3Com OfficeConnect WX1200 Release Note
Wireless lan switch and controller mss version 3.0
Hide thumbs
Also See for OfficeConnect WX1200:
- Command reference manual (646 pages) ,
- Reference manual (520 pages) ,
- Quick start manual (10 pages)
Advertisement
Quick Links
Related Documentation
Please use these notes in conjunction with the following
documents:
Wireless LAN Switch and Controller Quick Start
Guide
Wireless LAN Switch and Controller Installation and
Basic Configuration Guide
Wireless LAN Switch and Controller Configuration
Guide
Wireless LAN Switch and Controller Command Refer-
ence
You can obtain the latest technical information for
these products, including a list of known problems and
solutions, from the 3Com Knowledgebase:
http://knowledgebase.3com.com
Software License Agreement
Before you use these products, please ensure that you
read the license agreement text. You can find the
license.txt file on the CD-ROM that accompanies your
product, or in the self-extracting exe that you have
downloaded from the 3Com Web site.
Part No. 735-9502-0008, Revision C
Published November 2004
W
LAN S
IRELESS
MSS V
ERSION
WITCH AND
3.0 R
ELEASE
Points to Note when using the WX1200 and
WX4400
Follow these best-practice recommendations during
configuration and implementation to avoid or solve
issues you might experience.
System Configuration Best Practices
3Com strongly recommends that you use 3Com Wire-
less Switch Manager (3WXM) for archiving and version
control of network-wide wireless LAN switch configura-
tions. 3Com also recommends that you archive the
CLI-based configuration files of individual WX switches
by copying the configurations to a server.
Client and AAA Best Practices
Follow these best-practice recommendations during
configuration and implementation to avoid or solve
issues you might experience.
Get Clients and AAA Working First
The greatest majority of installation issues are related to
clients and AAA server (authentication, authorization,
and accounting) operation. 3Com recommends first
establishing a baseline of proper operation with a sam-
pling of wireless clients and the AAA server you plan to
C
ONTROLLER
N
OTES
Advertisement
Related Manuals for 3Com OfficeConnect WX1200
Summary of Contents for 3Com OfficeConnect WX1200
-
Page 1: Related Documentation
Follow these best-practice recommendations during configuration and implementation to avoid or solve issues you might experience. 3Com strongly recommends that you use 3Com Wire- less Switch Manager (3WXM) for archiving and version control of network-wide wireless LAN switch configura- tions. 3Com also recommends that you archive the CLI-based configuration files of individual WX switches by copying the configurations to a server. - Page 2 MSS. The majority were tested using recently available drivers using the Microsoft native 802.1X client and a Microsoft IAS RADIUS server. 3Com has not experienced any com- patibility problems with NICs being unable to support...
- Page 3 3Com recommends that you set up a sepa- rate service profile for WPA/CCMP with a different SSID for compatibility. If you are migrating from...
- Page 4 ‡ Intel Centrino based chipsets might not associate with the SSID when power-save mode is enabled. Future drivers or laptop firmware might re- solve this issue, but until then 3Com recommends disabling power-save mode completely in the driver properties for the NIC.
- Page 5 If you are not prepared to install Service Pack 2, 3Com strongly recommends that all wireless clients use Service Pack 1a with the following hotfixes installed: KB826942—This is the WPA Hotfix Rollup and is available through Microsoft Update KB834669—This corrects an 802.1x client issue...
- Page 6 KB833865. If your network uses logon scripts, Active Directory group policies, or your users regularly share their laptops, 3Com recommends that you enable com- puter authentication to achieve full functionality over your wireless connection. Download current drivers for your NICs from the NIC vendor(s).
- Page 7 Be sure to turn off Wireless Zero Config in Win- dows 2000 by disabling the service. If your wireless NIC’s driver includes the AEGIS pro- tocol manager for WPA support, 3Com recom- mends against installing it. Some drivers install this automatically if you run the setup.exe utility to install the driver.
- Page 8 LAN S IRELESS WITCH AND ONTROLLER Feature Scenario Requiring Computer Authentication Systems management Systems management application agents agents such as those that come with Microsoft Sys- tems Management Server (SMS) frequently need network access without user interven- tion. Remote Desktop Con- Computers are accessible from Windows nection Remote Desktop Connection when no one...
- Page 9 The username of a computer authentication con- nection will be in the form of host/fully-quali- fied-domain-name, for example host/bob-laptop.3Com.com or host/tac1-lap- top.support.3Com.com. This username is the same regardless of the configured protocol (PEAP-MS-CHAP-V2 or EAP-TLS). An appropriate userglob would be host/*.domain.com where domain.com is the Active Directory domain name.
- Page 10 ONTROLLER authenticate with network services and logon to their local PC. A Pass result for 3Com VSAs indicates that the VSAs were able to be added to the RADIUS server manually. Future versions of Steel Belted RADIUS and FreeRadius are planned to include standard definitions of the 3Com VSAs.
- Page 11 The switch’s certificate can come from a certificate authority (CA) or it can be gener- ated and signed by the switch itself. 3Com recom- mends that you use certificates assigned by a CA. Certificates from a trusted CA are more secure than self-signed certificates.
