Nortel Wlan Security Switch 2300 Series Configuration Guide
Trademarks
Copyright Nortel Networks Limited 2005. All rights reserved
Restricted rights legend
Statement of conditions
Nortel Inc. software license agreement
USA requirements only
Legal Information
Limited Product Warranty
Limited Warranty
Software License Agreement
Nortel Wlan Security Switch 2300 Series Configuration Guide
SSH Source Code Statement
OpenSSL Project License Statements
Class a Statement RF Radiation Hazard Warning
Deployment Statement
320657-A
Contents
Configuring and Managing Ports and VLANs
Configuring and Managing IP Interfaces and Services
Configuring Snmp
Configuring and Managing Mobility Domain Roaming
Configuring AP access points
Wi-Fi Multimedia
Configuring and Managing Igmp Snooping
Managing Keys and Certificates
Configuring AAA for Network Users
Configuring Communication with Radius
Managing 802.1X on the WSS Switch
Managing System Files
Troubleshooting a WS Switch
Supported Radius Attributes
Contents 320657-A
Getting Help over the phone from a Nortel Solutions Center
How to get Help
Getting Help from the Nortel Web site
Getting Help through a Nortel distributor or reseller
Nortel Wlan 2300 System
Introducing the Nortel Wlan 2300 System
Documentation
Planning, Configuration, and Deployment
Safety and Advisory Notices
Text and Syntax Conventions
Menu Name Command
Bold text
CLI Conventions
Using the Command-Line Interface
NT-mm-nnnnnn
Command Prompts
Syntax Notation
Set port enable disable port-list
Clear interface vlan-idip
Clear fdb dynamic port port-list vlan vlan-id
MAC Address Notation
Text Entry Conventions and Allowed Characters
IP Address and Mask Notation
User Wildcards
User Wildcards, MAC Address Wildcards, and Vlan Wildcards
MAC Address Wildcards
0001
Matching Order for Wildcards
Vlan Wildcards
000102 00010203 0001020304
23x0# reset port
23x0# set port enable
Port Lists
23x0# show port poe 1,2,4,13
Virtual LAN Identification
Command-Line Editing
Keyboard Shortcuts Function
Keyboard Shortcuts
History Buffer
Tabs
Single-Asterisk * Wildcard Character
Double-Asterisk ** Wildcard Characters
23x0# help Commands
Using CLI Help
23x0# show i?
Server Status Port Enabled
Understanding Command Descriptions
23x0# show ip telnet
Set ap dap name
Overview of AAA for Administrative and Local Access
Configuring AAA for Administrative and Local Access
Configuring AAA for Administrative and Local Access
Typical Nortel Wlan 2300 System
Before You Start
About Administrative Access
Access Modes
Types of Administrative Access
First-Time Configuration using the Console
Password
Enabling an Administrator
23x0 enable
Username
Setting the WSS Enable Password for the First Time
Setting the WSS Switch Enable Password
WMS Enable Password
23x0# set enablepass
Configuring AAA for Administrative and Local Access
23x0# set authentication console * local
Authenticating at the Console
Customizing AAA with Wildcards and Groups
Setting User Passwords
Adding and Clearing Local Users for Administrative Access
Configuring Accounting for Administrative Users
Set user username password password
Success User Jose created
23x0# show accounting statistics
Saving the Configuration
Displaying the AAA Configuration
23x0# save config configday
23x0# show aaa
Administrative AAA Configuration Scenarios
Local Authentication
23x0# set server group sg1 members r1
Success change accepted
Local Override and Backup Local Authentication
Authentication When Radius Servers Do Not Respond
Configuring and Managing Ports
Configuring and Managing Ports and VLANs
Vlan
Setting the Port Type
Show version
WSS 2380 40 AP Software License Upgrade
Setting a Port for a Directly Connected AP access port
23x0# set port type ap 4-6 model 2330 poe enable
Setting a Port for a Wired Authentication User
Configuring for a Distributed AP
Clearing a Port
23x0# set port type wired-auth
Clear port type port-list
23x0# clear port type
Clearing a Distributed AP
Clear dap dap-num
Setting a Port Name
Configuring a Port Name
Removing a Port Name
Clear port preference port-list
Set port preference port-listrj45
Show port preference port-list
RJ45
10/100 Ports-Autonegotiation and Port Speed
Configuring Port Operating Parameters
Gigabit Ports-Autonegotiation and Flow Control
Disabling or Reenabling a Port
Disabling or Reenabling Power over Ethernet
Set port poe port-listenable disable
Resetting a Port
Reset port port-list
Displaying Port Information
Displaying Port Configuration and Status
Displaying PoE State
Show port status port-list
Clearing Statistics Counters
Displaying Port Statistics
Monitoring Port Statistics
23x0# monitor port counters
Configuring a Port Group
Configuring Load-Sharing Port Groups
Load Sharing
Link Redundancy
Removing a Port Group
Configuring and Managing VLANs
Displaying Port Group Information
Interoperating with Cisco Systems EtherChannel
VLANs, IP Subnets, and IP Addressing
Understanding VLANs in Nortel WSS Software
Users and VLANs
Roaming and VLANs
Vlan Names
Traffic Forwarding
Tunnel Affinity
802.1Q Tagging
Creating a Vlan
Configuring a Vlan
Adding Ports to a Vlan
Set vlan vlan-numname name
23x0# set vlan red port 9-11,21
Removing an Entire Vlan or a Vlan Port
23x0# clear vlan red port
23x0# clear vlan marigold port 13 tag
23x0# clear vlan ecru
Set vlan vlan-idtunnel-affinity num
Changing Tunneling Affinity
23x0# show vlan config burgundy
Show vlan config vlan-id
Managing the Layer 2 Forwarding Database
Displaying Vlan Information
Types of Forwarding Database Entries
How Entries Enter the Forwarding Database
Displaying the Size of the Forwarding Database
