WX4400 3CRWX440095A WX1200 3CRWX120695A WXR100 3CRWXR10095A
Wireless LAN Mobility System
United States Government Legend
3Com Corporation 350 Campus Drive Marlborough, MA USA
Contents
Enabling Keyboard Shortcut Mnemonics Windows XP Only
Getting Started
131
125 Placing Third-Party Access Points
186 Configuring Snmp 187
175 Launching a Web Management Session with the Switch 176
233
Resetting CoS Mapping to their Default Values
244
241 Configuring an 802.1X Wireless Service 242
247
258
316
299 Creating a Radius Server Group 300
319
320
Example 3 Deployment Site Has DNS But No Dhcp
337
WX File Management Options Devices Tab
347
Viewing the Operation Log 358
Enabling or Disabling Management of a Switch by 3WXM
356
375
Applying Policy Changes to Switches 375
394
Generating a Radio Details Report 395
410 Displaying 802.11 Coverage
Generating a Site Survey Order Generating a Work Order
412
439
468
465
Register Your Product 507
496
Page
Icon Description
Conventions
List conventions that are used throughout this guide
Documentation
Pddtechpubscomments@3com.com
Comments
Example
Hardware Requirements for Running 3WXM Client
Hardware Requirements
Requirements for 3WXM client 3WXM Client
Hardware Requirements for Running 3WXM Monitoring Service
Hardware Requirements for 3WXM Monitoring Service
Hard drive space Available Monitor resolution
Number Radios WX Switches 50+ WX Switches
Software
Installation
Preparing for
User Privileges
Installing 3WXM
Installing 3WXM
Installing 3WXM
Click Uninstall
Click Continue
Plan is displayed by the 3WXM client
Overview
Display Panels
Display Panels
Alert Category Description
Alerts
Rogue Detection
Alerts
Reviewing and Deploying Switch Configuration Changes
Saving or Discarding Configuration Changes
Configuration Wizards
Working with the 3WXM User Interface
Option Description
Properties Dialogs
Resize Icons
Menu Option Description
3WXM Menu Options
Menu Option Description
3WXM Tool Bar Options
Configuration
Verification
Deleting
Copying, Pasting
Objects
Organizer Panel
Replace Organizer Panel
Copy and Paste Content Panel
Shortcut
Enabling Keyboard
Mnemonics
Windows XP Only
Enabling Keyboard Shortcut Mnemonics Windows XP Only
Working with the 3WXM User Interface
Following steps describe how to start 3WXM
Switch Manager 3WXM, restricting access to 3WXM, creating
Starting 3WXM
Managing network plans, and defining a Mobility Domain
Next
Starting 3WXM
Getting Started
Restricting Access to 3WXM
Accounts
Working with Network Plans
Creating a Network To create a network plan
Plan
Can also share a network plan with others
3WXM installation directory on the 3WXM Services host
Plans
Saving a Network Plan with a New Name
Managing Network Plans
Plan
Managing Network Plans
To disable notification
Defining a Mobility Domain
Protocol Port Function
Traffic Ports Used for AAA Servers and Management Servers
Third-Party AP
Creating a WX Switch
Creating a
Working with Network Plans
Settings to
Auto-Tuning
Changing
Country Code
Click Next Click Finish
Uploading a WX Switch into Network Plan
Converting Auto DAPs into Statically Configured APs
Affinity Value Assigned To
Affinities for Network Domain Seeds
RF Planning
Toolbar icons available in RF Planning Tools
RF Planning Overview
To create or modify a site
Creating or
Modifying a Site
Creating or Modifying a Site
Modifying Buildings in a Site
Creating or Modifying Buildings in a Site
Planning the 3COM Mobility System
Modifying Floors
Details
Importing or
Drawing Floor
To prepare a drawing before importing it into 3WXM
Planning the 3COM Mobility System
Importing or Drawing Floor Details
Common AutoCAD Layer Names
Useful AutoCAD Operations and Naming-Conventions
Operating Tips
Importing the Drawing
Floor Plan After Importing
To crop the paper space
Floor Plan After Cropping
To adjust the scale
Origin point
To adjust the origin point
New location of origin point
Shows the same floor plan as after hiding unnecessary layers
Hiding Layers
Moving an object from one layer to another
Adding or removing a layer
To clean up a drawing
