Configuration Guide
Page 3
... Virtual LAN Identification 33 Command-Line Editing 33 Keyboard Shortcuts 33 History Buffer 34 Tabs 34 Single-Asterisk (*) Wildcard Character 34 Double-Asterisk (**) Wildcard Characters 34 Using CLI Help 34 Understanding Command Descriptions 36 2 WX SETUP METHODS Overview 37 Quick Starts 37 3Com Wireless Switch Manager ...38 CLI 38 Web Manager 38 How a WX Switch Gets its Configuration 39 Web Quick Start (WXR100, WX1200 and WX2200 Only) 40
... Virtual LAN Identification 33 Command-Line Editing 33 Keyboard Shortcuts 33 History Buffer 34 Tabs 34 Single-Asterisk (*) Wildcard Character 34 Double-Asterisk (**) Wildcard Characters 34 Using CLI Help 34 Understanding Command Descriptions 36 2 WX SETUP METHODS Overview 37 Quick Starts 37 3Com Wireless Switch Manager ...38 CLI 38 Web Manager 38 How a WX Switch Gets its Configuration 39 Web Quick Start (WXR100, WX1200 and WX2200 Only) 40
Configuration Guide
Page 4
... Parameters 40 Web Quick Start Requirements 41 Accessing the Web Quick Start 41 CLI quickstart Command 44 Quickstart Example 46 Remote WX Configuration 49 Opening the QuickStart Network Plan in 3Com Wireless Switch Manager 49 3 CONFIGURING AAA FOR ADMINISTRATIVE AND LOCAL ACCESS Overview 51 Before You Start 54 About Administrative Access 54 Access Modes 54 Types...
... Parameters 40 Web Quick Start Requirements 41 Accessing the Web Quick Start 41 CLI quickstart Command 44 Quickstart Example 46 Remote WX Configuration 49 Opening the QuickStart Network Plan in 3Com Wireless Switch Manager 49 3 CONFIGURING AAA FOR ADMINISTRATIVE AND LOCAL ACCESS Overview 51 Before You Start 54 About Administrative Access 54 Access Modes 54 Types...
Configuration Guide
Page 5
... 71 Configuring a Port Name 77 Configuring Interface Preference on a Dual-Interface Gigabit Ethernet Port (WX4400 only) 78 Configuring Port Operating Parameters 79 Displaying Port Information 81 Configuring Load-Sharing Port Groups 85 Configuring and Managing VLANs 87 Understanding VLANs in 3Com MSS 87 Configuring a ... Database 98 Removing Entries from the Forwarding Database 98 Configuring the Aging Timeout Period 99 Port and VLAN Configuration Scenario 100 6 CONFIGURING AND MANAGING IP INTERFACES AND SERVICES MTU Support 103 Configuring and Managing IP Interfaces 104 Adding an IP Interface ...
... 71 Configuring a Port Name 77 Configuring Interface Preference on a Dual-Interface Gigabit Ethernet Port (WX4400 only) 78 Configuring Port Operating Parameters 79 Displaying Port Information 81 Configuring Load-Sharing Port Groups 85 Configuring and Managing VLANs 87 Understanding VLANs in 3Com MSS 87 Configuring a ... Database 98 Removing Entries from the Forwarding Database 98 Configuring the Aging Timeout Period 99 Port and VLAN Configuration Scenario 100 6 CONFIGURING AND MANAGING IP INTERFACES AND SERVICES MTU Support 103 Configuring and Managing IP Interfaces 104 Adding an IP Interface ...
Configuration Guide
Page 6
... IP Address 108 Designating the System IP Address 108 Displaying the System IP Address 108 Clearing the System IP Address 108 Configuring and Managing IP Routes 108 Displaying IP Routes 110 Adding a Static Route 111 Removing a Static Route 112 Managing the Management Services ...) Banner 120 Prompting the User to Acknowledge the MOTD Banner 120 Configuring and Managing DNS 121 Enabling or Disabling the DNS Client 121 Configuring DNS Servers 121 Configuring a Default Domain Name 122 Displaying DNS Server Information 122 Configuring and Managing Aliases 123 Adding an Alias 123 Removing an Alias 123...
... IP Address 108 Designating the System IP Address 108 Displaying the System IP Address 108 Clearing the System IP Address 108 Configuring and Managing IP Routes 108 Displaying IP Routes 110 Adding a Static Route 111 Removing a Static Route 112 Managing the Management Services ...) Banner 120 Prompting the User to Acknowledge the MOTD Banner 120 Configuring and Managing DNS 121 Enabling or Disabling the DNS Client 121 Configuring DNS Servers 121 Configuring a Default Domain Name 122 Displaying DNS Server Information 122 Configuring and Managing Aliases 123 Adding an Alias 123 Removing an Alias 123...
