H3C WA4600 Series Fundamentals Configuration Manual
  1. Manuals
  2. Brands
  3. H3C Manuals
  4. Wireless Access Point
  5. WA4600 Series
  6. Fundamentals configuration manual

H3C WA4600 Series Fundamentals Configuration Manual

Hide thumbs Also See for WA4600 Series:
Table of Contents

Advertisement

Quick Links

Download this manual
New H3C Technologies Co., Ltd.
http://www.h3c.com
Software version: WA4600-CMW520-R1507P09
WA4300-CMW520-R1507P09
WA4300S-CMW520-R1507P09
Document version: 6W101-20180330
Fundamentals Configuration Guide
H3C Access Points

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the WA4600 Series and is the answer not in the manual?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for H3C WA4600 Series

Summary of Contents for H3C WA4600 Series

  • Page 1 H3C Access Points Fundamentals Configuration Guide New H3C Technologies Co., Ltd. http://www.h3c.com Software version: WA4600-CMW520-R1507P09 WA4300-CMW520-R1507P09 WA4300S-CMW520-R1507P09 Document version: 6W101-20180330...
  • Page 2 The information in this document is subject to change without notice. All contents in this document, including statements, information, and recommendations, are believed to be accurate, but they are presented without warranty of any kind, express or implied. H3C shall not be liable for technical or editorial errors or omissions contained herein.
  • Page 3 Preface The H3C Access Points documentation set includes eight configuration guides. These guides describe the software features for the H3C Access Points and guide you through the software configuration procedures. These guides also provide configuration examples to help you apply software features to different network scenarios.
  • Page 4 Convention Description A line that starts with a pound (#) sign is comments. GUI conventions Convention Description Window names, button names, field names, and menu items are in Boldface. For Boldface example, the New User window appears; click OK. > Multi-level menus are separated by angle brackets.
  • Page 5 It is normal that the port numbers, sample output, screenshots, and other information in the examples differ from what you have on your device. Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.

  • Page 6: Table Of Contents

    Contents Using the CLI ································································································································································ 1   Command conventions ····················································································································································· 1   Using the undo form of a command ······························································································································· 2   CLI views ············································································································································································ 2   Entering system view from user view ······················································································································ 3   Returning to the upper-level view from any view ·································································································· 3  ...

  • Page 7: Using The Cli

    Using the CLI At the command-line interface (CLI), you can enter text commands to configure, manage, and monitor your device. Figure 1 CLI example You can log in to the CLI in a variety of ways. For example, you can log in through the console port, or using Telnet or SSH.

  • Page 8: Using The Undo Form Of A Command

    time date The following example analyzes the syntax of the clock datetime command according to Table Figure 2 Understanding command-line parameters For example, to set the system time to 10:30:20, February 23, 2010, enter the following command line at the CLI and press Enter: <Sysname>...

  • Page 9: Entering System View From User View

    Figure 3 CLI view hierarchy Entering system view from user view Task Command Enter system view from user view. system-view Returning to the upper-level view from any view Task Command Return to the upper-level view from any view. quit Executing the quit command in user view terminates your connection to the device. In public key code view, use the public-key-code end command to return to the upper-level view (public key view).

  • Page 10: Accessing The Cli Online Help

    Accessing the CLI online help The CLI online help is context sensitive. You can enter a question mark at any prompt or in any position of a command to display all available options. To access the CLI online help, use one of the following methods: Enter a question mark at a view prompt to display the first keyword of every command available in •...

  • Page 11: Entering A Command

    Entering a command When you enter a command, you can use keys or hotkeys to edit the command line, or use abbreviated keywords or keyword aliases. Editing a command line Use the keys listed in Table 2 or the hotkeys listed in Table 3 to edit a command line.

  • Page 12: Configuring And Using Command Keyword Aliases

    Configuring and using command keyword aliases The command keyword alias function allows you to replace the first keyword of a non-undo command or the second keyword of an undo command with your preferred keyword when you execute the command. For example, if you configure show as the alias for the display keyword, you can enter show in place of display to execute a display command.

  • Page 13: Enabling Redisplaying Entered-But-Not-Submitted Commands

    Step Command Remarks Ctrl+T or Ctrl+U. Optional. display hotkey [ | { begin | Display hotkeys. exclude | include } Available in any view. See Table 3 regular-expression for hotkeys reserved by the system. The hotkeys in Table 3 are defined by the device. If a hotkey is also defined by the terminal software that you are using to interact with the device, the definition of the terminal software takes effect.

  • Page 14: Understanding Command-Line Error Messages

    output such as logs. If you have entered nothing, the system does not display the command-line prompt after the output. To enable redisplaying entered-but-not-submitted commands: Step Command Remarks Enter system view. system-view By default, this feature is disabled. Enable redisplaying For more information about this entered-but-not-submitted info-center synchronous...

