Manuals / Nortel Networks / Computer Equipment / Switch

Nortel Networks 2300 Series Last-resort-Automatically authenticates the user, Login to the Ssid

Models: 2300 Series

1 622

Download 622 pages 48.74 Kb

Page 393

Image 393

AP Commands 393

Table 24: Output for show service-profile (continued)

Field	Description

No broadcast	Indicates whether broadcast restriction is enabled. When this
	feature is enabled, WSS Software sends ARP requests and
	DHCP Offers and Acks as unicasts to their target clients instead
	of forwarding them as broadcasts.

Short retry limit	Number of times a radio serving the service-profile’s SSID can
	send a short unicast frame without receiving an acknowledgment.

Long retry limit	Number of times a radio serving the service-profile’s SSID can
	send a long unicast frame without receiving an acknowledgment.
	A long unicast frame is a frame that is equal to or longer than the
	RTS threshold.

Auth fallthru	Secondary (fallthru) encryption type when a user tries to
	authenticate but the WSS managing the radio does not have an
	authentication rule with a userwildcard that matches the
	username.
	• last-resort—Automatically authenticates the user
	and allows access to the SSID requested by the
	user, without requiring a username and password.
	• none—Denies authentication and prohibits the
	user from accessing the SSID.
	• web-portal—Redirects the user to a web page for
	login to the SSID.
Sygate On-Demand (SODA)	Whether SODA functionality is enabled for the service profile.
	When SODA functionality is enabled, connecting clients
	download SODA agent files, which perform security checks on
	the client.

Enforce SODA checks	Whether a client is allowed access to the network after it has
	downloaded and run the SODA agent security checks. When
	SODA functionality is enabled, and the WSS is configured to
	enforce SODA checks, then a connecting client must download
	the SODA agent files and pass the checks in order to gain access
	to the network.

SODA remediation ACL	The name of the ACL to be applied to the client if it fails the
	SODA agent checks. If no remediation ACL is specified, then a
	client is disconnected from the network if it fails the SODA agent
	checks.

Custom success web-page	The name of the user-specified page that the client loads upon
	successful completion of the SODA agent checks. If no page is
	specified, then the success page is generated dynamically.

Custom failure web-page	The name of the user-specified page that the client loads if it fails
	SODA agent checks. If no page is specified, then the failure page
	is generated dynamically.

Custom logout web-page	The name of the user-specified page that the client loads upon
	logging out of the network, either by closing the SODA virtual
	desktop, or by requesting the page. If no page is specified, then
	the client is disconnected without loading a logout page.

Nortel WLAN—Security Switch 2300 Series Command Line Reference

Page 393

Image 393

Nortel Networks 2300 Series manual Last-resort-Automatically authenticates the user, Allows access to the Ssid requested by

