Manuals / SMC Networks / Computer Equipment / Network Router

SMC Networks SMC2552W-G2-17 manual Rogue-ap authenticate, Rogue-ap duration

Models: SMC2552W-G2-17 SMC2552W-G2

1 296

Download 296 pages 22.09 Kb

Page 248

Rogue AP Detection Commands 7

Example

Enterprise AP(if-wireless g)#rogue-ap enable

configure either syslog or trap or both to receive the rogue APs detected.

Enterprise AP(if-wireless g)#

rogue-ap authenticate

This command forces the unit to authenticate all access points on the network. Use the no form to disable this function.

Syntax

[no] rogue-ap authenticate

Default Setting

Disabled

Command Mode

Interface Configuration (Wireless)

Command Usage

Enabling authentication in conjunction with a database of approved access points stored on a RADIUS server allows the access point to discover rogue APs. With authentication enabled and a configure RADIUS server, the access point checks the MAC address/Basic Service Set Identifier (BSSID) of each access point that it finds against a RADIUS server to determine whether the access point is allowed. With authentication disabled, the access point can identify its neighboring access points only; it cannot identify whether the access points are allowed or are rogues. If you enable authentication, you should also configure a RADIUS server for this access point (see “RADIUS” on page 6-7).

Example

Enterprise AP(if-wireless g)#rogue-ap authenticate

Enterprise AP(if-wireless g)#

rogue-ap duration

This command sets the scan duration for detecting access points.

Syntax

rogue-ap duration <milliseconds>

milliseconds - The duration of the scan. (Range: 100-1000 milliseconds)

7-111

Image 248

SMC Networks SMC2552W-G2 manual Rogue-ap authenticate, Rogue-ap duration, Syntax No rogue-ap authenticate Default Setting