  • Page 15: Viewing History Commands

    By default, the command history buffer can save up to 10 commands for each user. To set the capacity of the command history buffer for the current user interface, use the history-command max-size command. Viewing history commands You can use arrow keys to access history commands in Windows 200x and Windows XP Terminal or Telnet.

  • Page 16: Filtering The Output From A Display Command

    Table 5 Keys for controlling output Keys Function Space Displays the next screen. Enter Displays the next line. Ctrl+C Stops the display and cancels the command execution. <PageUp> Displays the previous page. <PageDown> Displays the next page. To display all output at one time and refresh the screen continuously until the last screen is displayed: Task Command Remarks...
  • Page 17 Character Meaning Examples character, and a blank. Matches the preceding character or "zo*" matches "z" and "zoo", and "(zo)*" matches character group zero or multiple "zo" and "zozo". times. Matches the preceding character or character group one or multiple "zo+" matches "zo" and "zoo", but not "z". times Matches the preceding or "def|int"...
  • Page 18 Character Meaning Examples character1character2. Matches character1, "\ba" matches "-a" with "-" being character1 can be any character character2, \bcharacter2 "a" being but it does not match "2a" or except number, letter or underline, "ba" and \b equals [^A-Za-z0-9_]. Matches a string containing "\Bt"...

  • Page 19: Configuring User Privilege And Command Levels

    Configuring user privilege and command levels To avoid unauthorized access, the device defines the user privilege levels and command levels in Table 7. User privilege levels correspond to command levels. A user logged in with a specific privilege level can use only the commands at that level or lower levels. Table 7 Command levels and user privilege levels Level Privilege...
  • Page 20 Step Command Remarks By default, the authentication mode Specify the scheme for VTY users is password, and no authentication-mode scheme authentication mode. authentication is needed for console login users. Return to system view. quit This task is required only for SSH Configure the Security For more information, see...
  • Page 21 Step Command Remarks first-num1 user-interface { Enter user interface view. last-num1 first-num2 ] | vty last-num2 By default, the authentication mode Enable the scheme for VTY users is password, and no authentication-mode scheme authentication mode. authentication is needed for console users. By default, the user privilege level for users logged in through the Configure the user privilege...

  • Page 22: Switching The User Privilege Level

    # Configure the device to perform no authentication for Telnet users, and to authorize authenticated Telnet users to use level-0 and level- 1 commands. (Use no authentication mode only in a secure network environment.) <Sysname> system-view [Sysname] user-interface vty 0 4 [Sysname-ui-vty0-4] authentication-mode none [Sysname-ui-vty0-4] user privilege level 1 # Display the commands a Telnet user can use after login.
  • Page 23 To avoid problems, H3C recommends that administrators log in with a lower privilege level to view switch operating parameters, and switch to a higher level temporarily only when they must maintain the device. When administrators must leave for a while or ask someone else to manage the device temporarily, they can switch to a lower privilege level before they leave to restrict the operation by others.
  • Page 24 Step Command Remarks If no user privilege level is specified when you configure the command, the user privilege level defaults to If local-only authentication is used, a console user interface user can switch to a higher privilege level, even if the privilege level has not been assigned a password. Switching to a higher user privilege level Before you switch to a higher user privilege level, obtain the required authentication data as described Table...

  • Page 25: Changing The Level Of A Command

    Login Level switching Information required for the Information required for the authentication authentication first authentication mode second authentication mode mode mode username as the privilege level switching username. Password for privilege level switching configured on the AAA Password configured on the scheme local server.
  • Page 26 Contents Login overview ····························································································································································· 1   Login methods at a glance ··············································································································································· 1   CLI user interfaces ····························································································································································· 2   User interface assignment ········································································································································ 2   User interface identification ···································································································································· 2   Logging in to the CLI ···················································································································································· 3   Logging in through the console port for the first time ····································································································...
  • Page 27 Configuration procedure ······································································································································ 34   SNMP login control configuration example ······································································································· 35   Configuring Web login control ···································································································································· 36   Configuring source IP-based Web login control ································································································ 36   Logging off online Web users ······························································································································ 36   Web login control configuration example ·········································································································· 37  ...

  • Page 28: Login Overview

    Login overview This chapter describes the available login methods and introduces the related concepts. Login methods at a glance You can access the device by using the methods in Table Table 1 Login methods Login method Default setting and configuration requirements Logging in to the CLI: Logging in through the console...

  • Page 29: Cli User Interfaces

    CLI user interfaces The device uses user interfaces (also called "lines") to control CLI logins and monitor CLI sessions. You can configure access control settings, including authentication, user privilege, and login redirect on user interfaces. After users are logged in, their actions must be compliant with the settings on the user interfaces assigned to them.

