Nortel Wlan Security Switch 2300 Series Configuration Guide
Statement of conditions
Copyright Nortel Networks Limited 2005. All rights reserved
Trademarks
Restricted rights legend
Nortel Inc. software license agreement
USA requirements only
Legal Information
Limited Product Warranty
Limited Warranty
Software License Agreement
Nortel Wlan Security Switch 2300 Series Configuration Guide
SSH Source Code Statement
OpenSSL Project License Statements
Class a Statement RF Radiation Hazard Warning
Deployment Statement
320657-A
Contents
Configuring and Managing Ports and VLANs
Configuring and Managing IP Interfaces and Services
Configuring Snmp
Configuring and Managing Mobility Domain Roaming
Configuring AP access points
Wi-Fi Multimedia
Configuring and Managing Igmp Snooping
Managing Keys and Certificates
Configuring AAA for Network Users
Configuring Communication with Radius
Managing 802.1X on the WSS Switch
Managing System Files
Troubleshooting a WS Switch
Supported Radius Attributes
Contents 320657-A
How to get Help
Getting Help over the phone from a Nortel Solutions Center
Getting Help from the Nortel Web site
Getting Help through a Nortel distributor or reseller
Nortel Wlan 2300 System
Introducing the Nortel Wlan 2300 System
Documentation
Planning, Configuration, and Deployment
Safety and Advisory Notices
Menu Name Command
Text and Syntax Conventions
Bold text
CLI Conventions
Using the Command-Line Interface
NT-mm-nnnnnn
Command Prompts
Clear fdb dynamic port port-list vlan vlan-id
Set port enable disable port-list
Syntax Notation
Clear interface vlan-idip
Text Entry Conventions and Allowed Characters
MAC Address Notation
IP Address and Mask Notation
0001
User Wildcards, MAC Address Wildcards, and Vlan Wildcards
User Wildcards
MAC Address Wildcards
Vlan Wildcards
Matching Order for Wildcards
000102 00010203 0001020304
23x0# show port poe 1,2,4,13
23x0# set port enable
23x0# reset port
Port Lists
Virtual LAN Identification
Command-Line Editing
Keyboard Shortcuts Function
Keyboard Shortcuts
History Buffer
Tabs
Single-Asterisk * Wildcard Character
Double-Asterisk ** Wildcard Characters
Using CLI Help
23x0# help Commands
23x0# show i?
Set ap dap name
Understanding Command Descriptions
Server Status Port Enabled
23x0# show ip telnet
Overview of AAA for Administrative and Local Access
Configuring AAA for Administrative and Local Access
Configuring AAA for Administrative and Local Access
Typical Nortel Wlan 2300 System
Before You Start
About Administrative Access
Access Modes
Types of Administrative Access
First-Time Configuration using the Console
Username
Enabling an Administrator
Password
23x0 enable
23x0# set enablepass
Setting the WSS Switch Enable Password
Setting the WSS Enable Password for the First Time
WMS Enable Password
Configuring AAA for Administrative and Local Access
23x0# set authentication console * local
Authenticating at the Console
Customizing AAA with Wildcards and Groups
Setting User Passwords
Success User Jose created
Configuring Accounting for Administrative Users
Adding and Clearing Local Users for Administrative Access
Set user username password password
23x0# show accounting statistics
23x0# show aaa
Displaying the AAA Configuration
Saving the Configuration
23x0# save config configday
Administrative AAA Configuration Scenarios
Local Authentication
23x0# set server group sg1 members r1
Success change accepted
Local Override and Backup Local Authentication
Authentication When Radius Servers Do Not Respond
Configuring and Managing Ports
Configuring and Managing Ports and VLANs
Vlan
Setting the Port Type
Show version
WSS 2380 40 AP Software License Upgrade
Setting a Port for a Directly Connected AP access port
23x0# set port type ap 4-6 model 2330 poe enable
Setting a Port for a Wired Authentication User
Configuring for a Distributed AP
23x0# set port type wired-auth
Clearing a Port
Clear port type port-list
Clearing a Distributed AP
23x0# clear port type
Clear dap dap-num
Configuring a Port Name
Setting a Port Name
Removing a Port Name
RJ45
Set port preference port-listrj45
Clear port preference port-list
Show port preference port-list
Configuring Port Operating Parameters
10/100 Ports-Autonegotiation and Port Speed
Gigabit Ports-Autonegotiation and Flow Control
Disabling or Reenabling a Port
Disabling or Reenabling Power over Ethernet
Resetting a Port
Set port poe port-listenable disable
Reset port port-list
Show port status port-list
Displaying Port Configuration and Status
Displaying Port Information
Displaying PoE State
Displaying Port Statistics
Clearing Statistics Counters
Monitoring Port Statistics
23x0# monitor port counters
Link Redundancy
Configuring Load-Sharing Port Groups
Configuring a Port Group
Load Sharing
Interoperating with Cisco Systems EtherChannel
Configuring and Managing VLANs
Removing a Port Group
Displaying Port Group Information
Understanding VLANs in Nortel WSS Software
VLANs, IP Subnets, and IP Addressing
Users and VLANs
Vlan Names
Roaming and VLANs
Traffic Forwarding
Tunnel Affinity
802.1Q Tagging
Set vlan vlan-numname name
Configuring a Vlan
Creating a Vlan
Adding Ports to a Vlan
23x0# clear vlan marigold port 13 tag
Removing an Entire Vlan or a Vlan Port
23x0# set vlan red port 9-11,21
23x0# clear vlan red port
23x0# clear vlan ecru
Set vlan vlan-idtunnel-affinity num
Changing Tunneling Affinity
Displaying Vlan Information
Show vlan config vlan-id
23x0# show vlan config burgundy
Managing the Layer 2 Forwarding Database
Types of Forwarding Database Entries
How Entries Enter the Forwarding Database
