WSS# commit security acl all

468Security ACL Commands

History
WSS Software	The any option is supported for the source or destination IP address and
Version 4.1	mask. This option is equivalent to 0.0.0.0 255.255.255.255.

Note: The any option is shown in the configuration file as

0.0.0.0255.255.255.255, regardless of whether you specify any or

0.0.0.0255.255.255.255 when you configure the ACE.

The dscp codepoint is added. This option enables you to filter based on a packet’s Differentiated Services Code Point (DSCP) value.

Usage The WSS does not apply security ACLs until you activate them with the commit security acl command and map them to a VLAN, port, or virtual port, or to a user. If the WSS is reset or restarted, any ACLs in the edit buffer are lost.

You cannot perform ACL functions that include permitting, denying, or marking with a Class of Service (CoS) level on packets with a multicast or broadcast destination address.

The order of security ACEs in a security ACL is important. Once an ACL is active, its ACEs are checked according to their order in the ACL. If an ACE criterion is met, its action takes place and any ACEs that follow are ignored.

ACEs are listed in the order in which you create them, unless you move them. To position security ACEs within a

security ACL, use before editbuffer-index and modify editbuffer-index.

Examples The following command adds an ACE to security acl_123 that permits packets from IP address 192.168.1.11/24 and counts the hits:

WSS# set security acl ip acl_123 permit 192.168.1.11 0.0.0.255 hits

The following command adds an ACE to acl_123 that denies packets from IP address 192.168.2.11:

WSS# set security acl ip acl_123 deny 192.168.2.11 0.0.0.0

The following command creates acl_125 by defining an ACE that denies TCP packets from source IP address 192.168.0.1 to destination IP address 192.168.0.2 for established sessions only, and counts the hits:

WSS# set security acl ip acl_125 deny tcp 192.168.0.1 0.0.0.0 192.168.0.2 0.0.0.0 established hits

The following command adds an ACE to acl_125 that denies TCP packets from source IP address 192.168.1.1 to desti- nation IP address 192.168.1.2, on destination port 80 only, and counts the hits:

WSS# set security acl ip acl_125 deny tcp 192.168.1.1 0.0.0.0 192.168.1.2 0.0.0.0 eq 80 hits

Finally, the following command commits the security ACLs in the edit buffer to the configuration:

configuration accepted

NN47250-100 (Version 02.51)

Page 468

Image 468

Nortel Networks 2300 Series manual WSS# set security acl ip acl123 deny 192.168.2.11, WSS# commit security acl all

