Manuals / Nortel Networks / Computer Equipment / Switch

Nortel Networks 2300 Series manual Set security acl

Models: 2300 Series

1 622

Download 622 pages 48.74 Kb

Page 464

Image 464

464Security ACL Commands

set security acl

In the edit buffer, creates a security access control list (ACL), adds one access control entry (ACE) to a security ACL, and/or reorders ACEs in the ACL. The ACEs in an ACL filter IP packets by source IP address, a Layer 4 protocol, or IP, ICMP, TCP, or UDP packet information.

Syntax

By source address

set security acl ip acl-name{permit [cos cos] deny} {source-ip-addr mask any} [before editbuffer-indexmodify editbuffer-index] [hits]

By Layer 4 protocol

set security acl ip acl-name{permit [cos cos] deny} protocol-number{source-ip-addr mask any} {destination-ip-addr mask any} [[precedence precedence] [tos tos] [dscp codepoint]] [before editbuffer- index modify editbuffer-index] [hits]

By IP packets

set security acl ip acl-name{permit [cos cos] deny} ip {source-ip-addr mask any} {destination-ip-addr mask any} [[precedence precedence] [tos tos] [dscp codepoint]] [before editbuffer-indexmodify editbuffer-index] [hits]

By ICMP packets

set security acl ip acl-name{permit [cos cos] deny} icmp {source-ip-addr mask any} {destination-ip-addr mask any} [type icmp-type] [code icmp-code]

[[precedence precedence] [tos tos] [dscp codepoint]] [before editbuffer- index modify editbuffer-index] [hits]

By TCP packets

set security acl ip acl-name{permit [cos cos] deny}

tcp {source-ip-addr mask any [operator port [port2]]} {destination-ip-addr mask any [operator port [port2]]} [[precedence precedence] [tos tos] [dscp codepoint]] [established] [before editbuffer-index modify editbuffer-index] [hits]

NN47250-100 (Version 02.51)