  • Page 30: Logging In To The Cli

    Logging in to the CLI By default, you can access the CLI through the console port or Telnet. The following matrix shows the supported console port types: Hardware Console port WA4320-ACN Common console port WA4320H-ACN Mini USB port WA4320i-ACN Common console port WA4320-ACN-PI Not provided WA4620i-ACN/WA4620E-ACN...
  • Page 31 Figure 1 Connecting a terminal to the console port If the PC is off, turn on the PC. Launch the terminal emulation program and configure the communication properties on the PC. Figure 2 through Figure 4 show the configuration procedure on Windows XP HyperTerminal. Make sure the port settings are the same as listed in Table On Windows Server 2003, add the HyperTerminal program first, and then log in to and manage...

  • Page 32: Configuring Console Login Control Settings

    Figure 4 Setting the properties of the serial port Power on the device and press Enter at the prompt. The default user view prompt <WA4620i-ACN> appears. You can enter commands to configure or manage the device. To get help, enter ?. Configuring console login control settings The following authentication modes are available for controlling console logins: None—Requires no authentication.

  • Page 33: Configuring None Authentication For Console Login

    Authentication Configuration tasks Reference mode Enable scheme authentication on the console user interface. Configure local or remote authentication settings. To configure local authentication: Configure a local user and specify the password. "Configuring scheme Configure the device to use local authentication. Scheme authentication for console To configure remote authentication:...

  • Page 34: Configuring Scheme Authentication For Console Login

    Step Command Remarks password { cipher | simple } Configure common settings "Configuring common console Optional. for console login. user interface settings (optional)." The next time you attempt to log in through the console port, you must provide the configured login password.

  • Page 35: Configuring Common Console User Interface Settings (Optional)

    Step Command Remarks Optional. By default, command accounting is Enable command command accounting disabled, and the accounting server accounting. does not record the commands executed by users. Exit to system view. quit Optional. By default, local authentication is Enter ISP domain view: used.
  • Page 36 By default, the terminal display type is ANSI. The device supports two types of terminal display: ANSI and VT100. H3C recommends setting the display type of both the device and the terminal to VT100. If the device and Specify the terminal display...

  • Page 37: Logging In Through Telnet

    Logging in through Telnet You can Telnet to the device for remote management, or use the device as a Telnet client to Telnet to other devices, as shown in Figure Figure 5 Telnet login By default, Telnet service is enabled. The IP address is 192.168.0.50.

  • Page 38: Configuring None Authentication For Telnet Login

    Authentication Configuration tasks Reference mode interface. authentication for Telnet login" Set a password. Enable scheme authentication on the VTY user interface. Configure local or remote authentication settings. To configure local authentication: Configure a local user and specify the password. Configure the device to use local authentication. "Configuring scheme To configure remote authentication: Scheme...

  • Page 39: Configuring Scheme Authentication For Telnet Login

    Step Command Remarks Enter system view. system-view By default, the Telnet server Enable Telnet server. telnet server enable function is enabled. Enter one or multiple VTY first number user-interface vty user interface views. last-number By default, password Enable password authentication-mode password authentication is enabled for authentication.
  • Page 40 Step Command Remarks By default, the Telnet server function is Enable Telnet server. telnet server enable enabled. Enter one or multiple VTY first number user-interface vty user interface views. last-number By default, password authentication is enabled for VTY user interfaces. Whether local, RADIUS, or Enable scheme HWTACACS authentication is adopted...

  • Page 41: Configuring Common Vty User Interface Settings (Optional)

    Step Command Remarks settings for VTY user interface settings (optional)." interfaces. The next time you attempt to Telnet to the CLI, you must provide the configured login username and password. If you are required to pass a second authentication, you must also provide the correct password to access the CLI.

  • Page 42: Using The Device To Log In To A Telnet Server

    Step Command Remarks The system automatically terminates the user's connection if there is no information interaction between the device and the user within the timeout time. Setting idle-timeout to 0 disables the timer. Optional. By default, no automatically executed command is specified. The command auto-execute Specify a command to be function is typically used for...

  • Page 43: Logging In Through Ssh

    Step Command Remarks • Log in to an IPv4 Telnet server: remote-host telnet service-port ] [ source interface-type { interface interface-number | ip Use the device to log in to a ip-address Use either command. Telnet server. • Log in to an IPv6 Telnet server: remote-host telnet ipv6 [ -i...
  • Page 44 Command accounting allows the HWTACACS server to record all commands executed by users, regardless of command execution results. This function helps control and monitor user behaviors on the device. If command accounting is enabled and command authorization is not enabled, every executed command is recorded on the HWTACACS server.

  • Page 45: Using The Device To Log In To An Ssh Server

    Step Command Remarks Optional. Enter the ISP domain view: domain-name domain For local authentication, configure local user accounts. Apply the specified AAA scheme to the domain: For RADIUS or HWTACACS authentication default authentication, configure the Apply an AAA authentication { hwtacacs-scheme RADIUS or HWTACACS scheme hwtacacs-scheme-name scheme to the intended...