Displaying Forwarding Database Information
Displaying Forwarding Database Entries
Show fdb count perm static dynamic vlan vlan-id
Adding an Entry to the Forwarding Database
23x0# set fdb static 002b3c4d5e6f port 1 vlan default
23x0# set fdb perm 00bbccddeeff port 3,5 vlan blue
23x0# clear fdb dynamic
Removing Entries from the Forwarding Database
23x0# clear fdb port 3,5
Configuring the Aging Timeout Period
Port and Vlan Configuration Scenario
Displaying the Aging Timeout Period
Changing the Aging Timeout Period
23x0# set port 7 name confroom2
23x0# set port 6 name confroom1
23x0# set port 8-13 name manufacturing
23x0# set system countrycode US
MAC
23x0# set port type ap 2-16 model 2330 poe enable
Port group backbonelink is up Ports 22
23x0# set port type wired-auth 17,18
Save the configuration. Type the following command
MTU Support
Configuring and Managing IP Interfaces and Services
Configuring and Managing IP Interfaces
Adding an IP Interface
Statically Configuring an IP Interface
Enabling the Dhcp Client
23x0# set interface corpvlan ip dhcp-client enable
Set interface vlan-idip dhcp-client enable disable
23x0# show interface
23x0# show dhcp-client
Interface Corpvlan4 Configuration Status Enabled Dhcp State
Set interface vlan-idstatus up down
Disabling or Reenabling an IP Interface
Removing an IP Interface
Displaying IP Interface Information
Configuring the System IP Address
Show interface vlan-id
Set system ip-address ip-addr
Designating the System IP Address
Show system
Displaying the System IP Address
Clearing the System IP Address
Configuring and Managing IP Routes
Clear system ip-address
Configuring and Managing IP Interfaces and Services 320657-A
Show ip route destination
Displaying IP Routes
23x0# show ip route
224.0.0.0/ 4 IP Local
Adding a Static Route
23x0# set ip route default 10.5.4.1
23x0# set ip route 192.168.4.0 255.255.255.0 10.5.4.2
23x0# clear ip route default
Managing the Management Services
Removing a Static Route
23x0# clear ip route 192.168.4.69/24
Session Timeouts
Login Timeouts
Managing SSH
Enabling SSH
Adding an SSH User
Changing the SSH Service Port Number
Show crypto key ssh
23x0# show crypto key ssh ec6f567fd1fdc02893aea4f97cf51304
Show sessions admin Clear sessions admin ssh session-id
Changing SSH Timeouts
23x0# show sessions admin
23x0# clear sessions admin ssh
Managing Telnet
Telnet Login Timers
Enabling Telnet
Adding a Telnet User
Resetting the Telnet Service Port Number to Its Default
Changing the Telnet Service Port Number
Managing Telnet Server Sessions
Managing Https
Configuring and Managing DNS
Enabling Https
Displaying Https Information
Configuring and Managing IP Interfaces and Services
Enabling or Disabling the DNS Client
Set ip dns enable disable
Adding a DNS Server
Configuring DNS Servers
Removing a DNS Server
Set ip dns server ip-addrprimary secondary
Adding the Default Domain Name
Configuring a Default Domain Name
Removing the Default Domain Name
Set ip dns domain name
Displaying DNS Server Information
Configuring and Managing Aliases
Show ip dns
23x0# show ip dns
Set ip alias name ip-addr
Adding an Alias
23x0# set ip alias HR1
Clear ip alias name
Removing an Alias
Displaying Aliases
Configuring and Managing Time Parameters
Show ip alias name
23x0# show ip alias
Displaying the Time Zone
Setting the Time Zone
Clearing the Time Zone
Displaying the Summertime Period
Configuring the Summertime Period
Clearing the Summertime Period
Set timedate date mmm dd yyyy time hhmmss
Statically Configuring the System Time and Date
23x0# set timedate date feb 29 2004 time
Time now is Sun Feb 29 2004, 235802 PST
Show timedate 23x0# show timedate
Displaying the Time and Date
Configuring and Managing NTP
Set ntp server ip-addr
Adding an NTP Server
23x0# set ntp server
Clear ntp server ip-addrall
Removing an NTP Server
Set ntp update-interval seconds
Changing the NTP Update Interval
23x0# set ntp update-interval
Clear ntp update-interval
Resetting the Update Interval to the Default
Enabling the NTP Client
Set ntp enable disable
Displaying NTP Information
Managing the ARP Table
Show ntp
Show arp ip-addr
Displaying ARP Table Entries
23x0# show arp
Set arp permanent static dynamic ip-addrmac-addr
Adding an ARP Entry
23x0# set arp static 10.10.10.1 00bbccddeeff
Success added arp 10.10.10.1 at 00bbccddeeff on Vlan
Pinging Another Device
Changing the Aging Timeout
Set arp agingtime seconds
23x0# set arp agingtime
23x0# telnet
Logging In to a Remote Device
23x0# show sessions telnet client
23x0# clear sessions telnet client
Tracing a Route
IP Interfaces and Services Configuration Scenario
23x0# traceroute server1
23x0# set system ip-address
23x0# set ip route default 10.20.10.1
23x0# set ip dns server 10.10.10.69 Primary
Summertime is enabled, and set to PDT
23x0# set ip dns enable
23x0# set ip dns server 10.20.10.69 Secondary
23x0 # show ip dns
Configuring Snmp
Configuring Snmp
Overview
23x0# set system contact sysadmin1
Setting the System Location and Contact Strings
Set system location string set system contact string
23x0# set system location 3rdfloorcloset
23x023x0# set snmp protocol all enable
Set snmp protocol v1 v2c usm all enable disable
Enabling Snmp Versions
Clear snmp community name comm-string
Configuring Community Strings SNMPv1 and SNMPv2c Only
Clear snmp usm usm-username
Creating a USM User for SNMPv3
23x0# set snmp usm snmpmgr1 snmp-engine-id local
Command Examples
23x0# set snmp security encrypted
Setting Snmp Security
Clear snmp profile profile-name
Configuring a Notification Profile
23x0# set snmp notify profile default send all
