Your SlideShare is downloading. ×
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Motorola ws2000 wireless switch cli reference guide
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Motorola ws2000 wireless switch cli reference guide

1,015

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,015
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. MWS2000 Wireless Switch CLI Reference Guide
  • 2. © 2009 Motorola, Inc. All rights reserved.MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. Symbol is a registeredtrademark of Symbol Technologies, Inc. All other product or service names are the property of their respective owners.
  • 3. ContentsChapter 1: Product Overview 1.1 WS2000 Wireless Switch CLI Reference Guide. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1 1.2 System Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4 1.3 Hardware Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5 1.4 Software Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-7Chapter 2: Admin and Common Commands 2.1 Common Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2 ? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3 help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4 quit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5 save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6 .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-7 / . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8 2.2 Admin Menu Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9 passwd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10 summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11Chapter 3: Network CLI Commands Reference 3.1 network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1 3.2 Network AP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3 ap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4 copydefaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-5 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-6 forget . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-8 remap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9 reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-10 revert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-11 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-12 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15 3.3 Network AP Default Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-17 default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-17 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-18 loadfromcf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-20
  • 4. TOC-2 WS2000 Wireless Switch CLI Reference Guide show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-21 3.4 Network AP Test Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22 test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-22 new . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-23 3.5 Network AP Selfheal commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24 selfheal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-25 detect-neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-26 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-27 del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-28 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-29 3.6 Network AP Denyap Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-30 denyap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-30 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-31 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-32 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-33 3.7 Network AP Smartscan Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-34 smartscan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-34 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-35 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-36 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-37 3.8 Network AP Test Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-38 test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-38 new . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-39 3.9 Network AP Mesh Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-40 mesh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-40 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-41 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-43 del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-44 preferred-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-45 available-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-46 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-47 3.10 Network DCHP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-48 dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-48 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-49 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-50 3.11 Network Firewall Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-51 fw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-51 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-52 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-54 timeradd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-55 timerdel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-56 timerlist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-57 timerset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-58 3.12 Network Firewall Intrusion Prevention System Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-59 ips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-59 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-60 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-62
  • 5. TOC-33.13 Network Firewall Policy Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-64 policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-64 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-653.14 Network Firewall Policy Inbound Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-66 inbound . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-66 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-67 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-68 insert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-69 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-70 move . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-71 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-723.15 Network Firewall Policy Outbound Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-73 outbound . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-73 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-74 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-75 insert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-76 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-77 move . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-78 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-793.16 Network Firewall Submap Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-80 submap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-80 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-81 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-83 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-84 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-85 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-863.17 Network LAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-87 lan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-87 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-88 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-90 updateDNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-91 updateAllDNS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-923.18 Network LAN DHCP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-93 dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-93 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-94 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-95 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-96 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-97 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-99 renew . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1003.19 Network LAN Bridge commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-101 bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-101 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-102 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1043.20 Network QoS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-105 qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-105 clear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-106 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-107
  • 6. TOC-4 WS2000 Wireless Switch CLI Reference Guide show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-108 3.21 Network Router Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-109 router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-109 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-110 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-111 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-112 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-113 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-114 3.22 Network VLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-115 vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-115 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-116 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-117 3.23 Network WAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-118 wan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-118 renew . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-119 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-120 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-122 3.24 Network WAN App Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-123 app . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-123 addcmd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-124 delcmd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-126 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-128 3.25 Network WAN DynDNS Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-129 dyndns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-129 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-130 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-131 update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-132 3.26 Network WAN L2TPVPN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-133 l2tpvpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-133 show-connected-users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-134 3.27 Network WAN L2TPVPN LNS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-135 lns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-135 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-136 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-138 3.28 Network WAN L2TPVPN Users Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-139 users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-139 add-user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-140 delete-user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-141 delete-all-users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-142 show-user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-143 show-all-users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-144 3.29 Network WAN TrunkIPFPolicy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-145 trunkipfpolicy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-145 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-146 del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-147 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-148 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-149
  • 7. TOC-53.30 Network WAN NAT Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-150 nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-150 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-151 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-152 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-153 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-154 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1553.31 Network WAN VPN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-156 vpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-156 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-157 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-158 ikestate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-159 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-160 reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-161 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-162 stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1673.32 Network WAN VPN Cmgr Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-168 cmgr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-168 delca . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-169 delprivkey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-170 delself . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-171 expcert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-172 export-req . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-173 genreq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1743.33 Network WAN VPN Cmgr impcert Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-175 impcert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-175 listca . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-176 listprivkey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-177 listself . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-178 loadca . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-179 loadself . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-180 showreq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1813.34 Network WLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-182 wlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-182 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-183 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-184 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-185 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-186 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1913.35 Network WLAN Rogue AP Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-193 rogueap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-193 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-194 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-1953.36 Network WLAN Rogue AP Approvedlist Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-196 approvedlist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-196 ageoute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-197 approve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-198 erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-199
  • 8. TOC-6 WS2000 Wireless Switch CLI Reference Guide show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-200 3.37 Network WLAN Rogue AP Roguelist Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-201 roguelist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-201 ageout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-202 approve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-203 erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-204 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-205 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-206 deauth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-207 3.38 Network WLAN Rogue AP Rogue List Locate Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-208 locate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-208 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-209 start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-210 3.39 Network WLAN Rogue AP Rogue List MU Scan Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-211 muscan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-211 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-212 start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-213 3.40 Network WLAN Rogue AP Rule List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-214 rulelist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-214 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-215 authsymbolap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-216 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-217 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-218 3.41 Network WLAN Enhanced Rogue AP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-219 enhancedrogueap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-219 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-220 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-221 3.42 Network WLAN MU Probe Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-222 muprobe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-222 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-223 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-224 3.43 Network WLAN Hotspot Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-225 hotspot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-225 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-226 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-228 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-229 3.44 Network WLAN Hotspot RADIUS commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-230 radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-230 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-231 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-232 3.45 Network WLAN Hotstpot White-list Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-234 white-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-234 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-235 clear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-236 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-237 3.46 Network WLAN WLAN IP Fiter Policy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-238 wlanipfpolicy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-238
  • 9. TOC-7 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-239 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-240 del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-241 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2423.47 Network Port Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-243 port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-243 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-244 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2453.48 Network IP Filter Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-246 ipfilter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-246 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-247 del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-248 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2493.49 Network WIPS Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-250 wips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-250 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-251 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-252 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-253 convert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-254 revert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-255 update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2563.50 Network WIPS Default commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-257 defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-257 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-258 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2593.51 Network WIDS Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-260 wids . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-260 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-261 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-262 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2663.52 Network URL Filter Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-267 urlfilter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-267 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-268 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2693.53 Network URL Filter Keyword Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-270 keyword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-270 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-271 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-272 removeall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-273 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2743.54 Network URL Filter White list Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-275 whitelist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-275 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-276 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-277 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2783.55 Network URL Filter Black List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-279 blacklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-279 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-280
  • 10. TOC-8 WS2000 Wireless Switch CLI Reference Guide delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-281 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-282 3.56 Network URL Filter Trusted IP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-283 trustip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-283 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-284 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-285 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-286Chapter 4: System CLI Commands Reference 4.1 system. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-1 lastpw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2 exec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3 4.2 System Authentication Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4 authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-4 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-5 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-6 4.3 System Authentication RADIUS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7 radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-7 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-8 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-9 4.4 System Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10 config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-10 default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-11 export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-12 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-14 partial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-15 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-16 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-18 update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-19 sensor-fw-update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-20 loadtocf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-21 4.5 System Logs Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-22 logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-22 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-23 send . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-24 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-25 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-26 view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-27 4.6 System NTP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-28 ntp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-28 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-29 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-30 date-zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-31 zone-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-32 4.7 System RADIUS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-33 radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-33 generate-dh-param . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-34 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-35
  • 11. TOC-9 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-364.8 System RADIUS Client Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-37 client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-37 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-38 del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-39 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-404.9 System RADIUS EAP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-41 eap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-41 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-42 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-43 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-444.10 System RADIUS EAP PEAP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-45 peap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-45 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-46 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-474.11 System RADIUS EAP TTLS Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-48 ttls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-48 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-49 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-504.12 System RADIUS LDAP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-51 ldap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-51 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-52 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-54 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-55 join . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-564.13 System RADIUS Policy Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-57 policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-57 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-58 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-594.14 System RADIUS Proxy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-60 proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-60 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-61 del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-62 clearall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-63 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-64 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-654.15 System Redundancy Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-66 redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-66 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-67 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-694.16 System SNMP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-70 snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-704.17 System SNMP Access Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-71 access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-71 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-72 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-74 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-76
  • 12. TOC-10 WS2000 Wireless Switch CLI Reference Guide show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-77 4.18 System SNMP Traps Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-78 traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-78 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-79 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-81 list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-82 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-83 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-87 4.19 System SSH Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-89 ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-89 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-90 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-91 4.20 System User Database Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-92 userdb . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-92 4.21 System User Database Group Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-93 group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-93 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-94 create . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-95 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-96 clearall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-98 remove . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-99 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-100 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-102 4.22 System User Database User Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-103 user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-103 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-104 del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-105 clearall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-106 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-107 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-108 4.23 System User Database User Guest commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-109 guest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-109 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-110 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-111 clear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-112 4.24 System WS2000 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-113 WS2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-113 add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-114 delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-115 restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-116 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-117 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-121 4.25 System CF commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-122 cf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-122 ls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-123 4.26 System HTTP commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-124 http . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-124 import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-125
  • 13. TOC-11 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-126 4.27 System Test Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-127 test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-127 set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-128 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-129Chapter 5: Statistics Commands 5.1 stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-1 5.2 Stats Show Command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2 5.3 Statistics RF Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5 rf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-5 reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-6 show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-7
  • 14. TOC-12 WS2000 Wireless Switch CLI Reference Guide
  • 15. Product Overview 1.1 WS2000 Wireless Switch CLI Reference Guide This guide is intended to support administrators responsible for understanding, configuring and maintaining the Wireless Switch. This document provides information for the system administrator to use the command line interface during the initial setup and configuration of the system. It also serves as a reference guide for the administrator to use while updating or maintaining the system.1.1.1 About this Document This document contains information on all command that configure the WS2000 Wireless Switch. To view the command syntax and a brief help on each command on your WS2000 Wireless Switch console, use the following syntax: admin> <command> ? We recommend viewing this Command Line Reference Guide with Adobe Acrobat 5.0 or higher.
  • 16. 1-2 WS2000 Wireless Switch CLI Reference Guide 1.1.2 Document ConventionsNotes and Warnings NOTE: Indicates special tips or requirements CAUTION: Indicates a condition that can cause equipment damage or data loss WARNING! Indicates a condition or procedure that could result in personal injury or equip- ment damageCLI Conventions command / keyword The first word is always a command. Keywords are words that must be entered as is. Commands and keywords are mandatory. For example, the command, admin(network.wan)> show ip 1 is documented as show ip <idx> where: • show – The command • ip – The keyword <variable> Variables are described with a short description enclosed within a ‘<‘ and a ‘>’ pair. For example, the command, admin(network.wan)> show ip 1 is documented as show ip <idx> where: • show – The command – Display information. • ip – The keyword – The IP address • <idx> – The variable – WAN Index value.
  • 17. Product Overview 1-3| The pipe symbol. This is used to separate the variables/keywords in a list. For example, the command admin(network.wan.vpn)> set ..... is documented as set [ike|type|sub|remip|......] where: • set – The command • [ike|type|sub|remip|...] – Indicates the different commands that can be combined with the set command. However, only one of the above list can be used at a time. set ike ... set type ... set sub ... set remip ...[] Of the different keywords and variables listed inside a ‘[‘ & ‘]’ pair, only one can be used. Each choice in the list is separated with a ‘|’ (pipe) symbol. For example, the command admin(network.wan)> show ... is documented as show [ip|pppoe] where: • show – The command • [ip|pppoe] – Indicates that two keywords are available for this command and only one can be used at a time{} Any command/keyword/variable or a combination of them inside a ‘{‘ & ‘}’ pair is optional. All optional commands follow the same conventions as listed above. However they are displayed italicized. For example, the command admin(network.wan.vpn)> list .... is documented as list {<name>} Here: • list – The command. This command can also be used as list • {<name>} – The optional variable <name>.. The command can also be extended as list vpn_tunnel_01 Here the value vpn_tunnel_01 is an optional tunnel name.values Values to be entered as shown in Blue. For example, the command admin(network.wan)> show ip .... is documented as show ip <idx> This command’s parameter <idx> is described as under: “<idx> – <idx> (1-8) is the Wlan Index.”
  • 18. 1-4 WS2000 Wireless Switch CLI Reference Guide 1.2 System Overview The WS2000 Wireless Switch provides a low-cost, feature-rich option for sites with one to six Access Ports. The WS2000 Wireless Switch works at the center of a network’s infrastructure to seamlessly and securely combine wireless LANs (WLANs) and wired networks. The switch sits on the network. Wireless Access Ports connect to one of the six available ports on the switch and the external wired network (WAN) connects to a single 10/100 Mbit/sec. WAN port. Mobile units (MUs) associate with the switch via an Access Port. When an MU contacts the switch, the switch cell controller services attempt to authenticate the device for access to the network. The WS2000 Wireless Switch acts as a WAN/LAN gateway and a wired/wireless switch. 1.2.1 Management of Access Ports This wireless switch provides six 10/100 Mbit/sec. LAN ports for internal wired or wireless traffic. Four of these ports provide IEEE 802.3af-compliant Power over Ethernet (PoE) support for devices that require power from the Ethernet connection (such as Access Ports). Administrators can configure the six ports to communicate with a private LAN or with an Access Port for a wireless LAN (WLAN). The switch provides up to four extended service set identifiers (ESSIDs) for each Access Port connected to the switch. 1.2.1.1 Firewall Security The LAN and Access Ports are placed behind a user-configurable firewall that provides stateful packet inspection. The wireless switch performs network address translation (NAT) on packets passing to and from the WAN port. This combination provides enhanced security by monitoring communication with the wired network. 1.2.1.2 Wireless LAN (WLAN) Security Administrators can configure security settings independently for each ESSID. Security settings and protocols available with this switch include: • Kerberos • WEP-64 • WEP-128 • 802.1x with RADIUS • 802.1x with Shared Key • KeyGuard • WPA/WPA2-TKIP • WPA2/CCMP (802.11i) 1.2.1.3 VPN Security Virtual Private Networks (VPNs) are IP-based networks that use encryption and tunneling to give users remote access to a secure LAN. In essence, the trust relationship is extended from one LAN across the public network to another LAN, without sacrificing security. A VPN behaves similarly to a private network; however, because the data travels through the public network, it needs several layers of security. The WS2000 Wireless Switch acts as a robust VPN gateway.
  • 19. Product Overview 1-5 1.3 Hardware Overview The WS2000 Wireless Switch provides a fully integrated solution for managing every aspect of connecting wireless LANs (WLANs) to a wired network. This wireless switch can connect directly to a cable or DSL modem, and can also connect to other wide area networks through a Layer 2/3 device (such as a switch or router). The switch includes the following features: • One WAN (RJ-45) port for connection to a DSL modem, cable modem, or any other Layer 2/3 network device. • Six 10/100 Mbit/sec. LAN (RJ-45) ports: four ports provide 802.3af “Power over Ethernet” (PoE) support; the other two do not provide power. • Each port has two LEDs, one indicating the speed of the transmission (10 or 100 Mbit/sec.), the other indicating whether there is activity on the port. The four LAN ports with PoE have a third LED that indicates whether power is being delivered over the line to a power device (such as an Access Port). (See the WS 2000 Wireless Switch LED explanation for more information on the meaning of the different state of the LEDs.) • A DB-9 serial port for direct access to the command-line interface from a PC. Use Symbol’s Null-Modem cable (Part No. 25-632878-0) for the best fitting connection. • A CompactFlash slot that provides AirBEAM® support.1.3.1 Technical Specifications1.3.1.1 Physical Specifications • Width: 203 mm • Height: 38 mm • Depth: 286 mm • Weight: 0.64 kg1.3.1.2 Power Specifications • Maximum Power Consumption: 90-256 VAC, 47-63 Hz, 3A • Operating Voltage: 48 VDC • Operating Current: 1A • Peak Current: 1.6A1.3.1.3 Environmental Specifications • Operating Temperature: 0ºC to 40ºC • Storage Temperature: -40ºC to 70ºC • Operating Humidity: 10% to 85% Non-condensing • Storage Humidity: 10% to 85% Non-condensing • Operating Altitude: 2.4 Km • Storage Altitude: 4.6 km
  • 20. 1-6 WS2000 Wireless Switch CLI Reference Guide 1.3.2 WS 2000 Wireless Switch LED Functions The switch has a large blue LED on the right front that indicates that the switch is powered on. Each port on the WS 2000 Wireless Switch has either two or three LEDs that indicate the status of the port. Ports 1-4, which supply 802.3af Power over Ethernet (PoE), have three LEDs. The remaining two non-powered LAN ports and the WAN port have two LEDs. Location Function Upper left LED This LED is present on all ports and indicates the speed of the transmissions through the port. The LED is on when the transmission rate is 100 Mbit per second (100BaseT). The light is off when the transmission rate is 10 Mbit per second. Upper right LED This LED indicates activity on the port. This light is solid yellow when a link to a device is made. The light flashes when traffic is being transferred over the line. Lower LED This LED is only present on Ports 1-4. These ports provide 802.3af Power over Ethernet (PoE) support to devices (such as Access Ports). The LED has several states: OFF—A non-power device (or no device) is connected; no power is being delivered. GREEN—The switch is delivering 48 volts to the power device connected to that port. RED—There was a valid PoE connection; however, the switch has detected that the power device is faulty. The red light will remain until a non-faulty connection is made to the port.
  • 21. Product Overview 1-7 1.4 Software Overview The WS2000 Wireless Switch software provides a fully integrated solution for managing every aspect of connecting Wireless LANs (WLANs) to a wired network, and includes the following components:1.4.1 Operating System (OS) Services Operating System (OS) Services determine how the WS2000 Wireless Switch communicates with existing network and operating system-centric software services, including: • Dynamic Host Configuration Protocol (DHCP) • Telnet and File Transfer Protocol (FTP/TFTP) servers • The Simple Network Time Protocol (SNTP) client, used to keep switch time synchronized for Kerberos authentication • A mechanism for setting up a redundant (secondary) switch that takes over if the primary switch fails1.4.2 Cell Controller Services The Cell Controller provides the ongoing communication between mobile units (MUs) on the Wireless LAN (WLAN) and the wired network. Cell Controller services perform the following: • Initialize the Access Ports • Maintain contact with Access Ports by sending a synchronized electronic “heartbeat” at regular intervals • Track MUs when they roam from one location to another • Manage security schemes based on system configuration • Maintain system statistics • Store policies and Access Port information • Detect and manage rogue Access Ports • Management of communications QoS1.4.3 Gateway Services Gateway services provide interconnectivity between the Cell Controller and the wired network, and include the following: • System management through a Web-based Graphical User Interface (GUI) and SNMP • 802.1x RADIUS client • Security, including Secure Sockets Layer (SSL) and Firewall • Network Address Translation (NAT), DHCP services, and Layer 3 Routing • Virtual Private Network (VPN)
  • 22. 1-8 WS2000 Wireless Switch CLI Reference Guide
  • 23. Admin and Common CommandsThe term Common Commands is used to indicate that these commands are available through the WS2000Wireless Switch’s CLI. These commands provide easy access to help, navigation, and to save configurationchanges.This chapter also lists of commands available at the admin menu.• Common Commands• Admin Menu Commands
  • 24. 2-2 WS2000 Wireless Switch System Reference Guide 2.1 Common Commands Admin and Common Commands The following commands are available through the WS2000 CLI. Command Description Ref. ? Displays the list of commands in the current menu. page 2-3 help Displays general user interface help. page 2-4 save Saves the configuration to the system flash. page 2-6 quit Quits the CLI. page 2-5 .. Goes to the parent menu. page 2-7 / Goes to the root menu. page 2-8
  • 25. Admin and Common Commands 2-32.1.1 ? Command ? Common Commands Displays the commands available under the admin menu. Syntax ? Parameters None Example admin> ? admin>? help : display general user interface help passwd : change password summary : show system summary network : go to network sub menu stats : go to stats sub menu system : go to system sub menu save : save cfg to system flash quit : quit cli .. : go to parent menu / : go to root menu
  • 26. 2-4 WS2000 Wireless Switch System Reference Guide 2.1.2 help Command help Common Commands Displays general CLI user interface help. Syntax help Parameters None Example admin>help ? : display command help - Eg. ?, show ?, s? <ctrl-q> : go backwards in command history <ctrl-p> : go forwards in command history * Note : commands can be incomplete - Eg. sh = sho = show
  • 27. Admin and Common Commands 2-52.1.3 quit Command quit Common Commands Quits the command line interface. Requires you to logon again. This command appears in all the submenus under admin menu. In each case, it has the same function, to exit out of the CLI. Syntax quit Parameters None Example admin>quit
  • 28. 2-6 WS2000 Wireless Switch System Reference Guide 2.1.4 save Command save Common Commands Saves the configuration to system flash. This command appears in all of the submenus under admin. In each case, it has the same function, to save the configuration. The save command must be issued before leaving the CLI for the settings to be retained. Syntax save Parameters none Example admin> save admin>
  • 29. Admin and Common Commands 2-72.1.5 .. Command .. Common Commands Displays the parent menu of the current menu. This command appears in all of the submenus under admin. In each case, it has the same function, to move up one level in the directory structure. Syntax .. Parameters None Example admin(network.ap) .. admin(network) admin(network) .. admin>
  • 30. 2-8 WS2000 Wireless Switch System Reference Guide 2.1.6 / Command / Common Commands Displays the root menu, that is, the top-level CLI menu. This command appears in all of the submenus under admin. In each case, it has the same function, to move up to the top level in the directory structure. Syntax / Parameters None Example admin(network.wan.nat)> / admin>
  • 31. Admin and Common Commands 2-92.2 Admin Menu Commands Admin and Common Commands The following commands are only available at the admin menu. Command Description Ref. passwd Changes the admin password. page 2-10 summary Displays a system summary. page 2-11 network Goes to the network menu. page 3-1 system Goes to the system menu. page 4-1 stats Goes to the statistics menu. page 5-1
  • 32. 2-10 WS2000 Wireless Switch System Reference Guide 2.2.1 passwd Command passwd Admin Menu Commands Changes the password for the administrative logins - admin, guest-admin, and manager. Syntax passwd [admin|manager|guest-admin] Parameters passwd Passwords for the Administrator, Guest-admin, and Manager accounts [admin|manager|guest-admin] can be changed. To change password, type the old password once and the new password twice at their respective prompts. Passwords can be up to 11 characters. Example: admin>passwd admin Old Admin Password:****** New Admin Password:****** Verify Admin Password:******
  • 33. Admin and Common Commands 2-112.2.2 summary Command summary Admin Menu Commands Displays system summary for the WS2000 Wireless Switch. The information displayed includes high-level characteristics and settings for WAN, subnet, and WLAN. Syntax summary Parameters None Example admin> summary System Information WS2000 firmware version : 2.4.0.0-005X country code : us WLAN 1 Information ess identifier : Bharat wlan mode : enable vlan_id : 1 enc type : none auth type : none WLAN 2 Information ess identifier : 102 wlan mode : disable vlan_id : 2 enc type : none auth type : none WLAN 3 Information ess identifier : 103 wlan mode : disable vlan_id : 3 enc type : none auth type : none WLAN 4 Information ess identifier : 104 wlan mode : disable vlan_id : 4 enc type : none auth type : none
  • 34. 2-12 WS2000 Wireless Switch System Reference Guide WLAN 5 Information ess identifier : 105 wlan mode : disable vlan_id : 5 enc type : none auth type : none WLAN 6 Information ess identifier : 106 wlan mode : disable vlan_id : 6 enc type : none auth type : none WLAN 7 Information ess identifier : 107 wlan mode : disable vlan_id : 7 enc type : none auth type : none WLAN 8 Information ess identifier : 108 wlan mode : disable vlan_id : 8 enc type : none auth type : none Subnet 1 Information subnet interface : enable ip address : 192.168.0.50 network mask : 255.255.255.0 dhcp mode : server default gateway : 192.168.0.50 ports : port1 port2 port3 port4 port5 port6 wlan : wlan1 Subnet 2 Information subnet interface : disable ip address : 192.168.1.1 network mask : 255.255.255.0 dhcp mode : server default gateway : 192.168.1.1 ports : wlan : wlan2
  • 35. Admin and Common Commands 2-13Subnet 3 Informationsubnet interface : disableip address : 192.168.2.1network mask : 255.255.255.0dhcp mode : serverdefault gateway : 192.168.2.1ports :wlan : wlan3Subnet 4 Informationsubnet interface : disableip address : 192.168.3.1network mask : 255.255.255.0dhcp mode : serverdefault gateway : 192.168.3.1ports :wlan : wlan4Subnet 5 Informationsubnet interface : disableip address : 192.168.4.1network mask : 255.255.255.0dhcp mode : serverdefault gateway : 192.168.4.1ports :wlan :Subnet 6 Informationsubnet interface : disableip address : 192.168.5.1network mask : 255.255.255.0dhcp mode : serverdefault gateway : 192.168.5.1ports :
  • 36. 2-14 WS2000 Wireless Switch System Reference Guide
  • 37. Network CLI Commands Reference Network commands are used to configure the different network parameters of the WS2000 Wireless Switch.3.1 network Admin Menu Commands Use the network command to go the Network menu. admin> network admin(network)> The following commands are available under the Network menu: Command Description Ref. ap Goes to the Access Port Submenu. page 3-3 dhcp Goes to the DHCP Submenu page 3-48 fw Goes to the Firewall Submenu page 3-51 ipfilter Goes to the IP Filter Submenu page 3-234 lan Goes to the LAN Submenu page 3-87 port Goes to the Port Submenu page 3-231 qos Goes to the QOS Submenu page 3-105 router Goes to the Router Submenu page 3-109 urlfilter Goes to the URL Filter Submenu page 3-255 vlan Goes to the VLAN Submenu page 3-115 wan Goes to the WAN Submenu page 3-118 wids Goes to the WIDS Submenu page 3-248 wips Goes to the WIPS Submenu page 3-238 wlan Goes to the WLAN Submenu page 3-170 save Saves the configuration to system flash page 2-6 quit Quits the CLI page 2-5 .. Goes to the parent menu page 2-7 / Goes to the root menu page 2-8
  • 38. 3-2 WS2000 Wireless Switch System Reference Guide
  • 39. Network CLI Commands Reference 3-33.2 Network AP Commands ap network Displays the Access Port submenu. The functionality provided by this menu is supplied by various screen under the Wireless menu item of the Web interface. Syntax admin(network)> ap admin(network.ap)> The items available under this command are shown below. Command Description Ref add Adds entries to the Access Port adoption list. page 3-4 copydefaults Copies default AP settings to a connected AP. page 3-5 default Goes to the default submenu. page 3-17 delete Deletes entries from the Access Port adoption lists. page 3-6 denyap Goes to the Deny AP submenu page 3-30 forget Forgets AP parameters page 3-7 list Lists entries in the Access Port adoption list. page 3-8 mesh Goes to the Mesh submenu page 3-40 remap Remaps channels for the AP in auto mode. page 3-9 reset Resets an Access Port. page 3-10 revert Reverts AP to Access Point (AP4131 or AP4121) page 3-11 selfheal Goes to the Self-heal submenu page 3-24 set Sets Access Port parameters. page 3-12 show Shows Access Port parameters. page 3-15 smartscan Goes to the Smart scan submenu page 3-34 test Goes to the test submenu. page 3-38 save Saves the configuration to system flash page 2-6 quit Quits the CLI page 2-5 .. Goes to the parent menu page 2-7 / Goes to the root menu page 2-8
  • 40. 3-4 WS2000 Wireless Switch System Reference Guide 3.2.1 Network AP add Command add Network AP Commands Adds entries to the Access Port adoption list. This allows the Access Ports with the MAC addresses specified in the command to associate with the specified WLAN. Performs functionality available in the Access Port Adoption List area of the Wireless screen. Syntax add <idx> <mac1> <mac2> Parameters <idx> The WLAN ID (1-8) <mac1> The starting mac address for the range <mac2> The last mac address in the range Example admin(network.ap)> add 1 00A0F8BFE9B0 00A0F8BFE9B0 admin(network.ap)list 1 admin(network.ap)>list 1 ------------------------------------------------------------------- index start mac end mac ------------------------------------------------------------------- 1 00A0F8BFE9B0 00A0F8BFE9B0 2 001570165200 001570165200 3 00A0F8B54D68 00A0F8B54D68 4 00A0F8BFEE3C 00A0F8BFEE3C admin(network.ap)> Related Commands delete Removes the MAC address range from the adoption list for the specified WLAN. list Displays entries in the Access Port adoption list.