Contents

Page Copyright 2007-2008 Nortel Networks. All rights reserved Nortel Networks software license agreement Legal Information Exclusive Remedy Software License Agreement Page SSH Source Code Statement OpenSSL Project License Statements NN47250-100 Version How to get help Introducing the Nortel Wlan 2300 System NN47250-102 Version Getting help from the Nortel web site How to get helpHow to get help NN47250-100 Version Nortel Wlan 2300 System Documentation Introducing the Nortel Wlan 2300 SystemPlanning, Configuration, and Deployment InstallationConfiguration and Management Safety and Advisory Notices Menu Name Command Bold textItalic text CLI Conventions Using the Command-Line InterfaceCommand Prompts Set port enable disable port-list Set enablepassClear interface vlan-idip Clear fdb dynamic port port-list vlan vlan-idMAC Address Notation MAC Address Wildcards Port Lists Command-Line Editing Using CLI Help WSS# show ip ? WSS# show i?WSS# show ip telnet Set ap port-list ap-numname nameUsing the Command-Line Interface NN47250-100 Version Disable Access CommandsEnable See Also enable onSyntax set enablepass Set enablepassWSS# set enablepass Enter old password old-password QuitDisable on Enable on Access Commands NN47250-100 Version Port Type Set port type ap on Set ap on Port CommandsClear port type on Clear ap onClear port counters Clear apClear port media-type Clear port-groupClear port name Clear port mirrorConfiguration from all the specified ports Network Port DefaultsClear port type Syntax clear port type port-listSet port type ap on Set port type wired-auth on Monitor port countersWSS# clear port type WSS# monitor port counters Key Controls for Monitor Port Counters DisplayOutput for monitor port counters Displayed for All OptionsOctets Number of packets received that were 64 bytes long Syntax reset port port-list Reset portWSS# reset port See Also show port counters onSee Also set port on Set ap2380-1 to 2382-1 to2360/61-1 to 2350-1 toSee Also reset port on Set portSet port-group Mode on off WSS# set port-group name server1 1-5 mode onSet port media-type Syntax set port-group name group-nameport-listmode on offSyntax set port media-type port-listrj45 Set port mirror2380# set port media-type 2 rj45 Syntax set port mirror source-portobserver observer-portSet port name WSS# set port 17 name adminpoolWSS# set port 1 observer Syntax set port port name nameSet port poe Set port negotiationWSS# set port poe 7,9 enable WSS# set port poe 7,9 disableSet port speed Syntax set port speed port-list10 100 1000 autoWSS# set port trap 17-18 enable Syntax set port trap port-listenable disableSet port trap Set port type apPort-list List of physical portsRadiotype 11a 11b 11g Radio type Version New values for model option added AP Access Port DefaultsWSS# set port type ap 2 model 2330 poe enable Set port type wired-authWSS# set port type ap 4-6 model 2330 poe enable WSS# set ap 1 radio 1 antennatypeLast-resort Wired Authentication Port DefaultsNone Web-portalShow port counters WSS# set port type wired-authClear port type on Set port type ap on Port port-listOutput for show port-group Show port-groupWSS show port counters octets port Syntax show port-group name group-nameRJ45-The RJ-45 copper interface is enabled GBIC-The Gbic fiber interface is enabledShow port media-type Output for show port media-typeShow port poe Show port mirrorSee Also set port poe on Output for show port poeOutput for show port status Show port statusSyntax show port status port-list WSS# show port statusDown-The port is disabled Up-The port is enabledWa-Wired authentication port No connector-GBIC slot is emptySystem Services Commands Clear banner motd Clear historySee Also history on Clear system Clear promptSyntax clear prompt Wildebeest# clear prompt success change accepted. WSS#WSS# clear system location HelpHelp NoneHistory Set auto-configQuickstart See Also clear history onSyntax set auto-config enable disable WSS# save config WSS# set auto-config enable success change acceptedSet banner motd 2360# set vlan 1 port 7 success change acceptedSet length Set confirmSyntax set length number-of-lines Set licenseWSS# set length Syntax set license activation-keySet system contact Set promptSee Also show licenses on Syntax set prompt string23x0#set system contact tamara@example.com Set system countrycodeSyntax set system countrycode code 23x0#set system country code CASee Also show config on Set system idle-timeoutSyntax set system idle-timeout seconds WSS# set system idle-timeoutSet system location Set system ip-addressSyntax set system name string Set system nameShow licenses Show banner motdShow load See Also set license onShow system Show license commandSee Also show system on Syntax show systemShow system output Show tech-support System Services Commands System Services Commands NN47250-100 Version Vlan Commands WSS# clear fdb static vlan blue Clear fdbWSS# clear fdb dynamic WSS# clear fdb port 3,5Clear security l2-restrict counters Clear security l2-restrictSyntax clear security l2-restrict counters vlan vlan-idall AllWSS# clear security l2-restrict counters vlan abcair Clear vlanSyntax clear vlan vlan-id port port-list tag tag-value Vlan-id Port port-listSet fdb Set vlan port on Show vlan config onWSS# clear vlan green port WSS# clear vlan red port 4 tagSet fdb agingtime Set security l2-restrictSee Also show fdb agingtime on Set vlan name Enable disableSyntax set vlan vlan-numname name ModeSee Also set vlan port on Set vlan portWSS# set vlan 3 name marigold Syntax set vlan vlan-id port port-list tag tag-valueShow fdb Set vlan tunnel-affinityWSS# set vlan beige port 16 tag Syntax set vlan vlan-idtunnel-affinity numWSS# show fdb WSS# show fdb allOutput for show fdb Show fdb agingtimeSyntax show fdb agingtime vlan vlan-id WSS# show fdb agingtimeShow roaming station Show fdb countSee Also set fdb agingtime on See Also show fdb onShow roaming vlan Output for show roaming stationSee Also show roaming vlan on WSS# show roaming vlan Syntax show roaming vlanShow security l2-restrict Show roaming station on Show vlan config onOutput for show roaming vlan Syntax show security l2-restrict vlan vlan-idallDisabled. Layer 2 forwarding is not restricted Enabled. Forwarding of Layer 2 traffic from clients isShow tunnel Output for show security l2-restrictSee Also show vlan config on Show vlan configSyntax show vlan config vlan-id Output for show tunnelOutput for show vlan config See Also Vlan Commands NN47250-100 Version Clear qos Quality of Service CommandsWSS# clear qos Set qos cos-to-dscp-mapWSS# clear qos dscp-to-qos-map Syntax set qos cos-to-dscp-map level dscp dscp-valueShow qos Set qos dscp-to-cos-mapShow qos dscp-table See Also show qos dscp-table onSee Also show qos on IP Services Commands Set ntp on Set ntp update-interval onSet ntp server on Show ntp onClear interface Syntax clear interface vlan-idipWSS# clear interface mauve ip Clear ip dns domain Clear ip aliasClear ip route Clear ip dns serverSyntax clear ip dns server ip-addr WSS# clear ip dns serverClear ntp server Clear ip telnetSyntax clear ip telnet WSS# clear ip telnet success change acceptedSyntax clear ntp update-interval Clear ntp update-intervalWSS# clear ntp update-interval success change accepted Clear snmp communityClear snmp notify target Clear snmp notify profileSyntax clear snmp notify profile profile-name Syntax clear snmp notify target target-numClear summertime Clear snmp usmClear timezone Clear system ip-addressPing Host Count num-packetsCount-5 See Also traceroute on Set arpWSS# ping Syntax set arp permanent static dynamic ip-addrmac-addrSet