Page 1: Installation And Configuration
Avaya W310 WLAN Gateway Installation and Configuration User Guide Document No. 21-300041 Issue 2 October 13, 2004...
Page 2 The final responsibility for securing both this system and its networked equipment rests with you - Avaya’s customer system Avaya Inc. provides a limited warranty on this product. Refer to your administrator, your telecommunications peers, and your managers. sales agreement to establish the terms of the limited warranty. In Base the fulfillment of your responsibility on acquired knowledge and addition, Avaya’s standard warranty language as well as information...
Page 3 Cet appareil numérique de la classe A est conforme à la norme than those specified herein may result in hazardous radiation NMB-003 du Canada. exposures. Contact your Avaya representative for more laser product This equipment meets the applicable Industry Canada Terminal information.
Page 4 Avaya Publications Center (SDoC) Voice 1.800.457.1235 or 1.207.866.6701 FAX 1.800.457.1764 or 1.207.626.7269 Avaya Inc. in the United States of America hereby certifies that the equipment described in this document and bearing a TIA TSB-168 Write: Globalware Solutions label identification number complies with the FCC’s Rules and...
Page 5: Table Of Contents
Switched Network Monitoring (SMON) ............3 Fan and Power Supply ..................3 Chapter 2 Standards and Compatibility .................... 5 Avaya W310 WLAN Gateway Ethernet Standards Supported........ 5 IEEE ........................ 5 IETF - Layer 2 ....................5 IETF - Network Monitoring..................6 Wireless........................
Page 6 Recommended Power Supply Redundancy Scheme..........23 Budgeting Power ....................25 Post-Installation......................25 Chapter 6 Avaya W310 WLAN Gateway Front and Rear Panels ..........27 Avaya W310 WLAN Gateway Front Panel ............27 Right and Left Arrow Buttons ...............31 Avaya W310 Back Panel..................32 DC Input Connector ..................32...
Page 7 Establishing a Serial Connection ................34 Configuring the Terminal Serial Port Parameters ......... 34 Connecting a Terminal to the W310 Serial Port ........... 34 Establishing a Telnet Connection ................35 Establishing a Modem (PPP) Connection with the W310 ........36 Overview .......................
Page 8 Contents Chapter 11 W310 WLAN Gateway Layer 2 Features ..............59 Overview ........................59 Ethernet ........................60 Fast Ethernet ..................60 Gigabit Ethernet ..................60 Configuring Ethernet Parameters ..............60 Auto-Negotiation ...................60 Full-Duplex/Half-Duplex ..............60 Speed .....................60 Flow Control ..................61 Priority ....................61 Media Access Control (MAC) Address ..........62 Channel Access Method (CAM) Table ..........62...
Page 9 Step 1: Start the W310 Manager Web Interface ......... 104 Step 2: Configure the Wireless Domain Servers ......... 105 Step 3: Create a Service Set Identifier (SSID) For The W310 Light Access Point Ports ..................108 Step 4: Define User Groups ..............113 Step 5: Set Policy for the W310 ............
Page 10 Multiple SSIDs: Security ................147 Configuring an SSID Entry .................148 Example ....................148 SSID Table CLI Commands ................149 SSID Table Configuration Using the W310 Wireless Manager ....151 User Group Table ....................154 User Group Table Attributes ...............156 User Group CLI Commands ..............159 Policy User Group ..................161 Policy User Group CLI Command ............161...
Page 11 Channel Selection ................208 Operational Mode ................209 802.11 Interfaces ..................210 Interface Parameters ................210 802.11i ......................213 Radio Card CLI Commands ................ 214 W110 (LAP) and Radio Card Configuration Using the W310 Manager ..215 Avaya W310 Installation and Configuration Guide...
Page 12 Contents Advanced - 802.11a/802.11g Configuration Using the W310 Manager ... LAP Template Configuration - Operational Mode Tab Using the W310 Manager .....................220 Viewing LAP Configuration Using the W310 Manager .....222 Configuring Basic LAP Parameters ..............224 Saving the W310 and W110 Configurations............225 Chapter 13 PoE (Power over Ethernet) Features ................