Contents

Page Copyright 2007-2008 Nortel Networks. All rights reserved Nortel Networks software license agreement Legal Information Exclusive Remedy Software License Agreement Page SSH Source Code Statement OpenSSL Project License Statements NN47250-100 Version How to get help Introducing the Nortel Wlan 2300 System NN47250-102 Version How to get help Getting help from the Nortel web site How to get help NN47250-100 Version Introducing the Nortel Wlan 2300 System Nortel Wlan 2300 System Documentation Planning, Configuration, and Deployment InstallationConfiguration and Management Safety and Advisory Notices Menu Name Command Bold textItalic text Using the Command-Line Interface CLI Conventions Command Prompts Set enablepass Set port enable disable port-listClear interface vlan-idip Clear fdb dynamic port port-list vlan vlan-id MAC Address Notation MAC Address Wildcards Port Lists Command-Line Editing Using CLI Help WSS# show i? WSS# show ip ?WSS# show ip telnet Set ap port-list ap-numname name Using the Command-Line Interface NN47250-100 Version Access Commands DisableEnable See Also enable on Set enablepass Syntax set enablepassWSS# set enablepass Enter old password old-password Quit Disable on Enable on Access Commands NN47250-100 Version Port Commands Port Type Set port type ap on Set ap onClear port type on Clear ap on Clear ap Clear port counters Clear port-group Clear port media-type Clear port mirror Clear port name Network Port Defaults Configuration from all the specified portsClear port type Syntax clear port type port-list Set port type ap on Set port type wired-auth on Monitor port countersWSS# clear port type Key Controls for Monitor Port Counters Display WSS# monitor port counters Output for monitor port counters Displayed for All OptionsOctets Number of packets received that were 64 bytes long Reset port Syntax reset port port-listWSS# reset port See Also show port counters on Set ap See Also set port on 2382-1 to 2380-1 to2360/61-1 to 2350-1 to See Also reset port on Set portSet port-group WSS# set port-group name server1 1-5 mode on Mode on offSet port media-type Syntax set port-group name group-nameport-listmode on off Set port mirror Syntax set port media-type port-listrj452380# set port media-type 2 rj45 Syntax set port mirror source-portobserver observer-port WSS# set port 17 name adminpool Set port nameWSS# set port 1 observer Syntax set port port name name Set port negotiation Set port poe WSS# set port poe 7,9 disable WSS# set port poe 7,9 enableSet port speed Syntax set port speed port-list10 100 1000 auto Syntax set port trap port-listenable disable WSS# set port trap 17-18 enableSet port trap Set port type ap Port-list List of physical portsRadiotype 11a 11b 11g Radio type AP Access Port Defaults Version New values for model option added Set port type wired-auth WSS# set port type ap 2 model 2330 poe enableWSS# set port type ap 4-6 model 2330 poe enable WSS# set ap 1 radio 1 antennatype Wired Authentication Port Defaults Last-resortNone Web-portal WSS# set port type wired-auth Show port countersClear port type on Set port type ap on Port port-list Show port-group Output for show port-groupWSS show port counters octets port Syntax show port-group name group-name GBIC-The Gbic fiber interface is enabled RJ45-The RJ-45 copper interface is enabledShow port media-type Output for show port media-type Show port mirror Show port poe Output for show port poe See Also set port poe on Show port status Output for show port statusSyntax show port status port-list WSS# show port status Up-The port is enabled Down-The port is disabledWa-Wired authentication port No connector-GBIC slot is empty System Services Commands Clear banner motd Clear historySee Also history on Clear prompt Clear systemSyntax clear prompt Wildebeest# clear prompt success change accepted. WSS# Help WSS# clear system locationHelp None Set auto-config HistoryQuickstart See Also clear history on Syntax set auto-config enable disable WSS# set auto-config enable success change accepted WSS# save configSet banner motd 2360# set vlan 1 port 7 success change accepted Set confirm Set length Set license Syntax set length number-of-linesWSS# set length Syntax set license activation-key Set prompt Set system contactSee Also show licenses on Syntax set prompt string Set system countrycode 23x0#set system contact tamara@example.comSyntax set system countrycode code 23x0#set system country code CA Set system idle-timeout See Also show config onSyntax set system idle-timeout seconds WSS# set system idle-timeout Set system ip-address Set system location Set system name Syntax set system name string Show banner motd Show licensesShow load See Also set license on Show license command Show systemSee Also show system on Syntax show system Show system output Show tech-support System Services Commands System Services Commands NN47250-100 Version Vlan Commands Clear fdb WSS# clear fdb static vlan blueWSS# clear fdb dynamic WSS# clear fdb port 3,5 Clear security l2-restrict Clear security l2-restrict countersSyntax clear security l2-restrict counters vlan vlan-idall All Clear vlan WSS# clear security l2-restrict counters vlan abcairSyntax clear vlan vlan-id port port-list tag tag-value Vlan-id Port port-list Set vlan port on Show vlan config on Set fdbWSS# clear vlan green port WSS# clear vlan red port 4 tag Set fdb agingtime Set security l2-restrictSee Also show fdb agingtime on Enable disable Set vlan nameSyntax set vlan vlan-numname name Mode Set vlan port See Also set vlan port onWSS# set vlan 3 name marigold Syntax set vlan vlan-id port port-list tag tag-value Set vlan tunnel-affinity Show fdbWSS# set vlan beige port 16 tag Syntax set vlan vlan-idtunnel-affinity num WSS# show fdb all WSS# show fdb Show fdb agingtime Output for show fdbSyntax show fdb agingtime vlan vlan-id WSS# show fdb agingtime Show fdb count Show roaming stationSee Also set fdb agingtime on See Also show fdb on Show roaming vlan Output for show roaming stationSee Also show roaming vlan on Syntax show roaming vlan WSS# show roaming vlan Show roaming station on Show vlan config on Show security l2-restrictOutput for show roaming vlan Syntax show security l2-restrict vlan vlan-idall Enabled. Forwarding of Layer 2 traffic from clients is Disabled. Layer 2 forwarding is not restrictedShow tunnel Output for show security l2-restrict Show vlan config See Also show vlan config onSyntax show vlan config vlan-id Output for show tunnel Output for show vlan config See Also Vlan Commands NN47250-100 Version Quality of Service Commands Clear qos Set qos cos-to-dscp-map WSS# clear qosWSS# clear qos dscp-to-qos-map Syntax set qos cos-to-dscp-map level dscp dscp-value Set qos dscp-to-cos-map Show qos Show qos dscp-table See Also show qos dscp-table onSee Also show qos on IP Services Commands Set ntp update-interval on Set ntp onSet ntp server on Show ntp on Clear interface Syntax clear interface vlan-idipWSS# clear interface mauve ip Clear ip alias Clear ip dns domain Clear ip dns server Clear ip routeSyntax clear ip dns server ip-addr WSS# clear ip dns server Clear ip telnet Clear ntp serverSyntax clear ip telnet WSS# clear ip telnet success change accepted Clear ntp update-interval Syntax clear ntp update-intervalWSS# clear ntp update-interval success change accepted Clear snmp community Clear snmp notify profile Clear snmp notify targetSyntax clear snmp notify profile profile-name Syntax clear snmp notify target target-num Clear snmp usm Clear summertime Clear system ip-address Clear timezone Ping Host Count num-packetsCount-5 Set arp See Also traceroute onWSS# ping