interface Set arp agingtimeSyntax set arp agingtime seconds WSS# set arp agingtimeSyntax set interface vlan-idip dhcp-client enable disable WSS# set interface default ip 10.10.10.10/24Enables the Dhcp client on the Vlan Set interface dhcp-clientDefault-router ip-addr WSS# set interface corpvlan ip dhcp-client enableSet interface dhcp-server Clear interface on Show dhcp-client on Show interface onSet interface status Default-routerDns-domain Primary-dns and secondary-dnsSet ip alias Syntax set ip dns enable disableSet ip dns Syntax set ip alias name ip-addrSet ip dns domain WSS# set ip dns enableSyntax set ip dns domain name WSS# set ip dns domain example.comSyntax set ip dns server ip-addrprimary secondary Set ip dns serverPrimary SecondaryWSS# set ip https server enable Syntax set ip https server enable disableEnable Enables the Https server Disable Set ip https serverWSS# set ip route default 10.5.4.1 WSS# set ip route 192.168.4.0 255.255.255.0 10.5.4.2WSS# set ip route 192.168.5.0/24 10.5.5.2 WSS# set ip snmp server enable Syntax set ip snmp server enable disableSet ip snmp server Set ip sshSet ip ssh server Syntax set ip ssh server enable disableWSS# set ip ssh port Crypto generate key on Set ip ssh on Set ip ssh server onSet ip telnet Syntax set ip telnet server enable disableSet ip telnet server Syntax set ip telnet port-numSyntax set ntp enable disable WSS# set ip telnet server enableWSS# set ntp enable Enable Enables the NTP client DisableSet ntp server Set ntp update-intervalSet snmp community WSS# set snmp community name switchmgr1 notify-read-write Read-notify Notify-only Notify-read-writeWSS# set snmp community read-write goodcommunity Default profile-name Set snmp notify profileDrop send ClientAuthorizationSuccessTraps-Generated AutoTuneRadioPowerChangeTraps-GeneratedClientAuthenticationFailureTraps-Generated ApOperRadioStatusTraps-Generated whenCont RFDetectUnAuthorizedSsidTraps-Generated RFDetectSpoofedSsidAPTraps-Generated whenSee Also Show snmp notify profile on Set snmp notify target Security unsecured authenticated encryptedSNMPv3 with Informs Snmp-engine-idTimeout num Security unsecured authenticated encryptedRetries num SNMPv3 with TrapsSNMPv2c with Informs Community-string Community string Profile profile-nameSNMPv2c with Traps SNMPv1 with Traps WSS# set snmp notify target 2 10.10.40.10 v1 trapWSS# set snmp protocol all enable Syntax set snmp protocol v1 v2c usm all enable disableSet snmp protocol V2cSet snmp security Set snmp usmWSS# set snmp security encrypted Specifies a unique identifier for the Snmp Snmp-engine-id ip ip-addr local hex hexString Engine Allow get and set operations and so onSpecifies the access level of the user Auth-pass-phrase string option WSS# set snmp usm snmpmgr1 snmp-engine-id local Set summertimeStart Second , third , fourth , or last23x0# set summertime PDT success change accepted EndEnd of the time change period Mmm-month Set timedateDd-day Yyyy-yearSet timezone Syntax set timezone zone-name -hours minutes23x0# set timezone PST Output for show arp Show arpSyntax show arp ip-addr WSS# show arpShow dhcp-client WSS# show dhcp-client Output for show dhcp-clientSee Also set interface dhcp-client on Show dhcp-serverSyntax show dhcp-server interface vlan-id verbose WSS# show dhcp-serverOutput for show dhcp-server verbose Output for show dhcp-serverSee Also set interface dhcp-server on Show interfaceSyntax show interface vlan-id WSS# show interfaceOutput for show interface Show ip aliasOutput for show ip alias Show ip dnsOutput for show ip dns Syntax show ip dnsShow ip https Show ip httpsWSS show ip https Output for show ip https Show ip routeSyntax show ip route destination DestinationOutput for show ip route Show ip telnet Show ip telnetWSS show ip telnet Output for show ip telnet Show ntpSyntax show ntp WSS show ntpSynced Output for show ntpShow snmp community Show snmp countersShow snmp notify profile Show snmp status Show snmp notify targetSyntax show snmp notify target Syntax show snmp statusShow summertime Show snmp usmSyntax show summertime 23x0# show summertimeShow timezone Show timedateSyntax telnet ip-addr hostname port port-num TelnetWSS# telnet WSS-remote show vlanWSS-remote Session 0 pty tty2.d terminated tt name tty2.d TracerouteError Messages for traceroute See Also ping onWSS# traceroute server1 AAA Commands Clear accounting Syntax clear accounting admin dot1x system user-wildcardSyntax clear authentication admin user-wildcard Clear authentication adminWSS# clear accounting dot1x Nin SystemWSS# clear authentication admin Jose Clear authentication consoleSyntax clear authentication console user-wildcard WSS# clear authentication console ReginaClear authentication last-resort Clear authentication dot1xWSS# clear authentication dot1x ssid finance *@thiscorp.com WiredClear authentication proxy Clear authentication macWSS# clear authentication mac ssid thatcorp aabbcc WSS# clear authentication proxy ssid mycorpSet authentication proxy on Show aaa on Clear authentication webClear location policy Syntax clear location policy rule-numberClear mac-user attr Clear mac-userWSS# clear location policy Syntax clear mac-user mac-addrSyntax clear mac-usermac-addr attr attribute-name Clear mac-user groupWSS# clear mac-user 010203040506 attr filter-id Syntax clear mac-user mac-addrgroupClear mac-usergroup attr Clear mac-usergroupSyntax clear mac-usergroup group-name WSS# clear mac-usergroup eastcoastersClear user Clear mobility-profileClear user attr WSS# clear user Hosni attr session-timeoutWSS# clear user Nin Syntax clear user username attr attribute-nameClear usergroup Clear user groupClear usergroup attr Set accounting admin consoleSyntax clear usergroup group-name attr attribute-name WSS# clear usergroup cardiology attr time-of-daySet accounting dot1x mac web last-resort WSS# set accounting admin Natasha start-stop localStart-stop Stop-only Method1 Method2 Method3 Method4Mac Method1 method2 method3 method4Web Ssid ssid-nameSet accounting system WSS# set accounting dot1x Nin stop-only sg2WSS# set accounting system shorebirds For more information, see Usage Set authentication adminWSS# set authentication admin Jose sg3 Set authentication consoleUser-wildcard Method1 Method2 Method3 Method4 WSS# set authentication console * none Set authentication dot1xAlready been authenticated Or a period .. For details, see User Wildcards onBonded Protocol Method1 Method2 Method3 Method4 Sg1 sg2 sg3 success change accepted Set authentication mac Set authentication last-resortSet service-profileauth-fallthru on Show aaa on WiredWSS# set authentication ssid mycorp2 mac ** local Set authentication proxyWSS# set authentication proxy ssid mycorp ** srvrgrp1 Set authentication webWSS# set authentication web ssid ourcorp rnd* local Deny Set location policyPermit Optionally, you can add the suffix .out to the nameClear location policy rule-numbercommand Show location policy commandEq-Applies the location policy rule to all usernames Neq-Applies the location policy rule to all usernamesWSS# set location policy deny if user eq *.theirfirm.com Set mac-userWSS# set location policy permit vlan floor2 if port 3-7,12 Clear location policy on Show location policy onSyntax set mac-user mac-addrgroup group-name WSS# set mac-user 010203040506 group eastcoastersClear mac-user on Show aaa on Syntax set mac-usermac-addr attr attribute-name value Set mac-user attrAuthentication Attributes for Local Users Encryption-typeEnd-date Filter-id Mobility-profileMobility-profile on Session-timeout Service-typeBy the set dot1x reauth-period command is Ssid1600,th1000-1600 Time-of-dayDay