  • Page 46: Displaying And Maintaining Cli Login

    Task Command Remarks server argument represents the IPv6 address or server Log in to an IPv6 SSH server. ssh2 ipv6 host name of the server. To work with the SSH server, you might need to configure the SSH client. For information about Security Configuration Guide configuring the SSH client, see Displaying and maintaining CLI login...

  • Page 47: Logging In To The Web Interface

    Logging in to the Web interface The device provides a built-in Web server for you to configure the device through a Web browser. Web login is enabled by default. The IP address is 192.168.0.50. • The login username is admin. •...

  • Page 48: Configuring Https Login

    Step Command Remarks Enter system view. system-view By default, the HTTP service is Enable the HTTP service. ip http enable enabled. Optional. The default HTTP service port Configure the HTTP service number is 80. port-number ip http port port number. If you execute the command multiple times, the last one takes effect.
  • Page 49 by the device itself, rather than a CA) and the default SSL settings. This mode is simple to configure but has potential security risks. Secure mode—To make the device operate in this mode, you must enable HTTPS service on the •...
  • Page 50 Step Command Remarks and the HTTPS service cannot be started. In that case, execute this command multiple times to start the HTTPS service. Optional. By default, the HTTPS service is not associated with any certificate-based attribute access control policy. The device uses the associated policy to control client access rights.

  • Page 51: Displaying And Maintaining Web Login

    Step Command Remarks terminated. Set the Web user minutes web idle-timeout Optional. connection timeout time. Set the size of the buffer for pieces web logbuffer size Optional. Web login logging. Create a local user and user-name local-user enter local user view. Configure a password for password { cipher | simple } the local user.

  • Page 52: Configuration Procedure

    Figure 9 Network diagram Configuration procedure Configure the AP: # Create VLAN-interface 1. <Sysname> system-view [Sysname] interface vlan-interface 1 # Assign the IP address 192.168.0.58/24 to the interface. [Sysname-VLAN-interface1] ip address 192.168.0.58 255.255.255.0 [Sysname-VLAN-interface1] quit # Create a local user named admin, and set the password to admin for the user. Specify the Web service type for the local user, and set the command level to 3 for this user.

  • Page 53: Https Login Configuration Example

    Figure 10 Web login page # Enter the user name, password, verify code, select English, and click Login. The homepage appears. After login, you can configure the AP through the Web interface. HTTPS login configuration example Network requirements As shown in Figure 1 1, to allow only authorized users to access the AP's Web interface, configure the AP as the HTTPS server and the host as the HTTPS client.
  • Page 54 <AP> system-view [AP] pki entity en [AP-pki-entity-en] common-name http-server1 [AP-pki-entity-en] fqdn ssl.security.com [AP-pki-entity-en] quit # Create a PKI domain, specify the trusted CA as new-ca, the URL of the server for certificate request as http://10.1.2.2/certsrv/mscep/mscep.dll, authority for certificate request as RA, and the entity for certificate request as en.
  • Page 55 # Create certificate attribute-based access control policy myacp and configure a certificate attribute-based access control rule, specifying that a certificate is considered valid when it matches an attribute rule in certificate attribute group myacp. [AP] pki certificate access-control-policy myacp [AP-pki-cert-acp-myacp] rule 1 permit mygroup1 [AP-pki-cert-acp-myacp] quit # Associate the HTTPS service with SSL server policy myssl.

  • Page 56: Logging In Through Snmp

    Logging in through SNMP You can run SNMP on an NMS to access the device MIB and perform GET and SET operations to manage and monitor the device. The device supports SNMPv1, SNMPv2c, and SNMPv3, and can work with various network management software products, including IMC. For more information about SNMP, Network Management and Monitoring Configuration Guide By default, SNMP access is disabled.

  • Page 57: Configuring Snmpv1 Or Snmpv2C Settings

    Step Command Remarks access right. [ authentication | privacy ] configured. read-view [ read-view ] [ write-view write-view ] [ notify-view notify-view acl-number ] [ acl user-name snmp-agent usm-user v3 group-name [ [ cipher ] Add a user to the SNMP authentication-mode { md5 | sha } group.

  • Page 58: Snmp Login Example

    SNMP login example Network requirements Configure the AP and network management station so you can remotely manage the AP through SNMPv3. Figure 13 Network diagram Configuration procedure Configure the AP: # Assign an IP address to the AP. Make sure the AP and the NMS can reach each other. (Details not shown.) # Enter system view.

  • Page 59: Controlling User Logins

    Controlling user logins To harden device security, use ACLs to prevent unauthorized logins. For more information about ACLs, ACL and QoS Configuration Guide. Controlling Telnet logins Use a basic ACL (2000 to 2999) to filter Telnet traffic by source IP address. Use an advanced ACL (3000 to 3999) to filter Telnet traffic by source and/or destination IP address.