Configuration Guide
Page 7
...132 Logging In to a Remote Device 132 Tracing a Route 133 IP Interfaces and Services Configuration Scenario 135 7 CONFIGURING SNMP Overview 139 Configuring SNMP 139 Setting the System Location and Contact Strings 140 Enabling SNMP Versions 140 Configuring Community Strings (SNMPv1 and ...Displaying SNMP Statistics Counters 152 8 CONFIGURING AND MANAGING MOBILITY DOMAIN ROAMING About the Mobility Domain Feature 153 Configuring a Mobility Domain 154 Configuring the Seed 154 Configuring Member WX Switches on the Seed 155 Configuring a Member 155 Configuring Mobility Domain Seed Redundancy 156 ...
...132 Logging In to a Remote Device 132 Tracing a Route 133 IP Interfaces and Services Configuration Scenario 135 7 CONFIGURING SNMP Overview 139 Configuring SNMP 139 Setting the System Location and Contact Strings 140 Enabling SNMP Versions 140 Configuring Community Strings (SNMPv1 and ...Displaying SNMP Statistics Counters 152 8 CONFIGURING AND MANAGING MOBILITY DOMAIN ROAMING About the Mobility Domain Feature 153 Configuring a Mobility Domain 154 Configuring the Seed 154 Configuring Member WX Switches on the Seed 155 Configuring a Member 155 Configuring Mobility Domain Seed Redundancy 156 ...
Configuration Guide
Page 8
... Domain Feature 165 Network Domain Seed Affinity 168 Configuring a Network Domain 169 Configuring Network Domain Seeds 169 Specifying Network Domain Seed Peers 170 Configuring Network Domain Members 171 Displaying Network Domain Information 172 Clearing Network Domain Configuration from a WX Switch 173 Clearing a Network Domain Seed from a WX Switch 173 Clearing a Network Domain Peer from a Network Domain...
... Domain Feature 165 Network Domain Seed Affinity 168 Configuring a Network Domain 169 Configuring Network Domain Seeds 169 Specifying Network Domain Seed Peers 170 Configuring Network Domain Members 171 Displaying Network Domain Information 172 Clearing Network Domain Configuration from a WX Switch 173 Clearing a Network Domain Seed from a WX Switch 173 Clearing a Network Domain Peer from a Network Domain...
Configuration Guide
Page 9
... 250 Disabling or Reenabling All Radios Using a Profile 250 Resetting a Radio to its Factory Default Settings 251 Restarting a MAP 251 Configuring Local Packet Switching on MAPs 252 Configuring Local Switching 253 Displaying MAP Information 256 Displaying MAP Configuration Information 256 Displaying Connection Information for Distributed MAPs 257 Displaying a List of Distributed MAPs that Are Not...
... 250 Disabling or Reenabling All Radios Using a Profile 250 Resetting a Radio to its Factory Default Settings 251 Restarting a MAP 251 Configuring Local Packet Switching on MAPs 252 Configuring Local Switching 253 Displaying MAP Information 256 Displaying MAP Configuration Information 256 Displaying Connection Information for Distributed MAPs 257 Displaying a List of Distributed MAPs that Are Not...
Configuration Guide
Page 10
... Portal MAP 277 Deploying the Mesh AP 277 Configuring Wireless Bridging 278 Displaying WLAN Mesh Services Information 279 13 CONFIGURING USER ENCRYPTION Overview 281 Configuring WPA 284 WPA Cipher Suites 284 TKIP Countermeasures 287 WPA Authentication Methods 288 WPA Information Element 288 Client Support 289 Configuring WPA 290 Configuring RSN (802.11i) 296 Creating a Service Profile...
... Portal MAP 277 Deploying the Mesh AP 277 Configuring Wireless Bridging 278 Displaying WLAN Mesh Services Information 279 13 CONFIGURING USER ENCRYPTION Overview 281 Configuring WPA 284 WPA Cipher Suites 284 TKIP Countermeasures 287 WPA Authentication Methods 288 WPA Information Element 288 Client Support 289 Configuring WPA 290 Configuring RSN (802.11i) 296 Creating a Service Profile...