wk0900-1700,sa2200-0200 With start-date,end-date, or bothWSS# set mac-user 010203040506 attr filter-id acl-03.in $u-Username $v-VLAN $s-SSID $p-Service profile nameUrl Vlan-nameSet mac-usergroup attr For a list of authorization attributes, see onWSS# set mac-usergroup eastcoasters attr vlan-name orange Clear mac-user attr on Show aaa onOr wired authentication port on the WSS Ports and wired authentication port on the WSSSet mobility-profile Syntax set mobility-profile mode enable disable Set mobility-profile modeWSS# set mobility-profile mode enable WSS# set mobility-profile name magnolia portWSS# set user Nin password goody Syntax set user username password encrypted stringWSS# set user admin password chey3nne Set userSet user attr WSS# set user Nin password 29Jan04WSS# set user Tamara attr vlan-name orange WSS# set user Tamara attr mobility-profile tulipSet usergroup Set user groupSyntax set user username group group-name WSS# set user Hosni group cardiologySet web-portal Syntax set web-portal enable disableSyntax set usergroup group-name attr attribute-name value Clear usergroup on Clear usergroup attr on Show aaa onShow aaa User Nin Show aaa OutputUP operating Show accounting statisticsWSS# show accounting statistics Syntax show accounting statisticsShow accounting statistics Output Radius serverLocal WSS database Show mobility-profile Show location policyAAA Commands NN47250-100 Version Clear domain security Mobility Domain CommandsSyntax clear domain security 23x0# clear domain securityClear mobility-domain member Clear mobility-domainSet domain security See Also set mobility-domain member onSyntax set domain security none required Set mobility-domain memberWSS# set domain security required Syntax set mobility-domain member ip-addrkey hex-bytesSet mobility-domain mode member secondary-seed- ip Set mobility-domain mode member seed-ipClear mobility-domain on Show mobility-domain config on WSS# set mobility-domain memberSet mobility-domain mode seed domain-name WSS# set mobility-domain mode member secondary-seed-ipClear mobility-domain member on Show mobility-domain on Syntax show mobility-domain config Show mobility-domain configWSS# show mobility-domain config Show mobility-domainShow mobility-domain Output Syntax show mobility-domainWSS# show mobility-domain Mobility Domain Commands NN47250-100 Version Clear network-domain Network Domain CommandsSyntax clear network-domain 23x0# clear network-domainSyntax clear network-domain mode seed member Clear network-domain modeClear network-domain peer Syntax clear network-domain peer ip-addrallSee Also set network-domain mode member seed-ip on Set network-domain mode member seed-ipClear network-domain seed-ip See Also set network-domain peer onSet network-domain peer WSS# set network-domain mode member seed-ipSyntax set network-domain peer ip-addr Clear network-domain on Show network-domain onWSS# set network-domain mode seed domain-name California Set network-domain mode seed domain-nameSet network domain peer command Show network-domainSyntax show network-domain Show network-domain OutputWSS# show network-domain Output if WSS is the Network Domain seedOutput if WSS is a Network Domain member Network Domain Commands NN47250-100 Version Set ap radio mode on AP CommandsSet ap upgrade-firmware on Set ap radio radio-profile onSet service-profileauth-psk on Set service-profileweb-portal-acl onSet service-profilewpa-ie on Set service-profilersn-ie onSet service-profile cipher-wep40 on Set service-profile cipher-wep104 onSet service-profile psk-phrase on Set service-profile psk-raw onSet radio-profileauto-tunepower-interval on Set radio-profileauto-tunepower-config onSet radio-profileauto-tunepower-lockdown on Set ap radio auto-tunemax-power onSyntax clear ap ap-numberimage Clear ap imageSyntax clear ap ap-numberlocal-switching vlan-profile Clear ap local-switching vlan-profileWSS# clear ap 7 local-switching vlan-profile See Also set ap image onRadio-Specific Parameters Clear ap radioSyntax clear ap port-listap ap-numradio 1 2 all Radio802.11a-Lowest valid 802.11b/g-6Channel number for Country of operation Option dap removed for APSyntax clear ap boot-configuration ap-num Clear ap boot-configurationWSS# clear ap 1 boot-configuration Clear ap radio load-balancing groupClear radio-profile Long-retry Clear service-profileShort-retry Countermeasures parameter addedSoda remediation-acl Soda failure-pageSoda success-page Soda logout-pageSet ap auto Reset apOption force-image-download added Option radio num auto-tune min-client-rateWSS# set ap auto Configurable Profile Parameters for APsSyntax set ap auto mode enable disable Set ap auto modeWSS# set ap auto mode enable Set ap auto persistent11a-802.11a Set ap auto radiotypeSyntax set ap auto persistent ap-numall WSS# set ap auto persistent 10 success change acceptedSet ap bias WSS# set ap auto radiotype 11bSyntax set ap port-listap ap-numauto bias high low Syntax set ap port-list ap ap-num auto blink enable disable See Also show ap config onSet ap blink WSS# set ap 1 bias lowWSS# set ap 3-4 blink enable Set ap boot-configuration ipMode enable disable Enables or disables the static IP address for the APSet ap boot-configuration mesh mode Set ap boot-configuration mesh psk-phraseWSS# set ap 7 boot-configuration mesh mode enable Syntax set ap ap-numberboot-configuration mesh psk-raw hex Set ap boot-configuration mesh psk-rawWSS# set ap 7 boot-configuration mesh ssid wlan-mesh Set ap boot-configuration mesh ssidSwitch-ip ip-addr Set ap boot-configuration switchEnables or disables use of the specified Vlan tag on the AP Set ap boot-configuration vlanVlan-tag tag-value Vlan tag value. You can specify a number fromSet ap fingerprint Set ap security on Show ap config on Show ap status onSet ap force-image-download Syntax set ap num fingerprint hexSet ap group WSS# set ap 69 force-image-download enableSyntax set ap port-list ap ap-num auto group name Auto onSet ap image Show ap config on Show ap group onWSS# set ap 1,4,7 group loadbalance1 WSS# set ap 4 group noneSet ap local-switching vlan-profile Set ap local-switching modeSyntax set ap ap-numberlocal-switching mode enable disable WSS# set ap 7 local-switching mode enableWSS# set ap 7 local-switching vlan-profile locals Set ap nameSyntax set ap port-list ap ap-numname name WSS# set ap 1 name techpubs Set ap radio antenna-locationWSS# set ap 22 radio 1 antenna-location outdoor IndoorsSee Also set ap radio antennatype on Set ap radio antennatypeAp port-list Ap ap-num radio 1 radio Set ap radio auto-tune max-power Set ap radio auto-tune max-retransmissions WSS# set ap 7 radio 1 auto-tune max-powerSet ap radio auto-tune min-client-rate Deprecated in WSS Software VersionSet ap radio tx-power on Show ap config on WSS# set ap 11 radio 1 channel 1 tx-powerSet ap radio channel WSS# set ap 5 radio 1 channelSet ap radio link-calibration Set ap radio min-tx-datarateSet ap radio load-balancing Ap ap-numberSyntax set ap ap-numradio 1 2 load-balancing enable disable WSS# set ap 7 radio 1 load-balancing disableSet ap radio load-balancing group Set ap radio mode Syntax set ap port-listauto radio 1 2 mode enable disableWSS# set ap 7 radio 1 load-balancing group room1 WSS# set ap 1-3 radio 2 mode enable WSS# set ap 1-5 radio 1 mode enableSet ap radio radio-profile Radio-profile nameSet ap radio tx-power Set ap radio channel on Show ap config on WSS# set ap 5 radio 1 tx-powerSet ap security Syntax set ap security require optional noneWSS# set ap security none Syntax set ap port-listauto upgrade-firmware enable disable Set ap upgrade-firmwareWSS# set ap 9 upgrade-firmware