Page 464

Image 464

Nortel Networks 2300 Series manual Set security acl

Contents

Page Copyright 2007-2008 Nortel Networks. All rights reserved Nortel Networks software license agreement Legal Information Exclusive Remedy Software License Agreement Page SSH Source Code Statement OpenSSL Project License Statements NN47250-100 Version How to get help Introducing the Nortel Wlan 2300 System NN47250-102 Version How to get help Getting help from the Nortel web site How to get help NN47250-100 Version Introducing the Nortel Wlan 2300 System Nortel Wlan 2300 System Documentation Configuration and Management Planning, Configuration, and DeploymentInstallation Safety and Advisory Notices Italic text Menu Name CommandBold text Using the Command-Line Interface CLI Conventions Command Prompts Set enablepass Set port enable disable port-listClear interface vlan-idip Clear fdb dynamic port port-list vlan vlan-id MAC Address Notation MAC Address Wildcards Port Lists Command-Line Editing Using CLI Help WSS# show i? WSS# show ip ?WSS# show ip telnet Set ap port-list ap-numname name Using the Command-Line Interface NN47250-100 Version Access Commands DisableEnable See Also enable on Set enablepass Syntax set enablepassWSS# set enablepass Enter old password old-password Quit Disable on Enable on Access Commands NN47250-100 Version Port Commands Port Type Set port type ap on Set ap onClear port type on Clear ap on Clear ap Clear port counters Clear port-group Clear port media-type Clear port mirror Clear port name Network Port Defaults Configuration from all the specified portsClear port type Syntax clear port type port-list WSS# clear port type Set port type ap on Set port type wired-auth onMonitor port counters Key Controls for Monitor Port Counters Display WSS# monitor port counters Octets Output for monitor port countersDisplayed for All Options Number of packets received that were 64 bytes long Reset port Syntax reset port port-listWSS# reset port See Also show port counters on Set ap See Also set port on 2382-1 to 2380-1 to2360/61-1 to 2350-1 to Set port-group See Also reset port onSet port WSS# set port-group name server1 1-5 mode on Mode on offSet port media-type Syntax set port-group name group-nameport-listmode on off Set port mirror Syntax set port media-type port-listrj452380# set port media-type 2 rj45 Syntax set port mirror source-portobserver observer-port WSS# set port 17 name adminpool Set port nameWSS# set port 1 observer Syntax set port port name name Set port negotiation Set port poe WSS# set port poe 7,9 disable WSS# set port poe 7,9 enableSet port speed Syntax set port speed port-list10 100 1000 auto Syntax set port trap port-listenable disable WSS# set port trap 17-18 enableSet port trap Set port type ap Radiotype 11a 11b 11g Radio type Port-listList of physical ports AP Access Port Defaults Version New values for model option added Set port type wired-auth WSS# set port type ap 2 model 2330 poe enableWSS# set port type ap 4-6 model 2330 poe enable WSS# set ap 1 radio 1 antennatype Wired Authentication Port Defaults Last-resortNone Web-portal WSS# set port type wired-auth Show port countersClear port type on Set port type ap on Port port-list Show port-group Output for show port-groupWSS show port counters octets port Syntax show port-group name group-name GBIC-The Gbic fiber interface is enabled RJ45-The RJ-45 copper interface is enabledShow port media-type Output for show port media-type Show port mirror Show port poe Output for show port poe See Also set port poe on Show port status Output for show port statusSyntax show port status port-list WSS# show port status Up-The port is enabled Down-The port is disabledWa-Wired authentication port No connector-GBIC slot is empty System Services Commands See Also history on Clear banner motdClear history Clear prompt Clear systemSyntax clear prompt Wildebeest# clear prompt success change accepted. WSS# Help WSS# clear system locationHelp None Set auto-config HistoryQuickstart See Also clear history on Syntax set auto-config enable disable WSS# set auto-config enable success change accepted WSS# save configSet banner motd 2360# set vlan 1 port 7 success change accepted Set confirm Set length Set license Syntax set length number-of-linesWSS# set length Syntax set license activation-key Set prompt Set system contactSee Also show licenses on Syntax set prompt string Set system countrycode 23x0#set system contact tamara@example.comSyntax set system countrycode code 23x0#set system country code CA Set system idle-timeout See Also show config onSyntax set system idle-timeout seconds WSS# set system idle-timeout Set system ip-address Set system location Set system name Syntax set system name string Show banner motd Show licensesShow load See Also set license on Show license command Show systemSee Also show system on Syntax show system Show system output Show tech-support System Services Commands System Services Commands NN47250-100 Version Vlan Commands Clear fdb WSS# clear fdb static vlan blueWSS# clear fdb dynamic WSS# clear fdb port 3,5 Clear security l2-restrict Clear security l2-restrict countersSyntax clear security l2-restrict counters vlan vlan-idall All Clear vlan WSS# clear security l2-restrict counters vlan abcairSyntax clear vlan vlan-id port port-list tag tag-value Vlan-id Port port-list Set vlan port on Show vlan config on Set fdbWSS# clear vlan green port WSS# clear vlan red port 4 tag See Also show fdb agingtime on Set fdb agingtimeSet security l2-restrict Enable disable Set vlan nameSyntax set vlan vlan-numname name Mode Set vlan port See Also set vlan port onWSS# set vlan 3 name marigold Syntax set vlan vlan-id port port-list tag tag-value Set vlan tunnel-affinity Show fdbWSS# set vlan beige port 16 tag Syntax set vlan vlan-idtunnel-affinity num WSS# show fdb all WSS# show fdb Show fdb agingtime Output for show fdbSyntax show fdb agingtime vlan vlan-id WSS# show fdb agingtime Show fdb count Show roaming stationSee Also set fdb agingtime on See Also show fdb on See Also show roaming vlan on Show roaming vlanOutput for show roaming station Syntax show roaming vlan WSS# show roaming vlan Show roaming station on Show vlan config on Show security l2-restrictOutput for show roaming vlan Syntax show security l2-restrict vlan vlan-idall Enabled. Forwarding of Layer 2 traffic from clients is Disabled. Layer 2 forwarding is not restrictedShow tunnel Output for show security l2-restrict Show vlan config See Also show vlan config onSyntax show vlan config vlan-id Output for show tunnel Output for show vlan config See Also Vlan Commands NN47250-100 Version Quality of Service Commands Clear qos Set qos cos-to-dscp-map WSS# clear qosWSS# clear qos dscp-to-qos-map Syntax set qos cos-to-dscp-map level dscp dscp-value Set qos dscp-to-cos-map Show qos See Also show qos on Show qos dscp-tableSee Also show qos dscp-table on IP Services Commands Set ntp update-interval on Set ntp onSet ntp server on Show ntp on WSS# clear interface mauve ip Clear interfaceSyntax clear interface vlan-idip Clear ip alias Clear ip dns domain Clear ip dns server Clear ip routeSyntax clear ip dns server ip-addr WSS# clear ip dns server Clear ip telnet Clear ntp serverSyntax clear ip telnet WSS# clear ip telnet success change accepted Clear ntp update-interval Syntax clear ntp update-intervalWSS# clear ntp update-interval success change accepted Clear snmp community Clear snmp notify profile Clear snmp notify targetSyntax clear snmp notify profile profile-name Syntax clear snmp notify target target-num Clear snmp usm Clear summertime Clear system ip-address Clear timezone Count-5 