Show fdb count perm static dynamic vlan vlan-id
Displaying Forwarding Database Information
Displaying the Size of the Forwarding Database
Displaying Forwarding Database Entries
23x0# set fdb static 002b3c4d5e6f port 1 vlan default
Adding an Entry to the Forwarding Database
23x0# set fdb perm 00bbccddeeff port 3,5 vlan blue
Removing Entries from the Forwarding Database
23x0# clear fdb dynamic
23x0# clear fdb port 3,5
Changing the Aging Timeout Period
Port and Vlan Configuration Scenario
Configuring the Aging Timeout Period
Displaying the Aging Timeout Period
23x0# set system countrycode US
23x0# set port 6 name confroom1
23x0# set port 7 name confroom2
23x0# set port 8-13 name manufacturing
MAC
23x0# set port type ap 2-16 model 2330 poe enable
Port group backbonelink is up Ports 22
23x0# set port type wired-auth 17,18
Save the configuration. Type the following command
MTU Support
Configuring and Managing IP Interfaces and Services
Configuring and Managing IP Interfaces
Statically Configuring an IP Interface
Adding an IP Interface
Enabling the Dhcp Client
Set interface vlan-idip dhcp-client enable disable
23x0# set interface corpvlan ip dhcp-client enable
23x0# show interface
23x0# show dhcp-client
Interface Corpvlan4 Configuration Status Enabled Dhcp State
Set interface vlan-idstatus up down
Disabling or Reenabling an IP Interface
Removing an IP Interface
Configuring the System IP Address
Displaying IP Interface Information
Show interface vlan-id
Set system ip-address ip-addr
Designating the System IP Address
Show system
Displaying the System IP Address
Configuring and Managing IP Routes
Clearing the System IP Address
Clear system ip-address
Configuring and Managing IP Interfaces and Services 320657-A
Displaying IP Routes
Show ip route destination
23x0# show ip route
224.0.0.0/ 4 IP Local
23x0# set ip route default 10.5.4.1
Adding a Static Route
23x0# set ip route 192.168.4.0 255.255.255.0 10.5.4.2
23x0# clear ip route 192.168.4.69/24
Managing the Management Services
23x0# clear ip route default
Removing a Static Route
Enabling SSH
Login Timeouts
Session Timeouts
Managing SSH
23x0# show crypto key ssh ec6f567fd1fdc02893aea4f97cf51304
Changing the SSH Service Port Number
Adding an SSH User
Show crypto key ssh
23x0# clear sessions admin ssh
Changing SSH Timeouts
Show sessions admin Clear sessions admin ssh session-id
23x0# show sessions admin
Adding a Telnet User
Telnet Login Timers
Managing Telnet
Enabling Telnet
Changing the Telnet Service Port Number
Resetting the Telnet Service Port Number to Its Default
Managing Telnet Server Sessions
Displaying Https Information
Configuring and Managing DNS
Managing Https
Enabling Https
Configuring and Managing IP Interfaces and Services
Enabling or Disabling the DNS Client
Set ip dns enable disable
Set ip dns server ip-addrprimary secondary
Configuring DNS Servers
Adding a DNS Server
Removing a DNS Server
Set ip dns domain name
Configuring a Default Domain Name
Adding the Default Domain Name
Removing the Default Domain Name
23x0# show ip dns
Configuring and Managing Aliases
Displaying DNS Server Information
Show ip dns
Adding an Alias
Set ip alias name ip-addr
23x0# set ip alias HR1
Clear ip alias name
Removing an Alias
23x0# show ip alias
Configuring and Managing Time Parameters
Displaying Aliases
Show ip alias name
Setting the Time Zone
Displaying the Time Zone
Clearing the Time Zone
Configuring the Summertime Period
Displaying the Summertime Period
Clearing the Summertime Period
Time now is Sun Feb 29 2004, 235802 PST
Statically Configuring the System Time and Date
Set timedate date mmm dd yyyy time hhmmss
23x0# set timedate date feb 29 2004 time
Show timedate 23x0# show timedate
Displaying the Time and Date
Configuring and Managing NTP
Adding an NTP Server
Set ntp server ip-addr
23x0# set ntp server
Clear ntp server ip-addrall
Removing an NTP Server
Changing the NTP Update Interval
Set ntp update-interval seconds
23x0# set ntp update-interval
Clear ntp update-interval
Resetting the Update Interval to the Default
Enabling the NTP Client
Set ntp enable disable
Managing the ARP Table
Displaying NTP Information
Show ntp
Displaying ARP Table Entries
Show arp ip-addr
23x0# show arp
Success added arp 10.10.10.1 at 00bbccddeeff on Vlan
Adding an ARP Entry
Set arp permanent static dynamic ip-addrmac-addr
23x0# set arp static 10.10.10.1 00bbccddeeff
23x0# set arp agingtime
Changing the Aging Timeout
Pinging Another Device
Set arp agingtime seconds
23x0# clear sessions telnet client
Logging In to a Remote Device
23x0# telnet
23x0# show sessions telnet client
IP Interfaces and Services Configuration Scenario
Tracing a Route
23x0# traceroute server1
23x0# set ip route default 10.20.10.1
23x0# set system ip-address
23x0# set ip dns server 10.10.10.69 Primary
23x0 # show ip dns
23x0# set ip dns enable
Summertime is enabled, and set to PDT
23x0# set ip dns server 10.20.10.69 Secondary
Configuring Snmp
Configuring Snmp
Overview
23x0# set system location 3rdfloorcloset
Setting the System Location and Contact Strings
23x0# set system contact sysadmin1
Set system location string set system contact string
Set snmp protocol v1 v2c usm all enable disable
23x023x0# set snmp protocol all enable
Enabling Snmp Versions
Clear snmp community name comm-string
Configuring Community Strings SNMPv1 and SNMPv2c Only
Clear snmp usm usm-username
Creating a USM User for SNMPv3
23x0# set snmp usm snmpmgr1 snmp-engine-id local
Command Examples
23x0# set snmp security encrypted
Setting Snmp Security
Clear snmp profile profile-name
Configuring a Notification Profile
