Wireless LAN Mobility System
3CRWXR10095A, 3CRWX120695A, 3CRWX440095A
3Com Corporation 350 Campus Drive Marlborough, MA USA
United States Government Legend
Contents
Site Objects Alerts Panel Content Panel Monitor Tab
Starting 3WXM
Planning the 3COM Mobility System
130
Configuring WX System and Administrative Parameters
210
Configuring IP Aliases
Configuring DNS 230 Configuring NTP 231 Configuring ARP 233
226
245
268
Creating and Managing Users in the Local User Database
285
300
Managing Certificates
361 Displaying 802.11 Coverage 362
364
394
397
430
423
448 Generating a Radio Details Report 449
Using 3WXM with HP Openview
Obtaining Support for Your Product
Register Your Product 497
Page
List conventions that are used throughout this guide
Conventions
Icon Description
Including new features and bug fixes
3WXM for advanced configuration and management
Documentation
This manual uses the following text and syntax conventions
Comments
Pddtechpubscomments@3com.com
Example
Hardware
Requirements
Hardware
Requirements for
Hardware Requirements for 3WXM Monitoring Service
Hardware Requirements for Running 3WXM Monitoring Service
Hard drive space Available Monitor resolution
Number Radios WX Switches 50+ WX Switches
Software
Installation
Preparing for
Installing 3WXM
If Autorun is disabled, follow these steps
Using the Installation To use the installation wizard
Wizard
Installing 3WXM
Installing 3WXM
Installing the HP To install the HP OpenView plug-in
OpenView Plug-In
Installing 3WXM
Click Get Activation Key
Installing 3WXM
Click Uninstall
Click Continue
Overview
Switches or monitor network data
Manager 3WXM interface
Working with the 3WXM User Interface
Menu Options
Main 3WXM
Window
View Object Details or View Alerts from the main toolbar
3WXM Menu Options
Menu Menu Option Description
To add a WX switch
Devices Apply Auto-Tune
Association failure rates
Open the 3Com 3WXM Administrator’s
Organizer Panel
Working with the 3WXM User Interface
Select an object Details are displayed here
Settings for the following management services
Object
Object Description
Location Policy
Working with the 3WXM User Interface
WX Switch Objects
Mobility Domain Objects
Ports/MAPs
Lists the object that can appear under Third Party APs
Third Party AP Objects
Content panel with more details
Alerts Panel
Lists the types of alerts displayed in the Alerts panel
Alert Category Description
Content panel displays information for objects selected
Content Panel
Toolbar option of the main 3WXM window
Monitor Tab Explore Window
Working with the 3WXM User Interface
„ Green Up
Monitor Tab Status Summary Window
Monitor Tab Client Monitor Window
Monitor Tab RF Monitor Window
Monitor Tab RF Trends Window
Working with the 3WXM User Interface
Resolutions Error/Warning Details
Working with the 3WXM User Interface
Content Panel
Information panel
Configuration
Wizards
Working with the 3WXM User Interface
Configuration Wizards
Reports
Reports
Copying
Pasting Objects
New switch appears under the Mobility Domain
Replace
Enabling Keyboard
Shortcut
Mnemonics
Windows XP Only
Enabling Keyboard Shortcut Mnemonics Windows XP Only
Working with the 3WXM User Interface
Switch Manager 3WXM, restricting access to 3WXM, creating
Following steps describe how to start 3WXM
Starting 3WXM
Managing network plans, and defining a Mobility Domain
Getting Started
Restricting Access
To 3WXM
Getting Started
Monitor Accounts
Monitor accounts
To create a provision or monitor account
Accounts
Managing Network
Creating
Plans
Plan
You must select a country code before continuing
Saving a Network Plan
Creating and Managing Network Plans
Saving a Network Plan with a New Name
Creating and Managing Network Plans
Getting Started
Plan
Getting Started
To override another user’s lock
Getting Started
Defining a Mobility Domain
Traffic Ports Used for AAA Servers and Management Servers
Domain
Protocol Port Function
Do one of the following „ To close the wizard, click Finish
Getting Started
Provide about your wireless coverage needs
Building Wizard
Network design information
Live network
Planning the 3COM Mobility System
Toolbar Options on Setup
Building Wizard Setup
OptionDescription
Building Wizard Edit Content
Toolbar Options on Edit Content
Lists the toolbar icons at the top of the floor display area
Building Wizard Plan RF Coverage
Toolbar Options on Plan RF Coverage
Building Wizard Optimize RF Coverage
Toolbar Options on Optimize RF Coverage
Building Wizard Report
Toolbar Options on Report
Creating a Site
Campus
Planning the 3COM Mobility System
Creating or
Modifying Buildings in a Site
Planning the 3COM Mobility System
Creating or Modifying Buildings in a Site
Drawing Floor
Importing or
Details
File Recommendations