PingHost Count num-packets Set arp See Also traceroute onWSS# ping Syntax set arp permanent static dynamic ip-addrmac-addr Set arp agingtime Set interfaceSyntax set arp agingtime seconds WSS# set arp agingtime WSS# set interface default ip 10.10.10.10/24 Syntax set interface vlan-idip dhcp-client enable disableEnables the Dhcp client on the Vlan Set interface dhcp-client WSS# set interface corpvlan ip dhcp-client enable Default-router ip-addrSet interface dhcp-server Clear interface on Show dhcp-client on Show interface on Default-router Set interface statusDns-domain Primary-dns and secondary-dns Syntax set ip dns enable disable Set ip aliasSet ip dns Syntax set ip alias name ip-addr WSS# set ip dns enable Set ip dns domainSyntax set ip dns domain name WSS# set ip dns domain example.com Set ip dns server Syntax set ip dns server ip-addrprimary secondaryPrimary Secondary Syntax set ip https server enable disable WSS# set ip https server enableEnable Enables the Https server Disable Set ip https server WSS# set ip route 192.168.5.0/24 10.5.5.2 WSS# set ip route default 10.5.4.1WSS# set ip route 192.168.4.0 255.255.255.0 10.5.4.2 Syntax set ip snmp server enable disable WSS# set ip snmp server enableSet ip snmp server Set ip ssh Syntax set ip ssh server enable disable Set ip ssh serverWSS# set ip ssh port Crypto generate key on Set ip ssh on Set ip ssh server on Syntax set ip telnet server enable disable Set ip telnetSet ip telnet server Syntax set ip telnet port-num WSS# set ip telnet server enable Syntax set ntp enable disableWSS# set ntp enable Enable Enables the NTP client Disable Set ntp update-interval Set ntp server Set snmp community WSS# set snmp community read-write goodcommunity WSS# set snmp community name switchmgr1 notify-read-writeRead-notify Notify-only Notify-read-write Drop send Default profile-nameSet snmp notify profile AutoTuneRadioPowerChangeTraps-Generated ClientAuthorizationSuccessTraps-GeneratedClientAuthenticationFailureTraps-Generated ApOperRadioStatusTraps-Generated when Cont RFDetectSpoofedSsidAPTraps-Generated when RFDetectUnAuthorizedSsidTraps-Generated See Also Show snmp notify profile on Security unsecured authenticated encrypted Set snmp notify targetSNMPv3 with Informs Snmp-engine-id Security unsecured authenticated encrypted Timeout numRetries num SNMPv3 with Traps SNMPv2c with Traps SNMPv2c with InformsCommunity-string Community string Profile profile-name WSS# set snmp notify target 2 10.10.40.10 v1 trap SNMPv1 with Traps Syntax set snmp protocol v1 v2c usm all enable disable WSS# set snmp protocol all enableSet snmp protocol V2c WSS# set snmp security encrypted Set snmp securitySet snmp usm Snmp-engine-id ip ip-addr local hex hex Specifies a unique identifier for the SnmpString Engine Allow get and set operations and so on Specifies the access level of the user Auth-pass-phrase string option Set summertime WSS# set snmp usm snmpmgr1 snmp-engine-id localStart Second , third , fourth , or last End of the time change period 23x0# set summertime PDT success change acceptedEnd Set timedate Mmm-monthDd-day Yyyy-year 23x0# set timezone PST Set timezoneSyntax set timezone zone-name -hours minutes Show arp Output for show arpSyntax show arp ip-addr WSS# show arp Show dhcp-client Output for show dhcp-client WSS# show dhcp-client Show dhcp-server See Also set interface dhcp-client onSyntax show dhcp-server interface vlan-id verbose WSS# show dhcp-server Output for show dhcp-server Output for show dhcp-server verbose Show interface See Also set interface dhcp-server onSyntax show interface vlan-id WSS# show interface Show ip alias Output for show interface Show ip dns Output for show ip aliasOutput for show ip dns Syntax show ip dns WSS show ip https Show ip httpsShow ip https Show ip route Output for show ip httpsSyntax show ip route destination Destination Output for show ip route WSS show ip telnet Show ip telnetShow ip telnet Show ntp Output for show ip telnetSyntax show ntp WSS show ntp Output for show ntp Synced Show snmp notify profile Show snmp communityShow snmp counters Show snmp notify target Show snmp statusSyntax show snmp notify target Syntax show snmp status Show snmp usm Show summertimeSyntax show summertime 23x0# show summertime Show timedate Show timezone Telnet Syntax telnet ip-addr hostname port port-numWSS# telnet WSS-remote show vlan Traceroute WSS-remote Session 0 pty tty2.d terminated tt name tty2.d WSS# traceroute server1 Error Messages for tracerouteSee Also ping on AAA Commands Syntax clear accounting admin dot1x system user-wildcard Clear accounting Clear authentication admin Syntax clear authentication admin user-wildcardWSS# clear accounting dot1x Nin System Clear authentication console WSS# clear authentication admin JoseSyntax clear authentication console user-wildcard WSS# clear authentication console Regina Clear authentication dot1x Clear authentication last-resortWSS# clear authentication dot1x ssid finance *@thiscorp.com Wired Clear authentication mac Clear authentication proxyWSS# clear authentication mac ssid thatcorp aabbcc WSS# clear authentication proxy ssid mycorp Clear authentication web Set authentication proxy on Show aaa onClear location policy Syntax clear location policy rule-number Clear mac-user Clear mac-user attrWSS# clear location policy Syntax clear mac-user mac-addr Clear mac-user group Syntax clear mac-usermac-addr attr attribute-nameWSS# clear mac-user 010203040506 attr filter-id Syntax clear mac-user mac-addrgroup Clear mac-usergroup Clear mac-usergroup attrSyntax clear mac-usergroup group-name WSS# clear mac-usergroup eastcoasters Clear mobility-profile Clear user WSS# clear user Hosni attr session-timeout Clear user attrWSS# clear user Nin Syntax clear user username attr attribute-name Clear user group Clear usergroup Set accounting admin console Clear usergroup attrSyntax clear usergroup group-name attr attribute-name WSS# clear usergroup cardiology attr time-of-day WSS# set accounting admin Natasha start-stop local Set accounting dot1x mac web last-resortStart-stop Stop-only Method1 Method2 Method3 Method4 Method1 method2 method3 method4 MacWeb Ssid ssid-name WSS# set accounting system shorebirds Set accounting systemWSS# set accounting dot1x Nin stop-only sg2 Set authentication admin For more information, see Usage Set authentication console WSS# set authentication admin Jose sg3 User-wildcard Method1 Method2 Method3 Method4 Set authentication dot1x WSS# set authentication console * none Bonded Already been authenticatedOr a period .. For details, see User Wildcards on Protocol Method1 Method2 Method3 Method4 Sg1 sg2 sg3 success change accepted Set authentication last-resort Set authentication macSet service-profileauth-fallthru on Show aaa on Wired Set authentication proxy WSS# set authentication ssid mycorp2 mac ** local Set authentication web WSS# set authentication proxy ssid mycorp ** srvrgrp1 WSS# set authentication web ssid ourcorp rnd* local Set location policy DenyPermit Optionally, you can add the suffix .out to the name Show location policy command Clear location policy rule-numbercommandEq-Applies the location policy rule to all usernames Neq-Applies the location policy rule to all usernames Set mac-user WSS# set location policy deny if user eq *.theirfirm.comWSS# set location policy permit vlan floor2 if port 3-7,12 Clear location policy on Show location policy on Clear mac-user on Show aaa on Syntax set mac-user mac-addrgroup group-nameWSS# set mac-user 010203040506 group eastcoasters Set mac-user attr Syntax set mac-usermac-addr attr attribute-name value End-date Authentication Attributes