23x0# set snmp notify profile default send all
Configuring Snmp
Configuring a Notification Target
Security unsecured authenticated encrypted
Clear snmp notify target target-num
23x0# set snmp notify target 2 10.10.40.10 v1 trap
Displaying Snmp Information
Enabling the Snmp Service
Set ip snmp server enable disable
23x0# set ip snmp server enable
Displaying Snmp Version and Status Information
Displaying the Configured Snmp Community Strings
Displaying USM Settings
Displaying Notification Profiles
23x0# show snmp notify profile insert updated example
Displaying Notification Targets
23x0# show snmp notify target insert updated example
Displaying Snmp Statistics Counters
Configuring Snmp 320657-A
About the Mobility Domain Feature
Configuring and Managing Mobility Domain Roaming
Configuring a Mobility Domain
Configuring the Seed
Set mobility-domain mode seed domain-name mob-domain-name
23x0# set mobility-domain mode seed domain-name Pleasanton
Set mobility-domain member ip-addr
Configuring Member WSSs on the Seed
Configuring a Member
Set mobility-domain mode member seed-ip ip-addr
23x0# set mobility-domain mode member seed-ip
192.168.15.5
Displaying Mobility Domain Status
2370# show mobility-domain status
192.168.14.6
Displaying the Mobility Domain Configuration
2370# show mobility-domain config
This WSS is a member, with seed
2370# clear mobility-domain
Clearing a Mobility Domain from a WSS
Clear mobility-domain member ip-addr
Clearing a Mobility Domain Member from a Seed
23x0# show roaming station
Displaying Roaming Stations
Displaying Roaming VLANs and Their Affinities
23x0 # show roaming vlan
Affinity
State Port
Understanding the Sessions of Roaming Users
Displaying Tunnel Information
23x0 # show tunnel
Active
Requirements for Roaming to Succeed
Effects of Timers on Roaming
23x0# set mobility-domain member seed-ip
Mobility Domain Scenario
Monitoring Roaming Sessions
WSS-20show sessions network verbose
23x0# show mobility-domain config
23x0# show roaming vlan
23x0# show tunnel
Configuring User Encryption
Wireless Encryption Defaults
Default Encryption
Configuring WPA
WPA Cipher Suites
WPA Encryption with Tkip Only
WPA Encryption with Tkip and WEP
Tkip Countermeasures
WPA Authentication Methods
WPA Information Element
Client Support
Supported
Encryption Support for WPA and Non-WPA Clients
Specifying the WPA Cipher Suites
Configuring WPA
Creating a Service Profile for WPA
Enabling WPA
Enabling PSK Authentication
Changing the Tkip Countermeasures Timer Value
Set service-profile name psk-raw hex
Set service-profile name auth-psk enable disable
23x0# set service-profile wpa auth-psk enable
Set service-profile name psk-phrase passphrase
Set radio-profile name service-profile name
Displaying WPA Settings
Show service-profile name ?
23x0# show service-profile wpa
Specifying the RSN Cipher Suites
Configuring RSN
Creating a Service Profile for RSN
Enabling RSN
23x0# set service-profile rsn cipher-ccmp enable
Displaying RSN Settings
23x0# set radio-profile blgd2 service-profile rsn
Configuring WEP
Encryption for Dynamic and Static WEP
Set service-profile name wep key-index num key value
Setting Static WEP Key Values
Encryption Configuration Scenarios
23x0# set service-profile wepsrvc4 wep active-unicast-index
Assigning Static WEP Keys
Enabling WPA with Tkip
23x0# set service-profile wpa success change accepted
23x0# show ap config
Enabling Dynamic WEP in a WPA Network
23x0# set service-profile wpa-wep success change accepted
23x0# show service-profile wpa-wep
23x0# set ap 5,11 radio 1 radio-profile rp2 mode enable
Success change accepted
23x0# set service-profile wpa-wep-for-mac
Configuring Encryption for MAC Clients
23x0# show service-profile wpa-wep-for-mac
23x0# show ap config
Configuring User Encryption 320657-A
AP Overview
Configuring AP access points
Example Nortel Network
Country of Operation
Distributed AP Network Requirements
Directly Connected APs and Distributed APs
Distributed APs and Dhcp Option
Distributed APs and STP
AP Parameters
Name
Bias High
Group
Upgrade-firmware Enable
Disable
Resiliency and Dual-Homing Options for APs
Dual-Homed Direct Connections to a Single WSS
Dual-Homed Direct and Distributed Connections to WSSs
Dual-Homed Distributed Connections to WSSs on Both AP Ports
Dual-Homed Distributed Connections to WSSs on One AP Port
AP Boot Process
Configuring AP access points
Configuring AP access points
Configuring AP access points
Example AP Boot over Layer 2 Network
Example AP Boot over Layer 3 Network
Example Boot of Dual-Homed AP
Dual-Homed AP Booting
Session Load Balancing
Service Profiles
Public and Private SSIDs
Encryption
Dap status command
Configuring AP access points
Radio Profiles
Default Radio Profile
RF Auto-Tuning
Antennatype Internal Nortel external antenna model
Tx-power
Radio-Specific Parameters
Channel
Configuring AP access points
Set system countrycode code
Specifying the Country of Operation
WSS
23x0# show system
How an Unconfigured AP Finds an WSS Switch To Configure It
Configuring a Template for Automatic AP Configuration
Radio 2 type 802.11a, mode enabled, channel dynamic
Configured APs Have Precedence Over Unconfigured APs
Configuring a Template
23x0# show dap config auto
Changing AP Parameter Values
23x0# set dap auto mode enable
23x0# set dap auto radio 1 radio-profile autodap1
23x0# show dap status auto
Set dap auto persistent dap-numall
Setting the Port Type for a Directly Connected AP
Configuring AP Port Parameters
Port parameter Setting
23x0# set port type ap 11-14,16 model 2330 poe enable
Configuring an Indirectly Connected AP
