3CRWX120695A, 3CRWX440095A
Wireless LAN Mobility System
3Com Corporation 350 Campus Drive Marlborough, MA USA
Contents
Set system location
Clear banner motd Clear history Clear prompt
Vlan Commands
142 Set ip ssh 143
131 Ping 132 Set arp 133 Set arp agingtime 134
144
147 Set ntp 148
183
169
Display location policy 185 Display mobility-profile
228
MAP Access Point Commands by Usage
234
241
261 Reset ap dap 264
254 Display dap unconfigured 256 Display radio-profile 257
319
311
326
327
Set spantree
335
337
345
369
Commands by Usage 393
Clear security acl 370 Clear security acl map 371
373
444
435
446
466
465 Set rf detect countermeasures
Set rfdetect ignore 467 Set rfdetect log 468
480
Fver 519 Help 520 Next 521 Reset 522 Test 523
Commands by Usage 491 Clear log trace Clear trace 492
496 Set trace sm 497
517
Register Your Product 527
Version
List conventions that are used throughout this guide
Conventions
„ Wireless LAN Switch and Controller Release Notes
„ Wireless LAN Switch Manager 3WXM Release Notes
Documentation
Pddtechpubscomments@3com.com
Comments
„ Document title
„ Document part number and revision on the title
About this Guide
Overview
Clear interface vlan-idip
Set enablepass
Clear fdb dynamic port port-list vlan vlan-id
Conventions
Text Entry
MAC Address
Notation
Subnet Masks
Masks
Wildcard Masks
User Globs
MAC Address Globs
Gives examples of user globs
User Globs
Vlan Globs
WX1200# set port enable
Matching Order for Globs
„ a single port number. For example
WX1200# reset port
Command-Line
Editing
Operating systems
WX1200# display i Tab
At your access level, type the help command. For example
Using CLI Help
WX1200# display i?
Set ap dap name command has the following complete syntax
Understanding Command Descriptions
WX1200# display ip ?
WX1200# display ip telnet
Understanding Command Descriptions
Using the COMMAND-LINE Interface
Disable
Commands by
To located commands in this chapter based on their use
Syntax disable Defaults None
Quit
Enable
Set enablepass
Access Commands
To located commands in this chapter based on their use
System Service Commands
Clear banner motd
Banner with an empty banner by typing the following command
Clear history
„ display banner motd on
Clear system
Clear prompt
Motd
Display banner
Base-information
Display
Display license
Display system
Defaults None Access All
„ set license on
Shows system information
Display system output
Describes the fields of display system output
Nvram size /SDRAM size percent of total
Help
WX switch
Syntax help
Syntax history
History
See Also „ clear history on
See Also „ clear banner motd on „ display banner motd on
Set confirm
That might have a large impact on the network
Syntax set confirm on off
Examples To turn off these confirmation messages, type
Set length
WX4400# clear vlan red
WX4400# set confirm off
Set license
Installs an upgrade license, for managing more MAPs
See Also „ display license on
Syntax set prompt string
Set prompt
Set system
Set system contact Stores a contact name for the WX switch
Countrycode
Syntax set system contact string
Country Code
Using any set ap commands to configure a MAP
Defaults The factory default country code is None
Ip-address
Mobility Domain
Syntax set system location string
See Also „ clear system on „ display system on
Syntax set system name string
„ set system contact on „ set system name on
System Service Commands
Locate commands in this chapter based on their use
Port Commands
Clear dap
That are using the MAP
Removes a Distributed MAP
„ set dap on
„ name name Name of the port group
Clear port-group
See Also „ set port-groupon „ display port-groupon
Clear port name Removes the name assigned to a port
Preference
Clear port
See Also „ display port status on „ set port name on
Interface for the active link
Clear port type
Network port defaults
Network port
Port
Counters
Display port
Describes the fields in the display port-group output
Display port-groupShows port group information
Output for display port-group
Describes the fields in this display
See Also „ clear port-groupon „ set port-groupon
Output for display port poe
Syntax display port poe port-list
All four ports of a WX4400 switch
Usage This command applies only to the WX4400
„ set port poe on
Specified ports
Syntax display port status port-list
Output for display port preference
WX1200# display port status
Output for display port status
See Also „ clear port type on
Monitor port
„ set port negotiation on
„ set port speed on
Key Controls for Monitor Port Counters Display
WX4400# monitor port counters
Output for monitor port counters