for Local UsersEncryption-type Mobility-profile on Filter-idMobility-profile Service-type Session-timeoutBy the set dot1x reauth-period command is Ssid Time-of-day 1600,th1000-1600Day wk0900-1700,sa2200-0200 With start-date,end-date, or both $u-Username $v-VLAN $s-SSID $p-Service profile name WSS# set mac-user 010203040506 attr filter-id acl-03.inUrl Vlan-name For a list of authorization attributes, see on Set mac-usergroup attrWSS# set mac-usergroup eastcoasters attr vlan-name orange Clear mac-user attr on Show aaa on Set mobility-profile Or wired authentication port on the WSSPorts and wired authentication port on the WSS Set mobility-profile mode Syntax set mobility-profile mode enable disableWSS# set mobility-profile mode enable WSS# set mobility-profile name magnolia port Syntax set user username password encrypted string WSS# set user Nin password goodyWSS# set user admin password chey3nne Set user WSS# set user Nin password 29Jan04 Set user attrWSS# set user Tamara attr vlan-name orange WSS# set user Tamara attr mobility-profile tulip Set user group Set usergroupSyntax set user username group group-name WSS# set user Hosni group cardiology Syntax set web-portal enable disable Set web-portalSyntax set usergroup group-name attr attribute-name value Clear usergroup on Clear usergroup attr on Show aaa on Show aaa Show aaa Output User Nin Show accounting statistics UP operating Syntax show accounting statistics WSS# show accounting statistics Local WSS database Show accounting statistics OutputRadius server Show location policy Show mobility-profile AAA Commands NN47250-100 Version Mobility Domain Commands Clear domain securitySyntax clear domain security 23x0# clear domain security Clear mobility-domain Clear mobility-domain memberSet domain security See Also set mobility-domain member on Set mobility-domain member Syntax set domain security none requiredWSS# set domain security required Syntax set mobility-domain member ip-addrkey hex-bytes Set mobility-domain mode member seed-ip Set mobility-domain mode member secondary-seed- ipClear mobility-domain on Show mobility-domain config on WSS# set mobility-domain member Clear mobility-domain member on Show mobility-domain on Set mobility-domain mode seed domain-nameWSS# set mobility-domain mode member secondary-seed-ip Show mobility-domain config Syntax show mobility-domain configWSS# show mobility-domain config Show mobility-domain WSS# show mobility-domain Show mobility-domain OutputSyntax show mobility-domain Mobility Domain Commands NN47250-100 Version Network Domain Commands Clear network-domainSyntax clear network-domain 23x0# clear network-domain Clear network-domain mode Syntax clear network-domain mode seed memberClear network-domain peer Syntax clear network-domain peer ip-addrall Set network-domain mode member seed-ip See Also set network-domain mode member seed-ip onClear network-domain seed-ip See Also set network-domain peer on WSS# set network-domain mode member seed-ip Set network-domain peerSyntax set network-domain peer ip-addr Clear network-domain on Show network-domain on Set network-domain mode seed domain-name WSS# set network-domain mode seed domain-name CaliforniaSet network domain peer command Show network-domain Show network-domain Output Syntax show network-domainWSS# show network-domain Output if WSS is the Network Domain seed Output if WSS is a Network Domain member Network Domain Commands NN47250-100 Version AP Commands Set ap radio mode onSet ap upgrade-firmware on Set ap radio radio-profile on Set service-profileweb-portal-acl on Set service-profileauth-psk onSet service-profilewpa-ie on Set service-profilersn-ie on Set service-profile cipher-wep104 on Set service-profile cipher-wep40 onSet service-profile psk-phrase on Set service-profile psk-raw on Set radio-profileauto-tunepower-config on Set radio-profileauto-tunepower-interval onSet radio-profileauto-tunepower-lockdown on Set ap radio auto-tunemax-power on Clear ap image Syntax clear ap ap-numberimage Clear ap local-switching vlan-profile Syntax clear ap ap-numberlocal-switching vlan-profileWSS# clear ap 7 local-switching vlan-profile See Also set ap image on Clear ap radio Radio-Specific ParametersSyntax clear ap port-listap ap-numradio 1 2 all Radio 802.11b/g-6 802.11a-Lowest validChannel number for Country of operation Option dap removed for AP Clear ap boot-configuration Syntax clear ap boot-configuration ap-numWSS# clear ap 1 boot-configuration Clear ap radio load-balancing group Clear radio-profile Clear service-profile Long-retryShort-retry Countermeasures parameter added Soda failure-page Soda remediation-aclSoda success-page Soda logout-page Reset ap Set ap autoOption force-image-download added Option radio num auto-tune min-client-rate Configurable Profile Parameters for APs WSS# set ap auto Set ap auto mode Syntax set ap auto mode enable disableWSS# set ap auto mode enable Set ap auto persistent Set ap auto radiotype 11a-802.11aSyntax set ap auto persistent ap-numall WSS# set ap auto persistent 10 success change accepted Syntax set ap port-listap ap-numauto bias high low Set ap biasWSS# set ap auto radiotype 11b See Also show ap config on Syntax set ap port-list ap ap-num auto blink enable disableSet ap blink WSS# set ap 1 bias low Set ap boot-configuration ip WSS# set ap 3-4 blink enableMode enable disable Enables or disables the static IP address for the AP WSS# set ap 7 boot-configuration mesh mode enable Set ap boot-configuration mesh modeSet ap boot-configuration mesh psk-phrase Set ap boot-configuration mesh psk-raw Syntax set ap ap-numberboot-configuration mesh psk-raw hex Set ap boot-configuration mesh ssid WSS# set ap 7 boot-configuration mesh ssid wlan-mesh Set ap boot-configuration switch Switch-ip ip-addr Set ap boot-configuration vlan Enables or disables use of the specified Vlan tag on the APVlan-tag tag-value Vlan tag value. You can specify a number from Set ap security on Show ap config on Show ap status on Set ap fingerprintSet ap force-image-download Syntax set ap num fingerprint hex WSS# set ap 69 force-image-download enable Set ap groupSyntax set ap port-list ap ap-num auto group name Auto on Show ap config on Show ap group on Set ap imageWSS# set ap 1,4,7 group loadbalance1 WSS# set ap 4 group none Set ap local-switching mode Set ap local-switching vlan-profileSyntax set ap ap-numberlocal-switching mode enable disable WSS# set ap 7 local-switching mode enable Syntax set ap port-list ap ap-numname name WSS# set ap 7 local-switching vlan-profile localsSet ap name Set ap radio antenna-location WSS# set ap 1 name techpubsWSS# set ap 22 radio 1 antenna-location outdoor Indoors Set ap radio antennatype See Also set ap radio antennatype on Ap port-list Ap ap-num radio 1 radio Set ap radio auto-tune max-power WSS# set ap 7 radio 1 auto-tune max-power Set ap radio auto-tune max-retransmissionsSet ap radio auto-tune min-client-rate Deprecated in WSS Software Version WSS# set ap 11 radio 1 channel 1 tx-power Set ap radio tx-power on Show ap config onSet ap radio channel WSS# set ap 5 radio 1 channel Set ap radio min-tx-datarate Set ap radio link-calibrationSet ap radio load-balancing Ap ap-number Set ap radio load-balancing group Syntax set ap ap-numradio 1 2 load-balancing enable disableWSS# set ap 7 radio 1 load-balancing disable WSS# set ap 7 radio 1 load-balancing group room1 Set ap radio modeSyntax set ap port-listauto radio 1 2 mode enable disable WSS# set ap 1-5 radio 1 mode enable WSS# set ap 1-3 radio 2 mode enableSet ap radio radio-profile Radio-profile name Set ap radio tx-power WSS# set ap 5 radio 1 tx-power Set ap radio channel