Configuring Snmp
Security unsecured authenticated encrypted
Configuring a Notification Target
Clear snmp notify target target-num
23x0# set snmp notify target 2 10.10.40.10 v1 trap
Set ip snmp server enable disable
Enabling the Snmp Service
23x0# set ip snmp server enable
Displaying Snmp Information
Displaying Snmp Version and Status Information
Displaying the Configured Snmp Community Strings
Displaying USM Settings
Displaying Notification Profiles
23x0# show snmp notify profile insert updated example
Displaying Notification Targets
23x0# show snmp notify target insert updated example
Displaying Snmp Statistics Counters
Configuring Snmp 320657-A
About the Mobility Domain Feature
Configuring and Managing Mobility Domain Roaming
Configuring a Mobility Domain
Set mobility-domain mode seed domain-name mob-domain-name
Configuring the Seed
23x0# set mobility-domain mode seed domain-name Pleasanton
Set mobility-domain member ip-addr
Configuring Member WSSs on the Seed
Set mobility-domain mode member seed-ip ip-addr
Configuring a Member
23x0# set mobility-domain mode member seed-ip
2370# show mobility-domain status
Displaying Mobility Domain Status
192.168.14.6
192.168.15.5
2370# show mobility-domain config
Displaying the Mobility Domain Configuration
This WSS is a member, with seed
2370# clear mobility-domain
Clearing a Mobility Domain from a WSS
Clear mobility-domain member ip-addr
Clearing a Mobility Domain Member from a Seed
23x0# show roaming station
Displaying Roaming Stations
23x0 # show roaming vlan
Displaying Roaming VLANs and Their Affinities
Affinity
Displaying Tunnel Information
Understanding the Sessions of Roaming Users
23x0 # show tunnel
State Port
Active
Requirements for Roaming to Succeed
Effects of Timers on Roaming
Monitoring Roaming Sessions
Mobility Domain Scenario
WSS-20show sessions network verbose
23x0# set mobility-domain member seed-ip
23x0# show roaming vlan
23x0# show mobility-domain config
23x0# show tunnel
Configuring User Encryption
Wireless Encryption Defaults
Default Encryption
Configuring WPA
WPA Cipher Suites
WPA Encryption with Tkip Only
WPA Encryption with Tkip and WEP
Tkip Countermeasures
WPA Authentication Methods
WPA Information Element
Client Support
Supported
Encryption Support for WPA and Non-WPA Clients
Creating a Service Profile for WPA
Configuring WPA
Enabling WPA
Specifying the WPA Cipher Suites
Enabling PSK Authentication
Changing the Tkip Countermeasures Timer Value
23x0# set service-profile wpa auth-psk enable
Set service-profile name auth-psk enable disable
Set service-profile name psk-phrase passphrase
Set service-profile name psk-raw hex
Show service-profile name ?
Displaying WPA Settings
23x0# show service-profile wpa
Set radio-profile name service-profile name
Creating a Service Profile for RSN
Configuring RSN
Enabling RSN
Specifying the RSN Cipher Suites
23x0# set service-profile rsn cipher-ccmp enable
Displaying RSN Settings
23x0# set radio-profile blgd2 service-profile rsn
Configuring WEP
Encryption for Dynamic and Static WEP
Set service-profile name wep key-index num key value
Setting Static WEP Key Values
23x0# set service-profile wepsrvc4 wep active-unicast-index
Encryption Configuration Scenarios
Assigning Static WEP Keys
Enabling WPA with Tkip
23x0# set service-profile wpa success change accepted
23x0# show ap config
23x0# show service-profile wpa-wep
23x0# set service-profile wpa-wep success change accepted
23x0# set ap 5,11 radio 1 radio-profile rp2 mode enable
Enabling Dynamic WEP in a WPA Network
Success change accepted
23x0# set service-profile wpa-wep-for-mac
Configuring Encryption for MAC Clients
23x0# show service-profile wpa-wep-for-mac
23x0# show ap config
Configuring User Encryption 320657-A
AP Overview
Configuring AP access points
Example Nortel Network
Country of Operation
Distributed AP Network Requirements
Directly Connected APs and Distributed APs
Distributed APs and Dhcp Option
Distributed APs and STP
Name
AP Parameters
Bias High
Disable
Upgrade-firmware Enable
Resiliency and Dual-Homing Options for APs
Group
Dual-Homed Direct Connections to a Single WSS
Dual-Homed Direct and Distributed Connections to WSSs
Dual-Homed Distributed Connections to WSSs on Both AP Ports
Dual-Homed Distributed Connections to WSSs on One AP Port
AP Boot Process
Configuring AP access points
Configuring AP access points
Configuring AP access points
Example AP Boot over Layer 2 Network
Example AP Boot over Layer 3 Network
Example Boot of Dual-Homed AP
Dual-Homed AP Booting
Session Load Balancing
Service Profiles
Public and Private SSIDs
Encryption
Dap status command
Configuring AP access points
Radio Profiles
Default Radio Profile
RF Auto-Tuning
Radio-Specific Parameters
Tx-power
Channel
Antennatype Internal Nortel external antenna model
Configuring AP access points
Set system countrycode code
Specifying the Country of Operation
WSS
23x0# show system
How an Unconfigured AP Finds an WSS Switch To Configure It
Configuring a Template for Automatic AP Configuration
Configuring a Template
Configured APs Have Precedence Over Unconfigured APs
23x0# show dap config auto
Radio 2 type 802.11a, mode enabled, channel dynamic
Changing AP Parameter Values
23x0# set dap auto radio 1 radio-profile autodap1
23x0# set dap auto mode enable
23x0# show dap status auto
Set dap auto persistent dap-numall
Setting the Port Type for a Directly Connected AP
Configuring AP Port Parameters
Port parameter Setting
23x0# set port type ap 11-14,16 model 2330 poe enable
Configuring an Indirectly Connected AP
Changing AP Names