  • 41. Network CLI Commands Reference 3-53.2.2 Network AP copydefaults Command copydefaults Network AP Commands Copies default Access Port settings to a connected Access Port. In the Web interface, the defaults are set on the Wireless, default AP screens (one for each radio type). Syntax copydefault <idx> Parameters <idx> The id of the AP to copy the defaults to Example admin(network.ap)>copydefaults 1 admin(network.ap)> Related Commands network.ap.default)> Lists the current default settings for a selected Access Port type. show default show status Lists the index numbers for all currently connected Access Ports. show ap Gets information about a particular Access Port.
  • 42. 3-6 WS2000 Wireless Switch System Reference Guide 3.2.3 Network AP delete Command delete Network AP Commands Deletes entries from the Access Port adoption list. In the Web interface, this functionality is found on the Wireless screen in the Access Port Adoption list area. Syntax delete <idx> [<entry>|all] Parameters <idx> [<entry>|all] Deletes an entry in the Access Port adoption list as specified by <entry>, which is the number listed in the adopted list (use the list command) for WLAN <idx> (1-8). all indicates deleting all the adoption list entries. Example The following example first lists out the adoption list entries for WLAN 1, deletes the second entry for WLAN 1, and finally displays the list for WLAN 1 showing that the entry has been deleted. admin(network.ap)>list 1 ------------------------------------------------------------------------- index start mac end mac ------------------------------------------------------------------------- 1 000000000000 00306542B965 2 004000000000 005000000000 admin(network.ap)>delete 1 2 admin(network.ap)>list 1 ------------------------------------------------------------------------- index start mac end mac ------------------------------------------------------------------------- 1 000000000000 00306542B965 Related Commands add Adds entries to the adoption list. list Lists entries in the Access Port adoption list.
  • 43. Network CLI Commands Reference 3-73.2.4 Network AP forget Command forget Network AP Commands Forgets the AP parameters at a particular index specified by the <idx> value. Syntax forget [<idx>|all] Parameters <idx>|all <idx> – The index to remove the AP parameters. all – Removes all AP parameters from all the indices in the AP adoption list. Example The following syntax shows the forget command. admin(network.ap)>forget 1 admin(network.ap)>save
  • 44. 3-8 WS2000 Wireless Switch System Reference Guide 3.2.5 Network AP list Command list Network AP Commands Displays entries in the Access Port adoption list for a specified wireless LAN. Syntax list <idx> Parameters <idx> Lists the Access Port adoption entries for WLAN <idx> (1-8). Example The following example shows the access port adoption list for WLAN 1. admin(network.ap)>list 1 ---------------------------------------------------------------------- index start mac end mac ----------------------------------------------------------------------1 1 00A0F8BFE9B0 00A0F8BFE9B0 2 001570165200 001570165200 3 00A0F8B54D68 00A0F8B54D68 4 00A0F8BFEE3C 00A0F8BFEE3C Related Commands add Adds entries to the adoption list. delete Deletes entries from the adoption list.
  • 45. Network CLI Commands Reference 3-93.2.6 Network AP remap Command remap Network AP Commands Remaps the channels for a radio at index specified by <idx>. Syntax remap [<idx>|all] Parameters <idx>|all <idx> – Remaps all channels for a radio specified by the index <idx> all – Remaps all channels for all the radios in auto channel selection mode. Example admin(network.ap)>list 1 -------------------------------------------- index start mac end mac -------------------------------------------- 1 00A0F8BFE9B0 00A0F8BFE9B0 2 001570165200 001570165200 3 00A0F8B54D68 00A0F8B54D68 4 00A0F8BFEE3C 00A0F8BFEE3C admin(network.ap)>remap 3
  • 46. 3-10 WS2000 Wireless Switch System Reference Guide 3.2.7 Network AP reset Command reset Network AP Commands Resets an Access Port. Syntax reset ap <idx> Parameters ap <idx> <idx> – Resets the Access Port with index <idx> in the Access Port Adoption list. Example --------------------------------------- index start mac end mac --------------------------------------- 1 00A0F8BFE9B0 00A0F8BFE9B0 2 001570165200 001570165200 3 00A0F8B54D68 00A0F8B54D68 4 00A0F8BFEE3C 00A0F8BFEE3C admin(network.ap)>reset ap 2 admin(network.ap)>
  • 47. Network CLI Commands Reference 3-113.2.8 Network AP revert Command revert Network AP Commands Reverts an Access Port to an Access Point (Only on AP4131 or AP4121). Syntax revert ap <idx> Parameters ap <idx> <idx> – Reverts the Access Port with index <idx> to an Access Point. Only on AP4131 and AP 4121. Example admin(network.ap)>revert ap 1 admin(network.ap)>
  • 48. 3-12 WS2000 Wireless Switch System Reference Guide 3.2.9 Network AP set Commands set Network AP Commands Sets Access Port parameters. Syntax set [beacon|ch_mode|div|dtim|loc|name|primary|rate| reg|rts|short-pre|802.1x|ap_scan|mac|radio_type| ap_type|sip_cac_mode|allowed_sip_session] Parameters beacon intvl Sets the beacon interval for Access Port <idx> (1–12) to <interval> in K-us (50– <idx> <interval> 200). ch_mode <idx> Sets the channel mode for Access Port <idx> (1–12) to fixed, random or auto. [fixed|random|auto] div <idx> <mode> Sets the default antenna diversity to <mode> (one of full, primary, or secondary). dtim <idx> Sets the DTIM period for Access Port <idx> to <period> (number of beacons from [<period>|<bss_idx 1–50). <period>]] <bss_idx> is the index of the BSSID. If not specified for the AP300, the default value of 1 is assumed for this parameter. For other APs, the <period> value is used for all the BSSIDs. loc <idx> <loc> Sets Access Port <idx> location description to <loc> (1–13 characters). name <idx> <name> Sets Access Port <idx> name to <name> (1–13 characters). primary <idx> <widx> Sets the primary WLAN <widx> (the WLAN index from 1 to 8) for 802.11a radio associated with Access Port <idx> (1-12). The ESS ID configured for this WLAN will be used in the 802.11a beacon as the primary ESS. Note: This parameter is used only for AP200 APs with 802.11a radios rate <idx> <basic> Sets Access Port <idx> (1-12) basic and supported rates. <basic> and <supported> <supported> must be comma-separated lists of rates, such as 6,9,11,15 with no spaces. Basic rates are a subset of supported rates. The different types of radio support the following rates. A - 6|9|12|18|24|36|48|54 B - 1|2|5.5|11 G - 1|2|5.5|6|9|11|12|18|24|36|48|54 Note: For a G radio, basic rates must be a subset of B Rates in order to associate legacy B stations. reg <idx> <indoor> <ch> Sets Access Port <idx> (1-12)regulatory parameters, which <indoor> is one of <pwr> in or in/out; <ch> is the channel to use, and <pwr> is the power (in dB from 4 to 20). Select the value of <ch> from the appropriate list. 802.11b ch -- 1 to 14 802.11a ch -- 36,40,44,48,52,56,60,64,149,153,157,161 Note: Regulatory parameter values depend on country of operation and radio type. Refer to documentation for regulatory information. rts <idx> <bytes> Sets the RTS threshold for Access Port <idx> (1-12) to <bytes> (e.g., 2341).
  • 49. Network CLI Commands Reference 3-13short-pre <idx> Enables or disables the short preamble mode for Access Port <idx> (1-12)[enable|disable]802.1x <username> Sets the 802.1x username and password on AP 300 Access Ports. Both<password> parameters can be up to 64 characters long.mac <idx> <mac> Sets the MAC address of AP <idx> (1-12) to <mac> (MAC address format is XX:XX:XX:XX:XX:XX)ap_scan <idx> <mode> Sets the scan mode for Rogue AP detection where <idx> (1-12) is the access port index and <mode> is one of none, detector, on-chan, full-detector.radio_type <idx> Sets the Radio Type of an access port where <idx> (1-12) is the access port<radio_type> index and <radio_type> is one of 802.11a, 802.11b, 802.11b/g.ap_type <idx> Sets the AP type of an Access Port <idx> (1-12) to AP type. AP type<radio_type> <radio_type> is one of AP100, AP200, AP300sip_cac_mode Enables or disables SIP Call Admission Control.[enable|disable]allowed_sip_session Sets the allowed number of SIP sessions for this portal. The value for<idx> <sip_session> <sip_session> lies between 1 and 100. <idx> (1-12) is the access port index.legacy_mode Enables or disables legacy mode support for AP300s.[enable|disable]mu-power-adjustment Sets Symbol MUs operating power in dBm. <ap-index> is the index of the<ap-index> <adjvalue> Symbol AP and <adjvalue> is the MU power adjustment value in dBm (valid 0- 20)asset-name <idx> Sets asset name for the Access Port with <idx> (1-12) with <asset-name> (1-<asset-name> 50 characters)Example:admin(network.ap)>set short-pre enableadmin(network.ap)>set shor 1 enableadmin(network.ap)>set name 1 BigOfficeadmin(network.ap)>set dtim 1 25admin(network.ap)>set loc 1 BigBldgadmin(network.ap)>show ap 1ap name : BigOfficeap location : BigBldgap mac address : 00A0F8565656ap serial number : 00A0F8565656ap radio type : 802.11 Badopted by : WLAN1ap indoor use : indoor/outdoorap channel : 1ap radio power : 4 dBantenna gain : 0 dBirf power : 3 mWantenna type : externalap diversity : fullbasic rates : 1 2supported rates : 1 2 5.5 11rts threshold : 2341
  • 50. 3-14 WS2000 Wireless Switch System Reference Guide beacon interval : 100 dtim period : 25 short preamble : enable security beacon (hide ess) : disable primary wlan index : wlan1 admin(network.ap)>
  • 51. Network CLI Commands Reference 3-153.2.10 Network AP show Command show Network AP Commands Shows Access Port parameters. Syntax show [ap|status|sip|legacy-mode] Parameters ap <idx> Shows Access Port <idx> (1-12) radio parameters. status Shows a list of Access Ports and their status. sip <idx> Shows SIP statistics for the portal <idx> (1-12). legacy-mode Shows the legacy mode configuration for the switch Example admin(network.ap)>show ap 1 ap name : BigOffice ap location : BigBldg ap mac address : 00A0F8565656 ap serial number : 00A0F8565656 ap radio type : 802.11 B adopted by : WLAN1 ap indoor use : indoor/outdoor ap channel : 1 ap radio power : 4 dB antenna gain : 0 dBi rf power : 3 mW antenna type : external ap diversity : full basic rates : 1 2 supported rates : 1 2 5.5 11 rts threshold : 2341 beacon interval : 100 dtim period : 25 short preamble : enable security beacon (hide ess) : disable primary wlan index : wlan1 detector ap : disable admin(network.ap)>show status ap index : 1 ap status : connected ap index : 2 ap status : not connected ap index : 3
  • 52. 3-16 WS2000 Wireless Switch System Reference Guide ap status : not connected ap index : 4 ap status : not connected ap status : not connected ap index : 6 ap status : not connected ap index : 7 ap status : not connected ap index : 8 ap status : not connected ap index : 9 ap status : not connected ap index : 10 ap status : not connected ap index : 11 ap status : not connected ap index : 12 ap status : not connected admin(network.ap)>show legacy-mode Legacy mode is enabled. Related Commands set Sets Access Port parameters.
  • 53. Network CLI Commands Reference 3-173.3 Network AP Default Commands default Network AP Commands Displays the default Access Port (AP) submenu. Use these commands to set the default values for all APs. Syntax admin(network.ap)> default The items available under this command are shown below. Command Description Ref set Sets default Access Port parameters. page 3-18 loadfromcf Loads the configured images from the CF card immediately page 3-20 show Shows default Access Port parameters. page 3-21 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1 The items in this menu are available in the Web interface under the three default Access Port screens (one for each radio type) within the Wireless menu area.
  • 54. 3-18 WS2000 Wireless Switch System Reference Guide 3.3.1 Network AP Default set Command set Network AP Default Commands Sets the default Access Port parameters. Syntax set [beacon|ch_mode|div|dtim|primary|reg|rate|rts|short-pre|sensor-img| ap4131-img|ap4121-img] Parameters beacon intvl <type> Sets the default beacon interval for specified radio type <type> (one of <interval> 802.11a, 802.11b, or 802.11b/g) to <interval> in K-us (50–200). ch-mode <type> Sets the default channel mode for radios of <type> (one of 802.11a, 802.11b, [fixed|random|auto] or 802.11b/g) to fixed, random, or auto. div <type> <mode> Sets the default antenna diversity for radios of <type> (one of 802.11a, 802.11b, or 802.11b/g) to <mode> (one of full, primary, or secondary). dtim <type> Sets the default DTIM period for radios of specified <type> (one of 802.11a, [<bss_idx>|<period>] 802.11b, or 802.11b/g) to <period> number of beacons (1–50). <bss_idx> is the index of the BSSID. If not specified for the AP300, the default value of 1 is assumed for this parameter. For other APs, the <period> value is used for all the BSSIDs. primary <type> <wdix> Sets the default primary WLAN <widx> (1 to 8) for 802.11a radios of specified <type> (one of 802.11a, 802.11b, or 802.11b/g). The ESS ID configured for this WLAN will be used in the 802.11a beacon as the primary ESS. Note: This parameter is used only for AP200 APs with 802.11a radios. rate <type> <basic> Sets the default basic and supported rates for radios of specified <type> (one <supported> of 802.11a, 802.11b, or 802.11b/g). <basic> and <supported> must be a comma separated list of rates, such as 6,9,11,15 with no spaces. Basic rates are a subset of supported rates. The different types of radio support the following rates. A - 6|9|12|18|24|36|48|54 B - 1|2|5.5|11 G - 1|2|5.5|6|9|11|12|18|24|36|48|54 Note: For a G radio, basic rates must be a subset of B Rates in order to associate legacy B stations. reg <type> <indoor> <ch> Sets the default regulatory parameters for radios of specified type (one of <pwr> 802.11a, 802.11b, or 802.11b/g), where <indoor> is one of in or in/out; <ch> is the channel to use, and <pwr> is the power (in dB from 4 to 20). Select the value of <ch> from the appropriate list. 802.11b ch -- 1 to 14 802.11a ch -- 36,40,44,48,52,56,60,64,149,153,157,161 Note: Note: Regulatory parameter values depend on the country of operation and radio type. Refer to the documentation for specific regulatory information. rts <type> <bytes> Sets the default RTS threshold for radios of specified <type> (one of 802.11a, 802.11b, or 802.11b/g) to <bytes> (e.g., 2341).
  • 55. Network CLI Commands Reference 3-19short-pre <type> By default, enables or disables the short preamble mode for radios of[enable|disable] specified <type> (one of 802.11a, 802.11b, or 802.11b/g).sensor-img <loc> Sets the default location of the sensor image. Location is specified in the <loc> parameter.ap4131-img <loc> Sets the default location <loc> of the AP 4131 image. Select from cf or def.ap4121-img <loc> Sets the default location <loc> of the AP 4121 image. Select from cf or def.Exampleadmin(network.ap.default)>set ch_mode 802.11a fixedadmin(network.ap.default)>set dtim 802.11a 10admin(network.ap.default)>set short 802.11b/g enableadmin(network.ap.default)>show default 802.11aap indoor use : indoor onlyap channel : 36ap channel mode : randomap radio power : 17 dBm : 50 mWap diversity : fullbasic rates : 6 12 24supported rates : 6 9 12 18 24 36 48 54rts threshold : 2341beacon interval : 100-------------------------------------------------------------------------BSSID | DTIM period------------------------------------------------------------------------- 1 | 10 2 | 10 3 | 10 4 | 10short preamble : disableprimary wlan index : wlan1admin(network.ap.default)>Related Commandsshow default Displays the default AP settings for a particular radio type.
  • 56. 3-20 WS2000 Wireless Switch System Reference Guide 3.3.2 Network AP Default loadfromcf Command loadfromcf Network AP Default Commands Immediately loads configured images from the CF card. Syntax loadfromcf Parameters None Example admin(network.ap.default)>loadfromcf
  • 57. Network CLI Commands Reference 3-213.3.3 Network AP Default show Command show Network AP Default Commands Shows the default Access Port parameters for a particular radio type. Syntax show [default|img-location] Parameters default <type> Shows the default Access Port parameters for radio type <type> (802.11a, 802.11b, 802.11bg). img-location Shows the Sensor/Access Port image locations. Example admin(network.ap.default)>set ch_mode 802.11a fixed admin(network.ap.default)>set dtim 802.11a 10 admin(network.ap.default)>set short 802.11b/g enable admin(network.ap.default)>show default 802.11a ap indoor use : indoor only ap channel : 36 ap channel mode : random ap radio power : 17 dBm : 50 mW ap diversity : full basic rates : 6 12 24 supported rates : 6 9 12 18 24 36 48 54 rts threshold : 2341 beacon interval : 100 ---------------------------------------------------------------------- BSSID | DTIM period ---------------------------------------------------------------------- 1 | 10 2 | 10 3 | 10 4 | 10 short preamble : disable primary wlan index : wlan1 Related Commands set Sets the default parameters for the specified radio type.
  • 58. 3-22 WS2000 Wireless Switch System Reference Guide 3.4 Network AP Test Commands test Network AP Commands Displays the test submenu. Syntax admin(network.ap)> test admin(network.ap.test)> The items available under this command are shown below Command Description Ref. new Switches the Access Port to a new channel. page 3-23 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 59. Network CLI Commands Reference 3-233.4.1 Network AP Test new Command new Network AP Test Commands Switches the specified Access Port to a new channel. Syntax new <idx> <ch> Parameters <idx> <ch> Switches the Access Port indexed with <idx> (1–12) to channel <ch> (which must be a valid channel for the specified Access Port. Example admin(network.ap.test)>new 2 15 admin(network.ap.test)>
  • 60. 3-24 WS2000 Wireless Switch System Reference Guide 3.5 Network AP Selfheal commands selfheal Network AP Commands Displays the selfheal submenu. Syntax admin(network.ap)> selfheal The items available under this menu are shown below. Command Description Ref. set Sets self-heal parameters page 3-25 detect-neighbor Detects neighbors and prepares the neighbors list automatically page 3-26 add Adds entries to the self-heal table page 3-27 del Removes entries from the self-heal table page 3-28 show Shows entries in the self-heal table page 3-29 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 61. Network CLI Commands Reference 3-253.5.1 Network AP Selfheal set Command set Network AP Selfheal commands Sets the different self-heal parameters. Syntax set [interference-avoidance|neighbor-recovery] Parameters interference-avoidance • mode [enable|disable] – Sets the self-healing interference mode. Can be [mode one of enable or disable. [enable|disable] | • max-retries [<max-retires|default] – Sets the threshold limit on the max-retries maximum number of retires permitted. <max-retires> (0-15) is the [<max-retries>|default] | number of allowed retries. default has a value of 14. hold-time • hold-time [<hold-time>|default] – Sets the hold-time between running two [<hold-time>|default]] consecutive interference avoidance algorithms. <hold-time> (0-65535) is the duration in seconds. default has a value of 3600. neighbor-recovery • mode [enable|disable] – Enables or disables neighbor recovery. [mode • action <radio-idx> <action> – Sets the neighbor recovery action for the [enable|disable] | portal. <radio-idx> (1-12) is the id of the radio for which action specified action <radio-idx> <action> | in <action> must be taken. Select <action> from none, raise-power, offset <radio-idx> open-rates, both. [<offset>|default]] Sets the radio offset value for the radio <radio-idx> (1-12) when the set action is raise-power. <offset> value is between 0-65535. default value is 0. Example - Set interference-avoidance: admin(network.ap.selfheal)>set interference-avoidance mode enable admin(network.ap.selfheal)>set interference-avoidance mode disable admin(network.ap.selfheal)>set interference-avoidance max-retries 15 admin(network.ap.selfheal)>set interference-avoidance max-retries default admin(network.ap.selfheal)>set interference-avoidance hold-time 24000 admin(network.ap.selfheal)>set interference-avoidance hold-time default Example - set neighbor-recovery: admin(network.ap.selfheal)>set neighbor-recovery mode enable admin(network.ap.selfheal)>set neighbor-recovery mode disable admin(network.ap.selfheal)>set neighbor-recovery action none radio 1 admin(network.ap.selfheal)>set neighbor-recovery action raise-power radio 1 admin(network.ap.selfheal)>set neighbor-recovery action open-rates radio 1 admin(network.ap.selfheal)>set neighbor-recovery action both radio 1
  • 62. 3-26 WS2000 Wireless Switch System Reference Guide 3.5.2 Network AP Selfheal detect-neighbor Command detect-neighbor Network AP Selfheal commands Detects the neighbor devices. Syntax detect-neighbor Parameters None Example admin(network.ap.selfheal)>detect-neighbor admin(network.ap.selfheal)>
  • 63. Network CLI Commands Reference 3-273.5.3 Network AP Selfheal add Command add Network AP Selfheal commands Adds entries into the selfheal AP-AP neighbor table. Syntax add <from-ap> <to-ap> Parameters <from-ap> <to-ap> Adds the specified APs into the neighbor-recovery table. <from-ap> and <to- ap> accepts values 1 to 12 and all. all indicates all the APs. Example admin(network.ap.selfheal)>add 2 4 admin(network.ap.selfheal)>show Interference Avoidance Mode : disable Retry Count : 14 Hold Time : 3600 Neighbor Recovery Mode : enable PORTAL-IDX OFFSET-VALUE NEIGHBOR-RECOVERY-ACTION 1 0 none 2 0 open-rates 3 0 none 4 777 raise-power 5 0 none 6 0 none 7 0 none 8 0 none 9 0 none 10 0 none 11 0 none 12 0 none FROM-AP TO-AP 2 4 4 2 -------------HEALING STATE OF PORTALS------------ PORTAL HEALING-MODE CONFIGURED-POWER(dBm) RAISED-POWER(dBm) 1 Normal 20 0 2 Normal 17 0 3 Normal 20 0 4 Normal 17 0
  • 64. 3-28 WS2000 Wireless Switch System Reference Guide 3.5.4 Network AP Selfheal del Command del Network AP Selfheal commands Deletes entries from the selfheal AP-AP neighbor table. Syntax del <from-ap> <to-ap> Parameters <from-ap> <to-ap> Removes the specified APs from the neighbor-recovery table. <from-ap> and <to-ap> accepts values 1 to 12 and all. all indicates all the APs. Example admin(network.ap.selfheal)> del 2 4 admin(network.ap.selfheal)> show Interference Avoidance Mode : disable Retry Count : 14 Hold Time : 3600 Neighbor Recovery Mode : enable PORTAL-IDX OFFSET-VALUE NEIGHBOR-RECOVERY-ACTION 1 0 none 2 0 open-rates 3 0 none 4 0 none 5 0 none 6 0 none 7 0 none 8 0 none 9 0 none 10 0 none 11 0 none 12 0 none FROM-AP TO-AP -------------HEALING STATE OF PORTALS------------ PORTAL HEALING-MODE CONFIGURED-POWER(dBm) RAISED-POWER(dBm) 1 Normal 20 0 2 Normal 17 0 3 Normal 20 0 4 Normal 17 0
  • 65. Network CLI Commands Reference 3-293.5.5 Network AP Selfheal show Command show Network AP Selfheal commands Shows the selfheal parameter details. Syntax show Parameters None Example admin(network.ap.selfheal)>show Interference Avoidance Mode : disable Retry Count : 14 Hold Time : 3600 Neighbor Recovery Mode : disable PORTAL-IDX OFFSET-VALUE NEIGHBOR-RECOVERY-ACTION 1 0 none 2 0 none 3 0 none 4 0 none 5 0 none 6 0 none 7 0 none 8 0 none 9 0 none 10 0 none 11 0 none 12 0 none FROM-AP TO-AP 1 2 2 1 -------------HEALING STATE OF PORTALS------------ PORTAL HEALING-MODE CONFIGURED-POWER(dBm) RAISED-POWER(dBm) 1 Normal 20 0 2 Normal 20 0
  • 66. 3-30 WS2000 Wireless Switch System Reference Guide 3.6 Network AP Denyap Commands denyap Network AP Commands Displays the denyap submenu. Use the denyap submenu to manage APs that have been denied access to the switch. Syntax admin(network.ap)> denyap admin(network.ap.denyap)> The items available under this menu are shown below. Command Description Ref. add Adds access port deny list entries page 3-31 delete Deletes access port deny list entries page 3-32 show Shows access port deny list page 3-33 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 67. Network CLI Commands Reference 3-313.6.1 Network AP Denyap add Command add Network AP Denyap Commands Add entries to the Access Port Deny List. Syntax add <mac> Parameters <mac> Adds the MAC specified in the <mac> parameter to the Access Port Deny List. MAC entries are to be entered without the ‘:’. For example 00b4c2114534. Example admin(network.ap.denyap)>add 00b4c2114534 admin(network.ap.denyap)> admin(network.ap.denyap)>show ------------------------------------------------------------------------- Idx AP NIC MAC ------------------------------------------------------------------------- 1 00b4c2114535 2 00b4c2114534 admin(network.ap.denyap)>
  • 68. 3-32 WS2000 Wireless Switch System Reference Guide 3.6.2 Network AP Denyap delete Command delete Network AP Denyap Commands Deletes an entry in the Access Port Deny List. Syntax delete [<mac>|all] Parameters <mac> Deletes the MAC specified in the <mac> parameter from the Access Port Deny List. all Deletes all the entries in the Access Port Deny List Example admin(network.ap.denyap)>show ------------------------------------------------------------------------- Idx AP NIC MAC ------------------------------------------------------------------------- 1 00b4c2114535 2 00b4c2114534 admin(network.ap.denyap)>delete 00b4c2114535 admin(network.ap.denyap)>show ------------------------------------------------------------------------- Idx AP NIC MAC ------------------------------------------------------------------------- 1 00b4c2114534
  • 69. Network CLI Commands Reference 3-333.6.3 Network AP Denyap show Command show Network AP Denyap Commands Displays the Access Port Deny List. Syntax show Parameters None Example admin(network.ap.denyap)>show ---------------------------------------------------------------------- Idx AP NIC MAC ---------------------------------------------------------------------- 1 00b4c2114535 2 00b4c2114534
  • 70. 3-34 WS2000 Wireless Switch System Reference Guide 3.7 Network AP Smartscan Commands smartscan Network AP Commands Displays the smartscan submenu. Syntax admin(network.ap)> smartscan admin(network.ap.smartscan)> The items available under this menu are shown below. Command Description Ref. set Sets smartscan channels page 3-35 delete Removes smartscan channels page 3-36 show Shows all smartscan channels page 3-37 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 71. Network CLI Commands Reference 3-353.7.1 Network AP Smartscan set Command set Network AP Smartscan Commands Sets the smartscan channels. These channels are the ones that are scanned for presence of WLANs. Syntax set [11a <11a>|11bg <11bg>] Parameters 11a <11a> Sets the smart scan channel list for the 5 GHz band. Channel list <11a> should be a comma separated list. For example, 36,40,44,48 11bg <11bg> Sets the smart scan channel list for the 2.4 GHz band. Channel list <11bg> should be a comma separated list. For example, 1-4,6,8 Note: When using a range for selecting multiple channels, all the channels that are included in the range should be valid channel numbers for the current regulatory domain. Example admin<network.ap.smartscan>> set 11bg 1-6,8,10-12 admin(network.ap.smartscan)> show all smart scan 11a channels : smart scan 11bg channels : 1 2 3 4 5 6 8 10 11 12 Available valid 11a channels : 36 40 44 48 52 56 60 64 149 153 157 161 165 Available valid 11bg channels : 1 2 3 4 5 6 7 8 9 10 11 12 13
