Nortel 2350 Installation And Basic Configuration Manual
  1. Manuals
  2. Brands
  3. Nortel Manuals
  4. Switch
  5. 2350
  6. Installation and basic configuration manual
Nortel 2350 Installation And Basic Configuration Manual

Nortel 2350 Installation And Basic Configuration Manual

Wlan-security switch 2300 series
Hide thumbs Also See for 2350:
Table of Contents

Advertisement

Quick Links

Download this manual See also: Reference Manual, Configuration Manual
WLAN—Security Switch 2300 Series
Installation and Basic Configuration
Guide
*320655-A*
Part No. 320656-A
July 2005
4655 Great America Parkway
Santa Clara, CA 95054

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the 2350 and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for Nortel 2350

Summary of Contents for Nortel 2350

  • Page 1 Part No. 320656-A July 2005 4655 Great America Parkway Santa Clara, CA 95054 WLAN—Security Switch 2300 Series Installation and Basic Configuration Guide *320655-A*...

  • Page 2: Restricted Rights Legend

    In the interest of improving internal design, operational function, and/or reliability, Nortel Inc. reserves the right to make changes to the products described in this document without notice. Nortel Inc. does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.

  • Page 3: Legal Information

    . Exchange Products not returned to Nortel will be invoiced at full Product list prices. Replacement Products may be new, reconditioned or contain refurbished materials. In connection with any warranty services here- under, Nortel may in its sole discretion modify the Product at no cost to you to improve its reliability or performance.
  • Page 4 Products at its then-prevailing repair rates. The limited warranty for the Product does not apply if, in the judgment of Nortel , the Product fails due to damage from shipment, handling, storage, accident, abuse or misuse, or it has been used or maintained in a manner not conforming to Product manual instructions, has been modified in any way, or has had any Serial Number removed or defaced.
  • Page 5 SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS. Trademarks and Service Marks Nortel, and the Nortel logo are registered trademarks, and management software is a trademark of Nortel All other trademarks belong to their respective holders. FCC Statements for WLAN—Security Switches (23x0) This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules.
  • Page 6 20 cm (8 in.) from all persons. Using higher gain antennas and types of antennas not covered under the FCC certification of this product is not allowed. Installers of the radio and end users of the Nortel 2300 Series must adhere to the installation instructions provided in this manual.

  • Page 7: Table Of Contents

    How to get Help ..........11 Getting Help from the Nortel Web site ......11 Getting Help over the phone from a Nortel Solutions Center .
  • Page 8 Web Quick Start (2350 and 2360 Only) ....... . .
  • Page 9 Displaying and Saving the Configuration ....... 124 Configuring a 2350 Switch for a Branch Office....125 Branch Office Network Example .
  • Page 10 Requirements for AP Access Points ....... 128 Requirements for the 2350 Switch ....... . 129 Network Requirements .

  • Page 11: How To Get Help

    To access some Nortel Technical Solutions Centers, you can use an Express Routing Code (ERC) to quickly route your call to a specialist in your Nortel product or service. To locate the ERC for your product or service, go to: http://www.nortel.com/erc...
  • Page 12 12 How to get Help 320656-A...

  • Page 13: Introducing The Nortel Wlan 2300 System

    Nortel WLAN 2300 System ........

  • Page 14: Configuration And Management

    WLAN with the WLAN Management Software tool suite. Read this guide to learn how to plan wireless services, how to configure and deploy Nortel equipment to provide those services, and how to optimize and manage your WLAN.

  • Page 15: Safety And Advisory Notices

    Introducing the Nortel WLAN 2300 System 15 Safety and Advisory Notices The following kinds of safety and advisory notices appear in this manual. For translations of the warning conventions and of all warnings in this manual, see Appendix , “Translated Warning Conventions and Warnings,” on page 161.

  • Page 16: Text And Syntax Conventions

    16 Introducing the Nortel WLAN 2300 System Text and Syntax Conventions Nortel manuals use the following text and syntax conventions: Convention Monospace text Sets off command syntax or sample commands and system responses. Bold text Highlights commands that you enter or items you select.

  • Page 17: Wlan-Security Switch Overview

    A Nortel WLAN—Security Switch (WSS) provides mobility and authentication, authorization, and accounting (AAA) services for wireless or wired users. A WSS also controls the operation of Nortel Access Point (AP) access points, which control and manage IEEE 802.11 operation over the air.

  • Page 18: Wss Model Numbers

    WSS model numbers. Table 1: WSS Model Numbers Model Port Configuration Power Supply Configuration 2350 Two 10/100BASE-TX Ethernet ports One 100-150 VAC autosensing AC power supply Port 1 provides an uplink to the network. Port 2 supports Power over Ethernet (PoE) and provides direct connection to an AP access point.

  • Page 19: Hardware Features

    WLAN—Security Switch Overview 19 Hardware Features 2350 Switch A 2350 switch is compact and can be installed on a tabletop. Figure 1 shows a front view and the external hardware features of an 2350 switch. Figure 1. Nortel 2350 Switch—Front View...

  • Page 20: 2370 Switch

    A WSS-2370 is two rack units (RUs) high and can be installed in a standard 48.26-cm (19-inch) equipment rack or on a tabletop. Figure 2 shows a front view of a 2370 switch. Figure 2. Nortel WSS-2370 Switch—Front View 44.2 cm (17.4 inches) 46.23 cm (18.2 inches) 8.81 cm...
  • Page 21 WLAN—Security Switch Overview 21 Figure 4 shows the external hardware features of a WSS-2370. Figure 4. WSS-2370—Front Panel Control Features Serial Flash Eject Mgmt Power Power Restart console port card slot button supply LED supply switch Mgmt Console 100-240V 50/60 Hz 8A MAX Link Link...

  • Page 22: 2360 Switch

    A 2360 switch is one RU high and also can be installed in a standard 48.26-cm (19-inch) equipment rack or on a tabletop. Figure 5 shows a front view of a WSS-2360. Figure 5. Nortel WSS-2360—Front View 44.2 cm (17.4 inches) 25.6 cm (10.8 inches) 4.4 cm...

  • Page 23: 2380 Switch

    WLAN—Security Switch Overview 23 2380 Switch A 2380 switch is two rack units (RUs) high and can be installed in a standard 48.26-cm (19-inch) equipment rack or on a tabletop. The dimensions of an 2380 switch are the same as the dimensions of a 2370 switch. (See Figure Figure 7 shows a front view of a 2380 switch and identifies the external hardware features.

  • Page 24: Management Features

    Do not attempt to restart a configured 2350 by pressing its factory reset switch! On an 2350 that is fully booted, the factory reset switch erases the configuration. If you do accidentally press the factory reset switch and erase the configuration, you can use the Web Quick Start to reconfigure the switch.

