
Shows the IP aliases configured on the wireless LAN switch
Display ip alias
Output for display interface
„ clear ip alias on
Examples The following command displays the DNS information
Display ip dns
„ set ip alias on
Output for display ip dns
Display ip https
Shows information about the Https management port
Syntax display ip https
Output for display ip https
WX4400# display ip https
Syntax display ip route destination
Display ip route
Shows the IP route table
WX4400# display ip route
Output of display ip route
FieldDescription
Output for display ip telnet
Syntax display ip telnet
WX4400 display ip telnet
Shows NTP client information
Examples To display NTP information for a WX switch, type
Display ntp
Output for display ntp
„ set ntp server on „ set summertime on „ set timezone on
Examples To display Snmp settings on a WX switch, type
Configuration
Shows Snmp settings on a wireless LAN switch
Display snmp
Output of display snmp configuration
Syntax display summertime
Defaults There is no summertime offset by default
Summertime
WX1200# display summertime
WX1200# display timedate
Syntax display timezone
WX4400# display timezone
Defaults „ count
„ set timedate on „ set timezone on
Set arp
„ traceroute on
Syntax set arp agingtime seconds
Following command disables ARP aging
See Also „ set arp agingtime on
WX1200# set arp agingtime
Set interface
WX1200# set interface mauve ip 10.10.20.10
Syntax set interface vlan-idstatus up down
Set ip dns
Aliases as shortcuts in CLI commands
Set ip alias
See Also „ clear ip alias on „ display ip alias on
Syntax set ip dns domain name
WX1200# set ip dns domain example.com
Syntax set ip dns server ip-addrprimary secondary
WX switch is also disabled
Set ip route
Adds a static route to the IP route table
Set ip route
Syntax set ip snmp server enable disable
„ clear snmp trap receiver on
See Also „ set ip ssh absolute-timeouton
Set ip ssh
Secure Shell SSH management traffic
Syntax set ip ssh absolute-timeout minutes
Absolute-timeout
„ set ip ssh idle-timeouton „ set ip ssh server on
Or idle
Idle-timeout
Also disabled
Set ip ssh server
Set ip telnet
Syntax set ip telnet server enable disable
WX4400# set ip telnet server enable success change accepted
Configures a wireless LAN switch to use an NTP server
Examples The following command enables the NTP client
Enables or disables the NTP client on a wireless LAN switch
Set ntp
NTP server
RFC 1305, Network Time Protocol Version 3 Specification
Implementation and Analysis
From 16 through 1,024 seconds
Set snmp
Community
Public and private
„ all Enables or disables all traps
„ enable Enables trap information to be sent
„ disable Disables the sending of trap information
Sends an Snmp trap message to any network management system
Defaults All traps are disabled by default Access Enabled
Snmp Trap Names
Set snmp trap
See Also „ clear snmp trap receiver on
IP Services Commands
Date is within the summertime period
To PDT Pacific Daylight Time, type the following command
Values
Following
„ date mmm dd yyyy System date
Sets the time of day and date on the wireless LAN switch
Set timedate
„ time hhmmss System time, in hours, minutes, and seconds
Set timezone
WX4400# set timedate date feb 29 2004 time
Time now is Sun Feb 29 2004, 235802 PST
Telnet
Opens a Telnet client session with a remote device
WX1200# set timezone PST
See Also „ clear sessions on „ display sessions on
WX4400# telnet
Traceroute
Defaults
„ dnf Disabled „ no-dns- Disabled „ port
„ queries „ size „ ttl
Error messages for traceroute
WX4400# traceroute server1
„ ping on
Locate commands in this chapter based on their use
This chapter presents AAA commands alphabetically. Use to
AAA Commands by Usage
Display accounting statistics on
Syntax clear accounting admin dot1x user-glob
WX4400# clear accounting dot1x Nin
Clear authentication
Admin
Syntax clear authentication console user-glob
WX4400# clear authentication console Regina
ConsoleConsole
Syntax clear authentication dot1x ssid ssid-namewired
WX4400# clear authentication last-resort wired
