Hewlett Packard Enterprise WL546 Wireless 8760 Dual Radio 11a/b/g PoE Access Point User Manual WA6102X 2 32 UG booK
Hewlett-Packard Company Wireless 8760 Dual Radio 11a/b/g PoE Access Point WA6102X 2 32 UG booK
Contents
- 1. Users Manual1
- 2. Users Manual2
Users Manual2
| Download: |  |
| Mirror Download [FCC.gov] | |
| Document ID | 670090 |
| Application ID | 1bjCrC+WgNrov9tOgVz7GA== |
| Document Description | Users Manual2 |
| Short Term Confidential | No |
| Permanent Confidential | No |
| Supercede | No |
| Document Type | User Manual |
| Display Format | Adobe Acrobat PDF - pdf |
| Filesize | 151.15kB (1889367 bits) |
| Date Submitted | 2006-06-19 00:00:00 |
| Date Available | 2006-06-14 00:00:00 |
| Creation Date | 2006-06-15 14:47:40 |
| Producing Software | Acrobat Distiller 7.0 (Windows) |
| Document Lastmod | 2006-06-19 14:44:14 |
| Document Title | WA6102X-2-32-UG.booK |
| Document Creator | FrameMaker 7.0 |
| Document Author: | david |
Security HTTP Server: Shows if management access via HTTP is enabled. HTTP Server Port: Shows the TCP port used by the HTTP interface. Version: Shows the software version number. 802.1X: Shows if IEEE 802.1X access control for wireless clients is enabled. AP Wireless Configuration – The AP Wireless Configuration tables display the radio and VAP interface settings listed below. Note that Interface Wireless A refers to the 802.11a radio and Interface Wireless G refers the 802.11b/g radio. VAP: Displays the VAP number. Radio Status: Displays if the radio is enabled or disabled for this VAP. SSID: The service set identifier for the VAP interface. Radio Channel: The radio channel through which the access point communicates with wireless clients. Radio Encryption: The key size used for data encryption. Radio Auth. Type: Shows the type of authentication used. Output Antenna: Displays which antenna/e are in use by the VAP. MAC: The physical layer address of the radio interface. Station Status The Station Status window shows the wireless clients currently associated with the access point. Figure 37 Station Status The Station Configuration page displays basic connection information for all associated stations as described below. Note that this page is automatically refreshed every five seconds. Station Address: The MAC address of the wireless client. Authenticated: Shows if the station has been authenticated. The two basic methods of authentication supported for 802.11 wireless networks are “open 4-73 CHAPTER 4: SYSTEM CONFIGURATION system” and “shared key.” Open-system authentication accepts any client attempting to connect to the access point without verifying its identity. The shared-key approach uses Wired Equivalent Privacy (WEP) to verify client identity by distributing a shared key to stations before attempting authentication. Associated: Shows if the station has been successfully associated with the access point. Once authentication is completed, stations can associate with the current access point, or reassociate with a new access point. The association procedure allows the wireless system to track the location of each mobile client, and ensure that frames destined for each client are forwarded to the appropriate access point. Forwarding Allowed: Shows if the station has passed 802.1X authentication and is now allowed to forward traffic to the access point. Key Type – Displays one of the following: • WEP Disabled – The client is not using Wired Equivalent Privacy (WEP) encryption keys. • Dynamic – The client is using Wi-Fi Protected Access (802.1X or pre-shared key mode) or using 802.1X authentication with dynamic keying. • Static – The client is using static WEP keys for encryption. Event Logs The Event Logs window shows the log messages generated by the access point and stored in memory. Figure 38 Event Logs The Event Logs table displays the following information: Log Time: The time the log message was generated. Event Level: The logging level associated with this message. For a description of the various levels, see “logging level” on page 4-46. Event Message: The content of the log message. Error Messages – An example of a logged error message is: “Station Failed to authenticate (unsupported algorithm).” This message may be caused by any of the following conditions: 4-74 Security Access point was set to “Open Authentication”, but a client sent an authentication request frame with a “Shared key.” Access point was set to “Shared Key Authentication,” but a client sent an authentication frame for “Open System.” WEP keys do not match: When the access point uses “Shared Key Authentication,” but the key used by client and access point are not the same, the frame will be decrypted incorrectly, using the wrong algorithm and sequence number. 4-75 CHAPTER 4: SYSTEM CONFIGURATION 4-76 5 COMMAND LINE INTERFACE USING THE COMMAND LINE INTERFACE ACCESSING THE CLI When accessing the management interface for the over a direct connection to the console port, or via a Telnet connection, the access point can be managed by entering command keywords and parameters at the prompt. Using the access point’s command-line interface (CLI) is very similar to entering commands on a UNIX system. CONSOLE CONNECTION To access the access point through the console port, perform these steps: 1. At the console prompt, enter the user name and password. (The default user name is “admin” and the default password is “password”) When the user name is entered, the CLI displays the “Enterprise AP#” prompt. 2. Enter the necessary commands to complete your desired tasks. 3. When finished, exit the session with the “exit” command. After connecting to the system through the console port, the login screen displays: Username: admin Password: Enterprise AP# NOTE: Command examples shown later in this chapter abbreviate the console prompt to “AP” for simplicity. 