Nortel Wlan Security Switch 2300 Series Configuration Guide
Restricted rights legend
Copyright Nortel Networks Limited 2005. All rights reserved
Trademarks
Statement of conditions
USA requirements only
Nortel Inc. software license agreement
Limited Product Warranty
Legal Information
Limited Warranty
Software License Agreement
Nortel Wlan Security Switch 2300 Series Configuration Guide
SSH Source Code Statement
OpenSSL Project License Statements
Class a Statement RF Radiation Hazard Warning
Deployment Statement
320657-A
Contents
Configuring and Managing Ports and VLANs
Configuring and Managing IP Interfaces and Services
Configuring Snmp
Configuring and Managing Mobility Domain Roaming
Configuring AP access points
Wi-Fi Multimedia
Configuring and Managing Igmp Snooping
Managing Keys and Certificates
Configuring AAA for Network Users
Configuring Communication with Radius
Managing 802.1X on the WSS Switch
Managing System Files
Troubleshooting a WS Switch
Supported Radius Attributes
Contents 320657-A
How to get Help
Getting Help over the phone from a Nortel Solutions Center
Getting Help from the Nortel Web site
Getting Help through a Nortel distributor or reseller
Introducing the Nortel Wlan 2300 System
Nortel Wlan 2300 System
Planning, Configuration, and Deployment
Documentation
Safety and Advisory Notices
Menu Name Command
Text and Syntax Conventions
Bold text
Using the Command-Line Interface
CLI Conventions
Command Prompts
NT-mm-nnnnnn
Clear interface vlan-idip
Set port enable disable port-list
Syntax Notation
Clear fdb dynamic port port-list vlan vlan-id
Text Entry Conventions and Allowed Characters
MAC Address Notation
IP Address and Mask Notation
MAC Address Wildcards
User Wildcards, MAC Address Wildcards, and Vlan Wildcards
User Wildcards
0001
Vlan Wildcards
Matching Order for Wildcards
000102 00010203 0001020304
Port Lists
23x0# set port enable
23x0# reset port
23x0# show port poe 1,2,4,13
Virtual LAN Identification
Command-Line Editing
Keyboard Shortcuts
Keyboard Shortcuts Function
History Buffer
Tabs
Single-Asterisk * Wildcard Character
Double-Asterisk ** Wildcard Characters
Using CLI Help
23x0# help Commands
23x0# show i?
23x0# show ip telnet
Understanding Command Descriptions
Server Status Port Enabled
Set ap dap name
Configuring AAA for Administrative and Local Access
Overview of AAA for Administrative and Local Access
Configuring AAA for Administrative and Local Access
Before You Start
Typical Nortel Wlan 2300 System
About Administrative Access
Access Modes
First-Time Configuration using the Console
Types of Administrative Access
23x0 enable
Enabling an Administrator
Password
Username
WMS Enable Password
Setting the WSS Switch Enable Password
Setting the WSS Enable Password for the First Time
23x0# set enablepass
Configuring AAA for Administrative and Local Access
Authenticating at the Console
23x0# set authentication console * local
Customizing AAA with Wildcards and Groups
Setting User Passwords
Set user username password password
Configuring Accounting for Administrative Users
Adding and Clearing Local Users for Administrative Access
Success User Jose created
23x0# show accounting statistics
23x0# save config configday
Displaying the AAA Configuration
Saving the Configuration
23x0# show aaa
Administrative AAA Configuration Scenarios
Local Authentication
Success change accepted
23x0# set server group sg1 members r1
Local Override and Backup Local Authentication
Authentication When Radius Servers Do Not Respond
Configuring and Managing Ports and VLANs
Configuring and Managing Ports
Setting the Port Type
Vlan
WSS 2380 40 AP Software License Upgrade
Show version
Setting a Port for a Directly Connected AP access port
23x0# set port type ap 4-6 model 2330 poe enable
Configuring for a Distributed AP
Setting a Port for a Wired Authentication User
23x0# set port type wired-auth
Clearing a Port
Clear port type port-list
Clearing a Distributed AP
23x0# clear port type
Clear dap dap-num
Configuring a Port Name
Setting a Port Name
Removing a Port Name
Show port preference port-list
Set port preference port-listrj45
Clear port preference port-list
RJ45
Configuring Port Operating Parameters
10/100 Ports-Autonegotiation and Port Speed
Gigabit Ports-Autonegotiation and Flow Control
Disabling or Reenabling Power over Ethernet
Disabling or Reenabling a Port
Resetting a Port
Set port poe port-listenable disable
Reset port port-list
Displaying PoE State
Displaying Port Configuration and Status
Displaying Port Information
Show port status port-list
Displaying Port Statistics
Clearing Statistics Counters
Monitoring Port Statistics
23x0# monitor port counters
Load Sharing
Configuring Load-Sharing Port Groups
Configuring a Port Group
Link Redundancy
Displaying Port Group Information
Configuring and Managing VLANs
Removing a Port Group
Interoperating with Cisco Systems EtherChannel
Understanding VLANs in Nortel WSS Software
VLANs, IP Subnets, and IP Addressing
Users and VLANs
Vlan Names
Roaming and VLANs
Traffic Forwarding
802.1Q Tagging
Tunnel Affinity
Adding Ports to a Vlan
Configuring a Vlan
Creating a Vlan
Set vlan vlan-numname name
23x0# clear vlan red port
Removing an Entire Vlan or a Vlan Port
23x0# set vlan red port 9-11,21
23x0# clear vlan marigold port 13 tag
23x0# clear vlan ecru
Changing Tunneling Affinity
Set vlan vlan-idtunnel-affinity num
Managing the Layer 2 Forwarding Database
Show vlan config vlan-id
23x0# show vlan config burgundy
Displaying Vlan Information
Types of Forwarding Database Entries
How Entries Enter the Forwarding Database
Displaying Forwarding Database Entries
Displaying Forwarding Database Information
Displaying the Size of the Forwarding Database
Show fdb count perm static dynamic vlan vlan-id
23x0# set fdb static 002b3c4d5e6f port 1 vlan default
Adding an Entry to the Forwarding Database
23x0# set fdb perm 00bbccddeeff port 3,5 vlan blue
Removing Entries from the Forwarding Database