Clear authentication Removes a MAC authentication rule. mac
Syntax clear authentication last-resort ssid ssid-namewired
Syntax clear authentication mac ssid ssid-namewired
Clear authentication Removes a WebAAA rule. web
WX4400# clear authentication mac ssid thatcorp aabbcc
Syntax clear authentication web ssid ssid-namewired
Syntax clear location policy rule-number
„ set location policy on
Clear mac-user
„ display location policy on
See Also „ display aaa on „ set mac-usergroup attr on
Clear mac-user attr
Group
„ set mac-user attr on
Clear
Mac-usergroup
Mac-user group command
Mac-usergroup attr
„ clear mac-usergroup attr on
Mobility-profile
Clear user
Clear user attr
See Also „ display aaa on
Clear user group
Clear usergroup
„ group-name- Name of an existing user group
Syntax clear usergroup group-name
WX4400# clear usergroup cardiology success change accepted
Displays all current AAA settings
Display aaa
Time-Of-Day attribute from the group
Describes the fields that can appear in display aaa output
Display aaa Output
User’s password, and no global password is set
Statistics
Stored in the local database on the WX switch
Display accounting
Statistics output
Aaattyattr
Display location
Policy
„ clear location policy on
Admin console
Set accounting
Are sent
Authenticated by
Server when the user roams
Accesses the switch using Telnet or Web Manager
Authenticated by MAC authentication
AAA Commands
Set authentication
AAA Commands
Globs on
Through the switch’s console
Completing logon
Following methods in priority order. MSS applies multiple
For more information, see Usage
Syntax set authentication dot1x ssid ssid-namewired
AAA Commands
Set authentication dot1x
Success change accepted
Syntax set authentication last-resort
AAA Commands
Syntax set authentication mac
AAA Commands
Syntax set authentication web ssid ssid-namewired
AAA Commands
Set location policy
AAA Commands
Set location policy
WX4400# set location policy deny if user eq *.theirfirm.com
Set mac-user
Tempvendora into Vlan kiosk1
See Also „ clear mac-useron „ display aaa on
Authentication Attributes for Local Users
Authentication Attributes for Local Users
Filter-id outboundacl.out
YY/MM/DD-HHMM
Time-of-day
WX4400# set mac-user 010203040506 attr filter-id acl-03.in
See Also „ clear mac-user attr on „ display aaa on
Syntax set mac-usergroup
See Also „ clear mac-usergroup attr on „ display aaa on
Syntax set mobility-profile name name port none all
AAA Commands
Syntax set mobility-profile mode enable disable
„ set user attr on „ set usergroup on
Set user
29Jan04
See Also „ clear user on „ display aaa on
Set user attr
Orange
See Also „ clear user attr on „ display aaa on
Set user group
Set usergroup
„ clear user group on
To add a user to a group, user the command set user group
Syntax set web-aaa enable disable
Set web-aaa
Examples To disable WebAAA, type the following command
WX4400# set web-aaa disable success change accepted
To locate commands in this chapter based on their use
Mobility Domain Commands by Usage
Mobility-domain
Member
Status
Display mobility-domain config
Displays the configuration of the Mobility Domain
See Also „ set mobility-domain member on
Display mobility-domain Output
WX4400# display mobility-domain status
Set
Mode member
„ display mobility-domain config on
Seed-ip
Set mobility-domain mode seed domain-name
Syntax set mobility-domain mode seed domain-name
Domain name is Pleasanton
Mobility Domain Commands
Commands
Managed Access Point Commands
Map Access Point Commands by Usage
Clear ap dap
Radio
WX1200# clear ap 3 radio
Syntax clear radio-profile name parameter
„ name Service profile name
Syntax clear service-profile name
See Also „ clear radio-profileon „ set radio-profile mode on
Output for display ap config
WX1200# display ap config
WX4400# display dap config
Does not belong to any load balancing groups
An associated client
Display ap dap
Displays MAP access point and radio statistics counters
MAP access point on port
Radio 1 Shows statistics counters for radio
Output for display ap counters
Tkip Pkt Replays