  • Page 25: Power Features

    A 2360 switch contains either one or two 100-120 VAC / 200-240 VAC autosensing AC power supplies. The 2360 power supplies are fixed-configuration supplies and cannot be inserted or removed. A 2350 switch uses an external power supply, which comes with the switch. WLAN—Security Switch 2300 Series Installation and Basic Configuration Guide...

  • Page 26: Network Interfaces

    RJ-45 connector and uses Category 5 (Cat 5) cable based on the EIA/TIA-586 standard. On the 2350, port 2 can be configured for AP access points and can support Power over Ethernet (PoE). Port 1 is an uplink port only and does not support PoE.

  • Page 27: Status Leds

    WLAN—Security Switch Overview 27 Status LEDs The WSSs have LEDs that indicate port, power, and CPU status. 2360, 2380, and 2370 LEDs Table 2 lists the LEDs for models 2370, 2360, and 2380. Table 2: WSS Status LEDs—2370, 2360, 2380 Appearance Meaning Mgmt...
  • Page 28 PoE problem. Unlit Port is not configured as an AP access port, or PoE is off. 2350 LEDs Figure 8 on page 28 shows the locations of the 2350 LEDs. Table 3 describes the LEDs. Figure 8. 2350 LEDs Factory Reset...
  • Page 29 WLAN—Security Switch Overview 29 Table 3: WSS Status LEDs—2350 (continued) Appearance Meaning Link Solid green 100-Mbps link is operational. (ports 1 and 2) Solid amber 10-Mbps link is operational. Blinking green Traffic is active on the 100-Mbps link. Blinking amber Traffic is active on the 10-Mbps link.

  • Page 30: Software Features

    30 WLAN—Security Switch Overview Software Features WLAN 2300 System Software (WSS Software) provides a combination of standard wired LAN features and wireless LAN features that enable you to integrate the switch into your wired network and provide network access for wired or wireless users. 320656-A...

  • Page 31: Management Features

    • WLAN Management Software management application—WLAN Management Software is an extensive GUI application for planning, configuring, deploying, and managing a Nortel network and its users. WLAN Management Software uses Secure Sockets Layer protocol (SSL) to interact with WSS Software. •...

  • Page 32: Layer 2 Switching Features

    32 WLAN—Security Switch Overview Layer 2 Switching Features • Spanning Tree Protocol (STP)—WSS Software supports Per-VLAN Spanning Tree (PVST+). PVST+ allows a separate spanning tree in each virtual LAN (VLAN). Optional fast convergence features allow you to quickly resume traffic forwarding after a topology change. •...

  • Page 33: Ip Services

    WLAN—Security Switch Overview 33 IP Services • IP interfaces—You can configure an IP interface for each VLAN. • IP ping and traceroute—You can test IP connectivity between the WSS and other devices. • Domain Name Service (DNS)—You can configure the switch to use DNS servers for name resolution. You also can configure a default domain name to append to hostnames.

  • Page 34: Authentication, Authorization, And Accounting

    34 WLAN—Security Switch Overview Authentication, Authorization, and Accounting • 802.1X—A WSS can authenticate users based on 802.1X protocols. Based on authentication, users are assigned VLAN membership, access control, and roaming boundaries. • MAC authentication—If a device does not support 802.1X, you can configure authentication based on the source MAC address to assign VLAN membership, access control, and roaming boundaries.

  • Page 35: Roaming

    WLAN—Security Switch Overview 35 Roaming • AP access point roaming—You can configure the WSS to allow users to roam from one AP access point to another on the same WSS. • Mobility Domain™ roaming—You also can configure a group of WSSs to allow users to roam from one switch to another.

  • Page 36: Rf Management

    36 WLAN—Security Switch Overview RF Management • Auto-RF—WSS Software can automatically assign channels and power settings to AP access points based on RF information collected from the network. • Radio frequency (RF) topology—With WLAN Management Software , you can verify site coverage and capacity. •...

  • Page 37: Installing And Connecting A Wlan-Security Switch

    2370 switch. The contents of a 2360 or 2380 shipping carton are similar. The 2350 carton contains the switch, a power supply and cord, rubber feet, a documentation pack, and release notes.

  • Page 38: Installation Requirements And Recommendations

    Place the packing materials back in the carton and save the carton. Verify that you received each item in the previous list. If any item is missing or damaged, contact Nortel. Installation Requirements and Recommendations For best results, follow these requirements and recommendations before installing a WSS.

  • Page 39: Wlan Management Software Network Plan

    If you are using WLAN Management Software to plan your Nortel Mobility System installation, Nortel recommends that you create and verify a network plan for the entire Nortel network installation before installing WSSs or AP access points. A network plan provides the following information: •...

  • Page 40: Cable Requirements

    40 Installing and Connecting a WLAN—Security Switch Cable Requirements Warning! The gigabit Ethernet fiber-optic interfaces use Class 1 lasers. To reduce the risk of eye injury, do not stare into the interface or otherwise direct the laser beam into your eye. (For translations of this warning, see “Laser Warning”...

  • Page 41: Ap Cable Requirement

    Installing and Connecting a WLAN—Security Switch 41 Table 5: Ethernet Interfaces (continued) Connector Link Type Cable Type Maximum Distance Type 1000BASE-LX Single mode 9/10-µm fiber 10,000 m (32,808.4 feet) Multimode 50-µm fiber 550 m (1804.5 feet) Multimode 62.5-µm fiber 550 m (1804.5 feet) 1000BASE-TX Cat 5 copper RJ-45...

  • Page 42: Installation Hardware And Tools

    42 Installing and Connecting a WLAN—Security Switch 1000BASETX Gigabit Ethernet Cable Wiring Use Cat 5 Enhanced (Cat 5E) or better cable. 1000BASE-TX uses all 8 wires in the cable. The wiring can be straight-through or crossover. The port automatically configures its pin signals accordingly. Note.

  • Page 43: Equipment Rack Installation

    WSS-2370 and 2380 mounting brackets support either front or center mounting. The 2360 mounting brackets support front mounting only. The 2350 switch does not have rack mounting brackets but can be installed on a tabletop. To install a WSS, use one of the following procedures.
  • Page 44 44 Installing and Connecting a WLAN—Security Switch Figure 10. WSS-2370 or 2380 Installation—Front-Mount Equipment Rack First, attach brackets to chassis. Then, install chassis into rack. 320656-A...
  • Page 45 Reinsert the screws to secure the brackets to the WSS. Repeat for the other bracket. Warning! Nortel recommends that you ask someone to assist you with the remaining steps. If you accidentally drop the WSS, you can be injured and the switch can be damaged. (For translations of this warning, see “Rack Installation Warnings”...

  • Page 46: Tabletop Installation

    Use the following procedures to install a second power supply or replace a failed power supply. (You cannot insert or remove power supplies in a 2360 switch.) Note. To attach the power supply to an 2350, see “Powering On a 2350” on page 320656-A...

