Set dap security

Allows DWL-8220APs to be managed by the switch even if they do not have encryption keys or their keys have not been configured by an administrator.

Encryption is not used, even for APs that support it.

Require all Distributed APs to have encryption keys that have been confirmed in the CLI by an administrator.

Examples: The following command configures the transmit power on the 802.11a radio on the DWL-8220AP access point connected to port 5:

DWS-1008# set ap 5 radio 1 tx-power 10 success: change accepted.

The following command configures the channel and transmit power on the 802.11b/g radio on the DWL-8220AP access point connected to port 2:

DWS-1008# set ap 2 radio 1 channel 1 tx-power 10 success: change accepted.

Sets security requirements for management sessions between a DWS-1008 switch and its Distributed APs. This feature applies to Distributed APs only, not to directly connected DWL-8220APs configured on DWL-8220AP access ports. In addition, DWL-8220AP models DWL-8220AP-101 and DWL-8220AP-122 do not have encryption keys and do not support this feature regardless of how they are connected to the switch.

Note: The maximum transmission unit (MTU) for encrypted DWL-8220AP management traffic is 1498 bytes, whereas the MTU for unencrypted management traffic is 1474 bytes. Make sure the devices in the intermediate network between the switch and Distributed AP can support the higher MTU.

Syntax: set dap security {require optional none} require

optional

none

Defaults: By default, encryption keys are optional.

Access: Enabled.

Usage: This parameter applies to all Distributed APs managed by the switch. If you change the setting to required, the switch requires Distributed APs to have encryption keys. The switch also requires their fingerprints to be confirmed in MSS. When DWL-8220AP security is required, an

D-Link DWS-1008 CLI Manual

332

Page 335

Image 335

D-Link dws-1008 manual Set dap security, Defaults By default, encryption keys are optional

