Page 1 Motorola RFS Series Wireless LAN Switches WiNG CLI Reference Guide...
Page 2 © 2008 Motorola, Inc. All rights reserved. MOTOROLA and the Stylized M Logo are registered in the US Patent & Trademark Office. Symbol is a registered trademark of Symbol Technologies, Inc. All other product or service names are the property of their respective owners.
Page 3: About This Guide
The administrator should be familiar with wireless technologies, networking concepts, Ethernet concepts, IP addressing and SNMP. To avoid confusion amongst WS5100, RFS6000 and RFS7000 CLI users, generic examples are used throughout this guide. These examples are relevant to each switch.
Page 4: How To Use This Guide
RFSwitch> The syntax, parameters and descriptions within this guide can also be used generically for a WS5100, RFS6000 and RFS7000 model switch. However, some subtle differences do exist amongst these baselines. These differences are strongly noted within the specific commands impacted. When these differences are noted, the options available to each switch baseline are described in detail.
Page 5: Dhcp Class Instance
Chapter Jump to this section if you want to... Chapter 8, “Crypto-peer Summarize the commands within the crypto-peer Instance” switch CLI. Chapter 9, “Crypto-ipsec Review the commands within the crypto-ipsec Instance” switch CLI. Chapter 10, “Crypto-map Understand the commands within the crypto-map Instance”...
Page 6 Motorola RF Switch CLI Reference Guide Chapter Jump to this section if you want to... Chapter 22, “ARPI Instance” Review the instance commands within (config-arpi) the switch CLI Chapter 23, “ESPI Instance” Review the instance commands within (config-espi) the switch CLI...
Page 7: Conventions Used In This Guide
NOTE: Indicates tips or special requirements. CAUTION: Indicates conditions that can cause equipment damage or data loss. SWITCH NOTE: Indicates caveats unique to a WS5100, RFS6000 or RFS7000 model switch. WARNING! Indicates a condition or procedure that could result in personal injury or equipment damage.
Page 8: Notational Conventions
Motorola RF Switch CLI Reference Guide Notational Conventions The following notational conventions are used in this document: • Italics are used to highlight specific items in the general text, and to identify chapters and sections in this and related documents.
Page 9 Motorola Service Information Use the Motorola Support Center as the primary contact for any technical problem, question, or support issue involving Motorola products. Motorola Support Center responds to calls by email, telephone or fax within the time limits set forth in individual contractual...
Page 10: General Information
Motorola RF Switch CLI Reference Guide General Information For general information, contact Motorola at: Telephone (North America): 1-800-722-6234 Telephone (International): +1-631-738-5200 Website: http://www.motorola.com...
Page 11 OTHER LEGAL ENTITY, YOU REPRESENT AND WARRANT THAT YOU HAVE THE AUTHORITY TO BIND THAT COMPANY, PERSON OR ENTITY. 1. LICENSE GRANT. Subject to the terms of this Agreement, Motorola, Inc. and/or its subsidiaries ("Licensor") hereby grants Licensee a limited, personal, non-sublicensable, non transferable, nonexclusive license to use the software that Licensee is about to download or install and the documentation that accompanies it (collectively, the "Software") for...
Page 12 Motorola RF Switch CLI Reference Guide 3. INTELLECTUAL PROPERTY; CONTENT. All title and intellectual property rights in and to the Software (including but not limited to any images, photographs, animations, video, audio, music, text and "applets" incorporated into the Software), and any copies you are permitted to make herein are owned by Licensor or its suppliers.
Page 13 xvii 6. DISCLAIMER OF WARRANTIES. To the maximum extent permitted by applicable law, Licensor and its suppliers provide the Software and any (if any) Support Services AS IS AND WITH ALL FAULTS, and hereby disclaim all warranties and conditions, either express, implied or statutory, including, but not limited to, any (if any) implied warranties or conditions of merchantability, of fitness for a particular purpose, of lack of viruses, of accuracy or completeness of responses, of results, and of lack of negligence or lack of...
Page 14 "Restricted Rights" as provided for in FAR, 48 CFR 52.227-14 (JUNE 1987) or DFAR, 48 CFR 252.227- 7013 (OCT 1988), as applicable. The "Manufacturer" for purposes of these regulations is Motorola, Inc., One Symbol Plaza, Holtsville, NY 11742. 12. EXPORT RESTRICTIONS. Licensee shall comply with all export laws and restrictions and regulations of the Department of Commerce, the United States Department of Treasury Office of Foreign Assets Control ("OFAC"), or other United States or foreign agency or...
Page 15 waiver. This Agreement shall be governed by the laws of the State of New York without regard to the conflicts of law provisions thereof. The application the United Nations Convention of Contracts for the International Sale of Goods is expressly excluded. Unless waived by Licensor for a particular instance, any action or proceeding arising out of this Agreement must be brought exclusively in the state or federal courts of New York and Licensee hereby consents to the jurisdiction of such courts for any such action or proceeding.
Page 16 Motorola RF Switch CLI Reference Guide...
Page 17: Table Of Contents
Contents Chapter 1. Introduction 1.1 CLI Overview ..............1-2 1.2 Getting Context Sensitive Help .
Page 18 TOC-2 Motorola RF Switch CLI Reference Guide 2.2.4 crypto ............. . . 2-33 2.2.5 environment.
Page 19 Contents - TOC-3 2.2.42 ftp..............2-98 2.2.43 password-encryption .
Page 20 TOC-4 Motorola RF Switch CLI Reference Guide 4.1.13 dir..............4-21 4.1.14 disable .
Page 21 Contents - TOC-5 5.1.10 do ..............5-35 5.1.11 end .
Page 22 TOC-6 Motorola RF Switch CLI Reference Guide 6.1.2 clrscr ..............6-3 6.1.3 encryption .
Page 23 Contents - TOC-7 9.1.2 show ..............9-3 Chapter 10.
Page 24 TOC-8 Motorola RF Switch CLI Reference Guide 12.1.5 end ..............12-7 12.1.6 exit .
Page 25 Contents - TOC-9 14.1.2.1 Example - Denying Traffic Between Two Subnets....14-8 14.1.2.2 Example - Denying TCP Based Traffic ......14-8 14.1.2.3 Example - Denying UDP Based Traffic .
Page 26 TOC-10 Motorola RF Switch CLI Reference Guide 15.2 Use Case: Configuring IP Standard ACL ......... . 15-19 Chapter 16.
Page 27 Contents - TOC- 17.1.9 dns-server ............17-14 17.1.10 domain-name.
Page 28 TOC-12 Motorola RF Switch CLI Reference Guide Chapter 19. Radius Server Instance 19.1 Radius Configuration Commands ..........19-1 19.1.1 authentication .
Page 29 Contents - TOC- 20.1.3 adoption-pref-id............20-7 20.1.4 ap .
Page 30 TOC-14 Motorola RF Switch CLI Reference Guide 20.1.38 wlan-bw-allocation ........... 20-82 Chapter 21.
Page 31 Contents - TOC- 23.1.2 clrscr ............. . . 23-3 23.1.3 end .
Page 32 TOC-16 Motorola RF Switch CLI Reference Guide...
Page 33: Chapter 1. Introduction
This chapter describes the commands defined by the switch Command Line Interface (CLI). Access the CLI (on the supported WS5100, RFS6000 and RFS7000 models) by running a terminal emulation program on a computer connected to the serial port on the front of the switch, or by using a Telnet session via secure shell (SSH) to access the switch over the network.
Page 34: Cli Overview
WS5100, RFS6000 or RFS7000 model used. Enter a question mark (?) at the system prompt to view a list of commands available for each command mode/instance.
Page 35 Introduction 1- Table 1.1 summarizes the commands available from the switch Table 1.1 RF Switch CLI Hierarchy User Exec Mode Priv Exec Mode Global Configuration Mode clear acknowledge clrscr archive access-list cluster-cli autoinstall debug change-passwd banner disable clear bridge enable clock country-code exit...
Page 36 Motorola RF Switch CLI Reference Guide User Exec Mode Priv Exec Mode Global Configuration Mode help prompt kill radius-server logout redundancy mkdir service more snmp-server spanning-tree page timezone ping username quit wlan-acl reload rename rmdir service show telnet terminal traceroute...
Page 37: Getting Context Sensitive Help
Introduction 1- 1.2 Getting Context Sensitive Help Enter a question mark (?) at the system prompt to display a list of commands available for each mode. Obtain a list of arguments and keywords for any command using the CLI context-sensitive help. Use the following commands to obtain help specific to a command mode, command name, keyword or argument: Command...
Page 38: Using The No And Default Command Forms
Motorola RF Switch CLI Reference Guide Enter a question mark (?) (in place of a keyword or argument) to list keywords or arguments. Include a space before the ?. This form of help is called command syntax help. It shows the keywords or arguments available based on the command/keyword and argument already entered.
Page 39: Basic Conventions
Introduction 1- 1.3.1 Basic Conventions Keep the following conventions in mind while working within the CLI: • Use ? at the end of a command to display available sub-modes . Type the first few characters of the sub-mode and press the tab key to add the sub-mode. Continue using ? until you reach the last sub-mode •...
Page 40: Moving The Cursor On The Command Line
Motorola RF Switch CLI Reference Guide 1.4.1 Moving the Cursor on the Command Line Table 1.2 shows the key combinations or sequences to move the cursor on the command line. Ctrl defines the Control key, which must be pressed simultaneously with its associated letter key.
Page 41: Completing A Partial Command Name
Introduction 1- Function Keystrokes Summary Function Details Ctrl-P Obtains the prior command from memory Ctrl-N Obtains the next command from memory Esc-C Converts the rest of a word to uppercase Esc-L Converts the rest of a word to lowercase Esc-D Deletes the remainder of a word Ctrl-W Deletes the word up to the cursor...
Page 42: Deleting Entries
1-10 Motorola RF Switch CLI Reference Guide Enter a question mark (?) to obtain a list of commands beginning with that set of characters. Do not leave a space between the last letter and the question mark (?). For example, entering...
Page 43: Command Output
Introduction 1- 1.4.5 Command Output pagination Output often extends beyond the visible screen length. For cases where output continues beyond the screen, the output is paused and a Press Any Key to Continue (Q to prompt displays at the bottom of the screen. To resume the output, press the Return Quit) key to scroll down one line or press the Spacebar to display the next full screen of output.
Page 44 1-12 Motorola RF Switch CLI Reference Guide...
Page 45: Common Commands
Common Commands This chapter describes the CLI commands used in the USER EXEC and PRIV EXEC modes. The PRIV EXEC command set contains those commands available within the USER EXEC mode. Some commands can be entered in either mode. Commands entered in either USER EXEC mode or PRIV EXEC mode are referred to as EXEC mode commands.
Page 46: Clrscr
Motorola RF Switch CLI Reference Guide 2.1.1 clrscr Common Commands Clears the screen and refreshes the prompt (#) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch#clrscr...
Page 47: Exit
Common Commands 2.1.2 exit Common Commands Ends the current mode and moves to the previous mode Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config)#exit...
Page 48: Help
Motorola RF Switch CLI Reference Guide 2.1.3 help Common Commands Use this command to access the advanced help feature. Use “?” anytime at the command prompt to access the help topic. Two kinds of help are provided: 1. Full help is available when ready to enter a command argument.
Page 49 Common Commands radius RADIUS configuration commands redundancy-group Display redundancy group parameters redundancy-history Display state transition history of the switch. redundancy-members Display redundancy group members in detail snmp Display SNMP engine parameters snmp-server Display SNMP engine parameters terminal Display terminal configuration parameters timezone Display timezone users...
Page 50 Motorola RF Switch CLI Reference Guide 2.1.4 no Common Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax Parameters None Example (User Exec) RFSwitch>no ? cluster-cli Cluster context debug...
Page 51 Common Commands fallback Configures software fallback feature Configure FTP Server hostname Reset system's network name to default interface Delete a virtual interface Internet Protocol (IP) line Configure a terminal line local Local user authentication database for VPN logging Modify message logging facilities MAC configuration mac-address-table Configure MAC address table...
Page 52: Service
Motorola RF Switch CLI Reference Guide 2.1.5 service Common Commands Services or debugs the switch Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax (User Exec) service [diag|encrypt|save-cli|show|wireless] service (diag)[enable|fanduty <40-100>|identify|limit|period] service (diag)(limit)[buffer|fan|filesys|inodes|load|maxFDs| pkbuffers|procRAM|ram|routecache|temperature] service (diag)(limit)(buffer)[128|128k|16k|1k|256|2k|32|32k|4k|512| 64|64k|8k] service (diag)(limit)(fan)<1|2>...
Page 53 Common Commands Parameters (User Exec) diag Diagnostics • enable – Enables in-service diagnostics • fanduty <40-100> – Sets the CPU fan PWM duty cycle. Define a value between 40-100%. Setting a value below 60 is considered unreliable. • identify – Identifies a switch by flashing its LEDs •...
Page 54 2-10 Motorola RF Switch CLI Reference Guide • ram – Configures free space for the RAM. Configures the free space to anything between 0.0 to 100.0 percent. • routecache <0-65535> – Configures IP route cache usage. Set with a value between 0 and 65553.
Page 55 Common Commands 2-11 Displays running system information show • cli – Shows the CLI tree of the current mode • command-history – Displays the command (except show commands) history • crash-info – Displays information about core, panic and AP dump files •...
Page 56 2-12 Motorola RF Switch CLI Reference Guide Syntax (Priv Exec) service [clear|copy|diag|diag-shell|encrypt|pktcap|pm|save-cli| securitymgr|show|start-shell|test|watchdog|wireless] service clear [all|aplogs|clitree|cores|dumps|panics|securitymgr(flows) {<0-349>|WORD|all|eth <1-2>|vlan <1-4094>}] service copy (tech-support) (URL)[tftp|ftp|sftp] service diag [enable|fanduty|identify|limit|period] service diag-shell <Cr> service encrypt service pktcap (on) [bridge|interface|router] service pktcap (on) (bridge) [count <1-99999>|filter|verbose|write]...
Page 57 Common Commands 2-13 service securitymgr [disable|disable-flow-rate-limit|dump-core| enable-http-stats] service (show) [cli|command-history|crash-info|diag|info|last- passwd|memory|pm (history)[name|all]|process|reboot- history|securitymgr|startup-log|upgrade-history|watchdog|wireless] service (show) (securitymgr) (flows)[details|source][A.B.C.D|any](destination) [A.B.C.D|any](protocol) [any|icmp|tcp|udp] service start-shell service test service watchdog service wireless [ap-history|buffer-counters|clear-ap-log| dump-core|enhanced-beacon-table|enhanced-probe-table| idle-radio-send-multicast|legacy-load-balance|radio-misc-cfg| rate-scale|request-ap-log|save-ap-log|snmp-trap-throttle| vlan-cache]...
Page 58 2-14 Motorola RF Switch CLI Reference Guide Parameters (Priv Exec) clear Performs a variety of reset functions • all – Removes all core, dump and panic files • aplogs – Removes all AP log files • clitree – Removes clitree.html (created by the save-cli command) •...
Page 59 Common Commands 2-15 Sets or displays switch diagnostic values diag • enable – Enables in-service diagnostics • fanduty <40-100> – CPU fan PWM duty cycle. Set a value between 40-100%. Setting a value below 60 is considered unreliable. • identify – Identifies a switch by flashing the LEDs •...
Page 60 2-16 Motorola RF Switch CLI Reference Guide • procRAM – Configures the RAM space used by a process. Set the percentage of RAM space between 0.0 and 100.0 percent . • ram – Configures the free space for the RAM.
Page 61 Common Commands 2-17 Packet capture pktcap (on) [bridge|interface|router| • on – Defines the Capture location vpn] • bridge – Captures at the bridge [count|filter|verbose| write] • count – Limits the capture packet count • filter – Captures the filter • verbose – Displays full packet body •...
Page 62 2-18 Motorola RF Switch CLI Reference Guide Process Monitor • stop – Stops the PM from monitoring all daemons save-cli Saves the CLI tree for all modes in HTML securitymgr Securitymgr parameterss • disable – Disables securitymgr • disable-flow-rate-limit – Disables flow rate limitings •...
Page 63 Common Commands 2-19 Displays running system information show • cli – Shows the CLI tree of the current mode • command-history – Displays a command (except show commands) history • crash-info – Displays information about core, panic and AP dump files •...
Page 64 2-20 Motorola RF Switch CLI Reference Guide show securitymgr () Service Security Manager parameters • flows – Sessions established • details|source – Shows detailed flow statistics or the source IP address • [A.B.C.D|any] – Flows where source address is A.B.C.D or flows with any source address •...
Page 65 Common Commands 2-21 • legacy-load-balance – Invokes legacy load balance algorithms • radio-misc-cfg – Radio specific configuration U16 for all radios • rate-scale – Enables wireless rate scaling (default setting) • request-ap-log – Requests an AP log • save-ap-log – Saves debug/error logs sent by the access-port •...
Page 66 2-22 Motorola RF Switch CLI Reference Guide Process Monitor • sys-restart – Enables the PM to restart the system when a processes fails prompt Enable crash-info prompt • crash-info – Enables a crash-info prompt radius Enable radius server • restart – Restarts the radius server with an updated configuration Set service parameters.
Page 67 Common Commands 2-23 RFSwitch#service diag led ? 1 - upper LED 2 - lower LED RFSwitch#service diag led 1 ? amber amber blue blue RFSwitch#service diag led 1 amber ? flashing LED Flashing LED off LED on RFSwitch#service diag led 1 amber flashing RFSwitch#service diag led 1 amber flashing RFSwitch#service diag led 1 blue on RFSwitch#service diag led 1 red off...
Page 68 2-24 Motorola RF Switch CLI Reference Guide RFSwitch>service show command-history Configured size of command history is 200 Date & Time User Location Command =================================================================== May 31 21:57:44 2007 admin vty 130 exit May 31 20:30:11 2007 admin vty 130 configure terminal...
Page 69 Common Commands 2-25 - - - shutdown (ungraceful:unexpected cold restart) May 29 15:10:51 2007 startup - - - shutdown (ungraceful:unexpected cold restart) May 28 20:06:31 2007 startup - - - shutdown (ungraceful:unexpected cold restart) May 25 14:21:35 2007 startup - - - shutdown (ungraceful:unexpected cold restart) May 24 14:20:09 2007...
Page 70: Show
2-26 Motorola RF Switch CLI Reference Guide 2.2 show Common Commands Displays the settings for the specified system component. There are a number of ways to invoke the show command: • When invoked without any arguments, it displays information about the current context.
Page 71 Common Commands 2-27 Display Parameters Description Mode Example ldap Displays the LDAP server configuration Common page 46 licenses Displays the installed licenses, if any Common page 48 logging Displays the logging configuration and Common page 49 buffer Displays the media access control IP Common page 50 configuration...
Page 72 2-28 Motorola RF Switch CLI Reference Guide Display Parameters Description Mode Example static-channel-group Displays static channel group Common page 74 membership information terminal Displays terminal configuration Common page 75 parameters timezone Displays the timezone Common page 76 users Displays information about terminal...
Page 73 Common Commands 2-29 Display Parameters Description Mode Example debugging Displays the current debugging settings Privilege page 95 /Global Config dhcp Displays DHCP server configurations Privilege page 96 /Global Config file Displays filesystem information Privilege page 97 /Global Config Displays the FTP server configuration Privilege page 98 /Global...
Page 74: Autoinstall
2-30 Motorola RF Switch CLI Reference Guide 2.2.1 autoinstall Common to all modes Syntax show autoinstall Parameters None Example RFSwitch>show autoinstall RFSwitch>...
Page 75: Banner
Common Commands 2-31 2.2.2 banner Common to all modes Syntax show banner Parameters motd Defines the Message of the Day banner Example RFSwitch>show banner motd Welcome to CLI RFSwitch>...
Page 76: Commands
2-32 Motorola RF Switch CLI Reference Guide 2.2.3 commands Common to all modes Syntax RFSwitch>show commands Parameters None Example RFSwitch#show commands acknowledge alarm-log (all|<1-65535>) acknowledge alarm-log (all|<1-65535>) archive tar /create (FILE|URL) .FILE archive tar /create (FILE|URL) .FILE archive tar /table (FILE|URL)
Page 77: Crypto
Common Commands 2-33 2.2.4 crypto Common to all modes Syntax show crypto(ipsec|isakmp|key|map|pki) show crypto ipsec(sa|security-association(lifetime)|transformset) show crypto isakmp(policy(<1-10000>)|sa) show crypto key(mypubkey) show crypto map(interface|tag) show crypto pki(request|trustpoints)
Page 78 2-34 Motorola RF Switch CLI Reference Guide Parameters ipsec Displays the IPSEC policy [sa|securityassociation • sa – IPSec security association (lifetime)|transformset • security-association – Security association (name)] • lifetime – Defines the lifetime • transformset – Transformset • name – Defines the transform set name or all...
Page 79 Common Commands 2-35 Example RFSwitch(config)#show crypto pki request tptest -----BEGIN CERTIFICATE REQUEST----- MIIB2zCCAUQCAQAwaDELMAkGA1UEBhMCaW4xEjAQBgNVBAgTCWthcm5hdGFrYTES MBAGA1UEBxMJYmFuZ2Fsb3JlMQ8wDQYDVQQKEwZzeW1ib2wxDDAKBgNVBAsTA3dp ZDESMBAGA1UEAxMJdGVzdC1jZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQC3qisZdTn7rKzv5TrGtKt7fwMwaYpgehyl52I4fDLZYY/WTTTJFyKwW6s+Pq2R mM9oiqX8mCZeSEIJIATpAVT2M5Ukb4Br9YQDcWHs84oXRJxKPeZ3WscBld2soPvK ui1LoizZH9iqawmkXED1TFMBbDWiOcfnqQKn8Tddeax/JQIDAQABoDMwMQYJKoZI hvcNAQkOMSQwIjALBgNVHQ8EBAMCBLAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJ KoZIhvcNAQEEBQADgYEAoJMylm3aaY1CnkOO5TbxB+qL4F4MKL6+o/m0yRPqy/2S gkk/OwxHvc3TbA9WjbKkFWIDyqU7X0d+c8f9KogwxDwWHll2IBiTCtBAq6hpgKOv Um9GFvMFps9XVkKtYttN3fer9tA+6xY9CKlr12mNGOYFHyVjMc3Pic0ODFiPHAU= -----END CERTIFICATE REQUEST----- RFSwitch(config)#show crypto pki trustpoints Trustpoint :default-trustpoint ----------------------------------------------- Server certificate configured Subject Name: Common Name: Symbol Technologies Issuer Name: Common Name: Symbol Technologies...
Page 80: Environment
2-36 Motorola RF Switch CLI Reference Guide 2.2.5 environment Common to all modes Syntax show environment Parameters None Example RFSwitch>show environment CPU temperature : 33.0 C system temperature : 33.0 C CPU fan 4354 rpm case fan 8766 rpm RFSwitch>...
Page 81: History
Common Commands 2-37 2.2.6 history Common to all modes Syntax show history Parameters None Example RFSwitch>show history 1 show 2 clrscr 3 enable 4 clrscr 5 configure terminal 6 exit 7 clrscr 8 show history RFSwitch>...
Page 82: Interfaces
2-38 Motorola RF Switch CLI Reference Guide 2.2.7 interfaces Common to all modes Syntax show interfaces(IFNAME|eth <1-2>|switchport|vlan) Parameters IFNAME Displays the interface name Displays ethernet interface information switchport Displays native VLAN(s) and allowed VLAN information on switch ports vlan Displays VLAN interface details...
Page 83 Common Commands 2-39 RFSwitch(config)#show interfaces switchport eth1 Interface eth1 Switchport Settings: Mode: Access, Access Vlan: 2100 RFSwitch(config)#show interfaces switchport vlan1 Interface vlan1 Switchport Settings: Mode: Access, Access Vlan: 0...
Page 84 2-40 Motorola RF Switch CLI Reference Guide 2.2.8 ip Common to all modes Syntax show ip (access-group (IFNAME | eth <1-2> | vlan <1-4094>) | arp | ddns(binding)|dhcp(binding|class|pool|sharednetwork)| dhcp-vendor-options | domain-name | http(secure-server|server)| interface(IFNAME|brief|vlan) | name-server | route(A.B.C.D|A.B.C.D/M|detail) | routing | ssh | telnet ) show ip access-group (IFNAME|eth <1-2>...
Page 85 Common Commands 2-41 Parameters access-group Displays the ACLs attached to an interface • IFNAME – Enter the name of the interface to which the ACL is associated. access-group lists the details of the ACLs configured on the particular Layer 3 or Layer 2 interface.
Page 86 2-42 Motorola RF Switch CLI Reference Guide interface Use the show ip interface command to display the administrative and operational status of all Layer-3 interfaces or a specified Layer-3 interface. • IF NAME – Interface name • brief – Brief summary of the IP status and its configuration •...
Page 87 Common Commands 2-43 b. If the stauts of the VLAN is UP (even if eth1/eth2 is diconnected), shutdown the VLAN associated with eth1 using: RFSwitch(config-if)#show ip interface vlan 3 brief Interface IP-Address Status Protocol vlan3 unassigned RFSwitch(config-if)#shutdown c. Check the stauts. Note that the VLAN has now been disassociated and the status is DOWN.
Page 88 2-44 Motorola RF Switch CLI Reference Guide RFSwitch(config)#show ip dhcp class ip dhcp class TestClass2 option user-class MC900 ip dhcp class BlahBlahBlah ip dhcp class ClassNameTest option user-class UserClassTest ip dhcp class TestDHCPclass ip dhcp class Add-DHCP-class1 ip dhcp class MonarchDHCPclas...
Page 89 Common Commands 2-45 RFSwitch#show ip http secure-server HTTP secure server: Running Config status: Enabled Trustpoint: default-trustpoint RFSwitch#show ip interface brief Interface IP-Address Status Protocol vlan1 157.235.208.233 (DHCP)up tunnel1 unassigned RFSwitch#show ip interface tunnel 1 ? brief Brief summary of IP status and configuration RFSwitch#show ip interface tunnel 1 brief Interface IP-Address...
Page 90: Ldap
2-46 Motorola RF Switch CLI Reference Guide 2.2.9 ldap Common to all modes Syntax show ldap(configuration(primary|secondary)) Parameters ldap Defines the LDAP server configuration Sets the LDAP server primary Defines the Primary LDAP server secondary Defines the Secondary LDAP server Example...
Page 91 Common Commands 2-47 Base DN ou=symbol,dc=activedirectory,dc=com Password : 0 symbol@123 Password Attribute : UserPassword Group Name : cn Group Membership Filter: (&(objectClass=group)(member=%{Ldap-UserDn})) Group Member Attr : radiusGroupName Net timeout : 1 second(s)
Page 92: Licenses
2-48 Motorola RF Switch CLI Reference Guide 2.2.10 licenses Common to all modes Syntax show licenses Parameters None Example RFSwitch(config)#show licenses feature usage license string license value usage 2FFD7fE9 CD016155 14A92C70...
Page 93: Logging
Common Commands 2-49 2.2.11 logging Common to all modes Syntax show logging Parameters None Example RFSwitch(config)#show logging Logging module: enabled Aggregation time: disabled Console logging: level debugging Buffered logging: level informational Syslog logging: level debugging Facility: local7 Logging to: 157.235.203.37 Logging to: 10.0.0.2 Log Buffer (6520 bytes): Sep 14 19:11:59 2006: %DAEMON-6-INFO: radiusd[4643]: Ready to...
Page 94: Mac
2-50 Motorola RF Switch CLI Reference Guide 2.2.12 mac Common to all modes Syntax show mac(access-list) Parameters access-list Displays existing MAC access lists Example RFSwitch(config)#show mac access-list RFSwitch(config)#...
Page 95: Mac-Address-Table
Common Commands 2-51 2.2.13 mac-address-table Common to all modes Syntax show mac-address-table Parameters None Example RFSwitch(config)#show mac-address-table RFSwitch(config)#...