23x0# clear fdb dynamic
23x0# clear fdb port 3,5
Displaying the Aging Timeout Period
Port and Vlan Configuration Scenario
Configuring the Aging Timeout Period
Changing the Aging Timeout Period
23x0# set port 8-13 name manufacturing
23x0# set port 6 name confroom1
23x0# set port 7 name confroom2
23x0# set system countrycode US
23x0# set port type ap 2-16 model 2330 poe enable
MAC
23x0# set port type wired-auth 17,18
Port group backbonelink is up Ports 22
Save the configuration. Type the following command
Configuring and Managing IP Interfaces and Services
MTU Support
Configuring and Managing IP Interfaces
Statically Configuring an IP Interface
Adding an IP Interface
Enabling the Dhcp Client
Set interface vlan-idip dhcp-client enable disable
23x0# set interface corpvlan ip dhcp-client enable
23x0# show interface
Interface Corpvlan4 Configuration Status Enabled Dhcp State
23x0# show dhcp-client
Disabling or Reenabling an IP Interface
Set interface vlan-idstatus up down
Removing an IP Interface
Configuring the System IP Address
Displaying IP Interface Information
Show interface vlan-id
Designating the System IP Address
Set system ip-address ip-addr
Displaying the System IP Address
Show system
Configuring and Managing IP Routes
Clearing the System IP Address
Clear system ip-address
Configuring and Managing IP Interfaces and Services 320657-A
Displaying IP Routes
Show ip route destination
23x0# show ip route
224.0.0.0/ 4 IP Local
23x0# set ip route default 10.5.4.1
Adding a Static Route
23x0# set ip route 192.168.4.0 255.255.255.0 10.5.4.2
Removing a Static Route
Managing the Management Services
23x0# clear ip route default
23x0# clear ip route 192.168.4.69/24
Managing SSH
Login Timeouts
Session Timeouts
Enabling SSH
Show crypto key ssh
Changing the SSH Service Port Number
Adding an SSH User
23x0# show crypto key ssh ec6f567fd1fdc02893aea4f97cf51304
23x0# show sessions admin
Changing SSH Timeouts
Show sessions admin Clear sessions admin ssh session-id
23x0# clear sessions admin ssh
Enabling Telnet
Telnet Login Timers
Managing Telnet
Adding a Telnet User
Changing the Telnet Service Port Number
Resetting the Telnet Service Port Number to Its Default
Managing Telnet Server Sessions
Enabling Https
Configuring and Managing DNS
Managing Https
Displaying Https Information
Configuring and Managing IP Interfaces and Services
Set ip dns enable disable
Enabling or Disabling the DNS Client
Removing a DNS Server
Configuring DNS Servers
Adding a DNS Server
Set ip dns server ip-addrprimary secondary
Removing the Default Domain Name
Configuring a Default Domain Name
Adding the Default Domain Name
Set ip dns domain name
Show ip dns
Configuring and Managing Aliases
Displaying DNS Server Information
23x0# show ip dns
Adding an Alias
Set ip alias name ip-addr
23x0# set ip alias HR1
Removing an Alias
Clear ip alias name
Show ip alias name
Configuring and Managing Time Parameters
Displaying Aliases
23x0# show ip alias
Setting the Time Zone
Displaying the Time Zone
Clearing the Time Zone
Configuring the Summertime Period
Displaying the Summertime Period
Clearing the Summertime Period
23x0# set timedate date feb 29 2004 time
Statically Configuring the System Time and Date
Set timedate date mmm dd yyyy time hhmmss
Time now is Sun Feb 29 2004, 235802 PST
Displaying the Time and Date
Show timedate 23x0# show timedate
Configuring and Managing NTP
Adding an NTP Server
Set ntp server ip-addr
23x0# set ntp server
Removing an NTP Server
Clear ntp server ip-addrall
Changing the NTP Update Interval
Set ntp update-interval seconds
23x0# set ntp update-interval
Resetting the Update Interval to the Default
Clear ntp update-interval
Set ntp enable disable
Enabling the NTP Client
Managing the ARP Table
Displaying NTP Information
Show ntp
Displaying ARP Table Entries
Show arp ip-addr
23x0# show arp
23x0# set arp static 10.10.10.1 00bbccddeeff
Adding an ARP Entry
Set arp permanent static dynamic ip-addrmac-addr
Success added arp 10.10.10.1 at 00bbccddeeff on Vlan
Set arp agingtime seconds
Changing the Aging Timeout
Pinging Another Device
23x0# set arp agingtime
23x0# show sessions telnet client
Logging In to a Remote Device
23x0# telnet
23x0# clear sessions telnet client
IP Interfaces and Services Configuration Scenario
Tracing a Route
23x0# traceroute server1
23x0# set ip route default 10.20.10.1
23x0# set system ip-address
23x0# set ip dns server 10.10.10.69 Primary
23x0# set ip dns server 10.20.10.69 Secondary
23x0# set ip dns enable
Summertime is enabled, and set to PDT
23x0 # show ip dns
Configuring Snmp
Configuring Snmp
Overview
Set system location string set system contact string
Setting the System Location and Contact Strings
23x0# set system contact sysadmin1
23x0# set system location 3rdfloorcloset
Set snmp protocol v1 v2c usm all enable disable
23x023x0# set snmp protocol all enable
Enabling Snmp Versions
Configuring Community Strings SNMPv1 and SNMPv2c Only
Clear snmp community name comm-string
Creating a USM User for SNMPv3
Clear snmp usm usm-username
Command Examples
23x0# set snmp usm snmpmgr1 snmp-engine-id local
Setting Snmp Security
23x0# set snmp security encrypted
Configuring a Notification Profile
Clear snmp profile profile-name
23x0# set snmp notify profile default send all
Configuring Snmp
Configuring a Notification Target
Security unsecured authenticated encrypted
Clear snmp notify target target-num
23x0# set snmp notify target 2 10.10.40.10 v1 trap
23x0# set ip snmp server enable
Enabling the Snmp Service
Set ip snmp server enable disable
Displaying Snmp Information
Displaying Snmp Version and Status Information
Displaying the Configured Snmp Community Strings
Displaying USM Settings
23x0# show snmp notify profile insert updated example
Displaying Notification Profiles
23x0# show snmp notify target insert updated example
Displaying Notification Targets
Displaying Snmp Statistics Counters
Configuring Snmp 320657-A
Configuring and Managing Mobility Domain Roaming