Contents

Page Table of Contents Link DWS-1008 CLI Manual Link Mobility System Convention Use DWS-1008 DWS-1008# DWS-mmmm-nnnnnnDWS-mmmm-nnnnnn# Clear fdb dynamic I port port-list v1 an vlan-id Set port enable I disable port-listClear interface vlan-id ip Wildcard Masks Subnet Masks User Glob Users Designated MAC Address Globs DWS-1008#show port status 1-3,6 Port Lists Keyboard Shortcuts Function Command-Line Editing Using CLI Help Set ap port-list dap dap-numname name Set ap dap name command has the following complete syntaxSet ap dap name Syntax enable Access All DisableEnable Defaults None Access Enabled Quit Set enablepassSyntax quit Defaults None Access All Syntax set enablepass Defaults None Access Enabled System Identification ConfigurationAuto-Config Display Clear prompt Clear banner motdClear history Clear system Clears the system configuration of the specified information Help Quickstart History Set banner motd Syntax set banner motd text Defaults None Access Enabled DWS-1008#clear vlan red Set confirmSet length Syntax set confirm on off Activation-key Set licenseDWS-1008#set length Syntax set license activation-key Syntax set prompt string Set prompt Syntax set system contact string Stores a contact name for the DWS-1008 switchSet system contact Set system country code Link DWS-1008 CLI Manual Syntax set system idle-timeout seconds Set system idle-timeout Ip-addrIP address, in dotted decimal notation Set system ip-addressClear system Show system Syntax set system ip-address ip-addr Syntax set system name string Set system locationSet system name Syntax set system location string Clear banner motd Link DWS-1008 CLI Manual Syntax show banner motd Defaults None Access EnabledShow banner motd Show load Syntax show licenses Defaults None Access AllSyntax show load Defaults None Access Enabled Show licenses Displays system information Syntax show system Defaults None Access EnabledShow system With set system location Configured with set system countrycodeField Description Name Syntax show tech-support file subdirname/ filename Show boot Show config Set licenses Link DWS-1008 CLI ManualShow tech-support Nvram size /SDRAM size percent of total Speed Port TypeState Interface Type Syntax clear dap dap-num Syntax clear port counters Defaults None Access EnabledClear dap Clear port counters Syntax clear port-group name name Syntax clear port mirror Defaults None Access EnabledClear port-group Clear port mirror Clear port type Defaults NoneClear port name DWS-1008#clear port type STP Monitor port counters Key Effect on monitor display Syntax monitor port counters Displayed for All Statistics Option Field Description Transmit-errors Serial id serial ID Reset portDetails command Set dap Port-list Syntax set port enable disable port-list EnableDisable Set port Syntax set port-group name group-nameport-listmode on off Set reset portMode on off Set port-group Clear port-group Link DWS-1008 CLI Manual Name name Set port mirrorSet port name Clear port name Syntax set port negotiation port-listenable disableEnable disable Set port negotiation Syntax set port poe port-listenable disable DWS-1008#set port negotiation 1,2,4-6 disableFollowing command enables autonegotiation on port DWS-1008#set port negotiation 5 enable Syntax set port speed port-list10 100 auto DWS-1008#set port poe 3,5 disableDWS-1008#set port poe 2,4 enable Set port speed Set port trap EnableDisable Set port type ap Configures a DWS-1008 switch port for an AP access pointModel Poe enable disable radiotype 11a 11b 11g Port Parameter Setting DWS-1008#set port type ap 2 model DWL-8220AP poe enable Port-list tag-list Num last-resort Set port type wired-authConfigures an DWS-1008 port for a wired authentication user Wired Authentication Port Defaults Port Parameter Setting Clear port type Set port type Link DWS-1008 CLI Manual Statistics for all ports Defaults None Access AllShow port counters Port port-list Show port mirror Show port-group DWS-1008# show port poe Show port poeSyntax show port poe port-list DWS-1008# show port status Displays configuration and status information for portsShow port status Syntax show port status port-list Restriction of Client Layer 2 Forwarding FDB Aging TimeoutCreation Ports Port port-lis Vlan vlan-id Tag tag-value Clear fdbDeletes an entry from the forwarding database FDB All Clear security l2-restrictVlan-id Vlan name or number Permit-mac All Clear security l2-restrict countersClear vlan Syntax clear security l2-restrict counters vlan vlan-id all DWS-1008#clear vlan marigold Set vlan port Show vlan config Link DWS-1008 CLI ManualDWS-1008#clear vlan green port DWS-1008#clear vlan red port 4 tag Port port-list Set fdbMac-addr Syntax set fdb agingtime vlan-idage seconds Mode enable disableSet fdb agingtime Set security l2-restrict Syntax set vlan vlan-numname name Defaults Layer 2 restriction is disabled by defaultSet vlan name Creates a Vlan and assigns a number and name to it Syntax set vlan vlan-idport port-listtag tag-value Set vlan portSet vlan port Show fdb DWS-1008#show fdb agingtime Show fdb agingtimeDWS-1008# show fdb Syntax show fdb agingtime vlan vlan-id DWS-1008#show fdb count dynamic Vlan vlan-id Defaults None. Access AllShow fdb count Show security l2-restrict Displays Vlan information Show vlan configSyntax show vlan config vlan-id DWS-1008# show security l2-restrict Tunl Port Vlan Name Status State Affin Port Tag DWS-1008# show vlan config burgundyVlan From-dscp Clear qosFrom-qos From 0 to DWS-1008#set qos cos-to-dscp-map 5 dscp Set qos cos-to-dscp-mapSyntax set qos cos-to-dscp-map level dscp dscp-valuelevel Dscp dscp-value Syntax set qos dscp-to-cos-map dscp-rangecos level Syntax show qos defaultSet qos dscp-to-cos-map Show qos DWS-1008#show qos dscp-table DWS-1008#show qos defaultSyntax show qos dscp-table Defaults None Access Enabled Show qos dscp-table Syntax clear interface vlan-idip Clear interfaceRemoves an IP interface Syntax clear ip alias name Syntax clear ip dns domain Defaults None Access EnabledClear ip alias Clear ip dns domain Syntax clear ip dns server ip-addr DefaultClear ip dns server Clear ip route Syntax clear ip telnet Defaults The default Telnet port number isClear ip telnet Set ip route Show ip route Syntax clear ntp server ip-addr all Clear ntp