See Also „ display sessions network on
Syntax display ap dap etherstats port-listdap-num
WX4400# display dap etherstats
Output of display ap etherstats
TxMaxColl
„ name Name of an MAP group or Distributed MAP group
Syntax
Syntax display ap status port-listall radio 1
WX4400# display dap status
WX1200# display ap status
Output for display ap status
Decide whether to change channel or power settings
Output for display ap status
See Also „ display auto-tune neighbors on
Output for display auto-tune attributes
WX1200# display auto-tune attributes ap 2 radio
Display auto-tune
Neighbors
Output for display auto-tune neighbors
Display auto-tune Neighbors ap 2 radio
Display dap
Connection
Output of display dap connection
„ display ap dap config on
„ display dap global on „ display dap unconfigured on
Dap connection serial-id M9DE48B6EAD00
Output for display dap global
WX4400# display dap global
But that are not configured on any WX switches
Unconfigured
„ display ap dap config on
Longer appears in the command’s output
Describes the fields in this display
Displays radio profile information
WX4400# display radio-profile default
Output for display radio-profile
Setting and tuning channels
Ssid
„ name Displays information about the named service profile
Service-profile
Displays service profile information
„ ? Displays a list of service profiles
Username
„ Tkip countermeasures time Indicates the amount
Reset ap dap
WX1200# reset ap
Syntax set ap port-listdap dap-numbias high low
See Also „ display ap dap config on
WX4400# set dap 1 bias low success change accepted
Syntax set ap port-listdap dap-numblink enable disable
WX1200# set ap 3-4 blink enable success change accepted
WX1200# set ap 4 group none success change accepted
Set ap dap name Changes an MAP name
„ display ap dap group on
WX1200# set ap 1 name techpubs success change accepted
Set ap dap radio antennatype
„ antennatype ANT1060 ANT1120 ANT1180 internal
„ antennatype ANT5060 ANT5120 ANT5180 internal
Set ap dap radio auto-tune max-power
Set ap dap radio auto-tune max- retransmissions
Managed Access Point Commands
Set ap dap radio channel
Sets an MAP radio’s channel
Syntax set ap port-listdap dap-numradio 1
Set ap dap radio min-client-rate
WX1200# set ap 5 radio 1 channel 36 success change accepted
Set ap dap radio min-client-rate
Set ap dap radio mode
Enables or disables a radio on an MAP access point
Following command enables radio 2 on ports 1 through
Set ap dap radio radio-profile
Set ap dap radio tx-power
Sets an MAP radio’s transmit power
Upgrade-firmware
Set ap dap
Set radio-profile
11g-only
Set radio-profile auto-tune channel-config
Set radio-profile auto-tune channel-holddown
Syntax set radio-profile name auto-tune channel-holddown
Set radio-profile auto-tune channel-interval
Syntax set radio-profile name auto-tune channel-interval
Set radio-profile auto-tune power-backoff- timer
Syntax set radio-profile name auto-tune power-backoff-timer
WX4400# set radio-profile rp2 auto-tune power-backoff-timer
Set radio-profile auto-tune power-config
Set radio-profile auto-tune power-interval
Specify from 25 ms to 8191 ms
Service set identifier Ssid
Beacon-interval
Radio profile rp1 to 200 ms
Syntax set radio-profile name frag-threshold threshold
Syntax set radio-profile name long-retry threshold
Syntax set radio-profile name max-rx-lifetime time
Max-tx-lifetime
Mode
Defaults for Radio Profile Parameters
Parameter Default Value
WX4400# set radio-profile rp1 mode enable
WX4400# set radio-profile rp1 success change accepted
Syntax set radio-profile name
Syntax set radio-profile name rts-threshold threshold
Defaults for Service Profile Parameters
Syntax set radio-profile name service-profile name
297
Defaults for Service Profile Parameters
Syntax set radio-profile name short-retry threshold
Syntax set service-profile Name auth-dot1x enable disable
WPA IE
Set service-profile auth-fallthru
Syntax set service-profile name auth-psk enable disable
Syntax set service-profile name beaconed enable disable
Set service-profile
Cipher-ccmp
Cipher-tkip