  • 72. 3-36 WS2000 Wireless Switch System Reference Guide 3.7.2 Network AP Smartscan delete Command delete Network AP Smartscan Commands Deletes all the channels in the smartscan list for a specific radio. Syntax delete [11a <11a>|11bg <11bg>] Parameters 11a <11a> Sets the smart scan channel list for the 5 GHz band. Channel list <11a> should be a comma separated list. For example, 36,40,44,48 11bg <11bg> Sets the smart scan channel list for the 2.4 GHz band. Channel list <11bg> should be a comma separated list. For example, 1-4,6,8 Note: When using a range for selecting multiple channels, all the channels that are included in the range should be valid channel numbers for the current regulatory domain. Example admin(network.ap.smartscan)> show all smart scan 11a channels : smart scan 11bg channels : 1 2 3 4 5 6 8 10 11 12 Available valid 11a channels : 36 40 44 48 52 56 60 64 149 153 157 161 165 Available valid 11bg channels : 1 2 3 4 5 6 7 8 9 10 11 12 13 admin(network.ap.smartscan)> delete 11bg admin(network.ap.smartscan)> show all smart scan 11a channels : smart scan 11bg channels : Available valid 11a channels : 36 40 44 48 52 56 60 64 149 153 157 161 165 Available valid 11bg channels : 1 2 3 4 5 6 7 8 9 10 11 12 13 admin(network.ap.smartscan)>
  • 73. Network CLI Commands Reference 3-373.7.3 Network AP Smartscan show Command show Network AP Smartscan Commands Displays the list of channels used for smartscan for the different radios. Syntax show [all] Parameters all Shows the list of channels in the smartscan list. Example admin(network.ap.smartscan)> show all smart scan 11a channels : smart scan 11bg channels : 1 2 3 4 5 6 8 10 11 12 Available valid 11a channels : 36 40 44 48 52 56 60 64 149 153 157 161 165 Available valid 11bg channels : 1 2 3 4 5 6 7 8 9 10 11 12 13
  • 74. 3-38 WS2000 Wireless Switch System Reference Guide 3.8 Network AP Test Commands test Network AP Commands Displays the test submenu. Use this submenu commands to test APs. Syntax admin(network.ap)> test admin(network.ap.test)> The items available under this command are shown below. Command Description Ref new Switches the AP to a new channel page 3-39 show Shows mesh configuration information page 3-47 quit Quits the CLI. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 75. Network CLI Commands Reference 3-393.8.1 Network AP Test new Command new Network AP Test Commands Switches AP to a new channel. Syntax test <idx> <ch> Parameters <idx> The access port index for which the channel has to be changed <ch> The channel to change to. This must be a channel that is valid for the selected AP <idx>. Example admin(network.ap.test)> new 1 24 admin(network.ap.test)>
  • 76. 3-40 WS2000 Wireless Switch System Reference Guide 3.9 Network AP Mesh Commands mesh Network AP Commands Displays the mesh submenu. Use this menu to configure the different Mesh Network parameters. Syntax admin(network.ap)> mesh admin(network.ap.mesh)> The items available under this command are shown below. Command Description Ref set Sets mesh parameters page 3-41 add Adds a preferred base to the list page 3-43 del Removes preferred bases from the list page 3-44 preferred-list Shows a list of preferred bases page 3-45 available-list Shows a list of available bases page 3-46 show Shows mesh configuration information page 3-47 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 77. Network CLI Commands Reference 3-413.9.1 Network AP Mesh set Command set Network AP Mesh Commands Sets the mesh related parameters. Syntax set [client|vlan|auto|base|max-clients] Parameters client <radio-idx> Enables or disables the mesh client for the radio with the index [enable|disable] <radio-idx> (1-12). wlan <radio-idx> <wlan-id> Selects the WLAN <wlan-id> (1-8) for the mesh client radio index <radio-idx> (1-12). auto <radio-idx> Enables or disables automatic base selection for the radio with the index [enable|disable] <radio-idx> (1-12). base <radio-idx> Enables or disables the radio <radio-idx> (1-12) as the mesh base. [enable|disable] max-clients <radio-idx> Sets the maximum number of client <max-clients> for the radio <max-clients> <radio-idx> (1-12). Example admin(network.ap.mesh)> set client 1 enable admin(network.ap.mesh)> show 1 ------------------------------------------------------------------------- "Mode" "WLAN" "Base Auto Selection" "Max Clients" ------------------------------------------------------------------------- Client Only WLAN1 Enabled N/A admin(network.ap.mesh)> set base 1 enable admin(network.ap.mesh)> show 1 ------------------------------------------------------------------------- "Mode" "WLAN" "Base Auto Selection" "Max Clients" ------------------------------------------------------------------------- Base and Client WLAN1 Enabled 6 admin(network.ap.mesh)> set wlan 1 3 admin(network.ap.mesh)> show 1 ------------------------------------------------------------------------- "Mode" "WLAN" "Base Auto Selection" "Max Clients" ------------------------------------------------------------------------- Base and Client WLAN3 Enabled 6 admin(network.ap.mesh)> set max-clients 1 4 admin(network.ap.mesh)> show 1 ------------------------------------------------------------------------- "Mode" "WLAN" "Base Auto Selection" "Max Clients" ------------------------------------------------------------------------- Base and Client WLAN3 Enabled 4
  • 78. 3-42 WS2000 Wireless Switch System Reference Guide admin(network.ap.mesh)> set auto 1 disable admin(network.ap.mesh)> show 1 ------------------------------------------------------------------------- "Mode" "WLAN" "Base Auto Selection" "Max Clients" ------------------------------------------------------------------------- Base and Client WLAN3 Disabled 4 admin(network.ap.mesh)>
  • 79. Network CLI Commands Reference 3-433.9.2 Network AP Mesh add Command add Network AP Mesh Commands Adds a preferred base to the device’s Preferred Base Bridge List. Syntax add <radio-idx> <mac> Parameters <radio-idx> Adds the base to the device’s Preferred Base Bridge List. The <radio-idx> (1-12) is the <mac> unique ID for the radio. <mac> is the address of the base device to be added to the list. Example admin(network.ap.mesh)> add 3 001570419F9F admin(network.ap.mesh)> preferred-list 3 ------------------------------------------------------------------------- "Priority" "Base MAC" ------------------------------------------------------------------------- 1 00:15:70:41:9F:9F admin(network.ap.mesh)> Related Commands del Removes preferred bases from the list preferred-list Shows a list of preferred bases
  • 80. 3-44 WS2000 Wireless Switch System Reference Guide 3.9.3 Network AP Mesh del Command del Network AP Mesh Commands Removes a Mesh Base from the device’s Preferred Base Bridge List. Syntax del [<radio-idx>] [all|<index>] Parameters <radio-idx> • Removes all preferred bases from the device’s Preferred Base Bridge List for the [all|<index>] radio specified by the <radio-idx> (1-12). • all – Indicates all the preferred base devices. • <index> – Indicates the selected preferred base device. Example admin(network.ap.mesh)> preferred-list 3 ------------------------------------------------------------------------- "Priority" "Base MAC" ------------------------------------------------------------------------- 1 00:15:70:41:9F:9F 2 00:15:45:70:9C:8D 3 15:03:54:07:23:45 admin(network.ap.mesh)> del 3 2 admin(network.ap.mesh)> preferred-list 3 ------------------------------------------------------------------------- "Priority" "Base MAC" ------------------------------------------------------------------------- 1 00:15:70:41:9F:9F 2 15:03:54:07:23:45 admin(network.ap.mesh)> del 3 all admin(network.ap.mesh)> preferred-list 3 ------------------------------------------------------------------------- "Priority" "Base MAC" ------------------------------------------------------------------------- admin(network.ap.mesh)> Related Commands add Adds a preferred base to the list preferred-list Shows a list of preferred bases
  • 81. Network CLI Commands Reference 3-453.9.4 Network AP Mesh preferred-list Command preferred-list Network AP Mesh Commands Displays the Preferred Base Bridge List for the device Syntax preferred-list <radio-idx> Parameters <radio-idx> Displays the selected radio’s (<radio-idx> (1-12)) Preferred Base Bridge List. Example admin(network.ap.mesh)> preferred-list 3 ------------------------------------------------------------------------- "Priority" "Base MAC" ------------------------------------------------------------------------- 1 00:15:70:41:9F:9F 2 00:15:45:70:9C:8D 3 15:03:54:07:23:45 admin(network.ap.mesh)> Related Commands add Adds a preferred base to the list del Removes preferred bases from the list
  • 82. 3-46 WS2000 Wireless Switch System Reference Guide 3.9.5 Network AP Mesh available-list Command available-list Network AP Mesh Commands Displays the list of available base bridges along with their MAC addresses and the RSSI. Syntax available-list <radio-idx> Parameters <radio-idx> Displays the available base bridges for a particular radio indicated by the <radio-idx> (1-12) value. Example admin(network.ap.mesh)> available-list 3 ------------------------------------------------------------------------- "MAC" "Channel" "RSSI" ------------------------------------------------------------------------- 00:15:70:41:9A:9A 11 189 admin(network.ap.mesh)> Related Commands add Adds a preferred base to the list del Removes preferred bases from the list preferred-list Shows a list of preferred bases
  • 83. Network CLI Commands Reference 3-473.9.6 Network AP Mesh show Command show Network AP Mesh Commands Displays the mesh details for a particular radio. Syntax show <radio-idx> Parameters <radio-idx> Displays the mesh configuration information for the radio indicated by the <radio-idx> (1-12) value. Example admin(network.ap.mesh)> show 3 ------------------------------------------------------------------------- "Mode" "WLAN" "Base Auto Selection" "Max Clients" ------------------------------------------------------------------------- Base and Client WLAN2 Enabled 4
  • 84. 3-48 WS2000 Wireless Switch System Reference Guide 3.10 Network DCHP Commands dhcp network Displays the DHCP submenu. Syntax admin(network)> dhcp admin(network.dhcp)> The items available under this command are shown below. Command Description Ref. set Sets system updated flags. page 3-49 show Shows system updated flags. page 3-50 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 85. Network CLI Commands Reference 3-493.10.1 Network DHCP set Command set Network DCHP Commands Sets parameters for automated firmware and configuration upgrades. Syntax set [firmwareupgrade|configureupgrade|interface| dhcpvendorclassid|autoupgradeinterval] firmwareupgrade [0|1] Enables (1) or disables (0) automatic switch firmware upgrade. configupgrade [0|1] Enables (1) or disables (0) automatic switch configuration update. interface <iface> Sets the interface <iface> for the upgrades to the device: s1 – subnet 1 s2 – subnet 2 s3 – subnet 3 s4 – subnet 4 s5 – subnet 5 s6 – subnet 6 w – WAN dhcpvendorclassid Sets the DHCP vendor class id to <dhcp vendor class id>. <dhcp vendor class id> Note: Vendor class id must be preceded by “Sym”. autoupgradeinterval Sets the Light Weight DHCP Client Auto Upload time interval to <autoupgradeinterval> <autoupgradeinterval> (1-65535) seconds. Example admin(network.dhcp)>show all Auto Firmware upgrade flag : 0 Auto Config upgrade flag : 0 Interface : w admin(network.dhcp)>set firmwareupgrade 1 admin(network.dhcp)>set con 1 admin(network.dhcp)>set inter s1 admin(network.dhcp)>show all Auto Firmware upgrade flag : 1 Auto Config upgrade flag : 1 Interface : s1 Related Commands show all Shows the settings for all the automatic update parameters.
  • 86. 3-50 WS2000 Wireless Switch System Reference Guide 3.10.2 Network DHCP show Command show Network DCHP Commands Displays system updated flags. Syntax show all Parameters all Displays all of the DHCP-related system update parameters. Example admin(network.dhcp)>show all Auto Firmware upgrade flag : 1 Auto Config upgrade flag : 1 Interface : w Dhcp Vendor Class Id : SymbolWS.WS2K-V2-0 Auto Upgrade Interval : 600 Related Commands set Sets the DHCP-related parameters for updating system firmware and configuration.
  • 87. Network CLI Commands Reference 3-513.11 Network Firewall Commands fw network Displays the firewall submenu. Syntax admin(network)> fw admin(network.fw)> The items available under this command are shown below. Command Description Ref. set Sets firewall parameters. page 3-52 show Shows firewall parameters. page 3-54 submap Goes to the subnet mapping submenu. page 3-80 policy Goes to the advanced subnet mapping submenu. page 3-64 timeradd Creates a new timeout value page 3-55 timerset Sets timeout values page 3-58 timerdel Deletes a named timer page 3-56 timerlist Shows the list of timers page 3-57 ips Goes to the Intrusion Prevention System submenu. page 3-59 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1 The commands in this menu are available in the Web interface on the Network>Firewall screen.
  • 88. 3-52 WS2000 Wireless Switch System Reference Guide 3.11.1 Network Firewall set Command set Network Firewall Commands Sets firewall parameters. In the Web interface, this functionality is provide by the Network->Firewall screen. Syntax set [mode|override|ftp|ip|seq|src|syn|win|spoof|rst| range|netbios-alg] [enable|disable] set mime [filter|hdr|len] set mime filter [enable|disable] set mime hdr <count> set mime len <length> set timeout <time> set fin <time> Parameters mode [enable|disable] Enables or disables the firewall. override [enable|disable] Enables or disables subnet access override. ftp [enable|disable] Enables or disables FTP bounce attack check. ip [enable|disable] Enables or disables IP unaligned timestamp check. mime • filter [enable|disable] – Enables or disables MIME flood attack check. [filter [enable|disable]| • hdr <count> – Sets the max number of headers as specified in <count> hdr <count>| (12-34463) len <length>] • len <length> – Sets the max header length in bytes as specified by <length> (256-34463) seq [enable|disable] Enables or disables sequence number prediction check. src [enable|disable] Enables or disables source routing check. syn [enable|disable] Enables or disables SYN flood attack check. timeout <time> Sets the firewall timeout to <time> minutes (1–90). win [enable|disable] Enables or disables Winnuke attack check. spoof [enable|disable] Enables or disables IP Spoofing attack check rst [enable|disable] Enables or disable reset attack check range [enable|disable] Enables or disable sequence out of range check fin <time> Sets fin timeout to <time> seconds. netbios-alg Enables or disables NetBIOS ALG support. [enable|disable] Example admin(network.fw)>show all Firewall Status : enable Subnet Access Override : disable Configurable Firewall Filters
  • 89. Network CLI Commands Reference 3-53ftp bounce attack filter : enablesyn flood attack filter : enableunaligned ip timestamp filter : enablesource routing attack filter : enablewinnuke attack filter : enableseq num prediction attack filter : enablemime flood attack filter : enablemax mime header length : 8192max mime headers : 16nat timeout interval in minutes : 30ip spoofing attack filter : enablereset attack filter : enableack/seq number out of range check : enablefin timeout : 20Always On Firewall Filtersland attack filter : enableping of death attack filter : enablereassembly attack filter : enableNetBIOS alg : disableadmin(network.fw)>Related Commandsshow Shows the current firewall settings.
  • 90. 3-54 WS2000 Wireless Switch System Reference Guide 3.11.2 Network Firewall show Command show Network Firewall Commands Displays the firewall parameters. Syntax show all Parameters all Shows all firewall settings. Example admin(network.fw)>show all Firewall Status : enable Subnet Access Override : disable Configurable Firewall Filters ftp bounce attack filter : enable syn flood attack filter : enable unaligned ip timestamp filter : enable source routing attack filter : enable winnuke attack filter : enable seq num prediction attack filter : enable mime flood attack filter : enable max mime header length : 8192 max mime headers : 16 nat timeout interval in minutes : 30 ip spoofing attack filter : enable reset attack filter : enable ack/seq number out of range check : enable fin timeout : 20 Always On Firewall Filters land attack filter : enable ping of death attack filter : enable reassembly attack filter : enable NetBIOS alg : disable admin(network.fw)> Related Commands set Sets firewall settings.
  • 91. Network CLI Commands Reference 3-553.11.3 Network Firewall timeradd Command timeradd Network Firewall Commands Adds a new named timeout value. Syntax timeradd <name> <protocol> <port> <value> Parameters timeradd <name> Adds a new named timeout value. <protocol> • <name> is the name of the time out value (1-15 characters) <port> <value> • <protocol> is the protocol to be used. (tcp or udp) • <port> is the port number (0-32767) • <value> is the timeout value in seconds (60-268400000) Example admin(network.fw)> timeradd newtcp tcp 21 4500 admin(network.fw)> timerlist ----------------------------------------------------------- Name Protocol Port Timeout ( Secs ) ----------------------------------------------------------- newtcp tcp 21 4500 admin(network.fw)
  • 92. 3-56 WS2000 Wireless Switch System Reference Guide 3.11.4 Network Firewall timerdel Command timerdel Network Firewall Commands Deletes a named timeout value. Syntax timerdell <timer name> Parameters timerdel <timername> Deletes a timer named <timer name>. Example admin(network.fw)>timeradd newudp udp 21 4500 admin(network.fw)>timerlist ----------------------------------------------------------- Name Protocol Port Timeout ( Secs ) ----------------------------------------------------------- newtcp tcp 21 4500 newudp udp 21 4500 admin(network.fw)timerdel newtcp admin(network.fw)>timerlist ----------------------------------------------------------- Name Protocol Port Timeout ( Secs ) ----------------------------------------------------------- newudp udp 21 4500
  • 93. Network CLI Commands Reference 3-573.11.5 Network Firewall timerlist Command timerlist Network Firewall Commands Displays all named time outs. Syntax timerlist Parameters None Example admin(network.fw)>timerlist ----------------------------------------------------------- Name Protocol Port Timeout ( Secs ) ----------------------------------------------------------- newtcp tcp 21 4500 newudp udp 21 4500 admin(network.fw)
  • 94. 3-58 WS2000 Wireless Switch System Reference Guide 3.11.6 Network Firewall timerset Command timerset Network Firewall Commands Sets the timeout value for a named timer. Syntax timerset <timer name> <value> Parameters timerset <timer name> Sets the timer value <value> (60-268400000) for a timer named <value> <timer name>. Example admin(network.fw)>timerset newudp 5000 admin(network.fw)>timerlist ----------------------------------------------------------- Name Protocol Port Timeout ( Secs ) ----------------------------------------------------------- newtcp tcp 21 4500 newudp udp 21 5000
  • 95. Network CLI Commands Reference 3-593.12 Network Firewall Intrusion Prevention System Commands ips Network Firewall Commands Displays the firewall Intrusion Prevention System (IPS) submenu. Syntax admin(network.fw)> ips admin(network.fw.ips)> The items available under this command are shown below. Command Description Ref. set Sets the IPS parameters page 3-60 show Displays the IPS settings page 3-62 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 96. 3-60 WS2000 Wireless Switch System Reference Guide 3.12.1 Network Firewall IPS set Command set Network Firewall Intrusion Prevention System Commands Sets the Intrusion Prevention System (IPS) parameters. Syntax set [mode|anomaly-config|signature-categories|direction] set mode [enable|disable] set signature-categorises <category-list> set direction [default|bi-directional] set anomaly-config[-sl <smtplen>|-ml <mimelen>|-md <mimedepth>| -hl <httpline>|-hz <httpsize>|-hlz <httplinesize>| -huz <httpurisize>] mode [enable|disable] Enables or disables IPS. anomaly-config • -sl <smtplen> – Sets the SMTP header length. [-sl <smtplen>| • -ml <mimelen> – Sets the MIME header length. -ml <mimelen>| • -md <mimedepth> – Sets the depth of MIME boundary header. -md <mimedepth>| -hl <httphline>| • -hl <httphline> – Sets the field in the HTTP header. -hz <httphsize>| • -hz <httphsize> – Sets the HTTP header size. -hlz <httplinesize>| • -hlz <httplinesize> – Sets the HTTP header line size. -huz <httpurisize>] • -huz <httpurisize> – Sets the HTTP URI size. signature-categories Sets the signature categories for IPS. Select <category-list> from <category-list> TELNET, POP3, IMAP, NNTP, FTP, SNMP, TCPDNS, UDPDNS, TCPRPC, UDPRPC, HTTP, SMTP, TCPGEN, UDPGEN, ICMP, TCP, UDP, IP. If more than one signature category is specified, separate each category with a space. Each of the signature category must be specified in Upper Case only. direction [default|bi-directional] Sets the direction to inspect packets. • default – Sets direction as default. This is defined in the signature. • bi-directional – Sets direction as bi-directional. Packets are inspected when received or sent. Example admin(network.fw.ips)>set mode enable admin(network.fw.ips)>set anomaly-config -sl 100 admin(network.fw.ips)>set direction default admin(network.fw.ips)>set signature-categories TELNET POP3 TCP UDP admin(network.fw.ips)>show all IPS mode : enable SMTP Header length : 1024 MIME header length : 1024 Depth of MIME boundary header : 5 Field in HTTP header : 50 HTTP header size : 4096 HTTP header line size : 3072
  • 97. Network CLI Commands Reference 3-61HTTP URI size : 3072Loaded Signature Categories : TELNET POP3 TCP UDP IMAP HTTP SMTPPacket Direction of signatures : defaultadmin(network.fw.ips)>
  • 98. 3-62 WS2000 Wireless Switch System Reference Guide 3.12.2 Network Firewall IPS show Command show Network Firewall Intrusion Prevention System Commands Displays the Intrusion Prevention System (IPS) configurations. Syntax show all Parameters all Displays the IPS configuration. Example admin(network.fw.ips)>show all IPS mode : enable SMTP Header length : 1024 MIME header length : 1024 Depth of MIME boundary header : 5 Field in HTTP header : 50 HTTP header size : 4096 HTTP header line size : 3072 HTTP URI size : 3072 Loaded Signature Categories : TELNET POP3 TCP UDP IMAP HTTP SMTp Packet Direction of signatures : default admin(network.fw.ips)> admin(network.fw)>show all Firewall Status : enable Subnet Access Override : disable Configurable Firewall Filters ftp bounce attack filter : enable syn flood attack filter : enable unaligned ip timestamp filter : enable source routing attack filter : enable winnuke attack filter : enable seq num prediction attack filter : enable mime flood attack filter : enable max mime header length : 8192 max mime headers : 16 nat timeout interval in minutes : 10 ip spoofing attack filter : enable reset attack filter : enable ack/seq number out of range check : enable fin timeout : 20 Always On Firewall Filters land attack filter : enable ping of death attack filter : enable reassembly attack filter : enable
  • 99. Network CLI Commands Reference 3-63NetBIOS alg : disableHTTP alg : enableadmin(network.fw)>
  • 100. 3-64 WS2000 Wireless Switch System Reference Guide 3.13 Network Firewall Policy Commands policy Network Firewall Commands Displays the firewall policy submenu. Syntax admin(network.fw)> policy admin(network.fw.policy)> NOTE: The Policy menu can only be accessed when Subnet Access Override mode is enabled. To enable Subnet Access Override use the command admin(network.fw)> set override enable The items available under this command are shown below. Command Description Ref. inbound Goes to the inbound policy submenu. page 3-66 outbound Goes to the outbound policy submenu. page 3-73 import Imports subnet access rules. page 3-65 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 101. Network CLI Commands Reference 3-653.13.1 Network Firewall Policy import command import Network Firewall Policy Commands Imports subnet access rules from current subnet access settings created in the GUI interface (Network-> Firewall -> Subnet Access menu item) or using the CLI submap menu commands. Previously set outbound firewall policies will be deleted. Syntax import Parameters None Example admin(network.fw.policy)>import WARNING : You will loose all your current advanced access policies. Do you want to continue [n/y]?y admin(network.fw.policy)> admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- ---- Idx Src IP-Netmask Dst IP-Netmask Tp Src Ports Dst Ports NAT Action ------------------------------------------------------------------------- ---- 1 192.168.0.1- 192.168.1.1- all 1:65535 1:65535 none allow 255.255.255.0 255.255.255.0 2 192.168.0.1- 192.168.2.1- all 1:65535 1:65535 none allow 255.255.255.0 255.255.255.0 3 192.168.1.1- 192.168.0.1- all 1:65535 1:65535 none allow 255.255.255.0 255.255.255.0 4 192.168.1.1- 192.168.2.1- all 1:65535 1:65535 none allow 255.255.255.0 255.255.255.0 5 192.168.2.1- 192.168.0.1- all 1:65535 1:65535 none allow 255.255.255.0 255.255.255.0 6 192.168.2.1- 192.168.1.1- all 1:65535 1:65535 none allow 255.255.255.0 255.255.255.0 7 192.168.0.0- 192.168.32.2- all 1:65535 1:65535 none allow 255.255.255.0 255.255.255.0 8 192.168.0.0- 0.0.0.0- all 1:65535 1:65535 wan1 allow 255.255.255.0 0.0.0.0 9 192.168.1.0- 0.0.0.0- all 1:65535 1:65535 none allow 255.255.255.0 0.0.0.0 10 192.168.2.0- 0.0.0.0- all 1:65535 1:65535 none allow 255.255.255.0 0.0.0.0 Related Commands submap > list Lists the currently defined subnet to subnet/WAN communication rules into the outbound firewall policy list. outb > list Lists the current outbound firewall policies.
  • 102. 3-66 WS2000 Wireless Switch System Reference Guide 3.14 Network Firewall Policy Inbound Commands inbound Network Firewall Policy Commands Displays the inbound policy submenu. Syntax admin(network.fw.policy)> inb admin(network.fw.policy.inb)> The items available under this command are shown below. Command Description Ref. add Adds a firewall policy. page 3-67 set Sets firewall policy parameters. page 3-72 delete Deletes a firewall policy. page 3-68 list Lists firewall policies. page 3-70 move Moves a firewall policy to a different position in the list. page 3-71 insert Inserts a new firewall policy before an existing policy. page 3-69 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 103. Network CLI Commands Reference 3-673.14.1 Network Firewall Policy Inbound add Command add Network Firewall Policy Inbound Commands Adds an inbound firewall policy. Syntax add <sip> <netmask> <dip> <dnetmask> Parameters <sip> <netmask> Adds a firewall policy to be effective on communications between a source site <dip> <dnetmask> and a destination site. • <sip> – The source IP • <snetmask> – The source IP’s network mask • <dip> – The destination site IP • <dnetmask> – The destination IP’s network mask Example admin(network.fw.policy.inb)>add 192.168.24.0 255.255.255.0 209.239.170.45 255.2 55.255.224 Inbound Policy Successfully added at index 1 admin(network.fw.policy.inb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 192.168.24.0- 209.239.170.45- all 1: 1: 0.0.0.0 deny 255.255.255.0 255.255.255.224 65535 65535 nat port 0 Related Commands delete Deletes firewall policies from the inbound list. move Moves firewall policies either up or down in the list of policies.
