Main
3Com Corporation 350 Campus Drive Marlborough, MA USA 01752-3064
C
ABOUT THIS GUIDE
1
2
3
4
5
6
Page
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
Page
22
23
24
25
26
27
A
B
C
D E
F
ABOUT THIS GUIDE
Conventions
Documentation
Documentation Comments
Page
1
I
Overview
CLI Conventions
Page
Page
ACL masks.
Page
Page
Command-Line Editing
Using CLI Help
Page
Understanding Command Descriptions
2
Overview
Page
How a WX Switch Gets its Configuration 39
How a WX Switch Gets its
Figure 1 shows how a WX switch gets a configuration when you power it on.
Figure1 WX Switch Startup Al gorithm
Web Quick Start (WXR100, WX1200 and WX2200 Only)
Page
Page
Page
CLI quickstart Command
Page
Page
Page
6Optionally, enable Telnet and enable the admin user to use Telnet.
7Verify the configuration changes.
Remote WX
Opening the QuickStart Network Plan in 3Com Wireless Switch Manager
Page
3
ADMINISTRATIVE AND LOCAL A
Overview
Page
Page
Before You Start
About Administrative Access
First-Time Configuration via the Console
Page
Page
Page
Configuring Accounting for Administrative Users
Page
Displaying the AAA
Saving the
Administrative AAA Configuration
Page
Page
4
Overview
period for a
be deleted,
Configuring Passwords
mix of
applicable to
must be
Page
Page
Page
5
PORTS AND VLANS
Configuring and Managing Ports
Tabl e 5 Port Defaults Set by Port Type Change
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Configuring and Managing VLANs
Page
Page
Page
Page
Page
Page
Page
Page
Managing the Layer 2 Forwarding Database
Page
Page
Page
Port and VLAN Configuration
2Configure the country code for operation in the US and verify the
Page
4Configure ports 5 and 6 as wired authentication ports and verify the
7Save the configuration. Type the following command:
6
INTERFACES AND SERVICES
MTU Support
Configuring and Managing IP Interfaces
Page
Page
Page
Configuring the System IP Address
Configuring and Managing IP Routes
Page
Page
Page
Page
Managing the Management
Page
Page
Page
Page
Page
Page
Page
Configuring and Managing DNS
Page
Configuring and Managing Aliases
Configuring and Managing Time Parameters
Page
Page
Page
Page
Page
Managing the ARP Tab le
Page
Pinging Another Device
Logging In to a Remote Device
Tracing a Route
Page
IP Interfaces and Services Configuration
Page
6Save the configuration. Type the following command:
Page
7
Overview
Configuring SNMP
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Displaying SNMP
Page
8
MOBILITY DOMAIN ROAMING
About the Mobility Domain Feature
Configuring a Mobility Domain
Page
Page
Page
Configuring WX-WX Security
Monitoring the VLANs and Tunnels in a Mobility Domain
Page
Understanding the Sessions of Roaming Users
Page
Mobility Domain
7To display active roaming tunnels, type the following command:
9
Page
Page
Page
Configuring a Network Domain
Page
Page
Page
Page
Network Domain
Page
Page
10
P
MAP Overview
Figure8 Example 3Com Network
r
To configure MAPs, perform the following tasks, in this order:
homing.
channel number, transmit power, and external antenna type.
s
Page
Page
Page
Page
Tabl e 9 Global MAP Parameters
WX
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
196 CHAPTER 10: CONFIGURING MAP ACCESS POINTS
MAP connected through a Layer 3 network.
MAP that has been configured with static IP information.
Example MAP Boot over Layer 2 Network
Figure14 MAP Booting over Layer 2 Network
Page
Page
Page
200 CHAPTER 10: CONFIGURING MAP ACCESS POINTS Example Boot of Dual-Homed MAP
WX
Figure16 Dual-Homed MAP Booting
Page
Page
Page
Page
Page
(To configure a service profile, see Configuring a Service Profile on page 233.)
Page
Table11 MAC Address Allocations on MAPs
Page
(To configure a radio profile, see Configuring a Radio Profile on page240.)
Table12 Defaults for Radio Profile Parameters (continued)
Page
Table13 Radio-Specific Parameters (continued)
Configuring MAPs
Table14 Country Codes
Page
Page
The following commands set the country code to US (United States) and verify the setting:
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Table19 Transmit Rates
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Table21 lists the external antenna models you can use with these MAPs.
Table22 lists the external antenna models you can use with the MP-620.
Table21 MP-341, MP-352, MP-262 External Antenna Models
Table22 MP-620 External Antenna Models
Page
Disabling or Reenabling Radios
Page
Configuring Local Packet Switching on MAPs
VLAN is
that are
is not supported for MAPs that are directly connected to a WX.