5-77 CHAPTER 5: COMMAND LINE INTERFACE Telnet Connection Telnet operates over the IP transport protocol. In this environment, your management station and any network device you want to manage over the network must have a valid IP address. Valid IP addresses consist of four numbers, 0 to 255, separated by periods. Each address consists of a network portion and host portion. For example, if the access point cannot acquire an IP address from a DHCP server, the default IP address used by the access point, 168.254.2.1, consists of a network portion (168.254.2) and a host portion (1). To access the access point through a Telnet session, you must first set the IP address for the access point, and set the default gateway if you are managing the access point from a different IP subnet. For example: Enterprise Enterprise Enterprise Enterprise AP#configure AP(config)#interface ethernet AP(if-ethernet)#ip address 10.1.0.1 255.255.255.0 10.1.0.254 AP(if-ethernet)# If your corporate network is connected to another network outside your office or to the Internet, you need to apply for a registered IP address. However, if you are attached to an isolated network, then you can use any IP address that matches the network segment to which you are attached. After you configure the access point with an IP address, you can open a Telnet session by performing these steps. 1. From the remote host, enter the Telnet command and the IP address of the device you want to access. 2. At the prompt, enter the user name and system password. The CLI will display the “Enterprise AP#” prompt to show that you are using executive access mode (i.e., Exec). 3. Enter the necessary commands to complete your desired tasks. 4. When finished, exit the session with the “quit” or “exit” command. After entering the Telnet command, the login screen displays: Username: admin Password: Enterprise AP# NOTE: You can open up to four sessions to the device via Telnet. 5-78 Using the Command Line Interface ENTERING COMMANDS This section describes how to enter CLI commands. Keywords and Arguments A CLI command is a series of keywords and arguments. Keywords identify a command, and arguments specify configuration parameters. For example, in the command “show interfaces ethernet,” show and interfaces are keywords, and ethernet is an argument that specifies the interface type. You can enter commands as follows: • To enter a simple command, enter the command keyword. • To enter commands that require parameters, enter the required parameters after the command keyword. For example, to set a password for the administrator, enter: Enterprise AP(config)#username smith Minimum Abbreviation The CLI will accept a minimum number of characters that uniquely identify a command. For example, the command “configure” can be entered as con. If an entry is ambiguous, the system will prompt for further input. Command Completion If you terminate input with a Tab key, the CLI will print the remaining characters of a partial keyword up to the point of ambiguity. In the “configure” example, typing con followed by a tab will result in printing the command up to “configure.” Getting Help on Commands You can display a brief description of the help system by entering the help command. You can also display command syntax by following a command with the “?” character to list keywords or parameters. 5-79 CHAPTER 5: COMMAND LINE INTERFACE Showing Commands If you enter a “?” at the command prompt, the system will display the first level of keywords for the current configuration mode (Exec, Global Configuration, or Interface). You can also display a list of valid keywords for a specific command. For example, the command “show ?” displays a list of possible show commands: Enterprise AP#show ? APmanagement Show management AP information. authentication Show Authentication parameters bootfile Show bootfile name bridge Show bridge config System snapshot for tech support dhcp-relay Show DHCP Relay Configuration event-log Show event log on console filters Show filters hardware Show hardware version history Display the session history interface Show interface information line TTY line information link-integrity Show link integrity information logging Show the logging buffers radius Show radius server rogue-ap Show Rogue ap Stations snmp Show snmp configuration sntp Show sntp configuration station Show 802.11 station table system Show system information version Show system version Enterprise AP#show The command “show interface ?” will display the following information: Enterprise AP#show interface ? ethernet Show Ethernet interface wireless Show wireless interfaceEnterprise AP#show interface Partial Keyword Lookup If you terminate a partial keyword with a question mark, alternatives that match the initial letters are provided. (Remember not to leave a space between the command and question mark.) For example “s?” shows all the keywords starting with “s.” Enterprise AP#show s? snmp sntp station Enterprise AP#show s system 5-80 Using the Command Line Interface Negating the Effect of Commands For many configuration commands you can enter the prefix keyword “no” to cancel the effect of a command or reset the configuration to the default value. For example, the logging command will log system messages to a host server. To disable logging, specify the no logging command. This guide describes the negation effect for all applicable commands. Using Command History The CLI maintains a history of commands that have been entered. You can scroll back through the history of commands by pressing the up arrow key. Any command displayed in the history list can be executed again, or first modified and then executed. Using the show history command displays a longer list of recently executed commands. Understanding Command Modes The command set is divided into Exec and Configuration classes. Exec commands generally display information on system status or clear statistical counters. Configuration commands, on the other hand, modify interface parameters or enable certain functions. These classes are further divided into different modes. Available commands depend on the selected mode. You can always enter a question mark “?” at the prompt to display a list of the commands available for the current mode. The command classes and associated modes are displayed in the following table: Table 7 Command Modes Class Mode Exec Privileged Configuration