Clearing an AP from the Configuration
Disabling or Reenabling Automatic Firmware Upgrades
Configuring a Load-Balancing Group
Enabling LED Blink Mode
Changing Bias
Encryption Key Fingerprint
Configuring AP-WSS Security
Encryption Options
RSA aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa
23x0# show dap status
Confirming an AP’s Fingerprint on an WSS Switch
Set dap num fingerprint hex
Setting the AP Security Requirement on an WSS Switch
Set dap security require optional
23x0# set dap security require
Fingerprint Log Message
Changing the Fallthru Authentication Type
Configuring a Service Profile
Disabling or Reenabling Encryption for an Ssid
Disabling or Reenabling Beaconing of an Ssid
Configuring AP access points
Set radio-profile name mode enable disable
Configuring a Radio Profile
Creating a New Profile
Changing Radio Parameters
23x0# set radio-profile rp1 beacon-interval
Set radio-profile name beacon-interval interval
Set radio-profile name dtim-interval interval
23x0# set radio-profile rp1 dtim-interval
23x0# set radio-profile rp1 rts-threshold
Set radio-profile name rts-threshold threshold
Set radio-profile name frag-threshold threshold
23x0# set radio-profile rp1 frag-threshold
23x0# set radio-profile rp1 max-rx-lifetime
Set radio-profile name max-rx-lifetime time
Set radio-profile name max-tx-lifetime time
23x0# set radio-profile rp1 max-tx-lifetime
23x0# set radio-profile rp1 11g-only enable
Set radio-profile name 11g-only enable disable
Set radio-profile name preamble-length long short
23x0# set radio-profile rplong preamble-length long
Removing a Radio Profile
Resetting a Radio Profile Parameter to its Default Value
Clear radio-profile name parameter
Clear radio-profile name
Configuring the Channel and Transmit Power
Configuring Radio-Specific Parameters
23x0# set ap 11 radio 1 channel 1 tx-power
Configuring the External Antenna Model
23x0# set ap 5 radio 2 channel 36 tx-power
23x0# set dap 1 radio 1 antennatype ANT1060
23x0# set radio-profile rp2 service-profile wpaclients
Mapping the Radio Profile to Service Profiles
23x0# set ap 6 radio 1 radio-profile rp1 mode disable
23x0# set ap 11-14,16 radio 2 radio-profile rp1 mode enable
Disabling or Reenabling Radios
Assigning a Radio Profile and Enabling Radios
23x0# set ap 3,7 radio 2 mode disable
Set ap port-listdap dap-numradio 1 2 mode enable disable
Enabling or Disabling Individual Radios
23x0# set radio-profile rp1 mode enable
Disabling or Reenabling All Radios Using a Profile
23x0# set radio-profile rp1 mode disable
Clear ap port-listdap dap-numradio 1 2 all
Resetting a Radio to its Factory Default Settings
23x0# clear ap 3 radio
Restarting an AP
Displaying AP Information
23x0# show dap config
Displaying AP Configuration Information
Show dap global dap-numserial-id serial-ID
Displaying a List of Distributed APs
23x0 # show dap global
23x0 # show dap unconfigured
Show dap unconfigured
Show dap connection dap-numserial-id serial-ID
Displaying Connection Information for Distributed APs
23x0 # show service-profile wpaclients
Displaying Service Profile Information
Displaying Radio Profile Information
23x0 # show radio-profile default
Show radio-profile name ?
Displaying AP Status Information
23x0 # show ap counters
Displaying AP Statistics Counters
116665 7694 11643396 629107 112115 3368239 142900
Totl
RF Auto-Tuning Overview
Configuring RF Auto-Tuning
Initial Channel and Power Assignment
Power Tuning
Channel and Power Tuning
Channel Tuning
Tuning the Transmit Data Rate
RF Auto-Tuning Parameters
Min-client-rate For 802.11b For 802.11a
Changing RF Auto-Tuning Settings
Disabling or Reenabling Channel Tuning
Changing Channel Tuning Settings
Changing the Channel Tuning Interval
Changing the Channel Holddown Interval
Enabling Power Tuning
Changing Power Tuning Settings
Changing the Power Tuning Interval
Changing the Power Backoff Interval
Changing the Client Retransmission Threshold
23x0# set ap 7 radio 1 auto-tune max-power
23x0# set ap 7 radio 1 auto-tune max-retransmissions
Changing the Minimum Transmit Data Rate
Displaying RF Auto-Tuning Information
23x0# show radio-profile default
Displaying RF Auto-Tuning Settings
23x0# show ap config 2 radio
23x0# show auto-tune neighbors ap 2 radio
Displaying RF Neighbors
23x0# show auto-tune attributes ap 2 radio
Displaying RF Attributes
Configuring RF Auto-Tuning 320657-A
How WMM Works in WSS Software
Wi-Fi Multimedia
QoS on the WSS Switch
WMM in a Nortel Network
QoS on an AP
Disabling or Reenabling WMM
Set radio-profile name wmm enable disable
WMM Priority Mappings
23x0# show radio-profile radprof1
Displaying WMM Information
Show dap qos-stats dap-numshow dap qos-stats port-list
23x0# show dap qos-stats
Wi-Fi Multimedia
Configuring and Managing Spanning Tree Protocol
23x0# set spantree enable
Set spantree enable disable
Enabling the Spanning Tree Protocol
Changing Standard Spanning Tree Parameters
Snmp Port Path Cost Defaults
Port Priority
Set spantree priority value all vlan vlan-id
Changing the Bridge Priority
23x0# set spantree priority 69 vlan pink
Changing STP Port Parameters
Resetting the STP Port Cost to the Default Value
Changing the STP Port Cost
Changing the STP Port Priority
Resetting the STP Port Priority to the Default Value
23x0# set spantree portpri 3-4 priority
23x0# set spantree portvlanpri 3-4 priority 48 vlan mauve
Changing the STP Forwarding Delay
Changing Spanning Tree Timers
Changing the STP Hello Interval
Changing the STP Maximum Age
23x0# set spantree maxage 15 all
Configuring and Managing STP Fast Convergence Features
Uplink Fast Convergence