update-intervalSyntax clear ntp update-interval Clear ntp server Syntax clear snmp notify profile profile-name Clear snmp communityClear snmp notify profile Syntax clear snmp community name comm-string Target-num ID of the target Clear snmp notify targetClear snmp usm Syntax clear snmp notify target target-num Clear system ip-address Syntax clear summertime Defaults None Access EnabledSyntax clear system ip-address Defaults None Access Enabled Clear summertime Flood Clear timezonePing Dnf DWS-1008#ping DefaultsSize size Is 8 bytes larger than the size you specify Syntax set arp agingtime seconds Set arpSet arp agingtime Ip-addr Mac-addr Set arp Show arp Configures an IP interface on a VlanSet interface DWS-1008#set interface mauve ip 10.10.20.10 DWS-1008#set interface default ip 10.10.10.10/24Syntax set interface vlan-idip dhcp-client enable disable Set interface dhcp-client Set interface dhcp-server Configures the MSS Dhcp serverEnables the Dhcp server Disables the Dhcp server Syntax set interface vlan-idstatus up down Administratively disables or reenables an IP interfaceSet interface status Set ip dns domain Set ip dns server Show dhcp-server Set ip dns Set ip alias DWS-1008#set ip dns domain example.com Set ip dns domainSet ip dns server Syntax set ip dns domain name Set ip https server Syntax set ip https server enable disable Ip-addr mask Set ip routeAdds a static route to the IP route table Is not available for the destination Clear ip route Show interface Show ip route Enables or disables the Snmp service on the DWS-1008 switchSyntax set ip snmp server enable disable Set ip snmp server Set ip ssh server Link DWS-1008 CLI Manual Set ip sshSyntax set ip ssh port port-num Syntax set ip telnet port-num Syntax set ip ssh server enable disableSet ip ssh server Set ip telnet Set ip telnet server Enables the Telnet server on a DWS-1008 switchSyntax set ip telnet server enable disable Syntax set ntp server ip-addr Syntax set ntp enable disableSet ntp Set ntp server DWS-1008#set ntp server See Also Set ntp update-intervalSyntax set ntp update-interval seconds Set snmp community Notifications you specify with notification-type or all Default profile-nameSet snmp notify profile Drop sendPage Page RFDetectRogueDisappearTraps success change accepted DWS-1008#set snmp notify profile snmpprofrfdetect sendRFDetectInterferingRogueAPTraps success change accepted Username Set snmp notify targetSNMPv3 with Informs Security unsecured Authenticated encryptedSnmp-engine-id Ip hex hex-string SNMPv2c with Traps Timeout numSNMPv2c with Informs Retries num Success change accepted Link DWS-1008 CLI Manual 110 SNMPv1 with Traps Usm Syntax set snmp protocol v1 v2c usm all enable disableSet snmp protocol V2c Auth-req-unsecnotify AuthenticatedSet snmp security Encrypted Creates a USM user for SNMPv3 Set snmp usm Encrypt-type none des Auth-type none md5 shaAuth-pass-phrase string Auth-key hex-string End Set summertimeStart Start of the time change period DWS-1008#set interface taupe ip 10.10.20.20/24 Defaults None Access Enabled DWS-1008#set timedate date feb 29 2004 time Set timedateSet timezone Syntax set timedate date mmm dd yyyy time hhmmss Ip-addr IP address Show arpDWS-1008#set timezone PST Syntax show arp ip-addr Ifup Syntax show dhcp-client Defaults None Access AllShow dhcp-client DWS-1008#show dhcp-client DWS-1008# show dhcp-server Show dhcp-serverSyntax show dhcp-server interface vlan-id verbose Verbose Link DWS-1008 CLI Manual 121 DWS-1008#show dhcp-server verboseBound Syntax show interface vlan-id Displays the IP interfaces configured on the switchShow interface Set interface dhcp-client Set interface dhcp-server Set interface status Set ip alias Set ip dns domain Set ip https server Metric Default-routerIp-addr/mask-length Enables or disables the Snmp service on the switch Disables or reenables the SSH server on a DWS-1008 switch Set ip telnet Set ntp Set ntp server Set snmp community Name of the notification type To modify the default notification profile, specify defaultSpaces Notification-typePage RFDetectAdhocUserTraps success change accepted Sends or drops all notifications RFDetectUnAuthorizedSsidTraps success change accepted RFDetectSpoofedMacAPTraps success change accepted Security unsecured Authenticated encryptedSnmp-engine-id Ip hex hex-string SNMPv3 with Traps Specifies the number of seconds MSS waits for Specifies the number of times the MSS Snmp engine willResend a notification that has not been acknowledged By the target. You can specify from 0 to 3 retries SNMPv1 with Traps 144 Set snmp usm Page String auth-keyhex-string Auth-type none md5 sha auth-pass-phrase Link DWS-1008 CLI Manual 148 End Set system ip-address Link DWS-1008 CLI Manual 151 Sets the time of day and date on the switch 152 Dynamic ResolvedLocal Resolved Show dhcp-client Link DWS-1008 CLI Manual 154 Link DWS-1008 CLI Manual 155 Table below shows the output for show dhcp-server verbose Link DWS-1008 CLI Manual 156 DWS-1008# show interfaceYES Ipv4 DWS-1008#show ip alias Show ip aliasSyntax show ip alias name Name Alias string Show ip dns Displays the DNS servers the switch is configured to useSyntax show ip dns Defaults None Access All DWS-1008 show ip https Syntax show ip https Defaults None Access AllShow ip https Displays information about the Https management port Multicast Show ip routeSyntax show ip route destination DWS-1008# show ip route Displays information about the Telnet management port Syntax show ip telnet Defaults None Access AllShow ip telnet Link DWS-1008 CLI Manual 162 Syntax show ntp Defaults None Access AllShow ntp Displays NTP client information Show snmp notify profile Syntax show snmp counters Defaults None Access EnabledShow snmp community Show snmp counters Show snmp usm Defaults None Access Enabled See AlsoShow snmp status Syntax show summertime Syntax show timedate Defaults None Access AllShow summertime Show timedate DWS-1008#show timezone Syntax show timezone Defaults None Access AllShow timezone Telnet Clear sessions Show sessions Link DWS-1008 CLI Manual 167 DWS-1008#telnet Traceroute Ping Link DWS-1008 CLI Manual 169 Web authorization AuthenticationLocal Authorization for Password Users User-glob Clear accounting Syntax clear authentication console user-glob Clear