Contents

Page EliteConnect SMC2552W-G2 2.4GHz Wireless Access Point Copyright TrademarksCompliances FCC Radiation Exposure StatementJapan Vcci Class B Australia/New Zealand AS/NZS Iii Koskevien direktiivin muiden ehtojen mukainen Power Cord Safety SpanishCord set must be UL-approved and CSA certified Vii Viii Compliances Compliances Table of Contents Command Line Interface SnmpXiii Xiv Page Xvi Glossary Index Appendix a Troubleshooting Appendix B Cables and PinoutsAppendix C Specifications Xviii Introduction Top Panel Package ChecklistHardware Description Rear Panel LED IndicatorsAntennas Security Slot Console PortEthernet Port Status DescriptionPower Connector Features and BenefitsReset Button System Defaults System Defaults Feature ParameterMAC Iapp WEP Introduction Hardware Installation Hardware Installation Installation Procedures Plan the InstallationConnect Pigtail Cables to the Access Point Mount the AntennaInstallation Procedures Reconnect power to the access point Network Configuration Ad Hoc Wireless LAN no Access Point Network TopologiesInfrastructure Wireless LAN Infrastructure Wireless LAN for Roaming Wireless PCs Infrastructure Wireless Bridge Infrastructure Wireless Repeater Initial Configuration Initial Setup through the CLIInitial Configuration Steps Logging Home page displays the Main Menu System Configuration Advanced Configuration Menu DescriptionAdvanced Configuration System IdentificationDisabled TCP / IP Settings System Configuration Radius System Configuration Advanced Configuration HEX SSH Settings SSH SettingsAuthentication Advanced Configuration System Configuration Local Remote Filter Control AP Management Vlan Number Radius Attribute Value VlanidWDS Settings System Configuration Advanced Configuration System Configuration 101 104 AP Management Administration Changing the PasswordUpgrading Firmware System Configuration Advanced Configuration System Log Enabling System LoggingError Level Description Configuring Sntp +8 TAIPEI, Beijing Snmp Configuring Snmp and Trap Message Parameters System Configuration Snmp System Configuration To view the current Snmp settings, use the show snmp command Configuring SNMPv3 Users DES Configuring SNMPv3 Trap Filters Snmp Configuring SNMPv3 Targets Snmp Radio Interface Radio Interface System Configuration Radio Interface System Configuration 100 Configuring VAP Radio Settings Configuring Rogue AP Detection System Configuration Configuring Wi-Fi Multimedia 113WMM Access Categories Access Category Description 802.1D TagsRadio Interface System Configuration 131 Security Supported802.1X EAP type may require management MAC Radius CombinationServer Enabling the VAPs Radio Interface Wired Equivalent Privacy WEP Radio Interface System Configuration 116 Unicast cipher Tkip and AES WPA clients Wi-Fi Protected Access WPA System Configuration Radio Interface System Configuration Radio Interface 121 Configuring System Configuration Disabled Access Point Status Status InformationStatus Information Management Vlan Idap Iapp State Station Status System Configuration Enterprise AP#show station Event Logs Status Information System Configuration Using the Command Line Interface Accessing the CLIConsole Connection Telnet ConnectionMinimum Abbreviation Entering CommandsKeywords and Arguments Showing Commands Command CompletionGetting Help on Commands Negating the Effect of Commands Using Command HistoryUnderstanding Command Modes Partial Keyword LookupExec Commands Configuration CommandsCommand Groups Command Line ProcessingKeystroke Commands Command Groups DescriptionGeneral Commands General Commands Function ModeExit ConfigureEnd Syntax Command UsagePing Show history ResetSyntax Reset board configuration Show line System Management CommandsSystem Management Commands Function Mode Country Country CodesDefault Setting Prompt System nameSyntax Prompt string no prompt Syntax System name name no system namePassword Syntax Password password no passwordUsername Syntax Username nameIp ssh-server enable Default Setting Command ModeIp ssh-server port Syntax Ip ssh-server port port-numberSyntax Ip http port port-numberno ip http port Ip telnet-server enableIp http port Syntax Ip http server no ip http server Default Setting Ip http serverIp https port Syntax Ip https port portnumber no ip https portSyntax Ip https server no ip https server Default Setting Ip https serverSyntax No web-redirect Default Setting Web-redirectAPmgmtIP APmgmtIP