Page 96: Management
2-52 Motorola RF Switch CLI Reference Guide 2.2.14 management Common to all modes Syntax show management Parameters None Example RFSwitch>show management Mgmt Interface: vlan1 Management access permitted via any vlan interface RFSwitch>...
Page 97: Mobility
Common Commands 2-53 2.2.15 mobility Common to all modes Syntax show mobility [event-log|forwarding|global|mobile- unit|peer|statistics] show mobility event-log [mobile-unit|peer] show mobility forwarding (AA-BB-CC-DD-EE-FF) show mobility mobile-unit [<AA-BB-CC-DD-EE-FF>|detail] show mobility peer [<A.B.C.D>|detail] show mobility statistics <AA-BB-CC-DD-EE-FF> Parameters event-log Displays mobility event logs •...
Page 98 2-54 Motorola RF Switch CLI Reference Guide statistics Mobile-unit Statistics RFSwitch(config)#show mobility event-log mobile-unit Time Event Evt-Src-IP MU-Mac HS-IP CS-IP 09/14 19:17:52 IP-UPD-MU 00-0f-3d-e9-a6-54 157.235.208.134 157.235.208.16 157.235.208.16 09/14 19:17:51 ADD-MU 00-0f-3d-e9-a6-54 0.0.0.0 157.235.208.16 157.235.208.16 09/14 19:17:51 DEL-MU 00-0f-3d-e9-a6-54 0.0.0.0 157.235.208.16 157.235.208.16...
Page 99 Common Commands 2-55 Join-Sent Join-Rcvd Leave-Sent : 0 Leave-Rcvd : 0 Rehome-Sent: 0 Rehome-Rcvd: 0 L3roam-Sent: 0 L3roam-Rcvd: 0 Num-flaps Connect-retries: 0 Peer-Uptime: 0 days, 00:00:00 RFSwitch(config)#show mobility statistics MU <00-0f-3d-e9-a6-54> Mob-State HS_AND_CS ----------------------------------------------- Inter- face |unicast Error |unicast Error wlan_port...
Page 100: Ntp
2-56 Motorola RF Switch CLI Reference Guide 2.2.16 ntp Common to all modes Syntax show ntp (association (detail)|status) Parameters Displays the Network Time Protocol (NTP) configuration association Displays existing NTP associations detail Displays NTP association details status Displays NTP status Example RFSwitch>show ntp associations...
Page 101 Common Commands 2-57 RFSwitch>show ntp status Clock is synchronized, stratum 0, actual frequency is 0.0000 Hz, precision is 2^0 reference time is 00000000.00000000 (Feb 07 06:28:16 UTC 2036) clock offset is 0.000 msec, root delay is 0.000 msec root dispersion is 0.000 msec, RFSwitch>...
Page 102: Port-Channel
2-58 Motorola RF Switch CLI Reference Guide 2.2.17 port-channel Common to all modes Syntax show port-channel (load-balance) Parameters load-balance Displays the existing load balancing configuration Example RFSwitch>show port-channel load-balance RFSwitch>...
Page 103: Privilege
Common Commands 2-59 2.2.18 privilege Common to all modes Syntax show privilege Parameters None Example RFSwitch>show privilege Current user privilege: superuser RFSwitch>...
Page 104: Radius
2-60 Motorola RF Switch CLI Reference Guide 2.2.19 radius Common to all modes Syntax show radius (configuration | eap (configuration)| group | nas ( A.B.C.D/M)| proxy | rad-user | trust-point) Parameters radius Displays RADIUS configuration commands configuration RADIUS server configuration parameters...
Page 105: Redundancy-Group
Common Commands 2-61 2.2.20 redundancy-group Common to all modes This command displays the switch’s IP address, number of active neighbors, group license, installed license, cluster AP adoption count, switch adoption count, hold time, discovery time, heartbeat interval, cluster id and switch mode. In a cluster, this command displays the redundancy runtime and configuration of the “self-switch”.
Page 106 2-62 Motorola RF Switch CLI Reference Guide Radio Portals adopted by this Switch : Not Applicable Rogue APs detected in this Group : Not Applicable Rogue APs detected by this Switch : Not Applicable MUs associated in this Group : Not Applicable...
Page 107 Common Commands 2-63 MUs associated in this Switch : Not Applicable Selfhealing RPs in this Group : Not Applicable Selfhealing APs in this Switch : Not Applicable Group maximum AP adoption capacity : Not Applicable Switch Adoption capacity : Not Applicable Established Peer(s) Count : Not Applicable Redundancy Group Connectivity status : Not Applicable...
Page 108: Redundancy-History
2-64 Motorola RF Switch CLI Reference Guide 2.2.21 redundancy-history Common to all modes Displays the switch state transition history Syntax show redundancy-history Parameters None Example RFSwitch>show redundancy-history State Transition History Time Event Triggered state --------------------------------------------------------- Sat Oct 06 12:07:55 Redundancy Enabled Startup Sat Oct 06 12.07.56...
Page 109: Redundancy-Members
Common Commands 2-65 2.2.22 redundancy-members Common to all modes Displays the member switches in the cluster. The user can provide the of the IP address switch in cluster whose information alone is needed. Syntax show redundancy-members (A.B.C.D) Parameters A.B.C.D Displays the IP addresses of member switches Example RFSwitch(config)#show redundancy-members brief Member ID (Self)
Page 110: Snmp
2-66 Motorola RF Switch CLI Reference Guide 2.2.23 snmp Common to all modes Syntax show snmp [user(snmpmanager|snmpoperator|snmptrap)] Parameters user Displays SNMP user information snmpmanager Shows SNMP manager information snmpoperator Shows SNMP operator information snmptrap Shows SNMP trap information Example RFSwitch>show snmp user snmpmanager...
Page 111: Snmp-Server
Common Commands 2-67 2.2.24 snmp-server Common to all modes Syntax show snmp-server(traps(wireless-statistics( mobile-unit | radio | wireless-switch | wlan))) Parameters traps Displays trap enabled flags wireless-statistics Displays existing wireless-stats rate traps mobile-unit Displays existing mobile unit rate traps radio Displays existing radio rate traps wireless-switch Displays existing wireless switch rate traps wlan...
Page 112 2-68 Motorola RF Switch CLI Reference Guide wireless station deniedAssociationOnSpectrum wireless station deniedAssociationOnErr wireless station deniedAssociationOnSSID wireless station deniedAssociationOnRates wireless station deniedAssociationOnInvalidWPAWPA2IE wireless station deniedAssociationAsPortCapacityReached N wireless station tkipCounterMeasures wireless station deniedAuthentication wireless station radiusAuthFailed wireless radio adopted wireless radio...
Page 113 Common Commands 2-69 pktsps-greater-than disabled tput-greater-than disabled avg-bit-speed-less-than disabled avg-signal-less-than disabled nu-percent-greater-than disabled gave-up-percent-greater-than disabled avg-retry-greater-than disabled undecrypt-percent-greater-than disabled num-stations-greater-than disabled RFSwitch>...
Page 114: Sole
2-70 Motorola RF Switch CLI Reference Guide 2.2.25 sole Common to all modes Syntax show sole (config|stats|status) show sole (config|stats)(adapter)(ADAPTER NAME) show sole (status)[adapter|engine (ADAPTER)] Parameters config (adapter) Shows the switch SOLE adapter configuration (ADAPTER NAME) • adapter – Show the existing configuration of the SOLE...
Page 115 Common Commands 2-71 Number of tag reports sent to engine Time at which last message was received from engine : - Time at which last message was sent to engine RFSwitch# RFSwitch#show sole status engine Type Engine State ------------------------------------------- AeroScout 0.0.0.0 Idle RFSwitch#...
Page 116: Spanning-Tree
2-72 Motorola RF Switch CLI Reference Guide 2.2.26 spanning-tree Common to all modes Syntax show spanning-tree (mst)[config| detail(interface){IF Name|eth <1-2>|vlan <1-4094>}| instance <1-15> (interface){IF NAME|eth <1-2>|vlan <1-4094>}] Parameters config Displays MSTP configuration information detail(interface) Displays detailed interface information {IF Name|eth <1-2>|vlan •...
Page 117 Common Commands 2-73 % portfast bpdu-guard disabled % portfast errdisable timeout disabled % portfast errdisable timeout interval 300 sec % cisco interoperability not configured - Current cisco interoperability off eth1: Port 2001 - Id 87d1 - Role Disabled - State Forwarding eth1: Designated External Path Cost 0 -Internal Path Cost 0 eth1: Configured Path Cost 2000000 - Add type Explicit ref...
Page 118: Static-Channel-Group
2-74 Motorola RF Switch CLI Reference Guide 2.2.27 static-channel-group Common to all modes Syntax show static-channel-group Parameters None Example RFSwitch(config)#show static-channel-group RFSwitch(config)#...
Page 119: Terminal
Common Commands 2-75 2.2.28 terminal Common to all modes Syntax show terminal Parameters None Example RFSwitch>show terminal Terminal Type: vt102 Length: 44 Width: 125 RFSwitch>...
Page 120: Timezone
2-76 Motorola RF Switch CLI Reference Guide 2.2.29 timezone Common to all modes Syntax show timezone Parameters None Example RFSwitch>show timezone Timezone is Etc/UTC RFSwitch>...
Page 121: Users
Common Commands 2-77 2.2.30 users Common to all modes Syntax show users Parameters None Example RFSwitch>show users Line User Uptime Location 0 con 0 admin 06:08:11 ttyS0 130 vty 0 2308 admin 00:35:18 RFSwitch>...
Page 122: Version
2-78 Motorola RF Switch CLI Reference Guide 2.2.31 version Common to all modes Syntax show version (verbose) Parameters verbose Displays software and hardware version information Example RFSwitch>show version RFS6000 version 3.1.0.0-018R MIB=01a Copyright (c) 2006-2007 Motorola, Inc. Booted from primary.
Page 123: Wireless
Common Commands 2-79 2.2.32 wireless Common to all modes Syntax show wireless [(aap-version| ap (<1-48>|<AA-BB-CC-DD-EE-FF>)| ap-detection-config | ap-images | ap-unadopted | approved-aps | channel-power (11a (indoor | outdoor))| 11b (indoor | outdoor)| 11bg (indoor | outdoor))| client(exclude-list|include-list)| config | country-code-list| default-ap| hotspot-config <1-32>| ids (filter-list)|...
Page 124 2-80 Motorola RF Switch CLI Reference Guide Parameters aap-version Displays the minimum adaptive firmware version string Status of the adopted access port • <1-48> – Defines the index of the access port • AA-BB-CC-DD-EE-FF – Sets the MAC address of a access...
Page 125 Common Commands 2-81 Displays intrusion detection configuration parameters • configured-bad-essids – Displays a list of configured bad essids • filter-list – Displays the list of currently filtered mobile units known (ap) (statistics) Displays known AP parameters <1-256> • ap – Defines a known AP index <1-256> •...
Page 126 2-82 Motorola RF Switch CLI Reference Guide phrase-to-key Displays the WEP keys generated by a passphrase • wep128 – Displays WEP128 keys • wep64 – Displays WEP64 keys qos-mapping Quality of service mappings used for mapping WMM access categories and 802.1p/DSCP tags •...
Page 127 Common Commands 2-83 sensor Defines Wireless Intrusion Protection System (WIPS) parameters • <1-48> – Specifies the index of a particular sensor to view detailed information about that sensor • default-config – Default configuration parameters for sensors unapproved-aps Defines unapproved APs seen by an access port or a mobile unit scan wireless-switch- Wireless-switch statistics...
Page 128 2-84 Motorola RF Switch CLI Reference Guide RFSwitch> RFSwitch>show wireless ap-images ap-type Image-Name Size (bytes) Version ap300 WISP-AP300 293516 00.02-29 ap300 WIAP-300 244076 01.00-1635b ap300 AP300-IDS-Sensor 295064 00.00-04 ap100 AP100 31034 02.05-00 ap4131 AP4131 191440 07.00-01 ap4131 Revert-AP4131 665704 00.00-00 RFSwitch>...
Page 129 Common Commands 2-85 Footer : Contact the network administrator if you do not have an account Image URL main: Image URL small: Page-type : welcome Title : Authentication success. Header : Authentication Success. Description : You now have network access.<BR>Click the disconnect link below to end this session.
Page 130 2-86 Motorola RF Switch CLI Reference Guide 80211-replay-fails 60 Sec decryption-fails 60 Sec unassoc-frames 60 Sec eap-starts 60 Sec Anomaly Detection:: Status Filter-Ageout probe-requests disabled 60 Sec association-requests disabled 60 Sec disassociations disabled 60 Sec authentication-fails disabled 60 Sec crypto-replay-fails...
Page 131 Common Commands 2-87 RFSwitch(config)#show wireless mobile-unit radio 1 index MAC-address radio type wlan vlan/tunnel ready address last active Posture Status 00-0E-9B-98-F9-34 vlan 1 192.168.2.45 0 Sec Listed 1 of a total of 1 mobile-units RFSwitch(config)#...
Page 132 2-88 Motorola RF Switch CLI Reference Guide RFSwitch(config)#show wireless wlan config 1 WLAN: 1, status: enabled, description: WLAN1, ssid: sardarjee auth: none, encr: none, inactivity-timeout: 1800 seconds vlan 1: unlimited users mu-mu-disallow: disabled, secure-beacon: disabled, answer-bcast- ess: enabled, weight: 1, prioritize-voice: disabled, spectralink-voice-protocol:...
Page 133: Wlan-Acl
Common Commands 2-89 2.2.33 wlan-acl Common to all modes Syntax show wlan-acl [<1-32>|all] Parameters <1-32> Displays ACLs attached to the specified WLAN ID Displays all ACLs attached to a WLAN port Example RFSwitch>show wlan-acl 20 WLAN port: 20 Inbound IP Access List Inbound MAC Access List Outbound IP Access List Outbound MAC Access List :...
Page 134: Access-List
2-90 Motorola RF Switch CLI Reference Guide 2.2.34 access-list Priviledge / Global Config Displays the access lists (numbered and named) configured on the switch. The numbered access list displays numbered ACLs. The named access list displays named ACL details. Syntax show access-list show access-list ( <1-99>...
Page 135: Aclstats
Common Commands 2-91 2.2.35 aclstats Priviledge / Global Config Displays the statisitcs of configured access lists Syntax aclstats [<name>|vlan <1-4094>] Parameters IFNAME Displays the interface name vlan <1-4092> Defines the VLAN interface (between 1- 4092) Example RFSwitch(config)#interface vlan 400 RFSwitch(config-if)#...
Page 136: Alarm-Log
2-92 Motorola RF Switch CLI Reference Guide 2.2.36 alarm-log Priviledge / Global Config Syntax show alarm-log [<1-65535>|acknowledged|all|count|new| severity-to-limit(critical|informational|major|normal|warning)] Parameters <1-65535> Displays the details of a specific alarm ID acknowledged Displays information for acknowledged alarms currently in the system Displays all the alarms currently in the system...
Page 137: Boot
Common Commands 2-93 2.2.37 boot Priviledge / Global Config Syntax show boot Parameters None Example RFSwitch#show boot Image Build Date Install Date Version Primary May 17 21:34:52 2007 May 21 16:27:40 2007 3.0.2.0-003B Secondary May 10 23:21:58 2007 May 17 20:09:23 2007 3.0.2.0-002D Current Boot : Primary...
Page 138: Clock
2-94 Motorola RF Switch CLI Reference Guide 2.2.38 clock Priviledge / Global Config Syntax show clock Parameters None Example RFSwitch#show clock Jun 01 00:51:34 UTC 2007 RFSwitch#...
Page 139: Debugging
Common Commands 2-95 2.2.39 debugging Priviledge / Global Config Syntax show debugging (mstp) Parameters mstp Displays the current MSTP configuration Example RFSwitch(config)#show debugging mstp MSTP debugging status: RFSwitch(config)#...
Page 140: Dhcp
2-96 Motorola RF Switch CLI Reference Guide 2.2.40 dhcp Privilege / Global Config Displays existing DHCP server configurations Syntax show dhcp [config|status] Parameters config Displays the current DHCP server configuration status Displays whether the DHCP server is running Example RFSwitch#show dhcp config...
Page 141: File
Common Commands 2-97 2.2.41 file Privilege / Global Config Syntax show file (information (FILE)| systems) Parameters information Displays file information FILE Displays the information on file systems Lists existing filesystems Example RFSwitch#show file systems File Systems: Size(b) Free(b) Type Prefix opaque system: 13704192...
Page 142: Ftp
2-98 Motorola RF Switch CLI Reference Guide 2.2.42 ftp Privilege / Global Config Syntax show ftp Parameters None Example RFSwitch#show ftp FTP Server: Disabled User Name: anonymous or ftpuser Password: ******** Root dir: flash:/ RFSwitch#...
Page 143: Password-Encryption
Common Commands 2-99 2.2.43 password-encryption Priviledge / Global Config Syntax show password-encryption (status) Parameters status Displays the existing password-encryption status Example RFSwitch#show password-encryption status Password encryption is disabled RFSwitch#...
Page 144: Running-Config
2-100 Motorola RF Switch CLI Reference Guide 2.2.44 running-config Privilege / Global Config Displays the contents of those configuration files wherein all configured MAC and IP access lists are applied to an interface Syntax show running-config(full|include-factory) Parameters full Displays the file’s full (complete) configuration...
Page 145 Common Commands 2-101 crypto ipsec security-association lifetime kilobytes 4608000 fallback enable ip http server ip http secure-trustpoint default-trustpoint ip http secure-server ip ssh ip telnet no service pm sys-restart wireless wlan 1 enable wlan 1 ssid sardarjee radio add 1 00-A0-F8-BF-8A-4B 11bg ap300 radio add 2 00-A0-F8-BF-8A-4B 11a ap300 enhanced-beacon-table enable enhanced-beacon-table channel-set a 36 44 149...
Page 146 2-102 Motorola RF Switch CLI Reference Guide no service set upgrade-history hostname RFSwitch banner motd Welcome to CLI! username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507d username admin access console web ssh telnet username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931f username operator access...
Page 147 Common Commands 2-103 sole no adapter AeroScout enable radius-server retransmit 3 radius-server timeout 5 radius-server key aaa authentication login default local none line con 0 line vty 0 24 RFSwitch(config)#...
Page 148: Securitymgr
2-104 Motorola RF Switch CLI Reference Guide 2.2.45 securitymgr Privilege / Global Config Syntax show securitymgr(debug-logs) Parameters event-logs Displays securitymgr event logs...
Page 149: Sessions
Common Commands 2-105 2.2.46 sessions Privilege / Global Config Syntax show sessions Parameters None Example RFSwitch#show sessions SESSION USER LOCATION IDLE START TIME Console 06:24m May 31 18:31:36 2007 ** 2 10.10.10.1 00:00m 1 00:04:30 2007 RFSwitch#...
Page 150: Startup-Config
2-106 Motorola RF Switch CLI Reference Guide 2.2.47 startup-config Privilege / Global Config Syntax show startup-config Parameters None Example RFSwitch#show startup-config ! configuration of RFSwitch version 3.1.0.0-008D version 1.0 service prompt crash-info username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507d username admin privilege...
Page 151 Common Commands 2-107 no service pm sys-restart wireless wlan 1 enable wlan 1 ssid sardarjee radio add 1 00-A0-F8-BF-8A-4B 11bg ap300 radio 1 enhanced-beacon-table radio 1 enhanced-probe-table radio add 2 00-A0-F8-BF-8A-4B 11a ap300 ap-detection approved add 1 any any enhanced-beacon-table enable enhanced-beacon-table channel-set a 36 44 149 enhanced-beacon-table channel-set bg 1 2 4 5 radius-server local...
Page 152: Upgrade-Status
2-108 Motorola RF Switch CLI Reference Guide 2.2.48 upgrade-status Privilege / Global Config Syntax show upgrade-status(detail) Parameters detail Displays the image’s last upgrade log Example RFSwitch#show upgrade-status Last Image Upgrade Status : Successful Last Image Upgrade Time : Mon May 21 16:27:40 2007...
Page 153: Chapter 3. User Exec Commands
User Exec Commands Logging in to the switch places you within the USER EXEC command mode. Typically, a login requires a user name and password. You have three login attempts before a connection attempt is refused. USER EXEC commands (available at the user level) are a subset of the commands available at the privileged level.
Page 154 Motorola RF Switch CLI Reference Guide Table 3.1 User Exec Mode Command Summary Command Description Ref. enable Turns on (enables) the privileged mode command set page 3-9 exit Ends the current mode and moves down to the page 2-3 previous mode...
Page 155 User Exec Commands 3.1.1 clear User Exec Commands Resets the previous (last saved) command Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clear [crypto (ipsec|isakmp (sa)<A.B.C.D>|mobility(event-log| mobile-unit|peer-statistics)| spanning-tree (spanning-tree)(interface)<NAME>] Parameters crypto Clears IPSec/ISAKMP SAs for a given peer •...
Page 156 Motorola RF Switch CLI Reference Guide mobility Clears mobility attributes • event-log – Clears the event log • mobile-unit – Clears MU event-logs • peer – Clears peer event logs • mobile-unit – Clears MUs • MU MAC address – Clears the MAC address of a MU •...
Page 157: Cluster-Cli
A new context (redundancy) supports the cluster-cli. Any commands executed under this context are executed on all members of the cluster. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax cluster-cli enable Parameters...
Page 158: Debug
Motorola RF Switch CLI Reference Guide 3.1.3 debug User Exec Commands Use this command to debug the switch Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax debug (certmgr(all|err|info)|ip (https|ssh)| mobility(cc|error|forwarding|mu|packet|peer|system)) Parameters certmgr Certificate Manager Debugging Messages •...
Page 159 User Exec Commands mobility () L3 mobility • cc – ccserver events • error – Error events • forwarding – Dataplane forwarding • mu – MU events and state changes • packet – Control packets events • peer – Peer establishments •...
Page 160: Disable
Motorola RF Switch CLI Reference Guide 3.1.4 disable User Exec Commands Enables the PRIV mode to use the disable command. Use the command to exit disable the PRIV mode. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000...
Page 161: Enable
User Exec Commands 3.1.5 enable User Exec Commands Use the enable command to enter the PRIV mode Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax enable Parameters None Example RFSwitch>enable...
Page 162: Logout
3-10 Motorola RF Switch CLI Reference Guide 3.1.6 logout User Exec Commands Use this command instead of the command to exit the EXEC mode exit Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax logout Parameters None Example The RFSwitch Series Switch logs off on execution of this command.
Page 163: Page
Use the command to toggle the switch paging function. Enabling this command displays the CLI command output page by page, instead of running the entire output at once. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax page...
Page 164: Ping
3-12 Motorola RF Switch CLI Reference Guide 3.1.8 ping User Exec Commands Sends ICMP echo messages to a user-specified location Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ping [IP address|hostname] Parameters [IP address|hostname] Pings the specified destination address or hostname Example RFSwitch>ping 192.168.2.100...
Page 165: Quit
User Exec Commands 3-13 3.1.9 quit User Exec Commands Use this command to exit the current mode and move to the previous mode Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax quit Parameters None Example The switch logs off upon execution of the command...
Page 166: Telnet
3-14 Motorola RF Switch CLI Reference Guide 3.1.10 telnet User Exec Commands Opens a telnet session Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax telnet [IP address|hostname] Parameters [IP address|hostname] Defines the IP address or hostname of a remote system Example RFSwitch#telnet 157.111.222.33...
Page 167: Terminal
3-15 3.1.11 terminal User Exec Commands Sets the length/number of lines displayed within the terminal window Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax terminal[length <0-512>|no(length <0-512>|width)|width <0-512> ] Parameters length Sets the number of lines on a screen...
Page 168: Traceroute
3-16 Motorola RF Switch CLI Reference Guide 3.1.12 traceroute User Exec Commands Traces the route to its defined destination Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax traceroute (WORD | ip WORD) Parameters WORD Traces the route to a destination address or hostname...
Page 169: Chapter 4. Privileged Exec Commands
Privileged Exec Commands Most PRIV EXEC commands set operating parameters. Privileged-level access should be password protected to prevent unauthorized use. The PRIV EXEC command set includes commands contained within the USER EXEC mode. The PRIV EXEC mode also provides access to configuration modes, and includes advanced testing commands. The PRIV EXEC mode prompt consists of the host name of the device followed by a pound sign (#).
Page 170 Motorola RF Switch CLI Reference Guide Table 4.1 Priv Exec Mode Command Summary Command Description Ref. Changes the current directory page 4-7 change-passwd Changes the password of the logged user page 4-8 clear Resets switch functions to last saved configuration...
Page 171: Contents -
Privileged Exec Commands Table 4.1 Priv Exec Mode Command Summary Command Description Ref. mkdir Creates a directory page 4-30 more Displays the contents of a file page 4-31 Negates a command or sets its defaults page 2-6 page Toggles the paging function page 4-33 ping Sends ICMP echo messages to a specified location...
Page 172: Acknowledge
Motorola RF Switch CLI Reference Guide 4.1.1 acknowledge Priv Exec Command Acknowledges alarms Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax acknowledge alarm-log [<1-65535> | all] Parameters alarm-log Acknowledges alarms • <1-65535> – Acknowledges the specific alarm ID •...
Page 173: Archive
Privileged Exec Commands 4.1.2 archive Priv Exec Command Manages file archive operations Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax archive tar /table [FILE|URL] archive tar /create [FILE|URL] .FILE archive tar /xtract [FILE|URL] DIR Parameters Manipulates (creates, lists or extracts) a tar file...
Page 174 Motorola RF Switch CLI Reference Guide Viewing the output tar file? Directory of flash:/ drwx 1024 Thu Apr 17 08:25:50 2007 hotspot drwx Fri Apr 8 12:27:20 2007 drwx 1024 Thu Apr 7 16:23:34 2007 crashinfo drwx 1024 Wed May 23 15:30:19 2007...
Page 175 Privileged Exec Commands 4.1.3 cd Priv Exec Command Changes the current directory Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax cd [DIR|] Parameters Changes current directory to DIR Example RFSwitch#cd nvram:/ system:/ flash:/ RFSwitch#cd flash:/? Change current directory to DIR...
Page 176: Change-Passwd
Motorola RF Switch CLI Reference Guide 4.1.4 change-passwd Priv Exec Command Changes the password of a logged user Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax change-passwd Parameters None Usage Guidelines A password must be between 8 to 32 characters in length. For security, the console does not display user entered key words or the old password and new password fields.
Page 177: Clear
Privileged Exec Commands 4.1.5 clear Priv Exec Command Resets the current context Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clear [aclstats|alarm-log|arp-cache|counters|crypto| ip|logging|mac-address-table|mobility|spanning-tree] clear alarm-log (<1-65535>|acknowledge|all|new) clear counters [all|bridge|interface(<NAME>|all|eth <1-2>|vlan <1- 4094>)|router|thread] clear crypto(ike|ipsec)sa(remote peer) clear ip(dhcp(binding)[*|A.B.C.D]|nat(translation)*)
Page 178 4-10 Motorola RF Switch CLI Reference Guide counters Clears counters [all|bridge|interface|rout • all – Clears all counters • bridge – Clears bridge counters thread] • interface [<INTF name>|all|eth <1-2>|vlan <1-4094>] – Clears interface counters • router – Clears router counters •...
Page 179 Privileged Exec Commands 4-11 mac-address-table Clears entries in the forwarding database • dynamic – Clears all dynamic entries • multicast – Clears all multicast entries • static – Clears all management configured entries • address – Clears a specified MAC address •...
Page 180 4-12 Motorola RF Switch CLI Reference Guide RFSwitch#clear arp-cache RFSwitch# RFSwitch#clear logging RFSwitch# RFSwitch#clear mobility event-log peer RFSwitch# RFSwitch#clear ip dhcp binding * RFSwitch#...
Page 181: Clock
Privileged Exec Commands 4-13 4.1.6 clock Priv Exec Command Configures the software system clock Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clock set HH:MM:SS [1-31] MONTH [1993-2035] Parameters Sets the system date and time Example...