authentication adminClear authentication console Syntax clear authentication admin user-glob Wired Clear authentication dot1xDWS-1008#clear authentication console Regina Removes an 802.1X authentication rule Syntax clear authentication proxy ssid ssid-nameuser-glob Clear authentication macClear authentication proxy Removes a MAC authentication rule Removes a WebAAA rule Clear authentication webRemoves a rule from the location policy on a switch Clear location policy Syntax clear mac-user mac-addrattr attribute-name Clear mac-userClear mac-user attr Syntax clear mac-user mac-addr Syntax clear mac-user mac-addrgroup Clear mac-user groupSet mac-user attr Show aaa Group-name Name of an existing MAC user group Clear mac-usergroupClear mac-usergroup attr Syntax clear mac-usergroup group-name Syntax clear user username Username Username of a user with a passwordClear user Clear mac-usergroup Set mac-usergroup attr Show aaa Syntax clear user username attr attribute-name Username Username of a user with a passwordClear user attr Clear user group Group-name Name of an existing user group Clear usergroupClear usergroup Set user group Show aaa Syntax clear usergroup group-name Syntax clear usergroup group-nameattr attribute-name Set accounting admin consoleClear usergroup attr Link DWS-1008 CLI Manual 183 Set accounting dot1x mac web last-resortClear accounting Show accounting statistics Method1 method2 method3 method4 Start-stop WiredMac Web Syntax set accounting system method1 method2 method3 method4 Set accounting system Link DWS-1008 CLI Manual 186 Set authentication admin Link DWS-1008 CLI Manual 187 Set authentication console Link DWS-1008 CLI Manual 188 For details, see User Globs on Link DWS-1008 CLI Manual 189 Set authentication dot1xAuthentication port Protocol Been authenticatedBonded Access Enabled Link DWS-1008 CLI Manual 192 Set authentication macAuthentication port Access Enabled User-glob Single user or a set of users Set authentication proxy Set authentication web See Also Set location policy Modify rule-number User operator user-globBefore rule-number DWS-1008#set location policy deny if user eq *.theirfirm.com Syntax set mac-user mac-addrattr attribute-name value Set mac-userSet mac-user attr Syntax set mac-user mac-addrgroup group-name Attribute Description Valid Values Link DWS-1008 CLI Manual 201 YY/MM/DD-HHMM Link DWS-1008 CLI Manual 202 Time-of-day tu1000-1600,th1000-1600 Link DWS-1008 CLI Manual 203 Clear mac-user attr Show aaa Link DWS-1008 CLI Manual 204 Syntax set mac-usergroup group-nameattr attribute-name value Set mac-usergroup attr Clear user Show aaa Link DWS-1008 CLI Manual 206 Syntax set user username password encrypted stringDWS-1008#set user Nin password 29Jan04 See Also Set user Clear user attr Show aaa Link DWS-1008 CLI Manual 207 Set user attr Clear user group Show aaa Set user groupSet usergroup Syntax set user username group group-name Set web-portal Syntax set web-portal enable disableDefaults Enabled Access Enabled DWS-1008#set web-portal disable Show aaa Displays all current AAA settingsSyntax show aaa Defaults None Access Enabled Acctport AAAACCTSVCATTR=2 Show accounting statisticsDWS-1008#show accounting statistics DWS-1008show location policy Clear accounting Set accounting admin console Show aaaSyntax show location policy Defaults None Access Enabled Show location policy Self-Signed Certificate Encryption KeysPKCS#7 Certificates PKCS#12 Certificate PEM-formatted-certificate Syntax crypto ca-certificate admin eap webAdmin Crypto ca-certificate Begin Certificate Crypto certificate Ssh Crypto generate key String Syntax crypto generate request admin eap web admin Eap WebCrypto generate request With no spaces DWS-1008#crypto generate request adminAlphanumeric characters with no spaces Are supported on your network. This field is required END Certificate Request Syntax crypto generate self-signed admin eap web AdminCrypto generate self-signed Begin Certificate Request Name. It simply needs to be formatted like one DWS-1008#crypto generate self-signed admin DWS-1008#crypto generate otp eap hap9iN#ss Syntax crypto otp admin eap web one-time-password AdminOne-time-password Crypto otp DWS-1008#crypto otp eap hap9iN#ss Syntax crypto pkcs12 admin eap web file-location-urlCrypto pkcs12 File-location-url Fields Description Show crypto ca-certificateDWS-1008#show crypto ca-certificate Table below describes the fields in the display DWS-1008#show crypto certificate eap Show crypto certificate Crypto generate key Link DWS-1008 CLI Manual 226 Syntax show crypto key domain Defaults None Access EnabledShow crypto key domain Show crypto key ssh Radius Proxy Radius ClientRadius Servers Server Groups Clear radius Clear radius client system-ip Removes Radius proxy client entries for third-party APs Removes Radius proxy ports configured for third-party APsClear radius proxy client Clear radius proxy port Syntax clear server group group-nameload-balance Clear radius serverClear server group Syntax clear radius server server-name Encrypted-key string Timeout secondsSet radius Deadtime minutes Encrypted-key-No key Clear radius client system-ip Set system ip-address Set radius client system-ipSet radius proxy client Syntax set radius client system-ip Set radius proxy port Auth-port Author-passwordSet radius server Address Encrypted-key-No key Author-password-trapeze Access Enabled Members Configures a group of one to four Radius serversNames of one or more configured Radius servers Set server group Group-name Server group name of up to 32 characters Enable disableDefaults Load balancing is disabled by default Set server group load-balance Port Control Wired AuthenticationBonded Authentication Reauthentication Syntax clear dot1x max-req Clear dot1x bonded-periodClear dot1x max-req Syntax clear dot1x quiet-period Clear dot1x port-controlClear dot1x quiet-period Syntax clear dot1x port-control Syntax clear dot1x reauth-period Clear dot1x reauth-maxClear dot1x reauth-period Syntax clear dot1x reauth-max Set dot1x timeout auth-server Show dot1x Clear dot1x timeout auth-serverClear dot1x timeout supplicant Defaults The default is 30 seconds Syntax clear dot1x tx-period Syntax set dot1x authcontrol enable disable enable DisableClear dot1x tx-period Set dot1x authcontrol