on Show ap config on WSS# set ap security none Set ap securitySyntax set ap security require optional none Set ap upgrade-firmware Syntax set ap port-listauto upgrade-firmware enable disableWSS# set ap 9 upgrade-firmware disable Set ap sticky-bit Set load-balancing mode Syntax set load-balancing mode enable disableSyntax set band-preference none 11bg 11a WSS# set band-preference 11a WSS# set load-balancing mode disable Set load-balancing strictnessSyntax set load-balancing strictness low med high max Max Syntax set radio-profile name active-scan enable disable Set radio-profile 11g-onlySet radio-profile active-scan WSS# set load-balancing strictness max Set radio-profile auto-tune channel-config WSS# set radio-profile radprof3 active-scan disableSet radio-profile auth-dot1x Set radio-profile auth-psk WSS# set radio-profile rp2 auto-tune channel-holddown WSS# set radio-profile rp2 auto-tune channel-config disableSet radio-profile auto-tune channel-holddown Set radio-profile auto-tune channel-interval WSS# set radio-profile rp2 auto-tune channel-interval Set radio-profile auto-tune power-backoff-timer Set radio-profile auto-tune power-configSet radio-profile auto-tune channel-lockdown Syntax set radio-profile name auto-tune channel-lockdown Set radio-profile auto-tune power-interval WSS# set radio-profile rp2 auto-tune power-config enableDefaults The default power tuning interval is 300 seconds Started Set radio-profile auto-tune power-lockdown WSS# set radio-profile rp2 auto-tune power-intervalSyntax set radio-profile name auto-tune power-lockdown WSS# set radio-profile rp2 auto-tune power-lockdown Set radio-profile auto-tune power-ramp-interval WSS# set radio-profile rp2 auto-tune power-ramp-intervalSet radio-profile beacon-interval Syntax set radio-profile name beacon-interval interval Set radio-profile beaconed-ssid Set radio-profile cipher-ccmpSet radio-profile cipher-tkip Set radio-profile cipher-wep104 Configured Set radio-profile countermeasuresWSS# set radio-profile radprof3 countermeasures rogue Rogue Set radio-profile crypto-ssid Set radio-profile dtim-interval WSS# set radio-profile rp1 frag-threshold Set radio-profile frag-thresholdSyntax set radio-profile name frag-threshold threshold Set radio-profile max-tx-lifetime Set radio-profile long-retrySet radio-profile max-rx-lifetime Set radio-profile mode Defaults for Radio Profile ParametersSyntax set radio-profile name mode enable disable WSS# set radio-profile rp1 max-tx-lifetime Rfid-mode Disable Service-profileWmm-powersave Disable Countermeasures Rfid-mode Wmm-powersave11g-only Set radio-profile preamble-length Set radio-profile psk-phraseSet radio-profile psk-raw Syntax set radio-profile name preamble-length long short Set radio-profile qos-mode Set radio-profile rate-enforcementSyntax set radio-profile name qos-mode svp wmm WSS# set radio-profile rp1 qos-mode svp Set radio-profile rfid-mode Enables data rate enforcement for the radios in the radioDisables data rate enforcement for the radios in the radio Syntax set radio-profile name rfid-mode enable disable WSS# set radio-profile rfid-mode enableSet radio-profile rts-threshold Syntax set radio-profile name rts-threshold threshold Syntax set radio-profile name service-profile name Set radio-profile service-profileDefaults for Service Profile Parameters Cipher-ccmp Disable Cipher-tkip EnableCipher-wep104 Disable Cipher-wep40 Disable No-broadcast Disable Proxy-arp DisableRsn-ie Disable Shared-key-auth Disable 12.0,24.0 Auto2.0 2.0,5.5,11.0 Portal-acl setting TimeoutWpa-ie Disable Web-portal-acl Portalacl WSS# set radio-profile rp2 service-profile wpaclients Set radio-profile shared-key-auth Set radio-profile short-retrySet radio-profile tkip-mc-time Set radio-profile wep active-multicast-index Set radio-profile wmm-powersave Syntax set radio-profile name wmm-powersave enable disableWSS# set radio-profile rp1 wmm-powersave enable See set service-profilewpa-ie on WSS# set service-prof sp2 attr vlan-name blue Set service-profile attrSyntax set service-profile name attr attribute-name value Set service-profile auth-dot1x WSS# set service-prof sp2 attr mobility-profile tulipSyntax set service-profile name auth-dot1x enable disable WSS# set service-profile wpaclients auth-dot1x disable Web-portal Set service-profile auth-fallthruLast-resort Set service-profile auth-psk WSS# set service-profile rndlab auth-fallthru web-portalSyntax set service-profile name auth-psk enable disable WSS# set service-profile wpaclients auth-psk enable Set service-profile beacon Set service-profile bridgingSyntax set service-profile name beacon enable disable Mesh-service-profile Mesh service profile Set service-profile cac-mode Syntax set service-profile name cac-mode none sessionWSS# set service-profile sp1 cac-mode session Set service-profilecac-session on Show service-profile on Set service-profile cac-session Set service-profile cipher-ccmpSyntax set service-profile name cac-session max-sessions WSS# set service-profile sp1 cac-session Set service-profile cipher-tkip WSS# set service-profile sp2 cipher-ccmp enableSyntax set service-profile name cipher-tkip enable disable WSS# set service-profile sp2 cipher-tkip disable Enables 104-bit WEP encryption for WPA clients Set service-profile cipher-wep104WSS# set service-profile sp2 cipher-wep104 enable Set service-profile cipher-wep40 Set service-profile cosSyntax set service-profile name cipher-wep40 enable disable WSS# set service-profile sp2 cipher-wep40 enable Set service-profile dhcp-restrict Syntax set service-profile name cos levelWSS# set service-profile sp1 cos WSS# set service-profile sp1 dhcp-restrict enable Set service-profile idle-client-probing Set service-profile keep-initial-vlanWSS# set service-profile sp1 idle-client-probing disable Enables keepalives WSS# set service-profile sp3 keep-initial-vlan enable Set service-profile load-balancing-exemptSee Also show service-profile on Set service-profile long-retry-count WSS# set service-profile sp3 load-balancing-exempt enableSyntax set service-profile name long-retry-count threshold WSS# set service-profile sp1 long-retry-count Set service-profile mesh Set service-profile no-broadcastSyntax set service-profile name mesh mode enable disable Enables mesh services for the service profile Set service-profile proxy-arp Syntax set service-profile name no-broadcast enable disableWSS# set service-profile sp1 no-broadcast enable Syntax set service-profile name proxy-arp enable disable Syntax set service-profile name psk-phrase passphrase Set service-profile psk-phraseWSS# set service-profile sp1 proxy-arp enable Syntax set service-profile name psk-raw hex Set service-profile psk-rawSet service-profile rsn-ie WSS# set service-profile sprsn rsn-ie enable Set service-profile shared-key-authSyntax set service-profile name rsn-ie enable disable Set service-profile short-retry-count WSS# set service-profile sp4 shared-key-auth enableSyntax set service-profile name short-retry-count threshold WSS# set service-profile sp1 short-retry-count Network Set service-profile soda agent-directorySet service-profile soda enforce-checks Set service-profile soda failure-page WSS# set service-profile sp1 enforce-checks disableSyntax set service-profile name soda failure-page Set service-profile soda mode on Show service-profile on Set service-profile soda logout-page Syntax set service-profile name soda logout-page Set service-profile soda mode WSS# set service-profile sp1 soda logout-page logout.htmlSyntax set service-profile name soda mode enable disable WSS# set service-profile sp1 soda mode enable Syntax set service-profile