Set spantree portfast port port-listenable disable
Configuring Port Fast Convergence
23x0# set spantree portfast port 9,11,13 enable
Displaying Port Fast Convergence Information
Port Vlan Portfast Disable Enable
Show spantree portfast port-list
23x0# show spantree portfast
Set spantree backbonefast enable disable
Configuring Backbone Fast Convergence
23x0# set spantree backbonefast enable
Displaying the Backbone Fast Convergence State
Backbonefast is enabled
Show spantree backbonefast
23x0# show spantree backbonefast
Set spantree uplinkfast enable disable
Configuring Uplink Fast Convergence
Displaying Uplink Fast Convergence Information
Displaying Spanning Tree Information
Show spantree uplinkfast vlan vlan-id
23x0# show spantree uplinkfast
Show spantree port-listvlan vlan-id active
Displaying STP Bridge and Port Information
23x0# show spantree vlan mauve
Show spantree portvlancost port-list
Displaying the STP Port Cost on a Vlan Basis
23x0# show spantree portvlancost
Port 1 Vlan 1 have path cost
Displaying Blocked STP Ports
23x0# show spantree blockedports vlan default
Show spantree blockedports vlan vlan-id
Show spantree statistics port-listvlan vlan-id
Displaying Spanning Tree Statistics
23x0# show spantree statistics 1 Bpdu related parameters
Topology change Timer value Hold timer
Topology change Timer
Hold timer value Delay root port Timer
Delay root port Timer value Timer restarted is
23x0# set port disable
Spanning Tree Configuration Scenario
Clearing STP Statistics
Clear spantree statistics port-listvlan vlan-id
Spanning tree mode
Default None Backbone Down
Disabled 128
23x0# set port enable
Down Auto Network 10/100BaseTx 1000/full
Disabling or Reenabling Igmp Snooping
Set igmp enable disable vlan vlan-id
Disabling or Reenabling Proxy Reporting
Set igmp proxy-report enable disable vlan vlan-id
Changing Igmp Timers
Set igmp querier enable disable vlan vlan-id
Enabling the Pseudo-Querier
Set igmp qi seconds vlan vlan-id
Changing the Query Interval
Set igmp oqi seconds vlan vlan-id
Changing the Other-Querier-Present Interval
Set igmp qri tenth-seconds vlan vlan-id
Changing the Query Response Interval
Set igmp lmqi tenth-seconds vlan vlan-id
Changing the Last Member Query Interval
Enabling Router Solicitation
Set igmp mrsol enable disable vlan vlan-id
Changing Robustness
Set igmp rv num vlan vlan-id
Changing the Router Solicitation Interval
Configuring Static Multicast Ports
Set igmp mrsol mrsi seconds vlan vlan-id
Adding or Removing a Static Multicast Router Port
Set igmp mrouter port port-listenable disable
Displaying Multicast Information
Set igmp receiver port port-listenable disable
Adding or Removing a Static Multicast Receiver Port
23x0# show igmp vlan orange
Show igmp vlan vlan-id
192.28.7.5 Dvmrp Group Port Receiver-IP Receiver-MAC
Clearing Multicast Statistics
Displaying Multicast Statistics Only
Show igmp statistics vlan vlan-id
Clear igmp statistics vlan vlan-id
Show igmp querier vlan vlan-id
Displaying Multicast Queriers
Show igmp querier vlan orange
Querier for vlan orange Port Querier-IP Querier-MAC
Show igmp mrouter vlan vlan-id
Displaying Multicast Routers
Show igmp mrouter vlan orange
192.28.7.5 000102030405 Dvmrp
23x0# show igmp receiver-table group 237.255.255.0/24
Displaying Multicast Receivers
Vlan red Session Port Receiver-IP Receiver-MAC
Configuring and Managing Igmp Snooping 320657-A
About Security Access Control Lists
Configuring and Managing Security ACLs
Setting Security ACLs
Overview of Security ACL Commands
Security ACL Filters
Creating and Committing a Security ACL
Common IP Protocol Numbers
Setting a Source IP ACL
23x0# set security acl ip acl-1 permit 192.168.1.4
Class-of-Service CoS Packet Handling
Class of Service
Wildcard Masks
Configuring and Managing Security ACLs
Common Icmp Message Types and Codes
Setting an Icmp ACL
Common Icmp Message Types and Codes
Setting a TCP ACL
Setting TCP and UDP ACLs
Setting a UDP ACL
Configuring and Managing Security ACLs
Determining the ACE Order
23x0# commit security acl acl-99
Committing a Security ACL
23x0# commit security acl all
Viewing the Edit Buffer
Viewing Security ACL Information
Viewing Committed Security ACLs
Viewing Security ACL Details
23x0# show security acl hits ACL hit-counters
Displaying Security ACL Hits
Clearing Security ACLs
Mapping Security ACLs
23x0# clear security acl acl-99
23x0# commit security acl acl-222 success change accepted
Mapping User-Based Security ACLs
23x0# set user Natasha attr filter-id acl-222.in
Configuring and Managing Security ACLs
Clearing a Security ACL Map
Displaying ACL Maps to Ports, VLANs, and Virtual Ports
23x0# set security acl map acl-222 port 2 tag 1-3,5
23x0# show security acl map acl-999
23x0# show security acl map acljoe
Modifying a Security ACL
ACL acljoe is mapped to
23x0# clear security acl map acljoe port 4
23x0# show security acl info all
Adding Another ACE to a Security ACL
Placing One ACE before Another
Modifying an Existing Security ACL
23x0# show security acl editbuffer
Clearing Security ACLs from the Edit Buffer
ACL edit-buffer table
Type Status Acl-a Not Committed Acl-111
23x0# rollback security acl acl-111
Using ACLs to Change CoS
ACL edit-buffer information for all
Filtering Based on Dscp Values
23x0# set security acl ip voip permit 0.0.0.0
Enabling Prioritization for Legacy Voice over IP
23x0# commit security acl voip
23x0# set security acl map voip vlan corpvlan out
Enabling SVP Optimization for SpectraLink Phones
Security ACL Configuration Scenario
23x0# save config
Managing Keys Certificates
Why Use Keys and Certificates?