Syntax set dot1x bonded-period seconds Set dot1x bonded-period Set dot1x max-req Syntax set dot1x key-tx enable disable EnableDefaults Key transmission is enabled by default Set dot1x key-tx Show port status Show dot1x Link DWS-1008 CLI Manual 248 Set dot1x port-controlClear dot1x max-req Show dot1x Seconds Specify a value between 0 and 65,535 Set dot1x quiet-periodSet dot1x reauth-max Syntax set dot1x quiet-period seconds Syntax set dot1x reauth-period seconds Set dot1x timeout auth-serverSyntax set dot1x timeout auth-server seconds Set dot1x reauth-period Set dot1x tx-period Set dot1x timeout supplicantSyntax set dot1x timeout supplicant seconds Clear dot1x timeout auth-server Show dot1x Syntax set dot1x wep-rekey-period seconds Syntax set dot1X wep-rekey enable disable enable DisableSet dot1x wep-rekey Set dot1x wep-rekey-period Show dot1x Syntax show dot1x clients stats config clients StatsConfig Displays a summary of the current configuration DWS-1008#show dot1x config Type the following command to display the 802.1X clients Link DWS-1008 CLI Manual 255 Type the following command to display 802.1X statisticsDWS-1008# show dot1x stats Network Sessions Administrative SessionsDWS-1008#clear sessions admin Clear sessions Clear sessions network Show sessions DWS-1008# show sessions telnet DWS-1008# clear sessions adminSSH DWS-1008# show sessions console Link DWS-1008 CLI Manual 260 Show sessions networkClear sessions Mac-addr Show sessions network session-id display Show sessions network commandSession-id Verbose DWS-1008# show sessions network verbose DWS-1008# show sessions network mac-addr 00055d7e981aDWS-1008# show sessions network user E LAST-RESORT DWS-1008#show sessions network session-idActive Ssid Link DWS-1008 CLI Manual 264 Additional show sessions network verbose Output Link DWS-1008 CLI Manual 265 Show sessions network session-id Output Link DWS-1008 CLI Manual 266 Permitted Ssid List Rogue InformationCountermeasures Permitted Vendor List Syntax clear rfdetect ignore mac-addr Clear rfdetect attack-listClear rfdetect ignore Syntax clear rfdetect attack-list mac-addr Syntax clear rfdetect ssid-list ssid-name Clear rfdetect ssid-listClear rfdetect vendor-list Syntax set rfdetect black-list mac-addr Set rfdetect attack-listSet rfdetect black-list Syntax set rfdetect attack-list mac-addr Mac-addr Bssid MAC address of the device to ignore Set rfdetect ignoreSet rfdetect black-list Show rfdetect black-list Syntax set rfdetect ignore mac-addr Set rfdetect signature Syntax set rfdetect log enable disable EnableSyntax set rfdetect signature enable disable Enable Set rfdetect log Syntax set rfdetect ssid-list ssid-name Set rfdetect ssid-list Link DWS-1008 CLI Manual 274 Set rfdetect vendor-listShow rfdetect attack-list DWS-1008# show rfdetect black-list Show rfdetect black-listShow rfdetect clients DWS-1008# show rfdetect attack-list DWS-1008#show rfdetect clients mac 000c4163fd6d DWS-1008# show rfdetect clientsTotal number of entries Client MAC AP MAC Link DWS-1008 CLI Manual 277 Show rfdetect countermeasuresRssi Bssid Link DWS-1008 CLI Manual 278 Syntax show rfdetect counters Defaults None Access EnabledShow rfdetect counters DWS-1008# show rfdetect countermeasures Type Current DWS-1008#show rfdetect countermeasures Vendor Type Port/Radio Flags Displays information about the APs detected by a switchSyntax show rfdetect data Defaults None Access Enabled Show rfdetect data Show rfdetect visible Syntax show rfdetect ignore Defaults None Access EnabledShow rfdetect ignore Show rfdetect vendor-list Syntax show rfdetect ssid-list Defaults None Access EnabledShow rfdetect ssid-list Radio Showapdapstatus commandShow rfdetect visible Syntax test rflink mac mac-addr session-id session-id Test rflinkShow rfdetect data 976 DWS-1008# test rflink mac 000e9bbfad13Rssi SNR RTT micro-secs File Management Boot SettingsConfiguration File Software Version Critical BackupSyntax backup system tftp/ip-addr/filenameall critical Dir command output Syntax clear boot config Defaults None Access Enabled Clear boot backup-configurationClear boot config Copy DWS-1008#clear boot configDWS-1008#reset system force Delete Dir Link DWS-1008 CLI Manual 290 DWS-1008#copy tftp//10.1.1.1/closetmx closetmx Copy Dir Link DWS-1008 CLI Manual 291 DeleteSyntax delete url For example subdira/filea File Boot0Boot1 DirPage Table below describes the fields in the dir output Install soda agentDWS-1008#install soda agent soda.ZIP agent-directory sp1 This command may take up to 20 seconds DWS-1008#load config Load configSyntax load config url Backupconfigs/configc Mkdir Syntax md5 boot0 boot1filenameDWS-1008#md5 boot0MX040003.020 Md5 Dir Rmdir Reset systemRestarts a switch and reboots the software Syntax reset system force Save config Show boot Show version RestoreDWS-1008#reset system Removes a subdirectory from nonvolatile storage DWS-1008#restore system tftp/10.10.20.9/sysabakBackup Rmdir DWS-1008#save config testconfig1 Save configSyntax save config filename DWS-1008#save config Syntax set boot configuration-file filename Set boot backup-configurationSet boot configuration-file Syntax set boot backup-configuration filename Boot1 Set boot partitionShow boot Syntax set boot partition boot0 boot1 Boot0 Displays the configuration running on the switch Show configTable below describes the fields in the show boot output Clear boot config Reset system Set boot configuration-file Syntax show version details Details DWS-1008#show config area vlanShow version Spantree System Trace Vlan Vlan-fdb DWS-1008#show version details DWS-1008#show version Table below describes the fields in the show version output Uninstall soda agentSyntax uninstall soda agent agent-directory directory DWS-1008#uninstall soda agent agent-directory sp1 Clear ap dap radio Access Point Commands DWS-1008#clear ap 3 radio Clear dap boot-configurationDWS-1008#clear dap 1 boot-configuration Syntax clear radio-profile name parameter DWS-1008#set radio-profile rp1 mode disableDWS-1008#set radio-profile rptest mode disable Clear radio-profile Clear service-profile Syntax reset ap port-list dap dap-num Reset ap dapDWS-1008#set radio-profile rp6 mode disable Restarts an access point Link DWS-1008 CLI Manual 312 Syntax set dap auto Defaults None Access EnabledSet