  • Page 60: Configuring Source Mac-Based Telnet Login Control

    Step Command Remarks Enter system view. system-view Create an advanced ACL and acl-number acl [ ipv6 ] number By default, no advanced ACL enter its view, or enter the view name [ name ] [ match-order exists. of an existing advanced ACL. { config | auto } ] rule-id rule [...

  • Page 61: Configuring Source Ip-Based Snmp Login Control

    Figure 14 Network diagram Configuration procedure # Configure basic ACL 2000, and configure rule 1 to permit packets sourced from Host B, and rule 2 to permit packets sourced from Host A. <Sysname> system-view [Sysname] acl number 2000 match-order config [Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0 [Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0 [Sysname-acl-basic-2000] quit...

  • Page 62: Snmp Login Control Configuration Example

    Step Command Remarks Exit the basic ACL view. quit • SNMPv1/v2c community: snmp-agent community { read | write } community name view-name [ mib-view ] [ acl acl-number • SNMPv1/v2c group: group-name snmp-agent group { v1 | v2c } read-view [ read-view ] [ write-view write-view...

  • Page 63: Configuring Web Login Control

    [Sysname] acl number 2000 match-order config [Sysname-acl-basic-2000] rule 1 permit source 10.110.100.52 0 [Sysname-acl-basic-2000] rule 2 permit source 10.110.100.46 0 [Sysname-acl-basic-2000] quit # Associate the ACL with the SNMP community and the SNMP group. [Sysname] snmp-agent community read aaa acl 2000 [Sysname] snmp-agent group v2c groupa acl 2000 [Sysname] snmp-agent usm-user v2c usera groupa acl 2000 Configuring Web login control...

  • Page 64: Web Login Control Configuration Example

    Web login control configuration example Network requirements Configure the AP in Figure 16 to provide Web access service only to Host B. Figure 16 Network diagram Configuration procedure # Create ACL 2000, and configure rule 1 to permit packets sourced from Host B. <Sysname>...
  • Page 65 Contents Configuring FTP ···························································································································································· 1   Using the device as an FTP client ···································································································································· 1   Establishing an FTP connection ······························································································································· 1   Managing directories on the FTP server ················································································································ 2   Working with the files on the FTP server ················································································································ 3  ...

  • Page 66: Configuring Ftp

    Configuring FTP File Transfer Protocol (FTP) is an application layer protocol based on the client/server model. It is used to transfer files from one host to another over a TCP/IP network. FTP server uses TCP port 20 to transfer data and TCP port 21 to transfer control commands. For more information about FTP, see RFC 959.

  • Page 67: Managing Directories On The Ftp Server

    IP address is used as the source IP address for the FTP packets sent by the device. The source interface and source IP address settings overwrite each other. The ftp client source command setting applies to all FTP sessions. When you set up an FTP session using the ftp or ftp ipv6 command, you can also specify a different source IP address for the FTP session.

  • Page 68: Working With The Files On The Ftp Server

    Task Command Display detailed information about a directory or file on the FTP remotefile localfile dir [ server. remotefile localfile Query a directory or file on the FTP server. ls [ directory Change the working directory on the FTP server. cd { | ..

  • Page 69: Switching To Another User Account

    Task Command Remarks Download a file from the FTP remotefile localfile server. Switching to another user account After you log in to the FTP server with one user account, you can switch to another user account to get a different privilege without reestablishing the FTP connection. You must correctly enter the new username and password.
  • Page 70 Download the system software image file wa2600a_fat.bin from the FTP server to the AP. • • Upload the configuration file startup.cfg from the AP to the FTP server for backup. Figure 2 Network diagram Configuration procedure # Examine the storage space of the AP for insufficiency or impairment. If no sufficient free space is file available, use the fixdisk command to fix the storage medium or use the delete/unreserved command to delete unused files.

  • Page 71: Displaying And Maintaining Ftp

    <Sysname> boot-loader file wa2600a_fat.bin main IMPORTANT: The system software image file used for the next startup must be saved in the root directory of the storage medium. You can copy or move a file to the root directory. # Reboot the AP to upgrade the system software image. <Sysname>...

  • Page 72: Configuring Tftp

    Configuring TFTP Trivial File Transfer Protocol (TFTP) is a simplified version of FTP for file transfer over secure reliable networks. TFTP uses UDP port 69 for connection establishment and data transmission. In contrast to TCP-based FTP, TFTP requires no authentication or complex message exchanges, and is easier to deploy. TFTP supports the following transfer modes: Binary mode—Used to transfer image files, such as .bin files.