name soda success-page Set service-profile soda remediation-aclSet service-profile soda success-page Syntax set service-profile name ssid-name ssid-name Set service-profile ssid-nameWSS# set service-profile sp1 soda success-page success.html Set service-profile ssid-type Set service-profile static-cosWSS# set service-profile clearwlan ssid-name guest Syntax set service-profile name ssid-type clear crypto Set service-profile tkip-mc-time Syntax set service-profile name static-cos enable disableWSS# set service-profile sp1 static-cos enable Syntax set service-profile name tkip-mc-time wait-time 11g-1.0, 2.0, 5.5, 6.0, 9.0, 11.0, 12.0, 18.0 Set service-profile transmit-ratesWSS# set service-profile sp3 tkip-mc-time Beacon-rate Beacon-rate rateMulticast-rate Set service-profile user-idle-timeout Set service-profile web-portal-aclSyntax set service-profile name user-idle-timeout seconds WSS# set service-profile sp1 user-idle-timeout Set service-profile web-portal-form Syntax set service-profile name web-portal-acl aclnameWSS# set service-profile sp3 web-portal-acl creditsrvr Syntax set service-profile name web-portal-form url WSS# mkdir corpa WSS# dir corpa Set service-profile web-portal-logout Set service-profile web-portal-logout logout-urlSet service-profile web-portal-session-timeout WSS# set service-profile sp1 web-portal-logout mode enable Set service-profile wep active-multicast-index WSS# set service-profile sp1 web-portal-session-timeout WSS# set service-profile sp2 wep active-unicast-index Set service-profile wep active-unicast-indexWSS# set service-profile sp2 wep active-multicast-index Set service-profile wep key-index Set service-profile wpa-ieSyntax set service-profile name wep key-index num key value WSS# set service-profile sp2 wep key-index 1 key aabbccddee WSS# set service-profile sp2 wpa-ie enable Show ap arpSyntax show ap arp ap-number WSS# show ap arp Show ap config Syntax show ap config port-listradio 1Set ap local-switching mode on Set vlan-profile Output for show ap arp WSS# show ap config Output for show ap config 802.11g 802.11a802.11b Show ap unconfigured on Show radio-profile on Show ap countersSyntax show ap counters port-listradio 1 WSS# show ap counters Output for show ap counters Use the show sessions network session-id session-idcommand Output for show ap counters Show ap dual-home See Also show sessions network on Show ap fdb Output for show ap fdbSyntax show ap fdb ap-number WSS# show ap fdb Clears the counters after displaying their current values Show ap qos-statsWSS# show ap qos-stats Show ap etherstats Output for show ap qos-statsSyntax show ap etherstats port-listap-num WSS# show ap etherstats Output for show ap etherstats Show ap group Show ap mesh-linksSyntax show ap mesh-links ap-number WSS# show ap mesh-links Show ap status Output for show ap mesh-linksSyntax show ap status terse port-listall radio 1 Terse Radio state information, to indicate when an Configured antenna model numberPower settings that are configured by RF Auto Tuning WSS# show ap status terse Output for show ap status But has not yet begun booting Booting-The AP has asked the WSS for a bootImage downloading-The AP is receiving a boot Image downloaded-The AP has received a boot Configure succeed state indicates that the AP Has received configuration parameters forProtection mode remains in effect until Sweep Mode indicates that a disabled radio is But no external antenna is configured on Antenna is configured on the radio but noIndicates that an external antenna was detected Radio Show ap vlan Output for show ap status terse and show ap status terse Set vlan-profile Set ap local-switching mode on Output for show ap vlanSyntax show ap vlan ap-number WSS# show ap vlan Show auto-tune attributes Output for show auto-tune attributesSyntax show auto-tune attributes ap ap-numradio 1 2all WSS# show auto-tune attributes ap 2 radio Syntax show auto-tune neighbors ap ap-numradio 1 2all Set radio-profileauto-tunepower-backoff-timer onShow auto-tune neighbors Output for show auto-tune neighbors Rssi Show ap boot-configuration Output for show ap boot-configurationSyntax show ap boot-configuration ap-num WSS# show ap boot-configuration Show ap connection Syntax show ap connection ap-numserial-id serial-IDConnection Serial-id serial-ID Show ap config on Show ap global on Show ap unconfigured on Output for show ap connectionWSS# show ap connection Total number of entries WSS# show ap connection serial-id Show ap global Output for show ap globalSyntax show ap global ap-numserial-id serial-ID WSS# show ap global WSS# show ap unconfigured Show ap unconfiguredSyntax show ap unconfigured Output for show ap unconfigured This WSS switch as a memberShow load-balancing group Show ap connection on Show ap global on Show radio-profile Output for show load-balancing groupWSS# show load-balancing group blue Syntax show radio-profile name ? WSS# show radio-profile default Output for show radio-profile Wmm-AP forwarding queues provide standard Priority handling for WMM devicesSvp-AP forwarding queues are optimized for SpectraLink Voice Priority SVP Show service-profile Syntax show service-profile name ? Profile output Output for show service-profile Crypto-Wireless traffic for the Ssid isClear-Wireless traffic for the Ssid is Unencrypted Last-resort-Automatically authenticates the user Allows access to the Ssid requested byUser, without requiring a username and password None-Denies authentication and prohibits None-CAC is disabled None-The key is not configuredPreset-The key is configured Session-CAC is based on the number of active Radios in the radio profile mapped to this service Authentication-Lists the authentication methods802.1X-dynamic authentication PSK-preshared key authentication FieldDescription AP Commands AP Commands NN47250-100 Version Show spantree uplinkfast on STP CommandsSet spantree uplinkfast on Clear spantree portcost Clear spantree portpri Clear spantree portvlanpri Resets the cost for all VLANsClear spantree portvlancost Clear spantree statistics Syntax clear spantree portvlanpri port-listall vlan vlan-idSyntax clear spantree statistics port-listvlan vlan-id WSS# clear spantree statistics 5,11,19-22 Set spantree Set spantree backbonefastSee Also show spantree statistics on See Also show spantree on See Also show spantree backbonefast on Set spantree fwddelaySet spantree hello Set spantree maxage Set spantree portcost Snmp Port Path Cost Defaults Syntax set spantree portfast port port-listenable disableSet spantree portfast WSS# set spantree portcost 3,4 cost See Also show spantree portfast on Set spantree portpriSet spantree portvlancost Set spantree portvlanpri WSS# set spantree portvlancost 3,4 cost 20 vlan mauveCost cost All Priority value All Set spantree priority Set spantree uplinkfast WSS# set spantree uplinkfast enable WSS# show spantree vlan defaultShow spantree See Also show spantree uplinkfast on Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Output for show spantree Syntax show spantree backbonefast Show spantree backbonefastSee Also show spantree blockedports on WSS# show spantree blockedports vlan default Show spantree blockedportsSee Also set spantree backbonefast on WSS# show spantree backbonefast Show spantree portfast Syntax show spantree portfast port-listWSS# show spantree portfast Uplink fast convergence information for all ports Show spantree portvlancost Output for show spantree portfastSee Also set spantree portfast on Syntax show spantree portvlancost port-list Show spantree statistics Syntax show spantree statistics port-listvlan vlan-idWSS# show spantree statistics