IEEE 802.
Management Guide "1 $ Enterprise Access Point IEEE 802.11a/b/g/n Dual-Band Access Point with one 1000BASE-T (RJ-45) Port FW1.0.0.
How to Use This Guide This guide includes detailed information on the access point (AP) software, including how to operate and use the management functions of the AP. To deploy this AP effectively and ensure trouble-free operation, you should first read the relevant sections in this guide so that you are familiar with all its software features. Who Should Read This This guide is for network administrators who are responsible for operating and Guide? maintaining network equipment.
How to Use This Guide Conventions The following conventions are used throughout this guide to show information: Note: Emphasizes important information or calls your attention to related features or instructions. Caution: Alerts you to a potential hazard that could cause loss of data, or damage the system or equipment. Warning: Alerts you to a potential hazard that could cause personal injury. Revision History This section summarizes the changes in each revision of this guide.
Contents Section I How to Use This Guide 3 Contents 5 Figures 10 Tables 12 Getting Started 15 1 Introduction 16 Configuration Options 16 Console Port Connection 17 Console Login 17 Network Connections 18 Connecting to the Web Interface 18 Home Page and Main Menu 19 Common Web Page Buttons 20 2 Initial Configuration 22 CLI Initial Configuration Steps 22 Setting an IP Address 22 Setting a Password 23 Setting the Country Code 23 Web Quick Start 24 Step 1 24 Step 2 26
Contents Section II Web Configuration 3 System Settings 30 31 Administration Settings 32 IPv4 Address 33 IPv6 Address 34 System Time 35 SNTP Server Settings 36 Time Zone Setting 36 Daylight Saving Settings 36 VLAN Configuration 37 System Logs 39 Quick Start Wizard 40 System Resource 41 Bridge STP Configuration 42 Spanning Tree Protocol (STP) 42 Bridge Configuration 45 4 Administration Settings 46 Remote Management Settings 47 Access Limitation 49 5 Advanced Settings 51
Contents Virtual Access Points (VAPs) 64 VAP Basic Settings 66 WDS-STA Mode 68 Wireless Security Settings 68 Wired Equivalent Privacy (WEP) 70 VAP QoS Settings 72 VAP Bandwidth Settings 74 MAC Authentication and RADIUS 74 Rogue AP Detection 78 Wi-Fi Multimedia (WMM) 80 7 SNMP Settings 85 SNMP Basic Settings 86 SNMP Trap Settings 87 View Access Control Model 88 SNMPv3 Users 90 SNMPv3 Targets 91 SNMPv3 Notification Filters 92 8 Maintenance Settings 93 Upgrading Firmware 9
Contents Section III Command Line Interface 10 Using the Command Line Interface 109 111 Console Connection 111 Telnet Connection 112 Entering Commands 113 Keywords and Arguments 113 Minimum Abbreviation 113 Command Completion 113 Getting Help on Commands 113 Showing Commands 113 Negating the Effect of Commands 114 Using Command History 114 Understanding Command Modes 114 Command Line Processing 116 11 General Commands 117 12 System Management Commands 121 13 System Logging Co
Contents Section IV 23 WDS Bridge Commands 201 24 Ethernet Interface Commands 203 25 Wireless Interface Commands 210 26 Wireless Security Commands 239 27 Rogue AP Detection Commands 249 28 Link Integrity Commands 255 29 Link Layer Discovery Commands 258 30 VLAN Commands 262 31 WMM Commands 266 32 QoS Commands 271 Appendices 279 A Troubleshooting 280 Problems Accessing the Management Interface 280 Using System Logs 280 Index of CLI Commands 282 Index 284 – 9 –
Figures Figure 1: Login Page 19 Figure 2: The Home Page 19 Figure 3: Set Configuration Changes 20 Figure 4: Help Menu 21 Figure 5: Quick Start - Step 1 25 Figure 6: Quick Start - Step 2 26 Figure 7: Quick Start - Step 3 27 Figure 8: Quick Start - Step 4 29 Figure 9: Administration 32 Figure 10: IPv4 Configuration 33 Figure 11: IPv6 Configuration 34 Figure 12: SNTP Settings 36 Figure 13: Setting the VLAN Identity 38 Figure 14: System Log Settings 39 Figure 15: System Resource 41
Figures Figure 30: VAP Basic Settings 66 Figure 31: WDS-STA Mode 68 Figure 32: Configuring VAPs - Security Settings 68 Figure 33: WEP Configuration 71 Figure 34: QoS Settings 72 Figure 35: QoS Template Setting 73 Figure 36: Bandwidth Settings 74 Figure 37: Local Authentication 75 Figure 38: RADIUS Authentication 76 Figure 39: RADIUS Settings 77 Figure 40: Rogue AP Detection 79 Figure 41: WMM Backoff Wait Times 82 Figure 42: QoS 82 Figure 43: SNMP Basic Settings 86 Figure 44: SNM
Tables Table 1: Logging Levels 40 Table 2: WMM Access Categories 81 Table 3: Command Modes 115 Table 4: General Commands 117 Table 5: System Management Commands 121 Table 6: Country Codes 122 Table 7: System Management Commands 143 Table 8: Logging Levels 145 Table 9: System Clock Commands 148 Table 10: DHCP Relay Commands 153 Table 11: SNMP Commands 155 Table 12: Flash/File Commands 168 Table 13: RADIUS Client Commands 171 Table 14: 802.
Tables Table 30: Troubleshooting Chart 280 – 13 –
Tables – 14 –
Section I Getting Started This section provides an overview of the access point, and introduces some basic concepts about wireless networking. It also describes the basic settings required to access the management interface.
1 Introduction The access point (AP) runs software that includes a network management agent. The agent offers a variety of management options, including SNMP and a webbased interface. A PC may also be connected directly to the AP’s console port for configuration using a command line interface (CLI). Configuration Options The AP’s HTTP web agent allows you to configure AP parameters, monitor wireless connections, and display statistics using a standard web browser such as Internet Explorer 6.
Chapter 1 | Introduction Console Port Connection Console Port Connection The AP provides an RS-232 serial console port that enables a connection to a PC or terminal for monitoring and configuring the AP. A null-modem console cable is provided with the AP. Attach a VT100-compatible terminal, or a PC running a terminal emulation program to the AP. You can use the console cable provided with this package, or use a nullmodem cable that complies with the wiring assignments shown in the Installation Guide.
Chapter 1 | Introduction Network Connections 2. At the login prompt, enter “admin.” 3. At the Password prompt, press . There is no default password. 4. The session is opened and the CLI displays the “EC#” prompt indicating you have access to the CLI commands.
Chapter 1 | Introduction Connecting to the Web Interface 2. Log into the interface by entering the default username “admin” with no password, then click Login. Note: It is strongly recommended to change the default user name and password the first time you access the web interface. For information on changing user names and passwords, See “Administration Settings” on page 32. Figure 1: Login Page Home Page and Main After logging in to the web interface, the home page displays.
Chapter 1 | Introduction Connecting to the Web Interface To configure settings, click the relevant Main Menu item. Each Main Menu item is sumarized below with links to the relevant section in this guide where configuration parameters are described in detail: ◆ System — Configures Management IP, WAN, LAN and QoS settings. See “System Settings” on page 31. ◆ Administration — Configures HTTP, Telnet, and SSH access settings. See “Administration Settings” on page 46.
Chapter 1 | Introduction Connecting to the Web Interface Figure 4: Help Menu ◆ Logout – Ends the web management session. ◆ Save Config – Saves the current configuration so that it is retained after a restart.
2 Initial Configuration The AP’s initial configuration steps can be made through the CLI or web browser interface. If the AP is not configured with an IP address that is compatible with your network. You can first use the command line interface (CLI) as described below to configure a valid IP address. CLI Initial Configuration Steps First connect to the AP’s console port and log in to the CLI, as described in “Console Port Connection” on page 17. Then proceed with the required configuration.
Chapter 2 | Initial Configuration CLI Initial Configuration Steps Setting a Password If you are logging in to the CLI for the fist time, you should define management access passwords for an administrator and guest (used for CLI and web management), record them, and then keep them in a safe place. Note: If you loose your management access passwords, you will need to use the Reset button on the AP to set the configuration back to factory default values.
Chapter 2 | Initial Configuration Web Quick Start BA-BOSNIA, BR-BRAZIL, BN-BRUNEI_DARUSSALAM, BG-BULGARIA, CA-CANADA, CL-CHILE, CN-CHINA, CO-COLOMBIA, CR-COSTA_RICA, HR-CROATIA, CY-CYPRUS, CZ-CZECH_REPUBLIC, DK-DENMARK, DK-DENMARK, DO-DOMINICAN_REPUBLIC, EC-ECUADOR, EG-EGYPT, EE-ESTONIA, FI-FINLAND, FO-FAROE_ISLANDS, FR-FRANCE, F2-FRANCE2, GE-GEORGIA, DE-GERMANY, GR-GREECE, GT-GUATEMALA, HK-HONG_KONG, HN-HONDURAS, HU-HUNGARY, IS-ICELAND, IN-INDIA, ID-INDONESIA, IR-IRAN, IQ-IRAQ, IE-IRELAND, IL-ISRAEL, IT-I
Chapter 2 | Initial Configuration Web Quick Start Figure 5: Quick Start - Step 1 The following items are displayed on the first page of the Quick Start wizard: Identification ◆ System Name — The name assigned to the access point. (Default: %VBM #BOE "1) Change Password ◆ Username/Guest Username — The name of the user is fixed as either “admin” or “guest” and is not configurable.
Chapter 2 | Initial Configuration Web Quick Start Caution: You must set the country code to the country of operation. Setting the country code restricts operation of the access point to the radio channels and transmit power levels permitted for wireless networks in the specified country. ◆ Cancel — Cancels the newly entered settings and restores the orignals. ◆ Next — Proceeds to the next page. Step 2 The second page of the Quick Start configures IP settings and DHCP client status.
Chapter 2 | Initial Configuration Web Quick Start ◆ Primary and Secondary DNS Address — The IP address of Domain Name Servers on the network. A DNS maps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses. (The default Primary and Secondary DNS addresses are null values.) ◆ Management IP — The IPv4 address of the AP through which you can access management interfaces.
Chapter 2 | Initial Configuration Web Quick Start Security ◆ ◆ Association Mode — Defines the mode with which the VAP will associate with clients. (For more information on security modes, see “Wireless Security Settings” on page 68.) ■ Open System: The VAP is configured by default as an “open system,” which broadcasts a beacon signal including the configured SSID.
Chapter 2 | Initial Configuration Web Quick Start Authentication ◆ 802.1X — The access point supports 802.1X authentication only for clients initiating the 802.1X authentication process (i.e., the access point does not initiate 802.1X authentication). For clients initiating 802.1X, only those successfully authenticated are allowed to access the network. For those clients not initiating 802.1X, access to the network is allowed after successful wireless association with the access point. The 802.
Section II Web Configuration This section provides details on configuring the access point using the web browser interface.
3 System Settings This chapter describes basic system settings on the access point.
Chapter 3 | System Settings Administration Settings Administration Settings The Administration Settings page configures some basic settings for the AP, such as the system identification name, the management access passwords, and the wireless operation Country Code. Figure 9: Administration The following items are displayed on this page: ◆ System Name — An alias for the AP, enabling the device to be uniquely identified on the network.
Chapter 3 | System Settings IPv4 Address Caution: You must set the country code to the country of operation. Setting the country code restricts operation of the AP to the radio channels and transmit power levels permitted for wireless networks in the specified country. IPv4 Address Configuring the AP with an IPv4 address expands your ability to manage the AP. A number of the AP’s features depend on IPv4 addressing to operate.
Chapter 3 | System Settings IPv6 Address If you have management stations, DNS, RADIUS, or other network servers located on another subnet, type the IP address of the default gateway router in the text field provided. ◆ Primary and Secondary DNS Address — The IP address of Domain Name Servers on the network. A DNS maps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses.
Chapter 3 | System Settings System Time The following items are displayed on this page: ◆ DHCP Status — Enables/disables DHCPv6 on the access point. ◆ IP Address — Specifies an IPv6 address for management of the access point. (Default: 2001:db8::1) ◆ Subnet Mask — Indicates the local subnet mask. (Default: 64) ◆ Default Gateway — The default gateway is the IPv6 address of the router for the access point, which is used if the requested destination address is not on the local subnet.