Changing AP Names
Clearing an AP from the Configuration
Changing Bias
Configuring a Load-Balancing Group
Disabling or Reenabling Automatic Firmware Upgrades
Enabling LED Blink Mode
RSA aaaaaaaaaaaaaaaa aaaaaaaaaaaaaaaa
Configuring AP-WSS Security
Encryption Key Fingerprint
Encryption Options
23x0# show dap status
Confirming an AP’s Fingerprint on an WSS Switch
23x0# set dap security require
Setting the AP Security Requirement on an WSS Switch
Set dap num fingerprint hex
Set dap security require optional
Fingerprint Log Message
Disabling or Reenabling Beaconing of an Ssid
Configuring a Service Profile
Changing the Fallthru Authentication Type
Disabling or Reenabling Encryption for an Ssid
Configuring AP access points
Changing Radio Parameters
Configuring a Radio Profile
Set radio-profile name mode enable disable
Creating a New Profile
23x0# set radio-profile rp1 dtim-interval
Set radio-profile name beacon-interval interval
23x0# set radio-profile rp1 beacon-interval
Set radio-profile name dtim-interval interval
23x0# set radio-profile rp1 frag-threshold
Set radio-profile name rts-threshold threshold
23x0# set radio-profile rp1 rts-threshold
Set radio-profile name frag-threshold threshold
23x0# set radio-profile rp1 max-tx-lifetime
Set radio-profile name max-rx-lifetime time
23x0# set radio-profile rp1 max-rx-lifetime
Set radio-profile name max-tx-lifetime time
23x0# set radio-profile rplong preamble-length long
Set radio-profile name 11g-only enable disable
23x0# set radio-profile rp1 11g-only enable
Set radio-profile name preamble-length long short
Clear radio-profile name
Resetting a Radio Profile Parameter to its Default Value
Removing a Radio Profile
Clear radio-profile name parameter
Configuring the Channel and Transmit Power
Configuring Radio-Specific Parameters
Configuring the External Antenna Model
23x0# set ap 11 radio 1 channel 1 tx-power
23x0# set ap 5 radio 2 channel 36 tx-power
23x0# set dap 1 radio 1 antennatype ANT1060
23x0# set radio-profile rp2 service-profile wpaclients
Mapping the Radio Profile to Service Profiles
Assigning a Radio Profile and Enabling Radios
23x0# set ap 11-14,16 radio 2 radio-profile rp1 mode enable
23x0# set ap 6 radio 1 radio-profile rp1 mode disable
Disabling or Reenabling Radios
Set ap port-listdap dap-numradio 1 2 mode enable disable
23x0# set ap 3,7 radio 2 mode disable
Enabling or Disabling Individual Radios
Disabling or Reenabling All Radios Using a Profile
23x0# set radio-profile rp1 mode enable
23x0# set radio-profile rp1 mode disable
Resetting a Radio to its Factory Default Settings
Clear ap port-listdap dap-numradio 1 2 all
23x0# clear ap 3 radio
Restarting an AP
Displaying AP Information
23x0# show dap config
Displaying AP Configuration Information
Displaying a List of Distributed APs
Show dap global dap-numserial-id serial-ID
23x0 # show dap global
23x0 # show dap unconfigured
Show dap unconfigured
Show dap connection dap-numserial-id serial-ID
Displaying Connection Information for Distributed APs
23x0 # show service-profile wpaclients
Displaying Service Profile Information
23x0 # show radio-profile default
Displaying Radio Profile Information
Show radio-profile name ?
Displaying AP Status Information
23x0 # show ap counters
Displaying AP Statistics Counters
116665 7694 11643396 629107 112115 3368239 142900
Totl
RF Auto-Tuning Overview
Configuring RF Auto-Tuning
Initial Channel and Power Assignment
Channel and Power Tuning
Power Tuning
Channel Tuning
Tuning the Transmit Data Rate
RF Auto-Tuning Parameters
Min-client-rate For 802.11b For 802.11a
Changing RF Auto-Tuning Settings
Changing the Channel Holddown Interval
Changing Channel Tuning Settings
Disabling or Reenabling Channel Tuning
Changing the Channel Tuning Interval
Changing the Power Backoff Interval
Changing Power Tuning Settings
Enabling Power Tuning
Changing the Power Tuning Interval
23x0# set ap 7 radio 1 auto-tune max-power
Changing the Client Retransmission Threshold
23x0# set ap 7 radio 1 auto-tune max-retransmissions
Changing the Minimum Transmit Data Rate
Displaying RF Auto-Tuning Information
Displaying RF Auto-Tuning Settings
23x0# show radio-profile default
23x0# show ap config 2 radio
23x0# show auto-tune neighbors ap 2 radio
Displaying RF Neighbors
23x0# show auto-tune attributes ap 2 radio
Displaying RF Attributes
Configuring RF Auto-Tuning 320657-A
How WMM Works in WSS Software
Wi-Fi Multimedia
QoS on the WSS Switch
WMM in a Nortel Network
QoS on an AP
Set radio-profile name wmm enable disable
Disabling or Reenabling WMM
WMM Priority Mappings
23x0# show dap qos-stats
Displaying WMM Information
23x0# show radio-profile radprof1
Show dap qos-stats dap-numshow dap qos-stats port-list
Wi-Fi Multimedia
Configuring and Managing Spanning Tree Protocol
Set spantree enable disable
23x0# set spantree enable
Enabling the Spanning Tree Protocol
Changing Standard Spanning Tree Parameters
Snmp Port Path Cost Defaults
Port Priority
Changing the Bridge Priority
Set spantree priority value all vlan vlan-id
23x0# set spantree priority 69 vlan pink
Resetting the STP Port Cost to the Default Value
Changing STP Port Parameters
Changing the STP Port Cost
23x0# set spantree portvlanpri 3-4 priority 48 vlan mauve
Resetting the STP Port Priority to the Default Value
Changing the STP Port Priority
23x0# set spantree portpri 3-4 priority
Changing the STP Maximum Age
Changing Spanning Tree Timers
Changing the STP Forwarding Delay
Changing the STP Hello Interval
23x0# set spantree maxage 15 all
Configuring and Managing STP Fast Convergence Features
Uplink Fast Convergence
