Wireless LAN Mobility System
3CRWXR10095A, 3CRWX120695A, 3CRWX440095A
3Com Corporation 350 Campus Drive Marlborough, MA USA
United States Government Legend
Contents
Site Objects Alerts Panel Content Panel Monitor Tab
Starting 3WXM
Planning the 3COM Mobility System
130
Configuring WX System and Administrative Parameters
210
226
Configuring IP Aliases
Configuring DNS 230 Configuring NTP 231 Configuring ARP 233
245
285
268
Creating and Managing Users in the Local User Database
300
Managing Certificates
394
361 Displaying 802.11 Coverage 362
364
397
448 Generating a Radio Details Report 449
423
430
Using 3WXM with HP Openview
Obtaining Support for Your Product
Register Your Product 497
Page
Icon Description
Conventions
List conventions that are used throughout this guide
Documentation
Including new features and bug fixes
3WXM for advanced configuration and management
This manual uses the following text and syntax conventions
Comments
Pddtechpubscomments@3com.com
Example
Hardware
Hardware
Requirements
Requirements for
Hard drive space Available Monitor resolution
Hardware Requirements for 3WXM Monitoring Service
Hardware Requirements for Running 3WXM Monitoring Service
Number Radios WX Switches 50+ WX Switches
Preparing for
Installation
Software
Installing 3WXM
If Autorun is disabled, follow these steps
Using the Installation To use the installation wizard
Wizard
Installing 3WXM
Installing 3WXM
Installing the HP To install the HP OpenView plug-in
OpenView Plug-In
Installing 3WXM
Click Get Activation Key
Installing 3WXM
Click Uninstall
Click Continue
Manager 3WXM interface
Switches or monitor network data
Overview
Working with the 3WXM User Interface
Window
Menu Options
Main 3WXM
View Object Details or View Alerts from the main toolbar
3WXM Menu Options
Menu Menu Option Description
To add a WX switch
Devices Apply Auto-Tune
Association failure rates
Open the 3Com 3WXM Administrator’s
Organizer Panel
Working with the 3WXM User Interface
Select an object Details are displayed here
Settings for the following management services
Object
Object Description
Location Policy
Working with the 3WXM User Interface
WX Switch Objects
Mobility Domain Objects
Ports/MAPs
Lists the object that can appear under Third Party APs
Third Party AP Objects
Content panel with more details
Alerts Panel
Lists the types of alerts displayed in the Alerts panel
Alert Category Description
Toolbar option of the main 3WXM window
Content Panel
Content panel displays information for objects selected
Monitor Tab Explore Window
Working with the 3WXM User Interface
„ Green Up
Monitor Tab Status Summary Window
Monitor Tab Client Monitor Window
Monitor Tab RF Monitor Window
Monitor Tab RF Trends Window
Working with the 3WXM User Interface
Resolutions Error/Warning Details
Working with the 3WXM User Interface
Content Panel
Information panel
Configuration
Wizards
Working with the 3WXM User Interface
Configuration Wizards
Reports
Reports
Copying
Pasting Objects
New switch appears under the Mobility Domain
Replace
Mnemonics
Enabling Keyboard
Shortcut
Windows XP Only
Enabling Keyboard Shortcut Mnemonics Windows XP Only
Working with the 3WXM User Interface
Starting 3WXM
Switch Manager 3WXM, restricting access to 3WXM, creating
Following steps describe how to start 3WXM
Managing network plans, and defining a Mobility Domain
Getting Started
Restricting Access
To 3WXM
Getting Started
To create a provision or monitor account
Monitor Accounts
Monitor accounts
Accounts
Plans
Creating
Managing Network
Plan
You must select a country code before continuing
Saving a Network Plan
Creating and Managing Network Plans
Saving a Network Plan with a New Name
Creating and Managing Network Plans
Getting Started
Plan
Getting Started
To override another user’s lock
Getting Started
Defining a Mobility Domain
Protocol Port Function
Domain
Traffic Ports Used for AAA Servers and Management Servers
Do one of the following „ To close the wizard, click Finish
Getting Started
Network design information
Provide about your wireless coverage needs
Building Wizard
Live network
Planning the 3COM Mobility System
OptionDescription
Building Wizard Setup
Toolbar Options on Setup
Building Wizard Edit Content
Toolbar Options on Edit Content
Lists the toolbar icons at the top of the floor display area
Building Wizard Plan RF Coverage
Toolbar Options on Plan RF Coverage
Building Wizard Optimize RF Coverage
Toolbar Options on Optimize RF Coverage
Building Wizard Report
Toolbar Options on Report
Creating a Site
Campus
Planning the 3COM Mobility System
Creating or
Modifying Buildings in a Site
Planning the 3COM Mobility System
Creating or Modifying Buildings in a Site
Details
Importing or
Drawing Floor
File Recommendations