Preparing a Drawing Before Importing It
To prepare a drawing before importing it into 3WXM
Importing or Drawing Floor Details
Planning the 3COM Mobility System
Useful AutoCAD Operations and Naming-Conventions
Importing the Drawing
Operating Tips
Common AutoCAD Layer Names
Click Import Floor Layout
Importing or Drawing Floor Details
To crop the paper space
Importing or Drawing Floor Details
To adjust the origin point
Origin point
New location of origin point
To adjust the scale
Hiding Layers
Adding or removing a layer
Moving an object from one layer to another
To clean up a drawing
Planning the 3COM Mobility System
Importing or Drawing Floor Details
Click Finish to save the changes and close the wizard
To draw an object
ObjectAction
Properties
Specifying the RF
Characteristics of a
Floor
To create RF obstacles for an area in a drawing
Go to To use the Create RF Obstacle Dialog box on
To create RF obstacles by grouping objects
To use the Create RF Obstacle Dialog box
ObjectAction
Planning the 3COM Mobility System
Coverage
To create a wiring closet
Shared Coverage Areas
Area
Drawing a Coverage Area
Coverage Area Choices wizard appears
Go to Specifying the Wireless Technology for a Coverage Area
Specifying the Wireless Technology for a Coverage Area
Specifying Coverage Area Properties
Planning the 3COM Mobility System
Go to Specifying Association Information
Specifying Association Information
Planning the 3COM Mobility System
Defining Wireless Coverage Areas
WX4400 switches support distributed MAP connections only
Setting Attributes for a Third-Party Access Point
Planning the 3COM Mobility System
Configuring Radio Attributes
Moving the AP Icon to its Floor Location
Computing MAP Placement
To specify design constraints
Computing MAP Placement
WX4400 switches support indirect MAP connections only
To compute and place MAP access points
Go to To review coverage area computation
To review coverage area computation
Computing MAP Placement
Planning the 3COM Mobility System
Locking and Unlocking Coverage Areas
To unlock a coverage area
Locking and Unlocking MAP Access Points
To lock a MAP
To assign channels
Planning the 3COM Mobility System
To compute optimal power
Planning the 3COM Mobility System
To resolve optimal power computation problems
Verifying the Wireless Network
Resolving coverage gaps
To place an RF measurement point
„ To list disabled access points, select Show Disabled MAPs
Signal strengths for any location on the floor
To use the RF interactive measurement mode
RF Measurement Information
Shows the information available in the RF measurement table
Value
Generating RF Network Design Information
Reviewing Layout To see the floor layout, click View Layout
Information
To generate a work order
Click Generate Work Order
Applying RF Auto-Tuning Settings to the Network Plan
Click Next. The progress is displayed Click Finish
Planning the 3COM Mobility System
WX Switch Wizard
Following figure shows an example of the wizard
„ AAA
WX Switch Wizard Overview
Settings, and so on. This page is shown above
WX Switch Wizard Overview
Configuring WX System and Administrative Parameters
WX Switch Wizard Overview
Switch to
Insert Wireless Switch
Adding a WX
Network Plan
Accessing the WX
Switch Wizard
Configuration file
See Adding a WX Switch to the Network Plan on
WX Properties
Configuring VLANs
Configuring WX System and Administrative Parameters
Vlan Names
Roaming and VLANs
Configuring Vlan Basic Properties
To configure Vlan basic properties
Adding Ports to a Vlan
Configuring Spanning Tree Protocol
Configuring WX System and Administrative Parameters
Configuring Spanning Tree Port Information
Configuring Igmp
„ To close the wizard and save the changes, click Finish
Configuring Static Multicast Ports
Configuring the MSS Dhcp Server
Configuring STP Fast Convergence Features
Select Spanning Tree Properties
Select Config Edit
Configuring WX Management Services
Setting System To set system information
Configuring WX System and Administrative Parameters
Configuring WX Management Services
Reenabling WebAAA
To configure Snmp Do one of the following
Configuring an Snmp To configure an Snmp community string
V1 or V2c Community String
Configuring an Snmp To configure an SNMPv3 user
V3 User
Configuring WX System and Administrative Parameters
Configuring a Notification Target
Configuring a Notification Profile
To configure a notification target Do one of the following
For SNMPv3, select the USM user
Setting Up System Logging
Configuring WX System and Administrative Parameters
Setting Up a Syslog Server
To set up a syslog server
Configuring Tracing
Expand Management Services
To delete a trace Organizer pane, expand the WX switch
Deleting Traces
To set up a time zone
To set summertime information