  • Page 73: Displaying And Maintaining The Tftp Client

    To use the device as a TFTP client: Step Command Remarks Enter system view. system-view Optional. Use an ACL to control the acl-number tftp-server [ ipv6 ] acl By default, no ACL is used for client's access to TFTP servers. access control.
  • Page 74 Figure 4 Network diagram Configuration procedure This configuration procedure assumes that the PC and the AP can reach each other. Configure the PC (TFTP server): Enable the TFTP server. (Details not shown.) Configure a TFTP working directory. (Details not shown.) Configure the AP (TFTP client): # Examine the storage medium of the AP for insufficiency or impairment.
  • Page 75 Contents Managing the file system ············································································································································ 1   Overview ············································································································································································ 1   File name formats ····················································································································································· 1   Managing files ·································································································································································· 1   Displaying file information ······································································································································ 2   Displaying the contents of a file ······························································································································ 2   Renaming a file ························································································································································· 2  ...

  • Page 76: Managing The File System

    Managing the file system Overview This chapter describes how to manage the device's file system, including the storage media, directories, and files. File name formats When you specify a file, enter the file name in one of the formats shown in Table 1.

  • Page 77: Displaying File Information

    Displaying file information Perform this task in user view. Task Command file Display file or directory information. dir [ /all ] [ | /all-filesystems ] Displaying the contents of a file Perform this task in user view. Task Command Remarks file-url Display the contents of a file.

  • Page 78: Emptying The Recycle Bin

    A file in the recycle bin occupies storage space. To release the occupied space, execute the reset recycle-bin command in the directory that holds the file. To save storage space, periodically empty the recycle bin with the reset recycle-bin command. Perform the following tasks in user view: Task Command...

  • Page 79: Changing The Current Working Directory

    Changing the current working directory Perform this task in user view. Task Command Change the current working directory cd { | .. | / } directory. Creating a directory Perform this task in user view. Task Command directory Create a directory. mkdir Removing a directory To remove a directory, you must delete all files and subdirectories in this directory.

  • Page 80: Performing Batch Operations

    Performing batch operations A batch file comprises a set of executable commands. Executing a batch file is the same as executing the commands one by one. However, execution of a batch file does not guarantee successful execution of every command in the batch file. If a command has error settings or the conditions for executing the command are not satisfied, the system skips this command.
  • Page 81 %Created dir flash:/test/mytest. # Display the current working directory. <Sysname> pwd flash:/test # Display the files and the subdirectories in the test directory. <Sysname> dir Directory of flash:/test/ drw- Feb 16 2006 15:28:14 mytest 2540 KB total (2519 KB free) # Return to the upper directory.
  • Page 82 Contents Managing configuration files ······································································································································ 1   Overview ············································································································································································ 1   Configuration types ·················································································································································· 1   Configuration file content organization and format ····························································································· 1   Next-startup configuration file redundancy ··········································································································· 2   Startup with a configuration file ····························································································································· 2   Hardware and storage medium compatibility ···············································································································...

  • Page 83: Managing Configuration Files

    Managing configuration files Overview You can use the CLI or the Boot ROM to manage configuration files. This chapter explains how to manage configuration files from the CLI. A configuration file saves configurations as a set of text commands. You can save the running configuration to a configuration file so the configuration takes effect after you reboot the device.

  • Page 84: Next-Startup Configuration File Redundancy

    • You can execute the save command to save the running configuration to a configuration file. To make sure that the configuration file can run normally, H3C recommends that you not edit the content and format of the configuration file.

  • Page 85: Saving Configuration In Different Ways

    Saving configuration in different ways When saving the running configuration to a configuration file, you can specify the file as the next-startup configuration file or not. If you are specifying the file as the next-startup configuration file, use one of the following methods to save the configuration: Fast mode—Use the save command without the safely keyword.

  • Page 86: Configuring Configuration Rollback

    Configuring configuration rollback To replace the running configuration with the configuration in a configuration file without rebooting the device, use the configuration rollback function. This function helps you revert to a previous configuration state or adapt the running configuration to different network environments. The configuration rollback function compares the running configuration against the specified replacement configuration file and handles configuration differences as follows: If a command in the running configuration is not in the replacement file, executes its undo form.

  • Page 87: Enabling Automatic Configuration Archiving

    Step Command Remarks Enter system view. system-view By default, no path or file name prefix is set for configuration archives, and the system does not regularly save configuration. IMPORTANT: Configure the directory and The undo form of this command directory archive configuration location file name prefix for archiving disables both manual and...

  • Page 88: Performing Configuration Rollback

    Task Command Manually archive the running configuration. archive configuration Performing configuration rollback To avoid rollback failure, follow these guidelines: Make sure the replacement configuration file is created by using the configuration archive function • or the save command on the current device. If the configuration file is not created on the current device, make sure the configuration file content •...

  • Page 89: Backing Up The Next-Startup Configuration File To A Tftp Server

    Backing up the next-startup configuration file to a TFTP server Before performing this task, make sure the server is reachable and enabled with TFTP service, and you have read and write permissions. This task backs up only the main next-startup configuration file. To back up the next-startup configuration file to a TFTP server: Step Command...