Preparing a Drawing Before Importing It
To prepare a drawing before importing it into 3WXM
Importing or Drawing Floor Details
Planning the 3COM Mobility System
Operating Tips
Useful AutoCAD Operations and Naming-Conventions
Importing the Drawing
Common AutoCAD Layer Names
Click Import Floor Layout
Importing or Drawing Floor Details
To crop the paper space
Importing or Drawing Floor Details
To adjust the origin point
Origin point
New location of origin point
To adjust the scale
Hiding Layers
Adding or removing a layer
Moving an object from one layer to another
To clean up a drawing
Planning the 3COM Mobility System
Importing or Drawing Floor Details
ObjectAction
To draw an object
Click Finish to save the changes and close the wizard
Properties
Floor
Characteristics of a
Specifying the RF
To create RF obstacles by grouping objects
Go to To use the Create RF Obstacle Dialog box on
To create RF obstacles for an area in a drawing
To use the Create RF Obstacle Dialog box
ObjectAction
Planning the 3COM Mobility System
Coverage
To create a wiring closet
Shared Coverage Areas
Area
Drawing a Coverage Area
Coverage Area Choices wizard appears
Go to Specifying the Wireless Technology for a Coverage Area
Specifying the Wireless Technology for a Coverage Area
Specifying Coverage Area Properties
Planning the 3COM Mobility System
Go to Specifying Association Information
Specifying Association Information
Planning the 3COM Mobility System
Defining Wireless Coverage Areas
WX4400 switches support distributed MAP connections only
Setting Attributes for a Third-Party Access Point
Planning the 3COM Mobility System
Configuring Radio Attributes
Moving the AP Icon to its Floor Location
Computing MAP Placement
To specify design constraints
Computing MAP Placement
WX4400 switches support indirect MAP connections only
To compute and place MAP access points
Go to To review coverage area computation
To review coverage area computation
Computing MAP Placement
Planning the 3COM Mobility System
Locking and Unlocking Coverage Areas
To unlock a coverage area
Locking and Unlocking MAP Access Points
To lock a MAP
To assign channels
Planning the 3COM Mobility System
To compute optimal power
Planning the 3COM Mobility System
To resolve optimal power computation problems
Verifying the Wireless Network
Resolving coverage gaps
To place an RF measurement point
„ To list disabled access points, select Show Disabled MAPs
Signal strengths for any location on the floor
To use the RF interactive measurement mode
Value
Shows the information available in the RF measurement table
RF Measurement Information
Generating RF Network Design Information
Reviewing Layout To see the floor layout, click View Layout
Information
To generate a work order
Click Generate Work Order
Applying RF Auto-Tuning Settings to the Network Plan
Click Next. The progress is displayed Click Finish
Planning the 3COM Mobility System
WX Switch Wizard
Following figure shows an example of the wizard
„ AAA
WX Switch Wizard Overview
Settings, and so on. This page is shown above
WX Switch Wizard Overview
Configuring WX System and Administrative Parameters
WX Switch Wizard Overview
Adding a WX
Switch to
Insert Wireless Switch
Network Plan
Configuration file
Accessing the WX
Switch Wizard
See Adding a WX Switch to the Network Plan on
WX Properties
Configuring VLANs
Configuring WX System and Administrative Parameters
Vlan Names
Roaming and VLANs
Configuring Vlan Basic Properties
To configure Vlan basic properties
Adding Ports to a Vlan
Configuring Spanning Tree Protocol
Configuring WX System and Administrative Parameters
Configuring Spanning Tree Port Information
Configuring Igmp
„ To close the wizard and save the changes, click Finish
Configuring Static Multicast Ports
Configuring the MSS Dhcp Server
Configuring STP Fast Convergence Features
Select Spanning Tree Properties
Select Config Edit
Configuring WX Management Services
Setting System To set system information
Configuring WX System and Administrative Parameters
Configuring WX Management Services
Reenabling WebAAA
To configure Snmp Do one of the following
Configuring an Snmp To configure an Snmp community string
V1 or V2c Community String
Configuring an Snmp To configure an SNMPv3 user
V3 User
Configuring WX System and Administrative Parameters
To configure a notification target Do one of the following
Configuring a Notification Profile
Configuring a Notification Target
For SNMPv3, select the USM user
Setting Up System Logging
Configuring WX System and Administrative Parameters
Setting Up a Syslog Server
To set up a syslog server
Configuring Tracing
Expand Management Services
To delete a trace Organizer pane, expand the WX switch
Deleting Traces
To set up a time zone
To set summertime information