  • 104. 3-68 WS2000 Wireless Switch System Reference Guide 3.14.2 Network Firewall Policy Inbound delete Command delete Network Firewall Policy Inbound Commands Deletes a firewall policy. Syntax delete [all|<idx>] Parameters <idx> Deletes inbound firewall policy <idx> from the policy list. all Deletes all inbound firewall policies. Example admin(network.fw.policy.inb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.179.52- 168.192.56.4- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 2 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0 admin(network.fw.policy.inb)>del 1 admin(network.fw.policy.inb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0
  • 105. Network CLI Commands Reference 3-693.14.3 Network Firewall Policy Inbound insert Command insert Network Firewall Policy Inbound Commands Inserts a new firewall policy before an existing policy. Syntax insert <idx> <sip> <snetmask> <dip> <dnetmask> Parameters <idx> <sip> Inserts a new policy into the inbound firewall policy list at a specified index. <snetmask> <dip> <dnetmask> • <idx> – The index in the firewall policy list where this policy is to be inserted. • <sip> – The source IP • <snetmask> – The source IP’s network mask • <dip> – The destination site IP • <dnetmask> – The destination IP’s network mask Example admin(network.fw.policy.inb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.170.88- 192.168.42.2- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 admin(network.fw.policy.inb)>insert 1 209.239.160.44 255.255.255.224 192.168.55. 44 255.255.255.0 Inbound Policy Successfully inserted at index 1 admin(network.fw.policy.inb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.160.44- 192.168.55.44- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 2 209.239.170.88- 192.168.42.2- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0
  • 106. 3-70 WS2000 Wireless Switch System Reference Guide 3.14.4 Network Firewall Policy Inbound list Command list Network Firewall Policy Inbound Commands Lists inbound firewall policies. Syntax list {<idx>} Parameters <idx> Displays firewall policy with number <idx>. Example: admin(network.fw.policy.inb)>add 192.168.24.0 255.255.255.0 209.239.170.45 255.255.255.224 Inbound Policy Successfully added at index 1 admin(network.fw.policy.inb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 192.168.24.0- 209.239.170.45- all 1: 1: 0.0.0.0 deny 255.255.255.0 255.255.255.224 65535 65535 nat port 0
  • 107. Network CLI Commands Reference 3-713.14.5 Network Firewall Policy Inbound move Command move Network Firewall Policy Inbound Commands Moves a firewall policy to a different position in the list and renumbers all affected items in the list. Syntax move [up|down] <idx> Parameters [up|down] <idx> Moves policy with index <idx> up or down one (to a lower or a higher number) in the policy list. Example admin(network.fw.policy.inb)>list ---------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0 2 209.239.179.52- 168.192.56.4- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 admin(network.fw.policy.inb)>move up 2 admin(network.fw.policy.inb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.179.52- 168.192.56.4- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 2 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0
  • 108. 3-72 WS2000 Wireless Switch System Reference Guide 3.14.6 Network Firewall Policy Inbound set Command set Network Firewall Policy Inbound Commands Sets inbound firewall policy parameters. Syntax set [saddr|daddr|tp|sport}dport|rnat|rport|action|logging] Parameters saddr <idx> <Ip Addr> Sets source IP address <Ip Addr> and IP netmask <netmask> for inbound <netmask> firewall policy <idx>. daddr <idx> <Ip Addr> Sets destination IP address <Ip Addr> and IP netmask <netmask> for <netmask> inbound firewall policy <idx>. tp <idx> <tp> Sets transport protocol for inbound firewall policy <idx> to <tp> (one of all, tcp, udp, icmp, ah, esp, gre). sport <idx> <port1> Sets source port range for inbound firewall policy <idx> from <port1> [<port2>] (1–65535) to <port2> (1–65535). If <port2> is not specified, <port1> is used as the top end of the range. dport <idx> <port1> Sets destination port range for inbound firewall policy <idx> from <port1> (1– [<port2>] 65535) to <port2> (1–65535). If <port2> is not specified, <port1> is used as the top end of the range. rnat <idx> <Ip Addr> Sets reverse NAT IP address for inbound firewall policy <idx> to <Ip Addr> (a.b.c.d). rport <idx> <rport> Sets reverse NAT port for inbound firewall policy <idx> to <rport> (0–65535). action <idx> [allow|deny] Sets action of inbound firewall policy <idx> to allow or deny. Example admin(network.fw.policy.inb)>set tp 1 gre admin(network.fw.policy.inb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.160.202- 168.192.36.4- gre 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 admin(network.fw.policy.inb)>set sport 1 20 21 admin(network.fw.policy.inb)>set dport 1 200 201 admin(network.fw.policy.inb)>set action 1 allow admin(network.fw.policy.inb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0
  • 109. Network CLI Commands Reference 3-733.15 Network Firewall Policy Outbound Commands outbound Network Firewall Policy Commands Displays the outbound policy submenu. Syntax admin(network.fw.policy)> outbound admin(network.fw.policy.outbound)> The items available under this command are shown below. Command Description Ref. add Adds a firewall policy. page 3-74 set Sets firewall policy parameters. page 3-79 delete Deletes a firewall policy. page 3-75 list Lists firewall policies. page 3-77 move Moves a firewall policy to a different position in the list. page 3-78 insert Inserts a new firewall policy before an existing policy. page 3-76 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 110. 3-74 WS2000 Wireless Switch System Reference Guide 3.15.1 Network Firewall Policy Outbound add Command add Network Firewall Policy Outbound Commands Adds an outbound firewall policy. Syntax add <sip> <netmask> <dip> <netmask> Parameters <sip> <netmask> Adds a firewall policy to be effective on communications between a source site <dip> <dnetmask> and a destination site. • <sip> – The source IP • <snetmask> – The source IP’s network mask • <dip> – The destination site IP • <dnetmask> – The destination IP’s network mask Example admin(network.fw.policy.outb)>add 192.168.24.0 255.255.255.0 209.239.170.45 255.255.255.224 Outbound Policy Successfully added at index 1 admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 192.168.24.0- 209.239.170.45- all 1: 1: 0.0.0.0 deny 255.255.255.0 255.255.255.224 65535 65535 nat port 0 Related Commands delete Deletes firewall policies from the outbound list. move Moves policies either up or down in the list of policies.
  • 111. Network CLI Commands Reference 3-753.15.2 Network Firewall Policy Outbound delete Command delete Network Firewall Policy Outbound Commands Deletes an outbound firewall policy. Syntax delete [all|<idx>] Parameters <idx> Deletes inbound firewall policy <idx> from the policy list. all Deletes all outbound firewall policies. Example admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- ---- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- ---- 1 209.239.179.52- 168.192.56.4- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 2 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0 admin(network.fw.policy.outb)>del 1 admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- ---- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- ---- 1 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0
  • 112. 3-76 WS2000 Wireless Switch System Reference Guide 3.15.3 Network Firewall Policy Outbound insert Command insert Network Firewall Policy Outbound Commands Inserts a new outbound firewall policy before an existing policy. Syntax insert <idx> <sip> <netmask> <dip> <netmask> Parameters <idx> <sip> Inserts a new policy into the outbound firewall policy list at a specified index. <snetmask> <dip> <dnetmask> • <idx> – The index in the firewall policy list where this policy is to be inserted. • <sip> – The source IP • <snetmask> – The source IP’s network mask • <dip> – The destination site IP • <dnetmask> – The destination IP’s network mask Example admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.170.88- 192.168.42.2- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 admin(network.fw.policy.outb)>insert 1 209.239.160.44 255.255.255.224 192.168.55. 44 255.255.255.0 Outbound Policy Successfully inserted at index 1 admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.160.44- 192.168.55.44- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 2 209.239.170.88- 192.168.42.2- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0
  • 113. Network CLI Commands Reference 3-773.15.4 Network Firewall Policy Outbound list Command list Network Firewall Policy Outbound Commands Lists outbound firewall policies. Syntax list {<idx>} Parameters <idx> Displays firewall outbound policy with number <idx>. Example admin(network.fw.policy.outb)>add 192.168.24.0 255.255.255.0 209.239.170.45 255.2 55.255.224 Inbound Policy Successfully added at index 1 admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 192.168.24.0- 209.239.170.45- all 1: 1: 0.0.0.0 deny 255.255.255.0 255.255.255.224 65535 65535 nat port 0
  • 114. 3-78 WS2000 Wireless Switch System Reference Guide 3.15.5 Network Firewall Policy Outbound move Command move Network Firewall Policy Outbound Commands Moves an outbound firewall policy up or down in the policy list and renumbers the policy affected by the move. Syntax move [up|down] <idx> Parameters [up|down] <idx> Moves policy with index <idx> up or down one (to a lower or a higher number) in the policy list. Example admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0 2 209.239.179.52- 168.192.56.4- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 admin(network.fw.policy.outb)>move up 2 admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- ---- 1 209.239.179.52- 168.192.56.4- all 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 2 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0
  • 115. Network CLI Commands Reference 3-793.15.6 Network Firewall Policy Outbound set Command set Network Firewall Policy Outbound Commands Sets firewall policy parameters. Syntax set [saddr|daddr|tp|sport|dport|nat|action|logging] Parameters saddr <idx> <Ip Addr> Sets source IP address <Ip Addr> and IP netmask <netmask> for outbound <netmask> firewall policy <idx>. daddr <idx> <Ip Addr> Sets destination IP address <Ip Addr> and IP netmask <netmask> for <netmask> outbound firewall policy <idx>. tp <idx> <tp> Sets transport protocol for outbound firewall policy <idx> to <tp> (one of all, tcp, udp, icmp, ah, esp, gre). sport <idx> <port1> Sets source port range for outbound firewall policy <idx> from <port1> [<port2>] (1–65535) to <port2> (1–65535). If <port2> is not specified, <port1> is used as the top end of the range. dport <idx> <port1> Sets destination port range for outbound firewall policy <idx> from <port1> [<port2>] (1–65535) to <port2> (1–65535). If <port2> is not specified, <port1> is used as the top end of the range. nat <idx> <wan id> Sets NAT WAN ID for outbound firewall policy <idx> to <wan id> (0-8) where 0 = none, 1 = WAN 1, 2 = WAN 2, etc. action <idx> [allow|deny] Sets action of outbound firewall policy <idx> to allow or deny. logging <idx> Sets logging of outbound firewall policy <idx> to enable or disable. [enable|disable] Example admin(network.fw.policy.outb)>set tp 1 gre admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.160.202- 168.192.36.4- gre 1: 1: 0.0.0.0 deny 255.255.255.224 255.255.255.0 65535 65535 nat port 0 admin(network.fw.policy.outb)>set sport 1 20 21 admin(network.fw.policy.outb)>set dport 1 200 201 admin(network.fw.policy.outb)>set action 1 allow admin(network.fw.policy.outb)>list ------------------------------------------------------------------------- Idx Src IP-Netmask Dst IP-Netmask Tp SPorts DPorts Rev. NAT Action ------------------------------------------------------------------------- 1 209.239.160.202- 168.192.36.4- gre 20:21 200: 0.0.0.0 allow 255.255.255.224 255.255.255.0 201 nat port 0
  • 116. 3-80 WS2000 Wireless Switch System Reference Guide 3.16 Network Firewall Submap Commands submap Network Firewall Commands Displays the subnet mapping submenu. Syntax admin(network.fw)> submap admin(network.fw.submap)> NOTE: The submap menu can only be accessed when Subnet Access Override mode is disabled. To disable Subnet Access Override use the command admin(network.fw)> set override disable The items available under this command are shown below. Command Description Ref. add Adds subnet access exception rules. page 3-81 delete Deletes subnet access exception rules. page 3-83 list Lists subnet access exception rules. page 3-84 set Sets subnet access parameters. page 3-85 show Shows subnet access parameters. page 3-86 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 117. Network CLI Commands Reference 3-813.16.1 Network Firewall Submap add Command add Network Firewall Submap Commands Adds subnet access exception rules. Syntax add <from> <to> <name> <tran> <port1> <port2> Parameters add <from> <to> Adds a subnet access exception rule for communication. <name> <tran> • <from> – The source subnet (one of s1 = subnet1, s2 = <port1> <port2> subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6) • <to> – The destination subnet (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6, w=WAN) • <name> – The name of this exception rule. (1-7 characters) • <trans> – The transport protocol to deny access. (one of the following transport protocols: tcp, udp, icmp, ah, esp, gre, or all) • <port1> <port2> – Ports in the range <port1> to <port2> Example admin(network.fw.submap)>add s1 w test gre 21 101 admin(network.fw.submap)>list s1 ------------------------------------------------------------------------- index from to name prot start port end port ------------------------------------------------------------------------- 1 subnet1 wan test gre 21 101 admin(network.fw.submap)>add s1 s2 test2 ah 20 80 admin(network.fw.submap)>add s2 s3 test3 all 20 300 admin(network.fw.submap)>list s1 ------------------------------------------------------------------------- index from to name prot start port end port ------------------------------------------------------------------------- 1 subnet1 wan test gre 21 101 2 subnet1 subnet2 test2 ah 20 80
  • 118. 3-82 WS2000 Wireless Switch System Reference Guide admin(network.fw.submap)>list s2 ------------------------------------------------------------------------- index from to name prot start port end port ------------------------------------------------------------------------- 1 subnet2 subnet3 test3 all 20 300 admin(network.fw.submap)>delete s2 all admin(network.fw.submap)>list s2 ------------------------------------------------------------------------- index from to name prot start port end port -------------------------------------------------------------------------
  • 119. Network CLI Commands Reference 3-833.16.2 Network Firewall Submap delete Command delete Network Firewall Submap Commands Deletes subnet access exception rules. Syntax delete <from> [<idx>|all] Parameters <from> [<idx>|all] • <idx> – Deletes access exception rule entry <idx> from subnet <from> (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6). • all – Deletes all access exception rule entries from subnet <from> (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6). Example admin(network.fw.submap)>list s1 ------------------------------------------------------------------------- index from to name prot start port end port ------------------------------------------------------------------------- 1 subnet1 wan test gre 21 101 2 subnet1 subnet2 test2 ah 20 80 admin(network.fw.submap)>delete s1 2 admin(network.fw.submap)>list s1 ------------------------------------------------------------------------- index from to name prot start port end port ------------------------------------------------------------------------- 1 subnet1 wan test gre 21 101 admin(network.fw.submap)>list s2 ------------------------------------------------------------------------- index from to name prot start port end port ------------------------------------------------------------------------- 1 subnet2 subnet3 test3 all 20 300 admin(network.fw.submap)>delete s2 all admin(network.fw.submap)>list s2 ------------------------------------------------------------------------- index from to name prot start port end port -------------------------------------------------------------------------
  • 120. 3-84 WS2000 Wireless Switch System Reference Guide 3.16.3 Network Firewall Submap list Command list Network Firewall Submap Commands Lists subnet access exception rules. Syntax list <from> Parameters <from> Lists the access exception entries for <from> (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6). Example admin(network.fw.submap)>list s1 ------------------------------------------------------------------------- index from to name prot start port end port ------------------------------------------------------------------------- 1 subnet1 wan test gre 21 101 admin(network.fw.submap)>add s1 s2 test2 ah 20 80 admin(network.fw.submap)>add s2 s3 test3 all 20 300 admin(network.fw.submap)>list s1 ------------------------------------------------------------------------- index from to name prot start port end port ------------------------------------------------------------------------- 1 subnet1 wan test gre 21 101 2 subnet1 subnet2 test2 ah 20 80 admin(network.fw.submap)>list s2 ------------------------------------------------------------------------- index from to name prot start port end port ------------------------------------------------------------------------- 1 subnet2 subnet3 test3 all 20 300 admin(network.fw.submap)>delete s2 all admin(network.fw.submap)>list s2 ------------------------------------------------------------------------- index from to name prot start port end port
  • 121. Network CLI Commands Reference 3-853.16.4 Network Firewall Submap set Command set Network Firewall Submap Commands Sets a default subnet access rule to allow or deny communication. Syntax set [default|subnet-logging|logging] Parameters default <from> Sets the default subnet access rule. <to> <rule> • <from> – The source subnet. (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6). • <to> – The destination subnet. (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6, w = WAN). • <rule> – The rule to be enforced. Select from allow or deny. subnet-logging Enables or disables logging for a subnet access rule. <from> <to> • <from> – The source subnet. (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, [enable|disable] s4 = subnet4, s5 = subnet5, s6 = subnet6). • <to> – The destination subnet. (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6, w = WAN). • enable – Enables he logging • disable – Disables logging logging <from> Enables, disables, or sets to default the logging for a subnet access exception rule. <to> <rule-name> • <from> – The source subnet. (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, [enable|disable|d s4 = subnet4, s5 = subnet5, s6 = subnet6). efault] • <to> – The destination subnet. (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6, w = WAN). • enable – Enables he logging • disable – Disables logging • default – Adopts subnet access configuration. Example admin(network.fw.submap)>set default s2 w deny admin(network.fw.submap)>set default s2 s4 deny admin(network.fw.submap)>set subnet-logging s2 s3 enable admin(network.fw.submap)>set logging s1 s2 s1s2allow default admin(network.fw.submap)>show default s2 ------------------------------------------------------------------------- wan subnet1 subnet2 subnet3 subnet4 subnet5 subnet6 ------------------------------------------------------------------------- deny allow allow allow deny allow allow (log enabled) admin(network.fw.submap)>
  • 122. 3-86 WS2000 Wireless Switch System Reference Guide 3.16.5 Network Firewall Submap show Command show Network Firewall Submap Commands Displays default subnet access exception rules for indicated subnet. Syntax show default <from> Parameters default <from> Shows all default access exception rules for subnet <from> (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6) to all other subnets. Example admin(network.fw.submap)>set default s2 w deny admin(network.fw.submap)>set default s2 s4 deny admin(network.fw.submap)>set subnet-logging s2 s3 enable admin(network.fw.submap)>set logging s1 s2 s1s2allow default admin(network.fw.submap)>show default s2 ------------------------------------------------------------------------- wan subnet1 subnet2 subnet3 subnet4 subnet5 subnet6 ------------------------------------------------------------------------- deny allow allow allow deny allow allow (log enabled) admin(network.fw.submap)>
  • 123. Network CLI Commands Reference 3-873.17 Network LAN Commands lan network Displays the LAN submenu. Syntax admin(network)>lan admin(network.lan)> The items available under this command are shown below. Command Description Ref. dhcp Goes to the DHCP submenu. page 3-93 set Sets LAN parameters. page 3-88 show Shows LAN parameters. page 3-90 updateDNS Updates DNS for a subnet page 3-91 updateAllDNS Updates DNS for all subnets page 3-92 bridge Goes to the bridge submenu page 3-101 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 124. 3-88 WS2000 Wireless Switch System Reference Guide 3.17.1 Network LAN set Command set Network LAN Commands Sets the LAN parameters for the six subnets. Syntax set [ipadr|mask|dgw|mode|name|port|wlan|stp] set ipadr <idx> <ip> set mask <idx> <netmask> set dgw <idx> <ip> set mode [enable|disable] set name <idx> <name> set port <port> <subnet> set wlan <wlan> <subnet> set stp <mode> Parameters ipadr <idx> <ip> Sets the IP address of subnet <idx> (1–6) to the IP address <ip> in the form a.b.c.d. mask <idx> <netmask> Sets the netmask of subnet <idx> (1–6) to IP address mask <netmask> in the form a.b.c.d. dgw <idx> <ip> Sets the default gateway for the subnet <idx> (1-6) to the IP <ip>. mode <idx> Enables or disables the subnet identified by <idx> (1–6). [enable|disable] name <idx> <name> Sets the name of the subnet <idx>(1–6) to <name> (can be up to 7 characters). port <port> <subnet> Assigns port <port>(1–6) to the subnet indicated by <subnet> (none, s1, s2, s3, s4, s5, s6). Unassigns a port with <subnet> = none. wlan <wlan> <subnet> Assigns WLAN number <wlan> to the subnet indicated by (none, s1, s2, s3, s4, s5, s6). Unassigns a WLAN with <subnet> = none. stp <mode> Enables or disables Spanning Tree Protocol (STP) for the subnets. Choose <mode> from enable or disable. NOTE: STP is applied on mesh networks even if it is disabled through the set command. Example admin(network.lan)>show lan 1 subnet name : Subnet1 subnet interface : enable ip address : 192.168.0.1 network mask : 255.255.255.0 ports : port1 port2 port3 port4 port5 port6 wlans : wlan1
  • 125. Network CLI Commands Reference 3-89admin(network.lan)>set name 1 NewNameadmin(network.lan)>set port 4 noneadmin(network.lan)>set wlan 2 s1admin(network.lan)>show lan 1subnet name : OfficeNsubnet interface : enableip address : 192.168.0.1network mask : 255.255.255.0default gateway : 192.168.0.1ports : port1 port2 port3 port4 port5wlan : wlan1 wlan3vlan tag : 1admin(network.lan)> set stp enableadmin(network.lan)> show stpSTP Mode : EnableRelated Commandsshow lan Shows the current settings for the specified subnet (LAN).
  • 126. 3-90 WS2000 Wireless Switch System Reference Guide 3.17.2 Network LAN show Command show Network LAN Commands Shows the LAN parameters. Syntax show [lan|stp] Parameters lan <idx> Shows the settings for the subnet <idx> (1–4). stp Shows the STP status for the device Example admin(network.lan)>show lan 1 subnet name : Subnet1 subnet interface : enable ip address : 192.168.0.1 network mask : 255.255.255.0 ports : port1 port2 port3 port4 port5 port6 wlans : wlan1 admin(network.lan)>set name 1 NewName admin(network.lan)>set port 4 none admin(network.lan)>set wlan 2 s1 admin(network.lan)>show lan 1 subnet name : NewName subnet interface : enable ip address : 192.168.0.1 network mask : 255.255.255.0 ports : port1 port2 port3 port5 port6 wlans : wlan1 wlan2 admin(network.lan)> set stp enable admin(network.lan)> show stp STP Mode : Enable Related Commands set Sets the parameters for a specified subnet (LAN). set stp Enables or disables Spanning Tree Protocol for the device.
  • 127. Network CLI Commands Reference 3-913.17.3 Network LAN updateDNS Command updateDNS Network LAN Commands Updates the DNS for the selected subnet. Syntax updateDNS <idx> Parameters <idx> The subnet ID (1-6) Example admin(network.lan)>updateDNS 1 admin(network.lan)> Related Commands updateAllDNS Updates the DNS for all subnets.
  • 128. 3-92 WS2000 Wireless Switch System Reference Guide 3.17.4 Network LAN updateAllDNS Command updateAllDNS Network LAN Commands Updates the DNS for all the active subnets. Syntax updateAllDNS Parameters None Example admin(network.lan)> updateAllDNS admin(network.lan)> Related Commands updateDNS Updates the DNS for a selected subnet.
  • 129. Network CLI Commands Reference 3-933.18 Network LAN DHCP Commands dhcp Network LAN Commands Displays the DHCP submenu. Syntax admin(network.lan)> dhcp admin(network.lan.dhcp)> The items available under this command are shown below. Command Description Ref. add Adds static DHCP address assignments. page 3-94 delete Deletes static DHCP address assignments. page 3-95 list Lists static DHCP address assignments. page 3-96 set Sets DHCP parameters. page 3-97 show Shows DHCP parameters. page 3-99 renew Renews the DHCP IP address. page 3-100 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 130. 3-94 WS2000 Wireless Switch System Reference Guide 3.18.1 Network LAN DHCP add Command add Network LAN DHCP Commands Adds static DHCP address assignments. Syntax add <idx> <mac> <ip> Parameters <idx> <mac> <ip> Adds a static DHCP address assignment for subnet <idx> (1-6) where the device with the MAC address <mac> (aabbccddeeff format) is assigned the IP address <ip> (a.b.c.d format). Example admin(network.lan.dhcp)>add 1 00A0F8F01234 192.160.24.6 admin(network.lan.dhcp)>add 1 00A1F1F24321 192.169.24.7 admin(network.lan.dhcp)>list 1 ------------------------------------------------------------------------- index mac address ip address ------------------------------------------------------------------------- 1 00A0F8F01234 192.160.24.6 2 00A1F1F24321 192.169.24.7 admin(network.lan.dhcp)>
  • 131. Network CLI Commands Reference 3-953.18.2 Network LAN DHCP delete Command delete Network LAN DHCP Commands Deletes static DHCP address assignments. Syntax delete <idx> [<entry>|all] Parameters <idx> [<entry>|all] Deletes static DHCP assignment entries. • <idx> – The subnet index (1-6) • <entry> – The DHCP entry (1-30) • all – All entries. Example admin(network.lan.dhcp)>list 1 ------------------------------------------------------------------------- index mac address ip address ------------------------------------------------------------------------- admin(network.lan.dhcp)>add 1 0011223344FF 191.168.0.42 admin(network.lan.dhcp)>add 1 4433221100AA 191.168.0.43 admin(network.lan.dhcp)>list 1 ------------------------------------------------------------------------- index mac address ip address ------------------------------------------------------------------------- 1 0011223344FF 191.168.0.42 2 4433221100AA 191.168.0.43 admin(network.lan.dhcp)>delete 1 1 admin(network.lan.dhcp)>list 1 ------------------------------------------------------------------------- index mac address ip address ------------------------------------------------------------------------- 1 4433221100AA 191.168.0.43 ------------------------------------------------------------------------- index mac address ip address ------------------------------------------------------------------------- 1 0011223344FF 191.168.0.42 2 4433221100AA 191.168.0.43
  • 132. 3-96 WS2000 Wireless Switch System Reference Guide 3.18.3 Network LAN DHCP list Command list Network LAN DHCP Commands Lists static DHCP address assignments. Syntax list <idx> Parameters <idx> Lists the static DHCP address assignments for subnet <idx> (1–6). Example admin(network.lan.dhcp)>add 1 00A0F8F01234 192.168.63.5 admin(network.lan.dhcp)>list 1 ------------------------------------------------------------------------- index mac address ip address ------------------------------------------------------------------------- 1 00A0F8F01234 192.168.63.5 admin(network.lan.dhcp)> admin(network.lan.dhcp)>add 1 12332244AABB 192.168.64.3 admin(network.lan.dhcp)>list 1 ------------------------------------------------------------------------- index mac address ip address ------------------------------------------------------------------------- 1 00A0F8F01234 192.168.63.5 2 12332244AABB 192.168.64.3
  • 133. Network CLI Commands Reference 3-973.18.4 Network LAN DHCP set Command set Network LAN DHCP Commands Sets DHCP parameters for the subnets. Syntax set [dgw|dns|wins|lease|domain|mode|range| relayserverip|ddnsmode|fwdzone|ddnsusrcls| tftp-server|bootfile|option-189|option-43] Parameters dgw <idx> <a.b.c.d> Sets the default gateway for subnet <idx> (1–6) to the IP address <a.b.c.d>. dns <a> <b> <c> Sets the primary/secondary DNS servers for the selected subnet. • <a> – The subnet (1-6) • <b> – The DNS server type (1=primary, 2=secondary) • <c> – The IP address of the server type selected in <b> in the a.b.c.d form. wins <idx> <a.b.c.d> Sets the WINS server for subnet <idx> (1–6) to the IP address <a.b.c.d>. lease <idx> <lease> Sets the DHCP lease time for subnet <idx> (1–6) to <lease> seconds (1–999999). domain <idx> <dn> Sets the domain name for subnet <idx> (1–6) to the domain name <dn> (1 to 63 characters). mode <idx> <mode> Sets the DHCP mode for subnet <idx> (1–4) to <mode>. <mode> can be one of (none, client, server, relay) where: • none – disables DHCP node • client – enables the subnet to be a DHCP client • server – enables the subnet to be a DHCP server • relay – enables the subnet to be a DHCP relay range <a> <b> <c> Sets the DHCP assignment range for subnet <a> (1–6) from IP address <b> to another IP address <c>. relayserverip <idx> <a.b.c.d> Sets the DHCP relay server IP for subnet <idx> (1-6) to the IP <a.b.c.d>. ddnsmode <idx> <mode> Enables or disables DDNS for the subnet <idx> (1-6). <mode> can be one of enable or disable. fwdzone <idx> <fwdzone> Sets the DHCP forward zone for the subnet <idx> (1-6) to the zone specified by <fwdzone> (1 to 63 characters) ddnsusrcls <idx> <usrcls> Sets the DDNS user class <usrcls> to single or multiple for the subnet <idx> (1-6). tftp-server <idx> Sets the tftp-server IP for the subnet <idx> (1-6) to the IP <tftp-server> <tftp-server> bootfile <idx> <bootfile> Sets the bootfile name for the subnet <idx> (1-6) to the boot file name <boot-file> (max 31 characters)
  • 134. 3-98 WS2000 Wireless Switch System Reference Guide option-189 <idx> <ip list> Sets the IP addresses and ports numbers for WIAP enabled switches for the subnet <idx> (1-6). <ip-list> (max 63 characters) must be in the format a.b.c.d:xx and multiple addresses must be separated by comma. option-43 <idx> <ip list> Sets the IP address for WIAP enabled switches for the subnet <idx> (1-6). <ip-list> (max 63 characters) must be in the format a.b.c.d and multiple addresses must be separated by a comma. Example admin(network.lan.dhcp)>set dns 1 1 209.160.0.18 admin(network.lan.dhcp)>set dns 1 2 209.160.0.218 admin(network.lan.dhcp)>show dhcp 1 dhcp mode : server default gateway : 192.168.0.1 primary dns server : 209.160.0.18 secondary dns server : 209.160.0.218 wins server : 192.168.0.254 starting ip address : 192.168.0.11 ending ip address : 192.168.0.254 lease time : 10000 domain name : admin(network.lan.dhcp)>set domain 1 BigFishCo admin(network.lan.dhcp)>show dhcp 1 dhcp mode : server default gateway : 192.168.0.1 primary dns server : 209.160.0.18 secondary dns server : 209.160.0.218 wins server : 192.168.0.254 starting ip address : 192.168.0.11 ending ip address : 192.168.0.254 lease time : 10000 domain name : BigFishCo admin(network.lan.dhcp)>
  • 135. Network CLI Commands Reference 3-993.18.5 Network LAN DHCP show Command show Network LAN DHCP Commands Shows DHCP parameter settings for specified subnets. Syntax show dhcp <idx> Parameters show dhcp <idx> Displays the DHCP parameter settings for subnet <idx> (1–6). These parameters are set with the set command. Example admin(network.lan.dhcp)>set dns 1 2 192.168.0.242 admin(network.lan.dhcp)>set dns 1 2 192.168.0.1 admin(network.lan.dhcp)>show dhcp 1 dhcp mode : server ddns mode : disable user class : default gateway : 192.168.0.50 primary dns server : 192.168.10.1 secondary dns server : 192.168.0.1 wins server : 192.168.0.254 starting ip address : 192.168.0.100 ending ip address : 192.168.0.254 relay server ip address : 0.0.0.0 lease time : 86400 domain name : forward zone : tftp-server : 0.0.0.0 bootfile : option-189 : option-43 : admin(network.lan.dhcp)>set domain 1 BigFishCo admin(network.lan.dhcp)>show dhcp 1 admin(network.lan.dhcp)>show dhcp 1 dhcp mode : server ddns mode : disable user class : default gateway : 192.168.0.50 primary dns server : 192.168.10.1 secondary dns server : 192.168.0.1 wins server : 192.168.0.254 starting ip address : 192.168.0.100 ending ip address : 192.168.0.254 relay server ip address : 0.0.0.0 lease time : 86400 domain name : BigFishCo forward zone : tftp-server : 0.0.0.0 bootfile : option-189 : option-43 :
  • 136. 3-100 WS2000 Wireless Switch System Reference Guide 3.18.6 Network LAN DHCP renew Command renew Network LAN DHCP Commands Renews the IP address assigned by DHCP. Syntax renew Parameters None Example admin(network.lan.dhcp)> renew
  • 137. Network CLI Commands Reference 3-1013.19 Network LAN Bridge commands bridge Network LAN Commands Displays the Bridge submenu. Syntax admin(network.lan)> bridge admin(network.lan.bridge)> The items available under this command are shown below. Command Description Ref. show Shows the bridge configuration parameters page 3-102 set Sets bridge configuration parameters page 3-104 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 138. 3-102 WS2000 Wireless Switch System Reference Guide 3.19.1 Network LAN Bridge show Command show Network LAN Bridge commands Displays the bridge configuration parameters. Syntax show Parameters None Example admin(network.lan.bridge)> show admin(network.lan.bridge)>show ** LAN1 Bridge Configuration ** Bridge Priority : 32768 Hello Time (seconds) : 2 Message Age Time (seconds) : 20 Forward Delay Time (seconds) : 15 Entry Ageout Time (seconds) : 60 Wireless Trunking : disable ** LAN2 Bridge Configuration ** Bridge Priority : 32768 Hello Time (seconds) : 2 Message Age Time (seconds) : 20 Forward Delay Time (seconds) : 15 Entry Ageout Time (seconds) : 60 Wireless Trunking : disable ** LAN3 Bridge Configuration ** Bridge Priority : 32768 Hello Time (seconds) : 2 Message Age Time (seconds) : 20 Forward Delay Time (seconds) : 15 Entry Ageout Time (seconds) : 300 Wireless Trunking : disable ** LAN4 Bridge Configuration ** Bridge Priority : 32768 Hello Time (seconds) : 2 Message Age Time (seconds) : 20 Forward Delay Time (seconds) : 15 Entry Ageout Time (seconds) : 300 Wireless Trunking : disable
  • 139. Network CLI Commands Reference 3-103** LAN5 Bridge Configuration **Bridge Priority : 32768Hello Time (seconds) : 2Message Age Time (seconds) : 20Forward Delay Time (seconds) : 15Entry Ageout Time (seconds) : 300Wireless Trunking : disable** LAN6 Bridge Configuration **Bridge Priority : 32768Hello Time (seconds) : 2Message Age Time (seconds) : 20Forward Delay Time (seconds) : 15Entry Ageout Time (seconds) : 300Wireless Trunking : disableadmin(network.lan.bridge)>
  • 140. 3-104 WS2000 Wireless Switch System Reference Guide 3.19.2 Network LAN Bridge set Command set Network LAN Bridge commands Sets the bridge configuration parameters. Syntax set [priority|hello|msgage|fwddelay|ageout|wireless-trunking] Parameters priority <LAN-idx> <priority> Sets the bridge priority to <priority> (0-65535) for the lan <LAN- idx> (1-6) hello <LAN-idx> <hello> Sets the bridge’s hello time to <hello> (1-10) seconds for the lan <LAN-idx> (1-6) msgage <LAN-idx> <msgage> Sets the bridge message age time to <msgage> (6-40) seconds for lan <LAN-idx> (1-6) fwddelay <LAN-idx> <fwddelay> Sets the bridge forward delay time to <fwddelay> (4-30) seconds for lan <LAN-idx> (1-6) ageout <LAN-idx> <ageout> Sets the bridge forward table entry ageout to <ageout> (4-3600) seconds for lan <LAN-idx> (1-6). wireless-trunking <LAN-idx> <mode> Sets the wireless trunking mode <mode> (enable/disable) for lan <LAN-idx> (1-6) Example admin(network.lan.bridge)>set priority 1 5 admin(network.lan.bridge)>set wireless-trunking 1 enable admin(network.lan.bridge)>show ** LAN1 Bridge Configuration ** Bridge Priority : 5 Hello Time (seconds) : 2 Message Age Time (seconds) : 20 Forward Delay Time (seconds) : 15 Entry Ageout Time (seconds) : 60 Wireless Trunking : enable ** LAN2 Bridge Configuration ** Bridge Priority : 32768 Hello Time (seconds) : 2 Message Age Time (seconds) : 20 Forward Delay Time (seconds) : 15 Entry Ageout Time (seconds) : 60 Wireless Trunking : disable [...]