multiple IPaddress subnetmask single IPaddress anyShow apmagement Syntax APmgmtUI Snmp Telnet Web enable disableAPmgmtUI Show system Show config Show versionRequired Command Line Interface SMC Show hardware System Logging CommandsSystem Logging Commands Function Mode Logging host Syntax No logging on Default SettingLogging on Logging level Syntax Logging console no logging console Default SettingLogging console Syntax Logging facility-type type Logging facility-typeLevel Argument Description Syntax Logging clear Command Mode Syntax Show logging Command ModeLogging clear Show loggingSystem Clock Commands Syntax Show event-log Command ModeSystem Clock Commands Function Mode Show event-logSyntax Sntp-server ip 1 2 ip Sntp-server enableSntp-server ip Sntp-server date-time This example sets the system clock to 1737 June 19Syntax Sntp-server timezone hours Sntp-server daylight-savingSntp-server timezone Show sntp TAIPEI, BeijingDhcp Relay Commands Dhcp-relay enableDhcp Relay Commands Function Mode Syntax No dhcp-relay enable Default SettingSyntax Dhcp-relay primary secondary ipaddress Dhcp-relayShow dhcp-relay Snmp Commands Snmp Commands Function ModeSyntax Snmp-server contact string no snmp-server contact Snmp-server communitySnmp-server contact Syntax Snmp-server location text no snmp-server location Snmp-server enable serverSnmp-server location Snmp-server host No snmp-server hostSnmp-server trap Syntax Snmp-server trap trap no snmp-server trap trapAll traps enabled Syntax Snmp-server user user-name Snmp-server engine-idSnmp-server user Snmp Commands Snmp-server targets No snmp-server targets target-idSnmp-server filter Show snmp groups Syntax Show snmp groups Command ModeSnmp-server filter-assignments Syntax Show snmp users Command Mode Syntax Show snmp group-assignments Command ModeShow snmp users Show snmp group-assignmentsSyntax Show snmp target Command Mode Show snmp targetShow snmp filter Syntax Show snmp filter filter-idSyntax Show snmp filter-assignments Command Mode Show snmp filter-assignmentsShow snmp Flash/File Commands Bootfile10. Flash/File Commands Function Mode Syntax Bootfile filenameSyntax Copy ftp tftp file copy config ftp tftp CopyDelete Column Heading Description Show bootfileDir Radius-server address 11. Radius Client Command Function ModeRadius Client Radius-server port Radius-server keySyntax Radius-server secondary port portnumber Syntax Radius-server secondary key keystringRadius-server timeout Syntax Radius-server secondary timeout numberofsecondsRadius-server retransmit Syntax Radius-server secondary retransmit numberofretriesSyntax Radius-server secondary port-accounting portnumber Radius-server timeout-interimRadius-server port-accounting Syntax Radius-server vlan-format hex ascii Radius-server radius-mac-formatRadius-server vlan-format Show radius 802.1X Authentication 12 .1X Authentication Command Function Mode802.1x Syntax 802.1x supported required no802.1x broadcast-key-refresh-rate Syntax 802.1x broadcast-key-refresh-rate rate802.1x session-timeout Default802.1x session-key-refresh-rate Syntax 802.1x session-key-refresh-rate rate802.1x-supplicant enable 802.1x-supplicant userShow authentication MAC Address Authentication Address filter default13. MAC Address Authentication Command Function Mode Syntax Address filter default allowed deniedAddress filter entry Address filter deleteSyntax Address filter entry mac-addressallowed denied Syntax Address filter delete mac-addressMac-authentication server Mac-authentication session-timeoutSyntax Mac-authentication server local remote Syntax Mac-authentication session-timeout minutesFiltering Commands 14. Filtering Commands Function ModeSyntax Filter local-bridge no filter local-bridge Default Filter local-bridgeFilter uplink enable Syntax Filter ap-manage no filter ap-manage DefaultSyntax No filter uplink enable Default Filter ap-manageSyntax Filter uplink add delete MAC address Filter ethernet-type enableFilter uplink Filter ethernet-type protocol Show filters WDS Bridge CommandsCommand Function Mode Bridge role WDS Bridge-link parentSyntax Bridge role ap repeater bridge root-bridge Syntax Bridge-link parent mac-addressBridge-link child Syntax Bridge-link child index mac-addressSyntax Bridge dynamic-entry age-time seconds Bridge dynamic-entry age-timeShow bridge aging-time Show bridge link Syntax Show bridge link ethernet wireless g indexShow bridge filter-entry Command Line Interface 