Global Interface-ethernet Interface-wireless Interface-wireless-vap Exec Commands When you open a new console session on an access point, the system enters Exec command mode. Only a limited number of the commands are available in this mode. You can access all other commands only from the configuration mode. To access Exec mode, open a new console session with the user name “admin.” The command prompt displays as “Enterprise AP#” for Exec mode. Username: admin Password: [system login password] Enterprise AP# 5-81 CHAPTER 5: COMMAND LINE INTERFACE Configuration Commands Configuration commands are used to modify access point settings. These commands modify the running configuration and are saved in memory. The configuration commands are organized into four different modes: • Global Configuration (GC) - These commands modify the system level configuration, and include commands such as username and password. • Interface-Ethernet Configuration (IC-E) - These commands modify the Ethernet port configuration, and include command such as dns and ip. • Interface-Wireless Configuration (IC-W) - These commands modify the wireless port configuration of global parameters for the radio, and include commands such as channel and transmit-power. • Interface-Wireless Virtual Access Point Configuration (IC-W-VAP) - These commands modify the wireless port configuration for each VAP, and include commands such as ssid and authentication. To enter the Global Configuration mode, enter the command configure in Exec mode. The system prompt will change to “Enterprise AP(config)#” which gives you access privilege to all Global Configuration commands. Enterprise AP#configure Enterprise AP(config)# To enter Interface mode, you must enter the “interface ethernet,” or “interface wireless a,” or “interface wireless g” command while in Global Configuration mode. The system prompt will change to “Enterprise AP(if-ethernet)#,” or Enterprise AP(if-wireless)” indicating that you have access privileges to the associated commands. You can use the end command to return to the Exec mode. Enterprise AP(config)#interface ethernet Enterprise AP(if-ethernet)# Command Line Processing Commands are not case sensitive. You can abbreviate commands and parameters as long as they contain enough letters to differentiate them from any other currently available commands or parameters. You can use the Tab key to complete partial commands, or enter a partial command followed by the “?” character to display a list of possible matches. You can also use the following editing keystrokes for command-line processing: 5-82 Using the Command Line Interface Table 8 Keystroke Commands Keystroke Function Ctrl-A Shifts cursor to start of command line. Ctrl-B Shifts cursor to the left one character. Ctrl-C Terminates a task and displays the command prompt. Ctrl-E Shifts cursor to end of command line. Ctrl-F Shifts cursor to the right one character. Ctrl-K Deletes from cursor to the end of the command line. Ctrl-L Repeats current command line on a new line. Ctrl-N Enters the next command line in the history buffer. Ctrl-P Shows the last command. Ctrl-R Repeats current command line on a new line. Ctrl-U Deletes the entire line. Ctrl-W Deletes the last word typed. Esc-B Moves the cursor backward one word. Esc-D Deletes from the cursor to the end of the word. Esc-F Moves the cursor forward one word. Delete key or backspace key Erases a mistake when entering a command. COMMAND GROUPS The system commands can be broken down into the functional groups shown below. Table 9 Command Groups Command Group Description Page General Basic commands for entering configuration mode, restarting the system, or quitting the CLI 5-84 System Management Controls user name, password, web browser management options, and 5-89 a variety of other system information System Logging Configures system logging parameters 5-108 System Clock Configures SNTP and system clock settings 5-113 DHCP Relay Configures the access point to send DHCP requests from clients to specified servers 5-118 SNMP Configures community access strings and trap managers 5-120 Flash/File Manages code image or access point configuration files 5-136 RADIUS Configures the RADIUS client used with 802.1X authentication 5-140 802.1X Authentication Configures 802.1X authentication 5-146 MAC Address Authentication Configures MAC address authentication 5-152 Filtering Filters communications between wireless clients, controls access to the 5-155 management interface from wireless clients, and filters traffic using specific Ethernet protocol types 5-83 CHAPTER 5: COMMAND LINE INTERFACE Command Group Description Page WDS Bridge Configures WDS forwarding table settings 5-160 Spanning Tree Configures spanning tree parameters 5-167 Ethernet Interface Configures connection parameters for the Ethernet interface 5-173 Wireless Interface Configures radio interface settings 5-179 Wireless Security Configures radio interface security and encryption settings 5-201 Rogue AP Detection Configures settings for the detection of rogue access points in the network 5-201 Link Integrity Configures a link check to a host device on the wired network 5-217 IAPP Enables roaming between multi-vendor access points 5-220 VLANs Configures VLAN membership 5-221 WMM Configures WMM quality of service parameters 5-224 The access mode shown in the following tables is indicated by these abbreviations: Exec (Executive Mode), GC (Global Configuration), IC-E (Interface-Ethernet Configuration), IC-W (Interface-Wireless Configuration), and IC-W-VAP (Interface-Wireless VAP Configuration). General Commands Table 10 General Commands Command Function Mode Page configure Activates global configuration mode Exec 5-84 end Returns to previous configuration mode GC, IC 5-85 exit Returns to the previous configuration mode, or exits the CLI any 5-86 ping Sends ICMP echo request packets to another node on the network Exec 5-86 reset Restarts the system Exec 5-87 show history Shows the command history buffer Exec 5-88 show line Shows the configuration settings for the console port Exec 5-88 configure This command activates Global Configuration mode. You must enter this mode to modify most of the settings on the access point. You must also enter Global Configuration mode prior to enabling the context modes for Interface Configuration. See “Using the Command Line Interface” on page 77. 