dap auto Disables the AP configuration profile Set dap auto modeSyntax set dap auto mode enable disable Enable Enables the AP configuration profile Dap-num Set dap auto persistentSet dap auto radiotype Syntax set dap auto persistent dap-num all Dap dap-num dap auto high Set dap auto Set dap auto mode Set dap auto persistentLow Defaults Access Set ap dap bias Set ap dap blink Dap dap-num dap auto enable disable Defaults Access Enabled Enables or disables the static IP address for the AP Set dap boot-ip Switch ip ip-addr Set dap boot-switch Link DWS-1008 CLI Manual 319 Contact string Set ap dap contactSpecifies contact information for an AP Syntax set ap port-list dap dap-num contact string Syntax set dap dap-numfingerprint hex Set dap fingerprint Dap auto Force-image-download enableForce-image-download disable Set ap dap force-image-download Ap port-list dap dap-num dap auto Defaults AP access points are not grouped by defaultSet ap dap group Syntax set ap port-list dap dap-num auto group name Ap port-list Dap dap-num location string Set ap dap locationSpecifies location information for an AP Syntax set ap port-list dap dap-num location string Ap port-list Set ap dap nameSet ap dap radio antenna-location Syntax set ap port-list dap dap-num name name Ap port-list Dap dap-num Set ap dap radio antennatypeIndoors Outdoors Radio 1 of the DWL-8220AP Set ap dap radio auto-tune max-powerConfiguration template Power-level Dap dap-num radio 1 radio Channel-number Set ap dap radio channelSets an DWS-8220AP radio’s channel Dap dap-num dap auto Set ap dap radio modeRadio 1 radio 2 enable disable Radio-profile name Mode enableMode disable Set ap dap radio radio-profile Access Enabled Set dap security Defaults By default, encryption keys are optional DWS-1008#set ap 2 upgrade-firmware disable Set ap dap upgrade-firmwareSet dap fingerprint Show ap dap config Show ap dap status Dap auto enable disable Defaults Access Enabled Link DWS-1008 CLI Manual 334 Set radio-profile auto-tune channel-configSyntax set radio-profile name active-scan enable disable Set radio-profile active-scan Link DWS-1008 CLI Manual 335 Enable Disable No-clientSet radio-profile auto-tune channel-holddown Name Name Radio profile name Set radio-profile auto-tune channel-intervalName Rate Syntax set radio-profile name auto-tune channel-lockdown Set radio-profile auto-tune channel-lockdown Set radio-profile auto-tune power-config Set radio-profile auto-tune power-interval Syntax set radio-profile name auto-tune power-lockdown Set radio-profile auto-tune power-lockdownSet radio-profile auto-tune power-ramp-interval Syntax set radio-profile name beacon-interval interval Defaults The default interval is 60 secondsSet radio-profile beacon-interval None ConfiguredSet radio-profile countermeasures Rogue Set radio-profile dtim-interval Syntax set radio-profile name frag-threshold threshold Set radio-profile frag-threshold Syntax set radio-profile name max-tx-lifetime time Set radio-profile max-rx-lifetimeSet radio-profile max-tx-lifetime Syntax set radio-profile name max-rx-lifetime time Syntax set radio-profile name mode enable disable Set radio-profile mode MMS Link DWS-1008 CLI Manual 347 Access Enabled Short Set radio-profile preamble-lengthSyntax set radio-profile name preamble-length long short Long Svp Set radio-profile qos-modeSet radio-profile rfid-mode Syntax set radio-profile name qos-mode svp wmm Set radio-profile rts-threshold Syntax set radio-profile name rfid-mode enable disableEnables radios to function as asset location receivers Defaults The default is disable Access Enabled DWS-1008#set radio-profile rp1 rts-threshold Link DWS-1008 CLI Manual 353 Table Defaults for Radio Profile Parameters Link DWS-1008 CLI Manual 354 Link DWS-1008 CLI Manual 355 Portal-acl setting Set radio-profile wmm-powersave Link DWS-1008 CLI Manual 357 Set service-profile attrSyntax set radio-profile name wmm-powersave enable disable Syntax set service-profile name attr attribute-name value Access Enabled Enables 802.1X authentication of WPA clients Set service-profile auth-dot1xSyntax set service-profile name auth-dot1x enable disable Name Service profile name Set service-profile auth-fallthru Disables PSK authentication of WPA clients Set service-profile auth-pskSyntax set service-profile name auth-psk enable disable Enables PSK authentication of WPA clients Syntax set service-profile name cac-mode none session Set service-profile beaconSet service-profile cac-mode Syntax set service-profile name beacon enable disable Session Set service-profile cac-sessionSyntax set service-profile name cac-session max-sessions CAC is not used Disables Ccmp encryption for WPA clients Set service-profile cipher-ccmpSyntax set service-profile name cipher-ccmp enable disable Enables Ccmp encryption for WPA clients Disables 104-bit WEP encryption for WPA clients Set service-profile cipher-tkipSet service-profile cipher-wep104 Enables 104-bit WEP encryption for WPA clients Defaults 104-bit WEP encryption is disabled by default Set service-profile cipher-wep40 Syntax set service-profile name cos level Set service-profile cosDefaults 40-bit WEP encryption is disabled by default Sets the Class-of-Service CoS level for static CoS Disables Dhcp Restrict Set service-profile dhcp-restrictSet service-profile static-cos Show service-profile Enables Dhcp Restrict Disables keepalives Set service-profile idle-client-probingSet service-profile keep-initial-vlan Enables keepalives Syntax set service-profile name long-retry-count threshold Set service-profile long-retry-countConfigures radios to reassign a roamed user’s Vlan Defaults This option is disabled by default Link DWS-1008 CLI Manual 371 Set service-profile no-broadcastSyntax set service-profile name no-broadcast enable disable Syntax set service-profile name proxy-arp enable disable Set service-profile proxy-arpEnable Disable Defaults Access Enabled Syntax set service-profile name psk-phrase passphrase Set service-profile psk-phraseDefaults Proxy ARP is disabled by default Syntax set service-profile name psk-raw hex Set service-profile psk-raw Disables the RSN IE Set service-profile rsn-ieSyntax set service-profile name rsn-ie enable disable Enables the RSN IE Syntax set service-profile name short-retry-count