Chapter 3 | System Settings System Time Figure 12: SNTP Settings SNTP Server Settings Configures the access point to operate as an SNTP client. When enabled, at least one time server IP address must be specified. ◆ SNTP Status — Enables/disables SNTP. (Default: enabled) ◆ Primary Server — The IP address of an SNTP or NTP time server that the access point attempts to poll for a time update. ◆ Secondary Server — The IP address of a secondary SNTP or NTP time server.
Chapter 3 | System Settings VLAN Configuration VLAN Configuration VLANs (virtual local area networks) are turned off by default when first installing the access point. If turned on they will automatically tag any packets received by the LAN port before sending them on to the relevant VAP (virtual access point). The access point can employ VLAN tagging support to control access to network resources and increase security.
Chapter 3 | System Settings VLAN Configuration Figure 13: Setting the VLAN Identity The following items are displayed on this page: ◆ VLAN Classification — Enables VLAN packet tagging. (Default: disabled) ◆ Management VLAN ID — The VLAN ID that traffic must have to be able to manage the access point. (Range 1-4094; Default: 4093) ◆ Native VLAN ID — The VLAN ID assigned to untagged packets received by the LAN port.
Chapter 3 | System Settings System Logs System Logs The access point can be configured to send event and error messages to a System Log Server. The system clock can also be synchronized with a time server, so that all the messages sent to the Syslog server are stamped with the correct time and date. Figure 14: System Log Settings The following items are displayed on this page: ◆ Syslog Status — Enables/disables the logging of error messages.
Chapter 3 | System Settings Quick Start Wizard ◆ Logging Level — Sets the minimum severity level for event logging. (Default: Debug) The system allows you to limit the messages that are logged by specifying a minimum severity level. The following table lists the error message levels from the most severe (Emergency) to least severe (Debug). The message levels that are logged include the specified minimum level up to the Emergency level.
Chapter 3 | System Settings System Resource System Resource The System Resource page displays information on the AP’s current CPU and memory utilization. This page also allows you to set thresholds for the CPU and memory usage, where an SNMP trap can be sent as an alert. Figure 15: System Resource The following items are displayed on this page: ◆ CPU Rising Threshold — A high CPU utilization percentage above which a “CPU Busy” SNMP trap message is sent (only sent once).
Chapter 3 | System Settings Bridge STP Configuration ◆ Memory Status — Displays detailed information on the current memory utilization. Bridge STP Configuration The Bridge menu enables configuration of the Spanning Tree Protocol (STP) and the address table aging time. Spanning Tree The Spanning Tree Protocol (STP) can be used to detect and disable network loops, Protocol (STP) and to provide backup links between switches, bridges or routers.
Chapter 3 | System Settings Bridge STP Configuration Figure 16: Spanning Tree Protocol Bridge Sets STP bridge link parameters. The following items are displayed on the STP page: ◆ Spanning Tree Protcol — Enables/disables STP on the AP. (Default: Disabled) ◆ Priority — Used in selecting the root device, root port, and designated port. The device with the highest priority becomes the STP root device.
Chapter 3 | System Settings Bridge STP Configuration to the network. (Default: 20 seconds; Range: 6-40 seconds) Minimum: The higher of 6 or [2 x (Hello Time + 1)]. Maximum: The lower of 40 or [2 x (Forward Delay - 1)] ◆ Hello Time — Interval (in seconds) at which the root device transmits a configuration message. (Default: 2 seconds; Range: 1-10 seconds) Minimum: 1 Maximum: The lower of 10 or [(Max.
Chapter 3 | System Settings Bridge STP Configuration ◆ Link Port Priority — Defines the priority used for this port in the Spanning Tree Protocol. If the path cost for all ports on a switch are the same, the port with the highest priority (i.e., lowest value) will be configured as an active link in the spanning tree. This makes a port with higher priority less likely to be blocked if the Spanning Tree Protocol is detecting network loops.
4 Administration Settings This chapter describes management access settings on the access point.
Chapter 4 | Administration Settings Remote Management Settings Remote Management Settings The Web, Telnet, and SNMP management interfaces are enabled and open to all IP addresses by default. To provide more security for management access to the access point, specific interfaces can be disabled and management restricted to a single IP address or a limited range of IP addresses. Once you specify an IP address or range of addresses, access to management interfaces is restricted to the specified addresses.
Chapter 4 | Administration Settings Remote Management Settings Figure 18: Remote Management The following items are displayed on Admin Interface page: ◆ Telnet Access — Enables/disables management access from Telnet interfaces. (Default: enabled) ◆ Telnet Access Port — Sets the specified Telnet port for communication. (Default: 23) ◆ SSH Server — Enables/disables management access from SSH Servers. (Default: enabled) ◆ SSH Server Port — Sets the specified SSH Server port for communication.
Chapter 4 | Administration Settings Access Limitation ◆ HTTPS Port — Specifies the HTTPS port for secure IP connectivity. (Default: 443; Range 1024-65535) ◆ SNMP Access — Enables management access through SNMP. For more information on SNMP access, see “” on page 50. (Default: enabled) Access Limitation The Access Limitation page limits management access to the access point from specified IP addresses or wireless clients.
Chapter 4 | Administration Settings Access Limitation Restrict Management ◆ Enable/Disable — Enables/disables management of the device by a wireless client. (Default: disabled) DHCP Filter ◆ Enable/Disable — Enables/disables the AP and wireless clients from obtaining an IP address from a DHCP server installed on wireless client.
5 Advanced Settings This chapter describes advanced settings on the access point. It includes the following sections: ◆ “Local Bridge Filter” on page 51 ◆ “Link Layer Discovery Protocol” on page 52 ◆ “Access Control Lists” on page 54 ◆ “Link Integrity” on page 57 ◆ “Max Bandwidth Control” on page 58 Local Bridge Filter The access point can employ network traffic frame filtering to control access to network resources and increase security.
Chapter 5 | Advanced Settings Link Layer Discovery Protocol ◆ Disabled — All clients can communicate with each other through the access point. ◆ Prevent Intra VAP client communication — When enabled, clients associated with a specific VAP interface cannot establish wireless communications with each other. Clients can communicate with clients associated to other VAP interfaces.
Chapter 5 | Advanced Settings Link Layer Discovery Protocol ◆ Message Transmission Hold Time — Configures the time-to-live (TTL) value sent in LLDP advertisements as shown in the formula below. (Range: 2-10; Default: 4) The time-to-live tells the receiving LLDP agent how long to retain all information pertaining to the sending LLDP agent if it does not transmit updates in a timely manner. TTL in seconds is based on the following rule: (Transmission Interval * Hold time) ≤ 65536.
Chapter 5 | Advanced Settings Access Control Lists Access Control Lists Access Control Lists allow you to configure a list of wireless client MAC addresses that are not authorized to access the network. A database of MAC addresses can be configured locally on the access point. Source Address The ACL Source Address Settings page enables traffic filtering based on the source Settings MAC address in the data frame.
Chapter 5 | Advanced Settings Access Control Lists Destination Address The ACL Destination Address Settings page enables traffic filtering based on the Settings destination MAC address in the data frame. Figure 23: Destination ACLs The following items are displayed on this page: ◆ DA Status — Enables network traffic with specific destination MAC addresses to be filtered (dropped) from the access point.
Chapter 5 | Advanced Settings Access Control Lists Ethernet Type The Ethernet Type Filter controls checks on the Ethernet type of all incoming and outgoing Ethernet packets against the protocol filtering table. (Default: Disabled) Figure 24: Ethernet Type Filter The following items are displayed on this page: ◆ Disabled — Access point does not filter Ethernet protocol types. ◆ Enabled — Access point filters Ethernet protocol types based on the configuration of protocol types in the filter table.
Chapter 5 | Advanced Settings Link Integrity Link Integrity The AP provides a link integrity feature that can be used to ensure that wireless clients are connected to resources on the wired network. The AP does this by periodically sending Ping messages to a host device in the wired Ethernet network. If the AP detects that the connection to the host has failed, it can disable the radio interfaces, forcing clients to find and associate with another AP.
Chapter 5 | Advanced Settings Max Bandwidth Control Max Bandwidth Control Click the Max Bandwidth Control link on the Advance menu to configure rate limiting of traffic on the AP. Figure 26: Max Bandwidth Control The following items are displayed on this page: ◆ Uplink Setting — Enables the rate limiting of traffic from the AP as it is passed to the wired network. You can set a maximum rate in kbytes per second.
6 Wireless Settings This chapter describes wireless settings on the access point. It includes the following sections: ◆ “Band Steering” on page 59 ◆ “Radio Settings” on page 60 ◆ “Virtual Access Points (VAPs)” on page 64 ◆ “Rogue AP Detection” on page 78 ◆ “Wi-Fi Multimedia (WMM)” on page 80 Band Steering The Band Steering feature redirects all dual-band clients to connect to the 5 GHz radio. This feature only functions when both the 2.4 GHz and 5 GHz radio SSIDs are identical.
Chapter 6 | Wireless Settings Radio Settings Radio Settings The IEEE 802.11n wireless interfaces include configuration options for radio signal characteristics and wireless security features. The AP can operate in several radio modes, mixed 802.11b/g/n (2.4 GHz), or mixed 802.11a/n (5 GHz). Note that the radios can operate at 2.4 GHz and 5 GHz at the same time. The web interface identifies the radio configuration pages as: ◆ Radio 0 — the 2.4 GHz 802.11b/g/n radio interface ◆ Radio 1 — the 5 GHz 802.
Chapter 6 | Wireless Settings Radio Settings The following items are displayed on this page: ◆ High Throughput Mode — The access point provides a channel bandwidth of 20 MHz by default giving an 802.11g connection speed of 54 Mbps and a 802.11n connection speed of up to 108 Mbps, and ensures backward compliance for slower 802.11b devices. Setting the HT Channel Bandwidth to 40 MHz increases connection speed for 802.11n up to 300 Mbps.
Chapter 6 | Wireless Settings Radio Settings ◆ Maximum Association Clients — The total maximum number of clients that may associate with the radio. (Range: 1-127; Default: 100) ◆ Radio Mode — Defines the radio operation mode. ■ Radio 0 (2.4 GHz Radio) — Default: 11n (g compatible); Options: 11n (b&g compatible), 11n (g compatible). ■ Radio 1 (5 GHz Radio) — Default: 11n; Options: 11n (a compatible), 11n. Note: Enabling the AP to communicate with 802.11b/g clients in both 802.11b/g/n Mixed and 802.
Chapter 6 | Wireless Settings Radio Settings the packet size equals or exceeds the RTS threshold, the RTS/CTS (Request to Send / Clear to Send) mechanism will be enabled. The access points contending for the medium may not be aware of each other. The RTS/CTS mechanism can solve this “Hidden Node Problem.” (Range: 1-2346 bytes: Default: 2346 bytes) ◆ Short Guard Interval — The 802.11n draft specifies two guard intervals: 400ns (short) and 800ns (long).