Correct length but contained an invalid
See Also „ display port counters on
Set dap
Reset port
Port Commands
Set dap
Fol1owing command reenables the port
Examples The following command disables port
Administratively disables or reenables a port
Set port
Single logical link
Configured together as a single logical link
With no spaces
Set port name
Name or number in other CLI commands
See Also „ clear port-groupon „ display port-groupon
See Also „ clear port name on „ display port status on
Set port poe
Set port negotiation
Result
See Also „ set port type ap on „ set port type wired-authon
Following command enables PoE on ports 4
WX1200# set port poe 4,5 disable
WX1200# set port poe 4,5 enable
Changes the speed of a port
Set port speed
WX4400# set port preference 2 rj45
Syntax set port speed port-list10 100 1000 auto
Set port trap
Set snmp trap command
Set port type ap
„ poe enable disable Power over Ethernet PoE state
Antenna model, use the following command
Defaults All WX ports are network ports by default
„ 11a 802.11a „ 11b 802.11b „ 11g 802.11g
STP
MAP Access Port Defaults
Set port type
Wired-auth
WX1200# set port type wired-auth 2 success change accepted
Wired Authentication Port Details
See Also „ clear port type on „ set port type ap on
Vlan Commands
Deletes an entry from the forwarding database FDB
Clear fdb
Syntax clear fdb perm static dynamic
WX4400# clear fdb static vlan blue success change accepted
„ display fdb on
Clear vlan
Port from the VLAN, make sure you specify the port number
See Also „ set vlan port on „ display vlan config on
Following command completely removes Vlan marigold
Display fdb
Displays entries in the forwarding database
WX4400# display fdb all
Describes the fields in the display fdb output
Agingtime
See Also „ clear fdb on
Output for display fdb
WX1200# display fdb agingtime
See Also „ set fdb agingtime on
Syntax display fdb count perm static dynamic
Station
Display roaming
See Also „ display roaming vlan on
Describes the fields in the display
Output for display roaming station
Syntax display roaming vlan
Output for display roaming vlan
WX4400# display roaming vlan
Display tunnel
See Also „ display vlan config on
Output for display tunnel
Syntax display tunnel
Output for display vlan config
Display vlan config
Syntax display vlan config vlan-id
WX1200# display vlan config burgundy
Adds a permanent or static entry to the forwarding database
Set fdb
Syntax set fdb perm static
See Also „ clear fdb on „ display fdb on
See Also „ display fdb agingtime on
Set vlan name
Vlan 4094 is reserved for WebAAA
Creates a Vlan and assigns a number and name to it
Set vlan port
Tunnel-affinity
Set vlan
See Also „ display roaming vlan on „ display vlan config on
To locate commands in this chapter based on their use
IP Services Commands
DNS
IP Services Commands by Usage
Removes an IP interface
Clear interface
Syntax clear interface vlan-idip
History Introduced in MSS Version
Access Enabled
See Also „ display ip alias on
WX1200# clear ip dns domain
Clear ip route
Clear ip dns server
„ set ip dns domain on
„ set ip dns server on
„ display ip route on
Clear ip telnet
„ set ip route on
Clear ntp server
Update-interval
Clear ntp
Clear snmp trap
„ set ntp server on „ set ntp update-intervalon
Receiver
See Also „ clear ntp server on „ display ntp on
Clear summertime
Following command
Command
Clear timezone
Examples To clear the system IP address, type the following
Display timedate on
Display arp
Display timezone on
Shows the ARP table
„ set arp agingtime on
„ set arp on
Syntax display interface vlan-id
Display ip alias
Shows the IP aliases configured on the wireless LAN switch
See Also „ set interface on „ set interface status on
Output for display interface
Display ip dns
Examples The following command displays the DNS information
„ clear ip alias on
„ set ip alias on
Shows information about the Https management port
Display ip https
Output for display ip dns
Syntax display ip https
WX4400# display ip https
Output for display ip https
Shows the IP route table
Display ip route
Syntax display ip route destination
WX4400# display ip route
FieldDescription
Output of display ip route
Syntax display ip telnet
Output for display ip telnet
WX4400 display ip telnet
Display ntp
Examples To display NTP information for a WX switch, type
Shows NTP client information
Output for display ntp
„ set ntp server on „ set summertime on „ set timezone on
Shows Snmp settings on a wireless LAN switch
Configuration
Examples To display Snmp settings on a WX switch, type
Display snmp
Output of display snmp configuration