  • 141. Network CLI Commands Reference 3-1053.20 Network QoS Commands qos network Displays the quality of service (QoS) submenu. Syntax admin(network)> qos admin(network.qos)> The items available under this command are shown below. Command Description Ref. clear Clears QoS parameters. page 3-106 set Sets QoS parameters. page 3-107 show Shows QoS parameters. page 3-108 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 142. 3-106 WS2000 Wireless Switch System Reference Guide 3.20.1 Network QOS clear Command clear Network QoS Commands Clears QoS radio statistics. Syntax clear queuing Parameters None Example admin(network.qos)>clear queue Related Commands set Sets the QoS parameters. show Shows the QoS parameters and the QoS queuing statistics.
  • 143. Network CLI Commands Reference 3-1073.20.2 Network QOS set Command set Network QoS Commands Sets QoS parameters. Syntax set bw-share [mode|weight|threshold] Parameters mode <mode> Set bandwidth share mode <mode> (none, static, weighted or rate-limit) weight <idx> <weight> Set the weight for WLAN <idx> (1–8) to <weight> (1–10). A weight can only be set if the bandwidth share mode is set to weighted. threshold <idx> <speed> Sets the bandwidth share threshold for WLAN <idx> (1–6) to speed <speed> <0–54000> Example admin(network.qos)>set bw-share mode weighted admin(network.qos)>set bw-share weight 1 6 admin(network.qos)>set bw-share threshold 1 12000 admin(network.qos)>show bw-share BW Share Mode:weighted -------------------------------- WLAN BW Share Weight -------------------------------- 1 6 2 1 3 1 4 1 5 1 6 1 7 1 8 1 admin(network.qos)> Related Commands show Shows the bandwidth settings and the queuing statistics. clear Clears the queuing statistics.
  • 144. 3-108 WS2000 Wireless Switch System Reference Guide 3.20.3 Network QOS show Command show Network QoS Commands Shows QoS parameters and queuing statistics. Syntax show [bw-sharing|queuing] Parameters bw-share Shows the bandwidth sharing settings. queuing Displays the radio QoS queuing statistics. Example admin(network.qos)>show bw BW Share Mode:static admin(network.qos)>show qu 1 BW Share Mode:static ------------------------------------------------------------------------- Priority In Out Dropped ------------------------------------------------------------------------- ------------------------------------------------------------------------- WLAN: 1 ------------------------------------------------------------------------- 0 0 0 0 1 0 0 0 2 0 0 0 admin(network.qos)> Related Commands set Sets the QoS parameters. clear Clears the QoS queuing statistics.
  • 145. Network CLI Commands Reference 3-1093.21 Network Router Commands router network Displays the router submenu. Syntax admin(network)> router admin(network.router)> The items available under this command are shown below. Command Description Ref. add Adds user-defined routes. page 3-110 delete Deletes user-defined routes. page 3-111 list Lists user-defined routes. page 3-112 set Sets RIP parameters. page 3-113 show Shows routes/RIP parameters. page 3-114 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 146. 3-110 WS2000 Wireless Switch System Reference Guide 3.21.1 Network Router add Command add Network Router Commands Adds user-defined routes. Syntax add <dest> <netmask> <gw> <iface> <metric> Parameters <dest> <netmask> <gw> Adds a route with destination IP address <dest>, IP netmask <iface> <metric> <netmask>, gateway IP address <gw>, interface subnet or WAN set to <iface> (one of s1 = subnet1, s2 = subnet2, s3 = subnet3, s4 = subnet4, s5 = subnet5, s6 = subnet6 or w = WAN), and metric set to <metric> (1– 15). Example admin(network.router)>add 202.57.42.6 255.255.255.224 202.57.42.1 s2 3 admin(network.router)>list ------------------------------------------------------------------ index destination netmask gateway interface metric ------------------------------------------------------------------ 1 202.57.42.6 255.255.255.224 202.57.42.1 subnet2 3 admin(network.router)>add 234.44.33.212 255.255.255.234 234.44.33.2 s3 5 admin(network.router)>list ------------------------------------------------------------------ index destination netmask gateway interface metric ------------------------------------------------------------------ 1 202.57.42.6 255.255.255.224 202.57.42.1 subnet2 3 2 234.44.33.212 255.255.255.234 234.44.33.2 subnet3 5
  • 147. Network CLI Commands Reference 3-1113.21.2 Network Routes delete Command delete Network Router Commands Deletes user-defined routes. Syntax delete [all|<idx>] Parameters <idx> Deletes the user-defined route <idx> (1–20) from the list. all Deletes all user-defined routes. Example admin(network.router)>list ------------------------------------------------------------------ index destination netmask gateway interface metric ------------------------------------------------------------------ 1 202.57.42.6 255.255.255.224 202.57.42.1 subnet2 3 2 234.44.33.212 255.255.255.234 234.44.33.2 subnet3 5 admin(network.router)>delete 2 admin(network.router)>list ------------------------------------------------------------------ index destination netmask gateway interface metric ------------------------------------------------------------------ 1 202.57.42.6 255.255.255.224 202.57.42.1 subnet2 3
  • 148. 3-112 WS2000 Wireless Switch System Reference Guide 3.21.3 Network Router list Command list Network Router Commands Lists user-defined routes. Syntax list Parameters None Example admin(network.router)>add 234.44.33.212 255.255.255.234 234.44.33.2 s3 5 admin(network.router)>list ------------------------------------------------------------------------- index destination netmask gateway interface metric ------------------------------------------------------------------------- 1 202.57.42.6 255.255.255.224 202.57.42.1 subnet2 3 2 234.44.33.212 255.255.255.234 234.44.33.2 subnet3 5
  • 149. Network CLI Commands Reference 3-1133.21.4 Network Router set Command set Network Router Commands Sets routing information protocol (RIP) parameters. Syntax set [auth|dir|id|key|passwd|type|dgw-if] Parameters auth <auth> Sets RIP authentication type to <auth> to one of none, simple, or md5 dir <dir> Sets RIP direction to <dir> to one of rx = receive, tx = transmit, or both). id <idx> <id> Sets MD5 authentication ID for key <idx> (1–2) to the MD5 key id <id> (1– 256). key <idx> <key> Sets the MD5 authentication ID for key <idx> (1–2) to MD5 key <key> (up to 16 characters). passwd <passwd> Sets password for simple authentication to <passwd> (1 to 16 characters). type <type> Sets RIP type to <type> to ne of off, ripv1, ripv2, or ripv1v2. dgw-if <if> Sets the Default Gateway Interface to <if> one of none, wan, s1, s2, s3, s4, s5, s6, and default. Example admin(network.router)>set auth md5 admin(network.router)>set key 1 12345678 admin(network.router)>set key 2 87654321 admin(network.router)>show rip rip type : off rip direction : both rip authentication type : md5 rip simple auth password : ******** rip md5 id 1 : 1 rip md5 key 1 : ******** rip md5 id 2 : 1 rip md5 key 2 : ********S admin(network.router)>set type ripv1 Warning: Having RIP enabled compromises your Subnet to Subnet firewall. admin(network.router)>show rip rip type : ripv1 rip direction : both rip authentication type : md5 rip simple auth password : ******** rip md5 id 1 : 1 rip md5 key 1 : ******** rip md5 id 2 : 1 rip md5 key 2 : ********
  • 150. 3-114 WS2000 Wireless Switch System Reference Guide 3.21.5 Network Router show Command show Network Router Commands Shows connected routes and routing information protocol (RIP) parameters. Syntax show [rip|routes] Parameters rip Shows RIP parameters. routes Shows connected routes. Example admin(network.router)>show rip rip type : off rip direction : both rip authentication type : md5 rip simple auth password : ******** rip md5 id 1 : 1 rip md5 key 1 : ******** rip md5 id 2 : 1 rip md5 key 2 : ******** admin(network.router)>show routes ------------------------------------------------------------------------- --- index destination netmask gateway interface metric ------------------------------------------------------------------------- --- 1 192.168.2.0 255.255.255.0 0.0.0.0 subnet3 0 2 192.168.1.0 255.255.255.0 0.0.0.0 subnet2 0 3 192.168.0.0 255.255.255.0 0.0.0.0 subnet1 0 4 192.168.24.0 255.255.255.0 0.0.0.0 wan 0 5 0.0.0.0 0.0.0.0 192.168.24.1 wan 0
  • 151. Network CLI Commands Reference 3-1153.22 Network VLAN Commands vlan network Displays the VLAN submenu. Syntax admin(network)> vlan admin(network.vlan)> The items available under this command are shown below. Command Description Ref. set Sets VLAN parameters. page 3-116 show Shows VLAN parameters. page 3-117 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 152. 3-116 WS2000 Wireless Switch System Reference Guide 3.22.1 Network VLAN set Command set Network VLAN Commands Sets VLAN parameters. Syntax set [assign-mode|default|vlan-id|trunk-port|allow] Syntax: assign-mode <mode> Assigns the VLAN assignment mode <mode> to one of user or port. default <vlan_id> Assigns the default VLAN ID to <vlan_id>, which is a number between 1 and 4094. vlan-id <subnet_id> Sets the VLAN ID for subnet <subnet_id> (one of s1, s2, s3, s4, s5,or s6) <vlan_id> to <vlan_id> (1–4094). trunk-port <port> Sets the Trunk Port <port> to one of none or wan. allow [vlans <list>|all|none] Sets the list of VLANs allowed access to the trunk port. • vlans <list> – Sets the allowed VLANs from <list>, a comma separated list of VLAN Ids. • all – Sets the allowed VLANs to all VLANs. • none – Sets the list of allowed VLANs to none. Example admin(network.vlan)>set assign-mode user admin(network.vlan)>set default 3 admin(network.vlan)>show vlan 3 VLAN assignment mode : user VLAN ID : 3 VLAN Mapped Subnet : Subnet3 Default VLAN ID : Yes Related Commands show Displays the VLAN settings.
  • 153. Network CLI Commands Reference 3-1173.22.2 Network VLAN show Command show Network VLAN Commands Shows VLAN parameters. Syntax show [vlan|trunk] Parameters vlan <id> Displays the VLAN settings for the VLAN specified by <id> (1–4094). trunk Displays the Trunk settings. Example admin(network.vlan)>show vlan 3 VLAN assignment mode : user VLAN ID : 3 VLAN Mapped Subnet : Subnet3 Default VLAN ID : Yes admin(network.vlan)>show vlan 2 VLAN assignment mode : user VLAN ID : 2 VLAN Mapped Subnet : Subnet1 Default VLAN ID : No admin(network.vlan)>set trunk-port wan admin(network.vlan)>set all vlans 1-20 admin(network.vlan)>show trunk Trunk Port : WAN Allowed VLANs : 1-20 Related Commands set Sets the VLAN parameters.
  • 154. 3-118 WS2000 Wireless Switch System Reference Guide 3.23 Network WAN Commands wan network Displays the WAN submenu. Syntax admin(network)> wan admin(network.wan)> The items available under this command are shown below. Command Description Ref. vpn Goes to the VPN submenu. page 3-144 nat Goes to the NAT submenu. page 3-138 app Goes to the outbound content filtering submenu. page 3-123 dyndns Goes to the Dynamic DNS submenu page 3-129 trunkipfpolicy Goes to the Trunk Port IP Filter Policy submenu page 3-133 renew Renews the IP address. page 3-119 set Sets WAN parameters. page 3-120 show Shows WAN parameters. page 3-122 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 155. Network CLI Commands Reference 3-1193.23.1 Network WAN renew Command renew Network WAN Commands Renews the IP address. Syntax renew Parameters None Example admin(network.wan)>renew admin(network.wan)>
  • 156. 3-120 WS2000 Wireless Switch System Reference Guide 3.23.2 Network WAN set Command set Network WAN Commands Sets the WAN parameters. In the Web interface, this functionality if provided by the Network->WAN screen. Syntax set [dhcp|dgw|dns|ipadr|mask|mode|ppope|mtu] Parameters dhcp <mode> Enables or disables the switch as a DHCP client. <mode> can be one of enable or disable. dgw <a.b.c.d> Sets the default gateway IP address to <a.b.c.d>. dns <idx> <a.b.c.d> Sets the IP address of one or two DNS servers, where <idx> indicates either the primary (1) or secondary (2) server, and <a.b.c.d> is the IP address of the server. ipadr <idx> <a.b.c.d> Sets up to 8 (using <idx> from 1 to 8) IP addresses <a.b.c.d> for the WAN interface of the switch. mask <a.b.c.d> Sets the subnet mask to <a.b.c.d>. mode <idx> <mode> Enables or disables the WAN interface associated with the given <idx> (1– 8) as set using the set ipadr command. <mode> can be one of enable or disable. pppoe [idle|ka|mode|passwd| Sets PPPoE parameters. type|user|mss] • idle <val> – Sets the PPPoE idle value <val> (1–65535) seconds. • ka <mode> – Sets the PPPoE keep alive mode <mode> (enable, disable). • mode <mode> – Enables or disables PPPoE. <mode> can be one of enable or disable. • passwd <password> – Sets the PPPoE password to <password> (1 – 39 Characters) • type <type> – Sets the PPPoE authentication type to <type> (none, pap/ chap, pap, chap). • user <username> – Sets the PPPoE user name to <username> (1 – 47 Characters). • mss <msssize> – Sets the PPPoE maximum segment size to <msssize> (20–1460). mtu Sets MTU size of wan interface. The minimum value is 128 bytes and maximum is 1500 bytes. Example admin(network.wan)>set dhcp enable admin(network.wan)>set dgw 192.168.122.25 admin(network.wan)>set pppoe mode enable admin(network.wan)>set pppoe type chap admin(network.wan)>set pppoe user JohnDoe admin(network.wan)>set pppoe passwd @#$goodpassword%$#
  • 157. Network CLI Commands Reference 3-121admin(network.wan)>set pppoe keepalive enableRelated Commandsshow ip Shows the IP settings for the WAN.show pppoe Shows the PPPoE settings for the WAN.
  • 158. 3-122 WS2000 Wireless Switch System Reference Guide 3.23.3 Network WAN show Command show Network WAN Commands Shows the WAN parameters. Syntax show [ip|pppoe|mtuc] Parameters ip <idx> Shows the general IP parameters for the WAN along with settings for the WAN interface associated with <idx> (where <idx> is in the range 1–8). Note: If the WAN interface IP addresses have not been specified for <idx>, the IP and Mask values will be shown as 0.0.0.0. pppoe Shows all PPPoE settings. mtu Sets MTU size of wan interface. The minimum value is 128 bytes and maximum is 1500 bytes. Example admin(network.wan)>show ip 3 wan interface : enable ip address : 0.0.0.0 network mask : 0.0.0.0 default gateway : 192.168.24.1 dhcp mode : enable primary dns server : 209.142.0.2 secondary dns server : 209.142.0.218 admin(network.wan)>show pppoe pppoe mode : disable ip address : 0.0.0.0 default gateway : 0.0.0.0 primary dns server : 0.0.0.0 secondary dns server : 0.0.0.0 pppoe keepalive mode : disable pppoe authentication type : pap/chap pppoe idle time : 600 pppoe user name : pppoe password : ******** pppoe MSS : 1452
  • 159. Network CLI Commands Reference 3-1233.24 Network WAN App Commands app Network WAN Commands Displays the outbound content filtering submenu. Syntax admin(network.wan)> app admin(network.wan.app)> The items available under this command are shown below. Command Description Ref. addcmd Adds app control commands to the deny list. page 3-124 delcmd Deletes app control commands from the deny list. page 3-126 list Lists app control records. page 3-128 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 160. 3-124 WS2000 Wireless Switch System Reference Guide 3.24.1 Network WAN APP addcmd Command addcmd Network WAN App Commands Adds app control commands to the deny list. Syntax addcmd [web|ftp|smtp] Parameters web [file Denies access to the specified web files. <filename>.<ext>| • file <filename>.<ext> – Denies specified web file name. <filename> can be up to 15 proxy|activex] characters and “*” can be used to match any string. <ext> can be up to 10 characters (such as htm, html, or java). Up to 10 files can be specified. • proxy – Denies web proxies • activex – Denies ActiveX files ftp Denies access to the following FTP commands: [put|get|ls|mkdir|c • put – Denies access to FTP put command d|pasv] • get – Denies access to FTP get command • ls – Denies access to FTP ls command • mkdir – Denies access to FTP mkdir command • cd – Denies access to FTP cd command • pasv – Denies access to FTP pasv command smtp Denies access to the following SMTP command: [helo|mail|rcpt| • helo – Denies access to the SMTP helo command data|quit|send| • mail – Denies access to the SMTP mail command saml|rset|vrfy| expn] • rcpt – Denies access to the SMTP rcpt command • data – Denies access to the SMTP data command • quit – Denies access to the SMTP quit command • send – Denies access to the SMTP send command • saml – Denies access to the SMTP saml command • rset – Denies access to the SMTP rset command • vrfy – Denies access to the SMTP vrfy command • expn – Denies access to the SMTP expn command Example admin(network.wan.app)>addcmd ftp ? put : store command get : retrieve command ls : directory list command mkdir : create directory command cd : change directory command pasv : passive mode command
  • 161. Network CLI Commands Reference 3-125admin(network.wan.app)>addcmd ftp putadmin(network.wan.app)>addcmd ftp cdadmin(network.wan.app)>addcmd ftp pasvadmin(network.wan.app)>list ftpFTP CommandsStoring Files : denyRetrieving Files : allowDirectory List : allowCreate Directory : allowChange Directory : denyPassive Operation : denyadmin(network.wan.app)>addcmd smtp heloadmin(network.wan.app)>addcmd smtp vrfyadmin(network.wan.app)>list smtpSMTP CommandsHELO : denyMAIL : allowRCPT : allowDATA : allowQUIT : allowSEND : allowSAML : allowRESET : allowVRFY : denyEXPN : allowadmin(network.wan.app)>Related Commandsdelcmd Removes a file or command from the deny list.
  • 162. 3-126 WS2000 Wireless Switch System Reference Guide 3.24.2 Network WAN APP delcmd Command delcmd Network WAN App Commands Deletes application control commands from the deny list. Syntax delcmd [web|ftp|smtp] Parameters web [file Deletes the specified web files from the access denied list. <filename>.<ext>| • file <filename>.<ext> – Denied web file name. <filename> can be up to 15 proxy|activex] characters and “*” can be used to match any string. <ext> can be up to 10 characters (such as htm, html, or java). Up to 10 files can be specified. • proxy – Web proxies • activex – ActiveX files ftp Deletes the following FTP commands from the access denied list. [put|get|ls|mkdir|c • put – FTP put command d|pasv] • get – FTP get command • ls – FTP ls command • mkdir – FTP mkdir command • cd – FTP cd command • pasv – FTP pasv command smtp Deletes the following SMTP command from the access denied list. [helo|mail|rcpt| • helo – SMTP helo command data|quit|send| • mail – SMTP mail command saml|rset|vrfy| expn] • rcpt – SMTP rcpt command • data – SMTP data command • quit – SMTP quit command • send – SMTP send command • saml – SMTP saml command • rset – SMTP rset command • vrfy – SMTP vrfy command • expn – SMTP expn command Example admin(network.wan.app)>list ftp FTP Commands Storing Files : deny Retrieving Files : allow Directory List : allow Create Directory : allow Change Directory : deny
  • 163. Network CLI Commands Reference 3-127Passive Operation : denyadmin(network.wan.app)>delcmd ftp putadmin(network.wan.app)>delcmd ftp cdadmin(network.wan.app)>list ftpFTP CommandsStoring Files : allowRetrieving Files : allowDirectory List : allowCreate Directory : allowChange Directory : allowPassive Operation : denyadmin(network.wan.app)>list smtpSMTP CommandsHELO : denyMAIL : allowRCPT : allowDATA : allowQUIT : allowSEND : allowSAML : allowRESET : allowVRFY : denyEXPN : allowadmin(network.wan.app)>delcmd smtp heloadmin(network.wan.app)>list smtpSMTP CommandsHELO : allowMAIL : allowRCPT : allowDATA : allowQUIT : allowSEND : allowSAML : allowRESET : allowVRFY : denyEXPN : allowRelated Commandsaddcmd Adds a file or command to the deny list.
  • 164. 3-128 WS2000 Wireless Switch System Reference Guide 3.24.3 Network WAN APP list Command list Network WAN App Commands Lists the app control records. Syntax list [web|ftp|smtp] Parameters web Lists Web/HTTP app control settings. ftp Lists FTP app control settings. smtp Lists SMTP app control record. Example admin(network.wan.app)>list web HTTP Files/Commands Web Proxy : deny ActiveX : deny filename : admin(network.wan.app)>list ftp FTP Commands Storing Files : allow Retrieving Files : allow Directory List : allow Create Directory : deny Change Directory : deny Passive Operation : deny admin(network.wan.app)>list smtp SMTP Commands HELO : deny MAIL : allow RCPT : allow DATA : allow QUIT : allow SEND : allow SAML : allow RESET : allow VRFY : deny EXPN : allow admin(network.wan.app)>
  • 165. Network CLI Commands Reference 3-1293.25 Network WAN DynDNS Commands dyndns Network WAN Commands Displays the Dynamic DNS menu. DynDNS provides a facility to update the domain name information when the IP address associated with the domain name changes. Syntax admin(network.wan)> dyndns admin(network.wan.dyndns)> The items available under this command are shown below. Command Description Ref. set Sets the different Dynamic DNS parameters page 3-130 show Displays the Dynamic DNS parameters and current status page 3-131 update Manually updates the Dynamic DNS status page 3-132 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 166. 3-130 WS2000 Wireless Switch System Reference Guide 3.25.1 Network WAN DynDNS set Command set Network WAN DynDNS Commands Sets the DynDNS parameters Syntax set [mode|username|password|hostname] set mode <mode> set username <username> set password <password> set hostname <hostname> Parameters mode <mode> Enables or disables DynDNS. <mode> can be enable or disable. username <username> Sets the DynDNS user name to <username> (1-32 characters) password <password> Sets the password to <password> (1-32 characters) for the DynDNS username <username>. hostname <hostname> Sets the DynDNS server host name to <hostname> (1-32 characters). Example admin(network.wan.dyndns)>set mode enable admin(network.wan.dyndns)>set username JohnDoe admin(network.wan.dyndns)>set password JohnDoe admin(network.wan.dyndns)>set hostname motPropServ admin(network.wan.dyndns)>show DynDNS Configuration Mode : enable Username : JohnDoe Password : ******** Hostname : motPropServ DynDNS Update Response IP Address : 192.168.10.1 Hostname : motPropServ Status : Connected
  • 167. Network CLI Commands Reference 3-1313.25.2 Network WAN DynDNS show Command show Network WAN DynDNS Commands Displays the Dynamic DNS parameter information and the current status. Syntax show Parameters None Example admin(network.wan.dyndns)>show DynDNS Configuration Mode : enable Username : JohnDoe Password : ******** Hostname : motPropServ DynDNS Update Response IP Address : 192.168.10.1 Hostname : motPropServ Status : Connected
  • 168. 3-132 WS2000 Wireless Switch System Reference Guide 3.25.3 Network WAN DynDNS update Command update Network WAN DynDNS Commands Manually updates the Dynamic DNS information. Syntax update Parameters None Example admin(network.wan.dyndns)>update IP Address : 192.168.10.1 Hostname : motPropServ
  • 169. Network CLI Commands Reference 3-1333.26 Network WAN TrunkIPFPolicy Commands trunkipfpolicy Network WAN Commands Displays the Trunk IP Filter Policy submenu. Syntax admin(network.wan)>trunkipfpolicy admin(network.wan.trunkipfpolicy)> The items available under this command are shown below. Command Description Ref. add Adds Trunk Port IP Filter association table entry page 3-134 del Removes Trunk Port IP Filter association table entry page 3-135 set Sets Trunk Port IP Filter association parameters page 3-136 show Displays Trunk Port IP Filter association parameters page 3-137 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 170. 3-134 WS2000 Wireless Switch System Reference Guide 3.26.1 Network WAN TrunkIPFPolicy add Command add Network WAN TrunkIPFPolicy Commands Adds a Trunk Port IP Filter association table entry. Syntax add <filter-name> <direction> <action> Parameters <filter-name> Name of the Trunk Port Filter entry <direction> The direction for the filter <action> One of allow or deny. Example
  • 171. Network CLI Commands Reference 3-1353.26.2 Network WAN TrunkIPFPolicy del Command del Network WAN TrunkIPFPolicy Commands Deletes an entry from the Trunk Port IP Filter association table. Syntax del [all|<index>] Parameters all Removes all trunk port IP filter association table entries. <index> Remove trunk port ip filter association table entry at the index <index>. Example admin(network.wan.trunkipfpolicy)> del 1 admin(network.wan.trunkipfpolicy)>
  • 172. 3-136 WS2000 Wireless Switch System Reference Guide 3.26.3 Network WAN TrunkIPFPolicy set Command set Network WAN TrunkIPFPolicy Commands Sets the different Trunk Port IP Filter Policy configuration settings Syntax set [ipf-mode|default] set ipf-mode <mode> set default [incoming|outgoing] [allow|deny] Parameters ipf-mode <mode> Enables or disables the Trunk Port IP Filtering default Sets the default properties for incoming and outgoing direction to either allow or [incoming|outgoing] deny. [allow|deny] Example admin(network.wan.trunkipfpolicy)>show ---------------------------------------------------------------- Filter-Name Direction Action ---------------------------------------------------------------- IP Filter Mode : enable Default Incoming Action : allow Default Outgoing Action : allow admin(network.wan.trunkipfpolicy)>set default outgoing deny admin(network.wan.trunkipfpolicy)>show ------------------------------------------------------------ Filter-Name Direction Action ------------------------------------------------------------ IP Filter Mode : enable Default Incoming Action : allow Default Outgoing Action : deny
  • 173. Network CLI Commands Reference 3-1373.26.4 Network WAN TrunkIPFPolicy show Command show Network WAN TrunkIPFPolicy Commands Displays the Trunk Port IP Filter policy configuration information. Syntax show Parameters None Example admin(network.wan.trunkipfpolicy)>show ---------------------------------------------------- Filter-Name Direction Action ---------------------------------------------------- IP Filter Mode : enable Default Incoming Action : allow Default Outgoing Action : deny admin(network.wan.trunkipfpolicy)>?