Page 182: Cluster-Cli
4-14 Motorola RF Switch CLI Reference Guide 4.1.7 cluster-cli Priv Exec Command Use this command to access the cluster-cli context. The cluster-cli context provides centralized management to configure all members of cluster from one member. Any command executed under this context is executed on all switches in the cluster.
Page 183: Configure
Privileged Exec Commands 4-15 4.1.8 configure Priv Exec Command Enters the configuration mode Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax configure terminal Parameters terminal Enables configuration from the terminal Example RFSwitch#configure terminal Enter configuration commands, one per line. End with CNTL/Z.
Page 184: Copy
4-16 Motorola RF Switch CLI Reference Guide 4.1.9 copy Priv Exec Command Copiesw any file (config,log,txt ...etc) from any location to the switch and vice-versa NOTE: Copying a new config file onto an existing running-config file merges it with the existing running-config on the switch. Both, the existing running-config and the new config file are applied as the current running-config.
Page 185: Debug
Privileged Exec Commands 4-17 4.1.10 debug Priv Exec Command Use this command for debugging Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax debug all debug cc [access-port|all|alt|ap-detect|capwap|cluster| config|dot11|eap|ids|kerberos|l3-mob|loc-ap| loc-mu|media|mobile-unit|radio|radius|self- heal|snmp|system|wips|wisp|wlan] debug ccstats <CCStats Module> debug certmgr [all|error|info]...
Page 186 4-18 Motorola RF Switch CLI Reference Guide Integrated management interface debugging messages Internet protocol debugging messages logging Modify message logging facilities for debugging messages mgmt Management daemon debugging messages mobility L3 mobility debugging messages mstp Multiple Spanning Tree Protocol (MSTP) debugging...
Page 187: Delete
Privileged Exec Commands 4-19 4.1.11 delete Priv Exec Command Deletes a specified file from the system Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax delete ({/force|/recursive}|) .FILE Parameters /force Forces deletion without a prompt /recursive Performs a recursive delete...
Page 188: Diff
4-20 Motorola RF Switch CLI Reference Guide 4.1.12 diff Priv Exec Command Displays the differences between 2 files Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax diff (FILE|URL) (FILE|URL) Parameters FILE Displays the differences between a FILE...
Page 189: Dir
Privileged Exec Commands 4-21 4.1.13 Priv Exec Command View the list of files on a filesystem Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax dir ({/all|/recursive}|) (DIR|all-filesystems|) Parameters /all Lists all files /recursive Lists files recursively...
Page 190: Disable
4-22 Motorola RF Switch CLI Reference Guide 4.1.14 disable Priv Exec Command Turns off the privileged mode command Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax disable Parameters None Example RFSwitch#disable RFSwitch>...
Page 191: Edit
Privileged Exec Commands 4-23 4.1.15 edit Priv Exec Command Edits a text file Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax edit FILE Parameters FILE Name of the file to be modified Example RFSwitch#edit startup-config GNU nano 1.2.4...
Page 192: Enable
4-24 Motorola RF Switch CLI Reference Guide 4.1.16 enable Priv Exec Command Turns on the privileged mode command Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax enable Parameters None Example RFSwitch#enable RFSwitch#...
Page 193: Erase
Privileged Exec Commands 4-25 4.1.17 erase Priv Exec Command Erases a target filesystem Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax erase (nvram:|flash:|startup-config) Parameters nvram Erases everything in nvram flash Erases everything in flash startup-config Resets the configuration to factory default...
Page 194: Halt
4-26 Motorola RF Switch CLI Reference Guide 4.1.18 halt Priv Exec Command Stops (halts) the switch Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax halt Parameters None Example RFSwitch#halt Wireless switch will be halted, do you want to continue? (y/n): y...
Page 195: Kill
4-27 4.1.19 kill Priv Exec Command Kills (terminates) a specified session and stops (halts) the switch Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax kill session <1-16> Parameters session Active session (16 active sessions can be terminated)
Page 196 4-28 Motorola RF Switch CLI Reference Guide RFSwitch#kill session 3 ~ # Connection closed by foreign host. [xyz@xyz xyz]$...
Page 197: Logout
Privileged Exec Commands 4-29 4.1.20 logout Priv Exec Command Exits the EXEC mode and stops (halts) the switch Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax logout Parameters None Example RFSwitch#logout RFSwitch release 3.0.0.0-200B Login as 'cli' to access CLI.
Page 198: Mkdir
4-30 Motorola RF Switch CLI Reference Guide 4.1.21 mkdir Priv Exec Command Creates a new directory in the filesystem Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mkdir DIR Parameters Directory name Example RFSwitch#mkdir TestDIR RFSwitch#...
Page 199: More
Privileged Exec Commands 4-31 4.1.22 more Priv Exec Command View the contents of a file Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax more FILE Parameters FILE Displays the contents of the file Example RFSwitch#more flash:/log/messages.log Sep 08 12:27:30 2006: %PM-5-PROCSTOP: Process "radiusd"...
Page 200 4-32 Motorola RF Switch CLI Reference Guide route with gateway 157.235.208.246 learnt via DHCP Sep 08 12:28:01 2006: %NSM-6-DHCPIP: Interface vlan1 acquired IP address 157.235.208.93/24 via DHCP Sep 08 12:29:07 2006: %CC-5-RADIOADOPTED: 11bg radio on AP 00-A0-F8-BF-8A-A2 adopted Sep 08 12:29:07 2006: %CC-5-RADIOADOPTED: 11a...
Page 201: Page
4.1.23 page Priv Exec Command Toggles switch paging. Enabling this command displays the command output page by page instead of running the entire output at once. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax page Parameters None...
Page 202: Ping
4-34 Motorola RF Switch CLI Reference Guide 4.1.24 ping Priv Exec Command Send (transmits) ICMP echo messages Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ping (Destination IP) Parameters Destination IP Sets the ping destination address or hostname Example RFSwitch#ping 157.235.208.39...
Page 203: Pwd
Privileged Exec Commands 4-35 4.1.25 pwd Priv Exec Command View the contents of the current directory Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax Parameters None Example RFSwitch#pwd flash:/ RFSwitch#...
Page 204: Quit
4-36 Motorola RF Switch CLI Reference Guide 4.1.26 quit Priv Exec Command Exits the current mode and moves to the previous mode Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax quit Parameters None Example RFSwitch#quit RFSwitch release 3.1.0.0-XXXX Login as 'cli' to access CLI.
Page 205: Reload
Privileged Exec Commands 4-37 4.1.27 reload Priv Exec Command Halts the switch and performs a warm reboot Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax reload Parameters None Example RFSwitch#reload...
Page 206: Rename
4-38 Motorola RF Switch CLI Reference Guide 4.1.28 rename Priv Exec Command Renames a file in the existing filesystem Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax rename FILE FILE Parameters FILE Specifies the file to rename...
Page 207: Rmdir
Privileged Exec Commands 4-39 4.1.29 rmdir Priv Exec Command Deletes an existing file from the file system Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax rmdir DIR Parameters Defines the name of the directory to delete Example...
Page 208: Telnet
4-40 Motorola RF Switch CLI Reference Guide 4.1.30 telnet Priv Exec Command Opens a telnet session Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax telnet WORD (PORT|) Parameters WORD IP address or hostname of the remote system Example RFSwitch#telnet 157.111.222.33...
Page 209: Terminal
4-41 4.1.31 terminal Priv Exec Command Sets the length/number of lines displayed on the terminal Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax terminal[length <0-512>|no(length <0-512>|width)|width <0-512>] Parameters length Sets the number of lines on a screen...
Page 210: Traceroute
4-42 Motorola RF Switch CLI Reference Guide 4.1.32 traceroute Priv Exec Command Traces a route to a destination Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax traceroute (WORD | ip WORD) Parameters WORD Traces a route to a destination address or hostname...
Page 211: Upgrade
Privileged Exec Commands 4-43 4.1.33 upgrade Priv Exec Command Upgrades the software image Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax upgrade URL (background|) Parameters Location of the target firmware image used in upgrade Example RFSwitch#upgrade tftp://157.235.208.105:/img...
Page 212 4-44 Motorola RF Switch CLI Reference Guide "logd" is not responding Sep 08 15:58:44 2006: %PM-4-PROCNORESP: Process "logd" is not responding Version of firmware update file is 3.0.0.0- 19193X Sep 08 15:58:44 2006: %KERN-6-INFO: EXT3 FS on hda1, internal journal.
Page 213: Upgradeabort
Privileged Exec Commands 4-45 4.1.34 upgradeabort Priv Exec Command Aborts an ongoing upgrade process Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax upgrade-abort Parameters None Example RFSwitch#...
Page 214: Write
4-46 Motorola RF Switch CLI Reference Guide 4.1.35 write Priv Exec Command Writes the running configuration to memory or a terminal Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax write [memory | terminal] Parameters memory Writes to NV memory...
Page 215 Privileged Exec Commands 4-47 snmp-server manager v2 snmp-server manager v3 crypto isakmp identity address crypto isakmp keepalive 10 crypto ipsec security-association lifetime kilobytes 4608000 !........
Page 216 4-48 Motorola RF Switch CLI Reference Guide...
Page 217: Global Configuration Commands
Global Configuration Commands The term global is used to indicate characteristics or features effecting the system as a whole. Use the Global configuration mode to configure the system globally, or enter specific configuration modes to configure specific elements (such as interfaces or protocols).
Page 218: Global Configuration Commands
Motorola RF Switch CLI Reference Guide 5.1 Global Configuration Commands Table 5.1 summarizes the Global Config commands Table 5.1 Global Config Mode Command Summary Command Description Ref. Configures the current authentication, authorization page 5-5 and accounting (aaa) login settings access-list...
Page 219 Global Configuration Commands Table 5.1 Global Config Mode Command Summary Command Description Ref. help Describes the interactive help system page 2-4 hostname Sets the system's network name page 5-42 interface Defines an interface to configure page 5-43 Internet Protocol (IP) page 5-45 license Sets license management commands...
Page 220 Motorola RF Switch CLI Reference Guide Table 5.1 Global Config Mode Command Summary Command Description Ref. spanning-tree Configures spanning tree commands page 5-83 switch Configure switch parameters page 5-87 timezone Configures the timezone page 5-88 username Establishes user name authentication...
Page 221: Aaa
Global Configuration Commands 5.1.1 aaa Global Configuration Commands Configures the current authentication, authorization and accounting (aaa) login settings Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax aaa [authentication(login(default(local|none|radius)))|nas| vpn-authentication(primary(A.B.C.D))|secondary(A.B.C.D))] aaa authentication login default [none|local|radius] aaa nas WORD aaa vpn-authentication (primary|secondary) A.B.C.D key...
Page 222 Motorola RF Switch CLI Reference Guide Usage Guidelines Use an AAA login to determine whether management user authentication must be performed against a local user database or an external RADIUS server...
Page 223: Access-List
Extended ACLs, and the name can be any valid alphanumeric string (not exceeding 64 characters). With numbered ACLs, the rule parameters have to be specified on the same command line along with the ACL identifier. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax access-list For Standard IP ACL’s: access-list (<1-99>|<1300-1999>) (deny|permit|mark (8021p <0-7>...
Page 224 Motorola RF Switch CLI Reference Guide {destination/ destination-mask | host destination | any} [icmp-type | [icmp-type icmp-code]] [log] [rule-precedence access-list-entry precedence] access-list (<100-199>|<2000-2699>) {deny | permit | mark {dot1p <0- 7> | tos <0-255>}} {tcp|udp} {source/source-mask | host source | any}...
Page 225 Global Configuration Commands Parameters access-list Adds a standard access list entry. (<1-99>|<1300-1999>) • (<1-99>|<1300-1999>) – Defines access numbers from (deny|permit|mark 1 - 99 or 1300 - 1999. (8021p <0-7> | • (deny|permit|mark) – Defines action types on an ACL tos <0-255>)) The action type is functional only over a Port ACL mark...
Page 226 5-10 Motorola RF Switch CLI Reference Guide access-list Adds an extended IP access list entry using IP keyword (<100-199>|<2000-2699>) • <100-199>|<2000-2699> – For an IP type of extended {deny | permit | mark ACL, the ACL number must be between 100-199 {dot1p <0-7>...
Page 227 Global Configuration Commands 5-11 access-list Adds an Extended IP access list entry using an icmp keyword. (<100-199>|<2000-2699>) • (<100-199>|<2000-2699>) – For ICMP extended ACLs, {deny | permit | mark the ACL must be between 2000-2699 {dot1p <0-7> | tos <0- •...
Page 228 5-12 Motorola RF Switch CLI Reference Guide Use an access list command under the global configuration to create an access list. The switch supports port, router and WLAN ACLs • When the access list is applied on an Ethernet port, it becomes a port ACL •...
Page 229: Arpi
Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported with: • WS5100 • RFS7000 NOTE: The arpi command moves to the instance. For config-arpi more details, see ARPI Instance on page 22-1. The prompt changes from...
Page 230: Autoinstall
5-14 Motorola RF Switch CLI Reference Guide 5.1.4 autoinstall Global Configuration Commands Autoinstalls the switch image Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax autoinstall[clear-config-history|cluster-config|config|image|start] autoinstall (cluster-config|config|image) (URL[tftp|ftp|http|cf]) autoinstall image version <number> Parameters clear-config-history Autoinstalls a clear configuration history, resulting in a...
Page 231: Banner
Defines a login banner for the switch. Use to delete a previously configured no (banner) banner. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax [no] banner(motd[LINE|default]) Parameters motd Sets the message of the day (MOTD) banner...
Page 232: Boot
5-16 Motorola RF Switch CLI Reference Guide 5.1.6 boot Global Configuration Commands Reboots the switch with an image in the mentioned partition (either the primary or secondary partition) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax...
Page 233: Bridge
• eth <1-2> – Only supported on WS5100 • ge <index> – RFS7000 supports 4 GEs and RFS6000 supports 8 GEs • sa <1-4> – Only supported on RFS7000 • me1 – Only supported on RFS7000 and RFS6000 •...
Page 234 • eth <1-2> – Ethernet interface. Only available on WS5100 • vlan <1-4094> – VLAN interface • ge <index> – GigabitEthernet interface. RFS7000 supports 4 GE’s and RFS6000 supports 8 GEs • sa <1-4> – StaticAggregate interface index. Only supported on RFS7000 •...
Page 235 Global Configuration Commands 5-19 Usage Guidelines Creating customised filter schemes for bridged networks limits the amount of unnecessary traffic processed and distributed by the bridging equipment. Use multiple bridge address discard/forward commands to develop the filter scheme. Use the command to delete the (no)bridge [<1-32>|multiple-spanning-tree] configured discar or forward filters.
Page 236: Country-Code
5-20 Motorola RF Switch CLI Reference Guide 5.1.8 country-code Global Configuration Commands Sets the country of operation Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax country-code Parameters None Usage Guidelines Erases all existing radio configuration. Example...
Page 237: Crypto
For more details, see Crypto-trustpoint Instance on page 11-1. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax crypto(ipsec|isakmp|key|map|pki) crypto ipsec(security-association|transform-set) crypto ipsec security-association lifetime(kilobyte|Seconds)WORD crypto ipsec transform-set(ah-md5-hmac|ah-sha-hmac|esp-3des|...
Page 238 5-22 Motorola RF Switch CLI Reference Guide crypto isakmp(client|identity|keepalive|key|peer|policy) crypto isakmp client (configuration)(group)(default) crypto isakmp(identity|keepalive|key|peer|policy) crypto key(export|generate|import|zeroize) crypto key (export|import)rsa<indentifier>(URL)(password) crypto key generate(rsa <indentifier>)<key pair> <key pair> crypto key zeroize (rsa <identifier>) crypto map (map name)<sequence number> (isakmp|manual)dynamic crypto pki(authenticate|enroll|export|import|trustpoint) crypto pki authenticate <name>...
Page 239 Global Configuration Commands 5-23 Parameters ipsec (security- Configures IPSEC policies association| transform- • security-association – Defines the security association set) parameter used to define its lifetime • lifetime (kilobyte | seconds) – The lifetime of IPSEC security association. It can be defined in either: kilobytes –...
Page 240 5-24 Motorola RF Switch CLI Reference Guide isakmp Configures the Internet Security Association and Key Management Protocol (ISAKMP) policy [client|keepalive|key| • client configuration (group) (default) – Leads to the peer|policy] config-cryptogroup instance. For more details see Crypto-group Instance on page 7-1 •...
Page 241 Global Configuration Commands 5-25 Authentication key management functions [export|generate|import| • export rsa<name> URL [tftp|ftp] – Exports a keypair related configuration zeroize] • generate rsa<name> <1024-2048> – Generates a keypair • <1024-2048> – Size of keypair in bit • import rsa<name> URL [tftp|ftp] – Imports keypair related configuration •...
Page 242 5-26 Motorola RF Switch CLI Reference Guide pki [authenticate|enroll| Configures certificate parameters. The public key export|import|trustpoint] infrastructure is a protocol that creates encrypted public keys using digital certificates from certificate authorities. The PKI ensures each online party is who they claim to be.
Page 243 Global Configuration Commands 5-27 ................crypto isakmp key 12345678 address 4.4.4.4 crypto ipsec security-association lifetime kilobytes 4608000 RFSwitch(config)# RFSwitch(config)#no crypto isakmp key 12348 address 4.4.4.4 RFSwitch(config)# In the example above, is associated with IP . You can key 12345678 address 4.4.4.4 delete this key by using the no command and a wrong key number Example...
Page 244: Use Case 1: Configuring Remote Vpn
(trusted network) using IPSec VPN functionality. In the figure above, a Motorola client is associated to a WLAN (say wlan1) attached to vlan2 on the switch. vlan2 is on subnet 10.1.1.x and is running a DHCP server that assigns IP addresses for this subnet.
Page 245 Global Configuration Commands 5-29 Once the client has got a virtual IP, further packets from the client within the IPSec tunnel are routed to the corresponding VLAN interface (in our case vlan3), and the client gets access to the network. The IPSec tunnel is only between the client and the switch. After that the packets on the trusted side are sent without encryption.
Page 246 5-30 Motorola RF Switch CLI Reference Guide Use the commands below to confiugre IPSec VPN on the switch: 1. Create an Extended ACL. RFSwitch(config-ext-nacl)#ip access-list extended 101 2. Configure the local subnet and remote subnet as interesting traffic. RFSwitch(config-ext-nacl)# permit ip 10.1.1.0/24 any RFSwitch(config-ext-nacl)# permit ip 192.168.0.0/24 any...
Page 247: Use Case 2: Configuring Site-To-Site Vpn
Global Configuration Commands 5-31 5.1.9.2 Use Case 2: Configuring Site-to-Site VPN Intranets use unregistered addresses connected over the public internet by site-to-site VPN. In this scenario, NAT is required for the connections to the public internet. However NAT is not required for traffic between the two intranets, which can be transmitted using a VPN tunnel over the public Internet.
Page 248 5-32 Motorola RF Switch CLI Reference Guide c. Create and configure ISAKMP policy. RFSwitch(config)#crypto isakmp policy 199 RFSwitch(config-crypto-isakmp)#encryption aes RFSwitch(config-crypto-isakmp)#hash sha RFSwitch(config-crypto-isakmp)#authentication pre-share RFSwitch(config-crypto-isakmp)#group 5 RFSwitch(config-crypto-isakmp)#lifetime 9496 d. Create and configure an IPSec transform set. RFSwitch(config)#crypto ipsec transform-set TFSET ah-sha-...
Page 249 Global Configuration Commands 5-33 2. Configuration required on switch 2: a. Create an extended ACL. This is defines the tunnel used by the traffic. RFSwitch(config)#access-list 155permit ip 13.1.1.0/24 12.1.1.0/24 rule-precedence 1 b. Create and configure the ISAKMP parameters. RFSwitch(config)#crypto isakmp keepalive 10 RFSwitch(config)#crypto isakmp key SYMBOLAD address 11.1.1.10 RFSwitch(config)#crypto ipsec security-association lifetime...
Page 250 5-34 Motorola RF Switch CLI Reference Guide f. Associate the crypto map with a VLAN interface. RFSwitch(config)#interface vlan1 RFSwitch(config-if)#ip address 15.1.1.20/24 RFSwitch(config-if)#crypto map THIRDMAP RFSwitch(config-if)#interface vlan2100 RFSwitch(config-if)#ip address 13.1.1.20/24 RFSwitch(config-if)#ip route 0.0.0.0/0 15.1.1.2...
Page 251 Global Configuration Commands 5-35 5.1.10 do Global Configuration Commands Runs commands from either the User Exec or Priv Exec mode Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax do (command of other mode) Parameters None Example RFSwitch(config)#do ping 157.235.208.69...
Page 252: End
5-36 Motorola RF Switch CLI Reference Guide 5.1.11 end Global Configuration Commands Ends the current mode and changes to the EXEC mode Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax Parameters None. Example RFSwitch(config)#end RFSwitch#? Priv Exec commands:...
Page 253: Errdisable
5-37 5.1.12 errdisable Global Configuration Commands Enables the timeout mechanism for the port Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax errdisable (recovery)[cause (bpduguard)|interval <10-1000000>] Parameters recovery Enables the timeout mechanism for the port to be recovered...
Page 254: Espi
5-38 Motorola RF Switch CLI Reference Guide 5.1.13 espi Global Configuration Commands Used to configure the ESPI Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported with: • WS5100 • RFS7000 NOTE: The arpi commands leads to the instance.
Page 255: Fallback
Enables and configures the software fallback feature. Failure to boot with the configured "use on boot" image allows booting with other image Supported in the Following Platforms: • WS5100 SWITCH NOTE: This command is not supported with: • RFS7000 • RFS6000 Syntax fallback(enable) Parameters...
Page 256: Format
5-40 Motorola RF Switch CLI Reference Guide 5.1.15 format Global Configuration Commands Supported in the Following Platforms: • RFS7000 SWITCH NOTE: This command is not supported with: • WS5100 • RFS6000 Syntax format Parameters Formats compact flash Example RFSwitch(config)#format cf...
Page 257: Ftp
Global Configuration Commands 5-41 5.1.16 ftp Global Configuration Commands Configures the switch as an FTP server Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ftp enable ftp password(0|1|LINE) ftp rootdir(DIR) Parameters enable Enables FTP server password Configures the FTP password.
Page 258: Hostname
5-42 Motorola RF Switch CLI Reference Guide 5.1.17 hostname Global Configuration Commands Changes the system’s network name Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax hostname(WORD) Parameters WORD Provide the name for the systems network Example...
Page 259: Interface
• eth <1-2> – Only supported with WS5100 • ge <index> – RFS7000 supports 4 GE’s and RFS6000 supports 8 GE’s • sa <1-4> – Only supported with RFS7000 • me1 – Only supported with RFS7000 and RFS6000 •...
Page 260 Parameters IFNAME Defines the interface name eth <1-2> Defines the Ethernet interface ge <1-4> GigabitEthernet interface (RFS7000 and RFS6000 only) FastEthernet interface (RFS7000 and RFS6000 only) sa <1-4> StaticAggregate interface (RFS7000 only) LAN interface. (RFS7000 only) vlan <1-4094> Defines the VLAN interface...
Page 261 Global Configuration Commands 5-45 5.1.19 ip Global Configuration Commands Configures a selected Internet Protocol Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 NOTE: Using moves you to the access-list extended instance. For more information, see Extended ACL...
Page 262 5-46 Motorola RF Switch CLI Reference Guide ip local(pool)[default(low-ip-address <A.B.C.D>)] #ip name-server(A.B.C.D) ip nat (inside|outside) [destination|source] static <A.B.C.D> [<1-65535> (tcp|udp)|<A.B.C.D>] ip route(A.B.C.D|A.B.C.D/M)<next-hop> ip routing ip ssh [port|rsa] ip ssh(port)<0-65536> ip ssh(rsa)(keypair-name(WORD)) ip telnet(port)<0-65535> Parameters access-list Using the access list parameter options to enter the context and the context.
Page 263 Global Configuration Commands 5-47 dhcp DHCP server configuration • bootp – Defines the BOOTP specific configuration • ignore – Configures the DHCP server to ignore BOOTP requests • class – Defines a DHCP class and enters the DHCP class configuration mode •...
Page 264 5-48 Motorola RF Switch CLI Reference Guide name-server (A.B.C.D) Specifies the DNS server for the DHCP client. A maximum of 6 name servers can be configured. Servers are tried in the order entered • A.B.C.D – IP address of DNS server Defines Network Address Translation (NAT) values •...
Page 265 Global Configuration Commands 5-49 Usage Guidelines 1 1. Use the command along with ip to undo any IP based configuration. [no] ip(access-list|default-gateway|dhcp|domain-lookup| domain-name|http|local|name-server|nat|route|routing|ssh|telnet) 2. When using the parameter, enter the following contexts: ip access-list • ext-nacl – extended ACL. For more information, see Extended ACL Instance on page 14-1 •...
Page 266 5-50 Motorola RF Switch CLI Reference Guide 4. Associate the DHCP class, created in Step 1 with the pool created in Step 3. The switch supports the association of only 8 CDHCP classes with a pool. RFSwitch(config-dhcp)#class RFSwitchDHCPclass RFSwitch(config-dhcp-class)# 5. The switch leads you to a new mode (config-dhcp-class). Use this mode to add an address range used with the DHCP class associated with the pool.
Page 267: License
Global Configuration Commands 5-51 5.1.20 license Global Configuration Commands Display the details of the license Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax license Parameters WORD Enter the name of the feature for which you wish to add...
Page 268: Line
5-52 Motorola RF Switch CLI Reference Guide 5.1.21 line Global Configuration Commands Configures the terminal line Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax line(console|vty) Parameters console Primary terminal line (set a value between 0-0) Virtual terminal (set a value between 0-871)
Page 269: Local
5-53 5.1.22 local Global Configuration Commands Sets the username and password for local user authentication Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax local(username,password) Parameters username Defines the local user name (can be a string of up to 64...
Page 270: Logging
5-54 Motorola RF Switch CLI Reference Guide 5.1.23 logging Global Configuration Commands Modifies message logging facilities Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax logging[aggregation-time|buffered|console|facility| host|monitor|on|syslog] logging aggregation-time<1-20> logging buffered[<0-7>|alerts|critical|debugging| emergencies|errors|informational|notifications|warnings] Parameters aggregation-time Sets the number of seconds for aggregating repeated messages.