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) ◆ Long Distance Setting — When you have long-distance links in the wireless network, some timing parameters require an adjustment to maintain communications. Enter the approximate distance (in meters) of the client from the AP. Click on the “Show Reference Data” button to compute a set of recommended values for SlotTime, ACKTimeOut and CTSTimeOut. You can use the recommended values or enter your own values that work for your specific environment.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) Figure 29: VAP Settings The following items are displayed on this page: ◆ VAP Number — The number associated with the VAP, 0-15. ◆ SSID — The name of the basic service set provided by a VAP interface. Clients that want to connect to the network through the access point must set their SSID to the same as that of an access point VAP interface. (Default: %VBM #BOE "1_11BGN_# (0 to 15) for 2.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) VAP Basic Settings Sets the basic operating mode and other settings for the VAP. Each VAP can operate in one of three modes; normal AP mode, WDS-AP bridge AP mode, or WDS-STA bridge station mode. The default mode is AP for the VAP to support normal access point services. Note: For more information and examples for setting up WDS networks, see “WDS Setup Examples” on page 45. Note that the Basic Settings are the same for both AP and WDS-AP modes.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) ◆ WLAN Client Association Preemption — When enabled, the AP applies a priority order for associating clients when the maximum clients for the VAP has been reached. The priority order is 11n clients, 11a/g clients, then 11b clients.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) WDS-STA Mode Describes additional basic VAP settings when functioning in WDS-STA mode. Figure 31: WDS-STA Mode The following items are displayed in the VAP Basic Settings when WDS-AP mode is selected: ◆ WDS-AP (Parent) SSID — The SSID of the VAP on the connecting access point that is set to WDS-AP mode. ◆ WDS-AP (Parent) MAC — The MAC address of the VAP on the connecting access point that is set to WDS-AP mode.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) ◆ ◆ ■ Open System: The VAP is configured by default as an “open system,” which broadcasts a beacon signal including the configured SSID. Wireless clients with an SSID setting of “any” can read the SSID from the beacon and automatically set their SSID to allow immediate connection. ■ WPA: WPA employs a combination of several technologies to provide an enhanced security solution for 802.11 wireless networks.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) association with the access point. The 802.1X mode allows access for clients not using WPA or WPA2 security. ◆ Pre-Authentication — When using WPA2 over 802.1X, pre-authentication can be enabled, which allows clients to roam to a new access point and be quickly associated without performing full 802.1X authentication. (Default: Disabled) ◆ 802.1x Reauthentication Time — The time period after which a connected client must be re-authenticated.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) Figure 33: WEP Configuration The following items are on this page for WEP configuration: ◆ Default WEP Key Index – Selects the key number to use for encryption for the VAP interface. If the clients have all four WEP keys configured to the same values, you can change the encryption key to any of the settings without having to update the client keys.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) VAP QoS Settings Click the QoS Setting link from the VAP Settings page to access the QoS priority mapping configuration for traffic on the VAP interface. Figure 34: QoS Settings The following items are displayed in the VAP QoS Settings page: ◆ VAP to 802.1p Setting — You can modify the VLAN priority tags of traffic on the VAP interface with a specified priority value. Requires the default VLAN ID for the VAP to be any other value than 1.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) Both “802.1d to 802.1p” mapping and “802.1d to DSCP” mapping can be enabled simultaneously when the default VLAN ID for the VAP is any other value than 1. When only “802.1d to DSCP” mapping is enabled, the default VLAN ID for the VAP must be set to 1. ◆ QoS Template — Enables up to eight user-defined priority mapping tables to be configued. The tables are used to map the WMM 802.1d priorities to 802.1p/ DSCP priorities.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) VAP Bandwidth Click the Bandwidth Setting link from the VAP Settings page to configure rate Settings limiting for traffic on the VAP interface. Figure 36: Bandwidth Settings The following items are displayed on this page: ◆ Bandwidth Control on Uplink Setting — Enables the rate limiting of traffic from the VAP interface as it is passed to the wired network. You can set a maximum rate in kbytes per second.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) Figure 37: Local Authentication The following items are displayed on Authentication page: MAC Authentication — Selects between, disabled, Local MAC authentication and RADIUS authentication. ◆ Local MAC — The MAC address of the associating station is compared against the local database stored on the access point. The Local MAC Authentication section enables the local database to be set up.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) RADIUS MAC Authentication The MAC address of the associating station is sent to a configured RADIUS server for authentication. When using a RADIUS authentication server for MAC address authentication, the server must first be configured on the RADIUS page. Figure 38: RADIUS Authentication The following items are displayed on Authentication page: MAC Authentication — Selects between, disabled, Local MAC authentication and RADIUS authentication.
Chapter 6 | Wireless Settings Virtual Access Points (VAPs) Figure 39: RADIUS Settings The following items are displayed on the RADIUS Settings page: ◆ RADIUS Status — Enables/disables the primary RADIUS server. ◆ IP Address — Specifies the IP address or host name of the RADIUS server. ◆ Port (1024-65535) — The UDP port number used by the RADIUS server for authentication messages.
Chapter 6 | Wireless Settings Rogue AP Detection ◆ Port (1024-65535) — The UDP port number used by the RADIUS accounting server for authentication messages. (Range: 1024-65535; Default: 1813) ◆ Key — A shared text string used to encrypt messages between the access point and the RADIUS accounting server. Be sure that the same text string is specified on the RADIUS server. Do not use blank spaces in the string.
Chapter 6 | Wireless Settings Rogue AP Detection Figure 40: Rogue AP Detection The following items are displayed on this page: ◆ AP Scan Setting — Enables the periodic scanning for other nearby access points. (Default: Disable) ◆ Scan Interval — Sets the time between each rogue AP scan. (Range: 15 -65535 seconds; Default: 7200 seconds) ◆ Scan Duration — Sets the length of time for each rogue AP scan.
Chapter 6 | Wireless Settings Wi-Fi Multimedia (WMM) ◆ Rogue AP Scan Result — Displays information of unknown APs detected within the range of the AP running the scan. ◆ Friendly Active AP Scan Result — Displays information of known APs detected within the range of the AP running the scan. ◆ Start Instant Scan — Starts an immediate rogue AP scan on the radio interface.
Chapter 6 | Wireless Settings Wi-Fi Multimedia (WMM) Table 2: WMM Access Categories Access Category WMM Designation Description 802.1D Tags AC_VO (AC3) Voice Highest priority, minimum delay. Time-sensitive data such as VoIP (Voice over IP) calls. 7, 6 AC_VI (AC2) Video High priority, minimum delay. Time-sensitive data such as streaming video. 5, 4 AC_BE (AC0) Best Effort Normal priority, medium delay and throughput. Data only affected by long delays.
Chapter 6 | Wireless Settings Wi-Fi Multimedia (WMM) Figure 41: WMM Backoff Wait Times Time CWMin High Priority CWMax AIFS Random Backoff Minimum Wait Time Random Wait Time CWMin Low Priority CWMax AIFS Random Backoff Minimum Wait Time Random Wait Time For high-priority traffic, the AIFSN and CW values are smaller. The smaller values equate to less backoff and wait time, and therefore more transmit opportunities.
Chapter 6 | Wireless Settings Wi-Fi Multimedia (WMM) The following items are displayed on this page: ◆ ◆ WMM — Sets the WMM operational mode on the access point. When enabled, the parameters for each AC queue will be employed on the access point and QoS capabilities are advertised to WMM-enabled clients. (Default: Disabled) ■ Disable: WMM is disabled. ■ Enable: WMM must be supported on any device trying to associated with the access point.
Chapter 6 | Wireless Settings Wi-Fi Multimedia (WMM) ■ ◆ Admission Control: The admission control mode for the access category. When enabled, clients are blocked from using the access category. (Default: Disabled) Set WMM — Applies the new parameters and saves them to RAM memory. Also prompts a screen to inform you when it has taken affect. Click “OK” to return to the home page. Changes will not be saved upon a reboot unless the running configuration file is saved.
7 SNMP Settings This chapter describes Simple Network Management Protocol (SNMP) settings on the access point. Simple Network Management Protocol (SNMP) is a communication protocol designed specifically for managing devices on a network. Equipment commonly managed with SNMP includes switches, routers and host computers. Managed devices supporting SNMP contain software, which runs locally on the device and is referred to as an agent.
Chapter 7 | SNMP Settings SNMP Basic Settings SNMP Basic Settings The access point SNMP agent must be enabled to function (for versions 1, 2c, and 3 clients). Management access using SNMP v1 and v2c also requires community strings to be configured for authentication. Trap notifications can be enabled and sent to up to four management stations.
Chapter 7 | SNMP Settings SNMP Trap Settings SNMP Trap Settings Traps indicating status changes are issued by the AP to specified trap managers. You must specify trap managers so that key events are reported by the AP to your management station (using network management platforms). Figure 44: SNMP Trap Settings The following items are displayed on this page: ◆ Trap Destination — Specifies the recipient of SNMP notifications. Enter the IP address or the host name.
Chapter 7 | SNMP Settings View Access Control Model ◆ Save Trap Config — Applies the new parameters and saves them to RAM memory. Also prompts a screen to inform you when it has taken affect. Clicking ‘OK’ returns to the home page. Changes will not be saved upon a reboot unless the running configuration file is saved. View Access Control Model To configure SNMPv3 management access to the AP, follow these steps: 1. Specify read and write access views for the AP MIB tree. 2.
Chapter 7 | SNMP Settings View Access Control Model ◆ Type – Indicates if the object identifier of a branch within the MIB tree is included or excluded from the SNMP view. ◆ OID – Allows you to configure the object identifiers of branches within the MIB tree. Wild cards can be used to mask a specific portion of the OID string. ◆ Mask (option) – A hexadecimal value with each bit masking the corresponding ID in the MIB subtree. A “1” in the mask indicates an exact match and a “0” indicates a “wild card.
Chapter 7 | SNMP Settings SNMPv3 Users SNMPv3 Users The access point allows multiple SNMP v3 users to be configured. Each SNMPv3 user is defined by a unique name. Users must be configured with a specific security level and assigned to a group. The SNMPv3 group restricts users to a specific read, write, or notify view. Figure 46: Configuring SNMPv3 Users The following items are displayed on this page: ◆ User Name — The SNMPv3 user name. (32 characters maximum) ◆ Group — The SNMPv3 group name.
Chapter 7 | SNMP Settings SNMPv3 Targets assigned to the RWPriv group. If this same user were instead assigned to the readonly (RO) group, the user would not be able to access the database. SNMPv3 Targets An SNMP v3 notification Target ID is specified by the SNMP v3 user, IP address, and UDP port. A user-defined filter can also be assigned to specific targets to limit the notifications received to specific MIB objects. (Note that the filter must first be configured.
Chapter 7 | SNMP Settings SNMPv3 Notification Filters SNMPv3 Notification Filters SNMP v3 users can be configured to receive notification messages from the access point. An SNMP Target ID is created that specifies the SNMP v3 user, IP address, and UDP port. A user-defined notification filter can be created so that specific notifications can be prevented from being sent to particular targets.
8 Maintenance Settings Maintenance settings includes the following sections: ◆ “Upgrading Firmware” on page 93 ◆ “Running Configuration” on page 95 ◆ “Resetting the Access Point” on page 97 ◆ “Scheduled Reboot” on page 98 Upgrading Firmware You can upgrade new access point software from a local file on the management workstation, or from an FTP or TFTP server. New software may be provided periodically from your distributor.
Chapter 8 | Maintenance Settings Upgrading Firmware Figure 49: Firmware The following items are displayed on this page: ◆ Firmware Version — Displays the software image version that is being used as the runtime image. The “Active” image is the current running software, and the “Backup” image is the second software file installed on the AP, but not running. ◆ Next Boot Image — Specifies what version of software will be used as a runtime image upon bootup.
Chapter 8 | Maintenance Settings Running Configuration ◆ ■ New Firmware File: Specifies the name of the code file on the server. The new firmware file name should not contain slashes (\ or /), the leading letter of the file name should not be a period (.), and the maximum length for file names on the FTP/TFTP server is 255 characters or 32 characters for files on the access point. (Valid characters: A-Z, a-z, 0-9, “.”, “-”, “_”) ■ IP Address: IP address or host name of FTP or TFTP server.
Chapter 8 | Maintenance Settings Running Configuration The following items are displayed on this page: ◆ File Backup/Restore — Downloads an operation code image file from a specified remote FTP or TFTP server. After filling in the following fields, click Start Export/Import to proceed. ◆ Export/Import — Select Export to upload a file to an FTP/TFTP server. Select Import to download a file from an FTP/TFTP server. ◆ Config file — Specifies the name of the configuration file.
Chapter 8 | Maintenance Settings Resetting the Access Point Resetting the Access Point The Reset page allows you to reset the access point and save the running configuration before the reboot. Figure 51: Resetting the Access Point The following items are displayed on this page: ◆ Save Runtime config before Reboot — Checking this option saves the current running configuration to the startup file. ◆ Reboot — Click the “Reboot” button to reset the configuration settings for the AP and reboot the system.
Chapter 8 | Maintenance Settings Scheduled Reboot Scheduled Reboot The Reboot Schedule page allows you to set the AP to reboot on a specified time schedule. The time can be either by days and hours, or a simple countdown in minutes. Figure 52: Reboot Schedule — Fixed Time The following items are displayed on this page: ◆ Status — Selects a fixed time interval or a countdown time, or disables the feature. ◆ Interval — Specifies the interval in days.
9 Status Information The Information menu displays information on the current system configuration, the wireless interface, the station status and system logs.
Chapter 9 | Status Information AP Status AP Status The AP Status window displays basic system configuration settings, as well as the settings for the wireless interfaces. AP System The AP System Configuration table displays the basic system configuration settings Configuration Figure 54: AP System Configuration The following items are displayed on this page: ◆ Serial Number — The serial number of the physical access point. ◆ System Up Time — Length of time the management agent has been up.
Chapter 9 | Status Information AP Status ◆ System Name — Name assigned to this system. ◆ System Contact — Administrator responsible for the system. ◆ IP Address — IP address of the management interface for this device. ◆ IP Default Gateway — IP address of the gateway router between this device and management stations that exist on other network segments. ◆ HTTP Server Status — Shows if management access via HTTP is enabled. ◆ HTTP Port — Shows the TCP port used by the HTTP interface.