Summertime
Defaults There is no summertime offset by default
Syntax display summertime
WX1200# display summertime
Syntax display timezone
WX1200# display timedate
WX4400# display timezone
„ set timedate on „ set timezone on
Defaults „ count
„ traceroute on
Set arp
See Also „ set arp agingtime on
Following command disables ARP aging
Syntax set arp agingtime seconds
WX1200# set arp agingtime
Set interface
Syntax set interface vlan-idstatus up down
WX1200# set interface mauve ip 10.10.20.10
Set ip alias
Aliases as shortcuts in CLI commands
Set ip dns
See Also „ clear ip alias on „ display ip alias on
WX1200# set ip dns domain example.com
Syntax set ip dns domain name
Syntax set ip dns server ip-addrprimary secondary
Set ip route
WX switch is also disabled
Adds a static route to the IP route table
Set ip route
Syntax set ip snmp server enable disable
Set ip ssh
See Also „ set ip ssh absolute-timeouton
„ clear snmp trap receiver on
Secure Shell SSH management traffic
„ set ip ssh idle-timeouton „ set ip ssh server on
Absolute-timeout
Syntax set ip ssh absolute-timeout minutes
Or idle
Also disabled
Idle-timeout
Set ip ssh server
Set ip telnet
WX4400# set ip telnet server enable success change accepted
Syntax set ip telnet server enable disable
Enables or disables the NTP client on a wireless LAN switch
Examples The following command enables the NTP client
Configures a wireless LAN switch to use an NTP server
Set ntp
Implementation and Analysis
RFC 1305, Network Time Protocol Version 3 Specification
NTP server
From 16 through 1,024 seconds
Community
Set snmp
Public and private
„ disable Disables the sending of trap information
„ enable Enables trap information to be sent
„ all Enables or disables all traps
Sends an Snmp trap message to any network management system
Snmp Trap Names
Defaults All traps are disabled by default Access Enabled
See Also „ clear snmp trap receiver on
Set snmp trap
IP Services Commands
Values
To PDT Pacific Daylight Time, type the following command
Date is within the summertime period
Following
Set timedate
Sets the time of day and date on the wireless LAN switch
„ date mmm dd yyyy System date
„ time hhmmss System time, in hours, minutes, and seconds
WX4400# set timedate date feb 29 2004 time
Set timezone
Time now is Sun Feb 29 2004, 235802 PST
Opens a Telnet client session with a remote device
Telnet
WX1200# set timezone PST
WX4400# telnet
See Also „ clear sessions on „ display sessions on
„ dnf Disabled „ no-dns- Disabled „ port
Defaults
Traceroute
„ queries „ size „ ttl
WX4400# traceroute server1
Error messages for traceroute
„ ping on
This chapter presents AAA commands alphabetically. Use to
Locate commands in this chapter based on their use
AAA Commands by Usage
Display accounting statistics on
WX4400# clear accounting dot1x Nin
Syntax clear accounting admin dot1x user-glob
Admin
Clear authentication
WX4400# clear authentication console Regina
Syntax clear authentication console user-glob
ConsoleConsole
Syntax clear authentication dot1x ssid ssid-namewired
Syntax clear authentication last-resort ssid ssid-namewired
Clear authentication Removes a MAC authentication rule. mac
WX4400# clear authentication last-resort wired
Syntax clear authentication mac ssid ssid-namewired
WX4400# clear authentication mac ssid thatcorp aabbcc
Clear authentication Removes a WebAAA rule. web
Syntax clear authentication web ssid ssid-namewired
Syntax clear location policy rule-number
„ display location policy on
Clear mac-user
„ set location policy on
See Also „ display aaa on „ set mac-usergroup attr on
Group
Clear mac-user attr
„ set mac-user attr on
Mac-usergroup
Clear
Mac-usergroup attr
Mac-user group command
„ clear mac-usergroup attr on
Clear user
Mobility-profile
See Also „ display aaa on
Clear user attr
Clear usergroup
Clear user group
Syntax clear usergroup group-name
„ group-name- Name of an existing user group
WX4400# clear usergroup cardiology success change accepted
Display aaa
Displays all current AAA settings
Time-Of-Day attribute from the group
Display aaa Output
Describes the fields that can appear in display aaa output
User’s password, and no global password is set
Display accounting
Stored in the local database on the WX switch
Statistics
Statistics output
Aaattyattr
Policy
Display location
„ clear location policy on
Set accounting
Admin console
Are sent
Accesses the switch using Telnet or Web Manager
Server when the user roams
Authenticated by
Authenticated by MAC authentication
AAA Commands
Set authentication
AAA Commands
Completing logon
Through the switch’s console