Configuring Port Fast Convergence
Set spantree portfast port port-listenable disable
23x0# set spantree portfast port 9,11,13 enable
23x0# show spantree portfast
Port Vlan Portfast Disable Enable
Displaying Port Fast Convergence Information
Show spantree portfast port-list
Configuring Backbone Fast Convergence
Set spantree backbonefast enable disable
23x0# set spantree backbonefast enable
23x0# show spantree backbonefast
Backbonefast is enabled
Displaying the Backbone Fast Convergence State
Show spantree backbonefast
Set spantree uplinkfast enable disable
Configuring Uplink Fast Convergence
23x0# show spantree uplinkfast
Displaying Spanning Tree Information
Displaying Uplink Fast Convergence Information
Show spantree uplinkfast vlan vlan-id
Displaying STP Bridge and Port Information
Show spantree port-listvlan vlan-id active
23x0# show spantree vlan mauve
Port 1 Vlan 1 have path cost
Displaying the STP Port Cost on a Vlan Basis
Show spantree portvlancost port-list
23x0# show spantree portvlancost
23x0# show spantree blockedports vlan default
Displaying Blocked STP Ports
Show spantree blockedports vlan vlan-id
Displaying Spanning Tree Statistics
Show spantree statistics port-listvlan vlan-id
23x0# show spantree statistics 1 Bpdu related parameters
Delay root port Timer value Timer restarted is
Topology change Timer
Topology change Timer value Hold timer
Hold timer value Delay root port Timer
Clear spantree statistics port-listvlan vlan-id
Spanning Tree Configuration Scenario
23x0# set port disable
Clearing STP Statistics
23x0# set port enable
Default None Backbone Down
Spanning tree mode
Disabled 128
Down Auto Network 10/100BaseTx 1000/full
Set igmp enable disable vlan vlan-id
Disabling or Reenabling Igmp Snooping
Disabling or Reenabling Proxy Reporting
Enabling the Pseudo-Querier
Changing Igmp Timers
Set igmp proxy-report enable disable vlan vlan-id
Set igmp querier enable disable vlan vlan-id
Set igmp qi seconds vlan vlan-id
Changing the Query Interval
Set igmp oqi seconds vlan vlan-id
Changing the Other-Querier-Present Interval
Set igmp qri tenth-seconds vlan vlan-id
Changing the Query Response Interval
Set igmp lmqi tenth-seconds vlan vlan-id
Changing the Last Member Query Interval
Set igmp rv num vlan vlan-id
Set igmp mrsol enable disable vlan vlan-id
Enabling Router Solicitation
Changing Robustness
Configuring Static Multicast Ports
Changing the Router Solicitation Interval
Set igmp mrsol mrsi seconds vlan vlan-id
Adding or Removing a Static Multicast Router Port
Set igmp mrouter port port-listenable disable
Set igmp receiver port port-listenable disable
Displaying Multicast Information
Adding or Removing a Static Multicast Receiver Port
Show igmp vlan vlan-id
23x0# show igmp vlan orange
192.28.7.5 Dvmrp Group Port Receiver-IP Receiver-MAC
Clear igmp statistics vlan vlan-id
Displaying Multicast Statistics Only
Clearing Multicast Statistics
Show igmp statistics vlan vlan-id
Querier for vlan orange Port Querier-IP Querier-MAC
Displaying Multicast Queriers
Show igmp querier vlan vlan-id
Show igmp querier vlan orange
192.28.7.5 000102030405 Dvmrp
Displaying Multicast Routers
Show igmp mrouter vlan vlan-id
Show igmp mrouter vlan orange
Displaying Multicast Receivers
23x0# show igmp receiver-table group 237.255.255.0/24
Vlan red Session Port Receiver-IP Receiver-MAC
Configuring and Managing Igmp Snooping 320657-A
About Security Access Control Lists
Configuring and Managing Security ACLs
Setting Security ACLs
Overview of Security ACL Commands
Security ACL Filters
Creating and Committing a Security ACL
Setting a Source IP ACL
Common IP Protocol Numbers
23x0# set security acl ip acl-1 permit 192.168.1.4
Class of Service
Class-of-Service CoS Packet Handling
Wildcard Masks
Configuring and Managing Security ACLs
Common Icmp Message Types and Codes
Setting an Icmp ACL
Common Icmp Message Types and Codes
Setting TCP and UDP ACLs
Setting a TCP ACL
Setting a UDP ACL
Configuring and Managing Security ACLs
Determining the ACE Order
Committing a Security ACL
23x0# commit security acl acl-99
23x0# commit security acl all
Viewing Security ACL Details
Viewing Security ACL Information
Viewing the Edit Buffer
Viewing Committed Security ACLs
23x0# show security acl hits ACL hit-counters
Displaying Security ACL Hits
Mapping Security ACLs
Clearing Security ACLs
23x0# clear security acl acl-99
Mapping User-Based Security ACLs
23x0# commit security acl acl-222 success change accepted
23x0# set user Natasha attr filter-id acl-222.in
Configuring and Managing Security ACLs
23x0# show security acl map acl-999
Displaying ACL Maps to Ports, VLANs, and Virtual Ports
Clearing a Security ACL Map
23x0# set security acl map acl-222 port 2 tag 1-3,5
23x0# clear security acl map acljoe port 4
Modifying a Security ACL
23x0# show security acl map acljoe
ACL acljoe is mapped to
23x0# show security acl info all
Adding Another ACE to a Security ACL
Placing One ACE before Another
Modifying an Existing Security ACL
Type Status Acl-a Not Committed Acl-111
Clearing Security ACLs from the Edit Buffer
23x0# show security acl editbuffer
ACL edit-buffer table
Using ACLs to Change CoS
23x0# rollback security acl acl-111
ACL edit-buffer information for all
Filtering Based on Dscp Values
23x0# set security acl map voip vlan corpvlan out
Enabling Prioritization for Legacy Voice over IP
23x0# set security acl ip voip permit 0.0.0.0
23x0# commit security acl voip
Enabling SVP Optimization for SpectraLink Phones
Security ACL Configuration Scenario
23x0# save config
Managing Keys Certificates
Why Use Keys and Certificates?