Use the set service-profile wep commands
See Also „ set service-profilecipher-ccmpon
Cipher-wep104
Defaults 40-bit WEP encryption is disabled by default
„ enable Enables 40-bit WEP encryption for WPA clients
„ disable Disables 40-bit WEP encryption for WPA clients
Cipher-wep104 command
Syntax set service-profile name psk-phrase passphrase
Syntax set service-profile name psk-raw hex
Syntax set service-profile name rsn-ie enable disable
Set service-profile auth-psk command
Syntax set service-profile name ssid-name ssid-name
See Also „ set service-profilessid-typeon
See Also „ set service-profilessid-nameon
Syntax set service-profile name tkip-mc-time wait-time
Ssid managed by the service profile
Syntax set service-profile name web-aaa-form url
Web-aaa-form
Set service-profile wep active-multicast- index
„ copy on „ dir on
„ mkdir on
Set service-profile wep active-unicast- index
Syntax set service-profile name wep active-unicast-index num
Wep key-index
Syntax set service-profile name wpa-ie enable disable
STP Commands by
Table to locate commands in this chapter based on their use
STP Commands by Usage
Portcost
STP root bridge in all VLANs on a WX switch
Clear spantree
Syntax clear spantree portcost port-list
„ clear spantree portvlanpri on
Portpri
Portvlancost
„ set spantree portpri on
Portvlanpri
„ clear spantree portcost on
„ clear spantree portpri on
See Also „ display spantree statistics on
Spantree vlan default
Syntax display spantree
Output for display spantree
Root
Backbonefast
Or disabled
Display spantree
„ display spantree blockedports on
„ set spantree backbonefast on
WX switch with backbone fast convergence enabled
Blockedports
One or all of its VLANs
See Also „ set spantree portfast on
Portfast
For one or more network ports
Output for display spantree portfast
Syntax display spantree portvlancost port-list
Port’s VLANs
„ port-list- List of ports
Syntax display spantree statistics
WX4400# display spantree statistics
Topology change Timer value Hold timer
Output for display spantree statistics
Vlan Vlan ID
Configpending
Switch is the root or is attempting to become the root
See Also „ clear spantree statistics on
Syntax display spantree uplinkfast vlan vlan-id
Set spantree
„ set spantree uplinkfast on
Following command disables STP on Vlan burgundy
Examples The following command enables STP on all VLANs
Configured on a WX switch
An indirect link
Fwddelay
„ display spantree backbonefast on
VLANs to 4 seconds
Issues a topology change message
Maxage
„ all Changes the maximum age on all VLANs
Path to the STP root bridge
Type. lists the defaults for STP port path cost
Snmp Port Path Cost Defaults
65,535. STP selects lower-cost paths over higher-cost paths
Portvlancost command
See Also „ display spantree portfast on
Syntax set spantree portpri port-listpriority value
Type. See on
Bridge for a specific Vlan on a wireless LAN switch
„ all Changes the cost on all VLANs
To 20 in Vlan mauve
Priority
Pink to
Uplinkfast
32,768
Primary link fails
See Also „ display spantree uplinkfast on
Igmp Snooping Commands
Igmp Commands by Usage
Clear igmp statistics
Display igmp
See Also display igmp statistics on
TTL
Output for display igmp
TTL
Mrouter
Syntax display igmp mrouter vlan vlan-id
WX1200# display igmp Mrouter vlan orange
Defaults None Access Enabled
Only one querier
Syntax display igmp querier vlan vlan-id
WX1200# display igmp querier vlan orange
WX1200# display igmp querier vlan default
Output for display igmp mrouter
WX1200# display igmp querier vlan red
Receiver-table
„ set igmp querier on
VLAN, MSS displays Igmp statistics for all VLANs
See Also „ set igmp receiver on
Shows Igmp statistics
WX1200# display igmp receiver-table group 237.255.255.0/24
WX1200# display igmp statistics vlan orange
Output of display igmp statistics
From the multicast routers in the subnet
Wireless LAN switch
See Also „ set igmp rv on
Set igmp lmqi
VLANs on a wireless LAN switch
VLAN, the timer change applies to all VLANs
From 1 through 65,535
Set igmp mrsol
Enables or disables multicast router solicitation by a WX