Globs on
Following methods in priority order. MSS applies multiple
For more information, see Usage
Syntax set authentication dot1x ssid ssid-namewired
AAA Commands
Set authentication dot1x
Success change accepted
Syntax set authentication last-resort
AAA Commands
Syntax set authentication mac
AAA Commands
Syntax set authentication web ssid ssid-namewired
AAA Commands
Set location policy
AAA Commands
Set location policy
WX4400# set location policy deny if user eq *.theirfirm.com
Tempvendora into Vlan kiosk1
Set mac-user
See Also „ clear mac-useron „ display aaa on
Authentication Attributes for Local Users
Filter-id outboundacl.out
Authentication Attributes for Local Users
YY/MM/DD-HHMM
Time-of-day
WX4400# set mac-user 010203040506 attr filter-id acl-03.in
Syntax set mac-usergroup
See Also „ clear mac-user attr on „ display aaa on
Syntax set mobility-profile name name port none all
See Also „ clear mac-usergroup attr on „ display aaa on
AAA Commands
„ set user attr on „ set usergroup on
Syntax set mobility-profile mode enable disable
29Jan04
Set user
See Also „ clear user on „ display aaa on
Orange
Set user attr
See Also „ clear user attr on „ display aaa on
Set usergroup
Set user group
„ clear user group on
Syntax set web-aaa enable disable
To add a user to a group, user the command set user group
Set web-aaa
WX4400# set web-aaa disable success change accepted
Examples To disable WebAAA, type the following command
Mobility Domain Commands by Usage
To locate commands in this chapter based on their use
Member
Mobility-domain
Displays the configuration of the Mobility Domain
Display mobility-domain config
Status
See Also „ set mobility-domain member on
WX4400# display mobility-domain status
Display mobility-domain Output
„ display mobility-domain config on
Mode member
Set
Seed-ip
Syntax set mobility-domain mode seed domain-name
Set mobility-domain mode seed domain-name
Domain name is Pleasanton
Mobility Domain Commands
Commands
Managed Access Point Commands
Map Access Point Commands by Usage
Radio
Clear ap dap
Syntax clear radio-profile name parameter
WX1200# clear ap 3 radio
Syntax clear service-profile name
„ name Service profile name
See Also „ clear radio-profileon „ set radio-profile mode on
WX1200# display ap config
Output for display ap config
WX4400# display dap config
Does not belong to any load balancing groups
An associated client
MAP access point on port
Displays MAP access point and radio statistics counters
Display ap dap
Radio 1 Shows statistics counters for radio
Tkip Pkt Replays
Output for display ap counters
Syntax display ap dap etherstats port-listdap-num
See Also „ display sessions network on
WX4400# display dap etherstats
TxMaxColl
Output of display ap etherstats
„ name Name of an MAP group or Distributed MAP group
Syntax display ap status port-listall radio 1
Syntax
WX1200# display ap status
WX4400# display dap status
Output for display ap status
Output for display ap status
Decide whether to change channel or power settings
Output for display auto-tune attributes
See Also „ display auto-tune neighbors on
WX1200# display auto-tune attributes ap 2 radio
Neighbors
Display auto-tune
Display auto-tune Neighbors ap 2 radio
Output for display auto-tune neighbors
Connection
Display dap
„ display dap global on „ display dap unconfigured on
„ display ap dap config on
Output of display dap connection
Dap connection serial-id M9DE48B6EAD00
WX4400# display dap global
Output for display dap global
„ display ap dap config on
Unconfigured
But that are not configured on any WX switches
Longer appears in the command’s output
Displays radio profile information
Describes the fields in this display
Output for display radio-profile
WX4400# display radio-profile default
Setting and tuning channels
Ssid
Displays service profile information
Service-profile
„ name Displays information about the named service profile
„ ? Displays a list of service profiles
Username
„ Tkip countermeasures time Indicates the amount
WX1200# reset ap
Reset ap dap
Syntax set ap port-listdap dap-numbias high low
WX4400# set dap 1 bias low success change accepted
See Also „ display ap dap config on
Syntax set ap port-listdap dap-numblink enable disable
WX1200# set ap 3-4 blink enable success change accepted
„ display ap dap group on
Set ap dap name Changes an MAP name
WX1200# set ap 4 group none success change accepted
WX1200# set ap 1 name techpubs success change accepted
„ antennatype ANT1060 ANT1120 ANT1180 internal
Set ap dap radio antennatype
„ antennatype ANT5060 ANT5120 ANT5180 internal