Importing or Drawing Floor Details
Planning the 3COM Mobility System
Object Action
To draw an object
Planning the 3COM Mobility System
To create RF obstacles for an area in a drawing
To create RF obstacles for all objects in a layer
Create RF Obstacle dialog box is shown in Figure
To create RF obstacles by grouping objects
To use the Create RF Obstacle Dialog box
Drawing RF Obstacles
3WXM supports concave polygons. a concave
Specifying the RF Characteristics of a Floor
To import LOS points from a file
Site Survey Recommendations
Adding LOS Points
Specifying the RF Characteristics of a Floor
Planning the 3COM Mobility System
To create LOS points in 3WXM
Click Next. The radio configuration page appears
Specifying the RF Characteristics of a Floor
Generating a Site Survey Order
To move an LOS point
To delete an LOS point
Click Generate
Importing RF Measurements
Click Next
Applying the RF Measurements to the Floor Plan
To create a wiring closet
Planning the 3COM Mobility System
Shows an example of shared coverage areas
Shared Coverage Areas
Unsupported Shared Coverage Area Example
Drawing a Coverage Area
Object Action
Specifying the Wireless Technology for a Coverage Area
Specifying Coverage Area Properties
Specifying Floor Properties for the Coverage Area
Click Next. The Floor Properties page appears
Specifying Default Device Settings for the Coverage Area
Planning the 3COM Mobility System
WX4400 switches support indirect MAP connections only
Configuring Capacity Calculation for Data
Configuring Capacity Calculation for Voice
Planning the 3COM Mobility System
Areas
Planning the 3COM Mobility System
Defining Wireless Coverage Areas
Planning the 3COM Mobility System
Defining Wireless Coverage Areas
Planning the 3COM Mobility System
AP Icon to its Floor
Creating and Placing An Icon for a Third-Party Access Point
Location
Place tab
Planning the 3COM Mobility System
Placing Third-Party Access Points
Planning the 3COM Mobility System
Auto-Configured
Placing Installed
MAPs
Plan
Planning the 3COM Mobility System
To specify design constraints
WX4400 switches support indirect MAP connections only
Computing MAP Placement
To compute and place MAPs
To review coverage area computation
Go to To review coverage area computation
Planning the 3COM Mobility System
To lock a MAP
Locking and Unlocking MAPs
Channel Assignment to Minimize Co-Channel Interference
To assign channels
Computing MAP Placement
Planning the 3COM Mobility System
To compute optimal power
Planning the 3COM Mobility System
To resolve optimal power computation problems
Resolving coverage gaps
Verifying the Wireless Network
To place an RF measurement point
„ To list disabled access points, select Show Disabled MAPs
To use the RF interactive measurement mode
Signal strengths for any location on the floor
Value
Shows the information available in the RF measurement table
RF Measurement Information
Network Design
Generating RF
Information
To generate a work order report
Click Generate Work Order
Parameters
WX Switch Configuration Objects
Category Object Type Description
WX Switch Object Types
WX Switch Object Types
AAA
Creating a WX Switch Using the Create Wireless Switch Wizard
Adding a WX Switch to the Network Plan
Click Management Interface
Configured Switch Network Plan
Click WX Associations
Configuration File
Settings
Configuring Basic
Advanced
Reviewing
Password is encrypted when you type it Click Next
Using the Create Wireless Switch Wizard
Configuring WX System Parameters
To set up a switch
„ V2c
Setting Up a Switch
„ 11b „ 11g
Modifying Basic Switch Parameters
Software Version
Changing the WX To change the WX software version
Model
Select the model from the drop-down list Click OK
Information
To convert an Auto DAP
To delete an Auto DAP
Settings
Viewing Changing Port Settings
Viewing Port Settings
Enabling Link Notifications
Click Properties Select Snmp Link Traps
Click Next
Configuring WX System Parameters
Viewing and Changing Port Settings
Configuring WX System Parameters
Viewing and Changing Port Settings
Select Port Groups