  • 174. 3-138 WS2000 Wireless Switch System Reference Guide 3.27 Network WAN NAT Commands nat Network WAN Commands Displays the nat submenu. Syntax admin(network.wan)> nat admin(network.wan.nat)> The items available under this command are shown below. Command Description Ref. add Adds NAT records. page 3-139 delete Deletes NAT records. page 3-140 listt Lists NAT records. page 3-141 set Sets NAT parameters. page 3-142 show Shows NAT parameters. page 3-143 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 175. Network CLI Commands Reference 3-1393.27.1 Network WAN NAT add Command add Network WAN NAT Commands Adds NAT records. Syntax add inb <idx> <name> <tran> <port1> <port2> <ip> <dst_port> Parameters inb <idx> <name> Sets an inbound Network Address Translation (NAT) entry. <tran> <port1> • <idx> – The WAN address <port2> <ip> • <name> – The NAT entry name <dst_port> • <tran> – The transport protocol (one of cp, udp, icmp, ah, esp, gre, or all) • <port1> – The starting port number in a port range • <port2> – The ending port number in a port range • <ip> – The internal IP address • <dst_port> – The optional internal translation port Example admin(network.wan.nat)>add inb 2 special tcp 20 21 192.168.42.16 21 admin(network.wan.nat)>list inb 2 ------------------------------------------------------------------------- index name prot start port end port internal ip translation port ------------------------------------------------------------------------- 1 special tcp 20 21 192.168.42.16 21 Related Commands delete inb Deletes one of the inbound NAT entries from the list. list inb Displays the list of inbound NAT entries.
  • 176. 3-140 WS2000 Wireless Switch System Reference Guide 3.27.2 Network WAN NAT delete Command delete Network WAN NAT Commands Deletes NAT records. Syntax delete inb <idx> [<entry>|all] Syntax: inb <idx> [<entry>|all] Deletes a NAT table entry. • <idx> – The WAN index (1–8) • <entry> – The NAT entry (1–20) • all – All NAT entries associated with the WAN <idx> (1–8) Example admin(network.wan.nat)>list inb 2 ------------------------------------------------------------------------- index name prot start port end port internal ip translation port ------------------------------------------------------------------------- 1 special tcp 20 21 192.168.42.16 21 admin(network.wan.nat)>delete inb 2 all ^ admin(network.wan.nat)>list inb 2 ------------------------------------------------------------------------- index name prot start port end port internal ip translation port ------------------------------------------------------------------------- Related Commands add inb Adds entries to the list of inbound NAT entries. list inb Displays the list of inbound NAT entries.
  • 177. Network CLI Commands Reference 3-1413.27.3 Network WAN NAT list Command list Network WAN NAT Commands Lists NAT records. Syntax list inb <idx> Parameters list inb <idx> Lists the inbound NAT entries associated with WAN port <idx> (1–8). Example admin(network.wan.nat)>add inb 2 special tcp 20 21 192.168.42.16 21 admin(network.wan.nat)>list inb 2 ------------------------------------------------------------------------- index name prot start port end port internal ip translation port ------------------------------------------------------------------------- 1 special tcp 20 21 192.168.42.16 21 Related Commands delete inb Deletes one of the inbound NAT entries from the list. add inb Adds entries to the list of inbound NAT entries.
  • 178. 3-142 WS2000 Wireless Switch System Reference Guide 3.27.4 Network WAN NAT set Command set Network WAN NAT Commands Sets NAT inbound and outbound parameters. Syntax set [inb|outb|type] Parameters inb [mode|ip] Sets the inbound NAT parameters. • mode <idx> <mode> – Sets the inbound NAT mode for the WAN with index <idx> (1–8). <mode> can be one of enable or disable. • ip <idx> <a.b.c.d> – Forward unspecified ports and to the IP <a.b.c.d> for the WAN with index <idx> (1–8). outb [ip|map] Sets the outbound NAT parameters. • ip <idx> <a.b.c.d> – Sets 1-to-1 NAT IP mapping entries where <idx> (1–8) is the index of the WAN to the ip address <a.b.c.d>. • map <from> <to> – Sets 1-to-many NAT mapping entries where <from> is one of s1, s2, s3, s4, s5, and s6. <to> is the Wan index (1–8) or none. type <idx> <type> Sets the type of NAT translation for WAN address index <idx> (1–8) to one of none, 1-to-1, or 1-to-many. Example admin(network.wan.nat)>set type 1 1-to-1 admin(network.wan.nat)>set outb ip 1 209.239.44.36 admin(network.wan.nat)>set inb mode 1 enable admin(network.wan.nat)>show nat 1 nat type : 1-to-1 one to one nat ip address : 209.239.44.36 port forwarding mode : enable port forwarding ip address : 0.0.0.0 one to many nat mapping : subnet1 subnet2 subnet3 subnet4 _
  • 179. Network CLI Commands Reference 3-1433.27.5 Network WAN NAT show Command show Network WAN NAT Commands Shows NAT parameters. Syntax show nat <idx> Parameters show nat <idx> Shows NAT settings for WAN <idx> (1–8). Example admin(network.wan.nat)>set inb mode 1 enable admin(network.wan.nat)>show nat 1 nat type : 1-to-1 one to one nat ip address : 209.239.44.36 port forwarding mode : enable port forwarding ip address : 0.0.0.0 one to many nat mapping : subnet1 subnet2 subnet3 subnet4
  • 180. 3-144 WS2000 Wireless Switch System Reference Guide 3.28 Network WAN VPN Commands vpn Network WAN Commands Displays the VPN submenu. Syntax admin(network.wan)> vpn admin(network.wan.vpn)> The items available under this command are shown below. Command Description Ref. cmgr Goes to the cmgr (Certificate Manager) submenu. page 3-156 add Adds an security policy database (SPD) entry. page 3-145 set Sets SPD parameters. page 3-150 list Lists SPD entries. page 3-148 delete Deletes SPD entries. page 3-146 stats Lists statistics for all active tunnels. page 3-155 ikestate Lists statistics for all active tunnels. page 3-147 reset Resets all VPN tunnels. page 3-149 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 181. Network CLI Commands Reference 3-1453.28.1 Network WAN VPN add Command add Network WAN VPN Commands Adds a security policy database (SPD) entry. Syntax add <name> <LSubnet> <LWANIP> <RSubnetIP> <RSubnetMask> <RGatewayIP> Parameters <name> <LSubnet> <LWanIP> <RSubnetIP> <RSubnetMask> <RGatewayIP> Creates a tunnel named <name> (1 to 13 characters) to gain access to local subnet <LSubnet> (1, 2, 3, 4, 5, 6), through local WAN IP <LWanIP> from the remote subnet with address <RSubnetIP> and subnet mask <RSubnetMask> using the remote gateway <RGatewayIP>. The local WAN IP can be set to 0.0.0.0 for a DHCP client. Any IP address obtained from the DHCP server is then used to initiate the VPN tunnel. The VPN peer must set it’s Remote Gateway address to 0.0.0.0 to indicate an IP value of ANY and shall operate as a responder only. Example admin(network.wan.vpn)>add Bob 1 209.239.160.55 206.107.22.45 255.255.255.224 206.107.22.2 If tunnel type is Manual, proper SPI values and Keys must be configured after adding the tunnel admin(network.wan.vpn)>list ------------------------------------------------------------------------ Tunnel Name Type Remote IP/Mask Remote Gateway Local WAN IP Subnet ------------------------------------------------------------------------- Eng2EngAnnex Manual 192.168.32.2/24 192.168.33.1 192.168.24.198 1 Bob Manual 206.107.22.45/27 206.107.22.2 209.239.160.55 1 admin(network.wan.vpn)>
  • 182. 3-146 WS2000 Wireless Switch System Reference Guide 3.28.2 Network WAN VPN delete Command delete Network WAN VPN Commands Deletes security policy database (SPD) entries. Syntax delete [*|<name>] Parameters * Deletes all SPD entries. <name> Deletes SPD entries named <name>. Example admin(network.wan.vpn)>list ------------------------------------------------------------------------- Tunnel Name Type Remote IP/Mask Remote Gateway Local WAN IP Subnet ------------------------------------------------------------------------- Eng2EngAnnex Manual 192.168.32.2/24 192.168.33.1 192.168.24.198 1 Bob Manual 206.107.22.45/27 206.107.22.2 209.239.160.55 1 admin(network.wan.vpn)>delete Bob admin(network.wan.vpn)>list ------------------------------------------------------------------------- Tunnel Name Type Remote IP/Mask Remote Gateway Local WAN IP Subnet ------------------------------------------------------------------------- Eng2EngAnnex Manual 192.168.32.2/24 192.168.33.1 192.168.24.198 1 admin(network.wan.vpn)>
  • 183. Network CLI Commands Reference 3-1473.28.3 Network WAN VPN ikestate Command ikestate Network WAN VPN Commands Displays statistics for all active tunnels using Internet Key Exchange (IKE). In particular, the table indicates whether IKE is connected for any of the tunnels, it provides the destination IP address, and the remaining lifetime of the IKE key. Syntax ikestate Parameters None Example admin(network.wan.vpn)>ikestate ---------------------------------------------------------------------- Tunnel Name IKE State Dest IP Remaining Life ---------------------------------------------------------------------- Eng2EngAnnex Not Connected ---- --- Bob Not Connected ---- --- admin(network.wan.vpn)>
  • 184. 3-148 WS2000 Wireless Switch System Reference Guide 3.28.4 Network WAN VPN list Command list Network WAN VPN Commands Lists security policy database (SPD) entries. Syntax list {<name>} Parameters Lists all tunnel entries. <name> Lists detailed information about tunnel named <name>. Note that the <name> must match case with the name in the SPD entry. “Bob” is not equal to “bob”, as shown in the example below. Example admin(network.wan.vpn)>list ------------------------------------------------------------------------- Tunnel Name Type Remote IP/Mask Remote Gateway Local WAN IP Subnet ------------------------------------------------------------------------- Eng2EngAnnex Manual 192.168.32.2/24 192.168.33.1 192.168.24.198 1 Bob Manual 206.107.22.45/27 206.107.22.2 209.239.160.55 1 admin(network.wan.vpn)>list bob bad index value admin(network.wan.vpn)>list Bob ------------------------------------------------------------------------- Detail listing of VPN entry: ------------------------------------------------------------------------- Name : Bob Local Subnet : 1 Tunnel Type : Manual Remote IP : 206.107.22.45 Remote IP Mask : 255.255.255.224 Remote Security Gateway : 206.107.22.2 Local Security Gateway : 209.239.160.55 AH Algorithm : None Encryption Type : ESP Encryption Algorithm : DES ESP Inbound SPI : 0x00000100 ESP Outbound SPI : 0x00000100
  • 185. Network CLI Commands Reference 3-1493.28.5 Network WAN VPN reset Command reset Network WAN VPN Commands Resets all VPN tunnels. Syntax reset Parameters None Example admin(network.wan.vpn)>reset VPN tunnels reset. admin(network.wan.vpn)>
  • 186. 3-150 WS2000 Wireless Switch System Reference Guide 3.28.6 Network WAN VPN set Command set Network WAN VPN Commands Sets security policy database (SPD) entry parameters. Syntax set [ike|type|sub|remip|remmask|remgw|authalgo|espauthalgo|enckey|espauthkey| spi| localgw|usepfs|pfsgrp|salife|ipsecdel|auto-initiation| auto-initiate-interval] set ike [myidtype|remidtype|myiddata|opmode|authtype|authalgo|psk| encalgo|lifetime|group] set ike myidtype <name> <idtype> set ike remidtype <name> <idtype> set ike myiddata <name> <idtype> set ike opmode <name> <opmode> set ike authtype <name> <authtype> set ike authalgo <name> <authalgo> set ike psk <name> <psk> set ike encalgo <name> <encalgo> set ike lifetime <name> <lifetime> set ike group <name> <group> set type <name> <type> set sub <name> <sub> set remip <name> <remip> set remmask <name> <remmask> set remgw <name> <remgw> set authalgo <name> <auth> set enctype <name> <enctype> set encalgo <name> <encalgo> set espauthalgo <name> <espauthalgo> set enckey <name> <direction> <enckey> set espauthkey <name> <direction> <espauthkey> set spi <name> <algo> <direction> <spi> set localgw <name> <localgw> set usepfs <name> <usepfs> set pfsgrp <name> <pfsgrp> set salife <name> <lifetime>
  • 187. Network CLI Commands Reference 3-151set ipsecdel <name> <mode>set auto-initiation <name> <mode>set auto-initiate-interval <interval>Parametersike myidtype <name> Sets the Local ID type for IKE authentication for SPD <name> (1 to 13 characters)<idtype> to <idtype> (one of IP, FQDN, or UFQDN).ike remidtype <name> Sets the Remote ID type for IKE authentication for SPD <name> (1 to 13<idtype> characters) to <idtype> (one of IP, FQDN, or UFQDN).ike myiddata <name> Sets the Local ID data for IKE authentication for SPD <name> (1 to 13 characters)<iddata> to <iddata>. This value is not required when the ID type is set to IP.ike remiddata <name> Sets the Remote ID data for IKE authentication for SPD <name> (1 to 13<iddata> characters) to <idtype>.ike opmode <name> Sets the Operation Mode of IKE for SPD <name> (1 to 13 characters) to 4.<opmode> <opmode> can be one of Main or Aggr(essive).ike authtype <name> Sets the IKE Authentication type for SPD <name> (1 to 13 characters) to<authtype> <authtype> (one of PSK or RSA).ike authalgo <name> Sets the IKE Authentication Algorithm for SPD <name> (1 to 13 characters) to<authalgo> <authalgo>. <authalgo> can be either MD5 or SHA1.ike psk <name> <psk> Sets the IKE Pre-Shared Key for SPD <name> (1 to 13 characters) to <psk> (1–49 characters).ike encalgo <name> Sets the IKE Encryption Algorithm for SPD <name> (1 to 13 characters) to<encalgo> <encalgo> (one of DES, 3DES, AES128, AES192, or AES256).ike lifetime <name> Sets the IKE Key life time in seconds for SPD <name> (1 to 13 characters) to<lifetime> <lifetime> seconds.ike group <name> Sets the IKE Diffie-Hellman Group for SPD <name> (1 to 13 characters) to<group> <group> (one of G768 or G1024)type <name> <type> Sets the authentication type of SPD <name> (1 to 13 characters) to <type> (Auto or Manual).sub <name> <sub> Sets the Local Subnet (1, 2, 3, 4, 5 or 6) for SPD <name> (1 to 13 characters) to subnet number <sub> (1, 2, 3, 4, 5 or 6).remip <name> <remip> Sets the IP address for the remote end of SPD <name> (1 to 13 characters) to remote ip <remip> (a.b.c.d).remmask <name> Sets the IP Mask for the remote end of SPD <name> (1 to 13 characters) to<remmask> <remmask> (a.b.c.d).remgw <name> Sets the Remote IP gateway for SPD <name> (1 to 13 characters) to be <remgw><remgw> (a.b.c.d). Set this value to 0.0.0.0 to support tunneling to VPN peer which is a DHCP client.authalgo <name> Sets the authentication algorithm for SPD <name> (1 to 13 characters) to<authalgo> <authalgo> (one of None, MD5, or SHA1).
  • 188. 3-152 WS2000 Wireless Switch System Reference Guide authkey <name> Sets the AH authentication key (if SPD type is Manual) for tunnel <name> (1 to 13 <direction> <authkey> characters) with the direction <direction> set to IN or OUT, and the manual authentication key set to <authkey>. (The key size is 32 hex characters for MD5, and 40 hex characters for SHA1). enctype <name> Sets the Encryption type for SPD <name> (1 to 13 characters) to <enctype> (one <enctype> of None, ESP, or ESP-AUTH). encalgo <name> Sets the Encryption Algorithm for SPD <name> (1 to 13 characters) to <encalgo> <encalgo> (one of DES, 3DES, AES128, AES192, or AES256). espauthalgo <name> Sets ESP Authentication Algorithm for SPD <name> to <espauthalgo> (one of <espauthalgo> MD5 or SHA1). enckey <name> Sets the Manual Encryption Key in ASCII for SPD <name> and direction <direction> <enckey> <direction> (IN or OUT) to the key <enckey>. The size of the key depends on the encryption algorithm. - 16 hex chars for DES - 48 hex chars for 3DES - 32 hex chars for AES128 - 48 hex chars for AES192 - 64 hex chars for AES256 espauthkey <name> Sets Manual ESP Authentication Key for SPD <name> (1 to 13 characters) either <direction> for direction <direction> (IN or OUT) to <espauthkey>, an ASCII string of hex <espauthkey> characters. If authalgo is set to MD5, the provide 32 hex characters. If authalgo is set to SHA1, provide 40 hex characters. spi <name> <algo> Sets the direction <direction> (IN(bound) or OUT(bound)) SPI for <algo> (AUTH <direction> <spi> (Manual Authentication) or ESP) for SPD <name> (1 to 13 characters) to <spi> (a hex value more than 0xFF). localgw <name> <ip> Sets the Local WAN IP to <ip> (a.b.c.d) for a SPI <name> (1 to 13 characters). The local WAN IP (local gateway) can be set to 0.0.0.0 for a DHCP client. Any IP address obtained from the DHCP server is then used to initiate the VPN tunnel. The VPN peer must set it’s Remote Gateway address to 0.0.0.0 to indicate an IP value of ANY and shall operate as a responder only. usepfs <name> Enables or disables Perfect Forward Secrecy for SPD <name> (1 to 13 characters). <usepfs> salife <name> <life Sets SA life time to <lifetime> seconds (minimum 300). time> ipsecdel <name> Enables the deletion of IPSEC SA when IKE SA is deleted for the tunnel named <mode> <name> (1 to 13 characters). auto-initiation <name> Enables / disables auto-initiation by WS2000 for the tunnel named <name> (1 to <mode> 13 characters). auto-initiate-interval Sets the time duration between two consecutive auto-initiation attempts. This <time> time duration is in seconds. Example admin(network.wan.vpn)>list Bob ------------------------------------------------------------------------- Detail listing of VPN entry: ------------------------------------------------------------------------ Name : Bob Local Subnet : 1
  • 189. Network CLI Commands Reference 3-153Tunnel Type : ManualRemote IP : 206.107.22.45Remote IP Mask : 255.255.255.224Remote Security Gateway : 206.107.22.2Local Security Gateway : 209.239.160.55AH Algorithm : NoneEncryption Type : ESPEncryption Algorithm : DESESP Inbound SPI : 0x00000100ESP Outbound SPI : 0x00000100admin(network.wan.vpn)>set usepfs Bob enableadmin(network.wan.vpn)>set spi Bob ESP IN abcdeadmin(network.wan.vpn)>set spi Bob ESP OUT cdef23admin(network.wan.vpn)>list Bob-------------------------------------------------------------------------Detail listing of VPN entry:-------------------------------------------------------------------------Name : BobLocal Subnet : 1Tunnel Type : ManualRemote IP : 206.107.22.45Remote IP Mask : 255.255.255.224Remote Security Gateway : 206.107.22.2Local Security Gateway : 209.239.160.55AH Algorithm : NoneEncryption Type : ESPEncryption Algorithm : DESESP Inbound SPI : 0x000ABCDEESP Outbound SPI : 0x00CDEF23admin(network.wan.vpn)>set authalgo Bob MD5admin(network.wan.vpn)>list Bob-------------------------------------------------------------------------Detail listing of VPN entry:------------------------------------------------------------------------Name : BobLocal Subnet : 1Tunnel Type : ManualRemote IP : 206.107.22.45Remote IP Mask : 255.255.255.224Remote Security Gateway : 206.107.22.2Local Security Gateway : 209.239.160.55AH Algorithm : MD5Encryption Type : ESPEncryption Algorithm : DESAuth Inbound SPI : 0x00000100Auth Outbound SPI : 0x00000100ESP Inbound SPI : 0x000ABCDEESP Outbound SPI : 0x00CDEF23admin(network.wan.vpn)>set authkey Bob IN12345678901234567890123456789012admin(network.wan.vpn)>set authkey Bob OUT11111111112222222222333333333344admin(network.wan.vpn)>set spi Bob AUTH IN 2233445admin(network.wan.vpn)>set spi Bob AUTH OUT 33344admin(network.wan.vpn)>list Bob-------------------------------------------------------------------------
  • 190. 3-154 WS2000 Wireless Switch System Reference Guide Detail listing of VPN entry: ------------------------------------------------------------------------ Name : Bob Local Subnet : 1 Tunnel Type : Manual Remote IP : 206.107.22.45 Remote IP Mask : 255.255.255.224 Remote Security Gateway : 206.107.22.2 Local Security Gateway : 209.239.160.55 AH Algorithm : MD5 Encryption Type : ESP Encryption Algorithm : DES Auth Inbound SPI : 0x02233445 Auth Outbound SPI : 0x00033344 ESP Inbound SPI : 0x000ABCDE ESP Outbound SPI : 0x00CDEF23
  • 191. Network CLI Commands Reference 3-1553.28.7 Network WAN VPN stats Command stats Network WAN VPN Commands Lists statistics for all active tunnels. Syntax stats Parameters None Example admin(network.wan.vpn)>stats ------------------------------------------------------------------------ Tunnel Name Status SPI(OUT/IN) Life Time Bytes(Tx/Rx) ------------------------------------------------------------------------ Eng2EngAnnex Not Active Bob Not Active
  • 192. 3-156 WS2000 Wireless Switch System Reference Guide 3.29 Network WAN VPN Cmgr Commands cmgr Network WAN VPN Commands Displays to the Certificate Manager submenu. Syntax admin(network.wan.vpn)> cmgr admin(network.wan.vpn.cmgr)> The items available under this command are shown below. Command Description Ref. genreq Generates a Certificate Request. page 3-162 loadca Loads a trusted certificate from CA. page 3-167 loadself Loads a self certificate signed by CA. page 3-168 showreq Displays a certificate request in PEM format. page 3-169 listprivkey Lists names of private keys. page 3-165 listself Lists the self certificate loaded. page 3-166 listca Lists the trusted certificate loaded. page 3-164 delprivkey Deletes the private key. page 3-158 delself Deletes the self certificate. page 3-159 delca Deletes the trusted certificate. page 3-157 expcert Exports the certificate file. page 3-160 impcert Imports the certificate file. page 3-163 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 193. Network CLI Commands Reference 3-1573.29.1 Network WAN VPN Cmgr delca Command delca Network WAN VPN Commands Deletes a trusted certificate. Syntax delca <IDname> Parameters <IDname> Deletes the trusted certificate <IDname>. Example admin(network.wan.vpn.cmgr)>delca CAfinance admin(network.wan.vpn.cmgr)>
  • 194. 3-158 WS2000 Wireless Switch System Reference Guide 3.29.2 Network WAN VPN Cmgr delprivkey Command delprivkey Network WAN VPN Commands Deletes a private key. Syntax delprivkey <IDName> Parameters <IDname> The key name to be deleted. Example admin(network.wan.vpn.cmgr)>delprivkey <IDname> admin(network.wan.vpn.cmgr)>
  • 195. Network CLI Commands Reference 3-1593.29.3 Network WAN VPN Cmgr delself Command delself Network WAN VPN Cmgr Commands Deletes a self certificate. Syntax delself <IDName> Parameters <IDname> The name of the self certificate to be deleted. Example admin(network.wan.vpn.cmgr)>delself<IDname> admin(network.wan.vpn.cmgr)>
  • 196. 3-160 WS2000 Wireless Switch System Reference Guide 3.29.4 Network WAN VPN Cmgr expcert Command expcert Network WAN VPN Cmgr Commands Exports the certificate file. Syntax expcert [ftp|tftp] <filename> Parameters [ftp|tftp] <file name> Exports the certificate with specified filename <file name> by either ftp or tftp. The tftp or ftp options for this file transfer will use the settings for the configuration file settings. See System Config set Command for information on how to set the tftp/ftp options. Example admin(system.config)>set server 192.168.22.12 admin(system.config)>set user myadmin admin(system.config)>set passwd admin(network.wan.vpn.cmgr)>expcert ftp mycertificate admin(network.wan.vpn.cmgr)> Related Commands impcert Imports a certificate.
  • 197. Network CLI Commands Reference 3-1613.29.5 Network WAN VPN Cmgr export-req Command export-req Network WAN VPN Cmgr Commands Exports the private key ID name to a file. The exported file will be in the same directory as used for importing or exporting configuration files. Syntax export-req ftp <idname> <filename> Parameters ftp <idname> Exports the private key ID name to a file. This file is exported to the same <filename> directory as used for exporting or importing configuration files. Example admin(network.wan.vpn.cmgr)> export-req ftp key1 filekey1
  • 198. 3-162 WS2000 Wireless Switch System Reference Guide 3.29.6 Network WAN VPN Cmgr genreq Command genreq Network WAN VPN Cmgr Commands Generates a Certificate Request. Syntax genreq <IDName> <subject> {-ou <Organization Unit>} {-on <Organization Name>} {-cn <City Name>} {-st <State>} {-p <Postal Code>} {-cc <Country Code>} {-e <Email Address>} { -d <Domain Name>} {-i <IP Address>} {-sa <Signature Algorithm>} {-k <Key Size>} Syntax: genreq Generates a self-certificate request for a Certification Authority (CA), where <IDname> is <IDname> the private key ID (up to 7 characters) and <subject> is the subject name (up to 49 <Subject> characters). A number of optional arguments can also be specified as indicated below. ...optional arguments... -ou <Organization Unit> Organization Unit (1 to 49 chars) -on <Organization Name> Organization Name (1 to 49 chars) -cn <City Name> City Name of Organization (1 to 49 chars) -st <State> State Name (1 to 49 chars) -p <Postal Code> Postal code (9 digits) -cc <Country Code> Country code (2 chars) -e <Email Address> E-mail Address (1 to 49 chars) -d <Domain Name> Domain Name (1 to 49 chars) -i <IP Address> IP Address (a.b.c.d) -sa <Signature Algorithm> Signature Algorithm (one of MD5-RSA or SHA1-RSA) -k <Key Size> Key size in bits (one of 512, 1024, or 2048)Note: The parameters in {curly brackets} are optional. Check with the CA to determine what fields are necessary. For example,most CAs require an email address and an IP address, but not the address of the organization. Example admin(network.wan.vpn.cmgr)>genreq MyCert2 MySubject -ou MyDept -on MyCompany Please wait. It may take some time... -----BEGIN CERTIFICATE REQUEST----- MIHzMIGeAgEAMDkxEjAQBgNVBAoTCU15Q29tcGFueTEPMA0GA1UECxMGTXlEZXB0 MRIwEAYDVQQDEwlNeVN1YmplY3QwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAtKcX plKFCFAJymTFX71yuxY1fdS7UEhKjBsH7pdqnJnsASK6ZQGAqerjpKScWV1mzYn4 1q2+mgGnCvaZUlIo7wIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQCClQ5LHdbG/C1f Bj8AszttSo/bA4dcX3vHvhhJcmuuWO9LHS2imPA3xhX/d6+Q1SMbs+tG4RP0lRSr iWDyuvwx -----END CERTIFICATE REQUEST-----
  • 199. Network CLI Commands Reference 3-1633.30 Network WAN VPN Cmgr impcert Command impcert Network WAN VPN Cmgr Commands Imports the certificate file. Syntax impcert <type> <filename> Parameters [ftp|tftp] <filename> Imports the certificate with specified filename <file name> by either ftp or tftp. The tftp or ftp options for this file transfer will use the settings for the configuration file settings. See System Config set Command for information on how to set the tftp/ftp options. Example admin(system.config)>set server 192.168.22.12 admin(system.config)>set user myadmin admin(system.config)>set passwd admin(network.wan.vpn.cmgr)>impcert ftp mycertificate admin(network.wan.vpn.cmgr)> Related Commands expcert Exports a certificate.