Configuring WX Management Services
Configuring Wired
Authentication
Wired authentication port is an Ethernet port that has
Wired users is not encrypted after they are authenticated
Other networking devices such as switches and routers
Configuring
Network Ports
WX1200 ports support full-duplex mode only
Configuring Load Sharing
Configuring IP Services
Creating Static Routes
Configuring Default Routes
To close the Create Static Route dialog box, click Finish
Creating IP Aliases
To create an IP alias Do one of the following
Setting Up DNS Basic Properties
Adding DNS Servers
Creating NTP Servers
Setting NTP Properties
Click New NTP Server
Adding ARP Entries
Configuring WX System and Administrative Parameters
Parameters
Configuring Wireless Parameters
RSN
Configuring a
Service Profile
Mycorp/mycorp-login.htm
Configuring WEP
Configuring To configure encryption, follow these steps
Encryption
Configuring a Service Profile
WPA and RSN Authentication Methods
Configuring WPA or RSN
WPA and RSN Cipher Suites
To configure WPA or RSN authentication
To configure WPA or RSN encryption choices
To map a service profile to a radio
Profile
Configuring Wireless Parameters
Configuring a Radio Profile
RF Auto-Tuning
Configuring a Radio Profile
To apply a radio profile to radios
MAP Access Points
Configure a MAP port for each directly connected MAP
Directly Connected
Connected and Distributed MAPs combined
Configuring Wireless Parameters
„ 112233445566778899aabbccddeeff00
Configuring Wireless Parameters
Transmit Power box, specify the transmit power for the radio
Configuring Wireless Parameters
Configuring Directly Connected MAP Access Points
Access Points
WX Switch Model Maximum Maximum Booted Configured
Distributed MAP
Indirectly connected MAP
Configuring Distributed MAP Access Points
„ 112233445566778899aabbccddeeff00
Configuring Distributed MAP Access Points
Configuring Wireless Parameters
Authorization ,
Server Groups
Connecting to
Overview on
To change default values for Radius parameters
To define a Radius server
Connecting to Radius Servers and Server Groups
To define a Radius server group
Managing Users
Local User
Database
Changing the Order in a Radius Server Group
You can create two types of users in the local database
To configure user authentication properties
Database
To configure user group authentication properties
Click Choose Available
To configure MAC address user authentication properties
Local database
Click Choose Available
To configure user authorization attributes
Authentication Attributes for Local Users
Attribute Description Valid Values Encryption-type
End-date
Start-date,end-date, or both
Idle-timeout
Attribute Description Valid Values Filter-id
Attribute Description Valid Values Mobility-profile
Ssid
Attribute Description Valid Values Session-timeout
Start-date
Attribute Description Valid Values Time-of-day
Url
Attribute Description Valid Values Vlan-name
Accept user globs and MAC address globs
User Globs
MAC Address Globs
Vlan Globs
To set the authentication method for administrator access
To set the accounting method for administrator access
Managing Administrator
Console Access Rules
Configuring and Managing Access Rules for Network Users
Authentication
Authentication Types
MSS provides the following types of authentication
Authentication Algorithm
To 802.1X? Yes
Ssid Name Any
Last-Resort Processing
User Credential Requirements
Page
Authentication To configure authentication rules
Page
To configure authentication settings
Page
Accounting
Page
To change the order of access rules
Location Policies
About the Location
Policy
„ Ports
To create a location policy rule
Configuring Location Policies
Click Close
Configuring AAA for Clients of Third-Party APs
To create a proxy authentication rule
To create a Radius proxy client entry
To configure a port as a Radius proxy for an Ssid
Mobility Profiles
Included, or you can specify a list of ports to be included
Attribute VSA
To create a Mobility Profile
Using Access
Creating Access
Control Lists for
Security
Go to Defining Access Control Entries
Setting Up ACL Basic Properties
Defining Access Control Entries
Creating an IP ACE
Page
Creating a TCP or UDP ACE
To define the action of the ACE
Creating an Icmp ACE
Type box, specify the Icmp type used to filter Icmp packets
Icmp Messages and Codes
Icmp Message Type Number Code Number
Commonly Used IP Protocol Numbers
Creating a Layer 4 Protocol ACE
IP Protocol Number
For a complete list of IP protocol numbers, see Click Finish
To add ACEs to an ACL and organize them
Mapping User-Based ACLs
Mapping ACLs to Ports, VLANs, or Virtual Ports
Mapping an ACL to a Distributed MAP
ACL Map page, click New
Mapping an ACL to a Vlan
Mapping an ACL to a Port