Wireless Security through TLS
PEAP-MS-CHAP-V2 Security
About Keys and Certificates
Public Key Infrastructures
Public and Private Keys
Digital Certificates
Pkcs Object Files Supported by Nortel
Crypto generate key command
Creating Keys and Certificates
Pkcs #7, Pkcs #10, and Pkcs #12 Object Files
Managing Keys and Certificates
Procedures for Creating and Validating Certificates
Creating Public-Private Key Pairs
Crypto generate key admin eap ssh webaaa 512 1024
23x0# crypto generate key admin
Admin key pair generated
Crypto generate self-signed admin eap webaaa
23x0# crypto generate self-signed admin Country Name US
Generating Self-Signed Certificates
Crypto pkcs12 admin eap webaaa filename
Crypto otp admin eap webaaa one-time-password
23x0# crypto generate request admin
Begin Certificate
Installing a CA’s Own Certificate
Key and Certificate Configuration Scenarios
23x0# show crypto certificate admin Certificate
Displaying Certificate and Key Information
ENDCERTIFICATE-----23x0#crypto generate self-signed eap
23x0# crypto generate self-signed admin
Self-signed cert for admin is
Creating Self-Signed Certificates
23x0# show crypto certificate admin
20# crypto generate self-signed webaaa Country Name US
23x0# show crypto certificate eap
23x0# show crypto certificate webaaa Certificate
23x0# copy tftp//192.168.253.1/20481x.p12 20481x.p12
23x0# crypto otp admin SeC%#6@o%c
23x0# crypto pkcs12 admin 2048admn.p12
23x0# copy tftp//192.168.253.1/2048admn.p12 2048admn.p12
Keypair Device certificate CA certificate
Unstructured Name wiring closet 12 CSR for admin is
Email Address admin@example.com
Enter PEM-encoded certificate
23x0# crypto certificate admin
23x0# crypto ca-certificate admin
23x0# show crypto ca-certificate admin
About AAA for Network Users
Configuring AAA for Network Users
Authentication Types
Authentication
Authentication Algorithm
Authentication Flowchart for Network Users
To 802.1X? Yes
Ssid Name Any
Last-Resort Processing
User Credential Requirements
Configuring AAA for Network Users
CLI
Authorization
Accounting
AAA Tools for Network Users
Summary of AAA Features
Wildcard Any for Ssid Matching
Wildcards and Groups for Network User Classification
AAA Methods for Ieee 802.1X and Web Network Access
AAA Rollover Process
Local Override Exception
Remote Authentication with Local Backup
Remote Pass-Through or Local Authentication
EAP-MD5
Ieee 802.1X Extensible Authentication Protocol Types
Ways an WSS Switch Can Use EAP
Effects of Authentication Type on Encryption Method
Configuring 802.1X Authentication
Configuring 802.1X Acceleration
Using Pass-Through
Authenticating through a Local Database
Binding User Authentication to Machine Authentication
Authentication Rule Requirements
Clear dot1x bonded-period
Bonded Authentication Period
Bonded Authentication Configuration Example
Set dot1x bonded-period seconds
Displaying Bonded Authentication Configuration Information
Show dot1x config 23x0# show dot1x config
23x0# set dot1x bonded-period
Configuring Authentication and Authorization by MAC Address
Adding and Clearing MAC Users and User Groups Locally
Adding MAC Users and Groups
Clearing MAC Users and Groups
23x0# set mac-user 000102030405 attr vlan-name red
Configuring MAC Authentication and Authorization
23x0# set authentication mac ssid voice 010102030405 local
23x0# set authentication mac ssid voice 010102* local
23x0# set radius server bigbird author-password h00per
Configuring Web-based AAA
Changing the MAC Authorization Password for Radius
Set radius server server-nameauthor-password password
How Portal Web-based AAA Works
WSS Requirements
Web-based AAA Requirements and Recommendations
Configuring AAA for Network Users
Client Web Browser Recommendations
WSS Recommendations
Client NIC Requirements
Client Web Browser Requirements
Configuring Portal Web-based AAA
Portal Web-based AAA Configuration Example
23x0# set user web-portal-mycorp attr vlan-name corpvlan
23x0# show sessions network ssid mycorp
23x0# show config
23x0# show sessions network ssid mycorp
Using a Custom Login
Copying and Modifying the Nortel Login
Custom Login Page Scenario
TitleMy Corp webAAA/title
23x0# dir mycorp-webaaa
H3Welcome to Mycorp’s Wireless LAN/h3
BWARNING/b My corp’s warning text
23x0# mkdir mycorp-webaaa success change accepted
Variables for Redirect URLs Description
Using Dynamic Fields in Web-based AAA Redirect URLs
Configuring Last-Resort Access
WSS Switch Serving as Radius Proxy
Configuring AAA for Users of Third-Party APs
Authentication Process for 802.1X Users of a Third-Party AP
WSS Switch Requirements
Requirements
Third-Party AP Requirements
Set radius proxy port port-listtag tag-valuessid ssid-name
Set authentication mac wired mac-addr-wildcard method1
23x0# set port type wired-auth 3-4 tag
23x0# set authentication mac wired aabbcc010101 srvrgrp1
23x0# set radius proxy client address 10.20.20.9 key radkey1
23x0# set authentication proxy ssid mycorp ** srvrgrp1
End-date
Assigning Authorization Attributes
Filter-id
Idle-timeout
Service-type
Session-timeout
Ssid
Start-date
Time-of-day
Vlan-name
Url
Assigning Attributes to Users and Groups
23x0# set usergroup eastcoasters attr filter-id acl-101.in
Assigning a Security ACL to a User or a Group
Assigning a Security ACL Locally
23x0# set user Jose attr filter-id acl-101.in
Assigning a Security ACL on a Radius Server
Clear mac-usergroup groupname attr filter-id
Clearing a Security ACL from a User or Group
Assigning Encryption Types to Wireless Users
Assigning and Clearing Encryption Types Locally
23x0# set mac-usergroup mac-fans attr encryption-type
Assigning and Clearing Encryption Types on a Radius Server
About the Location Policy
How the Location Policy Differs from a Security ACL
Setting the Location Policy
Applying Security ACLs in a Location Policy Rule
23x0# set location policy deny if user eq *.theirfirm.com
WSS-20show location policy
Displaying and Positioning Location Policy Rules
Configuring Accounting for Wireless Network Users
Set accounting admin console dot1x mac web
Clear location policy rule-number
Configuring AAA for Network Users
Viewing Local Accounting Records
May 21 Acct-Status-Type=STOP Acct-Authentic=2
Viewing Roaming Accounting Records
WSS-20-0013#show accounting statistics
WSS-20-0017#show accounting statistics
Rs-4
Set authentication admin Jose sg3
Server Addr Ports
Rs-3
Vlan-Name = k2
Avoiding AAA Problems in Configuration Order
Set authentication web ssid any ** sg1
Set authentication web ssid corpa ** corpasrvr
Configuring AAA for Network Users