disable Set ap sticky-bitSyntax set load-balancing mode enable disable Set load-balancing modeSyntax set band-preference none 11bg 11a WSS# set band-preference 11aSet load-balancing strictness WSS# set load-balancing mode disableSyntax set load-balancing strictness low med high max MaxSet radio-profile 11g-only Syntax set radio-profile name active-scan enable disableSet radio-profile active-scan WSS# set load-balancing strictness maxWSS# set radio-profile radprof3 active-scan disable Set radio-profile auto-tune channel-configSet radio-profile auth-dot1x Set radio-profile auth-pskWSS# set radio-profile rp2 auto-tune channel-config disable Set radio-profile auto-tune channel-holddownWSS# set radio-profile rp2 auto-tune channel-holddown WSS# set radio-profile rp2 auto-tune channel-interval Set radio-profile auto-tune channel-intervalSet radio-profile auto-tune power-config Set radio-profile auto-tune power-backoff-timerSet radio-profile auto-tune channel-lockdown Syntax set radio-profile name auto-tune channel-lockdownWSS# set radio-profile rp2 auto-tune power-config enable Set radio-profile auto-tune power-intervalDefaults The default power tuning interval is 300 seconds StartedWSS# set radio-profile rp2 auto-tune power-interval Set radio-profile auto-tune power-lockdownSyntax set radio-profile name auto-tune power-lockdown WSS# set radio-profile rp2 auto-tune power-lockdownWSS# set radio-profile rp2 auto-tune power-ramp-interval Set radio-profile auto-tune power-ramp-intervalSet radio-profile beacon-interval Syntax set radio-profile name beacon-interval intervalSet radio-profile cipher-ccmp Set radio-profile beaconed-ssidSet radio-profile cipher-tkip Set radio-profile cipher-wep104Set radio-profile countermeasures ConfiguredWSS# set radio-profile radprof3 countermeasures rogue RogueSet radio-profile dtim-interval Set radio-profile crypto-ssidSet radio-profile frag-threshold Syntax set radio-profile name frag-threshold thresholdWSS# set radio-profile rp1 frag-threshold Set radio-profile long-retry Set radio-profile max-rx-lifetimeSet radio-profile max-tx-lifetime Defaults for Radio Profile Parameters Set radio-profile modeSyntax set radio-profile name mode enable disable WSS# set radio-profile rp1 max-tx-lifetimeService-profile Rfid-mode DisableWmm-powersave Disable CountermeasuresWmm-powersave 11g-onlyRfid-mode Set radio-profile psk-phrase Set radio-profile preamble-lengthSet radio-profile psk-raw Syntax set radio-profile name preamble-length long shortSet radio-profile rate-enforcement Set radio-profile qos-modeSyntax set radio-profile name qos-mode svp wmm WSS# set radio-profile rp1 qos-mode svpEnables data rate enforcement for the radios in the radio Disables data rate enforcement for the radios in the radioSet radio-profile rfid-mode WSS# set radio-profile rfid-mode enable Syntax set radio-profile name rfid-mode enable disableSet radio-profile rts-threshold Syntax set radio-profile name rts-threshold thresholdSet radio-profile service-profile Defaults for Service Profile ParametersSyntax set radio-profile name service-profile name Cipher-tkip Enable Cipher-ccmp DisableCipher-wep104 Disable Cipher-wep40 DisableProxy-arp Disable No-broadcast DisableRsn-ie Disable Shared-key-auth DisableAuto 12.0,24.02.0 2.0,5.5,11.0Timeout Portal-acl settingWpa-ie Disable Web-portal-acl PortalaclWSS# set radio-profile rp2 service-profile wpaclients Set radio-profile short-retry Set radio-profile shared-key-authSet radio-profile tkip-mc-time Set radio-profile wep active-multicast-indexSyntax set radio-profile name wmm-powersave enable disable Set radio-profile wmm-powersaveWSS# set radio-profile rp1 wmm-powersave enable See set service-profilewpa-ie onSet service-profile attr Syntax set service-profile name attr attribute-name valueWSS# set service-prof sp2 attr vlan-name blue WSS# set service-prof sp2 attr mobility-profile tulip Set service-profile auth-dot1xSyntax set service-profile name auth-dot1x enable disable WSS# set service-profile wpaclients auth-dot1x disableSet service-profile auth-fallthru Last-resortWeb-portal WSS# set service-profile rndlab auth-fallthru web-portal Set service-profile auth-pskSyntax set service-profile name auth-psk enable disable WSS# set service-profile wpaclients auth-psk enableSet service-profile bridging Set service-profile beaconSyntax set service-profile name beacon enable disable Mesh-service-profile Mesh service profileSyntax set service-profile name cac-mode none session Set service-profile cac-modeWSS# set service-profile sp1 cac-mode session Set service-profilecac-session on Show service-profile onSet service-profile cipher-ccmp Set service-profile cac-sessionSyntax set service-profile name cac-session max-sessions WSS# set service-profile sp1 cac-sessionWSS# set service-profile sp2 cipher-ccmp enable Set service-profile cipher-tkipSyntax set service-profile name cipher-tkip enable disable WSS# set service-profile sp2 cipher-tkip disableSet service-profile cipher-wep104 WSS# set service-profile sp2 cipher-wep104 enableEnables 104-bit WEP encryption for WPA clients Set service-profile cos Set service-profile cipher-wep40Syntax set service-profile name cipher-wep40 enable disable WSS# set service-profile sp2 cipher-wep40 enableSyntax set service-profile name cos level Set service-profile dhcp-restrictWSS# set service-profile sp1 cos WSS# set service-profile sp1 dhcp-restrict enableSet service-profile keep-initial-vlan Set service-profile idle-client-probingWSS# set service-profile sp1 idle-client-probing disable Enables keepalivesSet service-profile load-balancing-exempt See Also show service-profile onWSS# set service-profile sp3 keep-initial-vlan enable WSS# set service-profile sp3 load-balancing-exempt enable Set service-profile long-retry-countSyntax set service-profile name long-retry-count threshold WSS# set service-profile sp1 long-retry-countSet service-profile no-broadcast Set service-profile meshSyntax set service-profile name mesh mode enable disable Enables mesh services for the service profileSyntax set service-profile name no-broadcast enable disable Set service-profile proxy-arpWSS# set service-profile sp1 no-broadcast enable Syntax set service-profile name proxy-arp enable disableSet service-profile psk-phrase WSS# set service-profile sp1 proxy-arp enableSyntax set service-profile name psk-phrase passphrase Set service-profile psk-raw Set service-profile rsn-ieSyntax set service-profile name psk-raw hex Set service-profile shared-key-auth Syntax set service-profile name rsn-ie enable disableWSS# set service-profile sprsn rsn-ie enable WSS# set service-profile sp4 shared-key-auth enable Set service-profile short-retry-countSyntax set service-profile name short-retry-count threshold WSS# set service-profile sp1 short-retry-countSet service-profile soda agent-directory Set service-profile soda enforce-checksNetwork WSS# set service-profile sp1 enforce-checks disable Set service-profile soda failure-pageSyntax set service-profile name soda failure-page Set service-profile soda mode on Show service-profile onSyntax set service-profile name soda logout-page Set service-profile soda logout-pageWSS# set service-profile sp1 soda logout-page logout.html Set service-profile soda modeSyntax set service-profile name soda mode enable disable WSS# set service-profile sp1 soda mode enableSet service-profile soda remediation-acl Set service-profile soda success-pageSyntax set service-profile name soda success-page Set service-profile ssid-name WSS# set service-profile sp1 soda success-page success.htmlSyntax set service-profile name ssid-name ssid-name Set