Wireless Security through TLS
PEAP-MS-CHAP-V2 Security
About Keys and Certificates
Public Key Infrastructures
Public and Private Keys
Digital Certificates
Creating Keys and Certificates
Crypto generate key command
Pkcs #7, Pkcs #10, and Pkcs #12 Object Files
Pkcs Object Files Supported by Nortel
Managing Keys and Certificates
Procedures for Creating and Validating Certificates
23x0# crypto generate key admin
Crypto generate key admin eap ssh webaaa 512 1024
Admin key pair generated
Creating Public-Private Key Pairs
23x0# crypto generate self-signed admin Country Name US
Crypto generate self-signed admin eap webaaa
Generating Self-Signed Certificates
Crypto pkcs12 admin eap webaaa filename
Crypto otp admin eap webaaa one-time-password
23x0# crypto generate request admin
Begin Certificate
Installing a CA’s Own Certificate
23x0# show crypto certificate admin Certificate
Key and Certificate Configuration Scenarios
Displaying Certificate and Key Information
Self-signed cert for admin is
23x0# crypto generate self-signed admin
Creating Self-Signed Certificates
ENDCERTIFICATE-----23x0#crypto generate self-signed eap
20# crypto generate self-signed webaaa Country Name US
23x0# show crypto certificate admin
23x0# show crypto certificate eap
23x0# show crypto certificate webaaa Certificate
23x0# crypto pkcs12 admin 2048admn.p12
23x0# crypto otp admin SeC%#6@o%c
23x0# copy tftp//192.168.253.1/2048admn.p12 2048admn.p12
23x0# copy tftp//192.168.253.1/20481x.p12 20481x.p12
Keypair Device certificate CA certificate
Unstructured Name wiring closet 12 CSR for admin is
Email Address admin@example.com
23x0# crypto ca-certificate admin
23x0# crypto certificate admin
23x0# show crypto ca-certificate admin
Enter PEM-encoded certificate
About AAA for Network Users
Configuring AAA for Network Users
Authentication Types
Authentication
Authentication Algorithm
Authentication Flowchart for Network Users
To 802.1X? Yes
Last-Resort Processing
Ssid Name Any
User Credential Requirements
Configuring AAA for Network Users
CLI
Authorization
Accounting
AAA Tools for Network Users
Summary of AAA Features
Wildcard Any for Ssid Matching
Wildcards and Groups for Network User Classification
AAA Rollover Process
AAA Methods for Ieee 802.1X and Web Network Access
Local Override Exception
Remote Authentication with Local Backup
Remote Pass-Through or Local Authentication
EAP-MD5
Ieee 802.1X Extensible Authentication Protocol Types
Ways an WSS Switch Can Use EAP
Effects of Authentication Type on Encryption Method
Configuring 802.1X Authentication
Configuring 802.1X Acceleration
Using Pass-Through
Authenticating through a Local Database
Binding User Authentication to Machine Authentication
Authentication Rule Requirements
Bonded Authentication Configuration Example
Bonded Authentication Period
Set dot1x bonded-period seconds
Clear dot1x bonded-period
Show dot1x config 23x0# show dot1x config
Displaying Bonded Authentication Configuration Information
23x0# set dot1x bonded-period
Configuring Authentication and Authorization by MAC Address
Adding MAC Users and Groups
Adding and Clearing MAC Users and User Groups Locally
Clearing MAC Users and Groups
23x0# set authentication mac ssid voice 010102030405 local
Configuring MAC Authentication and Authorization
23x0# set authentication mac ssid voice 010102* local
23x0# set mac-user 000102030405 attr vlan-name red
Changing the MAC Authorization Password for Radius
Configuring Web-based AAA
Set radius server server-nameauthor-password password
23x0# set radius server bigbird author-password h00per
How Portal Web-based AAA Works
WSS Requirements
Web-based AAA Requirements and Recommendations
Configuring AAA for Network Users
Client NIC Requirements
WSS Recommendations
Client Web Browser Requirements
Client Web Browser Recommendations
Portal Web-based AAA Configuration Example
Configuring Portal Web-based AAA
23x0# set user web-portal-mycorp attr vlan-name corpvlan
23x0# show sessions network ssid mycorp
23x0# show config
23x0# show sessions network ssid mycorp
Using a Custom Login
Custom Login Page Scenario
Copying and Modifying the Nortel Login
TitleMy Corp webAAA/title
BWARNING/b My corp’s warning text
H3Welcome to Mycorp’s Wireless LAN/h3
23x0# mkdir mycorp-webaaa success change accepted
23x0# dir mycorp-webaaa
Variables for Redirect URLs Description
Using Dynamic Fields in Web-based AAA Redirect URLs
Configuring Last-Resort Access
WSS Switch Serving as Radius Proxy
Configuring AAA for Users of Third-Party APs
Authentication Process for 802.1X Users of a Third-Party AP
Requirements
WSS Switch Requirements
Third-Party AP Requirements
23x0# set port type wired-auth 3-4 tag
Set authentication mac wired mac-addr-wildcard method1
23x0# set authentication mac wired aabbcc010101 srvrgrp1
Set radius proxy port port-listtag tag-valuessid ssid-name
23x0# set radius proxy client address 10.20.20.9 key radkey1
23x0# set authentication proxy ssid mycorp ** srvrgrp1
End-date
Assigning Authorization Attributes
Service-type
Idle-timeout
Session-timeout
Filter-id
Start-date
Ssid
Time-of-day
Vlan-name
Url
Assigning Attributes to Users and Groups
Assigning a Security ACL Locally
Assigning a Security ACL to a User or a Group
23x0# set user Jose attr filter-id acl-101.in
23x0# set usergroup eastcoasters attr filter-id acl-101.in
Assigning a Security ACL on a Radius Server
Clear mac-usergroup groupname attr filter-id
Clearing a Security ACL from a User or Group
Assigning and Clearing Encryption Types Locally
Assigning Encryption Types to Wireless Users
23x0# set mac-usergroup mac-fans attr encryption-type
Assigning and Clearing Encryption Types on a Radius Server
About the Location Policy
How the Location Policy Differs from a Security ACL
Applying Security ACLs in a Location Policy Rule
Setting the Location Policy
23x0# set location policy deny if user eq *.theirfirm.com
WSS-20show location policy
Displaying and Positioning Location Policy Rules
Set accounting admin console dot1x mac web
Configuring Accounting for Wireless Network Users
Clear location policy rule-number
Configuring AAA for Network Users
Viewing Local Accounting Records
WSS-20-0013#show accounting statistics
Viewing Roaming Accounting Records
WSS-20-0017#show accounting statistics
May 21 Acct-Status-Type=STOP Acct-Authentic=2
Server Addr Ports
Set authentication admin Jose sg3
Rs-3
Rs-4
Set authentication web ssid any ** sg1
Avoiding AAA Problems in Configuration Order
Set authentication web ssid corpa ** corpasrvr
Vlan-Name = k2
Configuring AAA for Network Users