Configuring WX Management Services
Wired authentication port is an Ethernet port that has
Configuring Wired
Authentication
Wired users is not encrypted after they are authenticated
Network Ports
Configuring
Other networking devices such as switches and routers
WX1200 ports support full-duplex mode only
Configuring Load Sharing
Configuring IP Services
Creating Static Routes
Configuring Default Routes
To close the Create Static Route dialog box, click Finish
Creating IP Aliases
To create an IP alias Do one of the following
Setting Up DNS Basic Properties
Adding DNS Servers
Click New NTP Server
Setting NTP Properties
Creating NTP Servers
Adding ARP Entries
Configuring WX System and Administrative Parameters
Parameters
Configuring Wireless Parameters
RSN
Configuring a
Service Profile
Mycorp/mycorp-login.htm
Encryption
Configuring To configure encryption, follow these steps
Configuring WEP
Configuring a Service Profile
WPA and RSN Cipher Suites
Configuring WPA or RSN
WPA and RSN Authentication Methods
To configure WPA or RSN authentication
To configure WPA or RSN encryption choices
To map a service profile to a radio
Profile
Configuring Wireless Parameters
Configuring a Radio Profile
RF Auto-Tuning
Configuring a Radio Profile
To apply a radio profile to radios
Directly Connected
MAP Access Points
Configure a MAP port for each directly connected MAP
Connected and Distributed MAPs combined
Configuring Wireless Parameters
„ 112233445566778899aabbccddeeff00
Configuring Wireless Parameters
Transmit Power box, specify the transmit power for the radio
Configuring Wireless Parameters
Configuring Directly Connected MAP Access Points
Distributed MAP
Access Points
WX Switch Model Maximum Maximum Booted Configured
Indirectly connected MAP
Configuring Distributed MAP Access Points
„ 112233445566778899aabbccddeeff00
Configuring Distributed MAP Access Points
Configuring Wireless Parameters
Authorization ,
Overview on
Connecting to
Server Groups
To change default values for Radius parameters
To define a Radius server
Connecting to Radius Servers and Server Groups
To define a Radius server group
Database
Managing Users
Local User
Changing the Order in a Radius Server Group
Database
To configure user authentication properties
You can create two types of users in the local database
To configure user group authentication properties
Click Choose Available
To configure MAC address user authentication properties
Local database
Click Choose Available
To configure user authorization attributes
End-date
Authentication Attributes for Local Users
Attribute Description Valid Values Encryption-type
Start-date,end-date, or both
Idle-timeout
Attribute Description Valid Values Filter-id
Attribute Description Valid Values Mobility-profile
Start-date
Attribute Description Valid Values Session-timeout
Ssid
Attribute Description Valid Values Time-of-day
Url
Attribute Description Valid Values Vlan-name
Accept user globs and MAC address globs
User Globs
MAC Address Globs
Vlan Globs
To set the authentication method for administrator access
To set the accounting method for administrator access
Managing Administrator
Console Access Rules
Configuring and Managing Access Rules for Network Users
Authentication
Authentication Types
MSS provides the following types of authentication
Authentication Algorithm
To 802.1X? Yes
Ssid Name Any
Last-Resort Processing
User Credential Requirements
Page
Authentication To configure authentication rules
Page
To configure authentication settings
Page
Accounting
Page
About the Location
To change the order of access rules
Location Policies
Policy
„ Ports
To create a location policy rule
Configuring Location Policies
Click Close
Configuring AAA for Clients of Third-Party APs
To create a proxy authentication rule
To create a Radius proxy client entry
To configure a port as a Radius proxy for an Ssid
Attribute VSA
Mobility Profiles
Included, or you can specify a list of ports to be included
To create a Mobility Profile
Control Lists for
Using Access
Creating Access
Security
Defining Access Control Entries
Setting Up ACL Basic Properties
Go to Defining Access Control Entries
Creating an IP ACE
Page
Creating a TCP or UDP ACE
Type box, specify the Icmp type used to filter Icmp packets
Creating an Icmp ACE
To define the action of the ACE
Icmp Messages and Codes
Icmp Message Type Number Code Number
IP Protocol Number
Creating a Layer 4 Protocol ACE
Commonly Used IP Protocol Numbers
For a complete list of IP protocol numbers, see Click Finish
To add ACEs to an ACL and organize them
Mapping User-Based ACLs
ACL Map page, click New
Mapping ACLs to Ports, VLANs, or Virtual Ports
Mapping an ACL to a Distributed MAP
Mapping an ACL to a Vlan
Mapping an ACL to a Port