Page
Page
Displaying MAP
Page
Page
Page
Page
Page
Mesh PSK:
For information about the fields in the output, see the Wireless LAN
Displaying MAP Statistics Counters
To display MAP statistics counters, use the following commands:
To display statistics counters for Distributed MAP 7, type the following
Page
the following command:
Page
Page
11
BALANCING FOR MAPS
RF Load Balancing Overview
Configuring RF Load Balancing
individual radios. You can disable or enable it globally by using the
Page
Page
Displaying RF Load Balancing
Page
12
S
WLAN Mesh Services Overview
Configuring WLAN Mesh Services
following tasks:
on the
packets to
Page
configured o
Page
Configuring Wireless Bridging
Displaying WLAN Mesh Services
Page
13
Overview
Page
Page
Configuring WPA
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Configuring RSN (802.11i)
Page
Page
Configuring WEP
300 CHAPTER 13: CONFIGURING USER ENCRYPTION
Figure23 Encryption for Dynamic and Sta tic WEP
Page
Encryption Configuration
6Map service profile wpa to radio profile rp1. Type the following commands:
Page
Page
Page
Page
Page
14 Save the configuration. Type the following command:
Page
14
Overview
Page
Page
Page
Table25 Defaults for RF Auto-Tuning Parameters (continued)
Changing RF Auto-Tuning Settings
Page
Locking Down Tuned Settings
Displaying RF Auto-Tuning
Page
Page
Page
CONFIGURING MAPS TO BE AEROSCOUT LISTENERS
Configuring MAP Radios to Listen for AeroScout RFID Tag s
Locating an RFID Tag
Page
16
S
About QoS
Page
Page
Page
WMM QoS Mode
332 CHAPTER 16: CONFIGURING QUALITY OF SERVICE
Figure24 QoS on WX SwitchesClassific ation of Ingress Packets
WMM QoS Mode 333
Figure25 QoS on WX SwitchesMarking of Egress Packets
334 CHAPTER 16: CONFIGURING QUALITY OF SERVICE
Figure26 QoS on MAPsClassification and Marking of Packets from Clients to WX
WMM QoS Mode 335
Figure27 QoS on MAPsCla ssification and Marking of Packets from WX to Clients
The following sections describe in more detail how the WMM QoS mode works on WX switches and MAPs.
Page
Page
Page
Page
Page
Page
Changing QoS Settings
Page
Changing CoS Mappings
Displaying QoS
Page
Page
Page
Page
Page
17
SPANNING TREE PROTOCOL
Enabling the Spanning Tree Protocol
Changing Standard Spanning Tree Parameters
Page
Page
Page
Page
Page
Configuring and Managing STP Fast Convergence Features
Page
Page
Page
Page
Page
Page
Page
2Configure a backbone VLAN and verify the configuration change. Type the following commands:
3Enable STP on the backbone VLAN and verify the change. Type the
4Reconnect or reenable ports 21 and 22 and verify the change. Type the
6Save the configuration. Type the following command:
Page
18
IGMP S
Overview
Disabling or Reenabling IGMP Snooping
Disabling or Reenabling Proxy Reporting
Enabling the Pseudo-Querier
Changing IGMP Timers
Page
Enabling Router Solicitation
Configuring Static Multicast Ports
Displaying Multicast
(For information about the fields in the output, see the Wireless LAN
The counters begin incrementing again, starting from 0.
Clearing Multicast Statistics To clear the multicast statistics counters, use the following command:
Page
Page
19
S ECURITY ACL
Page
Page
Creating and Committing a
Page
Page
Page
Page
Page
Page
Page
Page
Page
Mapping Security ACLs
Page
Page
Page
Modifying a
Page
Page
Page
Page
Using ACLs to Change CoS
Page
Enabling Prioritization for Legacy Voice over IP
Page
Page
Page
Page
Page
Page
Page
Restricting Client-To-Client Forwarding Among IP-Only Clients
Page
Page
Page
20
C
Why Use Keys and Certificates?
Page
About Keys and
Page
Page
Certificates Automatically Generated by MSS
Creating Keys and
Page
Page
Page
Page
Page
Page
Displaying Certificate and Key
Key and Certificate Configuration
4Display certificate information for verification:
Page
Page
Page
Page
21
NETWORK USERS
About AAA for Network Users
Page
Page
436 CHAPTER 21: CONFIGURING AAA FOR NETWORK USERS
Figure30 Authentication Flowchart for Network Users
Page
Page
Page
Page
AAA Tools for Network Users
Page
Page
Page
Page
Page
Ways a WX Switch Can Use EAP
Table38 EAP Authentication Protocols for Local Processing (continued)
Table39 Three Basic WX Approaches to EAP Authentication
Page
Configuring 802.1X Authentication
Page
Page
Page
Page
Page
Page
Configuring Authentication and Authorization by MAC Address
Page
Page
Page
Configuring Web Portal WebAAA
user to
Page
Page
Page
Page
Page
Page
Page
3Display the service profile to verify the changes:
...