service-profile static-cos Set service-profile ssid-typeWSS# set service-profile clearwlan ssid-name guest Syntax set service-profile name ssid-type clear cryptoSyntax set service-profile name static-cos enable disable Set service-profile tkip-mc-timeWSS# set service-profile sp1 static-cos enable Syntax set service-profile name tkip-mc-time wait-timeSet service-profile transmit-rates WSS# set service-profile sp3 tkip-mc-time11g-1.0, 2.0, 5.5, 6.0, 9.0, 11.0, 12.0, 18.0 Beacon-rate rate Multicast-rateBeacon-rate Set service-profile web-portal-acl Set service-profile user-idle-timeoutSyntax set service-profile name user-idle-timeout seconds WSS# set service-profile sp1 user-idle-timeoutSyntax set service-profile name web-portal-acl aclname Set service-profile web-portal-formWSS# set service-profile sp3 web-portal-acl creditsrvr Syntax set service-profile name web-portal-form urlWSS# dir corpa WSS# mkdir corpaSet service-profile web-portal-logout logout-url Set service-profile web-portal-logoutSet service-profile web-portal-session-timeout WSS# set service-profile sp1 web-portal-logout mode enableWSS# set service-profile sp1 web-portal-session-timeout Set service-profile wep active-multicast-indexSet service-profile wep active-unicast-index WSS# set service-profile sp2 wep active-multicast-indexWSS# set service-profile sp2 wep active-unicast-index Set service-profile wpa-ie Set service-profile wep key-indexSyntax set service-profile name wep key-index num key value WSS# set service-profile sp2 wep key-index 1 key aabbccddeeShow ap arp WSS# set service-profile sp2 wpa-ie enableSyntax show ap arp ap-number WSS# show ap arpSyntax show ap config port-listradio 1 Show ap configSet ap local-switching mode on Set vlan-profile Output for show ap arpWSS# show ap config Output for show ap config 802.11a 802.11b802.11g Show ap counters Show ap unconfigured on Show radio-profile onSyntax show ap counters port-listradio 1 WSS# show ap countersOutput for show ap counters Use the show sessions network session-id session-idcommand Output for show ap counters See Also show sessions network on Show ap dual-homeOutput for show ap fdb Show ap fdbSyntax show ap fdb ap-number WSS# show ap fdbShow ap qos-stats WSS# show ap qos-statsClears the counters after displaying their current values Output for show ap qos-stats Show ap etherstatsSyntax show ap etherstats port-listap-num WSS# show ap etherstatsOutput for show ap etherstats Show ap mesh-links Show ap groupSyntax show ap mesh-links ap-number WSS# show ap mesh-linksOutput for show ap mesh-links Show ap statusSyntax show ap status terse port-listall radio 1 TerseConfigured antenna model number Radio state information, to indicate when anPower settings that are configured by RF Auto TuningWSS# show ap status terse Output for show ap status Booting-The AP has asked the WSS for a boot But has not yet begun bootingImage downloading-The AP is receiving a boot Image downloaded-The AP has received a bootHas received configuration parameters for Configure succeed state indicates that the APProtection mode remains in effect until Sweep Mode indicates that a disabled radio isAntenna is configured on the radio but no But no external antenna is configured onIndicates that an external antenna was detected RadioOutput for show ap status terse and show ap status terse Show ap vlanOutput for show ap vlan Set vlan-profile Set ap local-switching mode onSyntax show ap vlan ap-number WSS# show ap vlanOutput for show auto-tune attributes Show auto-tune attributesSyntax show auto-tune attributes ap ap-numradio 1 2all WSS# show auto-tune attributes ap 2 radioSet radio-profileauto-tunepower-backoff-timer on Show auto-tune neighborsSyntax show auto-tune neighbors ap ap-numradio 1 2all Rssi Output for show auto-tune neighborsOutput for show ap boot-configuration Show ap boot-configurationSyntax show ap boot-configuration ap-num WSS# show ap boot-configurationSyntax show ap connection ap-numserial-id serial-ID Show ap connectionConnection Serial-id serial-IDOutput for show ap connection Show ap config on Show ap global on Show ap unconfigured onWSS# show ap connection Total number of entries WSS# show ap connection serial-idOutput for show ap global Show ap globalSyntax show ap global ap-numserial-id serial-ID WSS# show ap globalShow ap unconfigured Syntax show ap unconfiguredWSS# show ap unconfigured This WSS switch as a member Output for show ap unconfiguredShow load-balancing group Show ap connection on Show ap global onOutput for show load-balancing group Show radio-profileWSS# show load-balancing group blue Syntax show radio-profile name ?WSS# show radio-profile default Output for show radio-profile Priority handling for WMM devices Wmm-AP forwarding queues provide standardSvp-AP forwarding queues are optimized for SpectraLink Voice Priority SVPSyntax show service-profile name ? Show service-profileProfile output Crypto-Wireless traffic for the Ssid is Output for show service-profileClear-Wireless traffic for the Ssid is UnencryptedAllows access to the Ssid requested by Last-resort-Automatically authenticates the userUser, without requiring a username and password None-Denies authentication and prohibitsNone-The key is not configured None-CAC is disabledPreset-The key is configured Session-CAC is based on the number of activeAuthentication-Lists the authentication methods Radios in the radio profile mapped to this service802.1X-dynamic authentication PSK-preshared key authenticationFieldDescription AP Commands AP Commands NN47250-100 Version STP Commands Set spantree uplinkfast onShow spantree uplinkfast on Clear spantree portpri Clear spantree portcostResets the cost for all VLANs Clear spantree portvlancostClear spantree portvlanpri Syntax clear spantree portvlanpri port-listall vlan vlan-id Clear spantree statisticsSyntax clear spantree statistics port-listvlan vlan-id WSS# clear spantree statistics 5,11,19-22Set spantree backbonefast Set spantreeSee Also show spantree statistics on See Also show spantree onSet spantree fwddelay Set spantree helloSee Also show spantree backbonefast on Set spantree portcost Set spantree maxageSyntax set spantree portfast port port-listenable disable Snmp Port Path Cost DefaultsSet spantree portfast WSS# set spantree portcost 3,4 costSet spantree portpri Set spantree portvlancostSee Also show spantree portfast on WSS# set spantree portvlancost 3,4 cost 20 vlan mauve Set spantree portvlanpriCost cost All Priority value AllSet spantree uplinkfast Set spantree priorityWSS# show spantree vlan default WSS# set spantree uplinkfast enableShow spantree See Also show spantree uplinkfast onBridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Output for show spantree Show spantree backbonefast See Also show spantree blockedports onSyntax show spantree backbonefast Show spantree blockedports WSS# show spantree blockedports vlan defaultSee Also set spantree backbonefast on WSS# show spantree backbonefastSyntax show spantree portfast port-list Show spantree portfastWSS# show spantree portfast Uplink fast convergence information for all portsOutput for show spantree portfast Show spantree portvlancostSee Also set spantree portfast on Syntax show spantree portvlancost port-listSyntax show spantree statistics port-listvlan vlan-id Show spantree statisticsWSS# show spantree statistics Statistics for all portsInactive Output for show spantree statistics Output for show spantree statistics Output for show spantree statistics Output for show spantree uplinkfast Show spantree uplinkfastSee Also clear spantree statistics on Syntax show spantree uplinkfast vlan