5-84 Using the Command Line Interface Default Setting None Command Mode Exec Example Enterprise AP#configure Enterprise AP(config)# Related Commands end (5-85) end This command returns to the previous configuration mode. Default Setting None Command Mode Global Configuration, Interface Configuration Example This example shows how to return to the Configuration mode from the Interface Configuration mode: Enterprise AP(if-ethernet)#end Enterprise AP(config)# 5-85 CHAPTER 5: COMMAND LINE INTERFACE exit This command returns to the Exec mode or exits the configuration program. Default Setting None Command Mode Any Example This example shows how to return to the Exec mode from the Interface Configuration mode, and then quit the CLI session: Enterprise AP(if-ethernet)#exit Enterprise AP#exit CLI session with the Access Point is now closed Username: ping This command sends ICMP echo request packets to another node on the network. Syntax ping • host_name - Alias of the host. • ip_address - IP address of the host. Default Setting None Command Mode Exec Command Usage • Use the ping command to see if another site on the network can be reached. • The following are some results of the ping command: - Normal response - The normal response occurs in one to ten seconds, depending on network traffic. - Destination does not respond - If the host does not respond, a “timeout” appears in ten seconds. 5-86 Using the Command Line Interface - Destination unreachable - The gateway for this destination indicates that the destination is unreachable. - Network or host unreachable - The gateway found no corresponding entry in the route table. • Press to stop pinging. Example Enterprise AP#ping 10.1.0.19 192.254.2.19 is alive Enterprise AP# reset This command restarts the system or restores the factory default settings. Syntax reset • board - Reboots the system. • configuration - Resets the configuration settings to the factory defaults, and then reboots the system. Default Setting None Command Mode Exec Command Usage When the system is restarted, it will always run the Power-On Self-Test. Example This example shows how to reset the system: Enterprise AP#reset board Reboot system now? : y 5-87 CHAPTER 5: COMMAND LINE INTERFACE show history This command shows the contents of the command history buffer. Default Setting None Command Mode Exec Command Usage • The history buffer size is fixed at 10 commands. • Use the up or down arrow keys to scroll through the commands in the history buffer. Example In this example, the show history command lists the contents of the command history buffer: Enterprise AP#show history config exit show history Enterprise AP# show line This command displays the console port’s configuration settings. Command Mode Exec Example The console port settings are fixed at the values shown below. Enterprise AP#show line Console Line Information ====================================================== databits : 8 parity : none speed : 9600 stop bits : 1 ====================================================== Enterprise AP# 5-88 Using the Command Line Interface System Management Commands These commands are used to configure the user name, password, system logs, browser management options, clock settings, and a variety of other system information. Table 11 System Management Commands Command Function Mode Page Sets the access point country code Exec 5--90 prompt Customizes the command line prompt GC 5--91 system name Specifies the host name for the access point GC 5-92 snmp-server contact Sets the system contact string GC 5-121 snmp-server location Sets the system location string GC 5-122 username Configures the user name for management access GC 5-92 password Specifies the password for management access GC 5-93 ip ssh-server enable Enables the Secure Shell server IC-E 5-93 ip ssh-server port Sets the Secure Shell port IC-E 5-94 IC-E 5-94 Country Setting country Device Designation Management Access ip telnet-server enable Enables the Telnet server APmgmtIP Specifies an IP address or range of addresses allowed access GC to the management interface 5-99 APmgmtUI Enables or disables SNMP, Telnet or web management access GC 5-100 show APmanagement Shows the AP management configuration Exec 5-101 ip http port Specifies the port to be used by the web browser interface GC 5-95 ip http server Allows the access point to be monitored or configured from GC a browser 5-95 ip https port Specifies the UDP port number used for a secure HTTP connection to the access point’s Web interface GC 5-96 ip https server Enables the secure HTTP server on the access point GC 5-97 web-redirect Enables web authentication of clients using a public access Internet service GC 5-98 show system Displays system information Exec 5-102 show version Displays version information for the system Exec 5-103 show config Displays detailed configuration information for the system Exec 5-103 show hardware Displays the access point’s hardware version Exec 5-108 Web Server System Status 5-89 CHAPTER 5: COMMAND LINE INTERFACE country This command configures the access point’s country code, which identifies the country of operation and sets the authorized radio channels. Syntax country country_code - A two character code that identifies the country of operation. See the following table for a full list of codes. Table 12 Country Codes Country Code Country Code Country Code Country Code Albania AL Dominican Republic DO Kuwait KW Romania RO Algeria DZ Ecuador EC Latvia LV Russia RU Argentina AR Egypt EG Lebanon LB Saudi Arabia SA Armenia AM Estonia EE Liechtenstein LI Singapore SG Australia AU Finland FI Lithuania LT Slovak Republic SK Austria AT France FR Macao MO Spain ES Azerbaijan AZ Georgia GE Macedonia MK Sweden SE Bahrain BH Germany DE Malaysia MY Switzerland CH Belarus BY Greece GR Malta MT Syria SY Belgium BE Guatemala GT Mexico MX Taiwan TW Honduras HN