Set ap dap radio auto-tune max-power
Set ap dap radio auto-tune max- retransmissions
Managed Access Point Commands
Sets an MAP radio’s channel
Set ap dap radio channel
Syntax set ap port-listdap dap-numradio 1
WX1200# set ap 5 radio 1 channel 36 success change accepted
Set ap dap radio min-client-rate
Set ap dap radio min-client-rate
Enables or disables a radio on an MAP access point
Set ap dap radio mode
Following command enables radio 2 on ports 1 through
Set ap dap radio radio-profile
Sets an MAP radio’s transmit power
Set ap dap radio tx-power
Set ap dap
Upgrade-firmware
11g-only
Set radio-profile
Set radio-profile auto-tune channel-config
Syntax set radio-profile name auto-tune channel-holddown
Set radio-profile auto-tune channel-holddown
Syntax set radio-profile name auto-tune channel-interval
Set radio-profile auto-tune channel-interval
Syntax set radio-profile name auto-tune power-backoff-timer
Set radio-profile auto-tune power-backoff- timer
WX4400# set radio-profile rp2 auto-tune power-backoff-timer
Set radio-profile auto-tune power-config
Set radio-profile auto-tune power-interval
Beacon-interval
Service set identifier Ssid
Specify from 25 ms to 8191 ms
Radio profile rp1 to 200 ms
Syntax set radio-profile name frag-threshold threshold
Syntax set radio-profile name long-retry threshold
Syntax set radio-profile name max-rx-lifetime time
Mode
Max-tx-lifetime
Parameter Default Value
Defaults for Radio Profile Parameters
WX4400# set radio-profile rp1 success change accepted
WX4400# set radio-profile rp1 mode enable
Syntax set radio-profile name
Syntax set radio-profile name rts-threshold threshold
Syntax set radio-profile name service-profile name
Defaults for Service Profile Parameters
297
Defaults for Service Profile Parameters
Syntax set radio-profile name short-retry threshold
WPA IE
Syntax set service-profile Name auth-dot1x enable disable
Set service-profile auth-fallthru
Syntax set service-profile name auth-psk enable disable
Syntax set service-profile name beaconed enable disable
Cipher-ccmp
Set service-profile
Cipher-tkip
See Also „ set service-profilecipher-ccmpon
Use the set service-profile wep commands
Cipher-wep104
„ disable Disables 40-bit WEP encryption for WPA clients
„ enable Enables 40-bit WEP encryption for WPA clients
Defaults 40-bit WEP encryption is disabled by default
Cipher-wep104 command
Syntax set service-profile name psk-phrase passphrase
Syntax set service-profile name psk-raw hex
Syntax set service-profile name rsn-ie enable disable
Syntax set service-profile name ssid-name ssid-name
Set service-profile auth-psk command
See Also „ set service-profilessid-nameon
See Also „ set service-profilessid-typeon
Syntax set service-profile name tkip-mc-time wait-time
Syntax set service-profile name web-aaa-form url
Ssid managed by the service profile
Web-aaa-form
„ copy on „ dir on
Set service-profile wep active-multicast- index
„ mkdir on
Syntax set service-profile name wep active-unicast-index num
Set service-profile wep active-unicast- index
Wep key-index
Syntax set service-profile name wpa-ie enable disable
Table to locate commands in this chapter based on their use
STP Commands by
STP Commands by Usage
Clear spantree
STP root bridge in all VLANs on a WX switch
Portcost
Syntax clear spantree portcost port-list
Portvlancost
Portpri
„ clear spantree portvlanpri on
„ set spantree portpri on
„ clear spantree portcost on
Portvlanpri
See Also „ display spantree statistics on
„ clear spantree portpri on
Syntax display spantree
Spantree vlan default
Root
Output for display spantree
Display spantree
Or disabled
Backbonefast
„ display spantree blockedports on
Blockedports
WX switch with backbone fast convergence enabled
„ set spantree backbonefast on
One or all of its VLANs
For one or more network ports
Portfast
See Also „ set spantree portfast on
Output for display spantree portfast
„ port-list- List of ports
Port’s VLANs
Syntax display spantree portvlancost port-list
Syntax display spantree statistics
WX4400# display spantree statistics
Topology change Timer value Hold timer
Vlan Vlan ID
Output for display spantree statistics
Configpending
Switch is the root or is attempting to become the root
Syntax display spantree uplinkfast vlan vlan-id
See Also „ clear spantree statistics on
„ set spantree uplinkfast on
Set spantree
Configured on a WX switch
Examples The following command enables STP on all VLANs
Following command disables STP on Vlan burgundy
An indirect link
„ display spantree backbonefast on
Fwddelay
Maxage
Issues a topology change message
VLANs to 4 seconds