threshold Set service-profile shared-key-authSet service-profile short-retry-count Enables shared-key authentication, in a service profile Set service-profile soda agent-directory Set service-profile soda mode Link DWS-1008 CLI Manual 378 Set service-profile soda enforce-checks Syntax set service-profile name soda failure-page Set service-profile soda failure-page Syntax set service-profile name soda logout-page Set service-profile soda logout-page Defaults Disabled Access Enabled Set service-profile soda modeSet service-profile soda remediation-acl Syntax set service-profile name soda mode enable disable Syntax set service-profile name soda success-page Set service-profile soda success-page Name Ssid-name Set service-profile ssid-nameConfigures the Ssid name in a service profile Syntax set service-profile name ssid-name ssid-name Crypto Set service-profile ssid-typeSyntax set service-profile name ssid-type clear crypto Clear Disables static CoS on the service profile Set service-profile static-cosSyntax set service-profile name static-cos enable disable Enables static CoS on the service profile Link DWS-1008 CLI Manual 386 Set service-profile tkip-mc-timeSet service-profile transmit-rates Syntax set service-profile name tkip-mc-time wait-time Beacon-rate rate Disabled rate-list11a 11b 11g Mandantory rate-list Defaults This command has the following defaults Set service-profile user-idle-timeout Name Seconds Set service-profile web-portal-aclSyntax set service-profile name user-idle-timeout seconds Syntax set service-profile name web-portal-acl aclname Defaults The D-Link Web login page is served by default Set service-profile web-portal-formSet service-profile auth-fallthru Show service-profile Syntax set service-profile name web-portal-form url Success change accepted Set service-profile web-portal-session-timeout Set service-profile wep active-unicast-index Set service-profile wep active-multicast-index Key-index num key value Set service-profile wep key-index Syntax set service-profile name wpa-ie enable disable Set service-profile wpa-ie DWS-1008#show dap config Show ap dap configShows configuration information for radio DWS-1008#show ap config Link DWS-1008 CLI Manual 397 Following Table describes the fields in this display DWS-1008# show dap counters Show ap dap countersShows statistics counters for radio Link DWS-1008 CLI Manual 399 Totl Ccmp Link DWS-1008 CLI Manual 400 MIC Link DWS-1008 CLI Manual 402 Clear DWS-1008#set service-profile sp2 wpa-ie enableShow ap dap qos-stats Displays statistics for DWL-8220AP forwarding queues Link DWS-1008 CLI Manual 404 Show ap dap etherstatsSyntax show ap dap etherstats port-list dap-num Link DWS-1008 CLI Manual 405 DWS-1008# show dap etherstats Link DWS-1008 CLI Manual 406 Show ap dap groupSyntax show ap dap group name Name Name of an AP group or Distributed AP group Link DWS-1008 CLI Manual 407 DWS-1008# set service-profile sp2 wpa-ie enable DWS-1008#show dap status Show ap dap statusRadio1 Radio2 DWS-1008#show ap status Link DWS-1008 CLI Manual 410 Link DWS-1008 CLI Manual 411 Mp-num Dap-num Radio1 Radio2 radio all Defaults AccessShow auto-tune attributes DWS-1008# show auto-tune attributes ap 2 radio DWS-1008#show auto-tune neighbors ap 2 radio Show auto-tune neighbors Link DWS-1008 CLI Manual 415 Show dap boot-configurationSyntax show dap boot-configuration dap-num Link DWS-1008 CLI Manual 416 DWS-1008#show dap boot-configurationDNS IP DAP Show dap connectionSyntax show dap connection dap-num serial-id serial-ID DWS-1008#show dap connection Syntax show dap global dap-num serial-id serial-ID Show dap global LOW DWS-1008#show dap globalHigh Link DWS-1008 CLI Manual 420 Show dap unconfiguredSyntax show dap unconfigured Defaults None Access Enabled DWS-1008#show dap unconfigured Name Displays information about the named radio profile DWS-1008# show radio-profile defaultShow radio-profile Syntax show radio-profile name ? Link DWS-1008 CLI Manual 422 See Also Name Show service-profile Soda Link DWS-1008 CLI Manual 425 Link DWS-1008 CLI Manual 426 Link DWS-1008 CLI Manual 427 Port Cost TimersSTP State Bridge Priority Syntax clear spantree portpri port-list Clear spantree portcostClear spantree portpri Syntax clear spantree portcost port-list Clear spantree portvlanpri Resets the cost for all VLANsResets the priority for all VLANs Clear spantree portvlancost Show spantree statistics Link DWS-1008 CLI Manual 431 Clear spantree statisticsSyntax clear spantree statistics port-listvlan vlan-id Vlan vlan-id Port port-list vlan-id Syntax set spantree backbonefast enable disable EnableSet spantree Set spantree backbonefast Syntax set spantree fwddelay delay all vlan vlan-id Delay Set spantree fwddelay Syntax set spantree maxage aging-timeall vlan vlan-id Set spantree helloSet spantree maxage Syntax set spantree portcost port-listcost cost Set spantree portcost Syntax set spantree portpri port-listpriority value Syntax set spantree portfast port port-listenable disableSet spantree portfast Set spantree portpri Changes the priority on all VLANs Set spantree portvlancostSet spantree portvlanpri Show spantree Link DWS-1008 CLI Manual 438 Set spantree priority Active Syntax set spantree uplinkfast enable disableSet spantree uplinkfast Show spantree Ieee DWS-1008# show spantree vlan defaultPVST+ Vlan ID Show spantree blockedports Link DWS-1008 CLI Manual 441 Show spantree blockedports Syntax show spantree backbonefast Defaults None Access AllDWS-1008#show spantree blockedports vlan default Show spantree backbonefast Set spantree portfast Link DWS-1008 CLI Manual 443 Show spantree portfastSyntax show spantree portfast port-list DWS-1008#show spantree portfast Port-list List of ports Show spantree portvlancostShow spantree statistics Syntax show spantree portvlancost port-list Inactive DWS-1008#show spantree statisticsFalse Link DWS-1008 CLI Manual 446 Topology change time Topology change detectedNum of similar BPDU’s to process Receivedinferiorbpdu Link DWS-1008 CLI Manual 447 Syntax show spantree uplinkfast vlan vlan-id Defaults None Access AllShow spantree uplinkfast Clear spantree statistics Set spantree uplinkfast Link DWS-1008 CLI Manual 449 DWS-1008#show spantree uplinkfast Router Solicitation Igmp Snooping StateProxy Reporting