Syntax set igmp mrsol enable disable vlan vlan-id
See Also „ display igmp statistics on
Syntax set igmp mrsol mrsi seconds vlan vlan-id
See Also „ set igmp mrsol mrsi on
See Also „ set igmp mrsol on
WX1200# set igmp mrsol mrsi 60 success change accepted
Set igmp oqi
All VLANs on a WX
Syntax set igmp oqi seconds vlan vlan-id
Set igmp
Proxy-report
Set igmp qi
Group. You can specify a value from 1 through 65,535
Set igmp qri
VLANs on a WX
WX1200# set igmp qi 100 vlan orange success change accepted
Syntax set igmp querier enable disable vlan vlan-id
WX1200# set igmp qri 50 vlan orange success change accepted
Syntax set igmp receiver port port-listenable disable
See Also „ display igmp querier on
Occurs on the network
Defaults The default robustness value for all VLANs is
Set igmp rv
VLAN, MSS changes the robustness value for all VLANs
Security ACL Commands
Security ACL
Syntax clear security acl acl-name all editbuffer-index
Clear security acl map
Syntax clear security acl map acl-nameall vlan vlan-id
WX4400# clear security acl map all success change accepted
Syntax commit security acl acl-nameall
WX4400# commit security acl all
WX4400# display security acl
Syntax display security acl editbuffer
WX4400# display security acl editbuffer
Syntax display security acl hits
See Also „ hit-sample-rateon „ set security acl on
WX4400# display security acl hits
Syntax display security acl info acl-nameall editbuffer
Security ACL is assigned
Display security acl
Map
Syntax display security acl map acl-name
Support for your Product on
Resource-usage
ACL acl111 is mapped
WX4400# display security acl map acl111
WX4400# display security acl resource-usage
Output of display security acl resource-usage
Output of display security acl resource-usage
Hit-sample-rate
Packets filtered by the security ACL or hits
Syntax hit-sample-rate seconds
Syntax rollback security acl acl-nameall
Set security acl
Protocol, or IP, ICMP, TCP, or UDP packet information
By Icmp packets
By TCP packets
By UDP packets
„ ip „ tcp „ udp „ icmp
Set security acl
Security ACL Commands
WX4400# commit security acl all configuration accepted
WX4400# set security acl ip acl123 deny 192.168.2.11
Defaults None
Set security acl map
Security ACL Commands
To locate commands in this chapter based on their use
Cryptography Commands by Usage
Syntax crypto ca-certificate admin eap webaaa
Syntax crypto certificate admin eap webaaa
See Also „ display crypto ca-certificateon
Examples The following command installs a certificate
Syntax crypto generate key admin eap ssh webaaa 512 1024
WX4400# crypto generate key admin 1024 key pair generated
See Also display crypto key ssh on
Syntax crypto generate request admin eap webaaa
WX4400# crypto generate request admin
Email Address admin@example.com
Syntax crypto generate self-signed admin eap webaaa
See Also „ crypto certificate on „ crypto generate key on
WX4400# crypto generate self-signed admin
Crypto otp
Crypto pkcs12
„ crypto pkcs12 on
See Also „ crypto otp on
Pkcs #7 certificate
Display crypto
Ca-certificate
Display crypto ca-certificate Output
Certificate
On the WX switch
Syntax display crypto certificate admin eap webaaa
Describes the fields of the display
See Also crypto generate key on
Syntax display crypto key ssh
Cryptography Commands
Locate commands in this chapter based on their uses
Radius Commands by Usage
Clear radius
WX4400# clear radius timeout success change accepted
See Also „ display aaa on „ set radius client system-ipon
Syntax clear radius client system-ip
WX4400# clear radius server rs42 success change accepted
See Also „ display aaa on „ set radius server on
Syntax clear radius server server-name
Syntax clear server group group-nameload-balance
Set radius
„ set server group on
Set radius client
System-ip
„ clear radius server on
WX4400# set radius client system-ip success change accepted
Radius and Server Group Commands
Syntax set server group group-namemembers server-name1
Load-balance group
„ group-name- Server group name of up to 32 characters
Set server group load-balance