Viewing Port Groups To view port groups
Creating a Port Group To create a port group
Content panel, select the row for the port group
Group
Click Properties
Management Service Settings
3WXM, Https is always enabled and listens on port
Select Management Services
Viewing
Viewing and Changing Management Settings
Task List panel, select Community
Configuring an Snmp V1 or V2c Community String
Configuring a USM Snmp V3 User
Configuring WX System Parameters
Configuring a Notification Target
Configuring a Notification Profile
Click Properties
Community string names are transmitted in clear text
Configuring WX System Parameters
Task List panel, select 3WXM Notification Target
Configuring 3WXM Services as a Notification Target
Select the object you want to modify
Community string names are transmitted in clear text
Click Finish
Viewing Log Settings To view log settings
Setting Log
Trace Settings
Configure logging to the console
Creating a Trace Area
Creating an External Log Server
Services Settings
Configuring IP
Setting
Static routes
Select IP Services
You cannot use the word all as the name of an IP alias
Select IP Services
Select IP Services
Users and VLANs
Configuring VLANs
Viewing VLANs To view VLANs
Roaming and VLANs
Configuring WX System Parameters
Viewing and Configuring VLANs
To tag a port or port group, select the Tag checkbox
Changing STP Port Settings in a Vlan
Click OK
Enabling STP Fast Convergence Features
Configuring WX System Parameters
Configuring Static Multicast Ports
Click Properties
Viewing and Configuring VLANs
A Vlan
Restricting Layer
Select Dhcp Server to enable it on the Vlan
Last ACE of an ACL
Configuring ACLs
Server that stores confidential salary information
Viewing ACLs To view ACLs
To configure an ACL
IP Protocol Number
Configuring WX System Parameters
„ 0 normal-Packets with normal TOS defined are filtered
To change the hit sample rate
Configuring Advanced ACL Settings
To enable the hit counter for an ACE
To specify the type and code for Icmp ACEs
To enable the established option for TCP ACEs
Icmp Messages and Codes
Icmp Message Type Number Code Number
Adding a New ACE to a Configured ACL
Viewing and Configuring ACLs
Individual ACE from an ACL
Mappings
Changing CoS
Mappings
Mapping
Setting a Range Dscp Values to a
Configuring WX System Parameters
Viewing Configuring Wireless Services
Service Profile Parameters
Service Profiles
Service Profile Parameters
Service Profile Type Access Rule Type Default Access Glob
Access Rules
Viewing and Configuring Wireless Services
„ Local EAP-TLS-EAP with TLS
Select Wireless Services
Viewing Wireless To view wireless services
Services
„ WPA
Select the EAP type
Configuring Wireless Parameters
„ WPA
Configuring Wireless Parameters
Web-Portal WebAAA Service
„ Static WEP Click Next
Viewing and Configuring Wireless Services
Access Service
„ WPA
Go to step Click Finish
WPA, RSN Tab
Service Profile Tab
Static WEP Tab
Authorization Attributes Tab
Broadcast Settings Tab
Radio Profile Selection Tab
Voice Configuration Tab
Rate Configuration Tab
Client Timeout Tab
Client Timeout tab lists settings for client session timers
Viewing and Configuring Wireless Services
Soda Tab
Click Properties
Modifying Encryption Settings
Viewing and Configuring Wireless Services
Modifying Access Rules
Select Radio Profiles
Configuring Radio
Profiles
Profile
Creating a Radio To create a radio profile
Radio Profile Tab
Click Reset To Default
Attributes Tab
Auto Tune Tab
Radio Selection Tab
Service Profile Selection Tab
Auto-DAP Profile
Profile Settings
Profile Settings
Viewing and Changing the Auto-DAP Profile
DAPs into Statically Configured DAPs Deleting Auto DAPs
Configuring MAPs
Through radio signals
See Deleting Auto DAPs on
Configured MAPs
Viewing the To view the configured MAPs
Select Access Points
Maximum MAPs Supported Per Switch
„ 112233445566778899aabbccddeeff00
Transmit Power box, specify the transmit power for the radio
To configure a directly connected MAP
Channel Number list, select the channel number for the radio
Click the plus sign next to Wireless