Configuration Guide
Page 11
Enabling Dynamic WEP in a WPA Network 304 Configuring Encryption for MAC Clients 306 14 CONFIGURING RF AUTO-TUNING Overview 311 Initial Channel and Power Assignment 311 Channel and Power Tuning 312 RF Auto-Tuning Parameters 314 Changing RF Auto-Tuning ... Radios to Listen for AeroScout RFID Tags 324 Locating an RFID Tag 325 Using an AeroScout Engine 325 Using 3Com Wireless Switch Manager 325 16 CONFIGURING QUALITY OF SERVICE About QoS 327 Summary of QoS Features 327 QoS Mode 330 WMM QoS Mode 331 WMM QoS on a MAP 337 Call Admission ...
Enabling Dynamic WEP in a WPA Network 304 Configuring Encryption for MAC Clients 306 14 CONFIGURING RF AUTO-TUNING Overview 311 Initial Channel and Power Assignment 311 Channel and Power Tuning 312 RF Auto-Tuning Parameters 314 Changing RF Auto-Tuning ... Radios to Listen for AeroScout RFID Tags 324 Locating an RFID Tag 325 Using an AeroScout Engine 325 Using 3Com Wireless Switch Manager 325 16 CONFIGURING QUALITY OF SERVICE About QoS 327 Summary of QoS Features 327 QoS Mode 330 WMM QoS Mode 331 WMM QoS on a MAP 337 Call Admission ...
Configuration Guide
Page 13
...Changing the Last Member Query Interval 371 Changing Robustness 371 Enabling Router Solicitation 372 Changing the Router Solicitation Interval 372 Configuring Static Multicast Ports 372 Adding or Removing a Static Multicast Router Port 373 Adding or Removing a Static Multicast ...Receiver Port 373 Displaying Multicast Information 373 Displaying Multicast Configuration Information and Statistics 373 Displaying Multicast Queriers 375 Displaying Multicast Routers 375 Displaying Multicast Receivers 376 19 CONFIGURING AND MANAGING SECURITY ACLS About Security Access Control Lists 377 ...
...Changing the Last Member Query Interval 371 Changing Robustness 371 Enabling Router Solicitation 372 Changing the Router Solicitation Interval 372 Configuring Static Multicast Ports 372 Adding or Removing a Static Multicast Router Port 373 Adding or Removing a Static Multicast ...Receiver Port 373 Displaying Multicast Information 373 Displaying Multicast Configuration Information and Statistics 373 Displaying Multicast Queriers 375 Displaying Multicast Routers 375 Displaying Multicast Receivers 376 19 CONFIGURING AND MANAGING SECURITY ACLS About Security Access Control Lists 377 ...
Configuration Guide
Page 14
... Enabling SVP Optimization for SpectraLink Phones 404 Restricting Client-To-Client Forwarding Among IP-Only Clients 409 Security ACL Configuration Scenario 410 20 MANAGING KEYS AND CERTIFICATES Why Use Keys and Certificates? 413 Wireless Security through TLS 414 PEAP-MS-CHAP-V2 Security 414 About Keys and Certificates 415 Public Key Infrastructures...
... Enabling SVP Optimization for SpectraLink Phones 404 Restricting Client-To-Client Forwarding Among IP-Only Clients 409 Security ACL Configuration Scenario 410 20 MANAGING KEYS AND CERTIFICATES Why Use Keys and Certificates? 413 Wireless Security through TLS 414 PEAP-MS-CHAP-V2 Security 414 About Keys and Certificates 415 Public Key Infrastructures...
Configuration Guide
Page 15
...12 Object Files 429 Installing CA-Signed Certificates Using a PKCS #10 Object File (CSR) and a PKCS #7 Object File 431 21 CONFIGURING AAA FOR NETWORK USERS About AAA for Network Users 433 Authentication 433 Authorization 438 Accounting 440 Summary of AAA Features 440 AAA Tools for Network... Web Network Access 442 IEEE 802.1X Extensible Authentication Protocol Types 446 Ways a WX Switch Can Use EAP 447 Effects of Authentication Type on Encryption Method 448 Configuring 802.1X Authentication 449 Configuring EAP Offload 449 Using Pass-Through 450 Authenticating via a Local Database 450 Binding User...