Page 271 Global Configuration Commands 5-55 facility Syslog facility in which log messages are sent • local0 – Syslog facility local0 • local1 – Syslog facility local1 • local2 – Syslog facility local2 • local3 – Syslog facility local3 • local4 – Syslog facility local4 •...
Page 272: Mac
5-56 Motorola RF Switch CLI Reference Guide 5.1.24 mac Global Configuration Commands Configures MAC access lists Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mac(access-list)(extended)(WORD) Parameters access-list Defines the ACL configuration for the MAC address • extended – MAC Extended ACL •...
Page 273: Mac-Address-Table
Global Configuration Commands 5-57 5.1.25 mac-address-table Global Configuration Commands Configures the MAC address table Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mac-address-table(aging-time)[0| <10-1000000>] Parameters aging-time The duration for which a learned mac address persists after [0|<10-1000000>]...
Page 274: Management
5-58 Motorola RF Switch CLI Reference Guide 5.1.26 management Global Configuration Commands Sets management interface properties Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax management(secure) Parameters secure Limits local access (Web/Telnet etc.) to the management interface...
Page 275: Ntp
Global Configuration Commands 5-59 5.1.27 ntp Global Configuration Commands Configure NTP values Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ntp [access-group|authenticate|authentication-key|autokey| broadcast|broadcastdelay|master|peer|server|trusted-key] ntp access-group(peer|query-only|serve|serve-only) ntp access-group peer(<1-99>|<1300-1999>) ntp access-group query-only(<1-99>|<1300-1999>) ntp access-group serve(<1-99>|<1300-1999>) ntp access-group serve-only(<1-99>|<1300-1999>)
Page 276 5-60 Motorola RF Switch CLI Reference Guide Parameters access-group Controls NTP access • peer – Provides full access • query-only – Allows only control queries • serve – Provides server and query access • serve-only – Provides only server access •...
Page 277 Global Configuration Commands 5-61 master Acts as a NTP master clock • <1-15> – Sets the stratum number for the NTP master clock peer Configures the NTP peer • <Peer IP> – Sets the IP address of the peer • autokey – Configures an autokey peer authentication scheme •...
Page 278 5-62 Motorola RF Switch CLI Reference Guide RFSwitch(config)#ntp peer TestPeer autokey ? prefer Prefer this peer when possible version Configure NTP version <cr> RFSwitch(config)#ntp peer TestPeer autokey prefer ? version Configure NTP version <cr> RFSwitch(config)#ntp peer TestPeer autokey prefer version ? <1-4>...
Page 279: Power
Configures Power Over Ethernet (POE) for the GE ports Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported with: • WS5100 • RFS7000 Syntax power (trap-percent)<0-100> trap-percent <0-100> Configures the percentage of total power at which the POE...
Page 280: Prompt
5-64 Motorola RF Switch CLI Reference Guide 5.1.29 prompt Global Configuration Commands Configures and sets the systems prompt Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax prompt(LINE) Parameters LINE Enter the new prompt displayed by the system...
Page 281: Radius-Server
Enters the RADIUS server mode, the system prompt changes from the default config mode to the RADIUS server mode Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 NOTE: mode takes you to the RADIUS server radius-server local context.
Page 282 5-66 Motorola RF Switch CLI Reference Guide retransmit Specifies the number of retries to active server • <0-100> – Number of retries for a transaction (default is timeout Time to wait for a RADIUS server to reply <1-1000> – Wait time (default 5 seconds) Usage Guidelines The RADIUS server host is used to configure RADIUS server details.
Page 283: Redundancy
Global Configuration Commands 5-67 5.1.31 redundancy Global Configuration Commands Configures redundancy group parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax redundancy [auto-revert (enable)|auto-revert-period <1-1800>| dhcp-server (enable)|discovery-period <10-60>|enable| group-id <1-65535>|handle-stp (enable)|heartbeat-period <1-255>| hold-period <10-255>|interface-ip <IP Address>| manual-revert|member-ip <IP address>|mode (primary|standby)]...
Page 284 5-68 Motorola RF Switch CLI Reference Guide member-ip <Member IP> Adds a member to this redundancy group mode [primary|standby] Sets the mode to either primary or standby Example RFSwitch(config)#redundancy discovery-period 20 RFSwitch(config)# RFSwitch(config)#redundancy handle-stp enable RFSwitch(config)# RFSwitch(config)#redundancy heartbeat-period 20 RFSwitch(config)#...
Page 285: Service
Use this command to retrieve system data (tables, log files, configuration, status and operation) for use in debugging and problem resolution. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 To view the command of User Exec and Priv Exec Mode, refer to...
Page 286 5-70 Motorola RF Switch CLI Reference Guide show Shows running system information terminal-length System wide terminal length configuration watchdog Enables service for watchdog Example RFSwitch(config)#service dhcp RFSwitch(config)# RFSwitch(config)#service radius restart RFSwitch(config)#...
Page 287: Snmp-Server
Global Configuration Commands 5-71 5.1.33 snmp-server Global Configuration Commands Modifies SNMP engine parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax snmp- server(community|contact|enable|host|location|manager|sysname|user) snmp-server community(WORD(ro|rw)) snmp-server contact LINE snmp-server enable traps(all|dhcp-server| diagnostics|miscellaneous|mobility|nsm|radius-server| redundancy|snmp|wireless|wireless-statistics) snmp-server enable traps all...
Page 288 5-72 Motorola RF Switch CLI Reference Guide snmp-server enable traps wireless (ids) [muExcessiveEvents|radioExcessiveEvents|switchExcessiveEvents] snmp-server enable traps wireless (radio) [adopted|detectedRadar|unadopted] snmp-server enable traps wireless self-healing activated snmp-server enable traps wireless station [associated|deniedAssociationAsPortCapacityReached| deniedAssociationOnCapability|deniedAssociationOnErr| deniedAssociationOnInvalidWPAWPA2IE|deniedAssociationO nRates|deniedAssociationOnSSID|deniedAssociationOnShor tPream|deniedAssociationOnSpectrum|deniedAuthenticatio n|disassociated|radiusAuthFailed|tkipCounterMeasures] snmp-server enable traps wireless wlan [vlanUserLimitReached]...
Page 289 Global Configuration Commands 5-73 Parameters community Sets the community string and access privileges • ro – Read-only access with this community string • rw – Read-write access with this community string contact Text for mib object sysContact • LINE – Sets the contact person for this managed node enable ( ) traps –...
Page 290 5-74 Motorola RF Switch CLI Reference Guide enable (traps) diagnostics ( ) Enables diagnostics traps • cpuLoad15Min • cpuLoad1Min • cpuLoad5Min • fanSpeedLow • fileDescriptors • ipRouteCache • packetBuffers • processMemoryUsage • ramFree • tempHigh • tempOver • usedKernelBuffer enable (traps) miscellaneous ( ) Enables miscellaneous traps •...
Page 291 Global Configuration Commands 5-75 enable (traps) radius-server () Enables radius-server traps • radiusServerDown – RADIUS server down • radiusServerUp – RADIUS server up enable (traps) redundancy ( ) Enables redundancy traps • adoptionExceeded – Redundancy port adoption exceeded • grpAuthLevelChanged – Redundancy group authorization level changed •...
Page 292 5-76 Motorola RF Switch CLI Reference Guide enable (traps) wireless ( ) Enables wireless traps • ap-detection – Enables wireless AP detection traps • externalAPDetected – External AP detected • externalAPRemoved – External AP detected • ids – Enables wireless IDS traps •...
Page 293 Global Configuration Commands 5-77 • deniedAssociationOnErr – Wireless station denied association due to internal error • deniedAssociationOnInvalidWPAWPA2 IE – Wireless station denied association due to invalid/absent WPA/WPA2 IE • deniedAssociationOnRates – Wireless station denied association due to incompatible Transmission rates •...
Page 294 5-78 Motorola RF Switch CLI Reference Guide enable (traps) wireless- Modifies wireless-stats rate traps statistics ( ) • mesh – Modifies mesh rate traps • avg-bit-speed-less-than – Average bit speed in Mbps between <0.00> and <54.00> • avg-retry-greater-than – Average retry is greater than 0.00 and less...
Page 295 Global Configuration Commands 5-79 • min-packets – Minimum packets required for sending the trap • <1-65535> – Defines the minimum packets for sending the trap. This can be set with a decimal number in the range of <1-65535> • mobile-unit – Modifies mobile-unit rate traps •...
Page 296 5-80 Motorola RF Switch CLI Reference Guide • tput-greater-than – Throughput in Mbps is greather than 0.00 and less than or equal to 100000.00 • undecrypt-percent-greater-than – Percentage of undecryptable pkts is geater than 0.00 and less than or equal to 100.00...
Page 297 Global Configuration Commands 5-81 RFSwitch(config)#snmp-server enable traps miscellaneous lowFsSpace RFSwitch(config)# RFSwitch(config)#snmp-server enable traps redundancy memberUp RFSwitch(config)# RFSwitch(config)#snmp-server enable traps snmp linkup RFSwitch(config)# RFSwitch(config)#snmp-server enable traps wireless ap-detection externalAPDetected RFSwitch(config)# RFSwitch(config)#snmp-server enable traps wireless excessiveProbes RFSwitch(config)# RFSwitch(config)#snmp-server enable traps wireless radio adopted RFSwitch(config)# RFSwitch(config)#snmp-server enable traps wireless self-healing activated...
Page 298: Sole
5-82 Motorola RF Switch CLI Reference Guide 5.1.34 sole Global Configuration Commands Sets SOLE related configuration commands. This command leads you to the instance. For more information on SOLE parameters, refer to (config-sole)# SOLE Instance on page 21-1. Supported in the Following Platforms: •...
Page 299: Spanning-Tree
Global Configuration Commands 5-83 5.1.35 spanning-tree Global Configuration Commands Configures spanning-tree commands Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax spanning-tree [mst|portfast] spanning-tree mst [<0-15> (priority <0-61440>)| cisco-interoperability (enale|disable)|configuration| forward-time <4-30>|hello-time <1-10>|max-age <6-40>| max-hops <7-127>] spanning-tree portfast [bpdufilter|bpduguard](default)
Page 300 5-84 Motorola RF Switch CLI Reference Guide Parameters mst [<0-15> Enables the Multiple Spanning Tree Protocol on a bridge (priority <0-61440>)| • <0-15> (priority <0-61440>) – Set the bridge priority for cisco-interoperability an MST instance to the value specified. Use the no...
Page 301 Global Configuration Commands 5-85 • max-age <6-40> – Max-age is the maximum time in seconds for which (if a bridge is the root bridge) a message is considered valid. This prevents the frames from looping indefinitely. The value of max-age must be greater than twice the value of hello time plus one, but less than twice the value of forward delay minus one.
Page 302 5-86 Motorola RF Switch CLI Reference Guide portfast Enables the portfast feature on a bridge. It has the [bpdufilter|bpduguard] following options: (default) • bpdufilter (default) – Use the command to bpdu-filter set the portfast BPDU filter for the port. Use the parameter with this command to revert the port BPDU filter value to default.
Page 303: Switch
Global Configuration Commands Configures the switch’s geographical location parameters Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported with: • WS5100 • RFS7000 Syntax switch [coordinates|geo-coordinates] switch (coordinates) (x) <0-65535> (y)<0-65535> (z) <0-65535> switch (geo-coordinates)(longitude)<-180.00-180.00> (latitude) <-90.00-90.00>...
Page 304: Timezone
5-88 Motorola RF Switch CLI Reference Guide 5.1.37 timezone Global Configuration Commands Configures switch timezone settings Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax timezone Parameters TIMEZONE Press <tab> to traverse a list of files., this displays a list of...
Page 305: Username
Global Configuration Commands 5-89 5.1.38 username Global Configuration Commands Establishes user name authentication Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax username <name> [access|password|privilege] username <name> access [console|ssh|telnet|web] username <name> password [0|1|WORD] username <name> privilege [helpdesk|monitor|nwadmin|superuser|sysadmin|webadmin]...
Page 306: Encrypting A Password
• webadmin – Web auth (hotspot) user admin access Example RFSwitch(config)#username GoldenSwitch RFSwitch(config)# RFS7000(config)#username Aeyjey access console ssh telnet web RFS7000(config)# 5.1.38.1 Encrypting a Password To encrypt a password: 1. Enable password encryption and provide the passphrase required for encrypting the passwords.
Page 307 Global Configuration Commands 5-91 username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507d username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931f username Jiri password 1 399f01e13e372ba2dc02f37d869021873e60aa85 3. The password in the above running configuration is displayed in an encrypted format even though it was entered as plain text in Step 1.
Page 308: Vpn
5-92 Motorola RF Switch CLI Reference Guide 5.1.39 vpn Global Configuration Commands Configures VPN settings Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax vpn authentication-method(local|radius) Parameters authentication-method Selects the authenication scheme • local – Usedfor user based authentication •...
Page 309: Wireless
For more information, see Wireless Instance on page 20-1. wireless Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax wireless Parameters None Usage Guidelines The wireless command is used to enter the config-wireless instance wherein you can configure wireless parameters.
Page 310: Wlan-Acl
5-94 Motorola RF Switch CLI Reference Guide 5.1.41 wlan-acl Global Configuration Commands Use this command to apply an ACL on a WLAN index Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax wlan-acl <1-32> [<1-99>|<100-199>|<1300|1999>|<2000|2699>|word] [in|out] Parameters <1-32>[ ]...
Page 311 Global Configuration Commands 5-95 can be attached both in the inbound and outbound directions. wlan-acl NOTE: Most of the Wireless LAN related configuration are performed using the Wireless Instance on page 20-1. l (in the global configuration mode) to apply an ACL on a wlan-ac wireless LAN index .
Page 312 5-96 Motorola RF Switch CLI Reference Guide • Standard IP access list stdacl permit any wlan 5 rule-precedence 34 permit host 10.0.0.10 wlan 6 rule-precedence 44 deny host 30.0.0.14 rule-precedence 54 After upgrade to 3.0.2 the configuration will look like •...
Page 313 Global Configuration Commands 5-97 a. Create separate ACLs for all rules with a given WLAN index. b. Create separate ACLs for rules which do not have any WLAN index. To manually configure a Standard ACL, the example above has to be split into 3 ACLs. ip access-list standard stdacl1 permit any rule-precedence 34 ip access-list standard stdacl2...
Page 314 5-98 Motorola RF Switch CLI Reference Guide...
Page 315 Crypto-isakmp Instance Use the to instantiate the crypto isakmp policy(priority) config-crypto-isakmp instance. 6.1 Crypto ISAKMP Config Commands Table 6.1 summarizes commands crypto-isakmp Table 6.1 Crypto ISAKMP Command Summary Command Description Ref. authentication Sets the authentication scheme page 6-2 clrscr Clears the display screen page 6-3 encryption Sets the encryption algorithm...
Page 316: Crypto Isakmp Config Commands
Motorola RF Switch CLI Reference Guide Table 6.1 Crypto ISAKMP Command Summary Command Description Ref. service Defines the switch’s service commands page 6-12 show Shows running system information page 6-13 6.1.1 authentication Crypto ISAKMP Config Commands Authenticates keys rsa-sig pre-share Supported in the Following Platforms: •...
Page 317: Clrscr
Crypto-isakmp Instance 6.1.2 clrscr Crypto ISAKMP Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None. Example RFSwitch(config-crypto-isakmp)#clr RFSwitch(config-crypto-isakmp)#...
Page 318: Encryption
Motorola RF Switch CLI Reference Guide 6.1.3 encryption Crypto ISAKMP Config Commands Configures the encryption level of the data transmitted using the crypto-isakmp command Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax encryption(3des|aes|aes-192|aes-256|des) Parameters 3des Triple data encryption standard...
Page 319: End
Crypto-isakmp Instance 6.1.4 end Crypto ISAKMP Config Commands Ends and exits the current mode and changes to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax Parameters None. Example RFSwitch(config-crypto-isakmp))#end...
Page 320: Exit
Motorola RF Switch CLI Reference Guide 6.1.5 exit Crypto ISAKMP Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax...
Page 321: Group
Crypto ISAKMP Config Commands Specifies the Diffie-Hellman group (1 or 2) used by this IKE policy to generate keys (which is then used to create an IPSec SA) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax group[1|2|5] Parameters...
Page 322: Hash
Motorola RF Switch CLI Reference Guide 6.1.7 hash Crypto ISAKMP Config Commands Specifies the hash algorithm used to authenticate data transmitted over the IKE SA Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax hash(md5|sha) Parameters Choose the md5 hash algorithm...
Page 323: Help
Crypto-isakmp Instance 6.1.8 help Crypto ISAKMP Config Commands Displays the system’s interactive help system Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None. Example RFSwitch(config-crypto-isakmp)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
Page 324: Lifetime
6-10 Motorola RF Switch CLI Reference Guide 6.1.9 lifetime Crypto ISAKMP Config Commands Specifies how long an IKE SA is valid before expiring Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax lifetime <seconds> Parameters <seconds> Specifies how many seconds an IKE SA lasts before expiring.
Page 325 Crypto-isakmp Instance 6-11 6.1.10 no Crypto ISAKMP Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no [authentication|encryption|group|hash|lifetime] Parameters None. Example RFSwitch(config-crypto-isakmp)#no lifetime RFSwitch(config-crypto-isakmp)#...
Page 326: Service
6-12 Motorola RF Switch CLI Reference Guide 6.1.11 service Crypto ISAKMP Config Commands Invokes service commands to trobuleshoot or debug instance (config-crypto-isakmp) configurations Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show)(cli) Parameters Displays the CLI tree of current mode...
Page 327: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <paramater> Parameters Displays all the parameters for which information can be...
Page 328 6-14 Motorola RF Switch CLI Reference Guide commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history...
Page 329 Crypto-group Instance Use the to instantiate crypto isakmp client (configuration)(group)(default) instance. config-crypto-group 7.1 Crypto Group Config Commands Table 7.1 summarizes the switch commands config-crypto-group Table 7.1 Crypto Group Command Summary Command Description Ref. clrscr Clears the display screen page 7-2 Defines a primary and secondary Domain Name Server page 7-3 (DNS)
Page 330: Crypto Group Config Commands
Motorola RF Switch CLI Reference Guide 7.1.1 clrscr Crypto Group Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-crypto-group)#clr RFSwitch(config-crypto-group)#...
Page 331: Dns
Crypto-group Instance 7.1.2 dns Crypto Group Config Commands Specifies the DNS server address(es) to assign to a client Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax dns <IP Address> Parameters <IP Address> The first DNS server address to assign <IP Address>...
Page 332: End
Motorola RF Switch CLI Reference Guide 7.1.3 end Crypto Group Config Commands Ends and exits the current mode and changes to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000...
Page 333: Exit
Crypto-group Instance 7.1.4 exit Crypto Group Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config-crypto-group)#exit...
Page 334: Help
Motorola RF Switch CLI Reference Guide 7.1.5 help Crypto Group Config Commands Displays the system’s interactive help system Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-crypto-group)#help CLI provides advanced help feature.
Page 335: Service
7.1.6 service Crypto Group Config Commands Invokes service commands used trobuleshoot or debug (config-crypto-isakmp) instance configurations Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show)(cli) Parameters Displays the CLI tree of current mode Example RFSwitch(config-crypto-group)#service show cli...
Page 336: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <paramater> Parameters Displays all the parameters for which information can be...
Page 337 Crypto-group Instance clock Display system clock commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history interfaces Interface status Internet Protocol (IP)
Page 338: Wins
7-10 Motorola RF Switch CLI Reference Guide 7.1.8 wins Crypto Group Config Commands Specifies the Windows Internet Naming Service (WINS) servers to assign to a client Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax wins <IP Address> <IP Address>...
Page 339 Crypto-peer Instance Use the command to instantiate crypto isakmp peer [IP Address|dns|hostname] instance. config-crypto-peer 8.1 Crypto Peer Config Commands Table 8.1 summarizes the commands config-crypto-peer Table 8.1 Crypto Peer Command Summary Command Description Ref. clrscr Clears the display screen page 8-2 Ends the current mode and moves to the EXEC mode page 8-3 exit...
Page 340: Crypto Peer Config Commands
Motorola RF Switch CLI Reference Guide 8.1.1 clrscr Crypto Peer Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-crypto-peer)#clr RFSwitch(config-crypto-peer)
Page 341: End
Crypto-peer Instance 8.1.2 end Crypto Peer Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax Parameters None Example RFSwitch(config-crypto-peer)#end...
Page 342: Exit
Motorola RF Switch CLI Reference Guide 8.1.3 exit Crypto Peer Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax...
Page 343: Help
Crypto-peer Instance 8.1.4 help Crypto Peer Config Commands Accesses the system’s interactive help system Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-crypto-peer)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
Page 344 Motorola RF Switch CLI Reference Guide 8.1.5 no Crypto Peer Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax (no) set (aggressive-mode)(password) Parameters command for parameters details Example...
Page 345: Service
8.1.6 service Crypto Peer Config Commands Invokes service commands to trobuleshoot or debug the (config-crypto-peer) instance configuration Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show)(cli) Parameters Displays the CLI tree of current mode Example RFSwitch(config-crypto-peer)#service show cli...
Page 346: Set
Motorola RF Switch CLI Reference Guide 8.1.7 set Crypto Peer Config Commands Configures the aggressive-mode of crypto-peer Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax set aggressive-mode (password) Parameters aggressive-mode Defines aggressive mode attributes • password – Specifies a tunnel-password attribute...
Page 347: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <paramater> Parameters Displays all the parameters for which information can be viewed using the show command.
Page 348 8-10 Motorola RF Switch CLI Reference Guide commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history...
Page 349: Chapter 9. Crypto-Ipsec Instance
Crypto-ipsec Instance Use the instance to define the transform configuration for (config-crypto ipsec) securing data (esp-3des, esp-sha-hmac etc.). The transform set is assigned to a crypto map using the map’s transform-set command. For more details, see crypto-map transform set page 10-11.
Page 350: Mode
Motorola RF Switch CLI Reference Guide 9.1.1 mode Crypto IPSec Config Commands Configures the IPSec mode of operation Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mode(transport|tunnel) Parameters transport Transport mode tunnel Tunnel mode Example RFSwitch(config-crypto-ipsec)#mode transport...
Page 351: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <paramater> Parameters Displays all the parameters for which information can be...
Page 352 Motorola RF Switch CLI Reference Guide commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history...
Page 353 Crypto-map Instance commands define a Certificate Authority (CA) trustpoint. This is config-crypto-map a seperate instance, but belongs to the mode under the crypto pki trustpoint instance. config 10.1 Crypto Map Config Commands Table 10.1 summarizes commands: config-crypto-map Table 10.1 Crypto Map Command Summary Command Description Ref.
Page 354: Crypto Map Config Commands
10-2 Motorola RF Switch CLI Reference Guide 10.1.1 clrscr Crypto Map Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-crypto-map)#clr RFSwitch(config-crypto-map)
Page 355: End
10.1.2 end Crypto Map Config Commands Ends and exits the current mode and moves to the to PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax Parameters None Example RFSwitch(config-crypto-map)#end...
Page 356: Exit
10-4 Motorola RF Switch CLI Reference Guide 10.1.3 exit Crypto Map Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000...
Page 357: Help
Crypto-map Instance 10-5 10.1.4 help Crypto Map Config Commands Displays the system’s interactive help system Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-crypto-map)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
Page 358: Match
10-6 Motorola RF Switch CLI Reference Guide 10.1.5 match Crypto Map Config Commands Use this command to assign an IP access-list to a crypto map definition. The access-list designates the IP packets to be encrypted by this crypto map. A crypto map entry is a single policy that describes how certain traffic is secured. There are two types of crypto map entries: ipsec-manual and ipsec-ike entries.
Page 359 Crypto-map Instance 10-7 Usage Guidelines Crypto map entries do not directly contain the selectors used to determine which data to secure. Instead, the crypto map entry refers to an access control list. An access control list (ACL) is assigned to the crypto map using the match address command. If no ACL is configured for a crypto map, the entry is incomplete and will have no effect on the system.
Page 360 10-8 Motorola RF Switch CLI Reference Guide 10.1.6 no Crypto Map Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no <previous command used> Parameters Use the commands configured under this instance...
Page 361: Service
10.1.7 service Crypto Map Config Commands Invokes service commands to trobuleshoot or debug the (config-crypto-peer) instance configuration Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show)(cli) Parameters Displays the CLI tree of the current mode Example...
Page 362 10-10 Motorola RF Switch CLI Reference Guide +-perhost [no set security-association level perhost] +-lifetime [no set security-association lifetime] +-session-key +-inbound +-ah [no set session-key ( inbound | outbound ) ah] +-esp [no set session-key ( inbound | outbound ) esp] ..............
Page 363: Set
Crypto-map Instance 10-11 10.1.8 set Crypto Map Config Commands Configures set parameters for the peer device Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax set (localid|mode|peer|pfs|remote-type[ipsec-l2tp|xauth]| security-association|session-key|transformset) set localid(dn|hostname) set security-association (level(perhost)|lifetime(kilobytes|seconds)<value>) set session-key (inbound|outbound)(ah|esp) set session-key (inbound|outbound) ah <hexkey data>...