23x0# set accounting dot1x ssid mycorp * start-stop group1
Using Authentication and Accounting Rules Together
Configuration Producing an Incorrect Processing Order
Configuration for a Correct Processing Order
23x0# set mobility-profile name roses-profile port 2-4,7,9
Configuring a Mobility Profile
NamePorts ========================= Roses-profile
Network User Configuration Scenarios
23x0# set mobility-profile mode enable
23x0# show mobility-profile Mobility Profiles
Mobility Profiles NamePorts ========================= Tulip
General Use of Network User Commands
23x0# set user EXAMPLE\username attr filter-id acl-101.in
23x0# show security acl info acl-101
WSS-20save config
23x0# set radius server r1 address 10.1.1.1 key sunny
Enabling Radius Pass-Through Authentication
Unstructured Name wiring closet
Enabling PEAP-MS-CHAP-V2 Authentication
23x0# set user Natasha password moon
23x0# set user Natasha attr session-timeout
23x0# set radius server r1 address 10.1.1.1 key starry
Enabling PEAP-MS-CHAP-V2 Offload
23x0# set radius server r1 address 10.1.1.1 key starry
Overriding AAA-Assigned VLANs
Radius Overview
Configuring Communication with Radius
Configuring Communication with Radius
Before You Begin
Configuring Radius Servers
23x0# set radius key r8gney
Configuring Global Radius Defaults
Clear radius deadtime key retransmit timeout
23x0# set radius deadtime
Setting the System IP Address as the Source Address
23x0# set radius client system-ip
23x0# clear radius client system-ip
Set radius server server-nameaddress ip-address key string
Configuring Individual Radius Servers
Configuring Radius Server Groups
Deleting Radius Servers
Clear radius server server-name
Configuring Load Balancing
Creating Server Groups
Ordering Server Groups
23x0 # show aaa
Set server group group-nameload-balance enable
Adding Members to a Server Group
Clear server group group-nameload-balance
Configuring Communication with Radius
Deleting a Server Group
Radius and Server Group Configuration Scenario
23x0# set server group shorebirds load-balance enable
Managing 802.1X on Wired Authentication Ports
Managing 802.1X on WSS Switch
Enabling and Disabling 802.1X Globally
Set dot1x authcontrol enable disable
23x0# set dot1x authcontrol enable
Success dot1x authcontrol enabled
Managing 802.1X Encryption Keys
Setting 802.1X Port Control
Enabling 802.1X Key Transmission
Set dot1x key-tx enable disable
23x0# set dot1x key-tx enable
Success dot1x key transmission enabled
Success dot1x tx-period set to
Configuring 802.1X Key Transmission Time Intervals
Set dot1x tx-period seconds
23x0# set dot1x tx-period
Configuring 802.1X WEP Rekeying
Configuring the Interval for WEP Rekeying
Managing WEP Keys
Success dot1x max request set to
Setting EAP Retransmission Attempts
Managing 802.1X Client Reauthentication
23x0# set dot1x max-req
Success dot1x reauthentication enabled
Enabling and Disabling 802.1X Reauthentication
Set dot1x reauth enable disable
23x0# set dot1x reauth enable
23x0# clear dot1x reauth-max
Set dot1x reauth-max number-of-attempts
23x0# set dot1x reauth-max
Success dot1x max reauth set to
23x0# set dot1x reauth-period
Setting the 802.1X Reauthentication Period
Success dot1x auth-server timeout set to
Set dot1x reauth-period seconds
Managing Other Timers
Setting the Bonded Authentication Period
Clear dot1x max-req
Success dot1x quiet period set to
Setting the 802.1X Quiet Period
Set dot1x quiet-period seconds
23x0# set dot1x quiet-period
23x0# clear dot1x timeout auth-server
Setting the 802.1X Timeout for an Authorization Server
Set dot1x timeout auth-server seconds
23x0# set dot1x timeout auth-server
Displaying 802.1X Information
Setting the 802.1X Timeout for a Client
23x0# show dot1x clients
Viewing 802.1X Clients
Viewing the 802.1X Configuration
23x0# show dot1x stats
Viewing 802.1X Statistics
Managing 802.1X on the WSS Switch 320657-A
Managing Sessions
Displaying and Clearing Administrative Sessions
Show sessions admin console telnet client
Clear sessions admin console telnet client session-id
Displaying and Clearing All Administrative Sessions
WSS-20 show sessions admin
23x0# clear sessions admin
23x0# clear sessions console
Displaying and Clearing an Administrative Console Session
WSS-20 show sessions console
Tty Username Time Type Tty0 5310 Console Console session
Telnet session
Displaying and Clearing Administrative Telnet Sessions
Tty Username Time Type Tty3 Sshadmin 2099
WSS-20 show sessions telnet
User Sess IP or MAC
Displaying and Clearing Network Sessions
Displaying and Clearing Client Telnet Sessions
23x0 # show sessions network
761 000bbe154656 none
Displaying Verbose Network Session Information
Jose@example.com 5125 Vlan-eng
003065168d69 4385 Vlan-wep
Clear sessions network user user-wildcard
Displaying and Clearing Network Sessions by Username
Show sessions network user user-wildcard
23x0# show sessions network user E
Clear sessions network mac-addr mac-addr-wildcard
Displaying and Clearing Network Sessions by MAC Address
Show sessions network mac-addr mac-addr-wildcard
Show sessions net mac-addr 01055d7e981a
Clear sessions network vlan vlan-wildcard
Displaying and Clearing Network Sessions by Vlan Name
Show sessions network vlan vlan-wildcard
Show sessions network vlan west
Displaying and Clearing Network Sessions by Session ID
Clear sessions network session-id session-id
2370# clear sessions network session-id
About System Files
Managing System Files
23x0# show version details
Displaying Software Version Information
Show version details
23x0# show version
W2 N/A
Displaying Boot Information
23x0# show boot
Working with Files
23x0# dir old
Displaying a List of Files
Success sent 365 bytes in 0.401 seconds 910 bytes/sec
23x0# copy floor2WSS tftp//10.1.1.1/floor2WSS-backup
Copying a File
23x0# copy floor2WSS tftp//10.1.1.1/floor2WSS
23x0# copy tftp//10.1.1.1/newconfig newconfig
23x0# copy tftp//10.1.1.1/newconfig WSSconfig
Successreceived9163214bytesin105.939seconds Bytes/sec
Delete url
23x0# copy testconfig tftp//10.1.1.1/testconfig
23x0# delete testconfig
Deleting a File
23x0# mkdir corp2
Creating a Subdirectory
Managing Configuration Files
Removing a Subdirectory
23x0# rmdir corp2
Displaying the Running Configuration
Show config area area all
23x0# show config area vlan
Managing System Files
Success configuration saved to newconfig
Saving Configuration Changes
Save config filename
23x0# save config newconfig
Set boot configuration-file filename
23x0# set boot configuration-file floor2WSS
Success boot config set