About the Mobility Domain Feature
Configuring a Mobility Domain
Configuring the Seed
Set mobility-domain mode seed domain-name mob-domain-name
23x0# set mobility-domain mode seed domain-name Pleasanton
Configuring Member WSSs on the Seed
Set mobility-domain member ip-addr
Configuring a Member
Set mobility-domain mode member seed-ip ip-addr
23x0# set mobility-domain mode member seed-ip
192.168.14.6
Displaying Mobility Domain Status
2370# show mobility-domain status
192.168.15.5
Displaying the Mobility Domain Configuration
2370# show mobility-domain config
This WSS is a member, with seed
Clearing a Mobility Domain from a WSS
2370# clear mobility-domain
Clearing a Mobility Domain Member from a Seed
Clear mobility-domain member ip-addr
Displaying Roaming Stations
23x0# show roaming station
Displaying Roaming VLANs and Their Affinities
23x0 # show roaming vlan
Affinity
23x0 # show tunnel
Understanding the Sessions of Roaming Users
Displaying Tunnel Information
State Port
Requirements for Roaming to Succeed
Active
Effects of Timers on Roaming
WSS-20show sessions network verbose
Mobility Domain Scenario
Monitoring Roaming Sessions
23x0# set mobility-domain member seed-ip
23x0# show mobility-domain config
23x0# show roaming vlan
23x0# show tunnel
Configuring User Encryption
Wireless Encryption Defaults
Default Encryption
Configuring WPA
WPA Cipher Suites
WPA Encryption with Tkip Only
WPA Encryption with Tkip and WEP
Tkip Countermeasures
WPA Authentication Methods
WPA Information Element
Client Support
Encryption Support for WPA and Non-WPA Clients
Supported
Enabling WPA
Configuring WPA
Creating a Service Profile for WPA
Specifying the WPA Cipher Suites
Changing the Tkip Countermeasures Timer Value
Enabling PSK Authentication
Set service-profile name psk-phrase passphrase
Set service-profile name auth-psk enable disable
23x0# set service-profile wpa auth-psk enable
Set service-profile name psk-raw hex
23x0# show service-profile wpa
Displaying WPA Settings
Show service-profile name ?
Set radio-profile name service-profile name
Enabling RSN
Configuring RSN
Creating a Service Profile for RSN
Specifying the RSN Cipher Suites
Displaying RSN Settings
23x0# set service-profile rsn cipher-ccmp enable
Configuring WEP
23x0# set radio-profile blgd2 service-profile rsn
Encryption for Dynamic and Static WEP
Setting Static WEP Key Values
Set service-profile name wep key-index num key value
Encryption Configuration Scenarios
23x0# set service-profile wepsrvc4 wep active-unicast-index
Assigning Static WEP Keys
23x0# set service-profile wpa success change accepted
Enabling WPA with Tkip
23x0# show ap config
23x0# set ap 5,11 radio 1 radio-profile rp2 mode enable
23x0# set service-profile wpa-wep success change accepted
23x0# show service-profile wpa-wep
Enabling Dynamic WEP in a WPA Network
Success change accepted
Configuring Encryption for MAC Clients
23x0# set service-profile wpa-wep-for-mac
23x0# show service-profile wpa-wep-for-mac
23x0# show ap config
Configuring User Encryption 320657-A
Configuring AP access points
AP Overview
Example Nortel Network
Country of Operation
Directly Connected APs and Distributed APs
Distributed AP Network Requirements
Distributed APs and STP
Distributed APs and Dhcp Option
AP Parameters
Name
Bias High
Resiliency and Dual-Homing Options for APs
Upgrade-firmware Enable
Disable
Group
Dual-Homed Direct Connections to a Single WSS
Dual-Homed Direct and Distributed Connections to WSSs
Dual-Homed Distributed Connections to WSSs on Both AP Ports
AP Boot Process
Dual-Homed Distributed Connections to WSSs on One AP Port
Configuring AP access points
Configuring AP access points
Configuring AP access points
Example AP Boot over Layer 2 Network
Example AP Boot over Layer 3 Network
Example Boot of Dual-Homed AP
Dual-Homed AP Booting
Session Load Balancing
Service Profiles
Public and Private SSIDs
Dap status command
Encryption
Configuring AP access points
Radio Profiles
RF Auto-Tuning
Default Radio Profile
Channel
Tx-power
Radio-Specific Parameters
Antennatype Internal Nortel external antenna model
Configuring AP access points
Specifying the Country of Operation
Set system countrycode code
WSS
23x0# show system
Configuring a Template for Automatic AP Configuration
How an Unconfigured AP Finds an WSS Switch To Configure It
23x0# show dap config auto
Configured APs Have Precedence Over Unconfigured APs
Configuring a Template
Radio 2 type 802.11a, mode enabled, channel dynamic
Changing AP Parameter Values
23x0# set dap auto mode enable
23x0# set dap auto radio 1 radio-profile autodap1
23x0# show dap status auto
Set dap auto persistent dap-numall
Configuring AP Port Parameters
Setting the Port Type for a Directly Connected AP
Port parameter Setting
Configuring an Indirectly Connected AP
23x0# set port type ap 11-14,16 model 2330 poe enable
Clearing an AP from the Configuration
Changing AP Names
Enabling LED Blink Mode
Configuring a Load-Balancing Group
Disabling or Reenabling Automatic Firmware Upgrades
Changing Bias
Encryption Options
Configuring AP-WSS Security
Encryption Key Fingerprint
RSA aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa
Confirming an AP’s Fingerprint on an WSS Switch
23x0# show dap status
Set dap security require optional
Setting the AP Security Requirement on an WSS Switch
Set dap num fingerprint hex
23x0# set dap security require
Fingerprint Log Message
Disabling or Reenabling Encryption for an Ssid
Configuring a Service Profile
Changing the Fallthru Authentication Type
Disabling or Reenabling Beaconing of an Ssid
Configuring AP access points
Creating a New Profile
Configuring a Radio Profile
Set radio-profile name mode enable disable
Changing Radio Parameters
Set radio-profile name dtim-interval interval
Set radio-profile name beacon-interval interval
23x0# set radio-profile rp1 beacon-interval
23x0# set radio-profile rp1 dtim-interval
Set radio-profile name frag-threshold threshold