- Page 12 SNMP SNMP is disabled by default. 3Com recommends that you leave SNMP disabled unless you are using 3Com Network Director or a similar product to manage your wired network. If you do need to use SNMP, do not...
- Page 13 Practices Run the same MSS version on all WX switches in the Mobility Domain. 3Com recommends that you run the same MSS ver- sion on all the WX switches in a Mobility Domain. Helpful commands Use the following commands to verify the proper...
- Page 14 LAN S IRELESS WITCH AND ONTROLLER Distributed MAP Best Practice When Using STP A Distributed MAP is a leaf device. You do not need to enable STP on the port that is directly connected to the MAP. If Spanning Tree Protocol (STP) is enabled on the port that is directly connected to a Distributed MAP, you might need to change the STP configuration on the port, to allow the MAP to boot.
- Page 15 face on the WX switch or disable IGMP proxy reporting. To disable proxy reporting, use the com- mand set igmp proxy-report disable. Disabling proxy reporting can increase IGMP over- head traffic to the multicast router. Enable the IGMP querier only if needed. The IGMP pseudo-querier function is disabled by default.
-
Page 16: Documentation Errata
LAN S IRELESS WITCH AND ONTROLLER set authentication last-resort ssid any local set authentication last-resort wired local MSS creates user last-resort-any but does not create the required last-resort authentication rules. If you do not use wired authentication, you can omit the rule that contains wired. - Page 17 Documented range for RF Auto-Tuning interval is incorrect. (18575) The MSS Version 3.0 manuals state that the range for seconds in the following command is 0 to 65535. set radio-profile name auto-tune channel-inter- val seconds The valid range is actually 0 to 100000 seconds. System Parameter Support The following tables list the recommended or maxi- mum supported values for major system parameters.
-
Page 18: Known Problems
LAN S IRELESS WITCH AND ONTROLLER Management Parameter Supported Value SSHv2 management sessions WX4400: 8 WX1200: 4 Telnet client sessions (client for WX4400: 8 remote login) WX1200: 4 NTP servers SNMP trap receivers Syslog servers Client and Session Parameter Supported Value Authenticated and associated cli- ents per radio Clients who are authenticated but... - Page 19 Autonegotiation with a 3Com switch that supports Smart Auto-Sensing may result in a 10Mbps link. (18325) If a WX1200 switch is attached to a 3Com switch that supports Smart Auto-Sensing, and autonegotiation is enabled at both ends of the link, the connection may be down-rated to a 10 MBPs full-duplex link on initial boot-up of the WX1200.
- Page 20 Set the FDB timer (default 300 seconds) and the ARP timer (default 1200 seconds) to the same values on the WX switches. 3Com recommends using 300 sec- onds as the value for both timers. To set the FDB timer, use the set fdb agingtime command. To set the ARP timer, use the set arp agingtime command.
- Page 21 time. This can occur if the DHCP server that responds to the DHCP request after the second reboot is not the same server that responded to the first request. This issue does not prevent the MAP from operating normally but can make managing the MAP more diffi- cult if the address the MAP receives the second time is not predictable.
- Page 22 LAN S IRELESS WITCH AND ONTROLLER To restore the intended configuration, restart the switch. SSL connections to a WX switch from 3WXM or Web Manager can occasionally fail. (17772) If this issue occurs, MSS generates log messages such as the following: HTTPD Jan 12 00:58:16.807601 ERROR HTTPD: ssl accept error = SSL_ERROR_SYSCALL HTTPD Jan 12 00:58:16.828923 ERROR HTTPD: SSL...
- Page 23 Web Manager—access using Netscape or Mozilla SSL can stop working. (15675) If you use Netscape or Mozilla to access Web Man- ager, the connection can stop working. Generally, this occurs only after many days of use. When this occurs, the WX generates TCP_SSL log messages. This issue does not occur with Internet Explorer.
- Page 24 LAN S IRELESS WITCH AND ONTROLLER This issue is cosmetic only and does not invalidate the information in the other lines of the display. SNMP—The ClientAuthServerIp element in the authorization success trap (ClientAuthorizationSuccessTraps) is not in dotted decimal format. (18411) AAA and RADIUS Issues WX switch can restart when a last-resort user configured on a wired authentication port...
- Page 25 CLI allows set authentication dot1x command with invalid combination of pass-through and local options. (15562) The CLI allows you to enter a command such as the following: set authentication dot1x ssid any * pass-through local The pass-through and local AAA methods are mutu- ally exclusive.
- Page 26 LAN S IRELESS WITCH AND ONTROLLER Deleting a user group or MAC user group does not delete membership from its members. (14833) If you type the clear usergroup or clear mac-user- group command to delete a user group or MAC user group, the display aaa command shows that the user group is gone.
- Page 27 Web AAA client who fails authorization does not receive a failure message. (17901) If a user attempts to log in to the network on a Web AAA login page served by the WX switch, but fails authorization, the user does not receive a message indicating that they have been denied access.
- Page 28 Unless otherwise indicated, 3Com registered trademarks are registered in the United States and may or may not be registered in other countries. 3Com is a registered trademark of 3Com Corporation. The 3Com logo is a trademark of 3Com Corporation. Mobility Domain, Mobility Point, Mobility Profile, Mobility System, Mobility System Software, MP, MSS, and SentrySweep are trademarks of Trapeze Networks, Inc.