„ all Changes the maximum age on all VLANs
Snmp Port Path Cost Defaults
Type. lists the defaults for STP port path cost
Path to the STP root bridge
65,535. STP selects lower-cost paths over higher-cost paths
Portvlancost command
Syntax set spantree portpri port-listpriority value
See Also „ display spantree portfast on
„ all Changes the cost on all VLANs
Bridge for a specific Vlan on a wireless LAN switch
Type. See on
To 20 in Vlan mauve
Priority
32,768
Uplinkfast
Pink to
Primary link fails
See Also „ display spantree uplinkfast on
Igmp Commands by Usage
Igmp Snooping Commands
Display igmp
Clear igmp statistics
See Also display igmp statistics on
TTL
Output for display igmp
TTL
Syntax display igmp mrouter vlan vlan-id
Mrouter
WX1200# display igmp Mrouter vlan orange
Only one querier
Defaults None Access Enabled
Syntax display igmp querier vlan vlan-id
Output for display igmp mrouter
WX1200# display igmp querier vlan default
WX1200# display igmp querier vlan orange
WX1200# display igmp querier vlan red
„ set igmp querier on
Receiver-table
Shows Igmp statistics
See Also „ set igmp receiver on
VLAN, MSS displays Igmp statistics for all VLANs
WX1200# display igmp receiver-table group 237.255.255.0/24
WX1200# display igmp statistics vlan orange
From the multicast routers in the subnet
Output of display igmp statistics
See Also „ set igmp rv on
Wireless LAN switch
VLAN, the timer change applies to all VLANs
VLANs on a wireless LAN switch
Set igmp lmqi
From 1 through 65,535
Syntax set igmp mrsol enable disable vlan vlan-id
Enables or disables multicast router solicitation by a WX
Set igmp mrsol
See Also „ display igmp statistics on
See Also „ set igmp mrsol on
See Also „ set igmp mrsol mrsi on
Syntax set igmp mrsol mrsi seconds vlan vlan-id
WX1200# set igmp mrsol mrsi 60 success change accepted
All VLANs on a WX
Set igmp oqi
Syntax set igmp oqi seconds vlan vlan-id
Proxy-report
Set igmp
Set igmp qi
VLANs on a WX
Set igmp qri
Group. You can specify a value from 1 through 65,535
WX1200# set igmp qi 100 vlan orange success change accepted
WX1200# set igmp qri 50 vlan orange success change accepted
Syntax set igmp querier enable disable vlan vlan-id
See Also „ display igmp querier on
Syntax set igmp receiver port port-listenable disable
Set igmp rv
Defaults The default robustness value for all VLANs is
Occurs on the network
VLAN, MSS changes the robustness value for all VLANs
Security ACL
Security ACL Commands
Syntax clear security acl acl-name all editbuffer-index
Clear security acl map
Syntax clear security acl map acl-nameall vlan vlan-id
Syntax commit security acl acl-nameall
WX4400# clear security acl map all success change accepted
WX4400# display security acl
WX4400# commit security acl all
Syntax display security acl editbuffer
Syntax display security acl hits
WX4400# display security acl editbuffer
WX4400# display security acl hits
See Also „ hit-sample-rateon „ set security acl on
Syntax display security acl info acl-nameall editbuffer
Map
Display security acl
Security ACL is assigned
Syntax display security acl map acl-name
ACL acl111 is mapped
Resource-usage
Support for your Product on
WX4400# display security acl map acl111
WX4400# display security acl resource-usage
Output of display security acl resource-usage
Output of display security acl resource-usage
Packets filtered by the security ACL or hits
Hit-sample-rate
Syntax hit-sample-rate seconds
Syntax rollback security acl acl-nameall
Protocol, or IP, ICMP, TCP, or UDP packet information
Set security acl
By TCP packets
By Icmp packets
By UDP packets
„ ip „ tcp „ udp „ icmp
Set security acl
Security ACL Commands
WX4400# set security acl ip acl123 deny 192.168.2.11
WX4400# commit security acl all configuration accepted
Defaults None
Set security acl map
Security ACL Commands
Cryptography Commands by Usage
To locate commands in this chapter based on their use
Syntax crypto ca-certificate admin eap webaaa
See Also „ display crypto ca-certificateon
Syntax crypto certificate admin eap webaaa
Examples The following command installs a certificate
WX4400# crypto generate key admin 1024 key pair generated
Syntax crypto generate key admin eap ssh webaaa 512 1024
See Also display crypto key ssh on
Syntax crypto generate request admin eap webaaa
Email Address admin@example.com
WX4400# crypto generate request admin
See Also „ crypto certificate on „ crypto generate key on
Syntax crypto generate self-signed admin eap webaaa
WX4400# crypto generate self-signed admin
Crypto otp
„ crypto pkcs12 on
Crypto pkcs12
See Also „ crypto otp on
Ca-certificate
Display crypto