Set radio-profile name rts-threshold threshold
23x0# set radio-profile rp1 rts-threshold
23x0# set radio-profile rp1 frag-threshold
Set radio-profile name max-tx-lifetime time
Set radio-profile name max-rx-lifetime time
23x0# set radio-profile rp1 max-rx-lifetime
23x0# set radio-profile rp1 max-tx-lifetime
Set radio-profile name preamble-length long short
Set radio-profile name 11g-only enable disable
23x0# set radio-profile rp1 11g-only enable
23x0# set radio-profile rplong preamble-length long
Clear radio-profile name parameter
Resetting a Radio Profile Parameter to its Default Value
Removing a Radio Profile
Clear radio-profile name
Configuring Radio-Specific Parameters
Configuring the Channel and Transmit Power
Configuring the External Antenna Model
23x0# set ap 11 radio 1 channel 1 tx-power
23x0# set ap 5 radio 2 channel 36 tx-power
23x0# set dap 1 radio 1 antennatype ANT1060
Mapping the Radio Profile to Service Profiles
23x0# set radio-profile rp2 service-profile wpaclients
Disabling or Reenabling Radios
23x0# set ap 11-14,16 radio 2 radio-profile rp1 mode enable
23x0# set ap 6 radio 1 radio-profile rp1 mode disable
Assigning a Radio Profile and Enabling Radios
Set ap port-listdap dap-numradio 1 2 mode enable disable
23x0# set ap 3,7 radio 2 mode disable
Enabling or Disabling Individual Radios
Disabling or Reenabling All Radios Using a Profile
23x0# set radio-profile rp1 mode enable
23x0# set radio-profile rp1 mode disable
Resetting a Radio to its Factory Default Settings
Clear ap port-listdap dap-numradio 1 2 all
23x0# clear ap 3 radio
Displaying AP Information
Restarting an AP
Displaying AP Configuration Information
23x0# show dap config
Displaying a List of Distributed APs
Show dap global dap-numserial-id serial-ID
23x0 # show dap global
Show dap unconfigured
23x0 # show dap unconfigured
Displaying Connection Information for Distributed APs
Show dap connection dap-numserial-id serial-ID
Displaying Service Profile Information
23x0 # show service-profile wpaclients
23x0 # show radio-profile default
Displaying Radio Profile Information
Show radio-profile name ?
Displaying AP Status Information
Displaying AP Statistics Counters
23x0 # show ap counters
Totl
116665 7694 11643396 629107 112115 3368239 142900
Configuring RF Auto-Tuning
RF Auto-Tuning Overview
Initial Channel and Power Assignment
Channel and Power Tuning
Power Tuning
Channel Tuning
Tuning the Transmit Data Rate
RF Auto-Tuning Parameters
Changing RF Auto-Tuning Settings
Min-client-rate For 802.11b For 802.11a
Changing the Channel Tuning Interval
Changing Channel Tuning Settings
Disabling or Reenabling Channel Tuning
Changing the Channel Holddown Interval
Changing the Power Tuning Interval
Changing Power Tuning Settings
Enabling Power Tuning
Changing the Power Backoff Interval
23x0# set ap 7 radio 1 auto-tune max-power
Changing the Client Retransmission Threshold
23x0# set ap 7 radio 1 auto-tune max-retransmissions
Displaying RF Auto-Tuning Information
Changing the Minimum Transmit Data Rate
Displaying RF Auto-Tuning Settings
23x0# show radio-profile default
23x0# show ap config 2 radio
Displaying RF Neighbors
23x0# show auto-tune neighbors ap 2 radio
Displaying RF Attributes
23x0# show auto-tune attributes ap 2 radio
Configuring RF Auto-Tuning 320657-A
Wi-Fi Multimedia
How WMM Works in WSS Software
QoS on the WSS Switch
QoS on an AP
WMM in a Nortel Network
Set radio-profile name wmm enable disable
Disabling or Reenabling WMM
WMM Priority Mappings
Show dap qos-stats dap-numshow dap qos-stats port-list
Displaying WMM Information
23x0# show radio-profile radprof1
23x0# show dap qos-stats
Wi-Fi Multimedia
Configuring and Managing Spanning Tree Protocol
Set spantree enable disable
23x0# set spantree enable
Enabling the Spanning Tree Protocol
Snmp Port Path Cost Defaults
Changing Standard Spanning Tree Parameters
Port Priority
Changing the Bridge Priority
Set spantree priority value all vlan vlan-id
23x0# set spantree priority 69 vlan pink
Resetting the STP Port Cost to the Default Value
Changing STP Port Parameters
Changing the STP Port Cost
23x0# set spantree portpri 3-4 priority
Resetting the STP Port Priority to the Default Value
Changing the STP Port Priority
23x0# set spantree portvlanpri 3-4 priority 48 vlan mauve
Changing the STP Hello Interval
Changing Spanning Tree Timers
Changing the STP Forwarding Delay
Changing the STP Maximum Age
Configuring and Managing STP Fast Convergence Features
23x0# set spantree maxage 15 all
Uplink Fast Convergence
Configuring Port Fast Convergence
Set spantree portfast port port-listenable disable
23x0# set spantree portfast port 9,11,13 enable
Show spantree portfast port-list
Port Vlan Portfast Disable Enable
Displaying Port Fast Convergence Information
23x0# show spantree portfast
Configuring Backbone Fast Convergence
Set spantree backbonefast enable disable
23x0# set spantree backbonefast enable
Show spantree backbonefast
Backbonefast is enabled
Displaying the Backbone Fast Convergence State
23x0# show spantree backbonefast
Configuring Uplink Fast Convergence
Set spantree uplinkfast enable disable
Show spantree uplinkfast vlan vlan-id
Displaying Spanning Tree Information
Displaying Uplink Fast Convergence Information
23x0# show spantree uplinkfast
Displaying STP Bridge and Port Information
Show spantree port-listvlan vlan-id active
23x0# show spantree vlan mauve
23x0# show spantree portvlancost
Displaying the STP Port Cost on a Vlan Basis
Show spantree portvlancost port-list
Port 1 Vlan 1 have path cost
23x0# show spantree blockedports vlan default
Displaying Blocked STP Ports
Show spantree blockedports vlan vlan-id
Displaying Spanning Tree Statistics
Show spantree statistics port-listvlan vlan-id
23x0# show spantree statistics 1 Bpdu related parameters
Hold timer value Delay root port Timer
Topology change Timer
Topology change Timer value Hold timer
Delay root port Timer value Timer restarted is
Clearing STP Statistics