Page 364 10-12 Motorola RF Switch CLI Reference Guide peer Sets the IP address of the peer device. This can be set for multiple remote peers. The remote peer can be either an IP address or hostname. Note: In manual mode, only one remote peer can be added for a crypto map •...
Page 365 Crypto-map Instance 10-13 session-key Use the set session-key command to define the encryption and authentication keys for this crypto map • inbound – Defines encryption keys for inbound traffic • outbound – Defines encryption keys for outbound traffic inbound/outbound Defines encryption keys for inbound/outbound traffic (ah|esp) •...
Page 366 10-14 Motorola RF Switch CLI Reference Guide Values can be entered in both kilobytes and seconds. Whichever limit is reached first, ends the security association. RFSwitch(config-crypto-map)#set session-key (inbound|outbound)(ah|esp) RFSwitch(config-crypto-map)#set session-key (inbound|outbound) ah <hexkey data> RFSwitch(config-crypto-map)#set session-key (inbound|outbound) esp <SPI> cipher <hexdata key> authenticator <hexkey data>...
Page 367: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <paramater> Parameters Displays all the parameters for which information can be...
Page 368 10-16 Motorola RF Switch CLI Reference Guide commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history...
Page 369 Crypto-trustpoint Instance commands define a Certificate Authority (CA) trustpoint. config-crypto-trustpoint This is a separate instance, but belongs to the mode under the crypto pki trustpoint instance. config 11.1 Trustpoint (PKI) Config Commands Table 11.1 summarizes commands: config-crypto-trustpoint Table 11.1 Trustpoint (PKI) Config Command Summary Command Description Ref.
Page 370 11-2 Motorola RF Switch CLI Reference Guide Table 11.1 Trustpoint (PKI) Config Command Summary Command Description Ref. password Sets the challenge password (applicable only for page 11-12 requests), to access the trustpoint rsakeypair Defines a RSA Keypair to associate with the trustpoint...
Page 371: Chapter 11. Crypto-Trustpoint Instance
Crypto-trustpoint Instance 11-3 11.1.1 clrscr Trustpoint (PKI) Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-trustpoint)#clrscr RFSwitch(config-trustpoint)#...
Page 372: Company-Name
11-4 Motorola RF Switch CLI Reference Guide 11.1.2 company-name Trustpoint (PKI) Config Commands Sets the company name (Applicable only for request) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax company-name Parameters WORD Company name (2 to 64 characters)
Page 373: Email
Crypto-trustpoint Instance 11-5 11.1.3 email Trustpoint (PKI) Config Commands Sets the e-mail ID for the trustpoint Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax email Parameters WORD email address (2 to 64 characters) Example RFSwitch(config-trustpoint)#email abcTestemailID@symbol.com...
Page 374: End
11-6 Motorola RF Switch CLI Reference Guide 11.1.4 end Trustpoint (PKI) Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000...
Page 375: Exit
11-7 11.1.5 exit Trustpoint (PKI) Config Commands Ends the current mode and moves to previous the mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config-trustpoint)#exit...
Page 376: Fqdn
11-8 Motorola RF Switch CLI Reference Guide 11.1.6 fqdn Trustpoint (PKI) Config Commands Configures the domain name of the trustpoint Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax fqdn Parameters None NOTE: The domain name should be between 9 and 64 characters.
Page 377: Help
Crypto-trustpoint Instance 11-9 11.1.7 help Trustpoint (PKI) Config Commands Displays the systems interactive help system Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-trustpoint)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
Page 378: Ip-Address
11-10 Motorola RF Switch CLI Reference Guide 11.1.8 ip-address Trustpoint (PKI) Config Commands Sets an IP address for the trustpoint Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ip-address Parameters A.B.C.D Enter the IP address for the trustpoint Example RFSwitch(config-trustpoint)#ip-address 157.200.200.02...
Page 379 Crypto-trustpoint Instance 11-11 11.1.9 no Trustpoint (PKI) Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no <previous command used> Parameters None. Example RFSwitch(config-trustpoint)#no ip-address RFSwitch(config-trustpoint)#...
Page 380: Password
11-12 Motorola RF Switch CLI Reference Guide 11.1.10 password Trustpoint (PKI) Config Commands Sets the challenge password (applicable only for requests) to acces the trustpoint Syntax password(0|2|WORD) Parameters Password is specified as UNENCRYPTED, the password should be between 4 to 20 characters...
Page 381: Rsakeypair
Crypto-trustpoint Instance 11-13 11.1.11 rsakeypair Trustpoint (PKI) Config Commands Configures a RSA Keypair to associate with the trustpoint Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax rsakeypair Parameters WORD RSA Keypair Identifier Usage Guidelines The RSA key pair configures the switch to have Rivest, Shamir, and Adelman (RSA) key pairs.
Page 382: Service
11-14 Motorola RF Switch CLI Reference Guide 11.1.12 service Trustpoint (PKI) Config Commands Invokes service commands to trobuleshoot or debug the crypto pki trustpoint instance configuration Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show)(cli) Parameters...
Page 383 Crypto-trustpoint Instance 11-15 +-WORD [password (0|2|) WORD] ......................................... RFSwitch(config-trustpoint)
Page 384: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <paramater> Parameters Displays all the parameters for which information can be...
Page 385 Crypto-trustpoint Instance 11-17 commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history interfaces Interface status Internet Protocol (IP) ldap...
Page 386: Subject-Name
11-18 Motorola RF Switch CLI Reference Guide 11.1.14 subject-name Trustpoint (PKI) Config Commands Creates a subject name to configure a trustpoint. The subject name is a collection of required parameters to configure a trustpoint Supported in the Following Platforms: • WS5100 •...
Page 387 Interface Instance Use the ) instance to configure the interfaces — Ethernet, VLAN and tunnel (config-if associated with the switch. 12.1 Interface Config Commands Table 12.1 summarizes the commands: config-if Table 12.1 Interface Config Command Summary Command Description Ref. clrscr Clears the display screen page 12-3 crypto...
Page 388 12-2 Motorola RF Switch CLI Reference Guide Table 12.1 Interface Config Command Summary (Continued) Command Description Ref. management Sets the selected interface as the management page 12-14 interface Negates a command or sets its defaults page 12-15 port-channel Configures the load-balancing criteria of an aggregated...
Page 389: Chapter 12. Interface Instance
Interface Instance 12-3 12.1.1 clrscr Interface Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-if)#clrscr RFSwitch(config-if)#...
Page 390: Crypto
12-4 Motorola RF Switch CLI Reference Guide 12.1.2 crypto Interface Config Commands Syntax crypto map(WORD) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Parameters map <tag> Assigns a Crypto Map • <tag> – Crypto Map tag Usage Guidelines At any given instance you can add one crypto mapset to a single interface.
Page 391: Description
Interface Instance 12-5 12.1.3 description Interface Config Commands Creates an interface specific desciption Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax description Parameters LINE Defines the characters describing this interface Example RFSwitch(config-if)#description "interface for RetailKing" RFSwitch(config-if)#...
Page 392: Duplex
12-6 Motorola RF Switch CLI Reference Guide 12.1.4 duplex Interface Config Commands Specifies the duplex mode NOTE: • Duplexity can only be set for an Ethernet Interface. Enter the instance using the parameter of the (config-if) interface mode • The duplex cannot be set until the speed is set to a non-auto value Supported in the Following Platforms: •...
Page 393: End
12-7 12.1.5 end Interface Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax Parameters None Example RFSwitch(config-if)#end RFSwitch#...
Page 394: Exit
12-8 Motorola RF Switch CLI Reference Guide 12.1.6 exit Interface Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax...
Page 395: Help
Interface Instance 12-9 12.1.7 help Interface Config Commands Displays the system’s interactive help Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-if)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
Page 396 12-10 Motorola RF Switch CLI Reference Guide 12.1.8 ip Interface Config Commands Sets the IP address for the assigned GigabitEthernet interface (GE), FastEthernet interface (ME), LAN interface (UP), Ethernet interface (ETH), StaticAggregate interface (SA) or VLAN Interface. Supported in the Following Platforms: •...
Page 397: Creating Helper Address Using Dhcp Server
Interface Instance 12-11 Sets Network Address Translation (NAT) parameters • inside – Inside interface • outside – Outside interface Usage Guidelines IPv4 commands are not allowed on a L2 interface. Use the command ip access-group to attach an access list to an interface. Use the command to remove no ip access-group the access list from the interface...
Page 398: Configuring A Static Nat Source Translation
12-12 Motorola RF Switch CLI Reference Guide 12.1.8.2 Configuring a Static NAT Source Translation The example below displays static NAT source translation: RFSwitch(config)#interface vlan 1000 RFSwitch(config-if)#ip nat inside RFSwitch(config-if)#interface vlan 2000 RFSwitch(config-if)#ip nat outside RFSwitch(config)#ip nat inside source static 172.168.200.10 157.235.205.57...
Page 399: Mac
Applies a MAC access list to a gigabit ethernet interface NOTE: The access list cannot be applied on a management interface (me1). Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mac (access-group) <acl_name> (in) Parameters access-group <acl_name>...
Page 400: Management
12-14 Motorola RF Switch CLI Reference Guide 12.1.10 management Interface Config Commands Sets the selected interface as management interface. It can only be used on a VLANx interface. The TFTP/FTP server providing the switch its config file at startup must be accessible via this interface.
Page 401: Port-Channel
• RFS6000 SWITCH NOTE: The following commands are not supported on RFS6000: • port-channel • static-channel-group SWITCH NOTE: The following command is not supported on WS5100 and RFS7000: • power Syntax no [crypto|description|duplex|ip|mac|port-channel|power| shutdown|spanning-tree|speed|static-channel-group|switchport] Parameters command negates any command associated with it. Wherever required, use the...
Page 402 12-16 Motorola RF Switch CLI Reference Guide 12.1.12 port-channel Interface Config Commands Selects the load-balance criteria of an aggregated port Supported in the Following Platforms: • WS5100 • RFS7000 SWITCH NOTE: RFS6000 does not support this command. Syntax port-channel (load-balance) [src-dst-ip|src-dst-mac]...
Page 403: Configuring A Port Aggregation
The port-channel selection is based on either source- destination IP or source destination MAC RFS7000(config-if)#port-channel load-balance src-dst-ip RFS7000(config-if)# The default port-channel criteria is based on source-destination IP. The port channel (when configured with does not show up in the running-config.
Page 404 12-18 Motorola RF Switch CLI Reference Guide How src-dst-mac mode works When the switch sends a packet out of a SA, it selects the egress port as a function of the packet's source MAC, destination MAC, and the set of ports in the SA which are running.
Page 405: Power
Invokes PoE commands to configure PoE power limit and priority for a port Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported with: • WS5100 • RFS7000 Syntax power [limit <0-30>|priority (critical|high|low)] Parameters limit <0-30>...
Page 406 12-20 Motorola RF Switch CLI Reference Guide RFSwitch(config)#interface ge3 RFSwitch(config-if)#power priority critical RFSwitch(config-if)#exit RFSwitch(config)#show power configuration Power usage trap at 80% of max power (148 of 185 Watts) port Priority Power limit Enabled high 29.7W high 14.0W crit 29.7W high 29.7W...
Page 407: Service
Interface Config Commands Invokes service commands to troubleshoot or debug the instance (config-if) configuration Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show)(cli) Parameters Displays the CLI tree of the current mode Example RFSwitch(config-if)#service show cli...
Page 408: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <parameter> Parameters Displays the parameters for which information can be...
Page 409 Interface Instance 12-23 commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history interfaces Interface status Internet Protocol (IP) ldap...
Page 410: Shutdown
12-24 Motorola RF Switch CLI Reference Guide 12.1.16 shutdown Interface Config Commands Disables the selected interface, the interface is administratively enabled unless explicitly disabled using this command Displays current system information running on the switch Supported in the Following Platforms: •...
Page 411: Spanning-Tree
Interface Instance 12-25 12.1.17 spanning-tree Interface Config Commands Configures spanning tree parameters Displays current system information running on the switch Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax spanning-tree [bpdufilter(enable|disable)|bpduguard(enable|disable)| edgeport|force-version <0-3>|guard (root)| link-type(point-topoint|shared)| mst(<0-15>|port-cisco-interoperability)|portfast] spanning-tree mst [<0-15>(cost <1-200000000>| port-priority <0-240>)|port-cisco-interoperability(disable|enable)]...
Page 412 12-26 Motorola RF Switch CLI Reference Guide edgeport Enables an interface as an edgeport force-version <0-3> Specifies the spanning-tree force version. A version identifier of less than 2 enforces the spanning tree protocol. Select from the following versions: • 0 – STP •...
Page 413 Interface Instance 12-27 portfast Enables rapid transitions Example RFSwitch(config-if)#spanning-tree edgeport RFSwitch(config-if)# RFSwitch(config-if)#spanning-tree guard root RFSwitch(config-if)# RFSwitch(config-if)#spanning-tree link-type point-to-point RFSwitch(config-if)#...
Page 414: Speed
12-28 Motorola RF Switch CLI Reference Guide 12.1.18 speed Interface Config Commands Specifies the speed of a fast-ethernet (10/100) or a gigabit-ethernet port (10/100/1000) Displays current system information running on the switch Supported in the Following Platforms: • WS5100 • RFS7000 •...
Page 415: Static-Channel-Group
Interface Config Commands Adds an interface to a static channel group Displays current system information running on the switch Supported in the Following Platforms: • WS5100 • RFS7000 SWITCH NOTE: RFS6000 does not support this command Syntax static-channel-group <1-2> Parameters <1-2>...
Page 416: Switchport
12-30 Motorola RF Switch CLI Reference Guide 12.1.20 switchport Interface Config Commands Sets switching mode characteristics for the selected interface Displays current system information running on the switch Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax switchport(access|mode|trunk) switchport access vlan <1-4094>...
Page 417 Interface Instance 12-31 trunk Sets the trunking mode characteristics • allowed – Configures trunk characteristics when the port is in trunk-mode • vlan – Sets allowed VLANs • add – Adds VLANs to the current list • none – Allows no VLANs to Xmit/Rx through the Layer2 interface •...
Page 418 12-32 Motorola RF Switch CLI Reference Guide...
Page 419: Chapter 13. Spanning Tree-Mst Instance
Spanning tree-mst Instance to initiate the (config) (spanning-tree) (mst) (configuration) (config- instance. Use the instance to configure the switch’s Multi Spanning mst) (config-mst) Tree Protocol (MSTP) configuration. 13.1 mst Config Commands Table 13.1 summarizes the commands: (config-mst) Table 13.1 MSTP Config Command Summary Command Description Ref.
Page 420 13-2 Motorola RF Switch CLI Reference Guide Table 13.1 MSTP Config Command Summary (Continued) Command Description Ref. show Shows running system information page 13-13...
Page 421: Mst Config Commands
Spanning tree-mst Instance 13-3 13.1.1 clrscr mst Config Commands Clears the display Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-mst)#clrscr RFSwitch(config-mst)#...
Page 422: End
13-4 Motorola RF Switch CLI Reference Guide 13.1.2 end mst Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000...
Page 423: Exit
13-5 13.1.3 exit mst Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config-mst)#exit RFSwitch(config)#...
Page 424: Help
13-6 Motorola RF Switch CLI Reference Guide 13.1.4 help mst Config Commands Displays the system’s interactive help system Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-mst)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
Page 425: Instance
Spanning tree-mst Instance 13-7 13.1.5 instance mst Config Commands Associates VLAN(s) with an instance Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax instance <1-15> vlan <VLAN_ID> Parameters <1-15> Defines the instance ID to which the VLAN is associated...
Page 426: Name
13-8 Motorola RF Switch CLI Reference Guide 13.1.6 name mst Config Commands Sets the name for the MST region Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax name (region name) Parameters region name MST region name...
Page 427 Spanning tree-mst Instance 13-9 13.1.7 no mst Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no [instance|name|revision] Parameters instance Sets the MST Instance name Assigns a name to the MST region...
Page 428: Revision
13-10 Motorola RF Switch CLI Reference Guide 13.1.8 revision mst Config Commands Sets the revision number of the MST bridge Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax revision <0-255> Parameters 0-255 Defines the revision number for configuration information...
Page 429: Service
Config Commands Invokes service commands needed to troubleshoot or debug instance (config-if) configurations Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show) (cli) Parameters Shows the CLI tree of current mode Example RFSwitch(config-mst)#service show cli...
Page 430 13-12 Motorola RF Switch CLI Reference Guide +-running-config [show running-config] +-full [show running-config full] +-include-factory [show running-config include-factory] +-service +-show +-cli [service show cli] +-show +-access-list [show access-list] +-<1-99> [show access-list (<1-99>|<100-199>|<1300-1999>|<2000- 2699>|WORD)] +-<100-199> [show access-list (<1-99>|<100-199>|<1300- 1999>|<2000-2699>|WORD)] +-<1300-1999> [show access-list (<1-99>|<100-199>|<1300- 1999>|<2000-2699>|WORD)]...
Page 431: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <parameter> Parameters Displays the parameters for which information can be...
Page 432 13-14 Motorola RF Switch CLI Reference Guide clock Display system clock commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration...
Page 433: Chapter 14. Extended Acl Instance
Extended ACL Instance to initiate the (config) (ip) (access-list)(extended)<ACL Name> instance. Use the instance to configure (config-ext-nacl)# (config-ext-nacl) ACLs associated with the switch. ip access-list extended 14.1 Extended ACL Config Commands Table 14.1 summarizes commands: config-ext-nacl Table 14.1 Extended ACL Config Command Summary Command Description Ref.
Page 434 14-2 Motorola RF Switch CLI Reference Guide Table 14.1 Extended ACL Config Command Summary (Continued) Command Description Ref. service Invokes the service commands to troubleshoot or page 14-24 debug instance configurations (config-if) show Displays running system information page 14-25...
Page 435: Extended Acl Config Commands
Extended ACL Instance 14-3 14.1.1 clrscr Extended ACL Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-ext-nacl)#clrscr RFSwitch(config-ext-nacl)#...
Page 436: Deny
14-4 Motorola RF Switch CLI Reference Guide 14.1.2 deny Extended ACL Config Commands Specifies packets to reject Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax deny(icmp|ip|tcp|udp) deny {ip} {source/source-mask | host source | any} {destination/ destination-mask...
Page 437 Extended ACL Instance 14-5 Parameters deny {ip} {source/source- Use with a deny command to reject IP packets mask | host source | any} • deny – Sets the action type on an ACL {destination/destination- • {ip} – Specifies an IP (to match to a protocol) mask | host destination | any} [log] [rule- •...
Page 438 14-6 Motorola RF Switch CLI Reference Guide deny {icmp} {source/ deny Use with the command to reject ICMP packets source-mask | host source • deny – Rejects ICMP packets | any} {destination/ • {icmp} – Specifies ICMP as the protocol...
Page 439 Extended ACL Instance 14-7 deny {tcp|udp} {source/ Use with the deny command to reject TCP or UDP packets source-mask | host source • deny – Rejects TCP or UDP packets | any} [operator source- • {tcp|udp} – Specifies TCP or UDP as the protocol port] {destination/ destination-mask | host •...
Page 440: Example - Denying Traffic Between Two Subnets
14-8 Motorola RF Switch CLI Reference Guide Usage Guidelines Use this command to deny traffic between networks/hosts based on the protocol type selected in the access list configuration. The following protocol types are supported: • ip • icmp • tcp •...
Page 441: Example - Denying Udp Based Traffic
Extended ACL Instance 14-9 14.1.2.3 Example - Denying UDP Based Traffic The following example denies UDP traffic with a source port range between 20 - 23 (from the source subnet to destination subnet): RFSwitch(config-ext-nacl)#deny udp 192.168.1.0/24 192.168.2.0/ 24 range 20 23 RFSwitch(config-ext-nacl)#permit ip any any RFSwitch(config-ext-nacl)# 14.1.2.4 Example - Denying ICMP Based Traffic...
Page 442: End
14-10 Motorola RF Switch CLI Reference Guide 14.1.3 end Extended ACL Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000...
Page 443: Exit
14-11 14.1.4 exit Extended ACL Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config-ext-nacl)#exit...
Page 444: Help
14-12 Motorola RF Switch CLI Reference Guide 14.1.5 help Extended ACL Config Commands Displays the system’s interactive help system Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-ext-nacl)#help CLI provides advanced help feature.
Page 445: Mark
14.1.6 mark Extended ACL Config Commands Specifies packets to mark Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mark {dot1p <0-7> | tos <0-255>}} {ip} {source/source-mask | host source | any} {destination/destination-mask | host destination | any} [log] [rule-precedence access-list-entry precedence] mark {dot1p <0-7>...
Page 446 14-14 Motorola RF Switch CLI Reference Guide Parameters mark mark {dot1p <0-7> | tos Use with the command to specify IP packets as marked <0-255>}} {ip} {source/ • mark {dot1p <0-7> | tos <0-255>} – Defines action source-mask | host source...
Page 447 Extended ACL Instance 14-15 mark {dot1p <0-7> | tos Use with the mark command to specify ICMP packets as <0-255>}} {icmp} marked. {source/source-mask | • mark {dot1p <0-7> | tos <0-255>} – Action types on host source | any} mark an ACL.
Page 448: Example - Marking Dot1P On Tcp Based Traffic
14-16 Motorola RF Switch CLI Reference Guide Usage Guidelines This command marks traffic between networks/hosts based on the protocol type selected in the access list configuration Use the mark option to specify the type of service (tos) and priority value. The tos value is marked in the IP header and the 802.1p priority value is marked in the dot1q frame.
Page 449 Extended ACL Instance 14-17 14.1.7 no Extended ACL Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no(deny|mark|permit) Negates all the syntax combinations used in the deny, mark permit...
Page 450: Permit
14-18 Motorola RF Switch CLI Reference Guide 14.1.8 permit Extended ACL Config Commands Permits specific packets NOTE: ACLs do not allow DHCP messages to flow by default. Configure an Access Control Entry (ACE) to allow DHCP messages to flow through.
Page 451 Extended ACL Instance 14-19 Parameters permit {ip} Use the permit command to allow IP packets {source/source-mask | • permit – Allows IP packets host source | any} • {ip} – Specifies the IP (to match to any protocol) {destination/destination- mask | host destination | •...
Page 452 14-20 Motorola RF Switch CLI Reference Guide permit {icmp} permit Use with the command to allow ICMP packets {source/source-mask | • permit – Allows ICMP packets on an ACL host source | any} • {icmp} – Specifies ICMP as the protocol...
Page 453 Extended ACL Instance 14-21 permit{tcp|udp} Use with the permit command to allow TCP or UDP {source/source-mask | packets host source | any} • permit – Allows TCP or UDP packets [operator source-port] • {tcp|udp} – Specifies TCP or UDP as the protocol {destination/destination- mask | host destination | •...
Page 454: Permitting Ip Based Traffic
14-22 Motorola RF Switch CLI Reference Guide Usage Guidelines Use this command to permit traffic between networks/hosts based on the protocol type selected in the access list configuration. The following protocols are supported: • ip • icmp • tcp • udp The last ACE in the access list is an implicit deny statement.
Page 455: Permitting Icmp Based Traffic
Extended ACL Instance 14-23 14.1.8.3 Permitting ICMP Based Traffic The example below permits ICMP traffic and denies all other traffic over an interface: RFSwitch(config-ext-nacl)#permit icmp any any rule-precedence 30 RFSwitch(config-ext-nacl)#)#...
Page 456: Service
14-24 Motorola RF Switch CLI Reference Guide 14.1.9 service Extended ACL Config Commands Invokes service commands to troubleshoot or debug the instance (config-if) configurations Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show)(cli) Parameters Displays the CLI tree of the current mode...
Page 457: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show<paramater> Parameters Displays the parameters for which information can be...
Page 458 14-26 Motorola RF Switch CLI Reference Guide commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history...
Page 459: Configuring Ip Extended Acl
Extended ACL Instance 14-27 14.2 Configuring IP Extended ACL IP Extended ACLs contain rules based on the following parameters: • Source IP address • Destination IP address • IP Protocol • Source Port–if protocol is TCP or UDP • Destination Port–if protocol is TCP or UDP •...
Page 460 14-28 Motorola RF Switch CLI Reference Guide...
Page 461: Chapter 15. Standard Acl Instance
Standard ACL Instance to initiate the (config) (ip) (access-list)(standard)<ACL Name> instance. Use the instance to configure (config-std-nacl)# (config-std-nacl) ACLs. ip access-list standard 15.1 Standard ACL Config Commands Table 15.1 summarizes the commands: config-std-nacl Table 15.1 Standard ACL Config Command Summary Command Description Ref.
Page 462 15-2 Motorola RF Switch CLI Reference Guide Table 15.1 Standard ACL Config Command Summary (Continued) Command Description Ref. show Displays running system information page 15-16...
Page 463: Standard Acl Config Commands
Standard ACL Instance 15-3 15.1.1 clrscr Standard ACL Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-std-nacl)#clrscr RFSwitch(config-std-nacl)#...
Page 464: Deny
15-4 Motorola RF Switch CLI Reference Guide 15.1.2 deny Standard ACL Config Commands Specifies packets to reject Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax deny(A.B.C.D/M|any|host) deny any(log|rule-precedence) deny any log(rule-precedence)<1-5000> deny any rule-precedence<1-5000> deny host A.B.C.D Parameters A.B.C.D/M...
Page 465: Example - Denying Traffic To The Interface