Radius and Server Group Commands
802.1X Commands by Usage
On the switch
Commands on
Performance
Clear dot1x
Which disables the feature
Examples To reset the Bonded period to its default, type
Bonded-period
Port-control
See Also „ display dot1x on „ set dot1x bonded-periodon
„ set dot1x max-reqon
Quiet-period
„ set dot1x port-controlon
See Also „ display dot1x on „ set dot1x quiet-periodon
„ set dot1x reauth-maxon
Reauth-max
Reauth-period
See Also „ display dot1x on „ set dot1x reauth-periodon
Auth-server
Defaults The default is 30 seconds
Authentication server, type the following command
Before the WX times out a request to a Radius server
Display dot1x
„ set dot1x timeout supplicant on
Tx-period
„ set dot1x tx-periodon
WX1200# display dot1x config
WX4400# display dot1x clients
Type the following command to display 802.1X statistics
Explains the counters in the display dot1x stats output
WX4400# display dot1x stats
Port-control command
Set dot1x
Authcontrol
Authentication ports, type the following command
Authentication is enabled
Examples To enable per-port 802.1X authentication on wired
Machine to start reauthentication for the user
See Also „ display dot1x on „ clear dot1x bonded-periodon
Syntax set dot1x key-tx enable disable
WX4400# set dot1x key-tx enable
WX4400# set dot1x bonded-period 60 success change accepted
Set dot1x max-req
„ clear dot1x max-reqon
To a supplicant after a failed authentication
See Also „ display port status on „ display dot1x on
Syntax set dot1x quiet-period seconds
Syntax set dot1x reauth enable disable
See Also „ display dot1x on „ clear dot1x reauth-maxon
Attempts reauthentication
Before the supplicant client becomes unauthorized
Syntax set dot1x reauth-max number-of-attempts
Out an authentication session with a supplicant client
Set dot1x timeout
Out a request to a Radius authentication server
Supplicant
See Also „ display dot1x on „ clear dot1x tx-periodon
Syntax set dot1x tx-period seconds
Wep-rekey
Wep-rekey-period
See Also „ display dot1x on „ set dot1x wep-rekeyon
Clear sessions
Telnet sessions
Network
VLANs, or session ID
Users
WX1200# clear sessions network session-id
To clear session 9, type the following command
WX4400# clear sessions network mac-addr
WX1200# clear sessions network user Natasha
Display sessions
WX4400 display sessions admin
WX4400 display sessions console
WX4400 display sessions telnet
See Also „ clear sessions on
Display sessions telnet client Output
Syntax display sessions network
WX1200# display sessions network
„ Summary display See on „ Verbose display See on
„ display sessions network session-id display See on
WX1200# display sessions network mac-addr 00055d7e981a
WX1200# display sessions network verbose
WX1200# display sessions network session-id
Display sessions network summary Output
Additional display sessions network verbose Output
Time
802.1X protocol on a wired authentication port
Display sessions network session-id Output
See Also „ clear sessions network on
Session Management Commands
RF Detection Commands
Clear rfdetect
Countermeasures mac command
Rfdetect countermeasures mac commands
Countermeasures
Ignore
Syntax clear rfdetect ignore mac-addr
Domain
Display rfdetect
Mobility Domain
Syntax display rfdetect countermeasures
Radios as well as by third-party access points
Syntax display rfdetect data
Display rfdetect data Output
WX1200# display rfdetect data
Ignore list
Display rfdetect data command on that switch
Radios, use the display rfdetect data command
„ clear rfdetect ignore on
Display rfdetect mobility-domain Output
WX1200# display rfdetect mobility-domain
To display the base MAC address of a 3Com radio, use
Third-party access points
„ mac-addr- Base MAC address of the 3Com radio
Display neighboring BSSIDs
Display rfdetect visible Output
WX1200# display rfdetect visible 000b0e000a6a
WX1200# display rfdetect Visible ap Radio
Set rfdetect
Active-scan
Set rf detect
Set rfdetect countermeasures mac
Starts countermeasures against a specific rogue
Syntax set rfdetect countermeasures mac mac-addr
Syntax set rfdetect ignore mac-addr