Spanning Tree Configuration Scenario
23x0# set port disable
Clear spantree statistics port-listvlan vlan-id
Disabled 128
Default None Backbone Down
Spanning tree mode
23x0# set port enable
Down Auto Network 10/100BaseTx 1000/full
Set igmp enable disable vlan vlan-id
Disabling or Reenabling Igmp Snooping
Disabling or Reenabling Proxy Reporting
Set igmp querier enable disable vlan vlan-id
Changing Igmp Timers
Set igmp proxy-report enable disable vlan vlan-id
Enabling the Pseudo-Querier
Changing the Query Interval
Set igmp qi seconds vlan vlan-id
Changing the Other-Querier-Present Interval
Set igmp oqi seconds vlan vlan-id
Changing the Query Response Interval
Set igmp qri tenth-seconds vlan vlan-id
Changing the Last Member Query Interval
Set igmp lmqi tenth-seconds vlan vlan-id
Changing Robustness
Set igmp mrsol enable disable vlan vlan-id
Enabling Router Solicitation
Set igmp rv num vlan vlan-id
Configuring Static Multicast Ports
Changing the Router Solicitation Interval
Set igmp mrsol mrsi seconds vlan vlan-id
Set igmp mrouter port port-listenable disable
Adding or Removing a Static Multicast Router Port
Set igmp receiver port port-listenable disable
Displaying Multicast Information
Adding or Removing a Static Multicast Receiver Port
Show igmp vlan vlan-id
23x0# show igmp vlan orange
192.28.7.5 Dvmrp Group Port Receiver-IP Receiver-MAC
Show igmp statistics vlan vlan-id
Displaying Multicast Statistics Only
Clearing Multicast Statistics
Clear igmp statistics vlan vlan-id
Show igmp querier vlan orange
Displaying Multicast Queriers
Show igmp querier vlan vlan-id
Querier for vlan orange Port Querier-IP Querier-MAC
Show igmp mrouter vlan orange
Displaying Multicast Routers
Show igmp mrouter vlan vlan-id
192.28.7.5 000102030405 Dvmrp
Displaying Multicast Receivers
23x0# show igmp receiver-table group 237.255.255.0/24
Vlan red Session Port Receiver-IP Receiver-MAC
Configuring and Managing Igmp Snooping 320657-A
Configuring and Managing Security ACLs
About Security Access Control Lists
Overview of Security ACL Commands
Setting Security ACLs
Creating and Committing a Security ACL
Security ACL Filters
Setting a Source IP ACL
Common IP Protocol Numbers
23x0# set security acl ip acl-1 permit 192.168.1.4
Class of Service
Class-of-Service CoS Packet Handling
Wildcard Masks
Configuring and Managing Security ACLs
Setting an Icmp ACL
Common Icmp Message Types and Codes
Common Icmp Message Types and Codes
Setting TCP and UDP ACLs
Setting a TCP ACL
Setting a UDP ACL
Configuring and Managing Security ACLs
Determining the ACE Order
Committing a Security ACL
23x0# commit security acl acl-99
23x0# commit security acl all
Viewing Committed Security ACLs
Viewing Security ACL Information
Viewing the Edit Buffer
Viewing Security ACL Details
Displaying Security ACL Hits
23x0# show security acl hits ACL hit-counters
Mapping Security ACLs
Clearing Security ACLs
23x0# clear security acl acl-99
Mapping User-Based Security ACLs
23x0# commit security acl acl-222 success change accepted
23x0# set user Natasha attr filter-id acl-222.in
Configuring and Managing Security ACLs
23x0# set security acl map acl-222 port 2 tag 1-3,5
Displaying ACL Maps to Ports, VLANs, and Virtual Ports
Clearing a Security ACL Map
23x0# show security acl map acl-999
ACL acljoe is mapped to
Modifying a Security ACL
23x0# show security acl map acljoe
23x0# clear security acl map acljoe port 4
Adding Another ACE to a Security ACL
23x0# show security acl info all
Placing One ACE before Another
Modifying an Existing Security ACL
ACL edit-buffer table
Clearing Security ACLs from the Edit Buffer
23x0# show security acl editbuffer
Type Status Acl-a Not Committed Acl-111
Using ACLs to Change CoS
23x0# rollback security acl acl-111
ACL edit-buffer information for all
Filtering Based on Dscp Values
23x0# commit security acl voip
Enabling Prioritization for Legacy Voice over IP
23x0# set security acl ip voip permit 0.0.0.0
23x0# set security acl map voip vlan corpvlan out
Security ACL Configuration Scenario
Enabling SVP Optimization for SpectraLink Phones
23x0# save config
Why Use Keys and Certificates?
Managing Keys Certificates
Wireless Security through TLS
About Keys and Certificates
PEAP-MS-CHAP-V2 Security
Public Key Infrastructures
Public and Private Keys
Digital Certificates
Pkcs #7, Pkcs #10, and Pkcs #12 Object Files
Crypto generate key command
Creating Keys and Certificates
Pkcs Object Files Supported by Nortel
Managing Keys and Certificates
Procedures for Creating and Validating Certificates
Admin key pair generated
Crypto generate key admin eap ssh webaaa 512 1024
23x0# crypto generate key admin
Creating Public-Private Key Pairs
Crypto generate self-signed admin eap webaaa
23x0# crypto generate self-signed admin Country Name US
Generating Self-Signed Certificates
Crypto otp admin eap webaaa one-time-password
Crypto pkcs12 admin eap webaaa filename
23x0# crypto generate request admin
Installing a CA’s Own Certificate
Begin Certificate
Key and Certificate Configuration Scenarios
23x0# show crypto certificate admin Certificate
Displaying Certificate and Key Information
Creating Self-Signed Certificates
23x0# crypto generate self-signed admin
Self-signed cert for admin is
ENDCERTIFICATE-----23x0#crypto generate self-signed eap
23x0# show crypto certificate admin
20# crypto generate self-signed webaaa Country Name US
23x0# show crypto certificate eap
23x0# show crypto certificate webaaa Certificate
23x0# copy tftp//192.168.253.1/2048admn.p12 2048admn.p12
23x0# crypto otp admin SeC%#6@o%c
23x0# crypto pkcs12 admin 2048admn.p12
23x0# copy tftp//192.168.253.1/20481x.p12 20481x.p12
Keypair Device certificate CA certificate
Email Address admin@example.com
Unstructured Name wiring closet 12 CSR for admin is
23x0# show crypto ca-certificate admin
23x0# crypto certificate admin
23x0# crypto ca-certificate admin
Enter PEM-encoded certificate
Configuring AAA for Network Users