  • Page 90: Displaying And Maintaining A Configuration File

    CAUTION: This task permanently deletes the next-startup configuration file from the device. Before performing this task, back up the file as needed. Delete a next-startup configuration file if one of the following events occurs: • After you upgrade system software, the file no longer matches the new system software. The file is corrupt or not fully compatible with the device.
  • Page 91 Contents Upgrading software ····················································································································································· 1   Software upgrade methods ·············································································································································· 1   Upgrading BootWare by rebooting the device ············································································································· 2   Upgrading system software by rebooting the device ···································································································· 2   Upgrading software by installing hotfixes ······················································································································ 2   Basic concepts ·························································································································································· 3  ...

  • Page 92: Upgrading Software

    Upgrading software Upgrading software includes upgrading the BootWare and system software. Each time the device is powered on, it runs the BootWare image to initialize hardware and display hardware information and then runs the system software image (called the "boot file" in software code). Then, you can access the software features, as shown inFigure Figure 1 System startup process...

  • Page 93: Upgrading Bootware By Rebooting The Device

    Upgrading method Software types Remarks • BootWare image Use this method when the device cannot correctly start Upgrading from the • up. For information about this upgrading method, see System software BootWare menu the release notes for your device. image This chapter covers only the CLI approach to upgrading software.

  • Page 94: Basic Concepts

    Basic concepts Patch, patch file, and patch package file A patch fixes certain software defects. A patch file contains one or more patches. After being loaded to the patch memory area, each patch is assigned a unique number, which starts from 1. For example, if a patch file has three patches, they are numbered 1, 2, and 3.
  • Page 95 Figure 2 Impact of patch manipulation commands on patch state   IDLE state Patches that have not been loaded are in IDLE state. You cannot install or run these patches. As shown Figure 3, the patch memory area can load up to eight patches. The patch memory area supports up to 200 patches.
  • Page 96 Figure 4 Patch states in the patch memory area after a patch file is loaded ACTIVE state Patches in ACTIVE state run temporarily in the system and become DEACTIVE at a reboot. For the seven patches in Figure 4, if you activate the first five patches, their states change from DEACTIVE to ACTIVE.

  • Page 97: Hotfix Configuration Task List

    Figure 6 Patches in RUNNING state Hotfix configuration task list Task Remarks Installing patches: Use either approach. • Installing and running a patch in one Step-by-step patch installation allows you to control the patch step status. • Installing a patch step by step Uninstalling a patch step by step Optional.

  • Page 98: Installing A Patch Step By Step

    Optional. Specifying the patch file location For reliable patch loading, H3C recommends saving patch files to the root directory of Flash memory. To use a storage medium other than Flash memory, you must specify the patch file location. If the device has only one storage medium, this task is not required.

  • Page 99: Uninstalling A Patch Step By Step

    If you install a patch from a patch package, the system finds the correct patch file in the patch package file and loads the patch file. IMPORTANT: Set the file transfer mode to binary mode before using FTP or TFTP to upload or download patch files to or from the Flash memory of the device.

  • Page 100: Displaying And Maintaining Software Upgrade

    Step Command Stop running patches. patch-number patch deactive [ Removing patches from the patch memory area After being removed from the patch memory area, a patch is still retained in IDLE state in the storage medium. The system runs the way it did before it was installed with the patch. To remove patches from the patch memory area: Step Command...
  • Page 101 Figure 7 Network diagram FTP Server 2.2.2.2/24 Internet Telnet FTP Client User 1.1.1.1/24 Configuration procedure Configure the FTP server (configurations may vary with different types of servers): # Set the access parameters for the FTP client (including enabling the FTP server function, setting the FTP username to aaa and password to hello, and setting the user to have access to the flash:/aaa directory).

  • Page 102: Hotfix-Method Software Upgrade Example

    This command will reboot the device. Continue? [Y/N]:y Use the display version command to verify the upgrade. Hotfix-method software upgrade example Network requirements As shown in Figure 8, the software running on the AP has defects. The patch file patch_xxx.bin is saved on the TFTP server.

  • Page 103: Handling User Password Loss

    The password recovery feature allows a user to configure a new password while retaining the original configuration file. To prevent unauthorized access to the original configuration file, H3C recommends that you disable the password recovery feature.

  • Page 104: Displaying The Password Recovery Feature Status

    Press Ctrl+D to access BASIC-BOOTWARE MENU Booting Normal Extend BootWare The Extend BootWare is self-decompressing......Done! **************************************************************************** H3C WA4620i-ACN BootWare, Version 2.06 **************************************************************************** Copyright (c) 2004-2017 New H3C Technologies Co., Ltd. Compiled Date : Mar 27 2017 CPU Type : APM86791 CPU L1 Cache...