Pkcs #7 certificate
Display crypto ca-certificate Output
Syntax display crypto certificate admin eap webaaa
On the WX switch
Certificate
Describes the fields of the display
Syntax display crypto key ssh
See Also crypto generate key on
Cryptography Commands
Radius Commands by Usage
Locate commands in this chapter based on their uses
Clear radius
See Also „ display aaa on „ set radius client system-ipon
WX4400# clear radius timeout success change accepted
Syntax clear radius client system-ip
Syntax clear radius server server-name
See Also „ display aaa on „ set radius server on
WX4400# clear radius server rs42 success change accepted
Syntax clear server group group-nameload-balance
„ set server group on
Set radius
System-ip
Set radius client
„ clear radius server on
WX4400# set radius client system-ip success change accepted
Radius and Server Group Commands
Syntax set server group group-namemembers server-name1
„ group-name- Server group name of up to 32 characters
Load-balance group
Set server group load-balance
Radius and Server Group Commands
Commands on
On the switch
802.1X Commands by Usage
Performance
Examples To reset the Bonded period to its default, type
Which disables the feature
Clear dot1x
Bonded-period
See Also „ display dot1x on „ set dot1x bonded-periodon
Port-control
„ set dot1x max-reqon
„ set dot1x port-controlon
Quiet-period
See Also „ display dot1x on „ set dot1x quiet-periodon
Reauth-period
Reauth-max
„ set dot1x reauth-maxon
See Also „ display dot1x on „ set dot1x reauth-periodon
Authentication server, type the following command
Defaults The default is 30 seconds
Auth-server
Before the WX times out a request to a Radius server
Tx-period
„ set dot1x timeout supplicant on
Display dot1x
„ set dot1x tx-periodon
WX4400# display dot1x clients
WX1200# display dot1x config
Explains the counters in the display dot1x stats output
Type the following command to display 802.1X statistics
WX4400# display dot1x stats
Set dot1x
Port-control command
Authcontrol
Examples To enable per-port 802.1X authentication on wired
Authentication is enabled
Authentication ports, type the following command
Machine to start reauthentication for the user
WX4400# set dot1x key-tx enable
Syntax set dot1x key-tx enable disable
See Also „ display dot1x on „ clear dot1x bonded-periodon
WX4400# set dot1x bonded-period 60 success change accepted
„ clear dot1x max-reqon
Set dot1x max-req
See Also „ display port status on „ display dot1x on
To a supplicant after a failed authentication
Syntax set dot1x quiet-period seconds
Syntax set dot1x reauth enable disable
Before the supplicant client becomes unauthorized
Attempts reauthentication
See Also „ display dot1x on „ clear dot1x reauth-maxon
Syntax set dot1x reauth-max number-of-attempts
Out a request to a Radius authentication server
Set dot1x timeout
Out an authentication session with a supplicant client
Supplicant
Syntax set dot1x tx-period seconds
See Also „ display dot1x on „ clear dot1x tx-periodon
Wep-rekey-period
Wep-rekey
See Also „ display dot1x on „ set dot1x wep-rekeyon
Telnet sessions
Clear sessions
VLANs, or session ID
Network
Users
WX4400# clear sessions network mac-addr
To clear session 9, type the following command
WX1200# clear sessions network session-id
WX1200# clear sessions network user Natasha
Display sessions
WX4400 display sessions console
WX4400 display sessions admin
WX4400 display sessions telnet
Display sessions telnet client Output
See Also „ clear sessions on
Syntax display sessions network
„ display sessions network session-id display See on
„ Summary display See on „ Verbose display See on
WX1200# display sessions network
WX1200# display sessions network mac-addr 00055d7e981a
WX1200# display sessions network session-id
WX1200# display sessions network verbose
Additional display sessions network verbose Output
Display sessions network summary Output
Time
Display sessions network session-id Output
802.1X protocol on a wired authentication port
See Also „ clear sessions network on
Session Management Commands
RF Detection Commands
Rfdetect countermeasures mac commands
Countermeasures mac command
Clear rfdetect
Countermeasures
Syntax clear rfdetect ignore mac-addr
Ignore
Mobility Domain
Display rfdetect
Domain
Syntax display rfdetect countermeasures
Syntax display rfdetect data
Radios as well as by third-party access points
WX1200# display rfdetect data
Display rfdetect data Output
Radios, use the display rfdetect data command
Display rfdetect data command on that switch
Ignore list
„ clear rfdetect ignore on
WX1200# display rfdetect mobility-domain