Transmit Power box, specify the transmit power for the radio
Configuring Wireless Parameters
Viewing Radio To view radio settings
Configured
Changing Radio
Select Radios
Changing RF
Detection Settings
Select RF Detection
OUI List
Edit the MAC address in the MAC Address box Click OK
List
Countermeasures
Select RF Detection Select Enable AP Signature
Configuring Wireless Parameters
Managing Users
Creating
Local User
Database
Groups in the Local Database
You can create two types of users in the local database
Select Local User Database
Creating a Named To create a named user
User
Group and Assigning Users To It
Creating and Managing Users in the Local User Database
Task List panel, select MAC User Group
End-date
Authentication Attributes for Local Users
Encryption-type
Mobility-profile
Idle-timeout
Filter-id
Ssid
Service-type
Session-timeout
Start-date , end-date , or both
Start-date
Time-of-day tu1000-1600,th1000-1
Time-of-day
600
Time-of-day wk0900-1700,sa2200
Group
Radius Settings
A 3Com Mobility System
Url
Select Radius
Settings, Servers, Server Groups
Server
Click Next
Viewing and Configuring Radius Settings
To change default values for Radius parameters
802.1X Settings
Configuring Global
802.1X Settings
Select
Attempts
Click Save
Network Access Rules
Network Access
Select 802.1X Access Rules
Rules
Viewing and Configuring 802.1X Network Access Rules
„ Local EAP-TLS-EAP with TLS
Viewing and Configuring 802.1X Network Access Rules
Select MAC Access Rules
Configuring MAC
Network Access Rule
Viewing and Configuring MAC Network Access Rules
Page
Viewing Web AAA To view Web AAA network access rules
Viewing Configuring WebAAA Network Access Rules
Creating a Web AAA To create a Web AAA network access rule
Viewing and Configuring WebAAA Network Access Rules
Task List panel, select Last Resort Network Access
Viewing Configuring Last-Resort Network Access Rules
Select Last Resort Access Rules
Viewing and Configuring Last-Resort Network Access Rules
Administrator
Configuring WX
Administrator Access Rules
Select Admin Access Rules
Rule for Console Access
Rule for Telnet or SSH Access
Viewing and Configuring WX Administrator Access Rules
Users
Configuring AAA
Support for
Viewing and Configuring AAA Support for Third-Party AP Users
Port Connected to Third-Party AP
Proxy for a Client
Policy Rules
Changing Location
Policy Rules
Select Location Policy
Policy Rule
Creating a Location To create a location policy rule
Viewing and Changing Location Policy Rules
Select Mobility Profiles
Changing Mobility
Profiles
Viewing and Changing Mobility Profiles
Page
Remotely
Drop Ship WXR100 Only
How Remote WX Configuration Works
Shows the location of the Fn switch and the LED
Staged WX
3WXM Requirements
„ 3WXM must be installed and 3WXM Services must be running
„ The network plan containing the WX switches must be open
Staging a WX
Switch for
Configuration by
Save the configuration changes
Enable the auto-config option
Power off or restart the switch
Configure an IP interface on the Vlan
Enable the MSS DNS client
Configure DNS server information
WX4400# set ip dns domain examplecorp.com
WX4400# save config
Completing its
Configured Switch
Configuration with
Reusing its
Replacing a Switch
Replaced switch’s configuration
At the remote office
Replacement
How Switch Replacement Works
To enable replacement of remote switches
Enabling
To replace a switch
Options
Document where the options are described
WX File
WX File Management Options in 3WXM
Switches in the network plan
Devices Tab
Task Option Description Group
Devices Tasks
Task Task Option Group Description
Task Task Option Group
Synchronizing Local
Configuration Changes
Network
Changes
Network Changes
Undoing Local or To undo local or network changes
To immediately deploy local changes
To synchronize the changes, do one of the following
To schedule deployment of local changes
Nonmatching
To delete a system image
Repository. Images are stored
To add a system image
To schedule installation of an image on WX switches
To immediately install an image on WX switches