...12 Object Files 429 Installing CA-Signed Certificates Using a PKCS #10 Object File (CSR) and a PKCS #7 Object File 431 21 CONFIGURING AAA FOR NETWORK USERS About AAA for Network Users 433 Authentication 433 Authorization 438 Accounting 440 Summary of AAA Features 440 AAA Tools for Network... Web Network Access 442 IEEE 802.1X Extensible Authentication Protocol Types 446 Ways a WX Switch Can Use EAP 447 Effects of Authentication Type on Encryption Method 448 Configuring 802.1X Authentication 449 Configuring EAP Offload 449 Using Pass-Through 450 Authenticating via a Local Database 450 Binding User...
Configuration Guide
Page 16
... the Location Policy 501 Clearing Location Policy Rules and Disabling the Location Policy 503 Configuring Accounting for Wireless Network Users 504 Viewing Local Accounting Records 505 Viewing Roaming Accounting Records 505 Displaying the AAA Configuration 507 Avoiding AAA Problems in Configuration Order 508 Using the Wildcard "Any" as the SSID Name in Authentication Rules...
... the Location Policy 501 Clearing Location Policy Rules and Disabling the Location Policy 503 Configuring Accounting for Wireless Network Users 504 Viewing Local Accounting Records 505 Viewing Roaming Accounting Records 505 Displaying the AAA Configuration 507 Avoiding AAA Problems in Configuration Order 508 Using the Wildcard "Any" as the SSID Name in Authentication Rules...
Configuration Guide
Page 17
... Server Groups 524 Creating Server Groups 525 Deleting a Server Group 527 RADIUS and Server Group Configuration Scenario 528 23 MANAGING 802.1X ON THE WX SWITCH Managing 802.1X on Wired Authentication Ports 531 Enabling and Disabling 802.1X Globally 531 Setting 802.1X Port Control 532 Managing 802.1X... Encryption Keys 533 Enabling 802.1X Key Transmission 533 Configuring 802.1X Key Transmission Time Intervals 533 ...
... Server Groups 524 Creating Server Groups 525 Deleting a Server Group 527 RADIUS and Server Group Configuration Scenario 528 23 MANAGING 802.1X ON THE WX SWITCH Managing 802.1X on Wired Authentication Ports 531 Enabling and Disabling 802.1X Globally 531 Setting 802.1X Port Control 532 Managing 802.1X... Encryption Keys 533 Enabling 802.1X Key Transmission 533 Configuring 802.1X Key Transmission Time Intervals 533 ...
Configuration Guide
Page 18
... a SODA Agent Logout Page 553 Specifying an Alternate SODA Agent Directory for a Service Profile 554 Uninstalling the SODA Agent Files from the WX Switch 554 Displaying SODA Configuration Information 555 25 MANAGING SESSIONS About the Session Manager 557 Displaying and Clearing Administrative Sessions 557 Displaying and Clearing All Administrative Sessions 558 Displaying...
... a SODA Agent Logout Page 553 Specifying an Alternate SODA Agent Directory for a Service Profile 554 Uninstalling the SODA Agent Files from the WX Switch 554 Displaying SODA Configuration Information 555 25 MANAGING SESSIONS About the Session Manager 557 Displaying and Clearing Administrative Sessions 557 Displaying and Clearing All Administrative Sessions 558 Displaying...
Configuration Guide
Page 19
...572 Mobility Domain Requirement 572 Summary of Rogue Detection Features 573 Configuring Rogue Detection Lists 574 Configuring a Permitted Vendor List 574 Configuring a Permitted SSID List 576 Configuring a Client Black List 577 Configuring an Attack List 578 Configuring an Ignore List 579 Enabling Countermeasures 580 Using On-Demand ...and Countermeasures Notifications 584 IDS and DoS Alerts 584 Flood Attacks 585 DoS Attacks 585 Netstumbler and Wellenreiter Applications 586 Wireless Bridge 586 Ad-Hoc Network 586 Weak WEP Key Used by Client 587 Disallowed Devices or SSIDs 587 Displaying Statistics...
...572 Mobility Domain Requirement 572 Summary of Rogue Detection Features 573 Configuring Rogue Detection Lists 574 Configuring a Permitted Vendor List 574 Configuring a Permitted SSID List 576 Configuring a Client Black List 577 Configuring an Attack List 578 Configuring an Ignore List 579 Enabling Countermeasures 580 Using On-Demand ...and Countermeasures Notifications 584 IDS and DoS Alerts 584 Flood Attacks 585 DoS Attacks 585 Netstumbler and Wellenreiter Applications 586 Wireless Bridge 586 Ad-Hoc Network 586 Weak WEP Key Used by Client 587 Disallowed Devices or SSIDs 587 Displaying Statistics...