Standard ACL Instance 15-5 15.1.2.1 Example - Denying Traffic to the Interface The example below denies all traffic entering the interface (a log message is generated whenever the interface receives a packet): RFSwitch(config-std-nacl)#deny any log rule-precedence 50 RFSwitch(config-std-nacl)# 15.1.2.2 Example - Denying Traffic only from Source Network The example below denies traffic from the source network (xxx.xxx.1.0/24) and allows all other traffic to flow through the interface: RFSwitch(config-std-nacl)#deny xxx.xxx.1.0/24 rule-precedence 60...
Page 466: End
15-6 Motorola RF Switch CLI Reference Guide 15.1.3 end Standard ACL Config Commands Ends and exits from the current mode and moves to the PRIV EXEC mode. The prompt changes to RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 •...
Page 467: Exit
15-7 15.1.4 exit Standard ACL Config Commands Ends the current mode and moves to previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config-std-nacl)#exit RFSwitch(config)#...
Page 468: Help
15-8 Motorola RF Switch CLI Reference Guide 15.1.5 help Standard ACL Config Commands Displays the system’s interactive help in HTML format Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-std-nacl)#help CLI provides advanced help feature.
Page 469: Mark
Standard ACL Instance 15-9 15.1.6 mark Standard ACL Config Commands Specifies packets to mark Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mark(8021.1p<0-7>|tos<0-255>)(A.B.C.D/M|any|host) mark(8021.1p<0-7>|tos<0-255>)(any|host)(log|rule-precedence <1-5000>||A.B>C.D) Parameters 8021.1p<0-7>|tos<0-255>) • Specifies .1p priority value between 0 and 7 •...
Page 470: Marking Tos For Source Network Traffic
15-10 Motorola RF Switch CLI Reference Guide When the interface receives the packet, its content is checked against the ACEs in the ACL. It is marked based on the ACL configuration. NOTE: The log option is functional only for router ACLs. The log option results in an informational logging message about the packet matching the entry sent to the console.
Page 471 Standard ACL Instance 15-11 15.1.7 no Standard ACL Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no(deny|mark|permit) Negates all the syntax combinatins used in deny, mark permit designations.
Page 472: Permit
15-12 Motorola RF Switch CLI Reference Guide 15.1.8 permit Standard ACL Config Commands Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax permit(A.B.C.D/M|any|host) permit any(log|rule-precedence) permit any log(rule-precedence)<1-500> permit any rule-precedence<1-500> permit host A.B.C.D Parameters A.B.C.D/M Defines the source IP address range to match Any source IP address •...
Page 473: Example - Permitting Traffic To Interface
Standard ACL Instance 15-13 15.1.8.1 Example - Permitting Traffic to Interface The example below permits all the traffic that comes to the interface: RFSwitch(config-std-nacl)#permit any rule-precedence 50 RFSwitch(config-std-nacl)# 15.1.8.2 Permitting Traffic from Source Network The example below permits traffic from the source network and provides a log message: RFSwitch(config-std-nacl)#permit xxx.xxx.1.0/24 log rule-precedence RFSwitch(config-std-nacl)#...
Page 474: Service
15-14 Motorola RF Switch CLI Reference Guide 15.1.9 service Standard ACL Config Commands Invokes service commands to troubleshoot or debug instance (config-if) configurations Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show)(cli) Parameters Displays the CLI tree of the current mode...
Page 475 Standard ACL Instance 15-15 +-<1-5000> [(deny|permit|mark (8021p <0-7> | tos <0- 255>))(A.B.C.D/M | host A.B.C.D | any)(log|)(rule-precedence <1- 5000> |)] ......................................... RFSwitch(config-std-nacl)#...
Page 476: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show<paramater> Parameters Displays all the parameters for which the information can...
Page 477 Standard ACL Instance 15-17 Example RFSwitch(config-std-nacl)#show ? access-list Internet Protocol (IP) aclstats Show ACL Statistics information alarm-log Display all alarms currently in the system arpi ARPI Configuration autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration. clock Display system clock commands...
Page 478 15-18 Motorola RF Switch CLI Reference Guide timezone Display timezone upgrade-status Display last image upgrade status users Display information about currently logged in users version Display software & hardware version wireless Wireless configuration commands wlan-acl wlan based acl RFSwitch(config-std-nacl)#show...
Page 479: Use Case: Configuring Ip Standard Acl
Standard ACL Instance 15-19 15.2 Use Case: Configuring IP Standard ACL IP Standard ACLs contain rules based on Source IP Address. You can create either a Numbered IP Standard ACL or a Named IP Standard IP Address. Execute the following CLI commands to configure an IP based standard ACL: 1.
Page 480 15-20 Motorola RF Switch CLI Reference Guide...
Page 481 Extended MAC ACL Instance to initiate the (config)(mac)(access-list)(extended)<ACL Name> instance. Use the instance to configure (config-ext-macl) (config-ext-macl) ACLs. mac access-list extended 16.1 MAC Extended ACL Config Commands Table summarizes commands: config-ext-macl Table 16.1 MAC Extended ACL Config Command Summary Command Description Ref.
Page 482 16-2 Motorola RF Switch CLI Reference Guide Table 16.1 MAC Extended ACL Config Command Summary (Continued) Command Description Ref. show Shows running system information page 16-18...
Page 483: Chapter 16. Extended Mac Acl Instance
Extended MAC ACL Instance 16-3 16.1.1 clrscr MAC Extended ACL Config Commands Clears the display screens Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-ext-macl)#clrscr RFSwitch(config-ext-macl)#...
Page 484: Deny
16-4 Motorola RF Switch CLI Reference Guide 16.1.2 deny MAC Extended ACL Config Commands Specifies packets to reject NOTE: Use a decimal value representation of ethertypes to implement designation for a packet. The command set for permit/deny/mark Extended MAC ACLs provide the hexadecimal values for each listed ethertype.
Page 485 Extended MAC ACL Instance 16-5 Destination Mask Define a destination mask specifying the bits to match. The destination wildcard can be any one of the following: • xx:xx:xx:xx:xx:xx/ xx:xx:xx:xx:xx:xx–Destination MAC address and mask • any – Any destination host • host – Exact destination MAC address to match dot1p<0-7>...
Page 486: Example - Denying Traffic From Any Mac Address
16-6 Motorola RF Switch CLI Reference Guide By default, the switch does not allow layer 2 traffic to pass through the interface. To adopt an access port through an interface, configure an access control list to allow an ethernet wisp.
Page 487: End
16.1.3 end MAC Extended ACL Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax Parameters None Example RFSwitch(config-ext-macl)#end...
Page 488: Exit
16-8 Motorola RF Switch CLI Reference Guide 16.1.4 exit MAC Extended ACL Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000...
Page 489: Help
Extended MAC ACL Instance 16-9 16.1.5 help MAC Extended ACL Config Commands Displays the system’s interactive help (in HTML format) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-ext-macl)#help CLI provides advanced help feature.
Page 490: Mark
16-10 Motorola RF Switch CLI Reference Guide 16.1.6 mark MAC Extended ACL Config Commands Specifies the packet to mark NOTE: Use a decimal value representation of ethertypes to implement permit/deny/mark designations for a packet. An Extended MAC ACL provides the hexadecimal values for each listed ethertype. The switch supports all ethertypes.
Page 491: Example - Marking Dot1P Priority Value For 802.1Q Tagged Traffic
Extended MAC ACL Instance 16-11 Destination MAC Address Specifies bits to match. The destination wildcard can be any one of the following: • xx:xx:xx:xx:xx:xx/ xx:xx:xx:xx:xx:xx–Destination MAC address and mask • any – Any destination host • host – Exact destination MAC address to match dot1p<0-7>...
Page 492 16-12 Motorola RF Switch CLI Reference Guide 16.1.7 no MAC Extended ACL Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no(deny|mark|permit) Negates all the syntax combinations used in deny,...
Page 493: Permit
Use the decimal equvilant of the ethertype listed in the CLI or any other type of ethertype. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax {permit} {any|host source MAC address|source MAC\source MAC address...
Page 494 16-14 Motorola RF Switch CLI Reference Guide dot1p<0-7> Establishes the 802.1p priority rule-precedence<1-5000> Defines an access list entry precedence type(<1- Sets an ethertype 65535>|arp|ip|ipv6|vlan|wisp) vlan<1-4095> Sets the VLAN ID Usage Guidelines When creating a Port ACL, the switch (by default) does not permit an ethertype WISP.
Page 495: Example - Permitting Wisp Traffic
Extended MAC ACL Instance 16-15 The last ACE in the access list is an implicit deny statement. Whenever the interface receives the packet, its content is checked against all the ACEs in the ACL. It is allowed/denied based on the ACL’s configuration. 16.1.8.1 Example - Permitting WISP Traffic The example below permits WISP traffic from any source MAC address to any destination MAC address:...
Page 496: Service
16-16 Motorola RF Switch CLI Reference Guide 16.1.9 service MAC Extended ACL Config Commands Invokes service commands to troubleshoot or debug instance configurations (config-if) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(clear|diag-shell|save-cli|show|start-shell|tethereal) Parameters show (cli)
Page 497 Extended MAC ACL Instance 16-17 XX:XX:XX/XX:XX:XX:XX:XX:XX | host XX:XX:XX:XX:XX:XX | any)(XX:XX:XX:XX:XX:XX/XX: XX:XX:XX:XX:XX | host XX:XX:XX:XX:XX:XX | any)(vlan <1-4095> | dot1p <0-7> |) (t ype (<1-65535> | ip | ipv6 | arp | wisp | 8021q | rarp | aarp | appleta lk | ipx ) |)(rule-precedence <1-5000>...
Page 498: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show<paramater> Parameters Displays all the parameters for which information can be...
Page 499 Extended MAC ACL Instance 16-19 Example RFSwitch(config-ext-macl)#show ? access-list Internet Protocol (IP) aclstats Show ACL Statistics information alarm-log Display all alarms currently in the system arpi ARPI Configuration autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration.
Page 500 16-20 Motorola RF Switch CLI Reference Guide timezone Display timezone upgrade-status Display last image upgrade status users Display information about currently logged in users version Display software & hardware version wireless Wireless configuration commands wlan-acl wlan based acl RFSwitch(config-ext-macl)#show...
Page 501: Configuring Mac Extended Acl
Extended MAC ACL Instance 16-21 16.2 Configuring MAC Extended ACL MAC Extended ACLs contain rules based on the following parameters: • Source MAC address • Destination MAC address • Ethertype– accepts well known types like IP, ARP, VLAN or an integer value between 1-65535.
Page 502 16-22 Motorola RF Switch CLI Reference Guide...
Page 503 DHCP Server Instance to initiate the instance. Use (config)#ip dhcp pool <pool name> (config-dhcp) this instance to configure the DHCP server address pool associated with the switch. Also refer to ip on page 12-10 for other DHCP related configurations. 17.1 DHCP Config Commands Table 17.1 summarizes config-dhcp...
Page 504 17-2 Motorola RF Switch CLI Reference Guide Table 17.1 DHCP Server Command Summary Command Description Ref. default-router Configures a default router’s IP address page 17-13 dns-server Sets the IP address of a DNS Server page 17-14 domain-name Sets the domain name...
Page 505: Chapter 17. Dhcp Server Instance
17.1.1 address DHCP Config Commands Specifies a range of addresses for the DHCP network pool Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax address (range) (low IP address) (high IP address) Parameters range (low IP address) (high IP...
Page 506: Bootfile
17-4 Motorola RF Switch CLI Reference Guide 17.1.2 bootfile DHCP Config Commands Assigns a bootfile name for the DHCP configuration on the network pool Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax bootfile <filename> Parameters bootfile <filename>...
Page 507: Class
Refer to config-dhcp-class on page 17-6 for a command summary. (config-dhcp-class) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax class (class name) Parameters class (class name) Associates a class with a pool and enters the DHCP pool class configuration mode...
Page 508: Config-Dhcp-Class
17-6 Motorola RF Switch CLI Reference Guide 3. Create a Pool named , using mode. (config)# RFSwitch(config)#ip dhcp pool WID RFSwitch(config-dhcp)# 4. Associate the DHCP class, created in Step 1 with the pool created in Step 3. The switch supports the association of 8 DHCP classes with a pool.
Page 509 DHCP Server Instance 17-7 address config-dhcp-class Sets an address range for a DHCP class within a DHCP server address pool Syntax address (range) (low IP Address) (high IP Address) Parameters range (low IP Address) (High IP Assigns an address range for the DHCP class Address) •...
Page 510: Client-Identifier
17-8 Motorola RF Switch CLI Reference Guide 17.1.4 client-identifier DHCP Config Commands Assigns a name to the client-identifier. A client identifier is used to reserve an IP address for a DHCP client Supported in the Following Platforms: • WS5100 • RFS7000 •...
Page 511: Client-Name
DHCP Server Instance 17-9 17.1.5 client-name DHCP Config Commands Adds name for DHCP clients Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax client-name <name> Parameters client-name <name> to add a client name (the client-name domain name must not be included)
Page 512: Clrscr
17-10 Motorola RF Switch CLI Reference Guide 17.1.6 clrscr DHCP Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-dhcp)#clrscr RFSwitch(config-dhcp)#...
Page 513: Ddns
DHCP Server Instance 17-11 17.1.7 ddns DHCP Config Commands Sets dynamic DNS parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ddns [domainname (name)|multiple-user-class|server (IP address) (IP address)|ttl <1-864000>] Parameters domainname (name) Sets the domain name used for DDNS updates...
Page 514 17-12 Motorola RF Switch CLI Reference Guide RFSwitch(config-dhcp)#ddns multiple-user-class RFSwitch(config-dhcp)# RFSwitch(config-dhcp)#ddns ttl 1000 RFSwitch(config-dhcp)# RFSwitch(config-dhcp)#ddns update-all RFSwitch(config-dhcp)#...
Page 515: Default-Router
Configures the default router or gateway IP address for the network pool. To remove the default router list, use the command. no default-router Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax default-router <Router IP address> Parameters default-router Specifies the default router IP address for the <router IP address>...
Page 516: Dns-Server
17-14 Motorola RF Switch CLI Reference Guide 17.1.9 dns-server DHCP Config Commands Sets the DNS server’s IP address available to all DHCP clients connected to the pool. Use command to remove the DNS server list. no dns-server Supported in the Following Platforms: •...
Page 517: Domain-Name
Sets the domain name for the network pool. Use the command to no domain-name remove the domain name. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax domain-name (name) Parameters domain-name (name) Defines the domain name for the network pool Usage Guidelines The domain name cannot exceed 256 characters.
Page 518: End
17-16 Motorola RF Switch CLI Reference Guide 17.1.11 end DHCP Config Commands Exits the current mode and moves to the PRIV EXEC mode. The prompt changes to RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax...
Page 519: Exit
17.1.12 exit DHCP Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch#(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config)#ip dhcp pool TestPool...
Page 520: Hardware-Address
17-18 Motorola RF Switch CLI Reference Guide 17.1.13 hardware-address DHCP Config Commands Reserves an IP address (manually) based on a DHCP client’s hardware address. Use the command to remove this from the DHCP pool. hardware-address Supported in the Following Platforms: •...
Page 521: Help
DHCP Server Instance 17-19 17.1.14 help DHCP Config Commands Displays the system’s interactive help in HTML format Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-dhcp)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
Page 522: Host
17-20 Motorola RF Switch CLI Reference Guide 17.1.15 host DHCP Config Commands Defines a fixed IP address for the host in dotted decimal format. Use the no host command to remove the host from the DHCP pool. Supported in the Following Platforms: •...
Page 523: Lease
17.1.16 lease DHCP Config Commands Sets a valid lease time for the IP address used by DHCP clients in the network pool Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax lease [{<0-365> <0-23> <0-59>}|infinite] Parameters lease [ Sets the lease time for an IP address {<0-365>...
Page 524: Netbios-Name-Server
17-22 Motorola RF Switch CLI Reference Guide 17.1.17 netbios-name-server DHCP Config Commands Sets the netbios-name server’s IP address Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax netbios-name-server <IP address> Parameters netbios-name-server Defines the NetBIOS (WINS) name server <IP address>...
Page 525: Netbios-Node-Type
DHCP Server Instance 17-23 17.1.18 netbios-node-type DHCP Config Commands Defines the netbios-node type Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax netbios-node-type [b-node|h-node|m-node|p-node] Parameters netbios-node-type Defines the NetBIOS (WINS) name servers [b-node | h-node | • b-node – Broadcast node m-node | p-node •...
Page 526: Network
17-24 Motorola RF Switch CLI Reference Guide 17.1.19 network DHCP Config Commands Sets the network pool’s IP address. This address maps the current DHCP pool with a specific network. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax network [A.B.C.D|A.B.C.D/M]...
Page 527: Next-Server
17-25 17.1.20 next-server DHCP Config Commands Sets the IP address of the next server in the boot process Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax next-server <IP address> Parameters next-server <IP address> Sets the next server in boot process •...
Page 528 17-26 Motorola RF Switch CLI Reference Guide 17.1.21 no DHCP Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no [address|bootfile|class|client-identifier|client-name| ddns|default-router|dns-server|domain-name|hardware-address| host|lease|netbios-name-server|netbios-node-type|network| next-server|option|update] Parameters command negates any command associated with it. Wherever required, use the same parameters associated with the command getting negated.
Page 529 DHCP Server Instance 17-27 17.1.22 option DHCP Config Commands Defines the DHCP option used in DHCP pools Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax option (name) Parameters option (name) Sets raw DHCP options • (name) – Sets the name of the DHCP option •...
Page 530: Service
17-28 Motorola RF Switch CLI Reference Guide 17.1.23 service DHCP Config Commands Invokes service commands to troubleshoot or debug instance (config-dhcp) configurations Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show) (cli) Parameters show (cli) Displays the CLI tree of the current mode...
Page 531: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <paramater> Parameters Displays parameters for which information can be...
Page 532 17-30 Motorola RF Switch CLI Reference Guide commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history...
Page 533: Update
DHCP Server Instance 17-31 17.1.25 update DHCP Config Commands Controls the usage of the DDNS service Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax update (dns)(override) Parameters update (dns) (override) Controls the usage of the DDNS service •...
Page 534: Configuring The Dhcp Server Using Switch Cli
17-32 Motorola RF Switch CLI Reference Guide 17.2 Configuring the DHCP Server using Switch CLI The switch DHCP configuration is conducted by creating pools and mapping them to L3 interfaces (SVI). • A Network pool is the pool with “include” ranges. When the network pool is mapped to a L3 interface, DHCP clients requesting IPs from the L3 interface get an IP from the configured range.
Page 535: Creating A Host Pool
DHCP Server Instance 17-33 17.2.2 Creating a Host Pool To create a host pool: 1. Create a DHCP server host address pool. RFSwitch(config)#ip dhcp pool hostpool 2. Assign the client name of the host for which static allocation is required. RFSwitch(config-dhcp)#client-name linuxbox 3.
Page 536: Address Range
17-34 Motorola RF Switch CLI Reference Guide the L3 interface is 192.168.0.0/16, DHCP is not enabled on 192.168.0.0/16, since it is different from 192.168.0.0/24. 3. A network pool without any include range is as good as not having a pool. Add a include range using the command.
Page 537: Creating A Dhcp Option
DHCP Server Instance 17-35 10.A host pool can have either configured, client-identifier hardware-address but not both. 11.An excluded address range has a higher precedence than an included address range. Thus, if a range is part of both an excluded and included range, it will be excluded. 12.DHCP options are first defined at the global level using ip dhcp option <name>...
Page 538 17-36 Motorola RF Switch CLI Reference Guide...
Page 539: Chapter 18. Dhcp Class Instance
DHCP Class Instance to enter the (config)#ip dhcp class <class name> instance. Use this instance to configure DHCP user classes. The (config-dhcpclass) switch supports a maximum of 8 user classes per DHCP class. Refer to ip on page 12-10 DHCP Class Instance on page 18-1 for other DHCP related configurations.
Page 540 18-2 Motorola RF Switch CLI Reference Guide Table 18.1 DHCP Server Class Command Summary Command Description Ref. option Defines DHCP Server options page 18-9 service Invokes service commands to troubleshoot or debug page 18-11 instance configurations (config-if) show Displays running system information...
Page 541: Dhcp Server Class Config Commands
DHCP Class Instance 18-3 18.1.1 clrscr DHCP Server Class Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-dhcpclass)#clrscr RFSwitch(config-dhcpclass)#...
Page 542: End
18-4 Motorola RF Switch CLI Reference Guide 18.1.2 end DHCP Server Class Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 •...
Page 543: Exit
18.1.3 exit DHCP Server Class Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config-dhcpclass)#exit...
Page 544: Help
18-6 Motorola RF Switch CLI Reference Guide 18.1.4 help DHCP Server Class Config Commands Displays the system’s interactive help in HTML format Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-dhcpclass)#help CLI provides advanced help feature.
Page 545: Multiple-User-Class
18-7 18.1.5 multiple-user-class DHCP Server Class Config Commands Enables the multiple user class option. Once invoked, the client (MU) sends multiple user classes. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax multiple-user-class Parameters None Example RFSwitch(config-dhcpclass)#multiple-user-class...
Page 546 18-8 Motorola RF Switch CLI Reference Guide 18.1.6 no DHCP Server Class Config Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no [multiple-user-class|option] Parameters multiple-user-class Disables the multiple user class option...
Page 547: Creating A Dhcp User Class
18-9 18.1.7 option DHCP Server Class Config Commands Specifies a value for DHCP user class options Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax option (user-class)(class name) Parameters user-class (user class Creates/modifies DHCP server user class options...
Page 548 18-10 Motorola RF Switch CLI Reference Guide 4. Associate the DHCP class, created in Step 1 with the pool created in Step 3. The switch supports the association of 8 DHCP classes with a pool. RFSwitch(config-dhcp)#class WS5100DHCPclass RFSwitch(config-dhcp-class)# 5. The switch moves to a new mode (config-dhcp-class). Use this mode to add an address range for the DHCP class associated with the pool.
Page 549: Service
DHCP Server Class Config Commands Invokes service commands to troubleshoot or debug instance configurations (config-if) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service (show) (cli) Parameters show (cli) Displays the CLI tree of the current mode...
Page 550: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <parameters> show dhcp [config|status] show ip dhcp [binding|class|pool|sharednetwork]...
Page 551 DHCP Class Instance 18-13 Example RFSwitch(config-dhcpclass)#show ? access-list Internet Protocol (IP) aclstats Show ACL Statistics information alarm-log Display all alarms currently in the system arpi ARPI Configuration autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration. clock Display system clock commands...
Page 552 18-14 Motorola RF Switch CLI Reference Guide timezone Display timezone upgrade-status Display last image upgrade status users Display information about currently logged in users version Display software & hardware version wireless Wireless configuration commands wlan-acl wlan based acl RFSwitch(config-dhcpclass)#show RFSwitch(config-dhcpclass)#show ip dhcp binding...
Page 553: Radius Configuration Commands
Radius Server Instance Use the command to move to the RADIUS server mode. Local radius-server local (Onboard) RADIUS server commands are listed under this mode. Use the instance to configure local RADIUS server parameters. (config-radsrv) 19.1 Radius Configuration Commands Table 19.1 summarizes the Global Config command: Table 19.1 RADIUS Server Command Summary Command...
Page 554 19-2 Motorola RF Switch CLI Reference Guide Table 19.1 RADIUS Server Command Summary Command Description Ref. help Displays the interactive help system page 19-23 ldap-server Sets LDAP server parameters page 19-24 Sets RADIUS client parameters page 19-26 Negates a command or sets its defaults...
Page 555: Authentication
Radius Server Instance 19-3 19.1.1 authentication Radius Configuration Commands Configures the authentication scheme used with the RADIUS server Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax authentication(data-source|eap-auth-type) authentication data-source(ldap|local) authentication eap-auth-type(all|peap-gtc|peap-mschapv2|tls|ttls- md5|ttls-mschapv2|ttls-pap) Parameters data-source Sets the RADIUS data source for user authentication...
Page 556 19-4 Motorola RF Switch CLI Reference Guide Usage Guidelines to service RADIUS requests received from mobile units. eap-auth-type Setting ensures eap-auth-type peap-gtc/peap-mschapv2 service only. peap-gtc/peap-mschapv2 Similarly, setting eap-auth-type ttls-md5/ttls-mschapv2/ttls-pap services all ttls authentication requests from mobile units. Setting ensures only tls authentication is serviced.
Page 557 Radius Server Instance 19-5 19.1.2 ca Radius Configuration Commands Configures CA (Certificate Authority) parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ca trust-point(WORD) Parameters trust-point Defines the trustpoint configuration WORD Displays the existing trustpoint name Usage Guidelines Configures the trustpoint used by the local RADIUS server.
Page 558: Clrscr
19-6 Motorola RF Switch CLI Reference Guide 19.1.3 clrscr Radius Configuration Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-radsrv)#clrscr RFSwitch(config-radsrv)#...
Page 559: Crl-Check
Enables a Certificate Revocation List (CRL) check. To enable the certificate revocation list, ensure the is loaded using a crl list crypto pki import <trustpoint-name> crl command. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax crl-check Parameters enable Enables the CRL check Usage Guidelines TLS uses certificates for authentication.
Page 560: End
19-8 Motorola RF Switch CLI Reference Guide 19.1.5 end Radius Configuration Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000...
Page 561: Exit
19-9 19.1.6 exit Radius Configuration Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config-radsrv)#exit RFSwitch(config)#...
Page 562: Group