You can use 3WXM to reboot WX switches and MAPs
Rebooting WX Switches or MAP Access Points
To reboot WX switches and the MAPs they are managing
To reboot MAPs without rebooting the switch
Enabling or
Switch by 3WXM
Disabling
Management of a
Operation Log
Canceling a
Scheduled Operation
To display the operation log
To import a configuration
Importing Exporting Switch Configuration Files
To export a configuration
Modifying
To modify configuration polling options
Change Polling
Alerts panel
Managing WX System Images and Configurations
Changes
Toolbar Options on Verification Tab
Select the warning or error message
To resolve an error or warning
To disable a specific instance of a warning or error
To change verification options
To globally disable a warning or error
Or for specific instances
To disable or reenable a rule
Verifying Configuration Changes
„ WebAAA certificate for a WX switch
„ 802.1X-EAP certificate for a WX switch
When 3WXM connects to 3WXM Services or a WX switch,
Distributing PKS #12 files
To process a certificate
Processing
Certificates
Certificate that is stored in the 3WXM certificate store
Managing
To review certificate details
Select Tools Certificate Management
Or more WX switches
Switches
Distributing
Certificates to WX
Policies
Viewing Policies
Access the Create Policy wizard
Creating a Policy
To view policies
Applying Policy
Feature Settings Policy
Changes to Switches
For This Feature Area See System Features
Feature Categories
Wireless Features
AAA Features
Toolbar Options
Displaying
Event Log
Data
Refreshing Event
Reviewing Event
Filtering Event
To filter messages by content
Using the Event LOG
Severity
To export filtered data
Generating Reports
Mobility Domain Configuration
Configuration reports
WX Configuration
Client Errors
Inventory Report
Generating an
To generate an inventory report
Inventory Report Sections
Report
Generating a
Mobility Domain
WX Configuration Report Sections
Configuration Report
Summary Report
Details Report
Click Generate
Errors Report
„ Session Properties „ Location History
Network usage report lists network usage statistics
Generating a Network Usage Report
Summary Report
Scope is always MAP Radio and cannot be changed
Details Report
Generating a Rogue Summary Report
Click Generate
Select the language „ English „ German
Click View Work Order
Statistics and the event log
3WXM Services regularly checks the status of the network
Switches and shows information based on those traps
To access monitored data
Accessing
Requirements for
Monitoring
Using the Explore Window
Monitoring the Network
IconDescription
„ Green Up
Toolbar Options in Link Display of Explore View
Toolbar Options in Floor Display of Explore View
Lists the options on the toolbar in the floor display
Toolbar Options in Floor Display of Explore View
Monitoring the Network
Using the Explore Window
Monitoring the Network
Display Option
Coverage Display Options in Explore Window
To take an RF measurement
3Com radio on the floor
Rssi measurements RF measurement point
Immediately updated for the new measurement point
Using the Status
Summary View
Click on the new measurement point. The measurement data is
Monitor View
Using the Client
On the network
Toolbar Options in Client Monitor View
Data Displayed When a Mobility Domain or Site is Selected
That you can double-click on the arrow to change
Number of times authentication for a client failed
Client Activity Columns When a Mobility Domain is Selected
Data Displayed When a Switch, MAP, or Radio is Selected
Ssid
Activity Details for Association Failure
Activity Details for Authentication Failure
Peap
Activity Details for Authorization Failure
ColumnDescription
Activity Details for Authorization Successful
Have been collected and will be transmitted to the new
Activity Details for Disassociation
Activity Details for Client Cleared
Activity Details for Dot1x Failure
Activity Details for Roam
Data Displayed When a Mobility Domain is Selected
Client Sessions Columns When a Mobility Domain is Selected
Data Displayed When a WX Switch, MAP, or Radio is Selected