  • Page 105: Handling Console Login Password Loss When Password Recovery Is Enabled

    |<7> BootWare Operation Menu |<8> Clear Super Password |<9> Storage Device Operation |<0> Reboot ============================================================================ Ctrl+C: Display Copyright Ctrl+F: Format File System Enter your choice(0-9): Handling console login password loss when password recovery is enabled # Enter 6 in the extended BootWare menu to skip system configuration. This step does not delete the original configuration file.

  • Page 106: Handling User Password Loss When Password Recovery Is Disabled

    # Replace the running configuration with the configuration in the startup.cfg configuration file. Skip this step if you do not want to restore the original configuration. <Sysname> system-view [Sysname] configuration replace file startup.cfg Current configuration will be lost, save current configuration? [Y/N]:n Info: Now replacing the current configuration.
  • Page 107 Contents Managing the device ··················································································································································· 1   Overview ············································································································································································ 1   Configuring the device name ·········································································································································· 1   Changing the system time ················································································································································ 1   Configuration guidelines ········································································································································· 1   Configuration procedure ········································································································································· 4   Enabling displaying the copyright statement ················································································································· 4  ...

  • Page 108: Managing The Device

    Managing the device Overview Device management includes monitoring the operating status of devices and configuring their running parameters. The configuration tasks in this document are order independent. You can perform these tasks in any order. Configuring the device name A device name identifies a device in a network and works as the user view prompt at the CLI. For example, if the device name is Sysname, the user view prompt is <Sysname>.
  • Page 109 Table 1 System time configuration results Command Effective system time Configuration example System time 01:00:00 UTC Mon date-time clock datetime 1:00 01/01/2007. 2007/1/1 Original system time ± 02:00:00 zone-time Sat clock timezone zone-offset 01/01/2005. zone-time add 1 clock datetime 2:00 03:00:00 zone-time Fri 2007/2/2 date-time...
  • Page 110 Command Effective system time Configuration example System time clock summer-time ss 3, 1 one-off 1:00 01:00:00 UTC Tue date-time outside the 2007/1/1 1:00 date-time 01/01/2008. 2007/8/8 2 daylight saving time range) clock datetime 1:00 2008/1/1 clock summer-time ss date-time summer-offset –...

  • Page 111: Configuration Procedure

    You can disable or enable the function as needed. The following is a sample copyright statement: ****************************************************************************** * Copyright (c) 2004-2017 New H3C Technologies Co., Ltd. All rights reserved.* * Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed.

  • Page 112: Configuring Banners

    ****************************************************************************** To enable displaying the copyright statement: Step Command Remarks Enter system view. system-view Enable displaying the copyright-info enable Enabled by default. copyright statement. Configuring banners Banners are messages that the system displays during user login. The system supports the following banners: Legal banner—Appears after the copyright or license statement.

  • Page 113: Configuration Procedure

    <System> system-view [System] header shell A Please input banner content, and quit with the character 'A'. Have a nice day. Please input the password.A Method 3—After you type the last keyword, type the start delimiter and part of the banner and press Enter.

  • Page 114: Configuring The Exception Handling Method

    Configuring the exception handling method You can configure the device to handle system exceptions in one of the following methods: • reboot—The device automatically reboots to recover from the error condition. maintain—The device stays in the error condition so you can collect complete data, including error •...

  • Page 115: Scheduling A Device Reboot

    Scheduling a device reboot The device supports only one device reboot schedule. If you configure the schedule reboot delay command multiple times, the most recent configuration takes effect. The schedule reboot at command and the schedule reboot delay command overwrite each other, and whichever is configured last takes effect.

  • Page 116: Configuration Guidelines

    Scheduling a job in the non-modular Scheduling a job in the modular Comparison item approach approach view. Commands in user view and system Supported commands Commands in all views. view. Can a job be repeatedly Yes. executed? Can a job be saved? Yes.

  • Page 117: Scheduling A Job In The Modular Approach

    Scheduling a job in the modular approach To configure a scheduled job: Step Command Remarks Enter system view. system-view Create a job and enter job-name job view. Specify the view in which You can specify only one view for a the commands in the job view-name view...

  • Page 118: Clearing Unused 16-Bit Interface Indexes

    <Sysname> system-view [Switch] ntp-service refclock-master 2 Configure the AP: # Create a job named pc1, and enter its view. [Sysname] job pc1 # Enter the view of WLAN-Radio 1/0/1. [Sysname-job-job1] view WLAN-Radio1/0/1 # Configure the device to enable Radio 1/0/1 at 8:00 on working days every week. [Sysname-job-job1] time 1 repeating at 8:00 week-day mon tue wed thu fri command undo shutdown # Configure the device to shut down Radio 1/0/1 at 18:00 on working days every week.
  • Page 119 Task Command Remarks display clock [ | { begin | exclude | Display the system time and date. Available in any view. regular-expression include } Display information about the users display configure-user [ | { begin | that have logged in to the device Available in any view.

This manual is also suitable for:

Wa4300 seriesWa4300s series

Table of Contents