vlan-idSee Also set spantree uplinkfast on STP Commands NN47250-100 Version Clear igmp statistics Igmp Snooping CommandsSyntax clear igmp statistics vlan vlan-id Statistics Show igmp statistics on Clear igmp statistics onSet igmp lmqi Set igmpSee Also show igmp statistics on See Also show igmp onSet igmp mrouter Set igmp mrsolSee Also show igmp mrouter on Set igmp oqi Set igmp mrsol mrsiSee Also set igmp mrsol mrsi on See Also set igmp mrsol onSet igmp proxy-report Syntax set igmp proxy-report enable disable vlan vlan-idWSS# set igmp oqi 200 vlan orange Vlan vlan-idSet igmp qi WSS# set igmp proxy-report disable vlan orangeSet igmp qri Syntax set igmp qi seconds vlan vlan-idSet igmp querier Syntax set igmp querier enable disable vlan vlan-idSyntax set igmp qri tenth-seconds vlan vlan-id WSS# set igmp qri 50 vlan orangeSet igmp rv Set igmp receiverSee Also show igmp querier on See Also show igmp receiver-table onWSS# set igmp rv 4 vlan orange Show igmpSyntax show igmp vlan vlan-id WSS# show igmp vlan orangeDvmrp PIM Output for show igmpAdministrator Conf Static multicast port configured by anMadv-Multicast advertisement Quer-IGMP queryShow igmp mrouter Syntax show igmp mrouter vlan vlan-idWSS# show igmp mrouter vlan orange Output for show igmp mrouter Show igmp querierSyntax show igmp querier vlan vlan-id Set igmp mrouter on Show igmp mrouter onWSS# show igmp querier vlan orange Show igmp receiver-table WSS# show igmp querier vlan defaultOutput for show igmp querier See Also set igmp querier onWSS# show igmp receiver-table group 237.255.255.0/24 WSS# show igmp receiver-table vlan orangeWSS Software displays the multicast receivers on all VLANsOutput for show igmp receiver-table Show igmp statisticsSee Also set igmp receiver on Syntax show igmp statistics vlan vlan-idOutput for show igmp statistics See Also clear igmp statistics on Igmp Snooping Commands NN47250-100 Version WSS# clear sessions admin Session Management CommandsClear sessions WSS# clear sessions consoleSee Also show sessions on Clear sessions networkWSS# clear sessions telnet client WSS# clear sessions network mac-addrShow sessions Telnet ConsoleShow sessions telnet client Output Show sessions networkSee Also clear sessions on Mac-addr mac-addrSession-id output Verbose outputWSS show sessions network mac-addr 00055d7e981a WSS show sessions networkWSS show sessions network user E WSS show sessions network verboseWSS# show sessions network session-id Show sessions network summary OutputDescription Additional show sessions network verboseSerial number and radio number of the AP IP address and port number of the WSS managing the APAmount of time the session has been on this AP AAA-VLAN is from Radius or the local databaseShow sessions network session-id Output DOT1X See Also clear sessions network on Session Management Commands NN47250-100 Version Clear security acl Security ACL CommandsSyntax clear security acl acl-name all editbuffer-index Clears all security ACLsSet security acl ip acl133 hits #1 WSS# show security acl info allSet security acl ip acl134 hits #3 Set security acl ip acl135 hits #2Clear security acl map WSS# clear security acl map acljoe port 4Out WSS# clear security acl map all Commit security aclSyntax commit security acl acl-nameall Type Class MappingRollback security acl Hit-sample-rateSee Also show security acl on Syntax rollback security acl acl-nameallSet security acl By UDP packets Any Routine precedence Minimum delayPriority precedence Immediate precedenceWSS# commit security acl all WSS# set security acl ip acl123 deny 192.168.2.11WSS set security acl map acl133 port 4 Set security acl mapWSS port or ports Tag tag-listSet security acl hit-sample-rate Configuration fileSyntax set security acl hit-sample-rate seconds Set security acl ip acl153 hits #3Show security acl dscp Show security aclWSS# show security acl hits Index Counter ACL-nameShow security acl hits Show security acl editbufferSyntax show security acl info all editbuffer WSS# show security acl editbufferSyntax show security acl hits Show security acl infoSyntax show security acl info acl-nameall editbuffer WSS# show security acl infoShow security acl map Show security acl resource-usage Show security acl resource-usage Output False-No default action type is defined True-A default action types is definedTrue-Security ACLs are mapped False-No security ACLs are mappedFalse-No security ACLs are mapped to incoming True-Security ACLs are mapped to incoming trafficCryptography Commands Eap Crypto ca-certificatePEM-formatted CertificateWSS# crypto certificate admin Crypto certificateSee Also show crypto ca-certificate on Crypto generate request on Crypto generate self-signed on Crypto generate keyDomain SshSyntax crypto generate request admin eap web WSS# crypto generate key adminCrypto generate request See Also show crypto key ssh onEmail Address admin@example.com WSS# crypto generate request adminWebaaa option renamed to web Maximum string length for State Name increasedSyntax crypto generate self-signed admin eap web Crypto generate self-signedCrypto certificate on Crypto generate key on WSS# crypto generate self-signed admin Syntax crypto otp admin eap web one-time-passwordCrypto otp Crypto pkcs12 Syntax crypto pkcs12 admin eap web file-location-urlSee Also crypto pkcs12 on WSS# crypto generate otp eap hap9iN#ssWSS# copy tftp//192.168.253.1/2048full.p12 2048full.p12 See Also crypto otp onWSS# crypto otp eap hap9iN#ss WSS# crypto pkcs12 eap 2048full.p12Show crypto ca-certificate Syntax show crypto ca-certificate admin eap webShow crypto ca-certificate Output WSS# show crypto ca-certificateShow crypto certificate Syntax show crypto certificate admin eap webCrypto certificate Output WSS# show crypto certificate eapShow crypto key domain Show crypto key sshSee Also crypto generate key on Cryptography Commands NN47250-100 Version Syntax clear radius deadtime key retransmit timeout Radius and Server Groups CommandsClear radius Clear server group onClear radius client system-ip Clear radius proxy port Clear radius proxy clientSee Also set radius proxy client on See Also set radius proxy port onClear server group Clear radius serverSee Also set server group on Set radiusSet radius client system-ip Set radius proxy port Set radius proxy clientSyntax set radius proxy client address ip-address WSS# set radius proxy client address 10.20.20.9 key radkey1Set radius server WSS# set radius proxy port 3-4 tag 104 ssid mycorpSsid ssid-name Ssid supported by the third-party AP Encrypted-key-No key Author-password-nortel Members server Set server group23x0# set server group shorebirds load-balance disable 23x0# set server group shorebirds load-balance enableSet server group load-balance Group-name Server group name of up to 32 charactersRadius and Server Groups Commands NN47250-100 Version 802.1X Management Commands Clear dot1x max-req Clear dot1x bonded-periodSyntax clear dot1x max-req WSS# clear dot1x bonded-periodClear dot1x port-control Clear dot1x quiet-periodClear dot1x reauth-max Clear dot1x reauth-period Clear dot1x timeout auth-serverClear dot1x tx-period Clear dot1x timeout supplicantWSS# set dot1x authcontrol enable Syntax set dot1x authcontrol enable disableSet dot1x authcontrol Set dot1x bonded-periodSet dot1x key-tx Set dot1x max-reqSee Also show dot1x on Set dot1x port-control WSS# set dot1x max-reqWSS# set dot1x port-control forceauth Set dot1x reauth Set dot1x quiet-periodSet dot1x reauth-period Set dot1x reauth-maxSet dot1x timeout supplicant Set dot1x timeout auth-serverSet dot1x tx-period Syntax set dot1X wep-rekey enable disableSet dot1x wep-rekey