Display rfdetect mobility-domain Output
„ mac-addr- Base MAC address of the 3Com radio
Third-party access points
To display the base MAC address of a 3Com radio, use
Display neighboring BSSIDs
WX1200# display rfdetect visible 000b0e000a6a
Display rfdetect visible Output
WX1200# display rfdetect Visible ap Radio
Active-scan
Set rfdetect
Set rf detect
Starts countermeasures against a specific rogue
Set rfdetect countermeasures mac
Syntax set rfdetect countermeasures mac mac-addr
Syntax set rfdetect ignore mac-addr
Syntax set rfdetect log enable disable
Detected or when they disappear
Set rfdetect log
See Also „ display log buffer on
File Management Commands
Defaults All
Backup
Tape archive tar format
History
Syntax clear boot config
Output for backup
Describes the fields in the dir output
Copy
„ reset system on
WX4400# copy floorwx tftp//10.1.1.1/floorwx
Delete
File or the running configuration
Immediately deletes the specified file
Syntax delete url
WX4400# delete dang/dangdoc success file deleted
Dir
Following command displays the files in the old subdirectory
Boot
Display boot
„ copy on
Output for dir
Describes the fields in the display boot output
Display config
Displays the configuration running on the WX switch
„ area area Configuration area. You can specify one
WX4400# display config area vlan
See Also „ load config on
And, optionally, for any attached MAP access points
„ save config on
Display version
Output for display version
Describes the fields in the display version output
Running configuration with the commands in the loaded file
Load config
Syntax load config url
Mkdir
Following command loads configuration file testconfig1
Creates a new subdirectory in nonvolatile storage
„ dir on „ rmdir on
Restarts an WX switch and reboots the software
Reset system
Syntax reset system force
WX4400# reset system
Key pairs and certificates on the switch
Restore
Or restoring an archive
„ backup on
Save config
Rmdir
„ dir on „ mkdir on
Configuration-file
Set boot
Configuration
Testconfig1
Syntax set boot partition boot0 boot1
File Management Commands
Deletes the log messages stored in the trace buffer
Clear log trace
Syntax clear log trace
Clear trace
Deletes running trace commands and ends trace processes
„ set log on
Display trace
WX switch, or all possible trace options
Syntax display trace all
WX4400# display trace
Save trace
Authentication
Set trace
About user jose’s authentication
Authorization
Traces authorization information
Authorization for MAC address
See Also „ clear trace on „ display trace on
Set trace dot1x
Syntax set trace sm mac-addr mac-address port port-num
Set trace sm
Trace Commands
Syntax clear log buffer server ip-addr
Clear log
WX4400# clear log buffer success change accepted
See Also „ clear log trace on
Log buffer facility ?
You can view event messages archived in the buffer
WX4400# display log buffer facility AAA
Log config
„ display log config on
„ clear log on
„ set log on „ clear log on
Syntax display log trace +-/number-of-messages
Set log
„ enable Enables messages to the specified target
„ Logging state enabled or disabled
„ trace Sets log parameters for trace files
Mbytes
Set log trace
WX4400# set log trace mbytes 4 success change accepted
See Also „ display log config on
System LOG Commands
Boot Prompt
Boot Prompt Commands
Autoboot
„ BT=type Boot type
Boot
„ DEV=device Location of the system image file
„ FN=filename System image filename
„ change on „ display on
Syntax change
Change
Syntax create
Create
Examples To remove the currently active boot profile, type
Usage When you type the delete command, the next-lower
Profiles, see display on
Syntax delete
Syntax diag
Diag
„ fver on „ version on
Syntax display Defaults None
„ change on „ create on „ delete on „ next on
Output of display command
Fver
„ command-name- Boot prompt command
For an individual command
Displays a list of the boot prompt commands
„ ls on
Next
Syntax next Defaults None
Resets a WX switch’s hardware
Reset
Syntax reset
Command at the boot prompt
„ OFF Disables the poweron test flag
„ on Enables the poweron test flag
Defaults The poweron test flag is disabled by default
Test
Dir or fver command
Syntax version Defaults None
Type the following command at the boot prompt
Boot version
„ dir on „ fver on
Boot Prompt Commands
Register Your
Services
Product
Purchase
Troubleshoot
Access Software
Online
Downloads
Contact Us
Need to apply for a user name and password
Latsupportanc@3com.com
Country Telephone Number
Index
Delete 474, 515 diag Dir 475, 516 disable 33 display
Index
Index
Index
Index