Monaco MC Thailand TH Belize BZ Hong Kong HK Morocco MA Trinidad & Tobago TT Bolivia BO Hungary HU Netherlands NL Tunisia TN Brazil BR Iceland IS New Zealand NZ Turkey TR Brunei Darussalam BN India IN Norway NO Ukraine UA Bulgaria BG Indonesia ID Qatar QA United Arab Emirates AE Canada CA Iran IR Oman OM United Kingdom GB Chile CL Ireland IE Pakistan PK United States US China CN Israel IL Panama PA Uruguay UY Colombia CO Italy IT Peru PE Uzbekistan UZ 5-90 Using the Command Line Interface Country Code Country Code Country Code Country Code Costa Rica CR Japan JP Philippines PH Yemen YE Croatia HR Jordan JO Poland PL Venezuela VE Cyprus CY Kazakhstan KZ Portugal PT Vietnam VN Czech Republic CZ North Korea KP Puerto Rico PR Zimbabwe ZW Denmark DK Korea Republic KR Slovenia SI Elsalvador SV Luxembourg LU South Africa ZA Default Setting US - for units sold in the United States 99 (no country set) - for units sold in other countries Command Mode Exec Command Usage • If you purchased an access point outside of the United States, the country code must be set before radio functions are enabled. • The available Country Code settings can be displayed by using the country ? command. Example Enterprise AP#country tw Enterprise AP# prompt This command customizes the CLI prompt. Use the no form to restore the default prompt. Syntax prompt no prompt string - Any alphanumeric string to use for the CLI prompt. (Maximum length: 32 characters) 5-91 CHAPTER 5: COMMAND LINE INTERFACE Default Setting Enterprise AP Command Mode Global Configuration Example Enterprise AP(config)#prompt RD2 RD2(config)# system name This command specifies or modifies the system name for this device. Use the no form to restore the default system name. Syntax system name no system name name - The name of this host. (Maximum length: 32 characters) Default Setting Enterprise AP Command Mode Global Configuration Example Enterprise AP(config)#system name AP Enterprise AP(config)# username This command configures the user name for management access. Syntax username name - The name of the user. (Length: 3-16 characters, case sensitive) 5-92 Using the Command Line Interface Default Setting admin Command Mode Global Configuration Example Enterprise AP(config)#username bob Enterprise AP(config)# password After initially logging onto the system, you should set the password. Remember to record it in a safe place. Use the no form to reset the default password. Syntax password no password password - Password for management access. (Length: 3-16 characters, case sensitive) Default Setting null Command Mode Global Configuration Example Enterprise AP(config)#password Enterprise AP(config)# ip ssh-server enable This command enables the Secure Shell server. Use the no form to disable the server. Syntax ip ssh-server enable no ip ssh-server Default Setting Disabled 5-93 CHAPTER 5: COMMAND LINE INTERFACE Command Mode Interface Configuration (Ethernet) Command Usage • The access point supports Secure Shell version 2.0 only. • After boot up, the SSH server needs about two minutes to generate host encryption keys. The SSH server is disabled while the keys are being generated. The show system command displays the status of the SSH server. Example Enterprise AP(if-ethernet)#ip ssh-server enable Enterprise AP(if-ethernet)# ip ssh-server port This command sets the Secure Shell server port. Use the no form to disable the server. Syntax ip ssh-server port • port-number - The UDP port used by the SSH server. (Range: 1-65535) Default Setting 22 Command Mode Interface Configuration (Ethernet) Example Enterprise AP(if-ethernet)#ip ssh-server port 1124 Enterprise AP(if-ethernet)# ip telnet-server enable This command enables the Telnet server. Use the no form to disable the server. Syntax ip telnet-server enable no ip telnet-server Default Setting Interface enabled 5-94 Using the Command Line Interface Command Mode Interface Configuration (Ethernet) Example Enterprise AP(if-ethernet)#ip telnet-server enable Enterprise AP(if-ethernet)# ip http port This command specifies the TCP port number used by the web browser interface. Use the no form to use the default port. Syntax ip http port no ip http port port-number - The TCP port to be used by the browser interface. (Range: 1024-65535) Default Setting 80 Command Mode Global Configuration Example Enterprise AP(config)#ip http port 769 Enterprise AP(config)# Related Commands ip http server (5-95) ip http server This command allows this device to be monitored or configured from a browser. Use the no form to disable this function. Syntax [no] ip http server Default Setting Enabled 5-95 CHAPTER 5: COMMAND LINE INTERFACE Command Mode Global Configuration Example Enterprise AP(config)#ip http server Enterprise AP(config)# Related Commands ip http port (5-95) ip https port Use this command to specify the UDP port number used for HTTPS/SSL connection to the access point’s Web interface. Use the no form to restore the default port. Syntax ip https port no ip https port port_number – The UDP port used for HTTPS/SSL. (Range: 80, 1024-65535) Default Setting 443 Command Mode Global Configuration Command Usage • You cannot configure the HTTP and HTTPS servers to use the same port. • To avoid using common reserved TCP port numbers below 1024, the configurable range is restricted to 443 and between 1024 and 65535. • If you change the HTTPS port number, clients attempting to connect to the HTTPS server must specify the port number in the URL, in this format: https://device:port_number Example Enterprise AP(config)#ip https port 1234 Enterprise AP(config)# 5-96 Using the Command Line Interface ip https server Use this command to enable the secure hypertext transfer protocol (HTTPS) over the Secure Socket Layer (SSL), providing secure access (i.e., an encrypted connection) to the access point’s Web interface. Use the no form to disable this function. Syntax [no] ip https server Default Setting Disabled Command Mode Global Configuration Command Usage • Both HTTP and HTTPS service can be enabled independently. • If you enable HTTPS, you must indicate this in the URL: https://device:port_number] • When