15. Bridge Commands Function Mode Spanning Tree CommandsBridge stp enable Syntax Bridge stp hello-time time no bridge stp hello-time Bridge stp forwarding-delayBridge stp hello-time Bridge stp max-age Bridge stp prioritySyntax Bridge stp max-age seconds no bridge stp max-age Syntax Bridge stp prioritypriority no bridge stp priorityBridge-link path-cost Bridge-link port-prioritySyntax Bridge-link path-cost index cost Syntax Bridge-link port-priority index prioritySyntax Show bridge stp Command Mode Show bridge stpInterface ethernet Ethernet Interface Commands16. Ethernet Interface Commands Function Mode Dns server Ip addressSyntax Ip dhcp no ip dhcp Default Setting Ip dhcpSpeed-duplex Syntax Speed-duplex auto 10MH 10MF 100MF 100MHSyntax Shutdown no shutdown Default Setting Syntax Show interface ethernet Default SettingShutdown Show interface ethernetWireless Interface Commands 17. Wireless Interface Commands Function ModeSsid Vap Interface wirelessSyntax Interface wireless g Speed Multicast-data-rateSyntax Speed speed Syntax Multicast-data-rate speedSyntax Channel channel auto Transmit-powerChannel Syntax Radio-mode b g b+g Default Setting +g mode Command ModeRadio-mode Preamble Antenna controlSyntax Preamble long short Syntax Antenna control diversity left rightAntenna id Syntax Antenna id antenna-idAntenna location Beacon-intervalSyntax Antenna location indoor outdoor Syntax Beacon-interval intervalSyntax Dtim-period interval Dtim-periodFragmentation-length Syntax Rts-threshold threshold Rts-thresholdSyntax Fragmentation-length length Syntax No super-g Default Setting Super-gDescription Syntax Description string no descriptionClosed-system Syntax Closed-system no closed-system Default SettingSsid Assoc-timeout-interval Syntax Assoc-timeout-interval minutesMax-association Syntax Max-association countAuth-timeout-value Syntax Auth-timeout-value minutesShow interface wireless Syntax Show interface wireless a g vap-idShow station Rogue AP Detection Commands18. Rogue AP Detection Commands Function Mode Rogue-ap enable Rogue-ap authenticate Syntax No rogue-ap authenticate Default SettingRogue-ap duration Syntax Rogue-ap duration millisecondsRogue-ap interval Syntax Rogue-ap interval minutesRogue-ap scan Show rogue-apAuth Wireless Security Commands19. Wireless Security Commands Function Mode 115 Syntax Encryption no encryption Default Setting EncryptionKey Key index size type value no key indexTransmit-key Syntax Transmit-key indexCipher-suite Syntax Multicast-cipher aes-ccmp tkip wepMicmode Syntax Micmode hardware softwareWpa-pre-shared-key Pmksa-lifetimeSyntax Wpa-pre-shared-key hex passphrase-keyvalue Syntax Pmksa-lifetime minutesPre-authentication Link Integrity Commands 20. Link Integrity Commands Function ModeLink-integrity ping-host Syntax No link-integrity ping-detect Default SettingLink-integrity ping-detect Link-integrity ping-interval Link-integrity ping-fail-retryLink-integrity ethernet-detect Syntax Link-integrity ping-interval intervalShow link-integrity Iapp Iapp CommandsSyntax No iapp Default Vlan Commands 21. Vlan Commands Function ModeSyntax No vlan enable Default Command DescriptionManagement-vlanid Vlan-idSyntax Management-vlanid vlan-id Syntax Vlan-id vlan-idWMM Commands 22. WMM Commands Function ModeWmm Wmm-acknowledge-policySyntax No wmm supported required Syntax Wmm-acknowledge-policy acnumber ack noackWmmparam BSS Parameters WMM Parameters AC0 Best Effort Default AP Parameters WMM Parameters AC0 Best EffortAC2 Video AC3 Voice Command Line Interface 134 Appendix a Troubleshooting Troubleshooting Appendix B Cables and Pinouts Pin MDI Signal Name Table B-1 /100BASE-TX MDI Port PinoutsConsole Port Pin Assignments Wiring Map for Serial Cable Network Configuration Maximum ChannelsMaximum Clients Operating RangeAC Power Adapter Unit Power SupplyWeight LED IndicatorsSafety StandardsIeee 802.11g Data Rate Sensitivity dBm Ieee 802.11b Data Rate Sensitivity dBmTransmit Power C Operating Range Access Point Basic Service Set BSSAd Hoc Advanced Encryption Standard AESDynamic Host Configuration Protocol Dhcp Extended Service Set ESSExtensible Authentication Protocol EAP Broadcast KeyInter Access Point Protocol Iapp Power over Ethernet PoEIeee 802.11g IeeeService Set Identifier Ssid RoamingRTS Threshold Session KeyVirtual Access Point VAP Wi-Fi Protected AccessWired Equivalent Privacy WEP Virtual LAN VlanGlossary-6 Index Index-2 SSH Index-4 Page Page Technical Support