  • Page 47: Installing A New Power Supply

    Installing and Connecting a WLAN—Security Switch 47 Installing a New Power Supply If you are replacing a failed power supply and have not already removed it from the WSS, go to “Replacing a Power Supply” on page If you are installing a new power supply in an unused slot, loosen the thumbscrew with a #2 Phillips-head screwdriver and remove the cover plate.

  • Page 48: Powering On A Wss

    48 Installing and Connecting a WLAN—Security Switch Figure 13. Removing a Power Supply from an 2370 or 2380 Switch Loosen thumbscrew Place your other hand under the supply to support it and remove the supply the rest of the way out of the slot.

  • Page 49: Powering On A 2350

    Figure 14 shows how to install a serial cable on a 2370 switch. The procedure is the same on an 2360, 2380, or 2350 switch. Refer to this figure as you perform the procedure. (For cable requirements, see “Serial Console Cable”...
  • Page 50 50 Installing and Connecting a WLAN—Security Switch Figure 14. Serial Cable Installation Serial port Serial cable Serial port on computer To connect a PC to the serial console port: Insert the serial cable into the PC port as shown in Figure Insert the other end of the cable into the serial console port on the WSS as shown in Figure...

  • Page 51: Troubleshooting A Serial Management Connection

    Installing and Connecting a WLAN—Security Switch 51 Troubleshooting a Serial Management Connection Verify that the WSS is powered on. Verify that the serial cable is fully inserted in the PC and WSS ports. Verify that the correct modem settings are configured in the terminal emulation application: ●...
  • Page 52 52 Installing and Connecting a WLAN—Security Switch Figure 15 shows how to install a Cat 5 cable for a 10/100 Ethernet port. Refer to this figure as you perform the procedure. Figure 15. 10/100 Cat 5 Cable Installation Ethernet port Ethernet cable AP, switch, server (Cat 5 cable)
  • Page 53 Installing and Connecting a WLAN—Security Switch 53 AP LED Appearance Meaning Solid green For an AP access point’s active link, with PoE enabled, all the following are true: • AP access point has booted. • AP access point has received a valid configuration from the WSS.

  • Page 54: Connecting To Gigabit Ethernet Devices

    54 Installing and Connecting a WLAN—Security Switch Connecting to Gigabit Ethernet Devices Warning! The gigabit Ethernet fiber-optic interfaces use Class 1 lasers. To reduce the risk of eye injury, do not stare into the interface or otherwise direct the laser beam into your eye. (For translations of this warning, see “Laser Warning”...
  • Page 55 Installing and Connecting a WLAN—Security Switch 55 Figure 17. GBIC Removal from 2370 Switch Squeeze the lock clips to release GBIC. To install a GBIC: Insert the GBIC into a GBIC slot on the front panel until it clicks into place. Remove the protective covering(s) from the port connector(s) and set them aside in a safe place for later use.
  • Page 56 56 Installing and Connecting a WLAN—Security Switch 320656-A...

  • Page 57: Wss Setup Methods

    Web Quick Start (2350 and 2360 Only) ........

  • Page 58: Wlan Management Software

    Drop ship—On model 2350 only, you can press the factory reset switch during power on until the right LED above port 1 flashes for 3 seconds. Activating the factory reset causes the 2350 to bypass the Web Quick Start and request its configuration from WLAN Management Software instead.

  • Page 59: How A Wlan-Security Switch Gets Its Configuration

    Is auto-config using its displays a configuration? enabled? configuration file. CLI prompt. Switch contacts Was factory reset Model WSS-2350? pressed during to request power on? configuration. Web Quick Start Model WSS-2360? is enabled. Boots with no configuration. You must use the CLI to start configuring the switch.

  • Page 60: Web Quick Start (2350 And 2360 Only)

    The Web Quick Start application is accessible only on unconfigured switches. Note. The Web Quick Start application is supported only on switch models 2350 and 2360. After you finish the Web Quick Start, it will not be available again unless you clear (erase) the switch’s configuration.

  • Page 61: Accessing The Web Quick Start

    If the green power LED is lit, the switch is receiving power. Note. If you are configuring an 2350, do not press the factory reset switch during power on. Pressing this switch on an unconfigured switch causes the switch to attempt to contact a WLAN Management Software server instead of displaying the Web Quick Start.
  • Page 62 62 WSS Setup Methods Click Next to begin. The wizard screens guide you through the configuration steps. Caution! Use the wizard’s Next and Back buttons to navigate among the wizard pages. Do not use the browser’s navigation buttons. After guiding you through the configuration, the wizard displays a summary of the configuration values you selected.

  • Page 63: Cli Quickstart Command

    The switch is ready for operation. You do not need to restart the switch. Caution! On a 2350, do not press the factory reset switch! On an 2350 that is fully booted, the factory reset switch erases the configuration. If you do accidentally press the factory reset switch and erase the configuration, you can use the Web Quick Start to reconfigure the switch.

  • Page 64: Quickstart Example

    64 WSS Setup Methods • EAP (802.1X) key pair and self-signed certificate (generated if you type usernames and passwords for users of encrypted SSIDs) • Web-based AAA key pair and self-signed certificate (generated if you type usernames and passwords for users of unencrypted SSIDs) The command automatically places all ports that are not used for directly connected AP access points into the default VLAN (VLAN 1).
  • Page 65 WSS Setup Methods 65 • System IP address: 10.10.10.4, on IP interface 10.10.10.4 255.255.255.0 Note. The quickstart script asks for an IP address and subnet mask for the system IP address, and converts the input into an IP interface with a subnet mask, and a system IP address that uses that interface.
  • Page 66 66 WSS Setup Methods Figure 19. Single-Switch Deployment WSS-2270-Corp Backbone Internet 10.10.10.4 Console Port Port Corporate resources alan user2 user1 2370-aabbcc# quickstart This will erase any existing config. Continue? [n]: y Answer the following questions. Enter '?' for help. ^C to break System Name [2370]: 2370-Corp Country Code [US]: US System IP address []: 10.10.10.4...

  • Page 67: Remote Wss Configuration

    The drop ship option is supported only for the 2350. The staged option is supported for all switch models. Both options require WLAN Management Software Services. If you know a switch’s serial number, you can create a complete configuration for the switch in WLAN Management Software .

  • Page 68: How Remote Wss Configuration Works

    Services are installed. The person at the remote office powers on the 2350, and inserts a paperclip or similar object into the 2350’s factory reset hole to press the factory reset switch. Normally, the factory reset LED (the right LED above port 1) remains solidly lit for 3 seconds after power on.

  • Page 69: Staged Wss

    DHCP client on VLAN 1 enabled The 2350 uses the DHCP client to obtain an IP configuration from a local DHCP server. After obtaining an IP configuration, the switch sends a DNS query for the IP address of well-known hostname wlan-config-srv.