Syntax set arp permanent static dynamic ip-addrmac-addr Set arp agingtime Set interfaceSyntax set arp agingtime seconds WSS# set arp agingtime WSS# set interface default ip 10.10.10.10/24 Syntax set interface vlan-idip dhcp-client enable disableEnables the Dhcp client on the Vlan Set interface dhcp-client WSS# set interface corpvlan ip dhcp-client enable Default-router ip-addrSet interface dhcp-server Clear interface on Show dhcp-client on Show interface on Default-router Set interface statusDns-domain Primary-dns and secondary-dns Syntax set ip dns enable disable Set ip aliasSet ip dns Syntax set ip alias name ip-addr WSS# set ip dns enable Set ip dns domainSyntax set ip dns domain name WSS# set ip dns domain example.com Set ip dns server Syntax set ip dns server ip-addrprimary secondaryPrimary Secondary Syntax set ip https server enable disable WSS# set ip https server enableEnable Enables the Https server Disable Set ip https server WSS# set ip route default 10.5.4.1 WSS# set ip route 192.168.4.0 255.255.255.0 10.5.4.2WSS# set ip route 192.168.5.0/24 10.5.5.2 Syntax set ip snmp server enable disable WSS# set ip snmp server enableSet ip snmp server Set ip ssh Syntax set ip ssh server enable disable Set ip ssh serverWSS# set ip ssh port Crypto generate key on Set ip ssh on Set ip ssh server on Syntax set ip telnet server enable disable Set ip telnetSet ip telnet server Syntax set ip telnet port-num WSS# set ip telnet server enable Syntax set ntp enable disableWSS# set ntp enable Enable Enables the NTP client Disable Set ntp update-interval Set ntp server Set snmp community WSS# set snmp community name switchmgr1 notify-read-write Read-notify Notify-only Notify-read-writeWSS# set snmp community read-write goodcommunity Default profile-name Set snmp notify profileDrop send AutoTuneRadioPowerChangeTraps-Generated ClientAuthorizationSuccessTraps-GeneratedClientAuthenticationFailureTraps-Generated ApOperRadioStatusTraps-Generated when Cont RFDetectSpoofedSsidAPTraps-Generated when RFDetectUnAuthorizedSsidTraps-Generated See Also Show snmp notify profile on Security unsecured authenticated encrypted Set snmp notify targetSNMPv3 with Informs Snmp-engine-id Security unsecured authenticated encrypted Timeout numRetries num SNMPv3 with Traps SNMPv2c with Informs Community-string Community string Profile profile-nameSNMPv2c with Traps WSS# set snmp notify target 2 10.10.40.10 v1 trap SNMPv1 with Traps Syntax set snmp protocol v1 v2c usm all enable disable WSS# set snmp protocol all enableSet snmp protocol V2c Set snmp security Set snmp usmWSS# set snmp security encrypted Snmp-engine-id ip ip-addr local hex hex Specifies a unique identifier for the SnmpString Engine Allow get and set operations and so on Specifies the access level of the user Auth-pass-phrase string option Set summertime WSS# set snmp usm snmpmgr1 snmp-engine-id localStart Second , third , fourth , or last 23x0# set summertime PDT success change accepted EndEnd of the time change period Set timedate Mmm-monthDd-day Yyyy-year Set timezone Syntax set timezone zone-name -hours minutes23x0# set timezone PST Show arp Output for show arpSyntax show arp ip-addr WSS# show arp Show dhcp-client Output for show dhcp-client WSS# show dhcp-client Show dhcp-server See Also set interface dhcp-client onSyntax show dhcp-server interface vlan-id verbose WSS# show dhcp-server Output for show dhcp-server Output for show dhcp-server verbose Show interface See Also set interface dhcp-server onSyntax show interface vlan-id WSS# show interface Show ip alias Output for show interface Show ip dns Output for show ip aliasOutput for show ip dns Syntax show ip dns Show ip https Show ip httpsWSS show ip https Show ip route Output for show ip httpsSyntax show ip route destination Destination Output for show ip route Show ip telnet Show ip telnetWSS show ip telnet Show ntp Output for show ip telnetSyntax show ntp WSS show ntp Output for show ntp Synced Show snmp community Show snmp countersShow snmp notify profile Show snmp notify target Show snmp statusSyntax show snmp notify target Syntax show snmp status Show snmp usm Show summertimeSyntax show summertime 23x0# show summertime Show timedate Show timezone Telnet Syntax telnet ip-addr hostname port port-numWSS# telnet WSS-remote show vlan Traceroute WSS-remote Session 0 pty tty2.d terminated tt name tty2.d Error Messages for traceroute See Also ping onWSS# traceroute server1 AAA Commands Syntax clear accounting admin dot1x system user-wildcard Clear accounting Clear authentication admin Syntax clear authentication admin user-wildcardWSS# clear accounting dot1x Nin System Clear authentication console WSS# clear authentication admin JoseSyntax clear authentication console user-wildcard WSS# clear authentication console Regina Clear authentication dot1x Clear authentication last-resortWSS# clear authentication dot1x ssid finance *@thiscorp.com Wired Clear authentication mac Clear authentication proxyWSS# clear authentication mac ssid thatcorp aabbcc WSS# clear authentication proxy ssid mycorp Clear authentication web Set authentication proxy on Show aaa onClear location policy Syntax clear location policy rule-number Clear mac-user Clear mac-user attrWSS# clear location policy Syntax clear mac-user mac-addr Clear mac-user group Syntax clear mac-usermac-addr attr attribute-nameWSS# clear mac-user 010203040506 attr filter-id Syntax clear mac-user mac-addrgroup Clear mac-usergroup Clear mac-usergroup attrSyntax clear mac-usergroup group-name WSS# clear mac-usergroup eastcoasters Clear mobility-profile Clear user WSS# clear user Hosni attr session-timeout Clear user attrWSS# clear user Nin Syntax clear user username attr attribute-name Clear user group Clear usergroup Set accounting admin console Clear usergroup attrSyntax clear usergroup group-name attr attribute-name WSS# clear usergroup cardiology attr time-of-day WSS# set accounting admin Natasha start-stop local Set accounting dot1x mac web last-resortStart-stop Stop-only Method1 Method2 Method3 Method4 Method1 method2 method3 method4 MacWeb Ssid ssid-name Set accounting system WSS# set accounting dot1x Nin stop-only sg2WSS# set accounting system shorebirds Set authentication admin For more information, see Usage Set authentication console WSS# set authentication admin Jose sg3 User-wildcard Method1 Method2 Method3 Method4 Set authentication dot1x WSS# set authentication console * none Already been authenticated Or a period .. For details, see User Wildcards onBonded Protocol Method1 Method2 Method3 Method4 Sg1 sg2 sg3 success change accepted Set authentication last-resort Set authentication macSet service-profileauth-fallthru on Show aaa on Wired Set authentication proxy WSS# set authentication ssid mycorp2 mac ** local Set authentication web WSS# set authentication proxy ssid mycorp ** srvrgrp1 WSS# set authentication web ssid ourcorp rnd* local Set location policy DenyPermit Optionally, you can add the suffix .out to the name Show location policy command Clear location policy rule-numbercommandEq-Applies the location policy rule to all usernames Neq-Applies the location policy rule to all usernames Set mac-user WSS# set location policy deny if user eq *.theirfirm.comWSS# set location policy permit vlan floor2 if port 3-7,12 Clear location policy on Show location policy on Syntax set mac-user mac-addrgroup group-name WSS# set mac-user 010203040506 group eastcoastersClear mac-user on Show aaa on Set mac-user attr Syntax set mac-usermac-addr attr attribute-name value Authentication Attributes for Local Users Encryption-typeEnd-date Filter-id