Mapping an ACL to a Virtual Port
Configuring 802.1X Parameters
Attempts
Click Finish
Page
Chapter where the options are described
Managing WX
System Files
WX File Management Options in 3WXM
Network on
Switch
Configuration into
Not defined in 3WXM, uploading the WX configuration creates
Uploading a WX
To upload a WX switch configuration
Verifying
Toolbar Options on Verification Tab
Refresh Refreshes the data Options
To resolve an error or warning
Select the warning or error message
To disable a specific instance of a warning or error
To globally disable a warning or error
To change verification options
To disable or reenable a rule
Or for specific instances
Managing WX System Images and Configurations
Network
Changes
Toolbar Options on Managed Devices Tab
Changes To review changes
Click Deploy Now
To deploy local changes
To accept network changes
Nonmatching
To undo changes
Options Alerts panel
To modify configuration polling options
Deploying WX
Switches from a
Network Plan to
Distributing Image
Files
To distribute a system image
Click Distribute
Importing Exporting WX switch Configuration Files
Distributing WX Configuration Files
To distribute a WX configuration file
Select Distribute Config Click Distribute
Importing and Exporting WX switch Configuration Files
Managing WX System Images and Configurations
How Changes Are
Applying Policies
Managed
Configuration Information
Configuring a Policy
For This Feature Area See
Reviewing Applying Policy Settings
Configuration Information
Switches or MAP Access Points
Rebooting WX
Click Review Changes
„ 802.1X-EAP certificate for a WX switch
„ WebAAA certificate for a WX switch
When 3WXM connects to 3WXM Services or a WX switch,
Distributing PKS #12 files
Certificates
Processing
To process a certificate
Managing
Certificate that is stored in the 3WXM certificate store
To review certificate details
Select Tools Certificate Management
Managing Certificates
Switches and shows information based on those traps
Statistics and the event log
Accessing
To access monitored data
Requirements for
Monitoring
Using the Explore Window
„ Green Up
Toolbar Options in Link View of Explore Window
IconDescription
Lists the options on the toolbar in the floor view
Toolbar Options in Floor View of Explore Window
Toolbar Options in Floor View of Explore Window
Monitoring the Network
Using the Explore Window
Monitoring the Network
Coverage Display Options in Explore Window
Display Option
3Com radio on the floor
To take an RF measurement
RF measurement point Rssi measurements
Summary Window
Using the Status
Status Summary window shows the operational status of 3Com
Using the Client
Monitor Window
Activity on the network
Toolbar Options in Client Monitor Window
To refresh the data on demand
To refresh the data automatically
Data Displayed When a Mobility Domain or Site is Selected
Client Activity Columns When a Mobility Domain is Selected
Number of times authentication for a client failed
Data Displayed When a Switch, MAP, or Radio is Selected
Client Activity Columns When a Mobility Domain is Selected
Ssid
Activity Details for Association Failure
Activity Details for Authentication Failure
Column Description
Activity Details for Authorization Failure
Peap
Activity Details for Authorization Successful
ColumnDescription
DOT1X
Activity Details for Client Cleared
Activity Details for Disassociation
Activity Details for Dot1x Failure
Data Displayed When a Mobility Domain is Selected
Activity Details for Roam
Client Sessions Columns When a Mobility Domain is Selected
Data Displayed When the Scope is a Mobility Domain
Client Sessions Columns When Scope Is a Mobility Domain
Data Displayed When a WX Switch, MAP, or Radio is Selected
Displaying Session Details
Session Properties Columns
Authentication Server
New location
Session Statistics Columns
Session Statistics Columns
Location History Columns
Clients on the watch list by MAC address
Adding a Client to the Watch List
„ natasha@example.com
Using the Client Monitor Window
Displaying the Client Watch List
Details are displayed on the following tabs
Removing a Client from the Watch List
Terminating a Client’s To terminate a client’s session
Displaying a Client’s Geographical Location
Session
Using the RF
„ RF Neighborhood lists the other transmitting devices that
Radio can hear
Ssid the radio can hear
Displaying RF
Window
Window
Mapping
RF Monitor RF Neighborhood Columns
RF Monitor Activity Log Columns
Statistics
RF Monitor Environment Columns
Can indicate interference from a non-802.11 device
RF Trends Columns
As cordless phones and webcams, appear to generate
To access performance statistics from the network
Statistics
Accessing Realtime Performance Statistics
Monitoring the Network