Chapter 9 | Status Information AP Status AP Wireless The AP Wireless Configuration displays the VAP interface settings for the 2.4 GHz Configuration and 5 GHz radios. Figure 55: AP Wireless Configuration The following items are displayed on this page for the 2.4 GHz and 5 GHz radio interfaces: ◆ VAP — Displays the VAP number. ◆ SSID — The service set identifier for the VAP interface. ◆ Status — Displays the interface mode setting, either “ap”, “wds-ap”, or “wds-sta”.
Chapter 9 | Status Information Station Status Station Status The Station Status window shows the wireless clients currently associated with the 2.4 GHz and 5 GHz radio interfaces. Figure 56: Station Status The following items are displayed on this page: ◆ Total Station Number of this device — The total number of clients associated to the AP. ◆ Total Station Number of Radio 0 — The total number of clients associated to the 2.4 GHz radio.
Chapter 9 | Status Information Station Statistics Station Statistics The Station Statistics window shows the statistic information for wireless clients currently associated with the 2.4 GHz and 5 GHz radio interfaces. Figure 57: Station Statistics The following items are displayed on this page: ◆ Station Address — The MAC address of the wireless client. ◆ TxPkts — The number of transmitted packets from this client. ◆ TxBytes — The number of transmitted bytes from this client.
Chapter 9 | Status Information Event Logs Event Logs The Event Logs window shows the log messages generated by the access point and stored in memory. Figure 58: Event Logs The following items are displayed on this page: ◆ Display Event Log — Selects the log entries to display. Up to 20 log messages can be displayed at one time. Each log entry includes the time the log message was generated, the logging level associated with the message, and the text of the log message.
Chapter 9 | Status Information WDS Status WDS Status The WDS Status window shows the WDS information for the 2.4 GHz and 5 GHz radio interfaces. Figure 59: WDS Status The following items are displayed on this page: ◆ Auto Refresh Setting — Enables the automatic refresh of WDS status information. When enabled, you can also set the time interval between each status refresh. ◆ WDS-STA Status — The status of other APs in WDS-STA mode connected to the AP interfaces.
Chapter 9 | Status Information WDS Status ◆ WDS-AP Status — The status of other APs in WDS-AP mode connected to AP interfaces. ■ Station Address — The MAC address of the WDS-enabled AP. ■ RSSI — The Receive Signal Strength Indicator of the received signal sent from the peer WDS AP. ■ Remote RSSI — The Receive Signal Strength Indicator of the AP signal received by the peer WDS-AP.
Chapter 9 | Status Information WDS Status – 108 –
Section III Command Line Interface This section provides a detailed description of the Command Line Interface, along with examples for all of the commands.
Section III | Command Line Interface ◆ “Wireless Security Commands” on page 239 ◆ “Rogue AP Detection Commands” on page 249 ◆ “Link Integrity Commands” on page 255 ◆ “Link Layer Discovery Commands” on page 258 ◆ “VLAN Commands” on page 262 ◆ “WMM Commands” on page 266 ◆ “QoS Commands” on page 271 – 110 –
10 Using the Command Line Interface When accessing the management interface for the over a direct connection to the console port, or via a Telnet connection, the access point can be managed by entering command keywords and parameters at the prompt. Using the access point’s command-line interface (CLI) is very similar to entering commands on a UNIX system. Console Connection To access the AP through the console port, first set up a console connection to the AP.
Chapter 10 | Using the Command Line Interface Telnet Connection Telnet Connection Telnet operates over the IP transport protocol. In this environment, your management station and any network device you want to manage over the network must have a valid IP address. If the access point does not acquire an IP address from a DHCP server, the default IP address used by the access point for management is 192.168.1.10.
Chapter 10 | Using the Command Line Interface Entering Commands Entering Commands This section describes how to enter CLI commands. Keywords and A CLI command is a series of keywords and arguments. Keywords identify a Arguments command, and arguments specify configuration parameters. For example, in the command “show interfaces ethernet,” show and interfaces are keywords, and ethernet is an argument that specifies the interface type.
Chapter 10 | Using the Command Line Interface Entering Commands interface line link-integrity lldp logging long-distance rogue-ap snmp sntp station system version AP: show Show interface information. TTY line information. Show Link Integrity information. Show lldp parameters. Show the logging buffers. Show the outdoor parameter information. Show Rogue AP information. Show snmp configuration. Show sntp configuration. Show 802.11 station table. Show system information. Show system version.
Chapter 10 | Using the Command Line Interface Entering Commands current mode. The command classes and associated modes are displayed in the following table: Table 3: Command Modes Class Mode Exec Privileged Configuration Global Interface-ethernet Interface-wireless Interface-wireless-vap Exec Commands When you open a new console session on an access point, the system enters Exec command mode. Only a limited number of the commands are available in this mode.
Chapter 10 | Using the Command Line Interface Entering Commands AP#configure AP(config)# To enter Interface mode, you must enter the “interface ethernet” while in Global Configuration mode. The system prompt will change to “AP(if-ethernet)#,” or “AP(if-wireless 0)” indicating that you have access privileges to the associated commands. You can use the exit command to return to the Exec mode. AP(config)#interface ethernet AP(if-ethernet)# Command Line Commands are not case sensitive.
11 General Commands This chapter details general commands that apply to the CLI.
Chapter 11 | General Commands end This command returns to the previous configuration mode. Default Setting None Command Mode Global Configuration, Interface Configuration Example This example shows how to return to the Configuration mode from the Interface Configuration mode: AP(if-ethernet)#end AP(config)# exit This command returns to the Exec mode or exits the configuration program.
Chapter 11 | General Commands Command Mode Exec Example The following example disables the CLI timeout. AP(config)# cli-session-timeout disable AP(config)# ping This command sends ICMP echo request packets to another node on the network. Syntax ping host_name - Alias of the host. ip_address - IP address of the host. Default Setting None Command Mode Exec Command Usage ◆ Use the ping command to see if another site on the network can be reached.
Chapter 11 | General Commands reset This command restarts the system or restores the factory default settings. Syntax reset board - Reboots the system. configuration - Resets the configuration settings to the factory defaults, and then reboots the system. configuration-keep-ip - Resets the configuration settings to the factory defaults except for the IP address, and then reboots the system.
12 System Management Commands These commands are used to configure the password, system logs, browser management options, clock settings, and a variety of other system information.
Chapter 12 | System Management Commands Table 5: System Management Commands (Continued) Command Function Mode Page show apmanagement Shows the AP management configuration Exec 134 show maxbandwidth-control Displays the bandwidth control settings for the AP Exec 134 show system Displays system information Exec 135 show system resource Displays CPU and memory usage information Exec 135 show version Displays version information for the system Exec 136 show config Displays detailed confi
Chapter 12 | System Management Commands Table 6: Country Codes (Continued) Country Code Country Code Country Code Country Code Brunei Darussalam BN India IN Norway NO Ukraine UA Bulgaria BG Indonesia ID Qatar QA United Arab Emirates AE Canada CA Iran IR Oman OM United Kingdom GB Chile CL Ireland IE Pakistan PK United States US China CN Israel IL Panama PA Uruguay UY Colombia CO Italy IT Peru PE Uzbekistan UZ Costa Rica CR Japan JP Philippines PH
Chapter 12 | System Management Commands Syntax prompt no prompt string - Any alphanumeric string to use for the CLI prompt. (Maximum length: 32 characters) Default Setting EC Command Mode Global Configuration Example AP(config)#prompt RD2 RD2(config)# system name This command specifies or modifies the system name for this device. Syntax system name name - The name of this host.
Chapter 12 | System Management Commands cpu-rising - The CPU utilization rising threshold as a percentage. (Range: 1-100 percent, 0 is disabled) cpu-falling - The CPU utilization falling threshold as a percentage. (Range: 0 to less than the CPU rising threshold) memory-rising - The memory utilization rising threshold in Kbytes. (Range: 1-113076 Kbytes, 0 is disabled) memory-falling - The memory utilization falling threshold in Kbytes.
Chapter 12 | System Management Commands old-password - The current password for management access. When there is no password set, enter the string “null”. (Length: 5-32 characters, case sensitive) new-password - The new password for management access. (Length: 5-32 characters, case sensitive) Default Setting None. There are no admin or guest passwords.
Chapter 12 | System Management Commands apmgmgtui ssh This command enables the Secure Shell server. Use the no form to disable the enable server. Syntax apmgmtui ssh enable no apmgmtui ssh-server Default Setting Enabled Command Mode Global Configuration Command Usage ◆ The access point supports Secure Shell version 2.0 only. ◆ After boot up, the SSH server needs about two minutes to generate host encryption keys. The SSH server is disabled while the keys are being generated.
Chapter 12 | System Management Commands apmgmtui telnet- This command enables the Telnet server. Use the no form to disable the server. server enable Syntax apmgmtui telnet-server enable no apmgmtui telnet-server Default Setting Interface enabled Command Mode Global Configuration Example AP(config)# apmgmtui telnet-server enable AP(config)# apmgmtui http port This command specifies the TCP port number used by the web browser interface. Use the no form to use the default port.
Chapter 12 | System Management Commands apmgmtui http server This command allows this device to be monitored or configured from a web browser. Use the no form to disable this function. Syntax [no] apmgmtui http server Default Setting Enabled Command Mode Global Configuration Example AP(config)# apmgmtui http server AP(config)# Related Commands apmgmtui http port apmgmtui http This command sets the web browser timeout limit.
Chapter 12 | System Management Commands apmgmtui https port Use this command to specify the UDP port number used for HTTPS/SSL connection to the access point’s web interface. Use the no form to restore the default port. Syntax apmgmtui https port no apmgmtui https port port_number – The UDP port used for HTTPS/SSL. (Range: 443, 1024-65535) Default Setting 443 Command Mode Global Configuration Command Usage ◆ You cannot configure the HTTP and HTTPS servers to use the same port.
Chapter 12 | System Management Commands ◆ If you enable HTTPS, you must indicate this in the URL: https://device:port_number] ◆ When you start HTTPS, the connection is established in this way: ■ The client authenticates the server using the server’s digital certificate. ■ The client and server negotiate a set of security protocols to use for the connection. ■ The client and server generate session keys for encrypting and decrypting data.
Chapter 12 | System Management Commands Syntax apmgmtip [multiple | single | any] multiple - Adds IP addresses within a specifiable range to the SNMP, web and Telnet groups. single - Adds an IP address to the SNMP, web and Telnet groups. any - Allows any IP address access through SNMP, web and Telnet groups. ip-address - Adds IP addresses to the SNMP, web and Telnet groups. subnet-mask - Specifies a range of IP addresses allowed management access.
Chapter 12 | System Management Commands Command Mode Global Configuration Command Usage This command enables the rate limiting of traffic from the AP as it is passed to the wired network. You can set a maximum rate in Kbytes per second. Example AP(config)# max-bandwidth-control uplink This setting has not been effective ! If want to take effect, please execute make-security-effective command ! AP(config)# max-bandwidth- This command enables the downlink bandwidth control for the AP.
Chapter 12 | System Management Commands max-bandwidth- This command implements the bandwidth control for the AP. control make-effective Syntax max-bandwidth-control make-effective Command Mode Global Configuration Example AP(config)# max-bandwidth-control make effective AP(config)# show apmanagement This command shows the AP management configuration, including the IP addresses of management stations allowed to access the AP, and the protocols that are open to management access.
Chapter 12 | System Management Commands show system This command displays basic system configuration settings.
Chapter 12 | System Management Commands Example AP#show system resource =============== CPU ========================================= user (%) 0.00 nice (%) 0.00 system (%) 7.92 iowait (%) 0.00 idle (%) 92.08 =============== Memory ====================================== free (kb) 95820 used (kb) 17256 used (%) 15.26 cached (kb) 4900 ============================================================= AP# show version This command displays the software version for the system.
Chapter 12 | System Management Commands Management Subnet : IPv6 Address : IPv6 Subnet Mask : IPv6 Gateway : VLAN Status : Management VLAN ID(AP): Native VLAN ID(AP) : DHCP Client : HTTP Access : HTTP Port : HTTP Timeout : HTTPs Access : HTTPs Port : SSH Access : SSH Port : Telnet Access : Telnet Port : Slot Status : Boot Rom Version : Software Version : Hardware Version : Part Number : Production Date : User Name : Reboot scheduling : 255.255.255.