  • 200. 3-164 WS2000 Wireless Switch System Reference Guide 3.30.1 Network WAN VPN Cmgr listca Command listca Network WAN VPN Cmgr Commands Lists the loaded trusted certificate. Syntax listca Parameters None Example admin(network.wan.vpn.cmgr)>listca Trusted Certificate List:
  • 201. Network CLI Commands Reference 3-1653.30.2 Network WAN VPN Cmgr listprivkey Command listprivkey Network WAN VPN Cmgr Commands Lists the names of private keys. Syntax listprivkey Parameters None Example admin(network.wan.vpn.cmgr)>listprivkey ------------------------------------------------------------------------- Private Key Name Certificate Associated -------------------------------------------------------------------------
  • 202. 3-166 WS2000 Wireless Switch System Reference Guide 3.30.3 Network WAN Vpn Cmgr listself Command listself Network WAN VPN Cmgr Commands Lists the loaded self certificates. Syntax listself Parameters None Example admin(network.wan.vpn.cmgr)>listself Self Certificate List:
  • 203. Network CLI Commands Reference 3-1673.30.4 Network WAN VPN Cmgr loadca Command loadca Network WAN VPN Cmgr Commands Loads a trusted certificate from the Certificate Authority. Syntax loadca {ftp <filename>} Parameters loadca Loads the trusted certificate (in PEM format) that is pasted into the command line. ftp <filename> – (Optional parameter) Loads a CA certificate from a FTP server. <filename> is the name of the certificate file to load. The default path for loading the file is the same as used for importing or exporting configuration files. Example admin(network.wan.vpn.cmgr)>loadca ftp cert1 Starting file transfer ... Certificate transferred successfully admin(network.wan.vpn.cmgr)>loadca Currently Only certificates in PEM format can be uploaded Enter Ctrl C to abort. Paste the certificate:
  • 204. 3-168 WS2000 Wireless Switch System Reference Guide 3.30.5 Network WAN VPN Cmgr loadself Command loadself Network WAN VPN Cmgr Commands Loads a self certificate signed by the Certificate Authority. Syntax loadself [<IDname>|ftp <IDname> <filename>] Parameters <IDname> Loads the self certificate signed by the CA with name <IDname>. ftp <IDname> Loads the self certificate <IDName> from a file <filename> on an FTP server. The <filename> certificate file is loaded from the same directory as used for importing or exporting configuration files. Example admin(network.wan.vpn.cmgr)> loadself ftp MyCert mycert.cert Starting file transfer ... admin(network.wan.vpn.cmgr)> admin(network.wan.vpn.cmgr)>loadself MyCert Currently Only certificates in PEM format can be uploaded. Paste the certificate:
  • 205. Network CLI Commands Reference 3-1693.30.6 Network WAN VPN Cmgr showreq Command showreq Network WAN VPN Cmgr Commands Displays a certificate request in PEM format. Syntax showreq <IDname> Parameters showreq Displays a certificate request named <IDname> generated from the genreq command. <IDname>
  • 206. 3-170 WS2000 Wireless Switch System Reference Guide 3.31 Network WLAN Commands wlan network Displays the WLAN submenu. Syntax admin(network)> wlan admin(network.wlan)> The items available under this command are shown below. Command Description Ref. add Adds MU access control list entries. page 3-171 delete Deletes MU access control list entries. page 3-172 list Lists MU access control list entries. page 3-173 rogueap Goes to the rogue AP submenu. page 3-181 enhancedrogueap Goes to the Enhanced Rogue AP submenu. page 3-207 muprobe Goes to the MU Probe submenu page 3-210 hotspot Goes to the Hotspot submenu page 3-213 wlanipfpolicy Goes to WLAN IPF policy submenu. page 3-226 set Sets WLAN parameters. page 3-174 show Shows WLAN parameters. page 3-179 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 207. Network CLI Commands Reference 3-1713.31.1 Network WLAN add Command add Network WLAN Commands Adds entries to the mobile unit (MU) access control list. Syntax add <idx> <mac1> <mac2> <name> Parameters <idx> <mac1> <mac2> Adds an entry to the MU access control list, where <idx> is the WLAN <name> index (1–8), <mac1> is the starting MAC address (e.g., 001122334455), and <mac2> is ending MAC address in the acceptable range. <name> is the name of the MU ACL. Example admin(network.wlan)>add 1 000000000000 112233445566 admin(network.wlan)>list 1 ------------------------------------------------------------------------ index start mac end mac ------------------------------------------------------------------------ 1 000000000000 112233445566 admin(network.wlan)> Related Commands delete Deletes entries from the MU access control list. list Shows entries in the MU access control list.
  • 208. 3-172 WS2000 Wireless Switch System Reference Guide 3.31.2 Network WLAN delete Command delete Network WLAN Commands Deletes specified entry or entries from mobile unit (MU) access control list. Syntax delete <idx> [<entry>|all] Parameters <idx> [<entry>|all] Deletes MU ACL entries. • <entry> – Deletes MU access control list entry <entry> (1–30) for WLAN <idx> (1–8). • all – Deletes all access control list entries for the WLAN specified by <idx>. Example admin(network.wlan)>add 1 223344556677 334455667788 admin(network.wlan)>list 1 ------------------------------------------------------------------------ index start mac end mac ------------------------------------------------------------------------ 1 000000000000 112233445566 2 223344556677 334455667788 admin(network.wlan)>delete 1 2 admin(network.wlan)>list 1 ------------------------------------------------------------------------- index start mac end mac ------------------------------------------------------------------------ 1 000000000000 112233445566 admin(network.wlan)> Related Commands add Adds entries to the MU access control list. list Displays entries in the MU access control list.
  • 209. Network CLI Commands Reference 3-1733.31.3 Network WLAN list Command list Network WLAN Commands Lists the entries in the mobile unit (MU) access control list. Syntax list <idx> Parameters list <idx> Displays the entries in the MU access control list for WLAN <idx> (1–8). Example admin(network.wlan)>list 1 ------------------------------------------------------------------------- index start mac end mac ------------------------------------------------------------------------- 1 000000000000 112233445566 Related Commands add Adds entries to the MU access control list. delete Deletes entries from the MU access control list.
  • 210. 3-174 WS2000 Wireless Switch System Reference Guide 3.31.4 Network WLAN set Command set Network WLAN Commands Sets WLAN parameters. Syntax set [acl|adopt|auth|bcast|eap|enc|ess|kerb|mcast|mode|name| vlan-id|no-mu-mu|vop|tkip|ccmp|wep-mcm|mu-inact|wep_shared| handshake-timeout|handshake-retry-count|secure-beacon|enforce-pmk- validation|wireless-stp] set [acl|adopt|bcast] <idx> <mode> set auth <idx> <type> set eap [adv|server|port|syslog|rad-acct|reauth|secret| rad-bind-interface] set eap adv [mu-quite|mu-tx|mu-timeout|mu-retry| server-timeout|server-retry] set eap adv [mu-quite|mu-tx] <idx> <period> set eap adv [mu-timeout|server-timeout] <idx> <timeout> set eap adv [mu-retry|server-retry] <idx> <retry> set eap server <a> <b> <c> set eap port <a> <b> <c> set eap syslog [ip|mode] set eap syslog ip <a> <b> set eap syslog mode <idx> <mode> set eap rad-acct [mode|timeout|retry-count] set eap rad-acct mode <idx> <mode> set eap rad-acct timeout <idx> <timeout> set eap rad-acct retry-count <idx> <retry> set eap reauth mode <idx> <mode> set eap reauth period <idx> <period> set eap reauth retry <idx> <retry> set eap secret <a> <b> <c> set eap rad-bind-interface <idx> <server> <interface> set enc <idx> <type> set ess <idx> <ess> set kerb [passwd|port|realm|server|user] set kerb passwd <idx> <passwd> set kerb port <a> <b> <c> set kerb realm <idx> <realm> set kerb server <a> <b> <c> set kerb user <idx> <name> set mcast <widx> <midx> <mac> set [mode|no-mu-mu|vop] <idx> <mode> set name <idx> <name> set vlan-id <idx> <vlan-id>
  • 211. Network CLI Commands Reference 3-175set tkip [key|type|phrase|rotate-mode|interval|wpa2|preauth|pmk]set tkip key <idx> <key>set tkip type <idx> <type>set tkip phrase <idx> <phrase>set tkip [rotate-mode|wpa2|preauth|pmk] <idx> <mode>set tkip interval <idx> <interval>set ccmp [key|type|phrase|rotate-mode|interval|mixed-mode|preauth|opp-pmk]set ccmp key <idx> <key>set ccmp type <idx> <type>set tkip phrase <idx> <phrase>set tkip [rotate-mode|mixed-mode|preauth|opp-pmk] <idx> <mode>set tkip interval <idx> <interval>set wep-mcm [index|key]set wep-mcm index <a> <b>set wep-mcm key <a> <b> <c>set mu-inact <timeout>set wep_shared <mode>set handshake-timeout <idx> <timeout>set handshake-retry-count <idx> <retry-count>Parametersacl <idx> <mode> Sets the default MU access control mode <mode> to allow or deny for WLAN <idx> (1–8).adopt <idx> <mode> Sets default Access Port adoption mode <mode> to allow or deny for WLAN <idx> (1–8).auth <idx> <type> Sets the authentication type for WLAN <idx> (1–8) to <type> (none, eap, or kerberos). Note: EAP parameters are only in effect if “eap” is specified for the authentication method (set auth <idx> <type>).bcast <idx> <mode> Enables or disables the broadcast ESS answer for the WLAN <idx> (1– 8).eap adv mu-quiet <idx> Sets the EAP MU/supplicant quiet period for WLAN <idx> (1–8) to<period> <period> seconds (1–65535).eap adv mu-tx <idx> <period> Sets the EAP MU/supplicant TX period for WLAN <idx> (1–8) to <period> seconds (1–65535).eap adv mu-timeout <idx> Sets the EAP MU/supplicant timeout for WLAN <idx> (1–8) to <timeout><timeout> seconds (1–255).eap adv mu-retry <idx> <retry> Sets the EAP maximum number of MU retries to <retry> (1–10) for WLAN <idx> (1–8).eap adv server-timeout <idx> Sets the server timeout for WLAN <idx> (1–8) to <timeout> seconds (1–<timeout> 255).eap adv server-retry <idx> Sets the maximum number of server retries for WLAN <idx> (1–8) to<retry> <retry> (1–10).
  • 212. 3-176 WS2000 Wireless Switch System Reference Guide eap server <idx> <rsidx> <ip> Sets the RADIUS server <rsidx> (1-primary or 2-secondary) for WLAN <idx> (1–8) to IP address <ip>. eap port <idx> <rsidx> <port> Sets the RADIUS server <rsidx> (1-primary or 2-secondary) for WLAN <idx> (1–8) to <port>. eap rad-acct mode <idx> Enables/disables RADIUS accounting for WLAN <idx> (1–8). <mode> eap rad-acct retry-count <idx> Sets RADIUS accounting retry count to <count> (1–10) for WLAN <idx> <count> (1–8). eap rad-acct timeout <idx> Sets RADIUS accounting retry timeout to <time> seconds (1–255) for <time> WLAN <idx> (1–8). 0 indicates no timeout. eap rad-bind-interface <idx> Binds the RADIUS server type <server> (1 - Primary, 2 - Secondary) to the <server> <interface> interface <interface> (one of s1-s6, w, none - s1- Subnet 1, s2-subnet 2, ...s6-Subnet 6, w-wan) for the WLAN <idx> (1–8). eap reauth mode <idx> enable/ Enables or disables the EAP reauthentication parameters for WLAN <idx> disable (1–8). eap reauth period <idx> Sets the reauthentication period for WLAN <idx> (1–8) to <period> <period> seconds (30–9999). eap reauth retry <idx> <retry> Sets the maximum number of reauthentication retries to <retry> (1–99) for WLAN <idx> (1–8). eap secret <idx> <rsidx> Sets the EAP shared secret <secret> (1–127 characters) for server <secret> <rsidx> (1-primary or 2-secondary) on WLAN <idx> (1–8). Note: Kerberos parameters are only in effect if “kerberos” is specified for the authentication method (set auth <idx> <type>). eap syslog ip <idx> <ip> Sets the remote syslog server for WLAN <idx> (1–8) to the IP address <ip> (a.b.c.d). eap syslog mode <idx> enable/ Enables/disables remote syslog for WLAN <idx> (1–8). disable enc <idx> <type> Sets the encryption type to <type> (one of none, wep40, wep104, keyguard, tkip, or ccmp) for WLAN <idx> (1–8). Note: TKIP parameters are only in effect if “tkip” is selected as the encryption type. ess <idx> <ess> Sets the 802.11 ESS ID for WLAN <idx> (1–8) to <ess>. kerb passwd <idx> Sets the Kerberos password to <password> (1–21 characters) for WLAN <password> <idx> (1–8). kerb port <idx> <ksidx> <port> Sets the Kerberos port to <port> (KDC port) for server <ksidx> (1-primary, 2-backup, or 3-remote) for WLAN <idx> (1–8). kerb realm <idx> <realm> Sets the Kerberos realm name for WLAN <idx> (1–8) to <realm> (1–63 characters). kerb server <idx> <ksidx> <ip> Sets the Kerberos server <ksidx> (1-primary, 2-backup, or 3-remote) IP address for WLAN <idx> (1–8) to <ip>. kerb user <idx> <name> Sets the Kerberos user name for WLAN <idx> (1–8) to <name> (1–21 characters). mcast <idx> <midx> <mic> Sets the multicast group address <midx> (1, 2) for WLAN <idx> (1–8) to MAC address <mac>. mode <idx> <mode> Enables or disables WLAN <idx> (1–8). name <idx> <name> Sets the name of WLAN <idx> (1–8) to <name> (1–7 characters).
  • 213. Network CLI Commands Reference 3-177no-mu-mu <idx> <mode> Enables or disables the stoppage of MU-to-MU communication for WLAN <idx> (1–8).vop <idx> <mode> Enables or disables the voice priority mode for WLAN <idx> (1–8).tkip key <idx> <key> Sets the TKIP key to <key> (1–64 hex digits) for WLAN <idx> (1–8).tkip type <idx> <type> Sets the TKIP key type to phrase or key for WLAN <idx> (1–8).tkip phrase <idx> <phrase> Sets the TKIP ASCII pass phrase to <phrase> (8–63 characters) for WLAN <idx> (1–8).tkip rotate-mode <idx> <mode> Enables or disabled the broadcast key rotation for WLAN <idx> (1–8).tkip interval <idx> <interval> Sets the broadcast key rotation interval to <interval> seconds (300– 604800) for WLAN <idx> (1–8).ccmp key <idx> <key> Sets the CCMP key to <key> (1–64 hex digits) for WLAN <idx> (1–8). Must be specified when type parameter is set to key.ccmp type <idx> phrase/ Sets the CCMP key type to phrase or key for WLAN <idx> (1–8).keyccmp phrase <idx> <phrase> Sets the CCMP ASCII pass phrase for WLAN <idx> (1–8) to <phrase> (8– 63 characters). Must be specified when type parameter is set to phrase.ccmp rotate-mode <idx> Enables or disables the broadcast key rotation for WLAN <idx> (1–8).enable/disableccmp interval <idx> <interval> Sets the broadcast key rotation interval for WLAN <idx> (1–8) to <interval> (300–604800) seconds.ccmp mixed-mode <idx> Enables or disables mixed mode (allowing WPA-TKIP clients) for WLANenable/disable <idx> (1–8).ccmp preauth <idx> enable/ Enables or disables pre-authentication (fast roaming) for WLAN <idx> (1–disable 8).ccmp opp-pmk <idx> enable/ Enables or disables opportunistic PMK caching (fast roaming) for WLANdisable <idx> (1–8). Note: The WEP authentication mechanism saves up to four different keys (one for each WLAN). It is not a requirement to set all keys, but you must associate a WLAN with the appropriate key.wep-mcm index <idx> <kidx> Selects the WEP/KeyGuard key (from one of the four potential values of <kidx> (1–4) for WLAN <idx> (1–8).wep-mcm key <idx> <kidx> Sets the WEP/KeyGuard key for key index <kidx> (1–4) for WLAN <idx><key> (1–8) to <key> 1 to 26 (hex digits).vlan-id <idx> <vlan-id> Sets the VLAN-ID mapping to WLAN <idx> (1–8) to VLAN <vlan-id> (1– 4094).mu-inact <timeout> Sets the MU inactivity timeout value to <timeout> (1-60) minutes.wep_shared <mode> Enables or disables WEP shared mode.handshake-timeout <idx> Sets the 802.11i handshake timeout value to <timeout> (100-2000 ms) for<timeout> the WLAN <idx> (1–8). This feature is provided to prevent those MUs that do not receive EAPOL messages from restarting the association procedure. The default retry for these MUs is 2 seconds. This switch is provided to control the retry for EAPOL messages to a value that is less than 2 seconds.
  • 214. 3-178 WS2000 Wireless Switch System Reference Guide handshake-retry-count <idx> Sets the 802.11i handshake retry count to <retry-count> (1-10) for the <retry-count> WLAN <idx> (1–8). This in conjunction with the handshake-timeout command controls the handshake retry time and retry count for those MUs that do not receive EAPOL messages. secure-beacon <idx> <mode> Enables or disables secure beacon for the WLAN <idx> (1–8) enforce-pmk-validation Enables or disables PMK validation across association and EAPOL packets <mode> wireless-stp <mode> Enable or disables STP on wireless side Example admin(network.wlan)>set name 1 store admin(network.wlan)>set name 2 backoff admin(network.wlan)>set auth 1 kerberos Kerberos requires WEP 104 or Keyguard. The encryption type has been changed to W EP104. admin(network.wlan)>set no-mu-mu 1 enable admin(network.wlan)>show wlan 1 wlan name : WLAN1 ess identifier : 101 wlan mode : enable subnet : s1 vlan_id : 1 enc type : none auth type : none voice prioritization : enable disallow mu to mu : disable answer broadcast ess : disable secure beacon mode : disable default mu acl mode : allow all default ap adopt mode : allow all multicast address 1 : 01005E000000 multicast address 2 : 09000E000000 handshake timeout in milliseconds : 2000 handshake retry count : 3 admin(network.wlan)>
  • 215. Network CLI Commands Reference 3-1793.31.5 Network WLAN show Command show Network WLAN Commands Displays the WLAN parameters. Syntax show [eap|kerb|tkip|ccmp|wep-mcm|wlan|mu-inact|wep_shared|enforce-pmk- validation|wireless-stp] <idx> Syntax: eap <idx> Shows the EAP parameters for WLAN <idx> (1–8). kerb <idx> Shows the Kerberos parameters for WLAN <idx> (1–8). tkip <idx> Shows the TKIP parameters for WLAN <idx> (1–8). ccmp <idx> Shows the CCMP parameters for WLAN <idx> (1–8). wep-mcm <idx> Shows the WEP/Keyguard parameters for WLAN <idx> (1–8). wlan <idx> Shows the basic WLAN parameters for WLAN <idx> (1–8). mu-inact Shows the MU inactivity timeout value. wep_shared Shows the WEP Shared parameters. enforce-pmk- Shows enforce-pmk-validation configuration value validation wireless-stp Show wireless STP configuration Example admin(network.wlan)>show tkip 1 tkip key type : phrase tkip phrase : ******** tkip key : ******** tkip rotate mode : disable tkip rotate interval : 86400 admin(network.wlan)>show ccmp 1 ccmp key type : phrase ccmp phrase : ******** ccmp key : ******** ccmp rotate mode : disable ccmp rotate interval : 86400 ccmp mixed mode (allow WPA) : disable 802.11i preauthentication : disable Opportunistic PMK Caching : enable admin(network.wlan)>show wep-mcm 1 wep key index : 1 wep key 1 : ******** wep key 2 : ******** wep key 3 : ******** wep key 4 : ********
  • 216. 3-180 WS2000 Wireless Switch System Reference Guide admin(network.wlan)>show wlan 1 wlan name : WLAN1 ess identifier : 101 wlan mode : enable enc type : none auth type : none voice prioritization : enable disallow mu to mu : disable answer broadcast ess : disable default mu acl mode : allow all default ap adopt mode : allow all multicast address 1 : 01005E000000 multicast address 2 : 09000E000000 admin(network.wlan)>show eap 1 server ip 1 : 0.0.0.0 server ip 2 : 0.0.0.0 server port 1 : 1812 server port 2 : 1812 eap secret 1 : ******** eap secret 2 : ******** eap remote syslog mode : disable syslog server ip : 0.0.0.0 Bind interface (for server 1) : s1 Bind interface (for server 2) : none eap reauth mode : disable eap reauth retries : 2 eap reauth period : 3600 eap mu quiet period : 10 eap mu tx period : 5 eap mu timeout : 10 eap mu retries : 2 eap server timeout : 5 eap server retries : 2 radius accounting retry mode : disable radius accounting retry timeout : 10 radius accounting retry count : 2 Related Commands set Sets WLAN parameters.
  • 217. Network CLI Commands Reference 3-1813.32 Network WLAN Rogue AP Commands rogueap Network WLAN Commands Displays the rogue AP submenu. Syntax admin(network.wlan)> rogueap admin(network.wlan.rogueap)> The items available under this command are shown below. Command Description Ref. show Shows current rogue AP configuration. page 3-183 set Sets rogue AP parameters. page 3-182 rulelist Goes to the rule list submenu. page 3-202 approvedlist Goes to the approved AP list submenu. page 3-184 roguelist Goes to the rogue AP list submenu. page 3-189 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 218. 3-182 WS2000 Wireless Switch System Reference Guide 3.32.1 Network WLAN Rogueap set Command set Network WLAN Rogue AP Commands Sets rogue access point parameters. Syntax set [muscan|apscan|detscan|fullapscan] [mode <mode>|interval <interval>] Parameters [muscan|apscan|detscan|fullapscan] [mode Sets the different Rogue AP parameters <mode>|interval <interval> • muscan – Sets MU scanning parameters • apscan – Sets AP scanning parameters. • detscan – Sets Detector scanning parameters. For this feature to work, you must set one of the Access Ports as a Detector AP. • fullapscan – Sets full AP scanning parameter. For this feature to work, you must set one of the Access Ports as a Full Detector AP. Each of the above options have these settings • mode <mode> – <mode> can be enable or disable. Use this to enable or disable a rogue ap parameter • interval <interval> – Sets the scanning interval for rogue ap detection. <interval> can be between 5 to 65535 minutes. For fullapscan, the interval is in seconds. Enables or disables mobile unit scanning. Example admin(network.wlan.rogueap)>set apscan mode enable admin(network.wlan.rogueap)>set apscan int 60 Related Commands show Displays the rogue AP parameters.
  • 219. Network CLI Commands Reference 3-1833.32.2 Network WLAN Rogueap show Command show Network WLAN Rogue AP Commands Shows the current rogue AP configuration. Syntax show Parameters None Example admin(network.wlan.rogueap)>show mu scan : disabled mu scan interval : 60 minutes ap scan : disabled ap scan interval : 60 minutes detector ap scan : disabled detector ap scan interval : 60 minutes full detector ap scan : disabled full detector ap scan interval : 60 seconds Related Commands set Sets the rogue AP scanning parameters.
  • 220. 3-184 WS2000 Wireless Switch System Reference Guide 3.33 Network WLAN Rogue AP Approvedlist Commands approvedlist Network WLAN Rogue AP Commands Displays the approved AP list submenu. Syntax admin(network.wlan.rogueap)> approvedlist admin(network.wlan.rogueap.approvedlist)> The items available under this command are shown below. Command Description Ref. show Shows the approved AP list. page 3-188 ageoute Displays the ageout time for an approved list entry. page 3-185 approve Approves an AP. page 3-186 erase Erases the list. page 3-187 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 221. Network CLI Commands Reference 3-1853.33.1 Network WLAN Rogueap Approvedlist ageout Command ageoute Network WLAN Rogue AP Approvedlist Commands Displays ageout time for an approved list entry. Syntax ageout <interval> Parameters ageout <interval> Sets the number of minutes, the <interval> (0–1000), before an entry in the approved list is automatically removed. Example admin(network.wlan.rogueap.approvedlist)>ageout 30 admin(network.wlan.rogueap.approvedlist)> Related Commands erase Erases the approved AP list.
  • 222. 3-186 WS2000 Wireless Switch System Reference Guide 3.33.2 Network WLAN Rogueap Approvedlist approve Command approve Network WLAN Rogue AP Approvedlist Commands Approves an AP. Syntax approve [<index>|all] Parameters approve • approve <index> – Approves an access point from the list based on the location [<index>|all] specified by <index>. • approve all – Approves all access points in the list. Example admin(network.wlan.rogueap.approvedlist)>approve 1 admin(network.wlan.rogueap.approvedlist)>approve all admin(network.wlan.rogueap.approvedlist)> Related Commands erase Erases all access points in the list.
  • 223. Network CLI Commands Reference 3-1873.33.3 Network WLAN Rogueap Approvedlist erase Command erase Network WLAN Rogue AP Approvedlist Commands Erases the approved AP list. Syntax erase all Parameters none Example admin(network.wlan.rogueap.approvedlist)>erase all admin(network.wlan.rogueap.approvedlist)>show approved ap list ++++++++++++++++ approved list ageout : 30 minutes index ap essid ----- -- ------ Related Commands approve Adds an Access Port to the approved list. show Displays the approved list.
  • 224. 3-188 WS2000 Wireless Switch System Reference Guide 3.33.4 Network WLAN Rogueap Approvedlist show Command show Network WLAN Rogue AP Approvedlist Commands Shows the approved AP list. Syntax show Parameters None Example admin(network.wlan.rogueap.approvedlist)>show approved ap list ++++++++++++++++ approved list ageout : 30 minutes index ap essid ----- -- ------ Related Commands approve Adds an AP to the approved list.
  • 225. Network CLI Commands Reference 3-1893.34 Network WLAN Rogue AP Roguelist Commands roguelist Network WLAN Rogue AP Commands Displays the rogue AP list submenu. Syntax admin(network.wlan.rogueap)> roguelist admin(network.wlan.rogueap.roguelist)> The items available under this command are shown below. Command Description Ref. show Displays the rogue list entries. page 3-193 locate Goes to the submenu for locating a rogue AP. page 3-196 muscan Goes to the submenu for on-demand MU polling. page 3-199 ageout Displays the ageout time for a rogue list entry. page 3-190 approve Approves a rogue AP. page 3-191 erase Erases the list. page 3-192 set Sets rogue AP related parameters page 3-194 deauth Configuration related to Rogue AP Containment. page 3-195 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 226. 3-190 WS2000 Wireless Switch System Reference Guide 3.34.1 Network WLAN Rogue AP Roguelist ageout Command ageout Network WLAN Rogue AP Commands Displays the ageout time for a rogue list entry. Syntax ageout <time> Parameters ageout <time> Sets the ageout time for the entry associated to <time> (1–1000) minutes. Example admin(network.wlan.rogueap.roguelist)>ageout 50 Related Commands locate Locates a rogue AP. show Shows the rogue AP list parameters and entries.