Accessing Realtime Performance Statistics
„ Octets In/Out „ Packets In/Out „ Errors In/Out
Viewing Current Data
Viewing Historical Data
Viewing Data in Percentages
Accessing Realtime Performance Statistics
Exporting Performance Data
To export data to a file
Accessing the Event
Log
Displaying
Event log
Using Predefined Event Filters
Toolbar Options on Event Tab
Filtering Events by Content
To filter messages by content
Monitoring the Network
Filtering Events by Facility
Filtering Events by Severity
Saving Filters
Deleting Filters
Exporting Filtered Data
Accessing the Event Log
Monitoring the Network
Users
Both enabled radios and disabled radios perform these scans
Dynamic Frequency Selection DFS
Snmp Notifications for RF Detection
Rogue Detection Requirements
Notification Type Description
Other than an associate request flood
Rogue Detection Lists
Detecting and Combatting Rogue Devices
Using the Rogue Detection Tab
To filter the rogue list
Toolbar Options on Rogue Detection Tab
Using the Rogue Detection Tab
To change the scope of the rogue list
Current, Current Hour, Current Day, and History Tabs
Activity Log Tab
Listeners Tab
Rogue Details Columns
Rogue Listener Details Columns
Displaying a
Rogue’s
Geographical
Location
Adding a Device to
Attack List
To add a device to the ignore list
They are present on the network
Converting a Rogue
Into a Third Party
Configuring RF
Adding a Rogue’s
Clients to the Black
List
Click Permitted OUI List
Type the SSID. c Click Finish
Configuring RF Detection Options from the Organizer Panel
Detecting and Combatting Rogue Devices
Generating Reports
Work orders
Site Survey
Generating an
Inventory Report
To generate an inventory report
Click Generate
Switches
Mobility Domain Configuration Report dialog box appears
Generating a
Mobility Domain
Configuration Report
WX Configuration Report Sections
Summary Report
Details Report
Click Generate
Errors Report
Click Generate
Generating a Network Usage Report
Network usage report lists network usage statistics
Summary Report
Scope is always MAP Radio and cannot be changed
Details Report
Generating a Rogue Summary Report
Click Generate
Click View Work Order
Generating Reports
Importing RF
Measurements
RF obstacle data
Importing Measurements
Optimizing a Network Plan
Map name must match the name used in the site survey tool
Applying the RF Measurements to Floor Plan
Locating and Fixing
Coverage Holes
Coverage holes by displaying coverage
Locating a Coverage Hole
Optimizing a Network Plan
Installed to Network Plan
Optimizing a Network Plan
Preparing to Use HP OpenView and 3WXM
From Network Node
Manager
To start 3WXM from Network Node Manager
Chapter a Using 3WXM with HP Openview
Change options for network synchronization, user interface
Logging
That system
To change 3WXM preferences, in the main 3WXM window, select
Resetting
Preferences Values
Changing Network
Synchronization
Changing Network Synchronization Options
Within Window Style, select one of the following
Changing User Interface Options
„ Multiple Show the topology in multiple windows
Changing Tools
Changing
Certificate
Check on
Click the Certificate Handling tab
Typical Client’s Transmit Power
Changing Options
For RF Planning
You can change the following RF planning options
Chapter B Changing 3WXM Preferences
To Change a Color
Defining a Color from the Palette
Defining a Color by Changing HSB Properties
Defining a Color by Changing RGB Properties
Changing 3WXM Logging Options
Chapter B Changing 3WXM Preferences
Preferences
Chapter C Changing 3WXM Services Preferences
3WXM Services
Services
Starting or
Stopping
Connecting to 3WXM Services
To connect to 3WXM Services
Verify that the service is running on the server
Chapter C Changing 3WXM Services Preferences
Receiving Service
Changing Service
Settings
Verifying that
Chapter C Changing 3WXM Services Preferences
WX connection settings control the timeout and retries for
Service will accept from the WX switches
Click the WXs Connection Settings tab
Changing WX
Chapter C Changing 3WXM Services Preferences
Windows. lists the source of the data for each window
Monitor tab and for the Performance Statistics window
Sources of Monitor Data
Click the Monitoring Settings tab
Polling Interval is 5 minutes and cannot be changed
Changing Monitoring Settings
Https//ip-addr
Managing Network Plans
Chapter C Changing 3WXM Services Preferences
Backup
Chapter C Changing 3WXM Services Preferences
Register Your
Product
Purchase
Value-Added
Access Software
Downloads
Telephone
Technical Support
Contact Us
Latin America Telephone Technical Support and Repair
Country Telephone Number
US and Canada Telephone Technical Support and Repair
Index
Index
User privileges Configuring
SSH
Index
Index