you start HTTPS, the connection is established in this way: - The client authenticates the server using the server’s digital certificate. - The client and server negotiate a set of security protocols to use for the connection. - The client and server generate session keys for encrypting and decrypting data. • The client and server establish a secure encrypted connection. A padlock icon should appear in the status bar for Internet Explorer 5.x. Example Enterprise AP(config)#ip https server Enterprise AP(config)# 5-97 CHAPTER 5: COMMAND LINE INTERFACE web-redirect Use this command to enable web-based authentication of clients. Use the no form to disable this function. Syntax [no] web-redirect Default Setting Disabled Command Mode Global Configuration Command Usage • The web redirect feature is used to support billing for a public access wireless network. After successful association to an access point, a client is “redirected” to an access point login web page as soon as Internet access is attempted. The client is then authenticated by entering a user name and password on the web page. This process allows controlled access for clients without requiring 802.1X or MAC authentication. • Web redirect requires a RADIUS server on the wired network with configured user names and passwords for authentication. The RADIUS server details must also be configured on the access point. (See “show bootfile” on page 140.) • Use the show system command to display the current web redirect status. Example Enterprise AP(config)#web-redirect Enterprise AP(config)# 5-98 Using the Command Line Interface APmgmtIP This command specifies the client IP addresses that are allowed management access to the access point through various protocols. NOTE: Secure Web (HTTPS) connections are not affected by the UI Management or IP Management settings. Syntax APmgmtIP • multiple - Adds IP addresses within a specifiable range to the SNMP, web and Telnet groups. • single - Adds an IP address to the SNMP, web and Telnet groups. • any - Allows any IP address access through SNMP, web and Telnet groups. • IP_address - Adds IP addresses to the SNMP, web and Telnet groups. • subnet_mask - Specifies a range of IP addresses allowed management access. Default Setting All addresses Command Mode Global Configuration Command Usage • If anyone tries to access a management interface on the access point from an invalid address, the unit will reject the connection, enter an event message in the system log, and send a trap message to the trap manager. • IP address can be configured for SNMP, web and Telnet access respectively. Each of these groups can include up to five different sets of addresses, either individual addresses or address ranges. • When entering addresses for the same group (i.e., SNMP, web or Telnet), the access point will not accept overlapping address ranges. When entering addresses for different groups, the access point will accept overlapping address ranges. • You cannot delete an individual address from a specified range. You must delete the entire range, and reenter the addresses. • You can delete an address range just by specifying the start address, or by specifying both the start address and end address. 5-99 CHAPTER 5: COMMAND LINE INTERFACE Example This example restricts management access to the indicated addresses. Enterprise AP(config)#apmgmtip multiple 192.254.1.50 255.255.255.0 Enterprise AP(config)# APmgmtUI This command enables and disables management access to the access point through SNMP, Telnet and web interfaces. NOTE: Secure Web (HTTPS) connections are not affected by the UI Management or IP Management settings. Syntax APmgmtUI <[SNMP | Telnet | Web] enable | disable> • SNMP - Specifies SNMP management access. • Telnet - Specifies Telnet management access. • Web - Specifies web based management access. - enable/disable - Enables or disables the selected management access method. Default Setting All enabled Command Mode Global Configuration Example This example restricts management access to the indicated addresses. Enterprise AP(config)#apmgmtui SNMP enable Enterprise AP(config)# 5-100 Using the Command Line Interface show apmanagement This command shows the AP management configuration, including the IP addresses of management stations allowed to access the access point, as well as the interface protocols which are open to management access. Command Mode Exec Example Enterprise AP#show apmanagement Management AP Information ================================= AP Management IP Mode: Any IP Telnet UI: Enable WEB UI : Enable SNMP UI : Enable ================================== Enterprise AP# 5-101 CHAPTER 5: COMMAND LINE INTERFACE show system This command displays basic system configuration settings. Default Setting None Command Mode Exec Example Enterprise AP#show system System Information ========================================================== Serial Number : A123456789 System Up time : 0 days, 4 hours, 33 minutes, 29 seconds System Name : Enterprise Wireless AP System Location System Contact System Country Code : US - UNITED STATES MAC Address : 00-30-F1-F0-9A-9C IP Address : 192.254.2.1 Subnet Mask : 255.255.255.0 Default Gateway : 0.0.0.0 VLAN State : DISABLED Management VLAN ID(AP): 1 IAPP State : ENABLED DHCP Client : ENABLED HTTP Server : ENABLED HTTP Server Port : 80 HTTPS Server : ENABLED HTTPS Server Port : 443 Slot Status : Dual band(a/g) Boot Rom Version : v3.0.3 Software Version : v4.3.1.9 SSH Server : ENABLED SSH Server Port : 22 Telnet Server : ENABLED WEB Redirect : DISABLED DHCP Relay : DISABLED Proxy ARP : DISABLED ========================================================== Enterprise AP# 5-102 Using the Command Line Interface show version This command displays the software version for the system. Command Mode Exec Example Enterprise AP#show version Version Information ========================================= Version: v4.3.2.2 Date : Dec 20 2005, 18:38:12 ========================================= Enterprise AP# show config This command displays detailed configuration information for the system. Command Mode Exec Example Enterprise