SNR
Displaying Session Details
Session Properties Columns
„ Updatedtoroam User is roaming. Session
Session Statistics Columns
Session Statistics Columns
Location History Columns
Clients on the watch list by MAC address
Adding a Client to the Watch List
Using the Client Monitor View
Click Next. The search results appear
„ natasha@example.com
Displaying the Client Watch List
Details are displayed on the following tabs
Location On the floor To display a client’s session
Geographical
Monitoring the Network
Session
Using the RF
RF Monitor RF Neighborhood Columns
Displaying RF
Window
Bssid
Window
RF Monitor Activity Log Columns
RF Monitor Environment Columns
Statistics
RF Monitor Environment Columns
Can indicate interference from a non-802.11 device
RF Trends Columns
Statistics
To access performance statistics from the network
Monitoring the Network
Accessing Realtime Performance Statistics
Viewing Current Data
„ Octets In/Out „ Packets In/Out „ Errors In/Out
Viewing Historical Data
Viewing Data in Percentages
To export data to a file
Exporting Performance Data
Monitoring the Network
That truly are rogues
Converting a rogue into a third party AP
Rogues
Snmp Notifications for RF Detection
Rogue Detection Requirements
Notification Type Description Rogue detection notifications
IDS/DoS notifications
Snmp Notifications for RF Detection
Detecting and Combatting Rogue Devices
Rogue Detection Lists
Main 3WXM tool bar
Using the Rogue
Detection Screen
Toolbar Options on Rogue Detection Screen
To filter the rogue list
Current, Current Hour, Current Day, and History Tabs
Activity Log Columns
Activity Log Tab
Listeners Tab
Lists the information displayed on the Clients tab
Clients Tab
Listeners Columns
Client Columns
Rogue’s
Displaying a
Geographical
Location
Displaying a Rogue’s Geographical Location
To add a device to the ignore list
Attack List
Adding a Device to
Converting a Rogue
Into a Third Party
To remove a third-party AP
To display the list
Adding a Rogue’s
Configuring RF
Clients to the Black
List
Detecting and Combatting Rogue Devices
Measurements
Importing RF
RF obstacle data
Importing the To import the measurements
Optimizing a Network Plan
Measurements to Floor Plan
Coverage Holes
Locating and Fixing
Coverage holes by displaying coverage
Locating a Coverage To locate a coverage hole
Locating and Fixing Coverage Holes
Installed to Network Plan
Tools Preferences
Resetting
Preferences Values
Synchronization
Changing Network
Changing User Interface Options
To change network options
Within Window Style, select one of the following
Certificate
Changing Tools
Check on
Click the Certificate Handling tab
Changing Options
Typical Client’s Transmit Power
For RF Planning
You can change the following RF planning options
Defining a Color from the Palette
To Change a Color
Defining a Color by Changing HSB Properties
Defining a Color by Changing RGB Properties
Changing 3WXM Logging Options
Chapter a Changing 3WXM Preferences
Preferences
Chapter B Changing 3WXM Services Preferences
Services
3WXM Services
Starting or
Stopping
Start 3WXM client
Connecting to 3WXM Services
To connect to 3WXM Services
Verify that the service is running on the server
To complete the connection
Data
To change service settings
Changing Service
Information, and access control to 3WXM Services
Service will accept from the WX switches
WX connection settings control the timeout and retries for
Click the WXs Connection Settings tab
Changing WX
Changing WX Connection Settings
Sources of Monitor Data
Polling Interval is 5 minutes and cannot be changed
Click the Monitoring Settings tab
Https//ip-addr
Managing Network Plans
Chapter B Changing 3WXM Services Preferences
Backup
Chapter B Changing 3WXM Services Preferences
Register Your
Services
Product
Purchase
Troubleshoot
Access Software
Online
Downloads
Contact Us
US and Canada Telephone Technical Support and Repair
Country Telephone Number
Latin America Telephone Technical Support and Repair
Numbers
Index
Index
Monitors WX switch performance
SSH
Saving
Index
Index