  • Page 70: Staging A Wss For Configuration By Wlan Management Software

    The auto-config option must be enabled on a WSS in order for the switch to try to contact WLAN Management Software Services for configuration. The auto-config option is automatically enabled on an unconfigured 2350 when the factory reset switch is pressed during power on. However, auto-config is disabled by default on other models.
  • Page 71 WSS Setup Methods 71 Enable the DHCP client on VLAN 1: 2361# set interface 1 ip dhcp-client enable success: change accepted. Enable the auto-config option: 2361# set auto-config enable success: change accepted. Create a self-signed administrative certificate, to enable the WSS to communicate with WLAN Management Software : 2360# crypto generate key admin 1024 key pair generated...
  • Page 72 72 WSS Setup Methods Configure a default route through the local gateway: 2361# set ip route default 192.168.1.1 0 success: change accepted. Configure the default DNS domain name: 2361# set ip dns domain example.com Domain name changed Configure an IP alias to map the WLAN Management Software server IP address to the well-known name wlan-config-srv: 2361# set ip alias wlan-config-srv 172.16.22.84 Enable the auto-config option:...
  • Page 73 WSS Setup Methods 73 Configure a VLAN: 2361# set vlan 1 port 7 success: change accepted. Configure an IP interface on the VLAN. 2361# set interface 1 ip 192.168.1.252 255.255.255.0 success: change accepted. Configure a default route through the local gateway: 2361# set ip route default 192.168.1.1 0 success: change accepted.
  • Page 74 74 WSS Setup Methods -----END CERTIFICATE----- Save the configuration changes: 2361# save config success: configuration saved. Example 4: Deployment Site Has DHCP But Local DNS Domain Differs From Corporate DNS Domain The deployment site in this example has a DHCP server, so the switch’s DHCP client is enabled. Static IP address and default gateway information are not required.

  • Page 75: Wlan Management Software Requirements

    The WLAN Management Software Services option to always accept self-signed certificates must be enabled. This is required if you are using the drop-ship option with an 2350, or you have staged any model switch with a self-signed certificate. (This option is disabled by default.) •...
  • Page 76 Leave WLAN Management Software Services running, with the network plan open. When the switch is powered on at the remote site (and the factory reset switch is pressed, if an 2350), the switch contacts WLAN Management Software Services to request a configuration.

  • Page 77: Opening The Quickstart Network Plan In Wlan Management Software

    QuickStart—Contains a two-floor building with two WSSs and two AP access points on each switch. Each switch and its APs provide coverage for a floor. The Nortel equipment is configured to provide both clear (unencrypted) and secure (802.1X) wireless access.
  • Page 78 78 WSS Setup Methods 320656-A...

  • Page 79: Configuring A 2370, 2360, Or 2380 Switch For Basic Service

    Configuring a 2370, 2360, or 2380 Switch for Basic Service Note. Use this chapter for setting up a 2370, 2360, or 2380. To set up a 2350, see Chapter , “Configuring a 2350 Switch for a Branch Office,” on page 125. To quickly perform...

  • Page 80: Accessing The Cli

    80 Configuring a 2370, 2360, or 2380 Switch for Basic Service Accessing the CLI To enter the configuration commands in this chapter, you must log in to the enabled access level of the CLI. The default username and password are null strings. To log in from the serial console to the enabled access level for configuration: Press Enter to display a username prompt.
  • Page 81 124.) Figure 21 shows the Nortel network configured by the command examples in this chapter. All CLI configura- tion examples in this chapter apply to the WSS named WSS1. In most cases, the examples are valid for WSS models 2360, 2370, and 2361. The exception is that the 2380 switch supports Distributed AP access points only.

  • Page 82: Configuring An Enable Password

    WSS Software does not require you to change the enable password from the default (null string). However, Nortel recommends that you configure an enable password to provide at least minimal security to the WSS before you proceed to more advanced configuration options.

  • Page 83: Configuring The Time And Date

    Specify the IP address of a Network Time Protocol (NTP) server or statically set the time and date. Note. Nortel recommends that you set the time and date parameters before you install certificates on the WSS. Generally, certificates are valid for one year beginning with the system time and date that are in effect when you generate the certificate request.
  • Page 84 84 Configuring a 2370, 2360, or 2380 Switch for Basic Service To verify the changes, use the following commands: show timezone show summertime show timedate show ntp The following commands configure the timezone as PST (Pacific Standard Time) with an offset of -8 hours from UTC and enable the standard summertime offset and name it PDT (Pacific Daylight Time).

  • Page 85: Configuring Ip Connectivity

    Configuring a 2370, 2360, or 2380 Switch for Basic Service 85 Configuring IP Connectivity To configure IP connectivity: Configure a VLAN, assign a port to the VLAN that can provide IP connectivity through the network for administrative purposes, and configure an IP address on the VLAN. (See “Configuring VLANs and IP Addresses”...
  • Page 86 The default VLAN listed in the sample show vlan output is present in a WSS’s configuration by default but does not contain any ports unless you add them. Nortel recommends that you do not use the default VLAN (VLAN 1) for user traffic or rename the default VLAN.

  • Page 87: Configuring A Default Route

    Configuring a 2370, 2360, or 2380 Switch for Basic Service 87 Configuring a Default Route If WLAN Management Software or Web View and a WSS are in different subnets, you need to configure a default route on the WSS. To configure a default route, use the following command: set ip route default gateway metric To verify the change, use the following command: show ip route...

  • Page 88: Enabling Secure Communication For Wlan Management Software Or Web View

    88 Configuring a 2370, 2360, or 2380 Switch for Basic Service 64 bytes from 10.10.20.19: icmp_seq=2 ttl=255 time=0.628 ms 64 bytes from 10.10.20.19: icmp_seq=3 ttl=255 time=0.676 ms 64 bytes from 10.10.20.19: icmp_seq=4 ttl=255 time=0.619 ms 64 bytes from 10.10.20.19: icmp_seq=5 ttl=255 time=0.608 ms --- 20.20.20.1 ping statistics --- 5 packets transmitted, 5 packets received, 0 errors, 0% packet loss Enabling Secure Communication for WLAN...
  • Page 89 Configuring a 2370, 2360, or 2380 Switch for Basic Service 89 Figure 22. Secure WLAN Management Software Communication Using CA Certificates Certificate authority Router 10.10.10.19/24 VLAN 2 mgmt Port 5 WSSwitch 10.10.10.4/24 Server certificate Certificate authority certificate WLAN—Security Switch 2300 Series Installation and Basic Configuration Guide...

  • Page 90: Installing A Certificate

    90 Configuring a 2370, 2360, or 2380 Switch for Basic Service Installing a Certificate To manage a WSS, WLAN Management Software or a Web browser using Web View must be able to authen- ticate the switch and establish an encrypted session to it. This requires the switch to have a server certificate. Use one of the following methods to enable secure communication between WLAN Management Software or Web View and a WSS: •...
  • Page 91 You can configure WLAN Management Software to always accept self-signed certificates from WSSs. (For more information, see the Nortel WLAN Management Software Reference Manual.) Installing a Certificate Assigned by a Certificate Authority You can install a WSS certificate assigned by a CA in one of the following ways: •...