Chapter 12 | System Management Commands View List: ================================== There is no view. ================================== Group List: ================================== There is no group. ================================== User List: ================================== There is no SNMPv3 User. ================================== Target List: ================================== There is no SNMP target.
Chapter 12 | System Management Commands ========================================== Source Filter :DISABLED Source MAC : ========================================== ACL Information ========================================== Destination Filter :DISABLED Destination MAC : ========================================== Console Line Information =========================================================== databits : 8 parity : none speed : 115200 stop bits : 1 ==========================================================
Chapter 12 | System Management Commands A-MSDU Status Disable HT20/H40 coexistence : Enabled : n ---------------------------------Security---------------------------------- Closed System : DISABLE WPA Function : OPEN-SYSTEM, WPA FUNCTION DISABLE WPA PSK Key Type : ascii WPA PSK Key : ******** Default Transmit Key : 1 Static WEP Keys Key 1 : ***** Key 2 : ***** Key 3 : ***** Key 4 : ***** Pre-Authentication : DISABLE ----------------------------------802.1x----------------------------------802.
Chapter 12 | System Management Commands Allowed Rates : 1,2,5.5,6,9,11,12,18,24,36,48,54,MCS0,MCS1,MCS2,MCS3,MCS4,MCS5,MCS6,MCS7,MC S8,MCS9,MCS10,MCS11,MCS12,MCS13,MCS14,MCS15 Status : ENABLE MAC Address : 70:72:CF:00:11:80 VLAN-ID : 1 Dhcp-Relay Server Ip : 0.0.0.0 ---------------------------------Capacity---------------------------------Maximum Association Client Per Vap : 16 Clients Maximum Association Client Per Radio : 127 Clients -----------------------------802.
Chapter 12 | System Management Commands AC1(BK) AC2(VI) AC3(VO) WMM AP Parameters: AC0(BE) CwMin: 4 AC1(BK) CwMin: 4 AC2(VI) CwMin: 3 AC3(VO) CwMin: 2 WMM BSS Parameters: AC0(BE) CwMin: 4 AC1(BK) CwMin: 4 AC2(VI) CwMin: 3 AC3(VO) CwMin: 2 : Acknowledge : Acknowledge : Acknowledge CwMax: CwMax: CwMax: CwMax: 6 10 4 3 AIFSN: AIFSN: AIFSN: AIFSN: 3 7 1 1 TXOP TXOP TXOP TXOP Limit: 0 Limit: 0 Limit:3008 Limit:1504 CwMax: CwMax: CwMax: CwMax: 10 10 4 3 AIFSN: AIFSN: AIFSN: AIFSN: 3 7 2 2 TXOP TXOP TX
13 System Logging Commands These commands are used to configure system logging on the access point.
Chapter 13 | System Logging Commands logging host This command specifies syslog servers host that will receive logging messages. Use the no form to remove syslog server host. Syntax logging host <1 | 2 | 3 | 4> [udp_port] no logging host <1 | 2 | 3 | 4> 1 - First syslog server. 2 - Second syslog server. 3 - Third syslog server. 4 - Fourth syslog server. host_name - The name of a syslog server. (Range: 1-20 characters) host_ip_address - The IP address of a syslog server.
Chapter 13 | System Logging Commands logging level This command sets the minimum severity level for event logging. Syntax logging level Default Setting Informational Command Mode Global Configuration Command Usage Messages sent include the selected level down to Emergency level. Table 8: Logging Levels Level Argument Description Emergency System unusable Alert Immediate action needed Critical Critical conditions (e.g.
Chapter 13 | System Logging Commands Example AP(config)#logging clear AP(config)# show logging This command displays the logging configuration. Syntax show logging Command Mode Exec Example AP#show logging Logging Information ===================================================== Syslog State : ENABLE Logging Console State : DISABLE Logging Level : Debug Servers 1: 10.7.16.98, UDP Port: 514, State: DISABLE 2: 10.7.13.48, UDP Port: 514, State: DISABLE 3: 10.7.123.123, UDP Port: 65535, State: DISABLE 4: 10.
Chapter 13 | System Logging Commands AP# – 147 –
14 System Clock Commands These commands are used to configure SNTP and system clock settings on the access point.
Chapter 14 | System Clock Commands Example AP(config)#sntp-server ip 1 10.1.0.19 AP# Related Commands sntp-server enabled show sntp sntp-server enabled This command enables SNTP client requests for time synchronization with NTP or SNTP time servers specified by the sntp-server ip command. Use the no form to disable SNTP client requests.
Chapter 14 | System Clock Commands hour - Sets the hour. (Range: 0-23) minute - Sets the minute. (Range: 0-59) Default Setting 00:14:00, January 1, 1970 Command Mode Global Configuration Example This example sets the system clock to 12:10 April 27, 2009. AP(config)# sntp-server date-time 2009 4 27 12 10 AP(config)# Related Commands sntp-server enabled sntp-server daylight- This command sets the start and end dates for daylight savings time. Use the no saving form to disable daylight savings time.
Chapter 14 | System Clock Commands ◆ Using the command without setting the start and end date enables the daylight-saving feature. Example This sets daylight savings time to be used from the Sunday in the fourth week of April, to the Sunday in the fourth week of October. AP(config)# sntp-server daylight-saving date-week 4 4 0 10 4 0 AP(config)# sntp-server timezone This command sets the time zone for the access point’s internal clock.
Chapter 14 | System Clock Commands SNTP Information =========================================================== Service State : ENABLED SNTP (server 1) IP : 129.6.15.28 SNTP (server 2) IP : 132.163.4.
15 DHCP Relay Commands Dynamic Host Configuration Protocol (DHCP) can dynamically allocate an IP address and other configuration information to network clients that broadcast a request. To receive the broadcast request, the DHCP server would normally have to be on the same subnet as the client. However, when the access point’s DHCP relay agent is enabled, received client requests can be forwarded directly by the access point to a known DHCP server on another subnet.
Chapter 15 | DHCP Relay Commands Related Commands show interface wireless – 154 –
16 SNMP Commands Controls access to this access point from management stations using the Simple Network Management Protocol (SNMP), as well as the hosts that will receive trap messages.
Chapter 16 | SNMP Commands snmp-server This command defines the community access string for the Simple Network community Management Protocol. Use the no form to remove the specified community string. Syntax snmp-server community string [ro | rw] no snmp-server community string string - Community string that acts like a password and permits access to the SNMP protocol. (Maximum length: 23 characters, case sensitive) ro - Specifies read-only access.
Chapter 16 | SNMP Commands Command Mode Global Configuration Example AP(config)#snmp-server contact Paul AP(config)# Related Commands snmp-server location snmp-server location This command sets the system location string. Use the no form to remove the location string. Syntax snmp-server location no snmp-server location text - String that describes the system location.
Chapter 16 | SNMP Commands Command Mode Global Configuration Command Usage ◆ This command enables both authentication failure notifications and link-updown notifications. ◆ The snmp-server host command specifies the host device that will receive SNMP notifications. Example AP(config)#snmp-server enable server AP(config)# Related Commands snmp-server host snmp-server host This command specifies the recipient of an SNMP notification. Use the no form to remove the specified host.
Chapter 16 | SNMP Commands Example AP(config)#snmp-server host 1 10.1.19.23 batman AP(config)# Related Commands snmp-server enable server snmp-server trap This command enables the access point to send specific SNMP traps (i.e., notifications). Use the no form to disable specific trap messages. Syntax snmp-server trap no snmp-server trap trap - One of the following SNMP trap messages: sysSystemDown - The access point is about to shutdown and reboot.
Chapter 16 | SNMP Commands include - Defines a filter type that includes objects in the MIB subtree. exclude - Defines a filter type that excludes objects in the MIB subtree. subtree - The part of the MIB subtree that is to be filtered. mask - An optional hexadecimal value bit mask to define objects in the MIB subtree. Default Setting None Command Mode Global Configuration Command Usage The access point allows multiple notification filters to be created.
Chapter 16 | SNMP Commands level - The SNMPv3 security level of the group. One of the following: NoAuthNoPriv - A group using no authentication and no data encryption. Users in this group use no security, either authentication or encryption, in SNMP messages they send to the agent. AuthNoPriv - A group using authentication, but no data encryption. Users in this group send SNMP messages that use an MD5 key/ password for authentication, but not a DES key/password for encryption.
Chapter 16 | SNMP Commands username - Name of the user connecting to the SNMP agent. (Range: 1-32 characters) groupname - Name of an SNMP group to which the user is assigned. (Range: 1-32 characters) none | md5 - Uses no authentication or MD5 authentication. auth-passphrase - Authentication password. Enter a minimum of eight characters for the user. (8 – 32 characters) none | des - Uses SNMPv3 with no privacy, or with DES56 encryption. priv-passphrase - Privacy password.
Chapter 16 | SNMP Commands port-number - The UDP port that is used on the receiving management station for notifications. notification-filter-id - The name if a defined notification filter. Default Setting None Command Mode Global Configuration Command Usage ◆ The access point supports multiple SNMP v3 target IDs. ◆ The SNMP v3 user name that is specified in the target must first be configured using the snmp-server user command. Example AP(config)#snmp-server target tarname 192.168.1.
Chapter 16 | SNMP Commands ◆ Use the command more than once with the same filter ID to build a filter that includes or excludes multiple MIB objects. Note that the filter entries are applied in the sequence that they are defined. ◆ The MIB subtree must be defined in the form “.1.3.6.1” and always start with a “.”. Example AP(config)#snmp-server filter trapfilter include .1 AP(config)#snmp-server filter trapfilter exclude .1.3.6.1.2.1.2.2.1.1.
Chapter 16 | SNMP Commands Example AP# show snmp target Target List: ================================== Target ID : christraps IP Address : 192.168.1.33 User Name : chris UDP Port : 4321 Filter ID : Not Defined ================================== AP# show snmp filter This command displays the SNMP v3 notification filter settings. Syntax show snmp filter [filter-id] filter-id - A user-defined name that identifies an SNMP v3 notification filter.
Chapter 16 | SNMP Commands Example AP# show snmp SNMP Information ============================================== Service State : Enable Community (ro) : ******* Community (rw) : ******** Location : where? Contact : who? ============================================== Trap Destination List: ============================================== Trap Destination: 192.168.1.
Chapter 16 | SNMP Commands show snmp vacm This command displays the configured SNMP v3 groups. group Syntax show snmp vacm group [group-name] group-name - The name of a user-defined SNMPv3 group.
17 Flash/File Commands These commands are used to manage the system code or configuration files. Table 12: Flash/File Commands Command Function Mode Page dual-image Specifies the file or image used to start up the system GC 168 copy Copies a code image or configuration between flash memory and a FTP/TFTP server Exec 169 show dual-image Displays the name of the current operation code file that booted the system Exec 170 dual-image This command specifies the image used to start up the system.
Chapter 17 | Flash/File Commands Example AP# dual-image boot-image A Change image to A AP# copy This command copies a boot file, code image, or configuration file between the access point’s flash memory and a FTP/TFTP server. When you save the configuration settings to a file on a FTP/TFTP server, that file can later be downloaded to the access point to restore system operation. The success of the file transfer depends on the accessibility of the FTP/TFTP server and the quality of the network connection.
Chapter 17 | Flash/File Commands ◆ The destination file name should not contain slashes (\ or /), the leading letter of the file name should not be a period (.), and the maximum length for file names on the FTP/TFTP server is 255 characters or 32 characters for files on the access point. (Valid characters: A-Z, a-z, 0-9, “.”, “-”, “_”) ◆ Due to the size limit of the flash memory, the access point supports only two operation code files.
18 RADIUS Client Commands Remote Authentication Dial-in User Service (RADIUS) is a logon authentication protocol that uses software running on a central server to control access for RADIUS-aware devices to the network. An authentication server contains a database of credentials, such as users names and passwords, for each wireless client that requires access to a VAP interface. Table 13: RADIUS Client Commands Command Function Mode Page radius-server enable Enables the RADIUS server.
Chapter 18 | RADIUS Client Commands Example AP(if-wireless 0: VAP[0])# radius-server primary enable This setting has not been effective ! If want to take effect, please execute make-radius-effective command ! AP(if-wireless 0: VAP[0])# radius-server address This command specifies the primary and secondary RADIUS server address. Syntax radius-server {primary | secondary} address
address - IP address of server. Default Setting 10.7.16.Chapter 18 | RADIUS Client Commands If want to take effect, please execute make-radius-effective command ! AP(if-wireless 0: VAP[0])# radius-server shared- This command sets the RADIUS encryption key. secret Syntax radius-server {primary | secondary] shared-secret key_string - Encryption key used to authenticate logon access for client. Do not use blank spaces in the string.