19-10 Motorola RF Switch CLI Reference Guide 19.1.7 group Radius Configuration Commands Configures RADIUS user groups. The CLI moves to the config-radsrv-group sub-instance to create a new group. The prompt changes from RFSwitch(config-radsrv)# RFSwitch (config-radsrv-group)#. Supported in the Following Platforms: •...
Page 563: Clrscr
Radius Server Instance 19-11 Table 19.2 RADIUS User Group Command Summary Command Description Ref. rad-user Adds a RADIUS user to this group page 19-16 rate-limit Sets rate limit for group page 19-17 service Invokes RADIUS service commands if they have been page 19-18 stopped show...
Page 564: Exit
19-12 Motorola RF Switch CLI Reference Guide 19.1.7.3 exit Radius Configuration Commands Ends the current mode and moves to the previous mode ). The prompt (config-radsrv) changes to RFSwitch(config)# Syntax exit Parameters None Example RFSwitch(config-radsrv-group)#exit RFSwitch(config-radsrv)#group 19.1.7.4 group Radius Configuration Commands Establishes RADIUS user group parameters.
Page 565: Help
Radius Server Instance 19-13 Parameters enable Defines this group as a guest group Usage Guidelines Creates a guest group. The guest user created using can only be part of the rad-user guest group. Example RFSwitch(config-radsrv-group)#guest-group enable RFSwitch(config-radsrv-group)# 19.1.7.6 help Radius Configuration Commands Displays the system’s interactive help in HTML format.
Page 566 19-14 Motorola RF Switch CLI Reference Guide 19.1.7.7 no Radius Configuration Commands Use this command to negate a command or set its defaults Syntax no(policy|rad-user|service) no policy(day|time|vlan|wlan) no policy wlan(<1-32>|all)<1-32> Parameters policy Defines the RADIUS group access policy configuration • day – Resets the access policy (days of permitted access) for this group •...
Page 567: Policy
Radius Server Instance 19-15 RFSwitch(config-radsrv-group)#no policy wlan 2 5 RFSwitch(config-radsrv-group)# RFSwitch(config-radsrv-group)#no rad-user all RFSwitch(config-radsrv-group)# RFSwitch(config-radsrv-group)#no service radius %%Info: Radius service stopped... RFSwitch(config-radsrv-group)# 19.1.7.8 policy Radius Configuration Commands Sets the authorization policies for a particular group (like day/time of access, WLANs allowed etc.) NOTE: A user-based VLAN is effective only if dynamic VLAN authorization is enabled for the WLAN (as defined within the WLAN...
Page 568: Rad-User
19-16 Motorola RF Switch CLI Reference Guide weekdays Allows access only during weekdays (M-F) time Sets the access policy time for this group start Sets the start time Defines the end time (must be greater than the start time) <0-23>...
Page 569: Rate-Limit
Radius Server Instance 19-17 Parameters WORD Existing RADIUS user name Example RFSwitch(config-radsrv)#rad-user user1 password user1 RFSwitch(config-radsrv)#group group1 RFSwitch(config-radsrv-group)#rad-user user1 RFSwitch(config-radsrv-group)# 19.1.7.10 rate-limit Radius Configuration Commands Sets the Rate limit for the RADIUS Server group Syntax rate-limit [down|up]<0-100000> Parameters down Sets the rate limit for up link direction - from the wireless client to the network Sets rate limit for down link direction - from the network to the wireless client...
Page 570: Service
19-18 Motorola RF Switch CLI Reference Guide 19.1.7.11 service Radius Configuration Commands Invokes RADIUS service commands (if they have been stopped). This command enables the RADIUS server. A RADIUS restart is executed only from the mode. config Syntax service(show)(cli) show (cli)
Page 571: Show
Radius Server Instance 19-19 19.1.7.12 show Radius Configuration Commands Displays current system information running on the switch Syntax show<paramater> Parameters Displays the parameters for which information can be viewed using the show command Example RFSwitch(config-radsrv-group)#show ? access-list Internet Protocol (IP) aclstats Show ACL Statistics information alarm-log...
Page 572: Example-Creating A Group
19-20 Motorola RF Switch CLI Reference Guide redundancy-group Display redundancy group parameters redundancy-history Display state transition history of the switch. redundancy-members Display redundancy group members in detail running-config Current Operating configuration securitymgr Securitymgr parameters sessions Display current active open connections...
Page 573 Radius Server Instance 19-21 4. Use the command to assign a VLAN ID of 10 to the Sales group. policy vlan RFSwitch(config-radsrv-group)#policy vlan 10 5. Use the command to allow only authorized users to access this group’s policy wlan WLAN. RFSwitch(config-radsrv-group)#policy wlan 1 2 5 6.
Page 574 19-22 Motorola RF Switch CLI Reference Guide RFSwitch(config-radsrv)#Mar 07 17:48:05 2006: %DAEMON-6-INFO: radiusd[8830]: Ready to process requests.
Page 575: Help
Radius Server Instance 19-23 19.1.8 help Radius Configuration Commands Displays the system’s interactive help in HTML format Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-radsrv)#help? help Description of the interactive help system RFSwitch(config-radsrv)#help CLI provides advanced help feature.
Page 576: Ldap-Server
19-24 Motorola RF Switch CLI Reference Guide 19.1.9 ldap-server Radius Configuration Commands Sets the LDAP server’s configuration. It uses the exisitng external database (active directory with the onboard RADIUS server) instead of the local database on the switch. Supported in the Following Platforms: •...
Page 577 Radius Server Instance 19-25 group-attr Specifies the group attribute used by the LDAP server group-filter Specifies the group filters used by the LDAP server group-membership Specifies the Group Member Attribute sent to the LDAP server when authenticating users net-timeout Enter a timeout the system uses to terminate the connection to the RADIUS Server if no activity is detected Usage Guidelines Use the login filter and group filter values (described in the example below) for all LDAP...
Page 578: Nas
19-26 Motorola RF Switch CLI Reference Guide 19.1.10 nas Radius Configuration Commands Sets the configuration of the RADIUS client Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax nas(A.B.C.D/M)|key(0|2|LINE) Parameters A.B.C.D/M Sets the RADIUS client’s IP address Sets the RADIUS client’s shared key...
Page 579 Radius Server Instance 19-27 19.1.11 no Radius Configuration Commands Negates a command or sets its defaults Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no(authentication|ca|crl-check|group|ldap-server|nas|proxy| rad-user|server) Parameters authentication Defines the RADIUS authentication Configures Certificate Authority (CA) parameters...
Page 580: Proxy
19-28 Motorola RF Switch CLI Reference Guide 19.1.12 proxy Radius Configuration Commands Configures a proxy RADIUS server based on the realm/suffix Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax proxy(realm|retry-count|retry-delay) proxy relam(WORD)server(A.B.C.D)port(<1024-65535>)secret(0|2|WORD) Parameters realm WORD The realm name is a string of up to 50 characters •...
Page 581 Radius Server Instance 19-29 Example RFSwitch(config-radsrv)#proxy realm Test server 10.10.10.1 port 2220 secret "Very Very Secret !!!" RFSwitch(config-radsrv)# RFSwitch(config-radsrv)#proxy retry-count 5 RFSwitch(config-radsrv)# RFSwitch(config-radsrv)#proxy retry-delay 8 RFSwitch(config-radsrv)#...
Page 582: Rad-User
19-30 Motorola RF Switch CLI Reference Guide 19.1.13 rad-user Radius Configuration Commands Sets RADIUS user parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax rad-user(WORD)password(0|2|WORD) Parameters WORD Enter a user name up to 64 characters in length...
Page 583: Server
Configures server certificate parameters used by a RADIUS server. The server certificate is a part of a trustpoint created using crypto on page 5-21. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax server (trust-point)(name) Parameters trust-point Sets the trustpoint configuration •...
Page 584: Service
19-32 Motorola RF Switch CLI Reference Guide 19.1.15 service Radius Configuration Commands Invokes the service commands to trobuleshoot or debug the instance (config-radsrv) configuration. This command is also used to enable the RADIUS server. Supported in the Following Platforms: • WS5100 •...
Page 585 Radius Server Instance 19-33 +-ca +-trust-point -- MORE --, next page: Space, next line: Enter, quit: Control-C...
Page 586: Show
SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show<paramater> Parameters Displays the parameters for which information can be...
Page 587 Radius Server Instance 19-35 boot Display boot configuration. clock Display system clock commands Show command lists crypto encryption module debugging Debugging information outputs dhcp DHCP Server Configuration environment show environmental information espi ESPI Configuration file Display filesystem information Display FTP Server configuration history Display the session command history interfaces...
Page 588 19-36 Motorola RF Switch CLI Reference Guide...
Page 589: Chapter 20. Wireless Instance
Wireless Instance Use the instance to configure local RADIUS server parameters (config-wireless) associated with the switch. 20.1 Wireless Configuration Commands Table 20.1 summarizes commands: (config-wireless) Table 20.1 Wireless Config Command Summary Command Description Ref. Sets Adaptive AP (AAP) related commands page 20-5 adopt-unconf-radio Adopts a radio even if its not yet...
Page 590 20-2 Motorola RF Switch CLI Reference Guide Table 20.1 Wireless Config Command Summary (Continued) Command Description Ref. ap-timeout Changes the default inactivity timeout for page 20-13 access ports ap-udp-port Configures the UDP port for AP L3 adoption page 20-14 NOTE: Enable this option in the DHCP Server supporting this access-port.
Page 591 Wireless Instance 20-3 Table 20.1 Wireless Config Command Summary (Continued) Command Description Ref. load-balance Sets the user load balance mode page 20-34 mac-auth-local Defines the local MAC authentication list page 20-35 manual-wlan-mapping Allows the manual mapping/un-mapping page 20-36 of WLANs to configured radios mobile-unit Configures mobile unit parameters page 20-37...
Page 592 20-4 Motorola RF Switch CLI Reference Guide Table 20.1 Wireless Config Command Summary (Continued) Command Description Ref. wlan-bw-allocation Allocates radio bandwidth (per WLAN) page 20-82...
Page 593: Wireless Configuration Commands
Wireless Instance 20-5 20.1.1 aap Wireless Configuration Commands Defines the AAP configuration Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax aap (config-aaply)[def-delay|mesh-delay]<3-10000> Parameters config-apply Applies AAP configuration settings [def-delay|mesh-delay] • def-delay – Sets the default time to delay before <30-10000>...
Page 594: Adopt-Unconf-Radio
20-6 Motorola RF Switch CLI Reference Guide 20.1.2 adopt-unconf-radio Wireless Configuration Commands Adopts a radio (even if not yet configured). Default templates are used for configuration. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax adopt-unconf-radio Parameters...
Page 595: Adoption-Pref-Id
Wireless Configuration Commands Use as a preference identifier for the switch. All radios configured with this preference identifier are more likely to be adopted by this switch. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax adoption-pref-id Parameters <1-65535>...
Page 596 20-8 Motorola RF Switch CLI Reference Guide 20.1.4 ap Wireless Configuration Commands Defines the name and location of the access port Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ap [<AP index>|<MAC Address>][location|name] Parameters AP Index Sets a single AP index.
Page 597: Ap-Detection
Wireless Instance 20-9 20.1.5 ap-detection Wireless Configuration Commands Configures access port detection parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ap-detection [approved|enable|mu-assisted-scan|timeout (approved|unapproved)] ap-detection approved add <1-200> (MAC Address)(SSID) ap-detection mu-assisted-scan(enable|refresh<300-86400>) Parameters aap-version AP detection configuration commands...
Page 598 20-10 Motorola RF Switch CLI Reference Guide timeout <1-65535> The amount of time (in seconds) an AP remains in the list after it is no longer seen • approved • unapproved Example RFSwitch(config-wireless)#ap-detection enable RFSwitch(config-wireless)# RFSwitch(config-wireless)#ap-detection approved add 150 any any...
Page 599: Ap-Ip
20.1.6 ap-ip Wireless Configuration Commands Modifies the static IP address for an access port Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ap-ip [<List of Indices/MAC address >|default-ap] ap-ip <List of Indices> [static-ip|switch-ip] ap-ip <List of Indices> (static-ip) <IP address/mask> <gateway IP>...
Page 600 20-12 Motorola RF Switch CLI Reference Guide default-ap Sets the default static switch IP address • switch-ip – Static switch IP address • add – Adds a static switch IP address • delete – Deletes a static switch IP address •...
Page 601: Ap-Timeout
20-13 20.1.7 ap-timeout Wireless Configuration Commands Changes the default inactivity timeout for access ports Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ap-timeout <index> <40-180> Parameters <Index> <40-180> Access-ports identified by a single MAC address or by a list of indices.
Page 602: Ap-Udp-Port
20-14 Motorola RF Switch CLI Reference Guide 20.1.8 ap-udp-port Wireless Configuration Commands Configures the UDP port for layer 3 adoption of APs. You also need to configure the DHCP server serving the APs with the same parameter. Supported in the Following Platforms: •...
Page 603: Broadcast-Tx-Speed
20.1.9 broadcast-tx-speed Wireless Configuration Commands Configure the rate at which broadcast and multicast traffic is transmitted between the switch and mobile unit Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax broadcast-tx-speed(range|throughput) Parameters range Uses a lowest basic rate, but provides the maximum range...
Page 604: Client
20-16 Motorola RF Switch CLI Reference Guide 20.1.10 client Wireless Configuration Commands Use this command to configure a wireless client. This command creates an exclude-list or include list. Creating a list moves the user to a new mode. (config-wireless-client-list) Refer to...
Page 605: Configuring A Client
Wireless Instance 20-17 20.1.10.1 Configuring a Client Refer to the configurations below to: • Create an exclude list. RFSwitch(config-wireless)#client exclude-list protected-hosts RFSwitch(config-wireless-client-list)# • Add a host entry into the exclude list. RFSwitch(config-wireless-client-list)# station printers 00:00:AA:DD:EE:11/00:00:FF:DD:EE:11 RFSwitch(config-wireless-client-list)# station testing-host1 00:11:AA:03:1B:FE • Associate the exclude list to a WLAN. RFSwitch(config-wireless-client-list)# wlan 1 •...
Page 606: Config-Wireless-Client-List
20-18 Motorola RF Switch CLI Reference Guide RFSwitch(config-wireless)# no wlan 1 nac exclude-list protected- hosts 20.1.10.2 config-wireless-client-list to enter the (config-wireless)# client instance. Use this instance to create an exclude list or config-wireless-client-list) include list. Table 20.2 summarizes commands: config-wireless-client-list Table 20.2 Exclude List Configuration Command...
Page 607 Wireless Instance 20-19 Parameters host-name Defines an index for this host entry in the client list. The host station name must be of size <1-21>. [MU mac address|MU mac mask] • MU mac address –Sets the MU mac address in AA-BB- CC-DD-EE-FF or AA:BB:CC:DD:EE:FF or AABB.CCDD.EEFF format.
Page 608: Clrscr
20-20 Motorola RF Switch CLI Reference Guide 20.1.11 clrscr Wireless Configuration Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-wireless)#clrscr RFSwitch(config-wireless)#...
Page 609: Convert-Ap
• RFS6000 NOTE: The number of APs supported by command differs convert-ap for each switch. • WS5100 supports <1-48> APs • RFS7000 supports <1-256> APs • RFS6000 supports <1-64> APs Syntax convert-ap <1-48>(default|sensor|standalone) Parameters <1-48> Sets the indices of the APs to be converted (from the 'show...
Page 610: Converting An Ap To Sensor
20-22 Motorola RF Switch CLI Reference Guide 20.1.12.1 Converting an AP to Sensor To convert an AP300 to a sensor: 1. Use command to setup the sensor. sensor RFSwitch(config-wireless)#sensor default-config ? ip-mode configure the IP address mode of the sensors...
Page 611: Country-Code
20-23 20.1.13 country-code Wireless Configuration Commands Sets the country of operation. All existing radio configurations will be erased Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax country-code Parameters Abbreviation Configures the switch to operate in a defined country...
Page 612: Dhcp-Sniff-State
20-24 Motorola RF Switch CLI Reference Guide 20.1.14 dhcp-sniff-state Wireless Configuration Commands Records mobile unit DHCP state information Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax dhcp-sniff-state Parameters enable Allows support for recording DHCP state information for...
Page 613: Dot11-Shared-Key-Auth
NOTE: Shared key authentication has known weaknesses that can compromise your WEP key. It should only be configured to accommodate wireless stations unable to carry out Open-System authentication. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax dot11-shared-key-auth Parameters enable...
Page 614: End
20-26 Motorola RF Switch CLI Reference Guide 20.1.16 end Wireless Configuration Commands Ends and exits the current mode and changes to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000...
Page 615: Exit
20-27 20.1.17 exit Wireless Configuration Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax exit Parameters None Example RFSwitch(config-wireless)#exit RFSwitch(config)#...
Page 616: Fix-Broadcast-Dhcp-Rsp
20-28 Motorola RF Switch CLI Reference Guide 20.1.18 fix-broadcast-dhcp-rsp Wireless Configuration Commands Converts broadcast DHCP server responses to unicast Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax fix-windows-dhcp Parameters enable Enables support for converting broadcast DHCP server...
Page 617: Help
Wireless Instance 20-29 20.1.19 help Wireless Configuration Commands Displays the system’s interactive help (in HTML format) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None Example RFSwitch(config-wireless)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
Page 618: Ids
20-30 Motorola RF Switch CLI Reference Guide 20.1.20 ids Wireless Configuration Commands Defines the Wireless Intrusion Detection System (WIDS) configuration Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax ids(anomaly-detection|detect-window|ex-ops) ids anomaly-detection(all|bad-essid-frame| beacon-broadcast-essid|invalid-8021x-frame|invalid-frame-length| invalid-frame-type|multicast-source|non-changing-wep-iv| null-destination|same-source-destination|tkip-countermeasures| unencrypted-traffic|weak-wep-iv)(enable|filter-ageout <0-86400>) ids detect-window<5-300>...
Page 619 Wireless Instance 20-31 Parameters anomaly-detection Configures parameters related to the detection of {options} (enable|filter- anomalous frames on the RF network ageout) • all – Enables all types of anomalous frames • bad-essid-frame – Enables an AP detector to configure up to 10 known bad ESSIDs •...
Page 620 20-32 Motorola RF Switch CLI Reference Guide ex-ops {} Sets values related to the detection of excessive operations on the RF network • 80211-replay-fails – 802.11 replay check failure • all – Changes for all types of excessive operations • association-requests – 802.11 authentication and association requests •...
Page 621 Wireless Instance 20-33 RFSwitch(config-wireless)#ids detect-window 250 RFSwitch(config-wireless)# RFSwitch(config-wireless)#ids ex-ops 80211-replay-fails filter- ageout 5200 RFSwitch(config-wireless)#...
Page 622: Load-Balance
20-34 Motorola RF Switch CLI Reference Guide 20.1.21 load-balance Wireless Configuration Commands Configures the user load balance mode Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax load-balance [by-count|by-throughput]...
Page 623: Mac-Auth-Local
Wireless Instance 20-35 20.1.22 mac-auth-local Wireless Configuration Commands Configures the local MAC authentication list Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mac-auth-local<1-1000> (allow|deny)(Starting MAC Address)(Ending MAC Address)(range/list of WLAN indicies)WORD Parameters <1-1000> Sets the mac-auth-local entry...
Page 624: Manual-Wlan-Mapping
20-36 Motorola RF Switch CLI Reference Guide 20.1.23 manual-wlan-mapping Wireless Configuration Commands Manually maps WLANs configured on a radio Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax manual-wlan-mapping Parameters enable Enables support for manual WLAN mapping...
Page 625: Mobile-Unit
Wireless Instance 20-37 20.1.24 mobile-unit Wireless Configuration Commands Configures mobile unit related parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mobile-unit [association-history(enable)|probe-history] mobile-unit probe-history (add<1-200> <MAC Address>|enable) Parameters association-history Enables a mobile unit’s association history •...
Page 626: Mobility
20-38 Motorola RF Switch CLI Reference Guide 20.1.25 mobility Wireless Configuration Commands Sets mobility parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax mobility(enable|local-address|max-roam-period|peer) mobility local-address (IP Address) mobility max-roam-period<1-15> mobililty peer (IP Address) Parameters enable Enables mobility globally local-address <IP...
Page 627: Multicast-Packet-Limit
Sets a multicast packet limit (per second) for a VLAN. This limits broadcast/multicast packets per VLAN. The default vlaue is 32 broadcast/multicast packets per second Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax multicast-packet-limit <1-128> (<1-4094>|<vlan range>) Parameters <1-128>...
Page 628: Multicast-Throttle-Watermark
20-40 Motorola RF Switch CLI Reference Guide 20.1.27 multicast-throttle-watermark Wireless Configuration Commands Configures watermarks for supporting bursts of broadcast/multicast frames Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax multicast-throttle-watermarks (low)<0-100> (high) <0-100> Parameters low <0-100> Sets the low water-mark. If the percentage of free packets in the system is lower than this threshold, the incoming frame is dropped.
Page 629 20.1.28 no Wireless Configuration Commands Negates a command or sets its defaults. All the parameters mentioned in the syntax can be negated using this command. Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax no(adopt-unconf-radio|adoption-pref-id|ap|ap-detection|ap-ip| ap-timeout|ap-udp-port|broadcast-tx-speed|client|country-code| debug|dhcp-sniff-state|dot11-shared-key-auth|fix-broadcast-dhcp-...
Page 630: Proxy-Arp
20-42 Motorola RF Switch CLI Reference Guide 20.1.29 proxy-arp Wireless Configuration Commands Responds to ARP requests from the RON to the WLAN on behalf of mobile units be negated using this command Supported in the Following Platforms: • WS5100 • RFS7000 •...
Page 631: Qos-Mapping
Wireless Instance 20-43 20.1.30 qos-mapping Wireless Configuration Commands Configures QoS mappings between the wired and wireless domains be negated using this command Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax qos-mapping(wired-to-wireless|wireless-to-wired) qos-mapping wired-to-wireless(dot1p<0-7>|dscp<0-63>) (background|best-effort|video|voice) qos-mapping wireless-to-wired(background|best-effort|video|voice) dot1p<0-7>...
Page 632 20-44 Motorola RF Switch CLI Reference Guide Example RFSwitch(config-wireless)#qos-mapping wireless-to-wired background dot1p 5 RFSwitch(config-wireless)#...
Page 633: Radio
Wireless Instance 20-45 20.1.31 radio Wireless Configuration Commands Sets radio related parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax radio (<1-1000>|RADIO|add|all-11a|all-11b|all-11bg| configure-8021X|default-11a|default-11b|default-11bg|dns-name) radio<1-1000>(adoption-pref-id|antenna-mode|base-bridge| beacon-interval|bridge-fwd-delay <4-30>|bridge-hello <1-10>| bridge-max-ageout <4-3600>|bridge-msg-age <6-40>| bridge-priority <0-65535>|bss|channel-power|client-bridge| coordinates|copy-config-from|description|detector|dtim-period| enforce-spec-mgmt|enhanced-beacon-table|enhanced-probe-table| location-led|location-message|mac|max-mobile-units|mu-power<0-20>| neighbor-smart-scan|on-channel-scan|radio-number|reset|reset-ap|...
Page 634 20-46 Motorola RF Switch CLI Reference Guide radio 1 copy-config-from [<1-1000>|default-11a|default-11b| default-11bg] radio <1-1000> dtim-period<1-50> bss<1-4> radio <1-1000> location-led {start-flashing|stop-flashing} radio <1-1000> speed [1|11|12|18|2|24|36|48|54|5p5|6|9|basic1| basic11|basic12|basic18|basic2|basic24|basic36|basic48|basic54| basic5p5|basic6|basic9|default|range|throughput] radio <1-1000> wmm(background|best-effort|video|voice) aifsn<1-15>|burst<0-65535>|cw<0-15>) radio <1-1000> wmm(video|voice)(acm [enable|max-mus <1-64>]) radio add <1-4096>(MAC Address)[11a[ap300|ap5131])| 11b[ap100|ap4131]|11bg [ap300|ap5131]] Parameters <1-1000>...
Page 635 Wireless Instance 20-47 antenna-mode Defines the antenna diversity mode. Select from the <diversity|primary|secon following options: dary> • diversity–Full diversity (both antennas) • primary–Primary antenna only • secondary–Secondary antenna only Note: Before executing this command, ensure the radio is present and is a AP300 . base-bridge Sets base bridge values (enable|max-clients <1-...
Page 636 20-48 Motorola RF Switch CLI Reference Guide bss (<1-4>|add- Maps WLANs to radio BSSIDs wlans|auto) WLAN • <1-4>– Sets the BSS where WLANs are mapped • add-wlans – Adds new WLANs to existing radios. The other WLANs on the radios are left as is.
Page 637 Wireless Instance 20-49 copy-config-from Copies the configuration from a previously configured radio [<1-1000>|default-11a| • <1-1000> – Defines a single radio index default-11b| • default-11a – Uses the default 11a configuration default-11bg] template • default-11b – Uses the default 11b configuration template •...
Page 638 20-50 Motorola RF Switch CLI Reference Guide mac <MAC address> Changes the parent (access-port) MAC address of the radio max-mobile-units <1- Maximum number of mobile units allowed to associate 256> mu-power <0-20> Power adjustment level for mobile units associated with this access-port.
Page 639 Wireless Instance 20-51 speed Configures the basic and supported data rates/speed • 1 1-Mbps • 11 11-Mbps • 12 12-Mbps • 18 18-Mbps • 2 2-Mbps • 24 24-Mbps • 36 36-Mbps • 48 48-Mbps • 54 54-Mbps • 5p5 5.5-Mbps •...
Page 640 Configures the WI-FI tag type [aeroscout|cricket|newb • aeroscout – Aeroscout active tag ury] (listen-addr) • cricket – Cricket (Motorola) Active tag <MAC address> • newbury – Newbury active tag • listen-addr – Configures a multicast listening address for active tags •...
Page 641 Wireless Instance 20-53 • burst<0-65535> – (transmit-opportunity) Sets an interval when a particular WMM STA has the right to initiate transmissions onto the wireless medium. • cw<0-15> – (Contention Window parameters) Wireless stations pick a number between 0 and the minimum contention window to wait before re-trying transmissions.
Page 642: Rate-Limit
20-54 Motorola RF Switch CLI Reference Guide 20.1.32 rate-limit Wireless Configuration Commands Sets the default rate limit per user Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax rate-limit [down|up]<0-100000>...
Page 643: Self-Heal
Wireless Instance 20-55 20.1.33 self-heal Wireless Configuration Commands Configures self healing values Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax self-heal(interference-avoidance|neighbor-recovery) self-heal interference-avoidance(enable|hold-time<0-65535>| retries<0.0-15.0>) self-heal neighbor-recovery(action|enable|neighbors|run-neighbor- detect) self-heal neighbor-recovery action(both|none|open-rates|raise- power) radio(<1-1000>|RADIO) self-heal neighbor-recovery neighbors<1-1000>(<1-1000>|RADIO) Parameters...