  • Page 92: Email Address

    92 Configuring a 2370, 2360, or 2380 Switch for Basic Service These commands copy the PKCS #12 object file from a TFTP server to the WSS, configure a one-time password, and install the PKCS #12 object file. The password allows the public-private key pair and the certificate to be installed together from the same object file.
  • Page 93 Configuring a 2370, 2360, or 2380 Switch for Basic Service 93 After the prompt, copy and paste the PKCS #7 object file into the CLI. For example: 2370# crypto certificate admin Enter PEM-encoded certificate -----BEGIN CERTIFICATE----- MIIGDDCCBbagAwIBAgIKFrJ2aAAAAAAAnDANBgkqhkiG9w0BAQUFADCBm zErMCkG CSqGSIb3DQEJARYcYWRtaW5pc3RyYXRvckB0cmFwZXplc3FhLmNvbTELM AkGA1UE bDQNTaS4W0ytUGuJm1RjyA== -----END CERTIFICATE----- Note.

  • Page 94: Installing A Server Certificate For Network Users

    Note. If you use an authentication protocol that uses EAP-TLS on the WSS, users also need certificates. (For more information, see the Nortel Mobility System Software Configuration Guide.) The command syntax for installing certificates for management by WLAN Management Software or Web View and installing certificates for network users is very similar.

  • Page 95: Generating A Self-Signed Certificate For Network Users

    Configuring a 2370, 2360, or 2380 Switch for Basic Service 95 Generating a Self-Signed Certificate for Network Users As an alternative to using a certificate assigned by a CA, you can generate a self-signed certificate on the WSS. To use a self-signed certificate, use the following commands: crypto generate key eap {1024 | 2048} crypto generate self-signed eap The common name is required.
  • Page 96 96 Configuring a 2370, 2360, or 2380 Switch for Basic Service After you submit the certificate request to a CA and receive a signed certificate from the CA as a PKCS #7 object file, install the certificate into the WSS’s certificate and key store: Open the PKCS #7 object file with an ASCII text editor (such as Notepad).

  • Page 97: Displaying Certificate Information For Network Users

    Configuring a 2370, 2360, or 2380 Switch for Basic Service 97 -----END CERTIFICATE----- Displaying Certificate Information for Network Users Use the following command to display certificate information for network users: show crypto certificate eap Enabling and Logging Into Web View Use the procedure in this section if you plan to use Web View to continue configuring the switch.

  • Page 98: Specifying The Country Of Operation

    98 Configuring a 2370, 2360, or 2380 Switch for Basic Service Specifying the Country of Operation You must specify the country in which you plan to operate the WSS and its AP access points. WSS Software does not allow you to configure or enable the AP access point radios until you specify the country of operation. Note.

  • Page 99: Country Code

    Configuring a 2370, 2360, or 2380 Switch for Basic Service 99 Table 8: Country Codes (continued) Country Code Japan Liechtenstein Luxembourg Malaysia Mexico Netherlands New Zealand Norway Poland Portugal Saudi Arabia Singapore Slovakia Slovenia South Africa South Korea Spain Sweden Switzerland Taiwan Thailand...

  • Page 100: Specifying A System Ip Address

    You can designate one of the IP addresses configured on a WSS’s VLAN to be the system IP address of the switch. The system IP address provides a common IP interface and source IP address for some Nortel manage- ment and Mobility Domain operations. The system IP address is required by some features, including roaming.

  • Page 101: Configuring For Authenticating Users

    A Distributed AP is a leaf device. You do not need to enable STP on the port that is directly connected to the AP. If Spanning Tree Protocol (STP) is enabled on the port that is directly connected to a Distributed AP, Nortel recommends that you enable port fast convergence (called PortFast on some vendors’...

  • Page 102: Configuring Aps For Wireless Users

    102 Configuring a 2370, 2360, or 2380 Switch for Basic Service success: change accepted Configuring APs for Wireless Users A wireless user makes a wireless connection through an AP to the WSS. The user must authenticate before connecting to the network. To allow wireless users, you must configure the WSS to support an AP. To prepare an AP access point for use, perform the following tasks, in this order: Configure the WSS for the AP access it will be supporting and enable Power over Ethernet (PoE) if required.

  • Page 103: Distributed Ap Network Requirements

    AP4 is dual-homed. It has two connections, both through an intermediate Layer 2 network to WSS1. WSS1 needs a Distributed AP configuration in order to boot and configure AP4. For more information on resiliency options for connecting APs to WSSs, see the “Configuring AP Access Points” chapter of the Nortel WLAN 2300 Series System Software Configuration Guide.
  • Page 104 Power—PoE must be provided on one of the Ethernet connections to the AP. Be sure to utilize a PoE injection device that has been tested by Nortel. Providing PoE on both of the Ethernet connections (if the AP has two) allows for redundant PoE.
  • Page 105 Configuring a 2370, 2360, or 2380 Switch for Basic Service 105 After the AP contacts the WSS, the WSS relays information about WSSs in the network that contain a Distributed AP configuration specific to that Distributed AP. Caution! Do not enable PoE on network ports unless you intend to power a third-party device.

  • Page 106: Configuring For A Distributed Ap

    106 Configuring a 2370, 2360, or 2380 Switch for Basic Service To verify the configuration changes, use the following commands. Use show ap config for directly connected APs and use show dap config for Distributed APs. (See “Displaying Radio Configuration Information” on page 114 for an example.) show ap config [port-list [radio {1 | 2}]]...
  • Page 107 Distributed APs when they boot using the WSS. For information, see the “Configuring a Template for Automatic AP Configuration” section of the “Configuring AP Access Points” chapter in the Nortel Mobility System Software Configuration Guide. The following example configures connections for two Distributed APs that are indirectly connected to the WSS.

  • Page 108: Configuring A Service Profile

    For Distributed APs configured on other WSSs, a hyphen ( - ) is displayed in the DAP field. The bias determines the WSS a Distributed AP prefers for booting, configuration, and data transfer. (For infor- mation about bias and how to configure it, see the Nortel WLAN 2300 System Software Configuration Guide.) Configuring a Service Profile A service profile controls advertisement and encryption for an SSID.
  • Page 109 Configuring a 2370, 2360, or 2380 Switch for Basic Service 109 Table 9.Defaults for Service Profile Parameters Radio Behavior When Default Parameter Parameter Set To Default Value Value auth-dot1x enable When the Wi-Fi Protected Access (WPA) information element (IE) is enabled, uses 802.1X to authenticate WPA clients.
  • Page 110 110 Configuring a 2370, 2360, or 2380 Switch for Basic Service Table 9.Defaults for Service Profile Parameters (continued) Radio Behavior When Default Parameter Parameter Set To Default Value Value tkip-mc-time 60000 Uses Michael countermeasures for 60,000 ms (60 seconds) following detection of a second MIC failure within 60 seconds.
  • Page 111 Note. Nortel recommends that you do not use the name default. WSS Software already contains a radio profile named default. (For information about the default radio profile, see the Nortel 2300 Series System Software Configuration Guide.)
  • Page 112 112 Configuring a 2370, 2360, or 2380 Switch for Basic Service Table 10.Defaults for Radio Profile Parameters (continued) Radio Behavior When Default Parameter Parameter Set To Default Value Value long-retry Sends a long unicast frame up to five times without acknowledgment. max-rx-lifetime 2000 Allows a received frame to stay in the...
  • Page 113 Configuring a 2370, 2360, or 2380 Switch for Basic Service 113 • External antenna model—internal antenna used by default (except the MP-262, which uses ANT1060 by default) Note. The channel and power defaults listed above apply only when Auto-RF is disabled.