Chapter 18 | RADIUS Client Commands Example AP(if-wireless 0: VAP[0])# radius-server accounting address 192.168.1.19 This setting has not been effective ! If want to take effect, please execute make-radius-effective command ! AP(if-wireless 0: VAP[0])# radius-server This command sets the RADIUS Accounting port. accounting port Syntax radius-server accounting port port - The port used by the RADIUS Accounting server.
Chapter 18 | RADIUS Client Commands Command Mode Interface Configuration (Wireless-VAP) Example AP(if-wireless 0: VAP[0])# radius-server accounting shared-secret green This setting has not been effective ! If want to take effect, please execute make-radius-effective command ! AP(if-wireless 0: VAP[0])# radius-server This command sets the interval between transmitting accounting updates to the accounting RADIUS server.
Chapter 18 | RADIUS Client Commands Example AP(if-wireless 0: VAP[0])# make-radius-effective It will take several minutes ! Please wait a while...
19 802.1X Authentication Commands The access point supports IEEE 802.1X access control for wireless clients. This control feature prevents unauthorized access to the network by requiring an 802.1X client application to submit user credentials for authentication. Client authentication is then verified by a RADIUS server using EAP (Extensible Authentication Protocol) before the access point grants client access to the network. The 802.
Chapter 19 | 802.1X Authentication Commands Example AP(if-wireless 0: VAP[0])# 802.1x enable This setting has not been effective ! If want to take effect, please execute make-security-effective command ! AP(if-wireless 0: VAP[0])# Related Commands show interface wireless 802.1x This command sets the time period after which a connected client must be rereauthentication-time authenticated. Syntax 802.1x reauthentication-time seconds - The number of seconds.
20 MAC Address Authentication Commands Use these commands to define MAC authentication on a VAP interface. For local MAC authentication, first define the default filtering policy, then enter the MAC addresses to be filtered, indicating if they are allowed or denied. For RADIUS MAC authentication, the MAC addresses and filtering policy must be configured on the RADIUS server.
Chapter 20 | MAC Address Authentication Commands Example AP(if-wireless 0: VAP[0])#mac-authentication server remote AP(if-wireless 0: VAP[0])# Related Commands mac-authentication server local address entry radius-server address mac-authentication This command sets local filtering to allow or deny listed MAC addresses.
Chapter 20 | MAC Address Authentication Commands Default None Command Mode Interface Configuration (Wireless-VAP) Command Mode ◆ The access point supports up to 1024 MAC addresses. ◆ An entry in the address table may be allowed or denied access depending on the global setting configured for the mac-authentication server local address default command.
Chapter 20 | MAC Address Authentication Commands mac-authentication This command sets the interval at which associated clients will be re-authenticated session-timeout with the RADIUS server authentication database. Use the no form to disable reauthentication. Syntax mac-authentication session-timeout no mac-authentication session-timeout seconds - Re-authentication interval.
21 Filtering Commands The commands described in this section are used to filter communications between wireless clients, control access to the management interface from wireless clients, and filter traffic using specific Ethernet protocol types.
Chapter 21 | Filtering Commands Command Mode Global Configuration Command Usage This command can disable wireless-to-wireless communications between clients via the access point. However, it does not affect communications between wireless clients and the wired network. Example AP(config)#filter local-bridge all-vap AP(config)# filter restrict- This command prevents wireless clients from accessing the management interface management on the access point. Use the no form to disable this filtering.
Chapter 21 | Filtering Commands Example AP(config)#filter dhcp enable AP(config)# filter acl-source- This command configures ACL filtering based on source MAC addresses in data address frames. Syntax filter acl-source-address {enable | disable | add | delete } enable - Key word that enables ACL filtering on the access point. disable - Key word that disables ACL filtering on the access point. add - Key word that adds a MAC address to the filter table.
Chapter 21 | Filtering Commands delete - Key word that removes a MAC address from the filter table mac-address - Specifies a MAC address in the form xx-xx-xx-xx-xx-xx. Default Disabled Command Mode Global Configuration Example AP(config)#filter acl-destination-address add 00-12-34-56-78-9a AP(config)#filter acl-destination-address enable AP(config)# filter ethernet-type This command checks the Ethernet type on all incoming and outgoing Ethernet enabled packets against the protocol filtering table.
Chapter 21 | Filtering Commands protocol - An Ethernet protocol type.
Chapter 21 | Filtering Commands – 188 –
22 Spanning Tree Commands The commands described in this section are used to set the MAC address table aging time and spanning tree parameters for both the Ethernet and wireless interfaces.
Chapter 22 | Spanning Tree Commands bridge stp service This command enables the Spanning Tree Protocol. Use the no form to disable the Spanning Tree Protocol. Syntax [no] bridge stp service Default Setting Enabled Command Mode Global Configuration Example This example globally enables the Spanning Tree Protocol. AP(config)bridge stp service AP(config) bridge stp br-conf Use this command to configure the spanning tree bridge forward time globally for forwarding-delay the wireless bridge.
Chapter 22 | Spanning Tree Commands bridge stp br-conf Use this command to configure the spanning tree bridge hello time globally for the hello-time wireless bridge. Syntax bridge stp br-conf hello-time
Chapter 22 | Spanning Tree Commands root port, a new root port is selected from among the device ports attached to the network. Example AP(config)#bridge stp max-age 40 AP(config)# bridge stp br-conf Use this command to configure the spanning tree priority globally for the wireless priority bridge. Syntax bridge stp br-conf priority priority - Priority of the bridge.
Chapter 22 | Spanning Tree Commands Command Usage Use this command to enter STP interface configuration mode. In this mode STP settings for specific VAP interfaces can be configured. Example AP(config)# bridge stp port-conf interface wireless 0 Enter Wireless configuration commands, one per line. AP(stp-if-wireless 0)# bridge-link path-cost Use this command to configure the spanning tree path cost for the Ethernet port. Syntax bridge-link path-cost cost - The path cost for the port.
Chapter 22 | Spanning Tree Commands Command Mode Interface Configuration (Ethernet) Command Usage ◆ This command defines the priority for the use of a port in the Spanning Tree Protocol. If the path cost for all ports on a wireless bridge are the same, the port with the highest priority (that is, lowest value) will be configured as an active link in the spanning tree. ◆ Where more than one port is assigned the highest priority, the port with lowest numeric identifier will be enabled.
Chapter 22 | Spanning Tree Commands Command Usage ◆ This command is used by the Spanning Tree Protocol to determine the best path between devices. Therefore, lower values should be assigned to interfaces with faster media, and higher values assigned to interfaces with slower media. ◆ Path cost takes precedence over port priority. Example AP(stp-if-wireless 0: VAP[0])# path-cost 512 AP(stp-if-wireless 0: VAP[0])# port-priority (STP This command sets the spanning tree path cost for the VAP interface.
Chapter 22 | Spanning Tree Commands Command Mode Global Configuration Command Usage The AP stores the MAC addresses for all known devices. All the addresses learned by monitoring traffic are stored in a dynamic address table. This information is used to pass traffic directly between inbound and outbound interfaces. When the MAC address table “aging time” has expired, a learned MAC address is discarded from the table.
Chapter 22 | Spanning Tree Commands Example AP# show bridge br-conf all BR0 configuration ======================================== BRIDGE MAC : 00:12:cf:a2:54:30 Priority : 32768 Hello Time : 2 Maximum Age : 20 Forward Delay : 0 ======================================== AP# show bridge port-conf This command displays spanning tree settings for specified interfaces.
Chapter 22 | Spanning Tree Commands ATH3 configuration ======================================== Link Port Priority : 32 Link Path Cost : 19 ======================================== ATH4 configuration ======================================== Link Port Priority : 32 Link Path Cost : 19 ======================================== ATH5 configuration ======================================== Link Port Priority : 32 Link Path Cost : 19 ======================================== ATH6 configuration =====================
Chapter 22 | Spanning Tree Commands Designated Bridge ID : 8000.0012cfa25430 Root Port Path Cost : 0 State : FORWARDING eth0 --- port 0x1 Port ID : 0x8001 Designated Root ID : 8000.0012cfa25430 Designated Bridge ID : 8000.0012cfa25430 Root Port Path Cost : 0 State : DISABLED ===================================================== AP# show bridge forward This command displays STP settings for forwarding MAC addesses on specified address interfaces or VLANs.
Chapter 22 | Spanning Tree Commands show bridge mac- This command displays the MAC address table aging time.
23 WDS Bridge Commands The commands described in this section are used to set the operation mode for each access point interface and configure Wireless Distribution System (WDS) forwarding table settings.
Chapter 23 | WDS Bridge Commands Default Setting None Command Mode Interface Configuration (Wireless) VAP Command Usage In WDS-STA mode, the VAP operates as a client station in WDS mode, which connects to an access point in WDS-AP mode. The user needs to specify the SSID and MAC address of the VAP to which it intends to connect.
24 Ethernet Interface Commands The commands described in this section configure connection parameters for the Ethernet port and wireless interface.
Chapter 24 | Ethernet Interface Commands dns This command specifies the address for the primary or secondary domain name server to be used for name-to-address resolution. Syntax dns {primary-server | secondary-server} primary-server - Primary server used for name resolution. secondary-server - Secondary server used for name resolution. server-address - IP address of domain-name server.
Chapter 24 | Ethernet Interface Commands Command Mode Interface Configuration (Ethernet) Command Usage ◆ DHCP is disabled by default. If DHCP is enabled, you must first disable the DHCP client with the no ip dhcp command before you manually configure a new IP address. ◆ You must assign an IP address to this device to gain management access over the network or to connect the access point to existing IP subnets.
Chapter 24 | Ethernet Interface Commands effort to learn its IP address. (DHCP values can include the IP address, subnet mask, and default gateway.) Example AP(config)#interface ethernet Enter Ethernet configuration commands, one per line. AP(if-ethernet)#ip dhcp AP(if-ethernet)# Related Commands ip address ip management This command sets the IP address for management access to the AP. address Syntax ip management address ip-address - The IP address for management access.
Chapter 24 | Ethernet Interface Commands ipv6-address - IPv6 address. netmask - Network mask for the associated IPv6 subnet. This mask identifies the host address bits used for routing to specific subnets. gateway - IPv6 address of the default gateway. Default Setting IP address: 2001:db8::1 Netmask: 64 Gateway: 2001:db8::2 Command Mode Interface Configuration (Ethernet) Command Usage ◆ DHCPv6 is disabled by default.
Chapter 24 | Ethernet Interface Commands Command Usage ◆ You must assign an IPv6 address to this device to gain management access over the network or to connect the access point to existing IPv6 subnets. You can manually configure a specific IPv6 address using the ipv6 address command, or direct the device to obtain an address from a DHCPv6 server using this command. ◆ When you use this command, the access point will begin broadcasting DHCPv6 client requests. The current IPv6 address (i.e.
Chapter 24 | Ethernet Interface Commands show interface This command displays the status for the Ethernet interface. ethernet Syntax show ethernet interface Default Setting Ethernet interface Command Mode Exec Example AP#show interface ethernet Ethernet Interface Information ======================================== IP Address : 192.168.2.10 Subnet Mask : 255.255.255.0 Default Gateway : 192.168.2.254 Primary DNS : Secondary DNS : Management IP : 192.168.1.10 Management Subnet : 255.255.255.
25 Wireless Interface Commands The commands described in this section configure connection parameters for the wireless interfaces.
Chapter 25 | Wireless Interface Commands Table 20: Wireless Interface Commands (Continued) Command Function Mode Page assoc- timeout-interval Configures the idle time interval (when no frames are sent) after which a client is disassociated from the VAP interface IC-W-VAP 224 auth- timeout-value Configures the time interval after which clients must be re-authenticated IC-W-VAP 224 multicast-enhance Enhances multicast quality for wireless clients IC-W-VAP 225 shutdown Disables the wireless i
Chapter 25 | Wireless Interface Commands interface wireless This command enters wireless interface configuration mode. Syntax interface wireless index - The index of the wireless interface. (Range: 0 or 1, where “0” is the 2.4 GHz interface and “1” the 5 GHz interface) Default Setting None Command Mode Global Configuration Example AP(config)# interface wireless 0 Enter Wireless configuration commands, one per line.