About AAA for Network Users
Authentication
Authentication Types
Authentication Algorithm
Authentication Flowchart for Network Users
To 802.1X? Yes
Ssid Name Any
Last-Resort Processing
User Credential Requirements
Configuring AAA for Network Users
Authorization
CLI
Accounting
Summary of AAA Features
AAA Tools for Network Users
Wildcards and Groups for Network User Classification
Wildcard Any for Ssid Matching
AAA Methods for Ieee 802.1X and Web Network Access
AAA Rollover Process
Local Override Exception
Remote Authentication with Local Backup
Remote Pass-Through or Local Authentication
Ieee 802.1X Extensible Authentication Protocol Types
EAP-MD5
Ways an WSS Switch Can Use EAP
Configuring 802.1X Authentication
Effects of Authentication Type on Encryption Method
Configuring 802.1X Acceleration
Using Pass-Through
Authenticating through a Local Database
Binding User Authentication to Machine Authentication
Authentication Rule Requirements
Set dot1x bonded-period seconds
Bonded Authentication Period
Bonded Authentication Configuration Example
Clear dot1x bonded-period
Displaying Bonded Authentication Configuration Information
Show dot1x config 23x0# show dot1x config
23x0# set dot1x bonded-period
Configuring Authentication and Authorization by MAC Address
Adding and Clearing MAC Users and User Groups Locally
Adding MAC Users and Groups
Clearing MAC Users and Groups
23x0# set authentication mac ssid voice 010102* local
Configuring MAC Authentication and Authorization
23x0# set authentication mac ssid voice 010102030405 local
23x0# set mac-user 000102030405 attr vlan-name red
Set radius server server-nameauthor-password password
Configuring Web-based AAA
Changing the MAC Authorization Password for Radius
23x0# set radius server bigbird author-password h00per
How Portal Web-based AAA Works
Web-based AAA Requirements and Recommendations
WSS Requirements
Configuring AAA for Network Users
Client Web Browser Requirements
WSS Recommendations
Client NIC Requirements
Client Web Browser Recommendations
Configuring Portal Web-based AAA
Portal Web-based AAA Configuration Example
23x0# set user web-portal-mycorp attr vlan-name corpvlan
23x0# show config
23x0# show sessions network ssid mycorp
23x0# show sessions network ssid mycorp
Using a Custom Login
Copying and Modifying the Nortel Login
Custom Login Page Scenario
TitleMy Corp webAAA/title
23x0# mkdir mycorp-webaaa success change accepted
H3Welcome to Mycorp’s Wireless LAN/h3
BWARNING/b My corp’s warning text
23x0# dir mycorp-webaaa
Using Dynamic Fields in Web-based AAA Redirect URLs
Variables for Redirect URLs Description
Configuring Last-Resort Access
Configuring AAA for Users of Third-Party APs
WSS Switch Serving as Radius Proxy
Authentication Process for 802.1X Users of a Third-Party AP
WSS Switch Requirements
Requirements
Third-Party AP Requirements
23x0# set authentication mac wired aabbcc010101 srvrgrp1
Set authentication mac wired mac-addr-wildcard method1
23x0# set port type wired-auth 3-4 tag
Set radius proxy port port-listtag tag-valuessid ssid-name
23x0# set authentication proxy ssid mycorp ** srvrgrp1
23x0# set radius proxy client address 10.20.20.9 key radkey1
Assigning Authorization Attributes
End-date
Session-timeout
Idle-timeout
Service-type
Filter-id
Ssid
Start-date
Time-of-day
Url
Vlan-name
Assigning Attributes to Users and Groups
23x0# set user Jose attr filter-id acl-101.in
Assigning a Security ACL to a User or a Group
Assigning a Security ACL Locally
23x0# set usergroup eastcoasters attr filter-id acl-101.in
Assigning a Security ACL on a Radius Server
Clearing a Security ACL from a User or Group
Clear mac-usergroup groupname attr filter-id
Assigning Encryption Types to Wireless Users
Assigning and Clearing Encryption Types Locally
23x0# set mac-usergroup mac-fans attr encryption-type
Assigning and Clearing Encryption Types on a Radius Server
About the Location Policy
How the Location Policy Differs from a Security ACL
Setting the Location Policy
Applying Security ACLs in a Location Policy Rule
23x0# set location policy deny if user eq *.theirfirm.com
Displaying and Positioning Location Policy Rules
WSS-20show location policy
Configuring Accounting for Wireless Network Users
Set accounting admin console dot1x mac web
Clear location policy rule-number
Configuring AAA for Network Users
Viewing Local Accounting Records
WSS-20-0017#show accounting statistics
Viewing Roaming Accounting Records
WSS-20-0013#show accounting statistics
May 21 Acct-Status-Type=STOP Acct-Authentic=2
Rs-3
Set authentication admin Jose sg3
Server Addr Ports
Rs-4
Set authentication web ssid corpa ** corpasrvr
Avoiding AAA Problems in Configuration Order
Set authentication web ssid any ** sg1
Vlan-Name = k2
Configuring AAA for Network Users
Configuration for a Correct Processing Order
Using Authentication and Accounting Rules Together
Configuration Producing an Incorrect Processing Order
23x0# set accounting dot1x ssid mycorp * start-stop group1
Configuring a Mobility Profile
23x0# set mobility-profile name roses-profile port 2-4,7,9
23x0# show mobility-profile Mobility Profiles
Network User Configuration Scenarios
23x0# set mobility-profile mode enable
NamePorts ========================= Roses-profile
23x0# show security acl info acl-101
General Use of Network User Commands
23x0# set user EXAMPLE\username attr filter-id acl-101.in
Mobility Profiles NamePorts ========================= Tulip
WSS-20save config
Enabling Radius Pass-Through Authentication
23x0# set radius server r1 address 10.1.1.1 key sunny
23x0# set user Natasha attr session-timeout
Enabling PEAP-MS-CHAP-V2 Authentication
23x0# set user Natasha password moon
Unstructured Name wiring closet
Enabling PEAP-MS-CHAP-V2 Offload
23x0# set radius server r1 address 10.1.1.1 key starry
23x0# set radius server r1 address 10.1.1.1 key starry
Overriding AAA-Assigned VLANs
Configuring Communication with Radius
Radius Overview
Configuring Communication with Radius