  • Page 114: Configuring Mobility Domain Parameters

    114 Configuring a 2370, 2360, or 2380 Switch for Basic Service The following command applies radio profile rp1 to radio 2 on AP access ports 1, 2, and 4 and on Distributed AP 1 and enables the radios: 2370# set ap 1,2,4 radio 2 radio-profile rp1 mode enable success: change accepted.

  • Page 115: Configuring The Seed

    Configuring a 2370, 2360, or 2380 Switch for Basic Service 115 Configuring the Seed To configure the current WSS to be the seed of a Mobility Domain, use the following commands: set mobility-domain mode seed domain-name mob-dom-name To specify the WSSs that are members of the Mobility Domain, use the following command: set mobility-domain member ip-addr Enter the system IP address of the member switch.

  • Page 116: Vlans And Users

    This section provides examples for configuring Protected EAP with Microsoft Challenge Handshake Authen- tication Protocol version 2 (PEAP-MS-CHAP-V2) authentication for 802.1X users, in pass-through and offload configurations. (For information about configuring other authentication types, see the Nortel WLAN 2300 System Software Configuration Guide.)

  • Page 117: Configuring Pass-Through Authentication

    Specify the VLAN name, not the VLAN number. The examples in this chapter assume the VLAN is assigned on a RADIUS server with either of the valid attributes. Other RADIUS attributes and VSAs are optional. (For information about Nortel VSAs, see the Nortel Mobility System Software Configuration Guide.)
  • Page 118 118 Configuring a 2370, 2360, or 2380 Switch for Basic Service Figure 24. Pass-Through User Authentication RADIUS server Router User WSSwitch User A Configuring RADIUS Servers for Pass-Through Authentication To configure WSS Software to use a RADIUS server, use the following command: set radius server {server-name} [address ip-addr] [auth-port port-number] [acct-port port-number] [timeout seconds] [retransmit number] [deadtime minutes] [key string] [author-password password]...
  • Page 119 Configuring a 2370, 2360, or 2380 Switch for Basic Service 119 success: change accepted. 2370# set radius server svr2 address 10.10.70.40 key rad2pword success: change accepted. 2370# set server group grp1 members svr1 svr2 success: change accepted. 2370# set server group grp1 load-balance enable success: change accepted.
  • Page 120 120 Configuring a 2370, 2360, or 2380 Switch for Basic Service Authentication Example for Users in a Windows Domain The following command configures an authentication rule for a set of users, known as a user glob, in a Microsoft Windows domain. The command configures all users in the EXAMPLE Windows domain to use any supported EAP type to communicate with EAP-capable RADIUS server group grp1, when attempting to access SSID private_wlan.

  • Page 121: Configuring Eap Offload With Server Authentication

    Configuring a 2370, 2360, or 2380 Switch for Basic Service 121 Configuring EAP Offload with Server Authentication You can configure a WSS to perform all EAP processing locally and use RADIUS servers for authentication and autho- rization. To configure a WSS to perform EAP processing locally and use RADIUS servers for MS-CHAP-V2: Install server certificates on the WSS.
  • Page 122 122 Configuring a 2370, 2360, or 2380 Switch for Basic Service Figure 25. Offload User Authentication Certificate authority RADIUS server Router User MS-CHAP-V2 WSSwitch Server certificate Certificate authority certificate User A Configuring RADIUS Servers for Offload Authentication (See “Configuring RADIUS Servers for Pass-Through Authentication” on page 118.) The commands for configuring a RADIUS server group are exactly the same for offload and pass-through user authentication.
  • Page 123 Configuring a 2370, 2360, or 2380 Switch for Basic Service 123 To verify the change, use the following command: show aaa The following command configures a WSS to authenticate users in the EXAMPLE Windows domain who request access to SSID private_wlan, by processing EAP locally on the WSS, and by using a RADIUS server in server group grp1 for MS-CHAP-V2 authentication and authorization: 2370# set authentication dot1x ssid private_wlan EXAMPLE\* peap-mschapv2 grp1 success: change accepted.

  • Page 124: Displaying And Saving The Configuration

    124 Configuring a 2370, 2360, or 2380 Switch for Basic Service Displaying and Saving the Configuration WSS Software immediately implements configuration changes by updating the device’s running configura- tion. The software does not automatically retain configuration changes after a software reboot or a power cycle.

  • Page 125: Configuring A 2350 Switch For A Branch Office

    Installing the 2350 Switch ........
  • Page 126 Group corpradius 10.10.40.28 - 29 The 2350 connects to the branch office’s local LAN subnet, and can communicate with the corporate LAN over the company’s VPN connection. The 2350 also can use corporate resources such as RADIUS servers, and can be centrally managed along with the rest of the Nortel network with WLAN Management Software .

  • Page 127: Installation Requirements

    VLANs. An 2350 can boot and manage up to three APs. One AP can be directly connected and can receive power from the 2350. Additional APs can be indirectly connected to the 2350 through the office LAN, in which case the APs are Distributed APs.

  • Page 128: Requirements For Ap Access Points

    • Power—The 2350 can provide Power over Ethernet (PoE) to one AP. If you plan to install more APs or you cannot attach the AP directly to the 2350, you will need another power source, such as a power injector or a third-party switch.

  • Page 129: Requirements For The 2350 Switch

    • Network connection—The 2350 requires a 10/100 Ethernet connection to the office LAN. • AC Power—The 2350 comes with an external power supply and a power cord for attachment to an AC power receptacle. Caution! Do not stack 2350 switches. Stacked 2350 switches can overheat and cause loss of equipment functionality or permanent damage.

  • Page 130: Network Requirements

    TFTP server, to install software upgrades. A TFTP server might also be required to install security certificates. • Access router, to provide users access to the Internet and to resources at the corporate office. To enable the 2350 to tunnel to the corporate office, VPN must be available on the access router.