  • 227. Network CLI Commands Reference 3-1913.34.2 Network WLAN Rogue AP Roguelist approve Command approve Network WLAN Rogue AP Commands Moves a rogue AP into the approved AP list. Syntax approve [<index>|all] Parameters approve • approve <index> – Puts the rogue AP <index> into the approved AP list. [<index>|all] • approve all – Puts all the entries of the rogue list into the approved AP list. Example admin(network.wlan.rogueap.approvedlist)>approve all Related Commands show Shows the rogue list entries.
  • 228. 3-192 WS2000 Wireless Switch System Reference Guide 3.34.3 Network WLAN Rogue AP Roguelist erase Command erase Network WLAN Rogue AP Commands Erases the rogue AP list. Syntax erase all Parameters None Example admin(network.wlan.rogueap.roguelist)>erase all Example show Lists all entries in the rogue AP list.
  • 229. Network CLI Commands Reference 3-1933.34.4 Network WLAN Rogue AP Roguelist show Command show Network WLAN Rogue AP Commands Displays the rogue list entries. Syntax show [all|<index>|deauth-list] Parameters show Displays Rogue AP lists. [all|<index>|deauth- • all – Displays the complete list of rogue APs. list] • <index> – Displays detailed information for the rogue AP with index number <index>. • deauth-list – Displays the Rogue AP Containment list Example admin(network.wlan.rogueap.roguelist)>show all rogue ap list ++++++++++++++++++++ rogue list ageout : 0 minutes ------------------------------------------------------------------------- Idx AP Essid Channel ------------------------------------------------------------------------- Related Commands locate Locates a rogue AP. approve Approves a rogue AP
  • 230. 3-194 WS2000 Wireless Switch System Reference Guide 3.34.5 Network WLAN Rogue AP Roguelist set Command set Network WLAN Rogue AP Commands Sets rogue list parameters. Syntax set [rap-containment|deauth-interval|deauth-all] set RAP-Containment <mode> set deauth-interval <interval> set dauth-all <mode> Syntax: RAP-Containment • Enables or disables Rogue AP Containment feature. <mode> deauth-interval Sets the Rogue AP de-authentication interval to <interval> (1–300) seconds. This <interval> is the time after which MUs associated to a Rogue AP is deauthenticated. deauth-all <mode> Enables or disables deauthenticating all rogue APs in the containment list. • Example admin(network.wlan.rogueap)>set RAP-Containment enable admin(network.wlan.rogueap)>set deauth-interval 10 admin(network.wlan.rogueap)>set deauth-all enable Related Commands show Displays the rogue AP parameters.
  • 231. Network CLI Commands Reference 3-1953.34.6 Network WLAN Rogue AP Roguelist deauth Command deauth Network WLAN Rogue AP Commands Manages the Rogue AP Containment list by adding APs, their MAC address to the list and deleting APs from the list. Syntax deauth [add-to-list|add-mac-to-list|remove-from-list] <index> deauth all Parameters deauth [add-to- Adds or removes APs from the ACL. list|add-mac-to- • add-to-list <index> – Adds an AP to the Rogue AP containment list at the position list|remove-from-list] specified by <index>. <index> • add-mac-to-list <index> – Adds the MAC address of a Rogue AP to the Rogue AP containment list at the position specified by <index>. • remove-from-list <index> – Removes a MAC from the Rogue AP Containment list. deauth all Removes all the contents from the Rogue AP Containment list Example admin(network.wlan.rogueap.roguelist)>deauth add-to-list 1 admin(network.wlan.rogueap.roguelist)> admin(network.wlan.rogueap.roguelist)>deauth add-mac-to-list 11-22-33-44- 55-66 admin(network.wlan.rogueap.roguelist)>
  • 232. 3-196 WS2000 Wireless Switch System Reference Guide 3.35 Network WLAN Rogue AP Rogue List Locate Commands locate Network WLAN Rogue AP Roguelist Commands Displays the locate submenu. Syntax admin(network.wlan.rogueap.roguelist)> locate admin(network.wlan.rogueap.roguelist.locate)> The items available under this command are shown below. Command Description Ref. start Starts locating a rogue AP. page 3-198 list Lists results of the locate rogue AP scan. page 3-200 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 233. Network CLI Commands Reference 3-1973.35.1 Network WLAN Rogue AP Rogue List Locate list Command list Network WLAN Rogue AP Rogue List Locate Commands Lists the results of the locate rogue AP scan. Syntax list Parameters None Example admin(network.wlan.rogueap.roguelist.locate)>list Related Commands start Starts the rogue AP location process.
  • 234. 3-198 WS2000 Wireless Switch System Reference Guide 3.35.2 Network WLAN Rogue AP Rogue List Locate start Command start Network WLAN Rogue AP Rogue List Locate Commands Locates a rogue AP. Syntax start <MAC> <ESSID> Parameters start <MAC> <ESSID> Starts locating a rogue AP where <MAC> is the MAC address (or BSSID) of the rogue AP, and <essid> is the ESSID for the rogue AP. Example admin(network.wlan.rogueap.roguelist.locate)>start 00A0f8fe2344 wlan-engg Related Commands list Lists information for the rogue AP found during the scan.
  • 235. Network CLI Commands Reference 3-1993.36 Network WLAN Rogue AP Rogue List MU Scan Commands muscan Network WLAN Rogue AP Roguelist Commands Displays the MU scan submenu. Syntax admin(network.wlan.rogueap.roguelist)> muscan admin(network.wlan.rogueap.roguelist.muscan)> The items available under this command are shown below. Command Description Ref. start Starts a rogue AP scan using on-demand MU polling. page 3-201 list Lists the rogue APs found during the scan. page 3-200 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 236. 3-200 WS2000 Wireless Switch System Reference Guide 3.36.1 Network WLAN Rogue AP Rogue List MU Scan list Command list Network WLAN Rogue AP Roguelist Commands Lists the results of the locate rogue AP scan. Syntax list Parameters None Example admin(network.wlan.rogueap.roguelist.muscan)>list Related Commands start Starts the MU scan process.
  • 237. Network CLI Commands Reference 3-2013.36.2 Network WLAN Rogue AP Rogue List MU Scan start Command start Network WLAN Rogue AP Roguelist Commands Starts an on-demand MU polling for rogue APs. Syntax start <MAC> <ESSID> Parameters start <MAC> <ESSID> Starts locating a rogue AP where <MAC> is the MAC address (or BSSID) of the rogue AP, and <ESSID> is the ESSID for the rogue AP. Example admin(network.wlan.rogueap.roguelist.muscan)>start 00A0f8fe2344 Related Commands list Lists information for the rogue AP found during the scan.
  • 238. 3-202 WS2000 Wireless Switch System Reference Guide 3.37 Network WLAN Rogue AP Rule List Commands rulelist Network WLAN Rogue AP Commands Displays the rule list submenu. Syntax admin(network.wlan.rogueap)> rulelist admin(network.wlan.rogueap.rulelist)> The items available under this command are shown below. Command Description Ref. show Displays the rule list. page 3-206 add Adds an entry to the rule list. page 3-203 delete Deletes an entry from the rule list. page 3-205 authsymbolap Authorizes all Symbol APs. page 3-204 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 239. Network CLI Commands Reference 3-2033.37.1 Network WLAN Rogue AP Rule List add Command add Network WLAN Rogue AP Rule List Commands Adds an entry to the rule list. Syntax add <MAC> <ESSID> Parameters add <MAC> <ESSID> Adds an entry into the rule list to allow an AP with the mac address <MAC> and the ESSID <ESSID>. Example admin(network.wlan.rogueap.rulelist)>add 00a0f8f31212 mywlan admin(network.wlan.rogueap.rulelist)>show rule list +++++++++ symbol ap authorization : disabled index ap essid ----- -- ------ 1 00:a0:f8:f3:12:12 mywlan admin(network.wlan.rogueap.rulelist)>? Related Commands show Shows the entries in the rule list.
  • 240. 3-204 WS2000 Wireless Switch System Reference Guide 3.37.2 Network WLAN Rogue AP Rule List authsymbolap Command authsymbolap Network WLAN Rogue AP Rule List Commands Authorizes all Symbol APs. Syntax authsymbolap <mode> Parameters authsymbolap <mode> Enables or disables automatic authorization of all Symbol APs. <mode> can be enable or disable. Example admin(network.wlan.rogueap.rulelist)>auth enable admin(network.wlan.rogueap.rulelist)>show rule list +++++++++ symbol ap authorization : enabled index ap essid ----- -- ------ 1 00:a0:f8:f3:12:12 mywlan Related Commands show Shows all the rules in the rule list and shows status of the Symbol AP automatic authorization.
  • 241. Network CLI Commands Reference 3-2053.37.3 Network WLAN Rogue AP Rule List delete Command delete Network WLAN Rogue AP Rule List Commands Deletes an entry from the rule list. Syntax delete [all|<idx>] Parameters delete [all|<idx>] Deletes entries in the rule list. • all – Deletes all entries in the rule list. • <idx> – Deletes the entry at the <idx> index in the rule list. Example admin(network.wlan.rogueap.rulelist)>delete all admin(network.wlan.rogueap.rulelist)>show rule list +++++++++ symbol ap authorization : enabled index ap essid ----- -- ------ Related Commands show Displays the entries in the rule list.
  • 242. 3-206 WS2000 Wireless Switch System Reference Guide 3.37.4 Network WLAN Rogue AP Rule List show Command show Network WLAN Rogue AP Rule List Commands Displays the rule list. Syntax show Parameters None Example admin(network.wlan.rogueap.rulelist)>show rule list +++++++++ symbol ap authorization : enabled index ap essid ----- -- ------ 1 00:a0:f8:f3:12:12 mywlan Related Commands delete Deletes entries from the rule list. add Adds entries to the rule list.
  • 243. Network CLI Commands Reference 3-2073.38 Network WLAN Enhanced Rogue AP Commands enhancedrogueap Network WLAN Commands Displays the Enhanced Rogue AP detection submenu. Syntax admin(network.wlan)> enhancedrogueap admin(network.wlan.enhancedrogueap)> The items available under this command are shown below. Command Description Ref. show Displays the Enhanced Rogue AP parameters. page 3-208 set Sets the Enhanced Rogue AP parameters page 3-209 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 244. 3-208 WS2000 Wireless Switch System Reference Guide 3.38.1 Network WLAN Enhanced Rogue AP show Command show Network WLAN Enhanced Rogue AP Commands Displays the Enhanced Rogue AP parameters. Syntax show Parameters None Example admin(network.wlan.enhancedrogueap)>show Enhanced RAP mode : disabled ERAP scan interval : 10 seconds ERAP scan duration : 100 milli seconds Channel Set for Radio A : Channel Set for Radio B/G : admin(network.wlan.enhancedrogueap)>
  • 245. Network CLI Commands Reference 3-2093.38.2 Network WLAN Enhanced Rogue AP set Command set Network WLAN Enhanced Rogue AP Commands Sets the Enhanced Rogue AP parameters. Syntax set [mode|scaninterval|scanduration|A_channels|BG_channels|erase] set mode <mode> set scaninterval <scaninterval> set scanduration <scanduration> set A_channel {channelset} set BG_channel {channelset} set erase Parameters mode <mode> Enables or disables the Enhanced Rogue AP feature scaninterval Sets the Enhanced Rogue AP feature scan interval. <scaninterval> scanduration Sets the Enhanced Rogue AP feature scan duration <scanduration> A_channels Sets A channels to scan for Enhanced Rogue AP feature. {<channelset>} • <channelset> (Optional) – Enter a list of valid channels for A Radio. BG_channels Sets BG channels to scan for Enhanced Rogue AP feature {<channelset>} • <channelset> (Optional) – Enter a list of valid channels for b/g Radio. erase Clears the Enhanced Rogue AP feature list. Example admin(network.wlan.enhancedrogueap)> show Enhanced RAP mode : disabled ERAP scan interval : 10 seconds ERAP scan duration : 100 milli seconds Channel Set for Radio A : Channel Set for Radio B/G : admin(network.wlan.enhancedrogueap)> set mode enable admin(network.wlan.enhancedrogueap)> set scaninterval 33 admin(network.wlan.enhancedrogueap)> set scanduration 110 admin(network.wlan.enhancedrogueap)> set A_channels 36 40 admin(network.wlan.enhancedrogueap)> set BG_channels 1 2 3 admin(network.wlan.enhancedrogueap)> show Enhanced RAP mode : enabled ERAP scan interval : 33 seconds ERAP scan duration : 110 milli seconds Channel Set for Radio A : 36, 40, Channel Set for Radio B/G : 1, 2, 3,
  • 246. 3-210 WS2000 Wireless Switch System Reference Guide 3.39 Network WLAN MU Probe Commands muprobe Network WLAN Commands Displays the MU Probe sub menu. Syntax admin(network.wlan)> muprobe admin(network.wlan.muprobe)> The items available under this menu are shown below. Command Description Ref. show Shows the MU Probe Table configuration page 3-211 set Sets the MU Probe Table configuration page 3-212 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 247. Network CLI Commands Reference 3-2113.39.1 Network WLAN MU Probe show Command show Network WLAN MU Probe Commands Displays the MU Probe Table configuration information. Syntax show Parameters None Example admin(network.wlan.muprobe)> show mu probe table : disabled mu probe table size : 200 MUs (number of rows could be more) mu probe window : 30 seconds
  • 248. 3-212 WS2000 Wireless Switch System Reference Guide 3.39.2 Network WLAN MU Probe set Command set Network WLAN MU Probe Commands Sets the different MU Probe Table configurations. Syntax set [mode|size|erase|windows] set mode <mode> set size <size> set erase set window <value> Parameters mode <mode> Enables or disables MU Probe scans. <mode> can be enable or disable. size <size> Sets the size <size> in number of rows of the MU Probe Table. erase Erases the MU Probe Table window <value> Sets the MU Probe time window to <value> (5-300) seconds. Example admin(network.wlan.muprobe)> show mu probe table : disabled mu probe table size : 200 MUs (number of rows could be more) mu probe window : 30 seconds admin(network.wlan.muprobe)> set mode enable admin(network.wlan.muprobe)> set size 100 admin(network.wlan.muprobe)> set window 50 admin(network.wlan.muprobe)> show mu probe table : enabled mu probe table size : 100 MUs (number of rows could be more) mu probe window : 50 seconds
  • 249. Network CLI Commands Reference 3-2133.40 Network WLAN Hotspot Commands hotspot Network WLAN Commands Displays the Hotspot sub menu. Syntax admin(network.wlan)> hotspot admin(network.wlan.hotspot)> The items available under this menu are shown below. Command Description Ref. set Sets the hotspot parameters page 3-214 show Displays the hotspot parameters page 3-216 import Imports hotspot display pages page 3-217 radius Sets hotspot RADIUS configuration. Goes to a submenu. page 3-218 white-list Sets the hotspot white-list. Goes to a submenu. page 3-222 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 250. 3-214 WS2000 Wireless Switch System Reference Guide 3.40.1 Network WLAN Hotspot set Command set Network WLAN Hotspot Commands Sets the different Hotspot parameters. Syntax set [mode|page-loc|exturl|http-mode|hotspot-session-timeout| hotspot-cred-cache] set mode <idx> <mode> set page-loc <idx> <page-loc> set exturl <idx> <page> <url> set http-mode <idx> <http-mode> set hotspot-session-timeout <timeout> set hotspot-cred-cache <hotspot-cred-cache> Parameters mode <idx> <mode> Enables or disables hotspot for a WLAN with the index value <idx> (1- 8). page-loc <idx> <page-loc> Sets the location of the welcome page for Hotspot for a WLAN with the index <idx> (1-8). <page-loc> can be one of default, cf, url. • When <page-loc> is default, the default pages are shown. • When <page-loc> is cf, the pages for login, welcome, and fail are stored on the CF card and are displayed from there. • When <page-loc> is url, the pages are displayed from a URL. The URL information is provided through the set exturl command. exturl <idx> <page> <url> Sets the URL locations for the hotspot login, welcome, and fail pages for a WLAN with the index value <idx> (1-8). <page> should be one of login, welcome, or fail and indicates the page type. <url> is the fully qualified path to the page indicated by the <page> value. http-mode <idx> <http-mode> Sets the HTTP mode for the hotspot for the WLAN with index <idx> (1-8). <http-mode> can be one of http or https. HTTP indicates that connections to the hotspot does not use security. HTTPS indicates use of security. hotspot-session-timeout Sets the timeout value for the hotspot to <hotspot-session-timeout> <hotspot-session-timeout> minutes. This value is global and is applicable to all WLANs. The default value for <hotspot-session-timeout> is 20 minutes and the maximum value that can be entered is 1440 minutes (1 day). hotspot-cred-cache Enables or disables hotspot user credential caching for the WS2000. <hotspot-cred-cache> Example admin(network.wlan.hotspot)> show hotspot 1 WLAN 1 Hotspot Mode : disable Hotspot Page Location : default External Login URL : External Welcome URL :
  • 251. Network CLI Commands Reference 3-215External Fail URL :Http Mode : httpsadmin(network.wlan.hotspot)> set mode 1 enableadmin(network.wlan.hotspot)> set page-loc 1 urladmin(network.wlan.hotspot)> set exturl 1 login //192.168.1.10/wlan1/hotspt/login.htmadmin(network.wlan.hotspot)> set exturl 1 welcome //192.168.1.10/wlan1/hotspt/welcome.htmadmin(network.wlan.hotspot)> set exturl 1 fail //192.168.1.10/wlan1/hotspt/fail.htmadmin(network.wlan.hotspot)> show hotspot 1WLAN 1Hotspot Mode : enableHotspot Page Location : urlExternal Login URL : //192.168.1.10/wlan1/hotspt/login.htmExternal Welcome URL : //192.168.1.10/wlan1/hotspt/welcome.htmExternal Fail URL : //192.168.1.10/wlan1/hotspt/fail.htmHttp Mode : https
  • 252. 3-216 WS2000 Wireless Switch System Reference Guide 3.40.2 Network WLAN Hotspot show Command show Network WLAN Hotspot Commands Displays the different hotspot configuration settings. Syntax show [hotspot|white-list|hs-session-timeout|hs-cred-cache] show hotspot <idx> show white-list <idx> Parameters hotspot <idx> Displays the hotspot configuration settings. white-list <idx> Displays the white list rules. hs-session-timeout Displays the global hotspot session timeout value. hs-cred-cache Displays the enable/disable status for hotspot user credentials caching. Example admin(network.wlan.hotspot)> show hotspot 1 WLAN 1 Hotspot Mode : enable Hotspot Page Location : url External Login URL : //192.168.1.10/wlan1/hotspt/login.htm External Welcome URL : //192.168.1.10/wlan1/hotspt/ welcome.htm External Fail URL : //192.168.1.10/wlan1/hotspt/fail.htm Http Mode : https admin(network.wlan.hotspot)> show white-list 1 WhiteList Rules ------------------------------------------------------------------------- Idx IP Address ------------------------------------------------------------------------- 1 192.168.1.32 2 192.168.1.45 3 192.168.1.55 4 192.168.1.56 admin(network.wlan.hotspot)> show hs-session-timeout Hotspot Session Timeout : 10 admin(network.wlan.hotspot)> show hs-cred-caching Hotspot Credential Cache Mode : Disabled
  • 253. Network CLI Commands Reference 3-2173.40.3 Network WLAN Hotspot Import Command import Network WLAN Hotspot Commands Imports the html pages for the welcome, login, and fail screens. Syntax import <idx> <page> Parameters import <idx> <page> Imports the specified page for the WLAN with index <idx> (1-8). <page> must be one of login, welcome, or fail. Paste the html page into the console. Example admin(network.wlan.hotspot)> import 1 login Enter Ctrl C to abort. Paste the HTML Page: <html> <Head> <title>Office1 WLAN - Login Page</title> </head> <body> <h1 align="center">Office1 Wireless LAN - Login Page</h1> <HR width=50%> <p align ="center"><b>Please enter your login information below</b></p> <form action="login.asp> <center> <table width=25%> <tr> <tD>User Name</td> <td><input > </input></td> </tr> <tr> <td>Password</td> <td><input type=password> </input></td> </tr> </table> <br> <button type=submit> <strong>Login</strong> </button> <hr width=50%> <p>Page usage monitored and IP captured. Do not login if not authorized.</p> </center> </form> </body> </html>
  • 254. 3-218 WS2000 Wireless Switch System Reference Guide 3.41 Network WLAN Hotspot RADIUS commands radius Network WLAN Hotspot Commands Displays the RADIUS server commands for hotspot. RADIUS is used to authenticate hotspot users. Syntax admin(network.wlan.hotspot)> radius admin(network.wlan.hotspot.radius)> The items available under this command are shown below. Command Description Ref. show Shows RADIUS configuration settings. page 3-219 set Sets RADIUS configuration page 3-220 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 255. Network CLI Commands Reference 3-2193.41.1 Network WLAN Hotspot RADIUS show Command show Network WLAN Hotspot RADIUS commands Displays the RADIU ?S server information for each hotspot. Syntax show radius <idx> Parameters show radius <idx> Displays the RADIUS information for the WLAN with the index <idx> (1-8). Example admin(network.wlan.hotspot.radius)> show radius 1 Primary Server Ip adr : 127.0.0.1 Primary Server Port : 1812 Primary Server Secret : ****** Secondary Server Ip adr : 0.0.0.0 Secondary Server Port : 1812 Secondary Server Secret : ****** Accounting Mode : disable Accounting Timeout : 1 Accounting Retry-count : 1
  • 256. 3-220 WS2000 Wireless Switch System Reference Guide 3.41.2 Network WLAN Hotspot RADIUS set Command set Network WLAN Hotspot RADIUS commands Configures the RADIUS server information for hotspots for each WLAN. Syntax set [server|port|secret|acct-mode|acct-timeout|acct-retry| bind-interface|auth-mode] set server <idx> <srvr_type> <ipadr> set port <idx> <srvr_type> <port> set secret <idx> <srvr_type> <secret> set acct-mode <idx> <mode> set acct-timeout <idx> <timeout> set acct-retry <idx> <retry_count> set bind-interface <idx> <server> <interface> set auth-mode <idx> <mode> Parameters server <idx> <srvr_type> Sets the IP address <ipadr> of the RADIUS server for the WLAN with <ipadr> index <idx> (1-8). The <srvr_type> (primary, secondary) identifies the RADIUS server as a primary or a secondary server. port <idx> <srvr_type> <port> Sets the port <port> of the RADIUS server for the WLAN with the index <idx> (1-8). The <srvr_type> (primary, secondary) identifies the RADIUS server as a primary or a secondary server. secret <idx> <srvr_type Sets the secret <secret> for accessing the RADIUS server for the WLAN <secret> with the index <idx> (1-8). The <srvr_type> (primary, secondary) identifies the RADIUS server as a primary or a secondary server. acct-mode <idx> <mode> Enables or disables accounting mode for the RADIUS server for the WLAN with the index <idx> (1-8). When enabled, RADIUS accounting log is written to the CF card when the RADIUS server is not reachable. acct-timeout <idx> <timeout> Sets the time duration <timeout> (1-255) seconds after which RADIUS logs are written to the CF card. acct-retry <idx> <retry-count> Sets the number of re-tries <retry-count> (1-10) made before RADIUS logs are written to the CF card. bind-interface <idx> <server> Binds the RADIUS server type <server> (Primary or Secondary) to the <interface> interface <interface> (one of s1-s6, w, none - s1- Subnet 1, s2-subnet 2, ...s6-Subnet 6, w-wan) for the WLAN <idx> (1–8). auth-mode <idx> <mode> Sets the radius authentication mode to either PAP or CHAP. This is used to encrypt authentication packets when authenticating with radius servers located on the WAN side of WS2000. Example admin(network.wlan.hotspot.radius)> set server 1 primary 192.169.1.222 admin(network.wlan.hotspot.radius)> set server 1 secondary 192.169.1.223 admin(network.wlan.hotspot.radius)> set port 1 primary 1812 admin(network.wlan.hotspot.radius)> set port 1 secondary 1812 admin(network.wlan.hotspot.radius)> set secret 1 primary hello1
  • 257. Network CLI Commands Reference 3-221admin(network.wlan.hotspot.radius)> set secret 1 secondary hello2admin(network.wlan.hotspot.radius)> set acct-mode 1 enableadmin(network.wlan.hotspot.radius)> set acct-timeout 1 90admin(network.wlan.hotspot.radius)> set acct-retry 1 8admin(network.wlan.hotspot.radius)> set bind-interface 1 primary s1admin(network.wlan.hotspot.radius)> set auth-mode 1 PAPadmin(network.wlan.hotspot.radius)>show radius 1Primary Server Ip adr : 192.168.1.222Primary Server Port : 1812Primary Server Secret : ******Primary client bind interface : s1Secondary Server Ip adr : 192.169.1.223Secondary Server Port : 1812Secondary Server Secret : ******Secondary client bind interface : noneAccounting Mode : disableAccounting Timeout : 10Accounting Retry-count : 3RADIUS auth-mode : PAPadmin(network.wlan.hotspot.radius)>
  • 258. 3-222 WS2000 Wireless Switch System Reference Guide 3.42 Network WLAN Hotstpot White-list Commands white-list Network WLAN Hotspot Commands Displays the White-list submenu. White-list is a list of devices that can use the hotspot. Syntax admin(network.wlan.hotspot)> white-list admin(network.wlan.hotspot.whitelist)> The items available under this command are shown below. Command Description Ref. add Adds hotspot white-list entries. page 3-223 clear Clears the hotspot white-list entries. page 3-225 show Displays the hotspot white-list entries. page 3-225 quit Quits the CLI. page 3-1 save Saves the configuration to system flash. page 3-1 .. Goes to the parent menu. page 3-1 / Goes to the root menu. page 3-1
  • 259. Network CLI Commands Reference 3-2233.42.1 Network WLAN Hotspot White-list add Command add Network WLAN Hotstpot White-list Commands Adds an entry to the WLAN hotspot white-list. White-list is a list of devices that can access the hotspot. Syntax add rule <wlan_idx> <ipadr> Parameters add rule <wlan_idx> Adds an IP entry <ipadr> to the White-list for the WLAN specified by the index <ipadr> <wlan_idx> (1-8) Example admin(network.wlan.hotspot.whitelist)> add rule 1 192.168.1.67 admin(network.wlan.hotspot.whitelist)> show white-rules 1 WhiteList Rules ------------------------------------------------------------------------- Idx IP Address ------------------------------------------------------------------------- 1 192.168.1.32 2 192.168.1.45 3 192.168.1.55 4 192.168.1.56 5 192.168.1.67
  • 260. 3-224 WS2000 Wireless Switch System Reference Guide 3.42.2 Network WLAN Hotspot White-list clear Command clear Network WLAN Hotstpot White-list Commands Clears or deletes the WLAN hotspot white-list entries. Syntax clear rule [all|<wlan_idx> [all|<ipadr>]] clear rule all clear rule <wlan_idx> all clear rule <wlan_idx> <ipadr> Parameters clear rule [all|<wlan_idx> • clear rule all – Clears all the hotspot white-list entries. [all|<ipadr>]] • clear rule <wlan_idx> all – Clears all the hotspot white-list entries for the WLAN specified by the <wlan_idx> (1-8) value. • clear rule <wlan_idx> <ipadr> – Clears a specific IP address <ipadr> from the hotspot white-list entries for the WLAN specified by the <wlan_idx> (1-8) value. Example admin(network.wlan.hotspot.whitelist)> show white-rules 1 WhiteList Rules ------------------------------------------------------------------------- Idx IP Address ------------------------------------------------------------------------- 1 192.168.1.32 2 192.168.1.45 3 192.168.1.55 4 192.168.1.56 5 192.168.1.67 admin(network.wlan.hotspot.whitelist)> clear rule 1 192.168.1.67 admin(network.wlan.hotspot.whitelist)> show white-rules 1 WhiteList Rules ------------------------------------------------------------------------- Idx IP Address ------------------------------------------------------------------------- 1 192.168.1.32 2 192.168.1.45 3 192.168.1.55 4 192.168.1.56 admin(network.wlan.hotspot.whitelist)> clear rule all admin(network.wlan.hotspot.whitelist)> show white-rules 1 WhiteList Rules ------------------------------------------------------------------------- Idx IP Address -------------------------------------------------------------------------
  • 261. Network CLI Commands Reference 3-2253.42.3 Network WLAN Hotspot White-list show Command show Network WLAN Hotstpot White-list Commands Displays the WLAN hotspot white-list entries. Syntax show white-rules <idx> Parameters show white-rules <idx> Displays the hotspot white-list for the WLAN with the index <idx> (1-8). Example admin(network.wlan.hotspot.whitelist)> show white-rules 1 WhiteList Rules --------