Configuring Radius Servers
Before You Begin
23x0# set radius deadtime
Configuring Global Radius Defaults
Clear radius deadtime key retransmit timeout
23x0# set radius key r8gney
Setting the System IP Address as the Source Address
23x0# set radius client system-ip
23x0# clear radius client system-ip
Configuring Individual Radius Servers
Set radius server server-nameaddress ip-address key string
Configuring Radius Server Groups
Deleting Radius Servers
Clear radius server server-name
Configuring Load Balancing
Creating Server Groups
Ordering Server Groups
Clear server group group-nameload-balance
Set server group group-nameload-balance enable
Adding Members to a Server Group
23x0 # show aaa
Configuring Communication with Radius
Radius and Server Group Configuration Scenario
Deleting a Server Group
23x0# set server group shorebirds load-balance enable
Managing 802.1X on WSS Switch
Managing 802.1X on Wired Authentication Ports
Success dot1x authcontrol enabled
Set dot1x authcontrol enable disable
23x0# set dot1x authcontrol enable
Enabling and Disabling 802.1X Globally
Setting 802.1X Port Control
Managing 802.1X Encryption Keys
Success dot1x key transmission enabled
Set dot1x key-tx enable disable
23x0# set dot1x key-tx enable
Enabling 802.1X Key Transmission
23x0# set dot1x tx-period
Configuring 802.1X Key Transmission Time Intervals
Set dot1x tx-period seconds
Success dot1x tx-period set to
Configuring 802.1X WEP Rekeying
Configuring the Interval for WEP Rekeying
Managing WEP Keys
23x0# set dot1x max-req
Setting EAP Retransmission Attempts
Managing 802.1X Client Reauthentication
Success dot1x max request set to
23x0# set dot1x reauth enable
Enabling and Disabling 802.1X Reauthentication
Set dot1x reauth enable disable
Success dot1x reauthentication enabled
Success dot1x max reauth set to
Set dot1x reauth-max number-of-attempts
23x0# set dot1x reauth-max
23x0# clear dot1x reauth-max
Set dot1x reauth-period seconds
Setting the 802.1X Reauthentication Period
Success dot1x auth-server timeout set to
23x0# set dot1x reauth-period
Managing Other Timers
Setting the Bonded Authentication Period
Clear dot1x max-req
23x0# set dot1x quiet-period
Setting the 802.1X Quiet Period
Set dot1x quiet-period seconds
Success dot1x quiet period set to
23x0# set dot1x timeout auth-server
Setting the 802.1X Timeout for an Authorization Server
Set dot1x timeout auth-server seconds
23x0# clear dot1x timeout auth-server
Setting the 802.1X Timeout for a Client
Displaying 802.1X Information
Viewing 802.1X Clients
23x0# show dot1x clients
Viewing the 802.1X Configuration
Viewing 802.1X Statistics
23x0# show dot1x stats
Managing 802.1X on the WSS Switch 320657-A
Clear sessions admin console telnet client session-id
Displaying and Clearing Administrative Sessions
Show sessions admin console telnet client
Managing Sessions
Displaying and Clearing All Administrative Sessions
WSS-20 show sessions admin
23x0# clear sessions admin
Tty Username Time Type Tty0 5310 Console Console session
Displaying and Clearing an Administrative Console Session
WSS-20 show sessions console
23x0# clear sessions console
WSS-20 show sessions telnet
Displaying and Clearing Administrative Telnet Sessions
Tty Username Time Type Tty3 Sshadmin 2099
Telnet session
23x0 # show sessions network
Displaying and Clearing Network Sessions
Displaying and Clearing Client Telnet Sessions
User Sess IP or MAC
003065168d69 4385 Vlan-wep
Displaying Verbose Network Session Information
Jose@example.com 5125 Vlan-eng
761 000bbe154656 none
23x0# show sessions network user E
Displaying and Clearing Network Sessions by Username
Show sessions network user user-wildcard
Clear sessions network user user-wildcard
Show sessions net mac-addr 01055d7e981a
Displaying and Clearing Network Sessions by MAC Address
Show sessions network mac-addr mac-addr-wildcard
Clear sessions network mac-addr mac-addr-wildcard
Show sessions network vlan west
Displaying and Clearing Network Sessions by Vlan Name
Show sessions network vlan vlan-wildcard
Clear sessions network vlan vlan-wildcard
Displaying and Clearing Network Sessions by Session ID
Clear sessions network session-id session-id
2370# clear sessions network session-id
Managing System Files
About System Files
23x0# show version
Displaying Software Version Information
Show version details
23x0# show version details
W2 N/A
Displaying Boot Information
23x0# show boot
Working with Files
Displaying a List of Files
23x0# dir old
23x0# copy floor2WSS tftp//10.1.1.1/floor2WSS
23x0# copy floor2WSS tftp//10.1.1.1/floor2WSS-backup
Copying a File
Success sent 365 bytes in 0.401 seconds 910 bytes/sec
23x0# copy tftp//10.1.1.1/newconfig newconfig
23x0# copy tftp//10.1.1.1/newconfig WSSconfig
Successreceived9163214bytesin105.939seconds Bytes/sec
Deleting a File
23x0# copy testconfig tftp//10.1.1.1/testconfig
23x0# delete testconfig
Delete url
Creating a Subdirectory
23x0# mkdir corp2
Managing Configuration Files
Removing a Subdirectory
23x0# rmdir corp2
Displaying the Running Configuration
Show config area area all
23x0# show config area vlan
Managing System Files
23x0# save config newconfig
Saving Configuration Changes
Save config filename
Success configuration saved to newconfig
Set boot configuration-file filename
23x0# set boot configuration-file floor2WSS
Success boot config set
Loading a Configuration File
Load config url
23x0# load config newconfig
Resetting to the Factory Default Configuration
Backing Up and Restoring the System
Managing System Files
Managing Configuration Changes
23x0# restore system tftp/10.10.20.9/sysabak
Backup and Restore Examples
23x0# backup system tftp/10.10.20.9/sysabak critical
Upgrading the System Image
Managing System Files 320657-A
Rogue Detection Countermeasures
About Rogues and RF Detection
Rogue access points and Clients
Rogue Classification
Rogue Detection Lists
Rogue Detection and Countermeasures
Rogue Detection Algorithm