Chapter 25 | Wireless Interface Commands a-mpdu This command enables and sets the Aggregate MAC Protocol Data Unit (A-MPDU). Syntax a-mpdu {enable | disable | length | } enable - Enable A-MPDU. disable - Disable A-MPDU. length - 1024-65535 bytes. Default Setting Disabled Command Mode Interface Configuration (Wireless) Example AP(if-wireless 0)#a-mpdu enable AP(if-wireless 0)# a-msdu This command enables and sets the Aggregate MAC Service Data Unit (A-MSDU).
Chapter 25 | Wireless Interface Commands channel This command configures the radio channel through which the access point communicates with wireless clients. Syntax channel {ht20 | ht40 | auto} ht20-channel - The 802.11n 20 MHz channel number: 11ng mode: 01, 02, 03, 04, 05, 06, 07, 08, 09, 10, 11 11na mode: 36, 40, 44, 48, 52, 56, 60, 64, 100, 104, 108, 112, 116, 120, 124, 128, 132, 136, 140, 149, 153, 157, 161, 165 ht40-channel - The 802.
Chapter 25 | Wireless Interface Commands Example AP(if-wireless 0)# channel ht20 06 This setting has not been effective ! If want to take effect, please execute make-RF-setting-effective command ! AP(if-wireless 0)# transmit-power This command adjusts the power of the radio signals transmitted from the access point. Syntax transmit-power {percentage | dbm } percent-power - Signal strength as a percentage transmitted from the AP.
Chapter 25 | Wireless Interface Commands min-allowed-rate This command selects minimum allowed transmit data rates for the AP. Syntax min-allowed-rate {all | } all - Selects all available rates. cck-rate - Specifies the minimum CCK rate (2.4 GHz radio only). (Options: 1, 2, 5. 5, 11 Mbps) ofdm-rate - Specifies the minimum OFDM rate. (Options: 6, 9, 12, 18, 24, 36, 48, 54 Mbps) singlestream-rate - Specifies the minimum 802.11n single stream rate.
Chapter 25 | Wireless Interface Commands Example AP(if-wireless 0)# disable-coexist y AP(if-wireless 0)# make-rf-setting- This command implements all wireless command changes made in current CLI effective session. Syntax make-rf-setting-effective Command Mode Interface Configuration (Wireless) Example AP(if-wireless 0)# make-RF-setting-effective It will take several minutes ! Please wait a while...
Chapter 25 | Wireless Interface Commands ◆ Set the preamble to long to ensure the access point can support all 802.11b and 802.11g clients. Example AP(if-wireless 0)# preamble short-or-long This setting has not been effective ! If want to take effect, please execute make-RF-setting-effective command ! AP(if-wireless 0)# short-guard-interval This command sets the 802.11n guard interval to 400ns (short) or 800ns (long).
Chapter 25 | Wireless Interface Commands Default Setting 100 TUs Command Mode Interface Configuration (Wireless) Command Usage The beacon signals allow wireless clients to maintain contact with the access point. They may also carry power-management information.
Chapter 25 | Wireless Interface Commands stations in Power Save mode, but delays the transmission of broadcast/ multicast frames. Example AP(if-wireless 0)# dtim-period 10 This setting has not been effective ! If want to take effect, please execute make-RF-setting-effective command ! AP(if-wireless 0)# rts-threshold This command sets the packet size threshold at which a Request to Send (RTS) signal must be sent to the receiving station prior to the sending station starting communications.
Chapter 25 | Wireless Interface Commands ssid This command configures the service set identifier (SSID) of the VAP. Syntax ssid string - The name of a basic service set supported by the access point. (Range: 1 - 32 characters) Default Setting 2.
Chapter 25 | Wireless Interface Commands Example AP(if-wireless 0: VAP[0])#closed-system This setting has not been effective ! If want to take effect, please execute make-security-effective command ! AP(if-wireless 0)# max-client This command configures the maximum number of wireless clients that can associate with a radio. Syntax max-client max-clients - The maximum number associated clients for the radio.
Chapter 25 | Wireless Interface Commands Default Setting 16 Command Mode Interface Configuration (Wireless-VAP) Command Usage This command sets the total maximum number of clients that may associate with a VAP interface. If the value is greater than the setting for the maximum clients per radio (max-client command), the command does not take effect.
Chapter 25 | Wireless Interface Commands assoc-timeout- This command configures the idle time interval (when no frames are sent) after interval which the client is disassociated from the VAP interface. Syntax assoc-timeout-interval minutes - The number of minutes of inactivity before disassociation.
Chapter 25 | Wireless Interface Commands multicast-enhance This command enables a feature that improves multicast video quality for wireless clients. Use the no form to disable the feature. Syntax [no] multicast-enhance Default Setting Disabled Command Mode Interface Configuration (Wireless-VAP) Command Usage When a wireless client joins a multicast group, this feature converts multicast packets to unicast packets to improve multicast video quality.
Chapter 25 | Wireless Interface Commands interfere-chan- This command rescans channels when interference is detected on the current recover channel. Use the no form to disable the feature. Syntax [no] interfere-chan-recover Default Setting Disabled Command Mode Interface Configuration (Wireless) Command Usage When interference is detected on the current channel, the AP re-scans all channels and then changes to a new clear channel.
Chapter 25 | Wireless Interface Commands Example AP(config)# band-steering AP(config)# wlandev-interfere- This command enables the detection of nearby APs that are using the same detection channel. Use the no form to disable the feature. Syntax wlandev-interfere-detection
Chapter 25 | Wireless Interface Commands Default Setting right-left Command Mode Interface Configuration (Wireless) Example AP(if-wireless 0)# antenna-chain left This setting has not been effective ! If want to take effect, please execute make-RF-setting-effective command ! AP(if-wireless 0)# long-distance This command computes settings that allow wireless clients a long distance from the AP to maintain communications. Syntax long-distance enable - Enables the long distance settings.
Chapter 25 | Wireless Interface Commands long-distance This command computes settings that allow wireless clients a long distance from reference-data the AP to maintain communications. Syntax long-distance reference-data distance - An approximate distance in meters. (Range: 1-50000 meters) Default 0 (disabled) Command Mode Interface Configuration (Wireless) Command Usage Enter the approximate distance (in meters) of the client from the AP.
Chapter 25 | Wireless Interface Commands long-distance This command sets the acknowledge timeout for long-distance communications. acktimeout Syntax long-distance acktimeout timeout - The adjusted acknowledge timeout in microseconds.
Chapter 25 | Wireless Interface Commands disable - Disables the feature. Default Disabled Command Mode Interface Configuration (Wireless-VAP) Command Usage This command enables the rate limiting of traffic from the wired network as it is passed to the VAP interface. You can set a maximum rate in Kbytes per second.
Chapter 25 | Wireless Interface Commands bandwidth-control This command enables the uplink bandwidth control for a VAP interface. uplink Syntax bandwidth-control uplink enable - Enables the uplink bandwidth control setting. disable - Disables the feature. Default Disabled Command Mode Interface Configuration (Wireless-VAP) Command Usage This command enables the rate limiting of traffic from the VAP interface as it is passed to the wired network.
Chapter 25 | Wireless Interface Commands AP(if-wireless 0: VAP[0])# show interface This command displays the status for a specified VAP interface. wireless Syntax show interface wireless vap index - The wireless interface slot number. (Range: 0 or 1) vap-index - The number that identifies a VAP interface.
Chapter 25 | Wireless Interface Commands ----------------------------------Security---------------------------------Closed System : DISABLE WPA Function : OPEN-SYSTEM, WPA FUNCTION DISABLE WPA PSK Key Type : ascii WPA PSK Key : ******** Default Transmit Key : 1 Static WEP Keys Key 1 : ***** Key 2 : ***** Key 3 : ***** Key 4 : ***** Pre-Authentication : DISABLE -----------------------------------802.1x----------------------------------802.1x : DISABLE 802.
Chapter 25 | Wireless Interface Commands --------------------------------Radius Server-----------------------------Radius Accounting Information =================================================================== Status : DISABLED IP : 10.7.16.96 Shared Secret : ******** Port : 1813 timeout-interim : 300 =================================================================== Radius Primary Server Information =================================================================== Status : ENABLED IP : 10.7.16.
Chapter 25 | Wireless Interface Commands Wireless Interface 1 VAPs List: if-wireless 1 VAP [0] : if-wireless 1 VAP [1] : if-wireless 1 VAP [2] : if-wireless 1 VAP [3] : if-wireless 1 VAP [4] : if-wireless 1 VAP [5] : if-wireless 1 VAP [6] : if-wireless 1 VAP [7] : if-wireless 1 VAP [8] : if-wireless 1 VAP [9] : if-wireless 1 VAP [10] : if-wireless 1 VAP [11] : if-wireless 1 VAP [12] : if-wireless 1 VAP [13] : if-wireless 1 VAP [14] : if-wireless 1 VAP [15] : ======================================== AP# sh
Chapter 25 | Wireless Interface Commands if-wireless 0 Total Station if-wireless 0 Total Station if-wireless 0 Total Station if-wireless 0 Total Station if-wireless 0 Total Station if-wireless 0 Total Station VAP [10] : Number of this VAP [11] : Number of this VAP [12] : Number of this VAP [13] : Number of this VAP [14] : Number of this VAP [15] : Number of this vap: 0 vap: 0 vap: 0 vap: 0 vap: 0 vap: 0 Wireless Interface 1 VAPs List: if-wireless 1 VAP [0] : Total Station Number of this vap: if-wireless
Chapter 25 | Wireless Interface Commands Example AP#show band-steering Band Steering Status: AP# Disable – 238 –
26 Wireless Security Commands The commands described in this section configure parameters for wireless security on the VAP interfaces. Table 21: Wireless Security Commands Command Function Mode Page auth Defines the 802.
Chapter 26 | Wireless Security Commands wpa2-psk - Clients using WPA2 with a Pre-shared Key are accepted for authentication. wpa-wpa2-mixed - Clients using WPA or WPA2 are accepted for authentication. wpa-wpa2-psk-mixed - Clients using WPA or WPA2 with a Pre-shared Key are accepted for authentication Default Setting open-system Command Mode Interface Configuration (Wireless-VAP) Command Usage ◆ The auth command automatically configures settings for each authentication type, including encryption, 802.
Chapter 26 | Wireless Security Commands ◆ WPA2 defines a transitional mode of operation for networks moving from WPA security to WPA2. WPA2 Mixed Mode allows both WPA and WPA2 clients to associate to a common VAP interface. When the encryption cipher suite is set to TKIP, the unicast encryption cipher (TKIP or AES-CCMP) is negotiated for each client. The access point advertises it’s supported encryption ciphers in beacon frames and probe responses.
Chapter 26 | Wireless Security Commands Example AP(if-wireless 0: VAP[0])# encryption This setting has not been effective ! If want to take effect, please execute make-security-effective command ! AP(if-wireless 0: VAP[0])# Related Commands key key This command sets the keys used for WEP encryption. Use the no form to delete a configured key. Syntax key { | static | dynamic} no key index - Key index. (Range: 1-4) size - Key size.
Chapter 26 | Wireless Security Commands ◆ The WEP key index, length and type configured for the VAP must match those configured for clients.
Chapter 26 | Wireless Security Commands cipher-suite This command defines the cipher algorithm used to encrypt the global key for broadcast and multicast traffic when using WPA or WPA2 security. Syntax multicast-cipher aes-ccmp - Use AES-CCMP encryption for the unicast and multicast cipher. tkip - Use TKIP encryption for the multicast cipher. TKIP or AES-CCMP can be used for the unicast cipher depending on the capability of the client.
Chapter 26 | Wireless Security Commands Example AP(if-wireless 0: VAP[0])# cipher-suite tkip This setting has not been effective ! If want to take effect, please execute make-security-effective command ! AP(if-wireless 0: VAP[0])# wpa-pre-shared-key This command defines a Wi-Fi Protected Access (WPA/WPA2) Pre-shared-key. Syntax wpa-pre-shared-key hex - Specifies hexadecimal digits as the key input format.
Chapter 26 | Wireless Security Commands pmksa-lifetime This command sets the time for aging out cached WPA2 Pairwise Master Key Security Association (PMKSA) information for fast roaming. Syntax pmksa-lifetime minutes - The time for aging out PMKSA information.
Chapter 26 | Wireless Security Commands Example AP(if-wireless 0: VAP[0])# make-security-effective It will take several minutes ! Please wait a while... device eth0 left promiscuous mode br0: port 1(eth0) entering disabled state br0: port 3(ath16) entering disabled state br0: port 2(ath0) entering disabled state device ath16 left promiscuous mode br0: port 3(ath16) entering disabled state device ath0 left promiscuous mode br0: port 2(ath0) entering disabled state wlan_vap_delete : enter.