Pseudo-querier DWS-1008#clear igmp statistics Syntax set igmp enable disable vlan vlan-idClear igmp statistics Set igmp Link DWS-1008 CLI Manual 452 Set igmp lmqiSet igmp mrouter Set igmp oqi Set igmp qi Set igmp mrouter Set igmp mrsol mrsi Link DWS-1008 CLI Manual 453 Set igmp mrsolShow igmp mrouter Set igmp mrsol Set igmp mrsol mrsiSet igmp oqi Syntax set igmp mrsol mrsi seconds vlan vlan-id Show igmp Link DWS-1008 CLI Manual 455 Defaults Proxy reporting is enabled on all VLANs by defaultSet igmp proxy-report Syntax set igmp qi seconds vlan vlan-id qi seconds Defaults The default query interval is 125 secondsSet igmp qi Syntax set igmp qri tenth-secondsvlan vlan-id Set igmp qri Link DWS-1008 CLI Manual 458 Set igmp querierSet igmp receiver Show igmp querier Syntax set igmp rv num vlan vlan-id Defaults The default robustness value for all VLANs isSet igmp rv Show igmp receiver-table DWS-1008# show igmp vlan orange Show igmp Link DWS-1008 CLI Manual 461 Dvmrp PIM Link DWS-1008 CLI Manual 462 Show igmp mrouterSyntax show igmp mrouter vlan vlan-id DWS-1008# show igmp mrouter vlan orange DWS-1008#show igmp querier vlan red DWS-1008#show igmp querier vlan defaultShow igmp querier DWS-1008# show igmp querier vlan orange Vlan orange Session Port Receiver-IP Receiver-MAC Show igmp receiver-tableGroup group-ip-addr/mask-length DWS-1008# show igmp receiver-table vlan orange Displays Igmp statistics Show igmp statisticsDWS-1008#show igmp receiver-table group 237.255.255.0/24 Set igmp receiver Link DWS-1008 CLI Manual 467 DWS-1008# show igmp statistics vlan orange Clear igmp statistics Link DWS-1008 CLI Manual 468 Monitor Security ACLs Create Security ACLsCommit Security ACLs Map Security ACLs DWS-1008#clear security acl acl133 Clear security aclSyntax clear security acl acl-name all editbuffer-index Clears all security ACLs Clear security acl map Link DWS-1008 CLI Manual 472 Commit security aclSyntax commit security acl acl-name all Commits all security ACLs in the edit buffer Type Class Mapping DWS-1008#show security aclACL table ACL ACL edit-buffer information for all Rollback security aclSyntax rollback security acl acl-name all DWS-1008#show security acl info all editbuffer Link DWS-1008 CLI Manual 475 Set security aclBefore editbuffer-index modify editbuffer-index hits Deny PermitCos cos Tos tos PrecedencePrecedence DWS-1008#set security acl ip acl123 deny 192.168.2.11 EstablishedHits Link DWS-1008 CLI Manual 479 Set security acl mapClear security acl Commit security acl Show security acl Out Assigns the security ACL to traffic coming from the switch DWS-1008#set security acl hit-sample-rate Set security acl hit-sample-rateSyntax set security acl hit-sample-rate seconds DWS-1008# show security acl Syntax show security acl Defaults None Access EnabledShow security acl Displays a summary of the security ACLs that are mapped Show security acl editbuffer Syntax show security acl info acl-name all editbuffer Syntax show security acl hits Defaults None Access EnabledShow security acl hits Show security acl info Defaults None Access Enabled DWS-1008#show security acl map acl111 Show security acl mapShow security acl resource-usage Syntax show security acl map acl-name DWS-1008#show security acl resource-usage Link DWS-1008 CLI Manual 488 Link DWS-1008 CLI Manual 489 DWS-1008#clear log trace See Also Syntax clear log trace Defaults None Access EnabledClear log trace Syntax clear trace trace-area all Deletes running trace commands and ends trace processesClear trace DWS-1008#save trace traces/trace1 Set trace authenticationSave trace Syntax save trace filename Clear trace Show trace Set trace authorizationTraces authorization information Set trace dot1x Link DWS-1008 CLI Manual 494 Set trace smTraces session manager activity Syntax show trace all Show trace DWS-1008#clear snoop snoop1 See Also Clear snoopRemote monitoring snooping Syntax clear snoop filter-name Radio 1 of the AP Clear snoop mapSet snoop Examples clear snoop map filter-namedap dap-numradio 1 Bssid eq neq bssid Frame-type eq neq beacon control data managementProbe Channel eq neq channel DWS-1008#set snoop snoop1 observer 10.10.30.2 snap-length Examples set snoop map filter-namedap dap-numradio 1 Defaults Snoop filters are unmapped by defaultSet snoop map Defaults Snoop filters are disabled by default Set snoop modeEnable stop-after num-pkts Disables the snoop filter Syntax show snoop filter-name Syntax show snoop Defaults None Access EnabledShow snoop Show snoop info DWS-1008#show snoop map snoop1 filter ‘snoop1’ mapping Show snoop mapShow snoop stats Syntax show snoop map filter-name Link DWS-1008 CLI Manual 504 System Logs Clear log Sessions Set logBuffer Current Show log config Clear log Link DWS-1008 CLI Manual 507 Enables messages to the specified targetDisables messages to the specified target Interval interval Set log markSeverity level Matching string Show log bufferFacility facility-name DWS-1008#show log buffer facility ? Show log configSyntax show log config Defaults None Access Enabled DWS-1008#show log config Number-of-messages Show log trace DWS-1008#show log trace +5 facility Rogue Clear log Show log config Link DWS-1008 CLI Manual 512DWS-1008#show log trace facility ? Diagnostics Command InformationBooting Boot Profile Management Boot autoboot AutobootBoot Syntax autoboot on on OFF off Boot boot FN=MX010101.020 DEV=boot1 Syntax change Change Change Delete Next Show Link DWS-1008 CLI Manual 517 Creates a new boot profileCreate Syntax create Change Create Next Show Removes the currently active boot profileSyntax delete Defaults None Dhcp Syntax diag Accesses the diagnostic modeSyntax dir c d e f boot0 boot1 Diag Bstrap Syntax fver c d e f boot0 boot1 filenameFver Bload Boot help fver Boot fver boot1Syntax help command-name Command-name Boot prompt command Help Link DWS-1008 CLI Manual 522 Displays a list of the boot prompt commandsSyntax ls Defaults None Next Syntax next Defaults None Boot Link DWS-1008 CLI Manual 524 ResetResets a DWS-1008 switch’s hardware Syntax reset Defaults None Show Syntax show Defaults NoneBoot Type Change Create Delete Dhcp Next Link DWS-1008 CLI Manual 526 Boot Type Syntax test on on OFF off Syntax version Defaults NoneTest Version Dir Fver Link DWS-1008 CLI Manual 528 Boot version