Mapping an ACL to a Virtual Port
Configuring 802.1X Parameters
Attempts
Click Finish
Page
System Files
Chapter where the options are described
Managing WX
WX File Management Options in 3WXM
Network on
Not defined in 3WXM, uploading the WX configuration creates
Switch
Configuration into
Uploading a WX
To upload a WX switch configuration
Verifying
Toolbar Options on Verification Tab
Refresh Refreshes the data Options
To resolve an error or warning
To globally disable a warning or error
To disable a specific instance of a warning or error
Select the warning or error message
Or for specific instances
To disable or reenable a rule
To change verification options
Managing WX System Images and Configurations
Network
Changes
Toolbar Options on Managed Devices Tab
Changes To review changes
To accept network changes
To deploy local changes
Click Deploy Now
Options Alerts panel
To undo changes
Nonmatching
To modify configuration polling options
Network Plan to
Switches from a
Deploying WX
Distributing Image
Files
To distribute a system image
Click Distribute
To distribute a WX configuration file
Importing Exporting WX switch Configuration Files
Distributing WX Configuration Files
Select Distribute Config Click Distribute
Importing and Exporting WX switch Configuration Files
Managing WX System Images and Configurations
Managed
Applying Policies
How Changes Are
For This Feature Area See
Configuring a Policy
Configuration Information
Reviewing Applying Policy Settings
Configuration Information
Click Review Changes
Rebooting WX
Switches or MAP Access Points
When 3WXM connects to 3WXM Services or a WX switch,
„ 802.1X-EAP certificate for a WX switch
„ WebAAA certificate for a WX switch
Distributing PKS #12 files
To process a certificate
Processing
Certificates
To review certificate details
Managing
Certificate that is stored in the 3WXM certificate store
Select Tools Certificate Management
Managing Certificates
Switches and shows information based on those traps
Statistics and the event log
Requirements for
Accessing
To access monitored data
Monitoring
Using the Explore Window
„ Green Up
Toolbar Options in Link View of Explore Window
IconDescription
Lists the options on the toolbar in the floor view
Toolbar Options in Floor View of Explore Window
Toolbar Options in Floor View of Explore Window
Monitoring the Network
Using the Explore Window
Monitoring the Network
Coverage Display Options in Explore Window
Display Option
3Com radio on the floor
To take an RF measurement
RF measurement point Rssi measurements
Status Summary window shows the operational status of 3Com
Using the Status
Summary Window
Activity on the network
Using the Client
Monitor Window
Toolbar Options in Client Monitor Window
To refresh the data on demand
To refresh the data automatically
Data Displayed When a Mobility Domain or Site is Selected
Client Activity Columns When a Mobility Domain is Selected
Number of times authentication for a client failed
Data Displayed When a Switch, MAP, or Radio is Selected
Client Activity Columns When a Mobility Domain is Selected
Ssid
Column Description
Activity Details for Authentication Failure
Activity Details for Association Failure
Activity Details for Authorization Failure
Peap
Activity Details for Authorization Successful
ColumnDescription
DOT1X
Activity Details for Client Cleared
Activity Details for Disassociation
Activity Details for Dot1x Failure
Data Displayed When a Mobility Domain is Selected
Activity Details for Roam
Client Sessions Columns When a Mobility Domain is Selected
Data Displayed When the Scope is a Mobility Domain
Client Sessions Columns When Scope Is a Mobility Domain
Data Displayed When a WX Switch, MAP, or Radio is Selected
Displaying Session Details
Session Properties Columns
Authentication Server
New location
Session Statistics Columns
Session Statistics Columns
Location History Columns
Clients on the watch list by MAC address
Adding a Client to the Watch List
„ natasha@example.com
Using the Client Monitor Window
Displaying the Client Watch List
Details are displayed on the following tabs
Removing a Client from the Watch List
Session
Displaying a Client’s Geographical Location
Terminating a Client’s To terminate a client’s session
Radio can hear
Using the RF
„ RF Neighborhood lists the other transmitting devices that
Ssid the radio can hear
Displaying RF
Window
RF Monitor RF Neighborhood Columns
Mapping
Window
RF Monitor Activity Log Columns
Statistics
RF Monitor Environment Columns
Can indicate interference from a non-802.11 device
RF Trends Columns
As cordless phones and webcams, appear to generate
To access performance statistics from the network
Statistics
Accessing Realtime Performance Statistics
Monitoring the Network