Configuration Producing an Incorrect Processing Order
Using Authentication and Accounting Rules Together
Configuration for a Correct Processing Order
23x0# set accounting dot1x ssid mycorp * start-stop group1
23x0# set mobility-profile name roses-profile port 2-4,7,9
Configuring a Mobility Profile
23x0# set mobility-profile mode enable
Network User Configuration Scenarios
23x0# show mobility-profile Mobility Profiles
NamePorts ========================= Roses-profile
23x0# set user EXAMPLE\username attr filter-id acl-101.in
General Use of Network User Commands
23x0# show security acl info acl-101
Mobility Profiles NamePorts ========================= Tulip
WSS-20save config
23x0# set radius server r1 address 10.1.1.1 key sunny
Enabling Radius Pass-Through Authentication
23x0# set user Natasha password moon
Enabling PEAP-MS-CHAP-V2 Authentication
23x0# set user Natasha attr session-timeout
Unstructured Name wiring closet
23x0# set radius server r1 address 10.1.1.1 key starry
Enabling PEAP-MS-CHAP-V2 Offload
23x0# set radius server r1 address 10.1.1.1 key starry
Overriding AAA-Assigned VLANs
Radius Overview
Configuring Communication with Radius
Configuring Communication with Radius
Before You Begin
Configuring Radius Servers
Clear radius deadtime key retransmit timeout
Configuring Global Radius Defaults
23x0# set radius deadtime
23x0# set radius key r8gney
23x0# set radius client system-ip
Setting the System IP Address as the Source Address
23x0# clear radius client system-ip
Set radius server server-nameaddress ip-address key string
Configuring Individual Radius Servers
Deleting Radius Servers
Configuring Radius Server Groups
Clear radius server server-name
Creating Server Groups
Configuring Load Balancing
Ordering Server Groups
Adding Members to a Server Group
Set server group group-nameload-balance enable
Clear server group group-nameload-balance
23x0 # show aaa
Configuring Communication with Radius
Deleting a Server Group
Radius and Server Group Configuration Scenario
23x0# set server group shorebirds load-balance enable
Managing 802.1X on Wired Authentication Ports
Managing 802.1X on WSS Switch
23x0# set dot1x authcontrol enable
Set dot1x authcontrol enable disable
Success dot1x authcontrol enabled
Enabling and Disabling 802.1X Globally
Managing 802.1X Encryption Keys
Setting 802.1X Port Control
23x0# set dot1x key-tx enable
Set dot1x key-tx enable disable
Success dot1x key transmission enabled
Enabling 802.1X Key Transmission
Set dot1x tx-period seconds
Configuring 802.1X Key Transmission Time Intervals
23x0# set dot1x tx-period
Success dot1x tx-period set to
Configuring the Interval for WEP Rekeying
Configuring 802.1X WEP Rekeying
Managing WEP Keys
Managing 802.1X Client Reauthentication
Setting EAP Retransmission Attempts
23x0# set dot1x max-req
Success dot1x max request set to
Set dot1x reauth enable disable
Enabling and Disabling 802.1X Reauthentication
23x0# set dot1x reauth enable
Success dot1x reauthentication enabled
23x0# set dot1x reauth-max
Set dot1x reauth-max number-of-attempts
Success dot1x max reauth set to
23x0# clear dot1x reauth-max
Success dot1x auth-server timeout set to
Setting the 802.1X Reauthentication Period
Set dot1x reauth-period seconds
23x0# set dot1x reauth-period
Setting the Bonded Authentication Period
Managing Other Timers
Clear dot1x max-req
Set dot1x quiet-period seconds
Setting the 802.1X Quiet Period
23x0# set dot1x quiet-period
Success dot1x quiet period set to
Set dot1x timeout auth-server seconds
Setting the 802.1X Timeout for an Authorization Server
23x0# set dot1x timeout auth-server
23x0# clear dot1x timeout auth-server
Displaying 802.1X Information
Setting the 802.1X Timeout for a Client
23x0# show dot1x clients
Viewing 802.1X Clients
Viewing the 802.1X Configuration
23x0# show dot1x stats
Viewing 802.1X Statistics
Managing 802.1X on the WSS Switch 320657-A
Show sessions admin console telnet client
Displaying and Clearing Administrative Sessions
Clear sessions admin console telnet client session-id
Managing Sessions
WSS-20 show sessions admin
Displaying and Clearing All Administrative Sessions
23x0# clear sessions admin
WSS-20 show sessions console
Displaying and Clearing an Administrative Console Session
Tty Username Time Type Tty0 5310 Console Console session
23x0# clear sessions console
Tty Username Time Type Tty3 Sshadmin 2099
Displaying and Clearing Administrative Telnet Sessions
WSS-20 show sessions telnet
Telnet session
Displaying and Clearing Client Telnet Sessions
Displaying and Clearing Network Sessions
23x0 # show sessions network
User Sess IP or MAC
Jose@example.com 5125 Vlan-eng
Displaying Verbose Network Session Information
003065168d69 4385 Vlan-wep
761 000bbe154656 none
Show sessions network user user-wildcard
Displaying and Clearing Network Sessions by Username
23x0# show sessions network user E
Clear sessions network user user-wildcard
Show sessions network mac-addr mac-addr-wildcard
Displaying and Clearing Network Sessions by MAC Address
Show sessions net mac-addr 01055d7e981a
Clear sessions network mac-addr mac-addr-wildcard
Show sessions network vlan vlan-wildcard
Displaying and Clearing Network Sessions by Vlan Name
Show sessions network vlan west
Clear sessions network vlan vlan-wildcard
Clear sessions network session-id session-id
Displaying and Clearing Network Sessions by Session ID
2370# clear sessions network session-id
About System Files
Managing System Files
Show version details
Displaying Software Version Information
23x0# show version
23x0# show version details
W2 N/A
23x0# show boot
Displaying Boot Information
Working with Files
23x0# dir old
Displaying a List of Files
Copying a File
23x0# copy floor2WSS tftp//10.1.1.1/floor2WSS-backup
23x0# copy floor2WSS tftp//10.1.1.1/floor2WSS
Success sent 365 bytes in 0.401 seconds 910 bytes/sec
23x0# copy tftp//10.1.1.1/newconfig WSSconfig
23x0# copy tftp//10.1.1.1/newconfig newconfig
Successreceived9163214bytesin105.939seconds Bytes/sec
23x0# delete testconfig
23x0# copy testconfig tftp//10.1.1.1/testconfig
Deleting a File
Delete url
23x0# mkdir corp2
Creating a Subdirectory
Removing a Subdirectory
Managing Configuration Files
23x0# rmdir corp2
Show config area area all
Displaying the Running Configuration
23x0# show config area vlan
Managing System Files
Save config filename
Saving Configuration Changes
23x0# save config newconfig
Success configuration saved to newconfig
23x0# set boot configuration-file floor2WSS
Set boot configuration-file filename
Success boot config set