4Configure individual WebAAA users.
6Display the configuration:
Page
Page
Page
Page
Page
Page
Page
Page
Page
logout URL uses the IP address of the WX switch as the host part of the URL. Th
Configuring Last-Resort Access
Page
Page
Configuring AAA for Users of Third-Party APs
Page
Page
Page
Page
Assigning Authorization
Table43 Authentication Attributes for Local Users
Page
Page
Page
Assigning Attributes to Users and Groups
Page
Page
Page
Page
Page
Page
Overriding or Adding Attributes Locally with a Location Policy
Page
Page
Page
Page
Configuring Accounting for Wireless Network Users
Page
The user terminated the session on WX1200-0017:
Displaying the AAA
Avoiding AAA Problems in Configuration Order
Page
Configuring a Mobility Profile
Page
Network User Configuration
5Create a Mobility Profile called tulip by typing the following commands:
Page
Page
Page
Page
Page
22
WITH RADIUS
RADIUS Overview
Page
Before You Begin
Configuring RADIUS Servers
Page
Page
Configuring RADIUS Server Groups
Page
Page
Page
RADIUS and Server Group Configuration
6Display the configuration. Type the following command:
Page
23
WX S
Managing 802.1X on Wired Authentication Ports
Page
Managing 802.1X Encryption Keys
Page
Setting EAP Retransmission Attempts
Managing 802.1X Client Reauthentication
Page
Managing Other Timers
Page
Displaying 802.1X
Viewing 802.1X Statistics
Type the following command to display 802.1X statistics about connecting and authenticating:
Page
24
SECURITY FOR A WX SWITCH
About SODA Endpoint Security
Page
Page
Configuring SODA Functionality
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
25
About the Session Manager
Displaying and Clearing Administrative Sessions
Page
Page
Displaying and Clearing Network Sessions
Page
Page
Page
Page
Displaying and Changing Network Session Timers
Page
26
C
Overview
About Rogues and RF Detection
Page
Page
570 CHAPTER 26: ROGUE DETECTION AND COUNTERMEASURES
Figure34 Rogue Detection Algorithm
Page
Page
Summary of Rogue Detection Features
Table48 lists the rogue detection features in MSS.
Table48 Rogue Detection Features
Configuring Rogue Detection Lists
Page
Page
Page
Page
Page
Enabling Countermeasures
Page
Disabling or Reenabling Active Scan
Enabling MAP Signatures
Page
Page
Page
Page
Page
Page
Page
Displaying RF Detection
You can use the CLI commands listed in Table50 to display rogue detection information.
Table50 Rogue Detection Display Commands
(For information about the fields in the output, see the Wireless LAN
Table50 Rogue Detection Display Commands (continued)
Page
Displaying Rogue Detection Counters
To display rogue detection statistics counters, use the following
Page
Page
Page
Page
Page
27
About System Files
To display version information for a WX switch, type the following
To also display MAP information, type the following command:
(For additional information about the output, see the Wireless LAN
Page
Working with Files
The following command displays the files in the old subdirectory:
The following command limits the output to the contents of the user files area:
Page
Page
Page
Page
Page
Managing Configuration Files
Page
Page
Page
Backing Up and Restoring the System
Page
Page
Upgrading the System Image
Page
Page
A
Table51 WX Setup Problems and Remedies
NONE
Table51 WX Setup Problems and Remedies (continued)
Recovering the System When the Enable Password is Lost
Configuring and Managing the System Log
Table53 System Log Destinations and Defaults
Table54 Event Severity Levels
Page
Page
Page
Page
Page
Page
Running Traces
Page
Page
Page
Using display Commands
Page
Port Mirroring
Remotely Monitoring Traffic
Page
host-mac conditions also support lt (less than) and gt (greater than).
Page
Page
Page
Page
Capturing System Information and Sending it to Technical Support
Page
Page
Page
B
WEB VIEW
System Requirements
Logging Into Web View
C
Attributes
Supported Standard and Extended
Table55 801.1X Attributes
Page
Page
Page
Page
Page
Page
3Com Vendor-Specific
Table56 3Com VSAs
Table56 3Com VSAs (continued)
D
Table57 Traffic Ports Used by MSS
Page
E
How the MSS DHCP Server Works
Configuring the DHCP Server
Displaying DHCP Server Information
F
YOUR 3COM PRODUCTS
Purchase Extended Warranty and Professional
Access Software Downloads
Contact Us
Page
Page
G
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
Page
I
Numbers
A
B
C
Page
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
Page
Page
T
U
V
W
X
COMMAND INDEX
B
C
D
E
H
I
L
M