Mobility-profileMobility-profile on Service-type Session-timeoutBy the set dot1x reauth-period command is Ssid Time-of-day 1600,th1000-1600Day wk0900-1700,sa2200-0200 With start-date,end-date, or both $u-Username $v-VLAN $s-SSID $p-Service profile name WSS# set mac-user 010203040506 attr filter-id acl-03.inUrl Vlan-name For a list of authorization attributes, see on Set mac-usergroup attrWSS# set mac-usergroup eastcoasters attr vlan-name orange Clear mac-user attr on Show aaa on Or wired authentication port on the WSS Ports and wired authentication port on the WSSSet mobility-profile Set mobility-profile mode Syntax set mobility-profile mode enable disableWSS# set mobility-profile mode enable WSS# set mobility-profile name magnolia port Syntax set user username password encrypted string WSS# set user Nin password goodyWSS# set user admin password chey3nne Set user WSS# set user Nin password 29Jan04 Set user attrWSS# set user Tamara attr vlan-name orange WSS# set user Tamara attr mobility-profile tulip Set user group Set usergroupSyntax set user username group group-name WSS# set user Hosni group cardiology Syntax set web-portal enable disable Set web-portalSyntax set usergroup group-name attr attribute-name value Clear usergroup on Clear usergroup attr on Show aaa on Show aaa Show aaa Output User Nin Show accounting statistics UP operating Syntax show accounting statistics WSS# show accounting statistics Show accounting statistics Output Radius serverLocal WSS database Show location policy Show mobility-profile AAA Commands NN47250-100 Version Mobility Domain Commands Clear domain securitySyntax clear domain security 23x0# clear domain security Clear mobility-domain Clear mobility-domain memberSet domain security See Also set mobility-domain member on Set mobility-domain member Syntax set domain security none requiredWSS# set domain security required Syntax set mobility-domain member ip-addrkey hex-bytes Set mobility-domain mode member seed-ip Set mobility-domain mode member secondary-seed- ipClear mobility-domain on Show mobility-domain config on WSS# set mobility-domain member Set mobility-domain mode seed domain-name WSS# set mobility-domain mode member secondary-seed-ipClear mobility-domain member on Show mobility-domain on Show mobility-domain config Syntax show mobility-domain configWSS# show mobility-domain config Show mobility-domain Show mobility-domain Output Syntax show mobility-domainWSS# show mobility-domain Mobility Domain Commands NN47250-100 Version Network Domain Commands Clear network-domainSyntax clear network-domain 23x0# clear network-domain Clear network-domain mode Syntax clear network-domain mode seed memberClear network-domain peer Syntax clear network-domain peer ip-addrall Set network-domain mode member seed-ip See Also set network-domain mode member seed-ip onClear network-domain seed-ip See Also set network-domain peer on WSS# set network-domain mode member seed-ip Set network-domain peerSyntax set network-domain peer ip-addr Clear network-domain on Show network-domain on Set network-domain mode seed domain-name WSS# set network-domain mode seed domain-name CaliforniaSet network domain peer command Show network-domain Show network-domain Output Syntax show network-domainWSS# show network-domain Output if WSS is the Network Domain seed Output if WSS is a Network Domain member Network Domain Commands NN47250-100 Version AP Commands Set ap radio mode onSet ap upgrade-firmware on Set ap radio radio-profile on Set service-profileweb-portal-acl on Set service-profileauth-psk onSet service-profilewpa-ie on Set service-profilersn-ie on Set service-profile cipher-wep104 on Set service-profile cipher-wep40 onSet service-profile psk-phrase on Set service-profile psk-raw on Set radio-profileauto-tunepower-config on Set radio-profileauto-tunepower-interval onSet radio-profileauto-tunepower-lockdown on Set ap radio auto-tunemax-power on Clear ap image Syntax clear ap ap-numberimage Clear ap local-switching vlan-profile Syntax clear ap ap-numberlocal-switching vlan-profileWSS# clear ap 7 local-switching vlan-profile See Also set ap image on Clear ap radio Radio-Specific ParametersSyntax clear ap port-listap ap-numradio 1 2 all Radio 802.11b/g-6 802.11a-Lowest validChannel number for Country of operation Option dap removed for AP Clear ap boot-configuration Syntax clear ap boot-configuration ap-numWSS# clear ap 1 boot-configuration Clear ap radio load-balancing group Clear radio-profile Clear service-profile Long-retryShort-retry Countermeasures parameter added Soda failure-page Soda remediation-aclSoda success-page Soda logout-page Reset ap Set ap autoOption force-image-download added Option radio num auto-tune min-client-rate Configurable Profile Parameters for APs WSS# set ap auto Set ap auto mode Syntax set ap auto mode enable disableWSS# set ap auto mode enable Set ap auto persistent Set ap auto radiotype 11a-802.11aSyntax set ap auto persistent ap-numall WSS# set ap auto persistent 10 success change accepted Set ap bias WSS# set ap auto radiotype 11bSyntax set ap port-listap ap-numauto bias high low See Also show ap config on Syntax set ap port-list ap ap-num auto blink enable disableSet ap blink WSS# set ap 1 bias low Set ap boot-configuration ip WSS# set ap 3-4 blink enableMode enable disable Enables or disables the static IP address for the AP Set ap boot-configuration mesh mode Set ap boot-configuration mesh psk-phraseWSS# set ap 7 boot-configuration mesh mode enable Set ap boot-configuration mesh psk-raw Syntax set ap ap-numberboot-configuration mesh psk-raw hex Set ap boot-configuration mesh ssid WSS# set ap 7 boot-configuration mesh ssid wlan-mesh Set ap boot-configuration switch Switch-ip ip-addr Set ap boot-configuration vlan Enables or disables use of the specified Vlan tag on the APVlan-tag tag-value Vlan tag value. You can specify a number from Set ap security on Show ap config on Show ap status on Set ap fingerprintSet ap force-image-download Syntax set ap num fingerprint hex WSS# set ap 69 force-image-download enable Set ap groupSyntax set ap port-list ap ap-num auto group name Auto on Show ap config on Show ap group on Set ap imageWSS# set ap 1,4,7 group loadbalance1 WSS# set ap 4 group none Set ap local-switching mode Set ap local-switching vlan-profileSyntax set ap ap-numberlocal-switching mode enable disable WSS# set ap 7 local-switching mode enable WSS# set ap 7 local-switching vlan-profile locals Set ap nameSyntax set ap port-list ap ap-numname name Set ap radio antenna-location WSS# set ap 1 name techpubsWSS# set ap 22 radio 1 antenna-location outdoor Indoors Set ap radio antennatype See Also set ap radio antennatype on Ap port-list Ap ap-num radio 1 radio Set ap radio auto-tune max-power WSS# set ap 7 radio 1 auto-tune max-power Set ap radio auto-tune max-retransmissionsSet ap radio auto-tune min-client-rate Deprecated in WSS Software Version WSS# set ap 11 radio 1 channel 1 tx-power Set ap radio tx-power on Show ap config onSet ap radio channel WSS# set ap 5 radio 1 channel Set ap radio min-tx-datarate Set ap radio link-calibrationSet ap radio load-balancing Ap ap-number Syntax set ap ap-numradio 1 2 load-balancing enable disable WSS# set ap 7 radio 1 load-balancing disableSet ap radio load-balancing group Set ap radio mode Syntax set ap port-listauto radio 1 2 mode enable disableWSS# set ap 7 radio 1 load-balancing group room1 WSS# set ap 1-5 radio 1 mode enable WSS# set ap 1-3 radio 2 mode enableSet ap radio radio-profile Radio-profile name Set ap radio tx-power WSS# set ap 5 radio 1 tx-power Set ap radio channel on Show ap config on Set ap security Syntax