RF Detection Scans
Dynamic Frequency Selection DFS
Summary of Rogue Detection Features
Countermeasures
Configuring Rogue Detection Lists
Show rfdetect vendor-list
Configuring a Permitted Vendor List
Set rfdetect vendor-list client ap mac-addr
23x0# show rfdetect vendor-list Total number of entries
Show rfdetect ssid-list
Configuring a Permitted Ssid List
Set rfdetect ssid-list ssid-name
23x0# show rfdetect ssid-list Total number of entries
Show rfdetect black-list
Configuring a Client Black List
Set rfdetect black-list mac-addr
23x0# show rfdetect black-list
Show rfdetect attack-list
Configuring an Attack List
Set rfdetect attack-list mac-addr
23x0# show rfdetect attack-list
Configuring an Ignore List
Enabling Countermeasures
Disabling or Reenabling Active Scan
Enabling AP Signatures
Enabling Rogue and Countermeasures Notifications
Set rfdetect log enable disable
Disabling or Reenabling Logging of Rogues
IDS and DoS Alerts
Flood Attacks
DoS Attacks
Netstumbler and Wellenreiter Applications
Wireless Bridge
Ad-Hoc Network
Weak WEP Key Used by Client
Disallowed Devices or SSIDs
Displaying Statistics Counters
IDS Log Message Examples
IDS and DoS Log Messages
Message Type
Displaying RF Detection Information
Show rfdetect attack-list
Show rfdetect ignore
23x0# show rfdetect clients mac 000c4163fd6d
Displaying Rogue Clients
Show rfdetect clients mac mac-addr
23x0# show rfdetect clients
Displaying Rogue Detection Counters
Show rfdetect counters
23x0# show rfdetect counters
23x0# show rfdetect mobility-domain
Displaying Ssid or Bssid Information for a Mobility Domain
Show rfdetect mobility-domain ssid ssid-namebssid mac-addr
23x0# show rfdetect mobility-domain ssid nrtl-webaaa
23x0# show rfdetect mobility-domain bssid 000b0e0004d1
Displaying RF Detect Data
Show rfdetect data
23x0 # show rfdetect data
Displaying the APs Detected by an AP Radio
23x0# show rfdetect visible ap 3 radio
Displaying Countermeasures Information
Show rfdetect countermeasures
23x0# show rfdetect countermeasures
Rogue Detection and Countermeasures 320657-A
Appendix a Troubleshooting a WS Switch
Fixing Common WSS Setup Problems
WSS Setup Problems and Remedies
Symptom Diagnosis
WSS-2350
Recovering the System Password
Boot boot OPT+=default
WSS-2370, WSS-2380, or WSS-2360
Configuring and Managing the System Log
Log Message Components
Logging Destinations and Levels
Info
Debug
Using Log Commands
Logging to the Log Buffer
Logging to the Console
Logging Messages to a Syslog Server
Setting Telnet Session Defaults
Changing the Current Telnet Session Defaults
Displaying the Log Configuration
Logging to the Trace Buffer
Saving Trace Messages in a File
Running Traces
Using the Trace Command
Tracing Authentication Activity
Tracing Session Manager Activity
Stopping a Trace
Tracing Authorization Activity
Displaying a Trace
Tracing 802.1X Sessions
23x0# show log trace severity error
About Trace Results
Displaying Trace Results
Copying Trace Results to a Server
Clearing the Trace Log
List of Trace Areas
Viewing AAA Session Statistics
Using Show Commands
Viewing Vlan Interfaces
WSS-2370# show interface
Vlan-name = vlan-wep
Viewing FDB Information
Viewing ARP Information
23x0# show fdb
How Remote Traffic Monitoring Works
Using Snoop Filters on Radios That Use Active Scan
Remotely Monitoring Traffic
Best Practices for Remote Traffic Monitoring
Appendix a Troubleshooting a WS Switch
Configuring a Snoop Filter
23x0# set snoop snoop1 observer 10.10.30.2 snap-length
Editing a Snoop Filter
Displaying Configured Snoop Filters
Mapping a Snoop Filter to a Radio
Deleting a Snoop Filter
Displaying the Snoop Filter Mappings for All Radios
Enabling or Disabling a Snoop Filter
Displaying the Snoop Filters Mapped to a Radio
Removing Snoop Filter Mappings
23x0# set snoop snoop1 mode enable stop-after
Success filter snoop1 enabled
Displaying Remote Traffic Monitoring Statistics
Preparing an Observer and Capturing Traffic
Show snoop stats filter-namedap-numradio 1
Capturing System Information for Technical Support
Displaying Technical Support Information
Success results saved to fortechsupport.gz
Sending Information to Nets
23x0# show tech-support file fortechsupport
23x0# copy fortechsupport.gz tftp//tftpserver/filename.gz
Appendix a Troubleshooting a WS Switch 320657-A
Appendix B Supported Radius Attributes
Supported Standard and Extended Attributes
801.1X Attributes
801.1X Attributes
Radius
Nortel Vendor-Specific Attributes
Nortel VSAs
Appendix C Mobility Domain Traffic Ports
Protocol Port Function
Appendix C Mobility Domain Traffic Ports 320657-A
Appendix D Dhcp Server
Configuring the Dhcp Server
How the WSS Software Dhcp Server Works
Displaying Dhcp Server Information
Show dhcp-server interface vlan-id verbose
23x0# show dhcp-server
Appendix D Dhcp Server
Glossary
Advanced Encryption Standard See AES
Authentication, authorization, and accounting See AAA
CBC-MAC See Ccmp
Cyclic redundancy check See CRC
Glossary
EAP with Transport Layer Security See EAP-TLS
Group master key See GMK
Group transient key See GTK
Industry Canada See IC Information element See WPA IE
Media access control address See MAC address
Microsoft Challenge Handshake Authentication
Per-VLAN Spanning Tree protocol See PVST+
Port address translation See PAT Power over Ethernet See PoE
Quality of service See QoS
Remote Authentication Dial-In User Service See Radius
Spanning Tree Protocol See STP
Temporal Key Integrity Protocol See Tkip
Type, length, and value See TLV
Wisp
WPA information element See WPA IE
Glossary 320657-A
Index
Numerics
Index
Index
DNS
Enable password
Description
Subnet masks for, notation conventions System IP address
366 To ports, VLANs, or virtual ports 368
Index
Radius
Https
Index
Configuring 341 rogue access points detecting
TCP
Snmp
STP
Uplink fast convergence
Index
WMS
Index 320657-A
Command Index
Command Index
Set dap auto radiotype
Command Index
Command Index
324 Show spantree blockedports 329