AP#show config Authentication Information =========================================================== MAC Authentication Server : DISABLED MAC Auth Session Timeout Value : 0 min 802.1x supplicant : DISABLED 802.1x supplicant user : EMPTY 802.1x supplicant password : EMPTY Address Filtering : ALLOWED System Default : ALLOW addresses not found in filter table. Filter Table ----------------------------------------------------------No Filter Entries. Bootfile Information =================================== Bootfile : ec-img.bin =================================== 5-103 CHAPTER 5: COMMAND LINE INTERFACE Protocol Filter Information =========================================================== Local Bridge :DISABLED AP Management :ENABLED Ethernet Type Filter :DISABLED Enabled Protocol Filters ----------------------------------------------------------No protocol filters are enabled =========================================================== Hardware Version Information =========================================== Hardware version R01A =========================================== Ethernet Interface Information ======================================== IP Address : 192.254.0.151 Subnet Mask : 255.255.255.0 Default Gateway : 192.254.0.1 Primary DNS : 210.200.211.225 Secondary DNS : 210.200.211.193 Speed-duplex : 100Base-TX Full Duplex Admin status : Up Operational status : Up ======================================== Wireless Interface 802.11a Information =========================================================== ----------------Identification----------------------------Description : 802.11a Access Point SSID : A 0 Channel : 0 (AUTO) Status : Disable ----------------802.11 Parameters-------------------------Transmit Power : 100% (5 dBm) Data Rate : 54Mbps Fragmentation Threshold : 2346 bytes RTS Threshold : 2347 bytes Beacon Interval : 100 TUs DTIM Interval : 1 beacon Maximum Association : 64 stations Native VLAN ID : 1 5-104 Using the Command Line Interface ----------------Security----------------------------------Closed System : DISABLED Multicast cipher : WEP Unicast cipher : TKIP and AES WPA clients : REQUIRED WPA Key Mgmt Mode : PRE SHARED KEY WPA PSK Key Type : ALPHANUMERIC Encryption : DISABLED Default Transmit Key : 1 Static Keys : Key 1: EMPTY Key 2: EMPTY Key 3: EMPTY Key 4: EMPTY Key Length : Key 1: ZERO Key 2: ZERO Key 3: ZERO Key 4: ZERO Authentication Type : OPEN Rogue AP Detection : Disabled Rogue AP Scan Interval : 720 minutes Rogue AP Scan Duration : 350 milliseconds =========================================================== Console Line Information =========================================================== databits : 8 parity : none speed : 9600 stop bits : 1 =========================================================== Logging Information ===================================================== Syslog State : Disabled Logging Console State : Disabled Logging Level : Informational Logging Facility Type : 16 Servers 1: 0.0.0.0 , UDP Port: 514, State: Disabled 2: 0.0.0.0 , UDP Port: 514, State: Disabled 3: 0.0.0.0 , UDP Port: 514, State: Disabled 4: 0.0.0.0 , UDP Port: 514, State: Disabled ====================================================== Radius Server Information ======================================== IP : 0.0.0.0 Port : 1812 Key : ***** Retransmit : 3 Timeout : 5 Radius MAC format : no-delimiter Radius VLAN format : HEX ======================================== 5-105 CHAPTER 5: COMMAND LINE INTERFACE Radius Secondary Server Information ======================================== IP : 0.0.0.0 Port : 1812 Key : ***** Retransmit : 3 Timeout : 5 Radius MAC format : no-delimiter Radius VLAN format : HEX ======================================== SNMP Information ============================================== Service State : Disable Community (ro) : ******** Community (rw) : ******** Location Contact : Contact EngineId :80:00:07:e5:80:00:00:29:f6:00:00:00:0c EngineBoots:2 Trap Destinations: 1: 0.0.0.0, Community: *****, State: Disabled 2: 0.0.0.0, Community: *****, State: Disabled 3: 0.0.0.0, Community: *****, State: Disabled 4: 0.0.0.0, Community: *****, State: Disabled dot11InterfaceAGFail Enabled dot11InterfaceBFail Enabled dot11StationAssociation Enabled dot11StationAuthentication Enabled dot11StationReAssociation Enabled dot11StationRequestFail Enabled dot1xAuthFail Enabled dot1xAuthNotInitiated Enabled dot1xAuthSuccess Enabled dot1xMacAddrAuthFail Enabled dot1xMacAddrAuthSuccess Enabled iappContextDataSent Enabled iappStationRoamedFrom Enabled iappStationRoamedTo Enabled localMacAddrAuthFail Enabled localMacAddrAuthSuccess Enabled pppLogonFail Enabled sntpServerFail Enabled configFileVersionChanged Enabled radiusServerChanged Enabled systemDown Enabled systemUp Enabled ============================================= 5-106 Using the Command Line Interface SNTP Information =========================================================== Service State : Disabled SNTP (server 1) IP : 137.92.140.80 SNTP (server 2) IP : 192.43.244.18 Current Time : 00 : 14, Jan 1st, 1970 Time Zone : -5 (BOGOTA, EASTERN, INDIANA) Daylight Saving : Disabled =========================================================== Station Table Information =========================================================== if-wireless A VAP [0] 802.11a Channel : Auto No 802.11a Channel Stations. if-wireless G VAP [0] 802.11g Channel : Auto No 802.11g Channel Stations. System Information ============================================================== Serial Number System Up time : 0 days, 0 hours, 16 minutes, 51 seconds System Name : Enterprise Wireless AP System Location System Contact : Contact System Country Code : 99 - NO_COUNTRY_SET MAC Address : 00-12-CF-05-B7-84 IP Address : 192.254.0.151 Subnet Mask : 255.255.255.0 Default Gateway : 192.254.0.1 VLAN State : DISABLED Management VLAN ID(AP): 1 IAPP State : ENABLED DHCP Client : ENABLED HTTP Server : ENABLED HTTP Server Port : 80 HTTPS Server : ENABLED HTTPS Server Port : 443 Slot Status : Dual band(a/g) Boot Rom Version : v3.0.7 Software Version : v4.3.2.2 5-107 CHAPTER 5: COMMAND LINE INTERFACE SSH Server : ENABLED SSH Server Port : 22 