  • Page 131: Configuration Parameters

    Configuring a 2350 Switch for a Branch Office 131 plan to use. After you gather this information, use the CLI commands listed in Table 12 on page 137 to configure the parameters on the 2350. Table 11: Configuration Parameter List...
  • Page 132 132 Configuring a 2350 Switch for a Branch Office Table 11: Configuration Parameter List (continued) Configuration Parameters Values 7. DNS server IP address IP address of the DNS server used by the other devices in the LAN 8. Default DNS domain name...
  • Page 133 Configuring a 2350 Switch for a Branch Office 133 Table 11: Configuration Parameter List (continued) Configuration Parameters Values 12. Service Set Identifier (SSID) name SSID name: Name of the wireless network in your local WLAN. Each SSID’s parameters are controlled by a service profile.
  • Page 134 134 Configuring a 2350 Switch for a Branch Office Table 11: Configuration Parameter List (continued) Configuration Parameters Values • AP serial number—Serial Serial number of 1st Distributed AP: number of the AP, if you plan to attach the AP to the 2350 indirectly through the network.

  • Page 135: Configuring The 2350

    Configuring a 2350 Switch for a Branch Office 135 Table 11: Configuration Parameter List (continued) Configuration Parameters Values 21. Authentication / authorization rules Authentication type(s): Mechanism the 2350 uses to authenticate users before authorizing them to access the _____ 802.1X network.

  • Page 136: Accessing The Cli

    To connect a PC to the serial console port: Insert the serial cable into the PC port. Insert the other end of the cable into the serial console port on the 2350 switch. Start a standard VT100 terminal emulation application on the PC, and configure the following modem settings: ●...

  • Page 137: Configuration Commands

    Table 11 on page 131. In some cases, command syntax has been simplified to show only the options related to a typical 2350 deployment. You can use the show commands listed in the table to verify the configuration changes. For complete usage and syntax information about a command, see the following: •...

  • Page 138: Cli Commands

    138 Configuring a 2350 Switch for a Branch Office Table 12: Configuration Parameter List (continued) Configuration CLI Commands Parameters set vlan 1 port 1 4. System IP address of the switch set interface 1 ip {ip-addr mask | ip-addr/mask-length} set system ip-address ip-addr...
  • Page 139 Configuring a 2350 Switch for a Branch Office 139 Table 12: Configuration Parameter List (continued) Configuration CLI Commands Parameters 9. Certificates For certificates signed by a CA: To install from PKCS #12 file: copy tftp://ip-addr/[subdirname/]filename [destination-url] crypto otp {admin | eap | webaaa} one-time-password...
  • Page 140 140 Configuring a 2350 Switch for a Branch Office Table 12: Configuration Parameter List (continued) Configuration CLI Commands Parameters set service-profile name ssid-name ssid-name 12. Service Set Identifier (SSID) name show service-profile name set service-profile name ssid-type [clear | crypto] 13.
  • Page 141 Configuring a 2350 Switch for a Branch Office 141 Table 12: Configuration Parameter List (continued) Configuration CLI Commands Parameters set radio-profile name 16. Radio profile name set radio-profile name service-profile name set {ap port-list | dap dap-num} radio {1 | 2}...

  • Page 142: Displaying And Saving The Configuration

    To review and save configuration changes, use the following commands: show config save config Verifying Operation The following sections describe how to verify IP connectivity between the 2350 and other devices in the network, and how to verify wireless user sessions. 320656-A...

  • Page 143: Verifying Ip Connectivity

    For host, specify the IP address of a host device on the network. Enter this command from the 2350 to verify connection to other devices. Also enter this command on other devices such as the local access router to verify connection to the 2350.

  • Page 144: Verifying Wireless Access

    In this example, users bob and alice both have wireless sessions on the 2350. User bob is associated with radio 2 on the AP directly connected to port 2 on the 2350. User alice is associated with radio 2 on the Distributed AP, indirectly connected to the 2350 through the network.

  • Page 145: Configured Parameters

    • Wireless access: ● Country code US (United States) ● 2330 directly connected to 2350 port 2, with PoE enabled. An additional 2330 is added as a Distributed AP. ● Encrypted SSID branch1_wlan, in service-profile branch1_srvcprof ● Radio profile branch1_radprof containing the AP radios, and mapped to service profile branch1_srvcprof ●...

  • Page 146: Configuration Commands

    Add the uplink port to the default VLAN, configure an IP interface on the VLAN, and designate the interface to be the 2350’s system IP address. Then verify the changes. 2370# set vlan 1 port 1 success: change accepted.
  • Page 147 Configure a default route that uses the local access router at 10.10.20.1 as its gateway, and indicate that the gateway is one router hop away from the 2350. (One hop means the 2350 and the local access router are in the same IP subnet.) 2370# set ip route default 10.10.20.1 1...
  • Page 148 Wed Dec 15 2004, 13:30:00 PST Configure the 2350 to use the DNS server at 192.168.4.69 as its primary (in this cae, its only) DNS server, and configure the 2350 to append the default domain name example.com to hostnames you enter at the command line.
  • Page 149 10 Add the 2350 to the local user VLAN, branch1_vlan. (Because the uplink port is now in two VLANs, the default VLAN for 2350 management and a user VLAN, the port must be tagged.) Then verify the changes.
  • Page 150 Radio 2: type: 802.11a, mode: disabled, channel: dynamic tx pwr: 11, profile: default auto-tune max-power: default, min-client-rate: 24, max-retransmissions: 10 13 Configure an additional 2330 connected to the 2350 through the network. Then verify the change. 2370# set dap 1 serial-id 0123456789 model 2330 success: change accepted.
  • Page 151 Configuring a 2350 Switch for a Branch Office 151 auto-tune max-power: default, min-client-rate: 24, max-retransmissions: 10 14 Create radio profile branch1_radprof, map service profile branch1_srvcprof to it, and assign the AP radios to the radio profile. Then verify the changes.
  • Page 152 152 Configuring a 2350 Switch for a Branch Office Radio 1: type: 802.11g, mode: enabled, channel: dynamic tx pwr: 15, profile: branch1_radprof auto-tune max-power: default, min-client-rate: 5.5, max-retransmissions: 10 Radio 2: type: 802.11a, mode: enabled, channel: dynamic tx pwr: 11, profile: branch1_radprof...
  • Page 153 Configuring a 2350 Switch for a Branch Office 153 Password = 011f0310560e0f01 (encrypted) user alice Password = 082040470a1c15160118 (encrypted) Group = branch1_users user bob Password = 0823434c19181604 (encrypted) press any key to continue, q to quit.<CR> Group = branch1_users 17 Configure an authentication rule that allows users with wireless clients that support 802.1X to access the SSID branch1_wlan.
  • Page 154 154 Configuring a 2350 Switch for a Branch Office # Image 4.0.1 # Model 2350 # Last change occurred at 2005-05-02 11:17:42 set ip route default 10.10.20.1 1 set ip dns domain example.com set ip dns server 192.168.4.69 PRIMARY set system name 2350 set system ip-address 10.10.20.15...