Chapter 26 | Wireless Security Commands – 248 –
27 Rogue AP Detection Commands A “rogue AP” is either an access point that is not authorized to participate in the wireless network, or an access point that does not have the correct security configuration. Rogue APs can potentially allow unauthorized users access to the network. Alternatively, client stations may mistakenly associate to a rogue AP and be prevented from accessing network resources. Rogue APs may also cause radio interference and degrade the wireless LAN performance.
Chapter 27 | Rogue AP Detection Commands Command Usage ◆ While the access point scans a channel for rogue APs, wireless clients will not be able to connect to the access point. Therefore, avoid frequent scanning or scans of a long duration unless there is a reason to believe that more intensive scanning is required to find a rogue AP.
Chapter 27 | Rogue AP Detection Commands Command Mode Interface Configuration (Wireless) Command Usage Enter the MAC address/Basic Service Set Identifier (BSSID) of known APs in the network. These MAC addresses will be filtered out of the list of detected APs during a scan. Building a database of approved APs allows the AP to discover rogue APs. Without a configured database, the AP can detect neighboring APs only, it cannot identify whether the APs are rogues.
Chapter 27 | Rogue AP Detection Commands Command Mode Interface Configuration (Wireless) Command Usage ◆ During a scan, client access may be disrupted and new clients may not be able to associate to the access point. If clients experience severe disruption, reduce the scan duration time. ◆ A long scan duration time will detect more access points in the area, but causes more disruption to client access.
Chapter 27 | Rogue AP Detection Commands rogue-ap instant-scan This command starts an immediate scan for access points on the radio interface. Default Setting Disabled Command Mode Interface Configuration (Wireless) Command Usage While the access point scans a channel for rogue APs, wireless clients will not be able to connect to the access point. Therefore, avoid frequent scanning or scans of a long duration unless there is a reason to believe that more intensive scanning is required to find a rogue AP.
Chapter 27 | Rogue AP Detection Commands – 254 –
28 Link Integrity Commands The access point provides a link integrity feature that can be used to ensure that wireless clients are connected to resources on the wired network. The access point does this by periodically sending Ping messages to a host device in the wired Ethernet network. If the access point detects that the connection to the host has failed, it disables the radio interfaces, forcing clients to find and associate with another access point.
Chapter 28 | Link Integrity Commands Response Timeout: 2 seconds Retry Counts: 5 Command Mode Global Configuration Command Usage ◆ When link integrity is enabled, the IP address of a host device in the wired network must be specified. ◆ The access point periodically sends an ICMP echo request (Ping) packet to the link host IP address. When the number of failed responses (either the host does not respond or is unreachable) exceeds the limit set by this command, the link is determined as lost.
Chapter 28 | Link Integrity Commands Example AP(config)# link-integrity link-fail-action 0 enable AP(config)# show link-integrity This command displays the current link integrity configuration. Command Mode Exec Example AP#show link-integrity Link Integrity Information =================================================================== Link integrity: disabled Destination IP: 192.168.2.
29 Link Layer Discovery Commands LLDP allows devices in the local broadcast domain to share information about themselves. LLDP-capable devices periodically transmit information in messages called Type Length Value (TLV) fields to neighbor devices. Advertised information is represented in Type Length Value (TLV) format according to the IEEE 802.1ab standard, and can include details such as device identification, capabilities and configuration settings.
Chapter 29 | Link Layer Discovery Commands lldp-transmit hold- This command configures the time-to-live (TTL) value sent in LLDP advertisements. muliplier Syntax lldp transmit hold-multiplier multiplier - The hold multiplier number.
Chapter 29 | Link Layer Discovery Commands Example AP(config)# lldp transmit interval 30 AP(config)# lldp transmit re-init- This command configures the delay before attempting to re-initialize after LLDP delay ports are disabled or the link goes down. Syntax lldp transmit re-init-delay seconds - Time in seconds.
Chapter 29 | Link Layer Discovery Commands Command Usage ◆ The transmit delay is used to prevent a series of successive LLDP transmissions during a short period of rapid changes in local LLDP MIB objects, and to increase the probability that multiple, rather than single changes, are reported in each transmission.
30 VLAN Commands The access point can enable the support of VLAN-tagged traffic passing between wireless clients and the wired network. VLAN IDs can be mapped to specific VAP interfaces, allowing users to remain within the same VLAN as they move around a campus site. Caution: When VLANs are enabled, the access point’s Ethernet port drops all received traffic that does not include a VLAN tag.
Chapter 30 | VLAN Commands ◆ Traffic entering the Ethernet port must be tagged with a VLAN ID that matches the access point’s management VLAN ID, or with a VLAN tag that matches one of the VAP default VLAN IDs. Example AP(config)# vlan enabled Warning! VLAN's status has been changed now ! It will take several seconds ! Please wait a while... AP(config)# Related Commands management-vlanid management-vlanid This command configures the management VLAN ID for the access point.
Chapter 30 | VLAN Commands native-vlanid This command configures the default VLAN ID for the LAN port interface. Syntax native-vlanid vlan-id - Default VLAN ID. (Range: 1-4094) Default Setting 1 Command Mode Global Configuration Command Usage ◆ To implement the default VLAN ID setting for the LAN port, the AP must first enable VLAN support using the vlan command. ◆ When VLANs are enabled, the AP assigns the default VLAN ID to untagged frames received on the LAN port interface.
Chapter 30 | VLAN Commands ◆ When VLANs are enabled, the access point tags frames received from wireless clients with the default VLAN ID for the VAP interface.
31 WMM Commands The access point implements QoS using the Wi-Fi Multimedia (WMM) standard. Using WMM, the access point is able to prioritize traffic and optimize performance when multiple applications compete for wireless network bandwidth at the same time. WMM employs techniques that are a subset of the IEEE 802.11e QoS standard and it enables the access point to inter-operate with both WMM-enabled clients and other devices that may lack any WMM functionality.
Chapter 31 | WMM Commands wmm-acknowledge- This command allows the acknowledgement wait time to be enabled or disabled policy for each Access Category (AC). Syntax wmm-acknowledge-policy ac_number - Access categories. (Range: 0-3) ack - Require the sender to wait for an acknowledgement from the receiver. noack - Does not require the sender to wait for an acknowledgement from the receiver.
Chapter 31 | WMM Commands AP - Access Point BSS - Wireless client ac_number - Access categories (ACs) – voice, video, best effort, and background. These categories correspond to traffic priority levels and are mapped to IEEE 802.1D priority tags as shown in Table 2 on page 81. (Range: 0-3) LogCwMin - Minimum log value of the contention window. This is the initial upper limit of the random backoff wait time before wireless medium access can be attempted.
Chapter 31 | WMM Commands Table 28: BSS Parameters WMM Parameters AC0 (Best Effort) AC1 (Background) AC2 (Video) AC3 (Voice) LogCwMin 4 4 3 2 LogCwMax 6 10 4 3 AIFS 3 7 1 1 TXOP Limit 0 0 94 47 Admission Control Disabled Disabled Disabled Disabled Command Mode Interface Configuration (Wireless) Example AP(if-wireless 0)# wmmparam ap 0 5 10 3 64 1 This setting has not been effective ! If want to take effect, please execute make-RF-setting-effective command ! AP(if-wireless 0)#
Chapter 31 | WMM Commands – 270 –
32 QoS Commands The QoS commands configure QoS priority mapping for traffic on VAP interfaces. The AP enables Wi-Fi Multimedia (WMM) 802.1d priorities to be mapped to 802.1p priorities or IP DSCP priorities. Table 29: QoS Commands Command Function Mode Page qos vap-802.1p Enables the setting of VAP traffic to a specific 802.1p priority value IC-W VAP 271 qos vap-802.1p retagged-userpriority Sets the 802.1p priority value for VAP traffic IC-W VAP 272 qos 802.1d-802.
Chapter 32 | QoS Commands Command Usage ◆ To implement this command on a VAP interface the default VLAN ID for the VAP must be set to any other value than 1. ◆ The VAP-to-802.1p priority QoS feature cannot be enabled together with the 802.1d-to-802.1p or 802.1d-to-DSCP features. Example AP(if-wireless 0: VAP[0])# qos vap-802.1p enable This setting has not been effective ! If want to take effect, please execute make-security-effective command ! AP(if-wireless 0: VAP[0])# qos vap-802.
Chapter 32 | QoS Commands qos 802.1d-802.1p This command enables the mapping of WMM 802.1d priority values to 802.1p values on a VAP interface. Syntax qos 802.1d-802.1p enable - Enables the mapping of WMM 802.1d to 802.1p priority values. disable - Disables the feature. Default Disabled Command Mode Interface Configuration (Wireless-VAP) Command Usage This QoS feature requires a QoS mapping template to be configured using the qos qos-template qos-template-priority command.
Chapter 32 | QoS Commands Command Usage ◆ The AP supports eight QoS priority mapping templates, each identified by an ID number (1 to 8). The templates also have user-defined name that can be configured using the qos qos-template qos-template-name command. ◆ The QoS priority mapping templates can be configured using the qos qostemplate qos-template-priority command. Example AP(if-wireless 0: VAP[0])# qos 802.1d-802.
Chapter 32 | QoS Commands AP(if-wireless 0: VAP[0])# qos 802.1d-dscp This command sets the mapping template to use for the WMM 802.1d to DSCP mapping-template priority mapping on a VAP interface. Syntax qos 802.1d-dscp mapping-template template-id - The identifying number of a QoS mapping template. (Range: 1-8) Default 1 Command Mode Interface Configuration (Wireless-VAP) Command Usage ◆ The AP supports eight QoS priority mapping templates, each identified by an ID number (1 to 8).
Chapter 32 | QoS Commands qos qos-template qos- This command sets the name of a QoS priority mapping template. template-name Syntax qos qos-template qos-template-name template-id - The identifying number of a QoS mapping template. (Range: 1-8) template-name - The user-defined name of a QoS mapping template.
Chapter 32 | QoS Commands Example AP(if-wireless 0: VAP[0])# qos qos-template qos-template-priority 1 10234765 AP(if-wireless 0: VAP[0])# qos qos-template qos- This command displays the user-defined QoS priority mapping templates and their template-show priority mapping configuration.
Chapter 32 | QoS Commands – 278 –
Section IV Appendices This section provides additional information and includes these items: ◆ “Troubleshooting” on page 280 – 279 –
A Troubleshooting Problems Accessing the Management Interface Table 30: Troubleshooting Chart Symptom Action Cannot connect using Telnet, web browser, or SNMP software ◆ ◆ ◆ ◆ ◆ ◆ ◆ Cannot access the CLI through a serial port connection ◆ ◆ Forgot or lost the password ◆ Be sure the AP is powered up. Check network cabling between the management station and the AP. Check that you have a valid network connection to the AP and that intermediate switch ports have not been disabled.
Appendix A | Troubleshooting Using System Logs 5. Designate the SNMP host that is to receive the error messages. 6. Repeat the sequence of commands or other actions that lead up to the error. 7. Make a list of the commands or circumstances that led to the fault. Also make a list of any error messages displayed. 8. Set up your terminal emulation software so that it can capture all console output to a file. Then enter the “show config” command to record all system settings in this file. 9.
Index of CLI Commands 802.1x enable 177 802.
Index of CLI Commands path-cost (STP Interface) 194 ping 119 pmksa-lifetime 246 port-priority (STP Interface) 195 preamble 217 prompt 123 qos 802.1d-802.1p 273 qos 802.1d-802.1p mapping-template 273 qos 802.1d-dscp 274 qos 802.1d-dscp mapping-template 275 qos qos-template qos-template-name 276 qos qos-template qos-template-priority 276 qos qos-template qos-template-show 277 qos vap-802.1p 271 qos vap-802.
Index A F authentication cipher suite 241 closed system 221 MAC address 180 type 221 filter address 180 between wireless clients 183 local bridge 183 local or remote 179 management access 184 protocol types 186 VLANs 262 firmware displaying version 136 upgrading 169 B beacon interval 218 rate 219 BOOTP 204, 205, 206, 207 C channel 214 channel coexistance, disable 216 closed system 221 community name, configuring 156 community string 156 configuration settings, saving or restoring 169 console port, req
Index O T open system 221 time zone 151 transmit power, configuring 215 trap destination 158 trap manager 158 P password configuring 125 management 125 port priority STA 193 U R V radio channel 802.11a interface 214 802.
E062013-CS-R01 149100000240A