set ap security require optional noneWSS# set ap security none Set ap upgrade-firmware Syntax set ap port-listauto upgrade-firmware enable disableWSS# set ap 9 upgrade-firmware disable Set ap sticky-bit Set load-balancing mode Syntax set load-balancing mode enable disableSyntax set band-preference none 11bg 11a WSS# set band-preference 11a WSS# set load-balancing mode disable Set load-balancing strictnessSyntax set load-balancing strictness low med high max Max Syntax set radio-profile name active-scan enable disable Set radio-profile 11g-onlySet radio-profile active-scan WSS# set load-balancing strictness max Set radio-profile auto-tune channel-config WSS# set radio-profile radprof3 active-scan disableSet radio-profile auth-dot1x Set radio-profile auth-psk WSS# set radio-profile rp2 auto-tune channel-config disable Set radio-profile auto-tune channel-holddownWSS# set radio-profile rp2 auto-tune channel-holddown Set radio-profile auto-tune channel-interval WSS# set radio-profile rp2 auto-tune channel-interval Set radio-profile auto-tune power-backoff-timer Set radio-profile auto-tune power-configSet radio-profile auto-tune channel-lockdown Syntax set radio-profile name auto-tune channel-lockdown Set radio-profile auto-tune power-interval WSS# set radio-profile rp2 auto-tune power-config enableDefaults The default power tuning interval is 300 seconds Started Set radio-profile auto-tune power-lockdown WSS# set radio-profile rp2 auto-tune power-intervalSyntax set radio-profile name auto-tune power-lockdown WSS# set radio-profile rp2 auto-tune power-lockdown Set radio-profile auto-tune power-ramp-interval WSS# set radio-profile rp2 auto-tune power-ramp-intervalSet radio-profile beacon-interval Syntax set radio-profile name beacon-interval interval Set radio-profile beaconed-ssid Set radio-profile cipher-ccmpSet radio-profile cipher-tkip Set radio-profile cipher-wep104 Configured Set radio-profile countermeasuresWSS# set radio-profile radprof3 countermeasures rogue Rogue Set radio-profile crypto-ssid Set radio-profile dtim-interval Set radio-profile frag-threshold Syntax set radio-profile name frag-threshold thresholdWSS# set radio-profile rp1 frag-threshold Set radio-profile long-retry Set radio-profile max-rx-lifetimeSet radio-profile max-tx-lifetime Set radio-profile mode Defaults for Radio Profile ParametersSyntax set radio-profile name mode enable disable WSS# set radio-profile rp1 max-tx-lifetime Rfid-mode Disable Service-profileWmm-powersave Disable Countermeasures Wmm-powersave 11g-onlyRfid-mode Set radio-profile preamble-length Set radio-profile psk-phraseSet radio-profile psk-raw Syntax set radio-profile name preamble-length long short Set radio-profile qos-mode Set radio-profile rate-enforcementSyntax set radio-profile name qos-mode svp wmm WSS# set radio-profile rp1 qos-mode svp Enables data rate enforcement for the radios in the radio Disables data rate enforcement for the radios in the radioSet radio-profile rfid-mode Syntax set radio-profile name rfid-mode enable disable WSS# set radio-profile rfid-mode enableSet radio-profile rts-threshold Syntax set radio-profile name rts-threshold threshold Set radio-profile service-profile Defaults for Service Profile ParametersSyntax set radio-profile name service-profile name Cipher-ccmp Disable Cipher-tkip EnableCipher-wep104 Disable Cipher-wep40 Disable No-broadcast Disable Proxy-arp DisableRsn-ie Disable Shared-key-auth Disable 12.0,24.0 Auto2.0 2.0,5.5,11.0 Portal-acl setting TimeoutWpa-ie Disable Web-portal-acl Portalacl WSS# set radio-profile rp2 service-profile wpaclients Set radio-profile shared-key-auth Set radio-profile short-retrySet radio-profile tkip-mc-time Set radio-profile wep active-multicast-index Set radio-profile wmm-powersave Syntax set radio-profile name wmm-powersave enable disableWSS# set radio-profile rp1 wmm-powersave enable See set service-profilewpa-ie on Set service-profile attr Syntax set service-profile name attr attribute-name valueWSS# set service-prof sp2 attr vlan-name blue Set service-profile auth-dot1x WSS# set service-prof sp2 attr mobility-profile tulipSyntax set service-profile name auth-dot1x enable disable WSS# set service-profile wpaclients auth-dot1x disable Set service-profile auth-fallthru Last-resortWeb-portal Set service-profile auth-psk WSS# set service-profile rndlab auth-fallthru web-portalSyntax set service-profile name auth-psk enable disable WSS# set service-profile wpaclients auth-psk enable Set service-profile beacon Set service-profile bridgingSyntax set service-profile name beacon enable disable Mesh-service-profile Mesh service profile Set service-profile cac-mode Syntax set service-profile name cac-mode none sessionWSS# set service-profile sp1 cac-mode session Set service-profilecac-session on Show service-profile on Set service-profile cac-session Set service-profile cipher-ccmpSyntax set service-profile name cac-session max-sessions WSS# set service-profile sp1 cac-session Set service-profile cipher-tkip WSS# set service-profile sp2 cipher-ccmp enableSyntax set service-profile name cipher-tkip enable disable WSS# set service-profile sp2 cipher-tkip disable Set service-profile cipher-wep104 WSS# set service-profile sp2 cipher-wep104 enableEnables 104-bit WEP encryption for WPA clients Set service-profile cipher-wep40 Set service-profile cosSyntax set service-profile name cipher-wep40 enable disable WSS# set service-profile sp2 cipher-wep40 enable Set service-profile dhcp-restrict Syntax set service-profile name cos levelWSS# set service-profile sp1 cos WSS# set service-profile sp1 dhcp-restrict enable Set service-profile idle-client-probing Set service-profile keep-initial-vlanWSS# set service-profile sp1 idle-client-probing disable Enables keepalives Set service-profile load-balancing-exempt See Also show service-profile onWSS# set service-profile sp3 keep-initial-vlan enable Set service-profile long-retry-count WSS# set service-profile sp3 load-balancing-exempt enableSyntax set service-profile name long-retry-count threshold WSS# set service-profile sp1 long-retry-count Set service-profile mesh Set service-profile no-broadcastSyntax set service-profile name mesh mode enable disable Enables mesh services for the service profile Set service-profile proxy-arp Syntax set service-profile name no-broadcast enable disableWSS# set service-profile sp1 no-broadcast enable Syntax set service-profile name proxy-arp enable disable Set service-profile psk-phrase WSS# set service-profile sp1 proxy-arp enableSyntax set service-profile name psk-phrase passphrase Set service-profile psk-raw Set service-profile rsn-ieSyntax set service-profile name psk-raw hex Set service-profile shared-key-auth Syntax set service-profile name rsn-ie enable disableWSS# set service-profile sprsn rsn-ie enable Set service-profile short-retry-count WSS# set service-profile sp4 shared-key-auth enableSyntax set service-profile name short-retry-count threshold WSS# set service-profile sp1 short-retry-count Set service-profile soda agent-directory Set service-profile soda enforce-checksNetwork Set service-profile soda failure-page WSS# set service-profile sp1 enforce-checks disableSyntax set service-profile name soda failure-page Set service-profile soda mode on Show service-profile on Set service-profile soda logout-page Syntax set service-profile name soda logout-page Set service-profile soda mode WSS# set service-profile sp1 soda logout-page logout.htmlSyntax set service-profile name soda mode enable disable WSS# set service-profile sp1 soda mode enable Set service-profile soda remediation-acl Set service-profile