Configuration Guide
Page 20
... the CLI 617 Command Changes During Upgrade 618 A TROUBLESHOOTING A WX SWITCH Fixing Common WX Setup Problems 619 Recovering the System When the Enable Password is Lost 622 WXR100 622 WX1200, WX2200, or WX4400 622 Configuring and Managing the System Log 623 Log Message Components 623 Logging Destinations and Levels 623 Using Log Commands...
... the CLI 617 Command Changes During Upgrade 618 A TROUBLESHOOTING A WX SWITCH Fixing Common WX Setup Problems 619 Recovering the System When the Enable Password is Lost 622 WXR100 622 WX1200, WX2200, or WX4400 622 Configuring and Managing the System Log 623 Log Message Components 623 Logging Destinations and Levels 623 Using Log Commands...
Configuration Guide
Page 21
...ARP Information 636 Port Mirroring 637 Configuration Requirements 637 Configuring Port Mirroring 637 Displaying the Port Mirroring Configuration 637 Clearing the Port Mirroring Configuration 637 Remotely Monitoring Traffic 638 How Remote Traffic Monitoring Works 638 Best Practices for Remote Traffic Monitoring 639 Configuring a Snoop Filter 639 Mapping a...-support Command 645 Core Files 646 Debug Messages 647 Sending Information to 3Com Technical Support 648 B ENABLING AND LOGGING INTO WEB VIEW System Requirements 649 Browser Requirements 649 WX Switch Requirements 649 Logging Into Web View 650
...ARP Information 636 Port Mirroring 637 Configuration Requirements 637 Configuring Port Mirroring 637 Displaying the Port Mirroring Configuration 637 Clearing the Port Mirroring Configuration 637 Remotely Monitoring Traffic 638 How Remote Traffic Monitoring Works 638 Best Practices for Remote Traffic Monitoring 639 Configuring a Snoop Filter 639 Mapping a...-support Command 645 Core Files 646 Debug Messages 647 Sending Information to 3Com Technical Support 648 B ENABLING AND LOGGING INTO WEB VIEW System Requirements 649 Browser Requirements 649 WX Switch Requirements 649 Logging Into Web View 650
Configuration Guide
Page 22
C SUPPORTED RADIUS ATTRIBUTES Attributes 651 Supported Standard and Extended Attributes 652 3Com Vendor-Specific Attributes 659 D TRAFFIC PORTS USED BY MSS E DHCP SERVER How the MSS DHCP Server Works 664 Configuring the DHCP Server 665 Displaying DHCP Server Information 666 F OBTAINING SUPPORT FOR YOUR 3COM PRODUCTS Register Your Product to Gain Service Benefits 667 Solve Problems Online 667 Purchase Extended Warranty and Professional Services 668 Access Software Downloads 668 Contact Us 668 Telephone Technical Support and Repair 669 GLOSSARY INDEX COMMAND INDEX
C SUPPORTED RADIUS ATTRIBUTES Attributes 651 Supported Standard and Extended Attributes 652 3Com Vendor-Specific Attributes 659 D TRAFFIC PORTS USED BY MSS E DHCP SERVER How the MSS DHCP Server Works 664 Configuring the DHCP Server 665 Displaying DHCP Server Information 666 F OBTAINING SUPPORT FOR YOUR 3COM PRODUCTS Register Your Product to Gain Service Benefits 667 Solve Problems Online 667 Purchase Extended Warranty and Professional Services 668 Access Software Downloads 668 Contact Us 668 Telephone Technical Support and Repair 669 GLOSSARY INDEX COMMAND INDEX
Configuration Guide
Page 23
...Information note Information that describes important features or instructions Caution Information that are configuring the WXR100, WX1200, WX4400, or WX2200. ABOUT THIS GUIDE Conventions This guide describes the configuration commands for System integrators who are used throughout this guide, follow the ... loss of data or potential damage to an application, system, or device This guide is intended for the 3Com Wireless LAN Switch WXR100, WX1200, or 3Com Wireless LAN Controller WX4400, WX2200. If release notes are shipped with your product and the information there differs from the...
...Information note Information that describes important features or instructions Caution Information that are configuring the WXR100, WX1200, WX4400, or WX2200. ABOUT THIS GUIDE Conventions This guide describes the configuration commands for System integrators who are used throughout this guide, follow the ... loss of data or potential damage to an application, system, or device This guide is intended for the 3Com Wireless LAN Switch WXR100, WX1200, or 3Com Wireless LAN Controller WX4400, WX2200. If release notes are shipped with your product and the information there differs from the...