Accessing Realtime Performance Statistics
„ Octets In/Out „ Packets In/Out „ Errors In/Out
Viewing Current Data
Viewing Historical Data
Viewing Data in Percentages
Accessing Realtime Performance Statistics
Exporting Performance Data
To export data to a file
Displaying
Accessing the Event
Log
Event log
Using Predefined Event Filters
Toolbar Options on Event Tab
Filtering Events by Content
To filter messages by content
Monitoring the Network
Saving Filters
Filtering Events by Severity
Filtering Events by Facility
Deleting Filters
Exporting Filtered Data
Accessing the Event Log
Monitoring the Network
Users
Both enabled radios and disabled radios perform these scans
Dynamic Frequency Selection DFS
Notification Type Description
Rogue Detection Requirements
Snmp Notifications for RF Detection
Other than an associate request flood
Rogue Detection Lists
Detecting and Combatting Rogue Devices
Using the Rogue Detection Tab
To filter the rogue list
Toolbar Options on Rogue Detection Tab
Using the Rogue Detection Tab
To change the scope of the rogue list
Current, Current Hour, Current Day, and History Tabs
Rogue Details Columns
Activity Log Tab
Listeners Tab
Rogue Listener Details Columns
Geographical
Displaying a
Rogue’s
Location
To add a device to the ignore list
Adding a Device to
Attack List
They are present on the network
Converting a Rogue
Into a Third Party
Clients to the Black
Configuring RF
Adding a Rogue’s
List
Click Permitted OUI List
Type the SSID. c Click Finish
Configuring RF Detection Options from the Organizer Panel
Detecting and Combatting Rogue Devices
Generating Reports
Work orders
Site Survey
To generate an inventory report
Generating an
Inventory Report
Click Generate
Generating a
Switches
Mobility Domain Configuration Report dialog box appears
Mobility Domain
Configuration Report
WX Configuration Report Sections
Summary Report
Details Report
Click Generate
Errors Report
Click Generate
Generating a Network Usage Report
Network usage report lists network usage statistics
Summary Report
Scope is always MAP Radio and cannot be changed
Details Report
Generating a Rogue Summary Report
Click Generate
Click View Work Order
Generating Reports
RF obstacle data
Importing RF
Measurements
Importing Measurements
Optimizing a Network Plan
Map name must match the name used in the site survey tool
Applying the RF Measurements to Floor Plan
Coverage holes by displaying coverage
Locating and Fixing
Coverage Holes
Locating a Coverage Hole
Optimizing a Network Plan
Installed to Network Plan
Optimizing a Network Plan
Manager
Preparing to Use HP OpenView and 3WXM
From Network Node
To start 3WXM from Network Node Manager
Chapter a Using 3WXM with HP Openview
That system
Change options for network synchronization, user interface
Logging
To change 3WXM preferences, in the main 3WXM window, select
Changing Network
Resetting
Preferences Values
Synchronization
Changing Network Synchronization Options
„ Multiple Show the topology in multiple windows
Changing User Interface Options
Within Window Style, select one of the following
Changing Tools
Check on
Changing
Certificate
Click the Certificate Handling tab
For RF Planning
Typical Client’s Transmit Power
Changing Options
You can change the following RF planning options
Chapter B Changing 3WXM Preferences
To Change a Color
Defining a Color from the Palette
Defining a Color by Changing HSB Properties
Defining a Color by Changing RGB Properties
Changing 3WXM Logging Options
Chapter B Changing 3WXM Preferences
Preferences
Chapter C Changing 3WXM Services Preferences
Starting or
3WXM Services
Services
Stopping
Connecting to 3WXM Services
To connect to 3WXM Services
Verify that the service is running on the server
Chapter C Changing 3WXM Services Preferences
Settings
Receiving Service
Changing Service
Verifying that
Chapter C Changing 3WXM Services Preferences
Click the WXs Connection Settings tab
WX connection settings control the timeout and retries for
Service will accept from the WX switches
Changing WX
Chapter C Changing 3WXM Services Preferences
Sources of Monitor Data
Monitor tab and for the Performance Statistics window
Windows. lists the source of the data for each window
Click the Monitoring Settings tab
Polling Interval is 5 minutes and cannot be changed
Changing Monitoring Settings
Https//ip-addr
Managing Network Plans
Chapter C Changing 3WXM Services Preferences
Backup
Chapter C Changing 3WXM Services Preferences
Purchase
Register Your
Product
Value-Added
Telephone
Access Software
Downloads
Technical Support
Contact Us
US and Canada Telephone Technical Support and Repair
Country Telephone Number
Latin America Telephone Technical Support and Repair
Index
Index
User privileges Configuring
SSH
Index
Index