Statistics for all ports Inactive Output for show spantree statistics Output for show spantree statistics Output for show spantree statistics Show spantree uplinkfast Output for show spantree uplinkfastSee Also clear spantree statistics on Syntax show spantree uplinkfast vlan vlan-id See Also set spantree uplinkfast on STP Commands NN47250-100 Version Igmp Snooping Commands Clear igmp statisticsSyntax clear igmp statistics vlan vlan-id Statistics Show igmp statistics on Clear igmp statistics on Set igmp Set igmp lmqiSee Also show igmp statistics on See Also show igmp on See Also show igmp mrouter on Set igmp mrouterSet igmp mrsol Set igmp mrsol mrsi Set igmp oqiSee Also set igmp mrsol mrsi on See Also set igmp mrsol on Syntax set igmp proxy-report enable disable vlan vlan-id Set igmp proxy-reportWSS# set igmp oqi 200 vlan orange Vlan vlan-id WSS# set igmp proxy-report disable vlan orange Set igmp qiSet igmp qri Syntax set igmp qi seconds vlan vlan-id Syntax set igmp querier enable disable vlan vlan-id Set igmp querierSyntax set igmp qri tenth-seconds vlan vlan-id WSS# set igmp qri 50 vlan orange Set igmp receiver Set igmp rvSee Also show igmp querier on See Also show igmp receiver-table on Show igmp WSS# set igmp rv 4 vlan orangeSyntax show igmp vlan vlan-id WSS# show igmp vlan orange Output for show igmp Dvmrp PIM Conf Static multicast port configured by an AdministratorMadv-Multicast advertisement Quer-IGMP query WSS# show igmp mrouter vlan orange Show igmp mrouterSyntax show igmp mrouter vlan vlan-id Show igmp querier Output for show igmp mrouterSyntax show igmp querier vlan vlan-id Set igmp mrouter on Show igmp mrouter on WSS# show igmp querier vlan orange WSS# show igmp querier vlan default Show igmp receiver-tableOutput for show igmp querier See Also set igmp querier on WSS# show igmp receiver-table vlan orange WSS# show igmp receiver-table group 237.255.255.0/24WSS Software displays the multicast receivers on all VLANs Show igmp statistics Output for show igmp receiver-tableSee Also set igmp receiver on Syntax show igmp statistics vlan vlan-id Output for show igmp statistics See Also clear igmp statistics on Igmp Snooping Commands NN47250-100 Version Session Management Commands WSS# clear sessions adminClear sessions WSS# clear sessions console Clear sessions network See Also show sessions onWSS# clear sessions telnet client WSS# clear sessions network mac-addr Show sessions Console Telnet Show sessions network Show sessions telnet client OutputSee Also clear sessions on Mac-addr mac-addr Verbose output Session-id output WSS show sessions network WSS show sessions network mac-addr 00055d7e981aWSS show sessions network user E WSS show sessions network verbose Show sessions network summary Output WSS# show sessions network session-id Additional show sessions network verbose Description IP address and port number of the WSS managing the AP Serial number and radio number of the APAmount of time the session has been on this AP AAA-VLAN is from Radius or the local database Show sessions network session-id Output DOT1X See Also clear sessions network on Session Management Commands NN47250-100 Version Security ACL Commands Clear security aclSyntax clear security acl acl-name all editbuffer-index Clears all security ACLs WSS# show security acl info all Set security acl ip acl133 hits #1Set security acl ip acl134 hits #3 Set security acl ip acl135 hits #2 Out Clear security acl mapWSS# clear security acl map acljoe port 4 Commit security acl WSS# clear security acl map allSyntax commit security acl acl-nameall Type Class Mapping Hit-sample-rate Rollback security aclSee Also show security acl on Syntax rollback security acl acl-nameall Set security acl By UDP packets Any Minimum delay Routine precedencePriority precedence Immediate precedence WSS# set security acl ip acl123 deny 192.168.2.11 WSS# commit security acl all Set security acl map WSS set security acl map acl133 port 4WSS port or ports Tag tag-list Configuration file Set security acl hit-sample-rateSyntax set security acl hit-sample-rate seconds Set security acl ip acl153 hits #3 Show security acl Show security acl dscpWSS# show security acl hits Index Counter ACL-name Show security acl editbuffer Show security acl hitsSyntax show security acl info all editbuffer WSS# show security acl editbuffer Show security acl info Syntax show security acl hitsSyntax show security acl info acl-nameall editbuffer WSS# show security acl info Show security acl map Show security acl resource-usage Show security acl resource-usage Output True-A default action types is defined False-No default action type is definedTrue-Security ACLs are mapped False-No security ACLs are mapped True-Security ACLs are mapped to incoming traffic False-No security ACLs are mapped to incoming Cryptography Commands Crypto ca-certificate EapPEM-formatted Certificate See Also show crypto ca-certificate on WSS# crypto certificate adminCrypto certificate Crypto generate key Crypto generate request on Crypto generate self-signed onDomain Ssh WSS# crypto generate key admin Syntax crypto generate request admin eap webCrypto generate request See Also show crypto key ssh on WSS# crypto generate request admin Email Address admin@example.comWebaaa option renamed to web Maximum string length for State Name increased Crypto certificate on Crypto generate key on Syntax crypto generate self-signed admin eap webCrypto generate self-signed Crypto otp WSS# crypto generate self-signed adminSyntax crypto otp admin eap web one-time-password Syntax crypto pkcs12 admin eap web file-location-url Crypto pkcs12See Also crypto pkcs12 on WSS# crypto generate otp eap hap9iN#ss See Also crypto otp on WSS# copy tftp//192.168.253.1/2048full.p12 2048full.p12WSS# crypto otp eap hap9iN#ss WSS# crypto pkcs12 eap 2048full.p12 Syntax show crypto ca-certificate admin eap web Show crypto ca-certificateShow crypto ca-certificate Output WSS# show crypto ca-certificate Syntax show crypto certificate admin eap web Show crypto certificateCrypto certificate Output WSS# show crypto certificate eap See Also crypto generate key on Show crypto key domainShow crypto key ssh Cryptography Commands NN47250-100 Version Radius and Server Groups Commands Syntax clear radius deadtime key retransmit timeoutClear radius Clear server group on Clear radius client system-ip Clear radius proxy client Clear radius proxy portSee Also set radius proxy client on See Also set radius proxy port on Clear radius server Clear server group Set radius See Also set server group on Set radius client system-ip Set radius proxy client Set radius proxy portSyntax set radius proxy client address ip-address WSS# set radius proxy client address 10.20.20.9 key radkey1 Ssid ssid-name Ssid supported by the third-party AP Set radius serverWSS# set radius proxy port 3-4 tag 104 ssid mycorp Encrypted-key-No key Author-password-nortel Set server group Members server 23x0# set server group shorebirds load-balance enable 23x0# set server group shorebirds load-balance disableSet server group load-balance Group-name Server group name of up to 32 characters Radius and Server Groups Commands NN47250-100 Version 802.1X Management Commands Clear dot1x bonded-period Clear dot1x max-reqSyntax clear dot1x max-req WSS# clear dot1x bonded-period Clear dot1x reauth-max Clear dot1x port-controlClear dot1x quiet-period Clear dot1x timeout auth-server Clear dot1x reauth-period Clear dot1x timeout supplicant Clear dot1x tx-period Syntax set dot1x authcontrol enable disable WSS# set dot1x authcontrol enableSet dot1x authcontrol Set dot1x bonded-period See Also show dot1x on Set