  • Page 155: Appendix A: Wss Technical Specifications

    Appendix A: WSS Technical Specifications Table 13 lists the technical specifications for Nortel WLAN—Security Switch (WSS) models 2370 and 2380. Table 14 lists the technical specifications for model 2360. Table 15 lists the technical specifications for mode 2350. (For detailed compliance information, see the Nortel WLAN—2300 Series Regulatory Information document.
  • Page 156 156 Appendix A:WSS Technical Specifications Table 13: 2370 and 2380 Mechanical and Compliance Specifications (continued) Specification Description Wired network ports 2370: • Two gigabit interface converter (GBIC) slots for 1000BASE-SX or 1000BASE-LX gigabit Ethernet ports • 20 RJ-45 po2380rts for 10/100BASE-T Ethernet and optional Power over Ethernet (PoE) 2380: •...
  • Page 157 Power over Ethernet (PoE) 48 VDC Status indicators Power supply status LED Port activity and link speed LEDs Factory reset LED (For descriptions of the LEDs, see “2350 LEDs” on page 28.) WLAN—Security Switch 2300 Series Installation and Basic Configuration Guide...
  • Page 158 158 Appendix A:WSS Technical Specifications Table 15: 2350 Mechanical and Compliance Specifications (continued) Specification Description Wired network ports One RJ-45 port for 10/100BASE-T Ethernet and optional Power over Ethernet (PoE) One RJ-45 10/100BASE-T Ethernet uplink (without PoE) Safety and electromagnetic...

  • Page 159: Appendix B: Wss Troubleshooting

    Appendix B: WSS Troubleshooting Table 16 contains remedies for some common problems that can occur during basic installation and setup of a WSS. Table 16: WSS Setup Problems and Remedies Symptom Diagnosis Remedy 1. Use set timezone to set the WLAN Management The switch’s time and date are time zone in which you are...
  • Page 160 160 Appendix B:WSS Troubleshooting Table 16: WSS Setup Problems and Remedies (continued) Symptom Diagnosis Remedy Client cannot access the This symptom has more than one network. possible cause: 1. Type the show aaa command • The client might be failing to check the authentication authentication or might not be authorized for a VLAN.

  • Page 161: Appendix C: Translated Warning Conventions And Warnings

    Appendix C: Translated Warning Conventions and Warnings The following warning conventions and warnings apply to this manual. Warning Conventions Warning! This situation or condition can cause injury. Warning! Deze situatie of omstandigheid kan letsel veroorzaken. Warning! Diese Situation oder dieser Zustand kann zu Verletzungen führen. Warning! Cette situation ou cette condition peuvent provoquer des blessures.
  • Page 162 162 Appendix C:Translated Warning Conventions and Warnings Warning! Radiation. This situation or condition can cause injury due to improper handling of fiber-optic equipment. Warning! Straling. Deze situatie of omstandigheid kan letsel veroorzaken door onjuist gebruik van glasvezelapparatuur. Warning! Strahlung. Diese Situation oder dieser Zustand kann durch falschen Umgang mit glasfaserbasierten Geräten zu Verletzungen führen.
  • Page 163 Die Installation darf nur von einem qualifizierten Kundendienstmitarbeiter vorgenommen werden. Lesen Sie alle Warnhinweise und Anweisungen auf dem Produkt oder in der Dokumentation und befolgen Sie sie. Bevor Sie das Produkt installieren, sollten Sie Nortel WLAN 2300 Series Regulatory Information vollständig lesen. Warning! L’installation doit être effectuée uniquement par des techniciens...

  • Page 164: Laser Warning

    164 Appendix C:Translated Warning Conventions and Warnings Laser Warning Warning! The gigabit Ethernet fiber-optic interfaces use Class 1 lasers. To reduce the risk of eye injury, do not stare into the interface or otherwise direct the laser beam into your eye. Warning! De gigabit Ethernet glasvezel interfaces gebruiken Klasse 1 lasers.

  • Page 165: Earth Ground Warning

    Appendix C:Translated Warning Conventions and Warnings 165 Earth Ground Warning Warning! Earth grounding is required for a WSS installed in a rack. If you are relying on the rack to provide ground, the rack itself must be grounded with a ground strap to the earth ground.
  • Page 166 WSS par accident, vous pouvez vous blesser et le commutateur risque d’être endommagé. Warning! Nortel le recomienda que pida la ayuda de alguien para realizar los pasos restantes. Si el interruptor WSS se cae accidentalmente, usted puede sufrir lesiones y el interruptor puede sufrir daños.
  • Page 167 Appendix C:Translated Warning Conventions and Warnings 167 Warning! To prevent the WSS from slipping, do not release the switch until all the rack-mount screws are tight. Warning! Laat de WSS niet los totdat alle bevestigingsbouten goed zijn vastgedraaid om te voorkomen dat de switch uit uw handen glijdt. Warning! Sie vermeiden, dass der WSS abrutscht, indem Sie ihn festhalten, bis alle Rack-Befestigungsschrauben angezogen sind.

  • Page 168: Overcurrent Warning

    168 Appendix C:Translated Warning Conventions and Warnings Overcurrent Warning Warning! The WSS relies on the building’s installation for overcurrent protection. Ensure that a fuse or circuit breaker no larger than 120 VAC, 15A U.S. (240 VAC, 10 A international) is used on the phase conductors. Warning! De WSS is afhankelijk van de in het gebouw geïnstalleerde beveiliging tegen overstroom.

  • Page 169: Index

    Index Numerics serial console 40 certificates 10/100BASE-T 40 displaying, administration 94 1000BASE-LX 41 displaying, user 97 1000BASE-SX 40 installing for administration, certificate authority 1000BASE-TX 41 assigned 91 2360 18 installing for administration, self-signed 90 2370 18 installing for users, certificate authority assigned 2380 18 802.1X 119, 122 installing for users, self-signed 95...
  • Page 170 VLANs, configuring 85 LEDs, AP 28, 53 LEDs, gigabit Ethernet 27, 54, 55 Ethernet ports 26 LEDs 27 Extensible Authentication Protocol. See EAP 2350 28 Link 53 link, 10/100 Ethernet 53 fans 39 link, AP 53 flash card slot 24...
  • Page 171 113 network plan, WMS 39 RADIUS attributes, for user VLANs 116 nonseed members, Mobility Domain 115 RADIUS servers, configuring 118 Nortel WLAN 2300 System 13 rear panel 20 NTP (Network Time Protocol), configuring 83 restart switch 24 RF management 36...
  • Page 172 39 Ethernet links 51 work order, WMS 39 incomplete boot load 160 WSS (WLAN Security Switch) installation and setup 159 configuration, 2350 125 invalid certificate 159 configuration, 2370, 2360, 2380 79 missing configuration 160 description of 19 serial console 51...

This manual is also suitable for:

2370236023802361

Table of Contents