Telnet Server : ENABLED WEB Redirect : DISABLED DHCP Relay : DISABLED ============================================================== Version Information ========================================= Version: v4.3.2.2 Date : Dec 20 2005, 18:38:12 ========================================= Enterprise AP# show hardware This command displays the hardware version of the system. Command Mode Exec Example Enterprise AP#show hardware Hardware Version Information =========================================== Hardware version R01 =========================================== Enterprise AP# System Logging Commands These commands are used to configure system logging on the access point. Table 13 System Loggign Commands Command Function Mode Page logging on Controls logging of error messages GC 5-109 logging host Adds a syslog server host IP address that will receive logging messages GC 5-109 logging console Initiates logging of error messages to the console GC 5-110 logging level Defines the minimum severity level for event logging GC 5-110 logging facility-type Sets the facility type for remote logging of syslog messages GC 5-111 logging clear Clears all log entries in access point memory GC 5-112 show logging Displays the state of logging Exec 5-112 show event-log Displays all log entries in access point memory Exec 5-113 5-108 Using the Command Line Interface logging on This command controls logging of error messages; i.e., sending debug or error messages to memory. The no form disables the logging process. Syntax [no] logging on Default Setting Disabled Command Mode Global Configuration Command Usage The logging process controls error messages saved to memory. You can use the logging level command to control the type of error messages that are stored in memory. Example Enterprise AP(config)#logging on Enterprise AP(config)# logging host This command specifies syslog servers host that will receive logging messages. Use the no form to remove syslog server host. Syntax logging host <1 | 2 | 3 | 4> [udp_port] no logging host <1 | 2 | 3 | 4> • • • • • • • 1 - First syslog server. 2 - Second syslog server. 3 - Third syslog server. 4 - Fourth syslog server. host_name - The name of a syslog server. (Range: 1-20 characters) host_ip_address - The IP address of a syslog server. udp_port - The UDP port used by the syslog server. 5-109 CHAPTER 5: COMMAND LINE INTERFACE Default Setting None Command Mode Global Configuration Example Enterprise AP(config)#logging host 1 10.1.0.3 Enterprise AP(config)# logging console This command initiates logging of error messages to the console. Use the no form to disable logging to the console. Syntax [no] logging console Default Setting Disabled Command Mode Global Configuration Example Enterprise AP(config)#logging console Enterprise AP(config)# logging level This command sets the minimum severity level for event logging. Syntax logging level Default Setting Informational Command Mode Global Configuration 5-110 Using the Command Line Interface Command Usage Messages sent include the selected level down to Emergency level. Level Argument Description Emergency System unusable Alert Immediate action needed Critical Critical conditions (e.g., memory allocation, or free memory error - resource exhausted) Error Error conditions (e.g., invalid input, default used) Warning Warning conditions (e.g., return false, unexpected return) Notice Normal but significant condition, such as cold start Informational Informational messages only Debug Debugging messages Example Enterprise AP(config)#logging level alert Enterprise AP(config)# logging facility-type This command sets the facility type for remote logging of syslog messages. Syntax logging facility-type type - A number that indicates the facility used by the syslog server to dispatch log messages to an appropriate service. (Range: 16-23) Default Setting 16 Command Mode Global Configuration Command Usage The command specifies the facility type tag sent in syslog messages. (See RFC 3164.) This type has no effect on the kind of messages reported by the access point. However, it may be used by the syslog server to sort messages or to store messages in the corresponding database. 5-111 CHAPTER 5: COMMAND LINE INTERFACE Example Enterprise AP(config)#logging facility 19 Enterprise AP(config)# logging clear This command clears all log messages stored in the access point’s memory. Syntax logging clear Command Mode Global Configuration Example Enterprise AP(config)#logging clear Enterprise AP(config)# show logging This command displays the logging configuration. Syntax show logging Command Mode Exec Example Enterprise AP#show logging Logging Information ============================================ Syslog State : Enabled Logging Console State : Enabled Logging Level : Alert Logging Facility Type : 16 Servers 1: 192.254.2.19, UDP Port: 514, State: Enabled 2: 0.0.0.0, UDP Port: 514, State: Disabled 3: 0.0.0.0, UDP Port: 514, State: Disabled 4: 0.0.0.0, UDP Port: 514, State: Disabled ============================================= Enterprise AP# 5-112 Using the Command Line Interface show event-log This command displays log messages stored in the access point’s memory. Syntax show event-log Command Mode Exec Example Enterprise AP#show event-log Mar 09 11:57:55 Information: Mar 09 11:57:55 Information: Mar 09 11:57:34 Information: Mar 09 11:57:18 Information: Mar 09 11:56:35 Information: Mar 09 11:55:52 Information: Mar 09 11:55:52 Information: Mar 09 11:55:52 Information: Mar 09 11:55:40 Information: Mar 09 11:55:40 Information: Press next.
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.6 Linearized : No Tagged PDF : Yes Page Mode : UseNone XMP Toolkit : 3.1-701 Producer : Acrobat Distiller 7.0 (Windows) Create Date : 2006:06:15 14:47:40Z Creator Tool : FrameMaker 7.0 Modify Date : 2006:06:19 14:44:14+08:00 Metadata Date : 2006:06:19 14:44:14+08:00 Format : application/pdf Title : WA6102X-2-32-UG.booK Creator : david Document ID : uuid:a34416a0-3bfc-4355-873b-2196a6e356a0 Instance ID : uuid:d75cdb40-e6b8-42af-8960-da1a53faa255 Has XFA : No Page Count : 163 Author : davidEXIF Metadata provided by EXIF.tools