dot1x key-txSet dot1x max-req WSS# set dot1x port-control forceauth Set dot1x port-controlWSS# set dot1x max-req Set dot1x quiet-period Set dot1x reauth Set dot1x reauth-max Set dot1x reauth-period Set dot1x timeout auth-server Set dot1x timeout supplicant Syntax set dot1X wep-rekey enable disable Set dot1x tx-periodSet dot1x wep-rekey Syntax set dot1x tx-period seconds Set dot1x wep-rekey-period Show dot1x WSS# show dot1x config WSS# show dot1x clients Show dot1x stats Output WSS # show dot1x stats 520 802.1X Management Commands RF Detection Commands Rogue Information Show rfdetect clients onShow rfdetect data on Show rfdetect visible on Clear rfdetect attack-list Clear rfdetect black-listSyntax clear rfdetect attack-list mac-addr Syntax clear rfdetect black-list mac-addr Clear rfdetect ignore Clear rfdetect ssid-list Clear rfdetect vendor-list Set rfdetect attack-listSyntax clear rfdetect vendor-list client ap mac-addrall WSS# clear rfdetect vendor-list client aabbcc000000 Set rfdetect black-list Set rfdetect ignore Syntax set rfdetect log enable disable 23x0# set rfdetect log enableSet rfdetect log 23x0# set rfdetect ignore aabbcc112233 See Also show log buffer on Set rfdetect signatureSet rfdetect ssid-list Set rfdetect vendor-list WSS# set rfdetect ssid-list mycorpSyntax set rfdetect vendor-list client ap mac-addr WSS# set rfdetect vendor-list client aabbcc000000 Show rfdetect attack-list Show rfdetect black-list Show rfdetect clients Show rfdetect clients OutputSyntax show rfdetect clients mac mac-addr WSS# show rfdetect clients mac 000c4163fd6d Show rfdetect clients mac Output WSS# show rfdetect countermeasures Show rfdetect countermeasuresSyntax show rfdetect countermeasures Show rfdetect counters Show rfdetect countermeasures OutputSee Also set radio-profile countermeasures on Syntax show rfdetect counters Show rfdetect data Syntax show rfdetect data Show rfdetect data Output Show rfdetect ignore Show rfdetect mobility-domainSyntax show rfdetect ignore WSS# show rfdetect ignore Total number of entries Bssid and ssid options added Vendor, Type, and Flags fields addedWSS# show rfdetect mobility-domain WSS# show rfdetect mobility-domain ssid nrtl-webaaa Show rfdetect mobility-domain Output Show rfdetect mobility-domain ssid or bssid Output Show rfdetect ssid-list Show rfdetect vendor-list Show rfdetect visibleSyntax show rfdetect vendor-list WSS# show rfdetect vendor-list Show ap status command Mac-addr Base MAC address of the Nortel radioShows neighbor information for radio Version Vendor, Type, and Flags fields added Rfping Show rfdetect visible OutputSyntax rfping mac mac-addrsession-id session-id Show rfdetect data on Show rfdetect mobility-domain on Rfping Output WSS# rfping mac 000e9bbfad13 File Management Commands Backup Syntax backup system tftp/ip-addr/filenameall critical WSS# backup system tftp/10.10.20.9/sysabak criticalDir on Restore on Tftp/ip-addr / filename Copy Clear boot backup-configurationClear boot config Syntax copy source-url destination-url Source-urlDestination-url Be one of the following WSS# copy tftp//10.1.1.107/WSS020101.020 boot1WSS020101.020 DeleteWSS# copy floorwss tftp//10.1.1.1/floorwss WSS# copy tftp//10.1.1.1/closetwss closetwss WSS# copy testconfig tftp//10.1.1.1/testconfig WSS# delete testconfigSyntax dir subdirname file core boot0 boot1 Dir WSS# dir file WSS# dirWSS# dir old Install soda agent WSS# dir boot0Output for dir WSS# dir core Load config WSS# install soda agent soda.ZIP agent-directory sp1Syntax load config url Uninstall soda agent on Set service-profile soda mode on WSS# load config WSS# load config testconfig1Syntax md5 boot0 boot1filename Save config on Show boot on Show config on Pubs# md5 boot0WSS040003.020 MkdirSyntax mkdir subdirname WSS# mkdir corp2 WSS# reset system Reset systemSyntax reset system force Restore Rmdir Save configSee Also backup on Set boot backup-configuration Syntax save config filenameWSS# save config testconfig1 Syntax set boot backup-configuration filename Set boot configuration-file Set boot partition Boot configuration, added Show bootNew fields, Configured boot version and Backup Output for show boot Show config Syntax show config area area allConfiguration area. You can specify one of the following Area area Rfdevice changed to rfdetect Show versionNew options added for remote traffic monitoring snoop WSS# show version details Uninstall soda agent See Also show boot onSyntax uninstall soda agent agent-directory directory WSS# uninstall soda agent agent-directory sp1 Install soda agent on Set service-profile soda mode on File Management Commands NN47250-100 Version Trace Commands Clear log traceSyntax clear log trace WSS# clear log trace Clear trace Save trace Set trace authentication Set trace authorizationWSS# set trace authentication user jose WSS# save trace traces/trace1 User-readable information. If you do not specify a level Level 5 is the defaultSet trace dot1x Set trace sm WSS# set trace sm mac-addr WSS# show trace Show traceSyntax show trace all Snoop Commands Clear snoopSyntax clear snoop filter-name WSS# clear snoop snoop1 Clear snoop map WSS# clear snoop map snoop2 ap 3 radioWSS# clear snoop map all Examples clear snoop map filter-nameap ap-numradio 1 Set snoop Examples set snoop map filter-nameap ap-numradio 1 Set snoop mapWSS# set snoop snoop1 observer 10.10.30.2 snap-length Set snoop mode Enable Stop-after num-pktsWSS# set snoop map snoop1 ap 3 radio Filter. See show snoop stats on WSS# set snoop snoop1 mode enable stop-after Show snoopSyntax show snoop WSS# show snoop Show snoop info Show snoop map Examples show snoop stats filter-nameap-numradio 1 Show snoop statsClear snoop map on Set snoop map on Show snoop on Show snoop stats Output Snoop Commands NN47250-100 Version System Log Commands Clear logSyntax clear log buffer server ip-addr WSS# clear log server Severity Logging state enabled or disabledSet log Defaults Set log mark Show log buffer See Also show log config onSet log trace mbytes Reboot or shut down Error-The WSS is missing data or is unable toProblems have occurred. These are logged for Diagnostic purposes. No action is required Show log config Syntax show log configWSS# show log config Show log trace Conditions are not resolved, the WSS can reboot Error-The WSS is missing data or is unable to formPositive number for example, +100, displays that Number of log entries starting from the oldest WSS# show log trace facility ? WSS# show log trace +5 facility Rogue System Log Commands NN47250-100 Version Boot Prompt Commands Autoboot See Also boot onSyntax autoboot on on OFF off Boot autoboot Boot Change on Show on Boot boot FN=WSS010101.020 DEV=boot1Change Boot change Boot on Create on Delete on Dhcp on Next on Show on Change on Delete on Next on Show on Boot createCreate Boot delete Boot dhcpDhcp Syntax dhcp on on OFF off Syntax dir c d e f boot0 boot1 Boot dirDiag Fver on Version on Syntax fver c d e f boot0 boot1 filename Boot fver boot1Syntax help command-name Fver Boot help fver See Also ls on Reset Boot nextNext See Also help on Boot reset Show Compact flash. Boots using nonvolatile Boot showOutput for show Storage or a flash card Nonvolatile storage area containing boot PartitionPrimary partition of the flash card in the flash Secondary partition of the flash card Boot version Enables the poweron test flagTest Version Dir on Fver on Command Index Numerics NN47250-100 320658-G Version Delete 539 Command Index 282 340 Command Index Command Index MAC addresses 12 in user globs Vlan globs Command Index NN47250-100 320658-G Version Page Nortel WLAN-Security Switch 2300 Series Release