Syntax set dot1x tx-period secondsShow dot1x Set dot1x wep-rekey-periodWSS# show dot1x clients WSS# show dot1x configWSS # show dot1x stats Show dot1x stats Output520 802.1X Management Commands Rogue Information Show rfdetect clients on RF Detection CommandsShow rfdetect data on Show rfdetect visible onClear rfdetect black-list Clear rfdetect attack-listSyntax clear rfdetect attack-list mac-addr Syntax clear rfdetect black-list mac-addrClear rfdetect ssid-list Clear rfdetect ignoreSet rfdetect attack-list Clear rfdetect vendor-listSyntax clear rfdetect vendor-list client ap mac-addrall WSS# clear rfdetect vendor-list client aabbcc000000Set rfdetect ignore Set rfdetect black-list23x0# set rfdetect log enable Syntax set rfdetect log enable disableSet rfdetect log 23x0# set rfdetect ignore aabbcc112233Set rfdetect signature Set rfdetect ssid-listSee Also show log buffer on WSS# set rfdetect ssid-list mycorp Set rfdetect vendor-listSyntax set rfdetect vendor-list client ap mac-addr WSS# set rfdetect vendor-list client aabbcc000000Show rfdetect black-list Show rfdetect attack-listShow rfdetect clients Output Show rfdetect clientsSyntax show rfdetect clients mac mac-addr WSS# show rfdetect clients mac 000c4163fd6dShow rfdetect clients mac Output Show rfdetect countermeasures Syntax show rfdetect countermeasuresWSS# show rfdetect countermeasures Show rfdetect countermeasures Output Show rfdetect countersSee Also set radio-profile countermeasures on Syntax show rfdetect countersSyntax show rfdetect data Show rfdetect dataShow rfdetect data Output Show rfdetect mobility-domain Show rfdetect ignoreSyntax show rfdetect ignore WSS# show rfdetect ignore Total number of entriesVendor, Type, and Flags fields added Bssid and ssid options addedWSS# show rfdetect mobility-domain WSS# show rfdetect mobility-domain ssid nrtl-webaaaShow rfdetect mobility-domain Output Show rfdetect mobility-domain ssid or bssid Output Show rfdetect ssid-list Show rfdetect visible Show rfdetect vendor-listSyntax show rfdetect vendor-list WSS# show rfdetect vendor-listMac-addr Base MAC address of the Nortel radio Show ap status commandShows neighbor information for radio Version Vendor, Type, and Flags fields addedShow rfdetect visible Output RfpingSyntax rfping mac mac-addrsession-id session-id Show rfdetect data on Show rfdetect mobility-domain onWSS# rfping mac 000e9bbfad13 Rfping OutputBackup File Management CommandsWSS# backup system tftp/10.10.20.9/sysabak critical Syntax backup system tftp/ip-addr/filenameall criticalDir on Restore on Tftp/ip-addr / filenameClear boot backup-configuration Clear boot configCopy Source-url Syntax copy source-url destination-urlDestination-url Be one of the followingDelete WSS# copy tftp//10.1.1.107/WSS020101.020 boot1WSS020101.020WSS# copy floorwss tftp//10.1.1.1/floorwss WSS# copy tftp//10.1.1.1/closetwss closetwssWSS# delete testconfig WSS# copy testconfig tftp//10.1.1.1/testconfigSyntax dir subdirname file core boot0 boot1 DirWSS# dir WSS# dir oldWSS# dir file WSS# dir boot0 Install soda agentOutput for dir WSS# dir coreWSS# install soda agent soda.ZIP agent-directory sp1 Load configSyntax load config url Uninstall soda agent on Set service-profile soda mode onWSS# load config testconfig1 WSS# load configSyntax md5 boot0 boot1filename Save config on Show boot on Show config onMkdir Pubs# md5 boot0WSS040003.020Syntax mkdir subdirname WSS# mkdir corp2Reset system Syntax reset system forceWSS# reset system Restore Save config See Also backup onRmdir Syntax save config filename Set boot backup-configurationWSS# save config testconfig1 Syntax set boot backup-configuration filenameSet boot partition Set boot configuration-fileShow boot New fields, Configured boot version and BackupBoot configuration, added Output for show boot Syntax show config area area all Show configConfiguration area. You can specify one of the following Area areaShow version New options added for remote traffic monitoring snoopRfdevice changed to rfdetect WSS# show version details See Also show boot on Uninstall soda agentSyntax uninstall soda agent agent-directory directory WSS# uninstall soda agent agent-directory sp1Install soda agent on Set service-profile soda mode on File Management Commands NN47250-100 Version Clear log trace Trace CommandsSyntax clear log trace WSS# clear log traceSave trace Clear traceSet trace authorization Set trace authenticationWSS# set trace authentication user jose WSS# save trace traces/trace1Level 5 is the default Set trace dot1xUser-readable information. If you do not specify a level WSS# set trace sm mac-addr Set trace smShow trace Syntax show trace allWSS# show trace Clear snoop Snoop CommandsSyntax clear snoop filter-name WSS# clear snoop snoop1WSS# clear snoop map snoop2 ap 3 radio Clear snoop mapWSS# clear snoop map all Examples clear snoop map filter-nameap ap-numradio 1Set snoop Set snoop map WSS# set snoop snoop1 observer 10.10.30.2 snap-lengthExamples set snoop map filter-nameap ap-numradio 1 Enable Stop-after num-pkts Set snoop modeWSS# set snoop map snoop1 ap 3 radio Filter. See show snoop stats onShow snoop WSS# set snoop snoop1 mode enable stop-afterSyntax show snoop WSS# show snoopShow snoop map Show snoop infoShow snoop stats Clear snoop map on Set snoop map on Show snoop onExamples show snoop stats filter-nameap-numradio 1 Show snoop stats Output Snoop Commands NN47250-100 Version Clear log System Log CommandsSyntax clear log buffer server ip-addr WSS# clear log serverLogging state enabled or disabled Set logSeverity Defaults Set log mark See Also show log config on Set log trace mbytesShow log buffer Error-The WSS is missing data or is unable to Reboot or shut downProblems have occurred. These are logged for Diagnostic purposes. No action is requiredSyntax show log config Show log configWSS# show log config Show log traceError-The WSS is missing data or is unable to form Conditions are not resolved, the WSS can rebootPositive number for example, +100, displays that Number of log entries starting from the oldestWSS# show log trace +5 facility Rogue WSS# show log trace facility ?System Log Commands NN47250-100 Version Boot Prompt Commands See Also boot on AutobootSyntax autoboot on on OFF off Boot autobootBoot Boot boot FN=WSS010101.020 DEV=boot1 ChangeChange on Show on Boot on Create on Delete on Dhcp on Next on Show on Boot changeBoot create CreateChange on Delete on Next on Show on Boot dhcp Boot deleteDhcp Syntax dhcp on on OFF offBoot dir Syntax dir c d e f boot0 boot1Diag Fver on Version onBoot fver boot1 Syntax fver c d e f boot0 boot1 filenameSyntax help command-name FverSee Also ls on Boot help fverBoot next ResetNext See Also help onShow Boot resetBoot show Compact flash. Boots using nonvolatileOutput for show Storage or a flash cardPartition Nonvolatile storage area containing bootPrimary partition of the flash card in the flash Secondary partition of the flash cardEnables the poweron test flag Boot versionTest VersionDir on Fver on Numerics Command IndexNN47250-100 320658-G Version Delete 539 Command Index 282 340 Command Index Command Index MAC addresses 12 in user globs Vlan globs Command Index NN47250-100 320658-G Version Page Nortel WLAN-Security Switch 2300 Series Release

AP Commands 393

Table 24: Output for show service-profile (continued)

Field

• last-resort—Automatically authenticates the user

and allows access to the SSID requested by the

user, without requiring a username and password.

• none—Denies authentication and prohibits the

user from accessing the SSID.

• web-portal—Redirects the user to a web page for

login to the SSID.