soda success-pageSyntax set service-profile name soda success-page Set service-profile ssid-name WSS# set service-profile sp1 soda success-page success.htmlSyntax set service-profile name ssid-name ssid-name Set service-profile ssid-type Set service-profile static-cosWSS# set service-profile clearwlan ssid-name guest Syntax set service-profile name ssid-type clear crypto Set service-profile tkip-mc-time Syntax set service-profile name static-cos enable disableWSS# set service-profile sp1 static-cos enable Syntax set service-profile name tkip-mc-time wait-time Set service-profile transmit-rates WSS# set service-profile sp3 tkip-mc-time11g-1.0, 2.0, 5.5, 6.0, 9.0, 11.0, 12.0, 18.0 Beacon-rate rate Multicast-rateBeacon-rate Set service-profile user-idle-timeout Set service-profile web-portal-aclSyntax set service-profile name user-idle-timeout seconds WSS# set service-profile sp1 user-idle-timeout Set service-profile web-portal-form Syntax set service-profile name web-portal-acl aclnameWSS# set service-profile sp3 web-portal-acl creditsrvr Syntax set service-profile name web-portal-form url WSS# mkdir corpa WSS# dir corpa Set service-profile web-portal-logout Set service-profile web-portal-logout logout-urlSet service-profile web-portal-session-timeout WSS# set service-profile sp1 web-portal-logout mode enable Set service-profile wep active-multicast-index WSS# set service-profile sp1 web-portal-session-timeout Set service-profile wep active-unicast-index WSS# set service-profile sp2 wep active-multicast-indexWSS# set service-profile sp2 wep active-unicast-index Set service-profile wep key-index Set service-profile wpa-ieSyntax set service-profile name wep key-index num key value WSS# set service-profile sp2 wep key-index 1 key aabbccddee WSS# set service-profile sp2 wpa-ie enable Show ap arpSyntax show ap arp ap-number WSS# show ap arp Show ap config Syntax show ap config port-listradio 1Set ap local-switching mode on Set vlan-profile Output for show ap arp WSS# show ap config Output for show ap config 802.11a 802.11b802.11g Show ap unconfigured on Show radio-profile on Show ap countersSyntax show ap counters port-listradio 1 WSS# show ap counters Output for show ap counters Use the show sessions network session-id session-idcommand Output for show ap counters Show ap dual-home See Also show sessions network on Show ap fdb Output for show ap fdbSyntax show ap fdb ap-number WSS# show ap fdb Show ap qos-stats WSS# show ap qos-statsClears the counters after displaying their current values Show ap etherstats Output for show ap qos-statsSyntax show ap etherstats port-listap-num WSS# show ap etherstats Output for show ap etherstats Show ap group Show ap mesh-linksSyntax show ap mesh-links ap-number WSS# show ap mesh-links Show ap status Output for show ap mesh-linksSyntax show ap status terse port-listall radio 1 Terse Radio state information, to indicate when an Configured antenna model numberPower settings that are configured by RF Auto Tuning WSS# show ap status terse Output for show ap status But has not yet begun booting Booting-The AP has asked the WSS for a bootImage downloading-The AP is receiving a boot Image downloaded-The AP has received a boot Configure succeed state indicates that the AP Has received configuration parameters forProtection mode remains in effect until Sweep Mode indicates that a disabled radio is But no external antenna is configured on Antenna is configured on the radio but noIndicates that an external antenna was detected Radio Show ap vlan Output for show ap status terse and show ap status terse Set vlan-profile Set ap local-switching mode on Output for show ap vlanSyntax show ap vlan ap-number WSS# show ap vlan Show auto-tune attributes Output for show auto-tune attributesSyntax show auto-tune attributes ap ap-numradio 1 2all WSS# show auto-tune attributes ap 2 radio Set radio-profileauto-tunepower-backoff-timer on Show auto-tune neighborsSyntax show auto-tune neighbors ap ap-numradio 1 2all Output for show auto-tune neighbors Rssi Show ap boot-configuration Output for show ap boot-configurationSyntax show ap boot-configuration ap-num WSS# show ap boot-configuration Show ap connection Syntax show ap connection ap-numserial-id serial-IDConnection Serial-id serial-ID Show ap config on Show ap global on Show ap unconfigured on Output for show ap connectionWSS# show ap connection Total number of entries WSS# show ap connection serial-id Show ap global Output for show ap globalSyntax show ap global ap-numserial-id serial-ID WSS# show ap global Show ap unconfigured Syntax show ap unconfiguredWSS# show ap unconfigured Output for show ap unconfigured This WSS switch as a memberShow load-balancing group Show ap connection on Show ap global on Show radio-profile Output for show load-balancing groupWSS# show load-balancing group blue Syntax show radio-profile name ? WSS# show radio-profile default Output for show radio-profile Wmm-AP forwarding queues provide standard Priority handling for WMM devicesSvp-AP forwarding queues are optimized for SpectraLink Voice Priority SVP Show service-profile Syntax show service-profile name ? Profile output Output for show service-profile Crypto-Wireless traffic for the Ssid isClear-Wireless traffic for the Ssid is Unencrypted Last-resort-Automatically authenticates the user Allows access to the Ssid requested byUser, without requiring a username and password None-Denies authentication and prohibits None-CAC is disabled None-The key is not configuredPreset-The key is configured Session-CAC is based on the number of active Radios in the radio profile mapped to this service Authentication-Lists the authentication methods802.1X-dynamic authentication PSK-preshared key authentication FieldDescription AP Commands AP Commands NN47250-100 Version STP Commands Set spantree uplinkfast onShow spantree uplinkfast on Clear spantree portcost Clear spantree portpri Resets the cost for all VLANs Clear spantree portvlancostClear spantree portvlanpri Clear spantree statistics Syntax clear spantree portvlanpri port-listall vlan vlan-idSyntax clear spantree statistics port-listvlan vlan-id WSS# clear spantree statistics 5,11,19-22 Set spantree Set spantree backbonefastSee Also show spantree statistics on See Also show spantree on Set spantree fwddelay Set spantree helloSee Also show spantree backbonefast on Set spantree maxage Set spantree portcost Snmp Port Path Cost Defaults Syntax set spantree portfast port port-listenable disableSet spantree portfast WSS# set spantree portcost 3,4 cost Set spantree portpri Set spantree portvlancostSee Also show spantree portfast on Set spantree portvlanpri WSS# set spantree portvlancost 3,4 cost 20 vlan mauveCost cost All Priority value All Set spantree priority Set spantree uplinkfast WSS# set spantree uplinkfast enable WSS# show spantree vlan defaultShow spantree See Also show spantree uplinkfast on Bridge Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Output for show spantree Show spantree backbonefast See Also show spantree blockedports onSyntax show spantree backbonefast WSS# show spantree blockedports vlan default Show spantree blockedportsSee Also set spantree backbonefast on WSS# show spantree backbonefast Show spantree portfast Syntax show spantree portfast port-listWSS# show spantree portfast Uplink fast convergence information for all ports Show spantree portvlancost Output for show spantree portfastSee Also set spantree portfast on Syntax show spantree portvlancost port-list Show spantree statistics Syntax show spantree statistics port-listvlan vlan-idWSS# show spantree statistics Statistics for