Set rfdetect log
Detected or when they disappear
Syntax set rfdetect log enable disable
See Also „ display log buffer on
File Management Commands
Tape archive tar format
Backup
Defaults All
History
Output for backup
Syntax clear boot config
Describes the fields in the dir output
„ reset system on
Copy
WX4400# copy floorwx tftp//10.1.1.1/floorwx
Immediately deletes the specified file
File or the running configuration
Delete
Syntax delete url
Dir
WX4400# delete dang/dangdoc success file deleted
Following command displays the files in the old subdirectory
„ copy on
Display boot
Boot
Output for dir
Displays the configuration running on the WX switch
Display config
Describes the fields in the display boot output
„ area area Configuration area. You can specify one
See Also „ load config on
WX4400# display config area vlan
„ save config on
And, optionally, for any attached MAP access points
Display version
Describes the fields in the display version output
Output for display version
Load config
Running configuration with the commands in the loaded file
Syntax load config url
Following command loads configuration file testconfig1
Mkdir
Creates a new subdirectory in nonvolatile storage
„ dir on „ rmdir on
Syntax reset system force
Reset system
Restarts an WX switch and reboots the software
WX4400# reset system
Restore
Key pairs and certificates on the switch
Or restoring an archive
Rmdir
Save config
„ backup on
„ dir on „ mkdir on
Configuration
Set boot
Configuration-file
Testconfig1
Syntax set boot partition boot0 boot1
File Management Commands
Clear log trace
Deletes the log messages stored in the trace buffer
Syntax clear log trace
Deletes running trace commands and ends trace processes
Clear trace
„ set log on
Syntax display trace all
WX switch, or all possible trace options
Display trace
WX4400# display trace
Authentication
Save trace
Set trace
Traces authorization information
Authorization
About user jose’s authentication
Authorization for MAC address
Set trace dot1x
See Also „ clear trace on „ display trace on
Set trace sm
Syntax set trace sm mac-addr mac-address port port-num
Trace Commands
Clear log
Syntax clear log buffer server ip-addr
See Also „ clear log trace on
WX4400# clear log buffer success change accepted
You can view event messages archived in the buffer
Log buffer facility ?
WX4400# display log buffer facility AAA
„ clear log on
„ display log config on
Log config
„ set log on „ clear log on
Syntax display log trace +-/number-of-messages
Set log
„ Logging state enabled or disabled
„ enable Enables messages to the specified target
„ trace Sets log parameters for trace files
Set log trace
Mbytes
See Also „ display log config on
WX4400# set log trace mbytes 4 success change accepted
System LOG Commands
Boot Prompt Commands
Boot Prompt
Autoboot
„ DEV=device Location of the system image file
Boot
„ BT=type Boot type
„ FN=filename System image filename
„ change on „ display on
Change
Syntax change
Create
Syntax create
Profiles, see display on
Usage When you type the delete command, the next-lower
Examples To remove the currently active boot profile, type
Syntax delete
Diag
Syntax diag
Syntax display Defaults None
„ fver on „ version on
Output of display command
„ change on „ create on „ delete on „ next on
Fver
Displays a list of the boot prompt commands
For an individual command
„ command-name- Boot prompt command
„ ls on
Syntax next Defaults None
Next
Syntax reset
Reset
Resets a WX switch’s hardware
Command at the boot prompt
Defaults The poweron test flag is disabled by default
„ on Enables the poweron test flag
„ OFF Disables the poweron test flag
Test
Type the following command at the boot prompt
Syntax version Defaults None
Dir or fver command
Boot version
„ dir on „ fver on
Boot Prompt Commands
Product
Services
Register Your
Purchase
Online
Access Software
Troubleshoot
Downloads
Need to apply for a user name and password
Contact Us
Country Telephone Number
Latsupportanc@3com.com
Index
Delete 474, 515 diag Dir 475, 516 disable 33 display
Index
Index
Index
Index