Load config url
Loading a Configuration File
23x0# load config newconfig
Backing Up and Restoring the System
Resetting to the Factory Default Configuration
Managing System Files
Managing Configuration Changes
23x0# backup system tftp/10.10.20.9/sysabak critical
Backup and Restore Examples
23x0# restore system tftp/10.10.20.9/sysabak
Upgrading the System Image
Managing System Files 320657-A
About Rogues and RF Detection
Rogue Detection Countermeasures
Rogue Classification
Rogue access points and Clients
Rogue Detection Lists
Rogue Detection and Countermeasures
Rogue Detection Algorithm
Dynamic Frequency Selection DFS
RF Detection Scans
Countermeasures
Summary of Rogue Detection Features
Configuring Rogue Detection Lists
Set rfdetect vendor-list client ap mac-addr
Configuring a Permitted Vendor List
Show rfdetect vendor-list
23x0# show rfdetect vendor-list Total number of entries
Set rfdetect ssid-list ssid-name
Configuring a Permitted Ssid List
Show rfdetect ssid-list
23x0# show rfdetect ssid-list Total number of entries
Set rfdetect black-list mac-addr
Configuring a Client Black List
Show rfdetect black-list
23x0# show rfdetect black-list
Set rfdetect attack-list mac-addr
Configuring an Attack List
Show rfdetect attack-list
23x0# show rfdetect attack-list
Enabling Countermeasures
Configuring an Ignore List
Enabling AP Signatures
Disabling or Reenabling Active Scan
Disabling or Reenabling Logging of Rogues
Set rfdetect log enable disable
Enabling Rogue and Countermeasures Notifications
IDS and DoS Alerts
Flood Attacks
DoS Attacks
Netstumbler and Wellenreiter Applications
Wireless Bridge
Ad-Hoc Network
Weak WEP Key Used by Client
Disallowed Devices or SSIDs
Displaying Statistics Counters
IDS and DoS Log Messages
IDS Log Message Examples
Message Type
Displaying RF Detection Information
Show rfdetect ignore
Show rfdetect attack-list
Show rfdetect clients mac mac-addr
Displaying Rogue Clients
23x0# show rfdetect clients mac 000c4163fd6d
23x0# show rfdetect clients
Show rfdetect counters
Displaying Rogue Detection Counters
23x0# show rfdetect counters
Show rfdetect mobility-domain ssid ssid-namebssid mac-addr
Displaying Ssid or Bssid Information for a Mobility Domain
23x0# show rfdetect mobility-domain
23x0# show rfdetect mobility-domain ssid nrtl-webaaa
23x0# show rfdetect mobility-domain bssid 000b0e0004d1
Show rfdetect data
Displaying RF Detect Data
23x0 # show rfdetect data
23x0# show rfdetect visible ap 3 radio
Displaying the APs Detected by an AP Radio
Show rfdetect countermeasures
Displaying Countermeasures Information
23x0# show rfdetect countermeasures
Rogue Detection and Countermeasures 320657-A
Appendix a Troubleshooting a WS Switch
WSS Setup Problems and Remedies
Fixing Common WSS Setup Problems
Symptom Diagnosis
Boot boot OPT+=default
Recovering the System Password
WSS-2350
WSS-2370, WSS-2380, or WSS-2360
Log Message Components
Configuring and Managing the System Log
Logging Destinations and Levels
Debug
Info
Logging to the Log Buffer
Using Log Commands
Logging Messages to a Syslog Server
Logging to the Console
Changing the Current Telnet Session Defaults
Setting Telnet Session Defaults
Logging to the Trace Buffer
Displaying the Log Configuration
Saving Trace Messages in a File
Tracing Authentication Activity
Using the Trace Command
Running Traces
Tracing Session Manager Activity
Displaying a Trace
Tracing Authorization Activity
Stopping a Trace
Tracing 802.1X Sessions
About Trace Results
23x0# show log trace severity error
Displaying Trace Results
Clearing the Trace Log
Copying Trace Results to a Server
List of Trace Areas
Viewing Vlan Interfaces
Using Show Commands
Viewing AAA Session Statistics
WSS-2370# show interface
Viewing ARP Information
Viewing FDB Information
Vlan-name = vlan-wep
23x0# show fdb
Remotely Monitoring Traffic
Using Snoop Filters on Radios That Use Active Scan
How Remote Traffic Monitoring Works
Best Practices for Remote Traffic Monitoring
Appendix a Troubleshooting a WS Switch
23x0# set snoop snoop1 observer 10.10.30.2 snap-length
Configuring a Snoop Filter
Mapping a Snoop Filter to a Radio
Displaying Configured Snoop Filters
Editing a Snoop Filter
Deleting a Snoop Filter
Displaying the Snoop Filters Mapped to a Radio
Enabling or Disabling a Snoop Filter
Displaying the Snoop Filter Mappings for All Radios
Removing Snoop Filter Mappings
Success filter snoop1 enabled
23x0# set snoop snoop1 mode enable stop-after
Preparing an Observer and Capturing Traffic
Displaying Remote Traffic Monitoring Statistics
Show snoop stats filter-namedap-numradio 1
Capturing System Information for Technical Support
Displaying Technical Support Information
23x0# show tech-support file fortechsupport
Sending Information to Nets
Success results saved to fortechsupport.gz
23x0# copy fortechsupport.gz tftp//tftpserver/filename.gz
Appendix a Troubleshooting a WS Switch 320657-A
Supported Standard and Extended Attributes
Appendix B Supported Radius Attributes
801.1X Attributes
801.1X Attributes
Radius
Nortel Vendor-Specific Attributes
Nortel VSAs
Protocol Port Function
Appendix C Mobility Domain Traffic Ports
Appendix C Mobility Domain Traffic Ports 320657-A
Appendix D Dhcp Server
How the WSS Software Dhcp Server Works
Configuring the Dhcp Server
Show dhcp-server interface vlan-id verbose
Displaying Dhcp Server Information
23x0# show dhcp-server
Appendix D Dhcp Server
Glossary
Advanced Encryption Standard See AES
Authentication, authorization, and accounting See AAA
CBC-MAC See Ccmp
Cyclic redundancy check See CRC
Glossary
EAP with Transport Layer Security See EAP-TLS
Group master key See GMK
Group transient key See GTK
Industry Canada See IC Information element See WPA IE
Media access control address See MAC address
Microsoft Challenge Handshake Authentication
Per-VLAN Spanning Tree protocol See PVST+
Port address translation See PAT Power over Ethernet See PoE
Quality of service See QoS
Remote Authentication Dial-In User Service See Radius
Spanning Tree Protocol See STP
Temporal Key Integrity Protocol See Tkip
Type, length, and value See TLV
Wisp
WPA information element See WPA IE
Glossary 320657-A
Numerics
Index
Index
Index
DNS
Enable password
Description
Subnet masks for, notation conventions System IP address
366 To ports, VLANs, or virtual ports 368
Index
Radius
Https
Index
Configuring 341 rogue access points detecting
TCP
Snmp
STP
Uplink fast convergence
Index
WMS
Index 320657-A
Command Index
Command Index
Set dap auto radiotype
Command Index
Command Index
324 Show spantree blockedports 329