all ports Inactive Output for show spantree statistics Output for show spantree statistics Output for show spantree statistics Show spantree uplinkfast Output for show spantree uplinkfastSee Also clear spantree statistics on Syntax show spantree uplinkfast vlan vlan-id See Also set spantree uplinkfast on STP Commands NN47250-100 Version Igmp Snooping Commands Clear igmp statisticsSyntax clear igmp statistics vlan vlan-id Statistics Show igmp statistics on Clear igmp statistics on Set igmp Set igmp lmqiSee Also show igmp statistics on See Also show igmp on Set igmp mrouter Set igmp mrsolSee Also show igmp mrouter on Set igmp mrsol mrsi Set igmp oqiSee Also set igmp mrsol mrsi on See Also set igmp mrsol on Syntax set igmp proxy-report enable disable vlan vlan-id Set igmp proxy-reportWSS# set igmp oqi 200 vlan orange Vlan vlan-id WSS# set igmp proxy-report disable vlan orange Set igmp qiSet igmp qri Syntax set igmp qi seconds vlan vlan-id Syntax set igmp querier enable disable vlan vlan-id Set igmp querierSyntax set igmp qri tenth-seconds vlan vlan-id WSS# set igmp qri 50 vlan orange Set igmp receiver Set igmp rvSee Also show igmp querier on See Also show igmp receiver-table on Show igmp WSS# set igmp rv 4 vlan orangeSyntax show igmp vlan vlan-id WSS# show igmp vlan orange Output for show igmp Dvmrp PIM Conf Static multicast port configured by an AdministratorMadv-Multicast advertisement Quer-IGMP query Show igmp mrouter Syntax show igmp mrouter vlan vlan-idWSS# show igmp mrouter vlan orange Show igmp querier Output for show igmp mrouterSyntax show igmp querier vlan vlan-id Set igmp mrouter on Show igmp mrouter on WSS# show igmp querier vlan orange WSS# show igmp querier vlan default Show igmp receiver-tableOutput for show igmp querier See Also set igmp querier on WSS# show igmp receiver-table vlan orange WSS# show igmp receiver-table group 237.255.255.0/24WSS Software displays the multicast receivers on all VLANs Show igmp statistics Output for show igmp receiver-tableSee Also set igmp receiver on Syntax show igmp statistics vlan vlan-id Output for show igmp statistics See Also clear igmp statistics on Igmp Snooping Commands NN47250-100 Version Session Management Commands WSS# clear sessions adminClear sessions WSS# clear sessions console Clear sessions network See Also show sessions onWSS# clear sessions telnet client WSS# clear sessions network mac-addr Show sessions Console Telnet Show sessions network Show sessions telnet client OutputSee Also clear sessions on Mac-addr mac-addr Verbose output Session-id output WSS show sessions network WSS show sessions network mac-addr 00055d7e981aWSS show sessions network user E WSS show sessions network verbose Show sessions network summary Output WSS# show sessions network session-id Additional show sessions network verbose Description IP address and port number of the WSS managing the AP Serial number and radio number of the APAmount of time the session has been on this AP AAA-VLAN is from Radius or the local database Show sessions network session-id Output DOT1X See Also clear sessions network on Session Management Commands NN47250-100 Version Security ACL Commands Clear security aclSyntax clear security acl acl-name all editbuffer-index Clears all security ACLs WSS# show security acl info all Set security acl ip acl133 hits #1Set security acl ip acl134 hits #3 Set security acl ip acl135 hits #2 Clear security acl map WSS# clear security acl map acljoe port 4Out Commit security acl WSS# clear security acl map allSyntax commit security acl acl-nameall Type Class Mapping Hit-sample-rate Rollback security aclSee Also show security acl on Syntax rollback security acl acl-nameall Set security acl By UDP packets Any Minimum delay Routine precedencePriority precedence Immediate precedence WSS# set security acl ip acl123 deny 192.168.2.11 WSS# commit security acl all Set security acl map WSS set security acl map acl133 port 4WSS port or ports Tag tag-list Configuration file Set security acl hit-sample-rateSyntax set security acl hit-sample-rate seconds Set security acl ip acl153 hits #3 Show security acl Show security acl dscpWSS# show security acl hits Index Counter ACL-name Show security acl editbuffer Show security acl hitsSyntax show security acl info all editbuffer WSS# show security acl editbuffer Show security acl info Syntax show security acl hitsSyntax show security acl info acl-nameall editbuffer WSS# show security acl info Show security acl map Show security acl resource-usage Show security acl resource-usage Output True-A default action types is defined False-No default action type is definedTrue-Security ACLs are mapped False-No security ACLs are mapped True-Security ACLs are mapped to incoming traffic False-No security ACLs are mapped to incoming Cryptography Commands Crypto ca-certificate EapPEM-formatted Certificate WSS# crypto certificate admin Crypto certificateSee Also show crypto ca-certificate on Crypto generate key Crypto generate request on Crypto generate self-signed onDomain Ssh WSS# crypto generate key admin Syntax crypto generate request admin eap webCrypto generate request See Also show crypto key ssh on WSS# crypto generate request admin Email Address admin@example.comWebaaa option renamed to web Maximum string length for State Name increased Syntax crypto generate self-signed admin eap web Crypto generate self-signedCrypto certificate on Crypto generate key on WSS# crypto generate self-signed admin Syntax crypto otp admin eap web one-time-passwordCrypto otp Syntax crypto pkcs12 admin eap web file-location-url Crypto pkcs12See Also crypto pkcs12 on WSS# crypto generate otp eap hap9iN#ss See Also crypto otp on WSS# copy tftp//192.168.253.1/2048full.p12 2048full.p12WSS# crypto otp eap hap9iN#ss WSS# crypto pkcs12 eap 2048full.p12 Syntax show crypto ca-certificate admin eap web Show crypto ca-certificateShow crypto ca-certificate Output WSS# show crypto ca-certificate Syntax show crypto certificate admin eap web Show crypto certificateCrypto certificate Output WSS# show crypto certificate eap Show crypto key domain Show crypto key sshSee Also crypto generate key on Cryptography Commands NN47250-100 Version Radius and Server Groups Commands Syntax clear radius deadtime key retransmit timeoutClear radius Clear server group on Clear radius client system-ip Clear radius proxy client Clear radius proxy portSee Also set radius proxy client on See Also set radius proxy port on Clear radius server Clear server group Set radius See Also set server group on Set radius client system-ip Set radius proxy client Set radius proxy portSyntax set radius proxy client address ip-address WSS# set radius proxy client address 10.20.20.9 key radkey1 Set radius server WSS# set radius proxy port 3-4 tag 104 ssid mycorpSsid ssid-name Ssid supported by the third-party AP Encrypted-key-No key Author-password-nortel Set server group Members server 23x0# set server group shorebirds load-balance enable 23x0# set server group shorebirds load-balance disableSet server group load-balance Group-name Server group name of up to 32 characters Radius and Server Groups Commands NN47250-100 Version 802.1X Management Commands Clear dot1x bonded-period Clear dot1x max-reqSyntax clear dot1x max-req WSS# clear dot1x bonded-period Clear dot1x port-control Clear dot1x quiet-periodClear dot1x reauth-max Clear dot1x timeout auth-server Clear dot1x reauth-period Clear dot1x timeout supplicant Clear dot1x tx-period Syntax set dot1x authcontrol enable disable WSS# set dot1x authcontrol enableSet dot1x authcontrol Set dot1x bonded-period Set dot1x key-tx Set dot1x max-reqSee