Page 644 20-56 Motorola RF Switch CLI Reference Guide action Defines the radio’s self healing action when neighbors are (both|none|open-rates| detected as down raise-power) • both – Raises the power to max and open all rates radio (<1-1000>|RADIO) • none – No action taken •...
Page 645: Sensor
Wireless Instance 20-57 20.1.34 sensor Wireless Configuration Commands Configures Wireless Intrusion Protection System (WIPS) parameters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax sensor(<1-48>|default-config|ping-interval <2-60>|vlan) sensor <1-48> [default-config|request-config|revert-to-ap] sensor default-config(ip-mode|wips-server-ip) sensor default-config ip-mode(dhcp|static(A.B.C.D/M)(A.B.C.D)) sensor default-config wips-server-ip(primary|secondary)(A.B.C.D) Parameters <1-48>...
Page 646 20-58 Motorola RF Switch CLI Reference Guide default-config Invokes the default configuration sent to sensors when (ip-mode|wips-server-ip) configured • ip-mode – Configures the IP address of the sensors • dhcp – Sensors use DHCP to obtain an IP address • static (A.B.C.D/M)(A.B.C.D) – Sensors use the specific static IP address A.B.C.D/M –...
Page 647: Service
20-59 20.1.35 service Wireless Configuration Commands Invokes service commands to troubleshoot or debug instance (config-wireless) configurations Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax service(show|wireless) service show(cli|wireless) service show (wireless) [ap-history|ap-list|buffer-counters| enhanced-beacon-table|enhanced-probe-table|legacy-load-balance| mu-cache-buckets|mu-cache-entry|mvlan <1-32>| radio(<1-1000>|description)|snmp-trap-throttle|vlan-cache-buckets| vlan-cache-entry]...
Page 648 20-60 Motorola RF Switch CLI Reference Guide enhanced-beacon-table Displays details of the configuration and information [config|report] gathered for AP locationing • config – Displays the configuration of AP locationing • report – Displays information gathered for AP locationing enhanced-probe-table Displays the configuration and information gathered for MU [config|report] locationing.
Page 649 Wireless Instance 20-61 buffer-counters (clear) Allocation counts for various buffers • clear – Resets counters to zero clear-ap-log <1-48> Clears AP logs for the a selected index dump-core Creates a core file of the ccsrvr process enhanced-beacon-table Configures an AP for detecting and locating other APs in the [channel-set (a|bg) <1- network 200>...
Page 650 20-62 Motorola RF Switch CLI Reference Guide enhanced-probe-table Configures an AP for detecting and locating MUs. The [enable | erase-report | switch maintains an enhanced-probe-table to track the max-mu <0-512> | probes received by an AP. preferred (add) • enable – Disables or enables the gathering of <MAC Address>...
Page 651 Wireless Instance 20-63 Example RFSwitch(config-wireless)#service show wireless ap-history AP MAC Radio Timestamp Event Reason =================================================================== 00-A0-F8-BF-8A-4B 20070926-20:23:10 Adoption RFSwitch(config-wireless)# RFSwitch(config-wireless)#service show wireless mvlan 20 Wlan 20: pool_size =1 ----------------------------------------------------- [ 0]: wlan=20, vlan_id=1, limit=0, users=0, log_sent=0 [ 1]: wlan=20, vlan_id=0, limit=0, users=0, log_sent=0 [ 2]: wlan=20, vlan_id=0, limit=0, users=0, log_sent=0 [ 3]: wlan=20, vlan_id=0, limit=0, users=0, log_sent=0 [ 4]: wlan=20, vlan_id=0, limit=0, users=0, log_sent=0...
Page 652: Show
Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show<paramater>...
Page 653 Wireless Instance 20-65 Parameters Displays all the parameters for which information can be viewed using the show command Example RFSwitch(config-wireless)#show ? access-list Internet Protocol (IP) aclstats Show ACL Statistics information alarm-log Display all alarms currently in the system arpi ARPI Configuration autoinstall autoinstall configuration banner...
Page 654 20-66 Motorola RF Switch CLI Reference Guide sole Smart Opportunistic Location Engine Configuration spanning-tree Display spanning tree information startup-config Contents of startup configuration tags Tags/Assets (passive, active, wi-fi, uwb) Information terminal Display terminal configuration parameters timezone Display timezone upgrade-status Display last image upgrade status...
Page 655: Wlan
Wireless Instance 20-67 20.1.37 wlan Wireless Configuration Commands Configures Wireless LAN related commands Syntax wlan(<1-32>|WLAN) (80211-extensions|aap-proxy-radius|accounting|add-vlan| answer-bcast-ess|authentication-type| client-bridge-backhaul| description|dot11i|enable|encryption-type|hold-time|hotspot| inactivity-timeout|kdc|mobility|mu-mu-disallow| nac-mode|nac-server|qos|radius|secure-beacon| set-vlan-user-limit|ssid|syslog|vlan|wep128|wep64) wlan<1-32> (80211-extensions)( move-command)(enable) wlan<1-32> aap-proxy-radius (enable)(realm)<realm name> (strip) wlan<1-32> (accounting)[none|radius|ssyslog] wlan<1-32> (add-vlan)[<1-4094>|VLAN] (limit)<0-4096> wlan<1-32> (authentication-type) [eap|hotspot|kerberos|mac- auth|none] wlan<1-32> (client-bridge-backhaul)(enable) wlan<1-32>...
Page 656 20-68 Motorola RF Switch CLI Reference Guide wlan<1-32> nac-mode [bypass-nac-except-include-list|do-nac-except- exclude-list|none] wlan<1-32> nac-server [primary|secondary|timeout] wlan<1-32> nac-server [primary|secondary] [A.B.C.D (auth-port)|radius-key (0|2|Shared Secret)] wlan<1-32> nac-server [timeout] <1-300> wlan<1-32> qos[classification| mcast-with-dot11i|mcast1|mcast2| prioritize-voice|svp|weight <1-10>|wmm] wlan<1-32> qos classification[background|best-effort| video|voice|wmm] wlan<1-32> qos wmm [8021p|background|best-effort|dscp|video|voice] [aifsn|cw|txop-limit|acm] wlan<1-32> radius[accounting|authentication-protocol|dscp|...
Page 657 Wireless Instance 20-69 80211-extensions Enables support for 802.11 extensions (move-command) • move-command – Enables support for the move- (enable) command (fast roaming) • enable – Enables this extension aap-proxy-radius Enables configuring of proxying AAP radius requests (enable) (realm) <name> • realm <name> – Provide proxy realm name (strip) •...
Page 658 20-70 Motorola RF Switch CLI Reference Guide authentication-type Sets the authentication type for this WLAN (eap|hotspot|kerberos| • eap – EAP authentication (802.1X) mac-auth|none) • hotspot – Web based authentication • kerberos – Kerberos authentication (encryption will change to WEP128 if its not already wep128/keyguard) •...
Page 659 Wireless Instance 20-71 • key(0|2|WORD) – Configure the key (PMK) • 0 – Password is specified UNENCRYPTED • 2 – Password is encrypted with password- encryption secret • WORD – The 256bit (64 hex characters) long • key-rotation (enable) – Controls the periodic update of broadcast keys for associated mobile units •...
Page 660 20-72 Motorola RF Switch CLI Reference Guide • WORD – Sets the 256bit (64 hex characters) • tkip-cntrmeas-hold-time <0-65535> – Configures the hold-time (in seconds) that clients are blocked whenTKIP countermeasures are invoked. Default is 60 seconds. • wpa2-tkip (enable) – Enables support for WPA2-TKIP (in...
Page 661 Wireless Instance 20-73 hotspot() Modifies hotspot related parameters • allow (rule index) (IP address) – Modifies hotspot allow- list parameters Users who have not yet authenticated must be allowed access to these IP addresses. • Rule index – Allow-list Rule index (must be between (1-10) •...
Page 662 20-74 Motorola RF Switch CLI Reference Guide inactivity-timeout Sets an inactivity timeout in seconds. If a frame is not <60-86400> received from a mobile unit for this amount of time, the mobile unit is disassociated. kdc [password (0||LINE) | Modifies KDC related parameters.
Page 663 Wireless Instance 20-75 mu-mu-disallow Disallows frames from one mobile unit to another mobile unit on this WLAN (switch-to-wired) • switch-to-wired – Disallows by switching the frame out on the wired side (to allow an external switch to decide whether this frame is to be allowed or dropped). nac-mode Sets the Network Access Control (NAC) mode configuration [bypass-nac-except-...
Page 664 20-76 Motorola RF Switch CLI Reference Guide nac-server () Configure a NAC server IP address and an optional [primary|secondary|time authentication port number out] • [primary|secondary] [EAP Server IP Address|RADIUS Key] – Primary server or secondary server’s IP address • A.B.C.D (auth-port) – Set an EAP server IP...
Page 665 Wireless Instance 20-77 Quality of Service commands [classification | • classification [background|best-effort|video|voice|wmm] mcast-with-dot11i| – Select how traffic on this WLAN is classified (relative mcast1 | mcast2 | prioritization on the access port) prioritize-voice | svp | • background – Traffic on this WLAN is treated weight|wmm] as background traffic •...
Page 666 20-78 Motorola RF Switch CLI Reference Guide • ip-address – Sets the RADIUS server’s IP address • auth-port<1024-65535> – Establishes the RADIUS server’s authentication port (default:1812) • radius-key – Sets the RADIUS server shared secret, up to 127 characters • 0 – Password is specified UNENCRYPTED •...
Page 667 Wireless Instance 20-79 ssid Enter the SSID of this WLAN syslog (accounting) Syslog Accounting server <IP Address> • accounting – Modifies accounting parameters port <Port number> • server<IP Address> – Modifies the Syslog accounting server IP Address • port <Port Number> – Defines the Syslog server port. The default port number is 514 vlan<1-4094>...
Page 668 20-80 Motorola RF Switch CLI Reference Guide wep64 Configures WEP64 parameters Example RFSwitch(config-wireless)#wlan 25 accounting syslog RFSwitch(config-wireless)# RFSwitch(config-wireless)#wlan 25 answer-bcast-ess RFSwitch(config-wireless)# RFSwitch(config-wireless)#wlan 25 authentication-type kerberos RFSwitch(config-wireless)# RFSwitch(config-wireless)#wlan 25 description "TestWLAN" RFSwitch(config-wireless)# RFSwitch(config-wireless)#wlan 25 dot11i handshake timeout 2500 retransmit 5 RFSwitch(config-wireless)#...
Page 669 Wireless Instance 20-81 RFSwitch(config-wireless)#wlan 25 radius accounting timeout 30 retransmit 50 RFSwitch(config-wireless)# RFSwitch(config-wireless)#wlan 25 radius mobile-unit timeout 30 retransmit 5 RFSwitch(config-wireless)# RFSwitch(config-wireless)#wlan 25 ssid TestString RFSwitch(config-wireless)# RFSwitch(config-wireless)#wlan 25 symbol-extensions fast-roaming enable RFSwitch(config-wireless)# RFSwitch(config-wireless)#wlan 25 syslog accounting server 12.13.14.125 port 5005 RFSwitch(config-wireless)# RFSwitch(config-wireless)#wlan 24 qos mcast-with-dot11i enable RFSwitch(config-wireless)#...
Page 670: Wlan-Bw-Allocation
20-82 Motorola RF Switch CLI Reference Guide 20.1.38 wlan-bw-allocation Wireless Configuration Commands Enables WLAN bandwidth allocation on all radios Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax wlan-bw-allocation (enable) Parameters enable Enables WLAN bandwidth allocation on all radios...
Page 671 SOLE Instance Use the instance to configure SOLE related configuration commands. (config-sole) 21.1 SOLE Config Commands Table 21.1 summarizes commands: config-sole Table 21.1 Location Engine Config Command Summary Command Description Ref. adapter Configures the SOLE adapter page 21-3 clrscr Clears the display screen page 21-4 Ends the current mode and moves to the EXEC mode page 21-5...
Page 672 21-2 Motorola RF Switch CLI Reference Guide Table 21.1 Location Engine Config Command Summary (Continued) Command Description Ref. site Displays the site configuration page 21-18...
Page 673: Sole Config Commands
SOLE Instance 21-3 21.1.1 adapter SOLE Config Commands Enables/disables a specified adapter, or all the adapters Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax adapter (aeroscout) (enable) Parameters adapter (aeroscout) SOLE adapter name (enable) • aeroscout – Defines the name of the adapter •...
Page 674: Clrscr
21-4 Motorola RF Switch CLI Reference Guide 21.1.2 clrscr SOLE Config Commands Clears the display screen Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax clrscr Parameters None Example RFSwitch(config-sole)#clrscr RFSwitch(config-sole)#...
Page 675: End
21-5 21.1.3 end SOLE Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax Parameters None Example RFSwitch(config-sole)#end RFSwitch#...
Page 676: Exit
21-6 Motorola RF Switch CLI Reference Guide 21.1.4 exit SOLE Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax...
Page 677: Help
SOLE Instance 21-7 21.1.5 help SOLE Config Commands Displays the system’s interactive help system in HTML format Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 Syntax help Parameters None. Example RFSwitch(config-sole)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'.
Page 678: Locate
21-8 Motorola RF Switch CLI Reference Guide 21.1.6 locate SOLE Config Commands Configures location commands. Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax locate [aeroscout|ekahau|mu|newbury] locate [aeroscout|ekahau|newbury](interval)<1-30000> locate [mu][<MU MAC Addr> (enable)|enable|interval<1-300>]...
Page 679: Near-Me
Configures near-me tag as a smart surrounding Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax near-me (tag) [cricket|fixed-mu|passive] near-me (tag) [cricket|fixed-mu] <MU Mac> (coordinates)(x)<value> (y)<value> (z)<value> near-me (tag) [passive]<tag ID> (coordinates)(x) <value>...
Page 680 21-10 Motorola RF Switch CLI Reference Guide cricket Configures Motorola cricket tag as a near-me tag • MU MAC – Fixed mobile unit MAC address • coordinates – Configures tag loctaion • x <value> – Configure X coordinate. Slect a value between <-65535-65535>...
Page 681 SOLE Instance 21-11 passive Configures passive tag as a near-me tag • tag ID – Passive tag ID • coordinates – Configures tag loctaion • x <value> – Configures X coordinate. Select a value between <-65535-65535> • y <value> [orinentation|range|z] – Configures Y coordinate •...
Page 682 21-12 Motorola RF Switch CLI Reference Guide 21.1.8 no SOLE Config Commands Defines the name of the adapter or disables the adapter(s) Supported in the Following Platforms: • WS5100 • RFS7000 • RFS6000 SWITCH NOTE: The following commands are supported only on RFS6000.
Page 683 SOLE Instance 21-13 Example RFSwitch(config-sole)#no adapter enable RFSwitch(config-sole)#...
Page 684: Service
21-14 Motorola RF Switch CLI Reference Guide 21.1.9 service SOLE Config Commands Invokes service commands to troubleshoot or debug instance configurations (config-if) Syntax service (show) (cli) Parameters show (cli) Displays the CLI tree of the current mode Example RFSwitch(config-sole)#service show cli...
Page 685: Show
• RFS6000 SWITCH NOTE: The following commands display only for RFS6000: • arpi • espi • power • tags The following commands display only for RFS7000 and WS5100: • port-channel • static-channel-group Syntax show <parameters> show sole [config(adapter)|stats (adapter)|status(adapter|engine)] Parameters...
Page 686 21-16 Motorola RF Switch CLI Reference Guide Example sole)#show RFSwitch(config- RFS6000(config-sole)#show ? access-list Internet Protocol (IP) aclstats Show ACL Statistics information alarm-log Display all alarms currently in the system arpi ARPI Configuration autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration.
Page 687 SOLE Instance 21-17 terminal Display terminal configuration parameters timezone Display timezone upgrade-status Display last image upgrade status users Display information about currently logged in users version Display software & hardware version wireless Wireless configuration commands wlan-acl wlan based acl RFSwitch(config-sole)#show RFSwitch(config-sole)#show sole config adapter SOLE Adapter Adapter Type: TZSP...
Page 688: Site
21-18 Motorola RF Switch CLI Reference Guide 21.1.11 site SOLE Config Commands Configures SOLE site parameters Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax site [description <string>|dimension (length|scale|unit)|name] site (dimension) [(length <value>|width <value>|height <value>)|...
Page 689 • unit – Configures site dimension measurement unit • feet – Site distances are in feet • meters – Site distances are in meters name Configures site name Example RFS6000(config-sole)#site description "Motorola RMZ Ecospace, India, 5th Floor" RFS6000(config-sole)# RFS6000(config-sole)#site name "BLR-RMZ Ecospcae" RFS6000(config-sole)#...
Page 690 21-20 Motorola RF Switch CLI Reference Guide...
Page 691 ARPI Instance Use the instance to configure Adaptive Reader Programing Interface (config-arpi) (ARPI) related configuration commands. 22.1 ARPI Config Commands Table 22.1 summarizes commands: config-arpi Table 22.1 Adaptive Reader Programing Interface Config Command Summary Command Description Ref. adapter ARPI Adapter Configurations page 22-3 clear Performs a reset function...
Page 692 22-2 Motorola RF Switch CLI Reference Guide Table 22.1 Adaptive Reader Programing Interface Config Command Summary (Contin- Command Description Ref. Negates a command or set its defaults page 22-22 profile Configures RFID configuration profiles page 22-23 service Service commands page 22-24...
Page 693: Arpi Config Commands
(config-arpi-adapter) Refer to config-arpi-adapter on page 22-3 for more information. Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax adapter (name) Parameters name Enter adapter name Example RFSwitch(config-arpi)#adapter aeroscout RFSwitch(config-arpi-adapter)# 22.1.1.1 config-arpi-adapter...
Page 694 22-4 Motorola RF Switch CLI Reference Guide Table 22.2 DHCP Server Class Command Summary Command Description clrscr Clears the display screen Ends the current mode and moves to the EXEC mode exit Ends the current mode and moves to the previous mode...
Page 695 ARPI Instance 22-5 adapter config-arpi-adapter Configures the ARPI adapter Syntax adapter <name> Parameters adapter <name> Enter a name for the ARPI adapter Example RFSwitch(config-arpi-adapter)#adapter aeroscout RFSwitch(config-arpi-adapter)# adopt-unconf-readers config-arpi-adapter Adopts a reader even if its not yet configured Syntax adopt-unconf-readers Parameters None.
Page 696 22-6 Motorola RF Switch CLI Reference Guide Parameters WORD Enter passthrough command for ARPI help Displays help text for passthrough commands Example RFSwitch(config-arpi-adapter)#passthru TopSecret RFSwitch(config-arpi-adapter)# reader config-arpi-adapter Configures RFID Reader commands Syntax reader [<RFID index> |<RFID index range>] reader [<RFID index>]...
Page 697 ARPI Instance 22-7 Parameters...
Page 698 22-8 Motorola RF Switch CLI Reference Guide <1-256> A single RFID reader index. Select a value between <1-256> • antenna – RFID Antenna configuration commands • <1-8> – A single Antenna index • range – A list or range (3-7) of antenna indices •...
Page 699 ARPI Instance 22-9 • name – Defines the name of this RFID reader • ntp – Configures NTP server for reader support • server <IP Addr> – Enter IP address of NTP server • passthru – Specifies passthrough command for reader •...
Page 700 22-10 Motorola RF Switch CLI Reference Guide RFID index range A list (1,3,7) or range (3-7) of RFID reader indices • date • description • diag • enable • heartbeat-period • mode • name • ntp • passthru • password •...
Page 701: Clear
22.1.2 clear ARPI Config Commands Resets the tag configuration Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax clear (tag) [<Adapter Name>| aeroscout|ekahau|gen2|logical- reader|mu|ubis] Parameters tags Clears tag/asset information •...
Page 702: Clrscr
22-12 Motorola RF Switch CLI Reference Guide 22.1.3 clrscr ARPI Config Commands Clears the display screen Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax clrscr Parameters None Example...
Page 703: End
Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax Parameters None Example RFSwitch(config-arpi)#end...
Page 704: Exit
22-14 Motorola RF Switch CLI Reference Guide 22.1.5 exit ARPI Config Commands Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: •...
Page 705: Filter
ARPI Instance 22-15 22.1.6 filter ARPI Config Commands Configures the RFID tag filter Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax filter (index)[action(allow|deny)|length <1-128>|mask|memory-bank| name(epc|tid|uid)|offset <0-32>]...
Page 706 22-16 Motorola RF Switch CLI Reference Guide Parameters index <1-100> Enter a single tag-filter index. Select a value between <1-100> • action – Configures tag filter action • allow – Allows/permits RFID tag matching the filter • deny – Rejects/Denies RFID tag matching the filter •...
Page 707: Help
22.1.7 help ARPI Config Commands Displays the system’s interactive help system in HTML format Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax help Parameters None. Example RFSwitch(config-arpi)#help CLI provides advanced help feature.
Page 708: Inventory
22-18 Motorola RF Switch CLI Reference Guide 22.1.8 inventory ARPI Config Commands Configures the tag inventory Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax inventory [<1-100>|default] inventory <1-100> [duration <0-100000>|filter|(index|name)| logical-reader <1-100>|report(current|differential)|...
Page 709 ARPI Instance 22-19 Parameters [ <1-100>|default] Select either a single tag inventory index or the default inventory • duration <0-100000> – Inventory round duration in msecs • filter – Configures the tag filter for inventory • <1-100> – A single index of tag filter •...
Page 710 22-20 Motorola RF Switch CLI Reference Guide • periodic – Configures periodic tag inventory • offset <0-65535> – Configures a time offset in milliseconds • period <0-65535> – Configures a time period in milliseconds • stop-trigger – Configures a stop trigger for the tag inventory •...
Page 711: Logical-Reader
ARPI Config Commands Configures the logical reader Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax logical-reader <index> [name|perimeter (x coordinate|Y coordinate)| security-threat <0-5>] Parameters Index <1-100> Select a single logical reader index for configuration •...
Page 712 22-22 Motorola RF Switch CLI Reference Guide 22.1.10 no ARPI Config Commands Defines the name of the adapter or disables the adapter(s) Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000...
Page 713: Profile
ARPI Config Commands The RFID configuration profile Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax profile <index> [air-protocol|channel|name] profile <index> air-protocol (class0)(class1)(gen2) profile <index> channel <index>[power <-63-63>|gain <-63-63>] Parameters index <1-100>...
Page 714: Service
22-24 Motorola RF Switch CLI Reference Guide 22.1.12 service ARPI Config Commands Invokes service commands to troubleshoot or debug instance configurations (config-if) Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000...
Page 715 ARPI Instance 22-25 +-length +-<1-128> [filter <1-100> length <1-128>] ..............RFSwitch(config-arpi)#...
Page 716: Show
22-26 Motorola RF Switch CLI Reference Guide 22.1.13 show ARPI Config Commands Displays current system information Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax show <parameters> show sole [config(adapter)|stats (adapter)|status(adapter|engine)]...
Page 717 ARPI Instance 22-27 licenses Show any installed licenses logging Show logging configuration and buffer Internet Protocol (IP) mac-address-table Display MAC address table management Display L3 Managment Interface name mobility Display Mobility parameters Network time protocol password-encryption password encryption power show power over ethernet command privilege Show current privilege level radius...
Page 718: Tag
22-28 Motorola RF Switch CLI Reference Guide 22.1.14 tag ARPI Config Commands Configures the RFID tag Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax tag (MASK index)(profile)[ <1-100>|<name>]...
Page 719 ESPI Instance Use the instance to configure Adaptive Reader Programing Interface (config-espi) (ARPI) related configuration commands. 23.1 ESPI Config Commands Table 23.1 summarizes commands: config-espi Table 23.1 ESPI Config Command Summary Command Description Ref. adapter Adapters configurations page 23-2 clrscr Clears the display screen page 23-3 Ends the current mode and changes to the EXEC mode...
Page 720: Espi Config Commands
23-2 Motorola RF Switch CLI Reference Guide 23.1.1 adapter ESPI Config Commands Enables/disables a specified adapter or all adapters Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax adapter <name> [activate|port <3000-3100>]...
Page 721: Clrscr
ESPI Instance 23-3 23.1.2 clrscr ESPI Config Commands Clears the display screen Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax clrscr Parameters None Example RFSwitchconfig-espi)#clrscr RFSwitchconfig-espi)#...
Page 722: End
23-4 Motorola RF Switch CLI Reference Guide 23.1.3 end ESPI Config Commands Ends and exits the current mode and moves to the PRIV EXEC mode. The prompt changes RFSwitch# Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: •...
Page 723: Exit
Ends the current mode and moves to the previous mode (GLOBAL-CONFIG). The prompt changes to RFSwitch(config)# Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax exit Parameters None Example RFSwitchconfig-espi)#exit...
Page 724: Help
23-6 Motorola RF Switch CLI Reference Guide 23.1.5 help ESPI Config Commands Displays the system’s interactive help in HTML format Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax...
Page 725 Defines the name of the adapter or disables the adapter(s) Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax no (adapter)(name)activate Parameters adapter (name) (activate) Negates ESPI adapter configurations.
Page 726: Service
23-8 Motorola RF Switch CLI Reference Guide 23.1.7 service ESPI Config Commands Invokes service commands to troubleshoot or debug instance configurations (config-if) Supported in the Following Platforms: • RFS6000 Syntax service (show) (cli) Parameters show (cli) Displays the CLI tree of the current mode...
Page 727 ESPI Instance 23-9 +-access-list [show access- list]..............................................................................................RFSwitch(config-espi)#...
Page 728: Show
23-10 Motorola RF Switch CLI Reference Guide 23.1.8 show ESPI Config Commands Displays current system information Supported in the Following Platforms: • RFS6000 SWITCH NOTE: This command is not supported in: • WS5100 • RFS7000 Syntax show <parameters> Parameters Displays the parameters for which information can be...
Page 729 ESPI Instance 23-11 logging Show logging configuration and buffer Internet Protocol (IP) mac-address-table Display MAC address table management Display L3 Managment Interface name mobility Display Mobility parameters Network time protocol password-encryption password encryption power show power over ethernet command privilege Show current privilege level radius RADIUS configuration commands...
Page 730 23-12 Motorola RF Switch CLI Reference Guide...
Page 732 MOTOROLA INC. 1303 E. ALGONQUIN ROAD SCHAUMBURG, IL 60196 http://www.motorola.com 72E-109212-01 Revision A April 2008...

This manual is also suitable for:

Rfs6000 Ws5100

Motorola RFS7000 Reference Manual

Chapter 1. Introduction

Chapter 2 .Common Commands

Chapter 3. User Exec Commands

Chapter 4. Privileged Exec Commands

Chapter 5 .Global Configuration Commands

Chapter 6 .Crypto-Isakmp Instance

Chapter 7 .Crypto-Group Instance

Chapter 8 .Crypto-Peer Instance

Chapter 9. Crypto-Ipsec Instance

Chapter 10 .Crypto-Map Instance

Chapter 11. Crypto-Trustpoint Instance

Chapter 12. Interface Instance

Chapter 13. Spanning Tree-Mst Instance

Chapter 14. Extended ACL Instance

Chapter 15. Standard ACL Instance

Quick Links

Related Manuals for Motorola RFS7000

Summary of Contents for Motorola RFS7000