Loading a Configuration File
Load config url
23x0# load config newconfig
Backing Up and Restoring the System
Resetting to the Factory Default Configuration
Managing System Files
Managing Configuration Changes
Upgrading the System Image
Backup and Restore Examples
23x0# backup system tftp/10.10.20.9/sysabak critical
23x0# restore system tftp/10.10.20.9/sysabak
Managing System Files 320657-A
About Rogues and RF Detection
Rogue Detection Countermeasures
Rogue access points and Clients
Rogue Classification
Rogue Detection Lists
Rogue Detection and Countermeasures
Rogue Detection Algorithm
Dynamic Frequency Selection DFS
RF Detection Scans
Countermeasures
Summary of Rogue Detection Features
Configuring Rogue Detection Lists
23x0# show rfdetect vendor-list Total number of entries
Configuring a Permitted Vendor List
Set rfdetect vendor-list client ap mac-addr
Show rfdetect vendor-list
23x0# show rfdetect ssid-list Total number of entries
Configuring a Permitted Ssid List
Set rfdetect ssid-list ssid-name
Show rfdetect ssid-list
23x0# show rfdetect black-list
Configuring a Client Black List
Set rfdetect black-list mac-addr
Show rfdetect black-list
23x0# show rfdetect attack-list
Configuring an Attack List
Set rfdetect attack-list mac-addr
Show rfdetect attack-list
Enabling Countermeasures
Configuring an Ignore List
Enabling AP Signatures
Disabling or Reenabling Active Scan
IDS and DoS Alerts
Set rfdetect log enable disable
Disabling or Reenabling Logging of Rogues
Enabling Rogue and Countermeasures Notifications
Flood Attacks
DoS Attacks
Netstumbler and Wellenreiter Applications
Wireless Bridge
Ad-Hoc Network
Weak WEP Key Used by Client
Disallowed Devices or SSIDs
Displaying Statistics Counters
IDS and DoS Log Messages
IDS Log Message Examples
Message Type
Displaying RF Detection Information
Show rfdetect ignore
Show rfdetect attack-list
23x0# show rfdetect clients
Displaying Rogue Clients
Show rfdetect clients mac mac-addr
23x0# show rfdetect clients mac 000c4163fd6d
Displaying Rogue Detection Counters
Show rfdetect counters
23x0# show rfdetect counters
23x0# show rfdetect mobility-domain ssid nrtl-webaaa
Displaying Ssid or Bssid Information for a Mobility Domain
Show rfdetect mobility-domain ssid ssid-namebssid mac-addr
23x0# show rfdetect mobility-domain
23x0# show rfdetect mobility-domain bssid 000b0e0004d1
Displaying RF Detect Data
Show rfdetect data
23x0 # show rfdetect data
23x0# show rfdetect visible ap 3 radio
Displaying the APs Detected by an AP Radio
Displaying Countermeasures Information
Show rfdetect countermeasures
23x0# show rfdetect countermeasures
Rogue Detection and Countermeasures 320657-A
Appendix a Troubleshooting a WS Switch
WSS Setup Problems and Remedies
Fixing Common WSS Setup Problems
Symptom Diagnosis
WSS-2370, WSS-2380, or WSS-2360
Recovering the System Password
Boot boot OPT+=default
WSS-2350
Log Message Components
Configuring and Managing the System Log
Logging Destinations and Levels
Debug
Info
Logging to the Log Buffer
Using Log Commands
Logging Messages to a Syslog Server
Logging to the Console
Changing the Current Telnet Session Defaults
Setting Telnet Session Defaults
Displaying the Log Configuration
Logging to the Trace Buffer
Saving Trace Messages in a File
Tracing Session Manager Activity
Using the Trace Command
Tracing Authentication Activity
Running Traces
Tracing 802.1X Sessions
Tracing Authorization Activity
Displaying a Trace
Stopping a Trace
23x0# show log trace severity error
About Trace Results
Displaying Trace Results
Copying Trace Results to a Server
Clearing the Trace Log
List of Trace Areas
WSS-2370# show interface
Using Show Commands
Viewing Vlan Interfaces
Viewing AAA Session Statistics
23x0# show fdb
Viewing FDB Information
Viewing ARP Information
Vlan-name = vlan-wep
Best Practices for Remote Traffic Monitoring
Using Snoop Filters on Radios That Use Active Scan
Remotely Monitoring Traffic
How Remote Traffic Monitoring Works
Appendix a Troubleshooting a WS Switch
23x0# set snoop snoop1 observer 10.10.30.2 snap-length
Configuring a Snoop Filter
Deleting a Snoop Filter
Displaying Configured Snoop Filters
Mapping a Snoop Filter to a Radio
Editing a Snoop Filter
Removing Snoop Filter Mappings
Enabling or Disabling a Snoop Filter
Displaying the Snoop Filters Mapped to a Radio
Displaying the Snoop Filter Mappings for All Radios
Success filter snoop1 enabled
23x0# set snoop snoop1 mode enable stop-after
Displaying Remote Traffic Monitoring Statistics
Preparing an Observer and Capturing Traffic
Show snoop stats filter-namedap-numradio 1
Capturing System Information for Technical Support
Displaying Technical Support Information
23x0# copy fortechsupport.gz tftp//tftpserver/filename.gz
Sending Information to Nets
23x0# show tech-support file fortechsupport
Success results saved to fortechsupport.gz
Appendix a Troubleshooting a WS Switch 320657-A
Supported Standard and Extended Attributes
Appendix B Supported Radius Attributes
801.1X Attributes
801.1X Attributes
Radius
Nortel Vendor-Specific Attributes
Nortel VSAs
Protocol Port Function
Appendix C Mobility Domain Traffic Ports
Appendix C Mobility Domain Traffic Ports 320657-A
Appendix D Dhcp Server
How the WSS Software Dhcp Server Works
Configuring the Dhcp Server
Displaying Dhcp Server Information
Show dhcp-server interface vlan-id verbose
23x0# show dhcp-server
Appendix D Dhcp Server
Glossary
Advanced Encryption Standard See AES
Authentication, authorization, and accounting See AAA
CBC-MAC See Ccmp
Cyclic redundancy check See CRC
Glossary
EAP with Transport Layer Security See EAP-TLS
Group master key See GMK
Group transient key See GTK
Industry Canada See IC Information element See WPA IE
Media access control address See MAC address
Microsoft Challenge Handshake Authentication
Per-VLAN Spanning Tree protocol See PVST+
Port address translation See PAT Power over Ethernet See PoE
Quality of service See QoS
Remote Authentication Dial-In User Service See Radius
Spanning Tree Protocol See STP
Temporal Key Integrity Protocol See Tkip
Type, length, and value See TLV
Wisp
WPA information element See WPA IE
Glossary 320657-A
Numerics
Index
Index
Index
DNS
Enable password
Description
Subnet masks for, notation conventions System IP address
366 To ports, VLANs, or virtual ports 368
Index
Radius
Https
Index
Configuring 341 rogue access points detecting
TCP
Snmp
STP
Uplink fast convergence
Index
WMS
Index 320657-A
Command Index
Command Index
Set dap auto radiotype
Command Index
Command Index
324 Show spantree blockedports 329