Also show dot1x on Set dot1x port-control WSS# set dot1x max-reqWSS# set dot1x port-control forceauth Set dot1x quiet-period Set dot1x reauth Set dot1x reauth-max Set dot1x reauth-period Set dot1x timeout auth-server Set dot1x timeout supplicant Syntax set dot1X wep-rekey enable disable Set dot1x tx-periodSet dot1x wep-rekey Syntax set dot1x tx-period seconds Set dot1x wep-rekey-period Show dot1x WSS# show dot1x config WSS# show dot1x clients Show dot1x stats Output WSS # show dot1x stats 520 802.1X Management Commands RF Detection Commands Rogue Information Show rfdetect clients onShow rfdetect data on Show rfdetect visible on Clear rfdetect attack-list Clear rfdetect black-listSyntax clear rfdetect attack-list mac-addr Syntax clear rfdetect black-list mac-addr Clear rfdetect ignore Clear rfdetect ssid-list Clear rfdetect vendor-list Set rfdetect attack-listSyntax clear rfdetect vendor-list client ap mac-addrall WSS# clear rfdetect vendor-list client aabbcc000000 Set rfdetect black-list Set rfdetect ignore Syntax set rfdetect log enable disable 23x0# set rfdetect log enableSet rfdetect log 23x0# set rfdetect ignore aabbcc112233 Set rfdetect signature Set rfdetect ssid-listSee Also show log buffer on Set rfdetect vendor-list WSS# set rfdetect ssid-list mycorpSyntax set rfdetect vendor-list client ap mac-addr WSS# set rfdetect vendor-list client aabbcc000000 Show rfdetect attack-list Show rfdetect black-list Show rfdetect clients Show rfdetect clients OutputSyntax show rfdetect clients mac mac-addr WSS# show rfdetect clients mac 000c4163fd6d Show rfdetect clients mac Output Show rfdetect countermeasures Syntax show rfdetect countermeasuresWSS# show rfdetect countermeasures Show rfdetect counters Show rfdetect countermeasures OutputSee Also set radio-profile countermeasures on Syntax show rfdetect counters Show rfdetect data Syntax show rfdetect data Show rfdetect data Output Show rfdetect ignore Show rfdetect mobility-domainSyntax show rfdetect ignore WSS# show rfdetect ignore Total number of entries Bssid and ssid options added Vendor, Type, and Flags fields addedWSS# show rfdetect mobility-domain WSS# show rfdetect mobility-domain ssid nrtl-webaaa Show rfdetect mobility-domain Output Show rfdetect mobility-domain ssid or bssid Output Show rfdetect ssid-list Show rfdetect vendor-list Show rfdetect visibleSyntax show rfdetect vendor-list WSS# show rfdetect vendor-list Show ap status command Mac-addr Base MAC address of the Nortel radioShows neighbor information for radio Version Vendor, Type, and Flags fields added Rfping Show rfdetect visible OutputSyntax rfping mac mac-addrsession-id session-id Show rfdetect data on Show rfdetect mobility-domain on Rfping Output WSS# rfping mac 000e9bbfad13 File Management Commands Backup Syntax backup system tftp/ip-addr/filenameall critical WSS# backup system tftp/10.10.20.9/sysabak criticalDir on Restore on Tftp/ip-addr / filename Clear boot backup-configuration Clear boot configCopy Syntax copy source-url destination-url Source-urlDestination-url Be one of the following WSS# copy tftp//10.1.1.107/WSS020101.020 boot1WSS020101.020 DeleteWSS# copy floorwss tftp//10.1.1.1/floorwss WSS# copy tftp//10.1.1.1/closetwss closetwss WSS# copy testconfig tftp//10.1.1.1/testconfig WSS# delete testconfigSyntax dir subdirname file core boot0 boot1 Dir WSS# dir WSS# dir oldWSS# dir file Install soda agent WSS# dir boot0Output for dir WSS# dir core Load config WSS# install soda agent soda.ZIP agent-directory sp1Syntax load config url Uninstall soda agent on Set service-profile soda mode on WSS# load config WSS# load config testconfig1Syntax md5 boot0 boot1filename Save config on Show boot on Show config on Pubs# md5 boot0WSS040003.020 MkdirSyntax mkdir subdirname WSS# mkdir corp2 Reset system Syntax reset system forceWSS# reset system Restore Save config See Also backup onRmdir Set boot backup-configuration Syntax save config filenameWSS# save config testconfig1 Syntax set boot backup-configuration filename Set boot configuration-file Set boot partition Show boot New fields, Configured boot version and BackupBoot configuration, added Output for show boot Show config Syntax show config area area allConfiguration area. You can specify one of the following Area area Show version New options added for remote traffic monitoring snoopRfdevice changed to rfdetect WSS# show version details Uninstall soda agent See Also show boot onSyntax uninstall soda agent agent-directory directory WSS# uninstall soda agent agent-directory sp1 Install soda agent on Set service-profile soda mode on File Management Commands NN47250-100 Version Trace Commands Clear log traceSyntax clear log trace WSS# clear log trace Clear trace Save trace Set trace authentication Set trace authorizationWSS# set trace authentication user jose WSS# save trace traces/trace1 Level 5 is the default Set trace dot1xUser-readable information. If you do not specify a level Set trace sm WSS# set trace sm mac-addr Show trace Syntax show trace allWSS# show trace Snoop Commands Clear snoopSyntax clear snoop filter-name WSS# clear snoop snoop1 Clear snoop map WSS# clear snoop map snoop2 ap 3 radioWSS# clear snoop map all Examples clear snoop map filter-nameap ap-numradio 1 Set snoop Set snoop map WSS# set snoop snoop1 observer 10.10.30.2 snap-lengthExamples set snoop map filter-nameap ap-numradio 1 Set snoop mode Enable Stop-after num-pktsWSS# set snoop map snoop1 ap 3 radio Filter. See show snoop stats on WSS# set snoop snoop1 mode enable stop-after Show snoopSyntax show snoop WSS# show snoop Show snoop info Show snoop map Show snoop stats Clear snoop map on Set snoop map on Show snoop onExamples show snoop stats filter-nameap-numradio 1 Show snoop stats Output Snoop Commands NN47250-100 Version System Log Commands Clear logSyntax clear log buffer server ip-addr WSS# clear log server Logging state enabled or disabled Set logSeverity Defaults Set log mark See Also show log config on Set log trace mbytesShow log buffer Reboot or shut down Error-The WSS is missing data or is unable toProblems have occurred. These are logged for Diagnostic purposes. No action is required Show log config Syntax show log configWSS# show log config Show log trace Conditions are not resolved, the WSS can reboot Error-The WSS is missing data or is unable to formPositive number for example, +100, displays that Number of log entries starting from the oldest WSS# show log trace facility ? WSS# show log trace +5 facility Rogue System Log Commands NN47250-100 Version Boot Prompt Commands Autoboot See Also boot onSyntax autoboot on on OFF off Boot autoboot Boot Boot boot FN=WSS010101.020 DEV=boot1 ChangeChange on Show on Boot change Boot on Create on Delete on Dhcp on Next on Show on Boot create CreateChange on Delete on Next on Show on Boot delete Boot dhcpDhcp Syntax dhcp on on OFF off Syntax dir c d e f boot0 boot1 Boot dirDiag Fver on Version on Syntax fver c d e f boot0 boot1 filename Boot fver boot1Syntax help command-name Fver Boot help fver See Also ls on Reset Boot nextNext See Also help on Boot reset Show Compact flash. Boots using nonvolatile Boot showOutput for show Storage or a flash card Nonvolatile storage area containing boot PartitionPrimary partition of the flash card in the flash Secondary partition of the flash card Boot version Enables the poweron test flagTest Version Dir on Fver on Command Index Numerics NN47250-100 320658-G Version Delete 539 Command Index 282 340 Command Index Command Index MAC addresses 12 in user globs Vlan globs Command Index NN47250-100 320658-G Version Page Nortel WLAN-Security Switch 2300 Series Release