Page 13 Troubleshooting the Installation ................251 Troubleshooting Image Downloads ..............252 Chapter 17 Updating the Software....................253 Software Download....................253 Obtain Software Online ................253 Downloading Software ................253 Download New Version without Overwriting Existing Version ......254 Avaya W310 Installation and Configuration Guide...
Page 14 Contents Avaya W310 Installation and Configuration Guide...
Page 15: Safety Information
Before You Install the W310 WLAN Gateway Safety Information Caution: The W310 WLAN Gateway contains components sensitive to electrostatic discharge. Do not touch the circuit boards unless instructed to do so. Warning: Only trained and qualified personnel should be allowed to install or replace this equipment.
Page 16: Conventions Used In The Documentation
Warning: This means danger. Failure to follow the instructions or warnings may result in bodily injury. You should ensure that you are qualified for this task and have read and understood all the instructions This provides a helpful hint for successfully installing or configuring the W310. Avaya W310 User’s Guide...
Page 17 Section 1 W310 VERVIEW OF THE...
Page 19: Chapter 1 Avaya W310 Wlan Gateway Overview
W310 provides a richer feature set in the security, mobility and management area and also provides a lower overall cost of ownership for medium/large enterprise or a hotspot service provider.
Page 20: Avaya W310 Features
Network Management and Monitoring Comprehensive network management and monitoring are key to today’s networks. Avaya has provided multiple ways for managing the W310 to suit your needs. Each management tool is explained in detail starting below. Device Manager (Embedded Web) The built-in Device Manager (Embedded Web Manager) allows you to manage a W310 using a Web browser without purchasing additional software.
Page 21: Avaya Integrated Management Suite (Im)
Avaya W310 WLAN Gateway Overview Avaya Integrated Management Suite (IM) When you need extra control and monitoring or need to manage other Avaya equipment, you can use the Avaya Integrated Management suite. This suite provides the ease-of-use and features necessary for optimal network utilization.
Page 22 Chapter 1 Avaya W310 WLAN Gateway Overview Avaya W310 User’s Guide...
Page 23: Standards And Compatibility
Chapter 2 Standards and Compatibility Avaya W310 WLAN Gateway Ethernet Standards Supported The Avaya W310 WLAN Gateway complies with the following standards: IEEE • 802.3x Flow Control on all ports • 802.1Q VLAN Tagging support on all ports • 802.1p Priority Tagging compatible on all ports •...
Page 24: Ietf - Network Monitoring
— Port Copy — VLAN and Priority Statistics • Bridge MIB Groups - RFC 2674 — dot1dbase and dot1dStp fully implemented. — Support for relevant MIB objects: dot1q (dot1qBase, dot1qVlanCurrent) Wireless IEEE • 802.11a • 802.11b • 802.11g Avaya W310 User’s Guide...
Page 25: Chapter 3 Specifications
8 A (max.) ? A@200VAC Inrush current 15 A@100 VAC (max.) 30 A@200VAC (max.) Isolation 1500V RMS with respect to protective ground Environmental Operating Temp. 0 to 40°C (32 to 104°F) Rel. Humidity 5% to 95% non-condensing Avaya W310 User’s Guide...
Page 26: Safety
— 16 x 10/100 Base-T RJ-45 port connectors — 2 x Small Form-Factor Pluggable (SFP) gigabit Ethernet fiber optic connectors • RS-232 for terminal setup via RJ-45 connector on front panel. Basic MTBF • 110,000 hrs minimum. Avaya W310 User’s Guide...
Page 27: W110 Power Requirements
W110 Power Requirements The W310 provides 150W of 802.af compliant power over the 16 ports. There is 9.4W per port. This allows you to attach up to 16 W110s to the W310. The W110 must use Power over Ethernet. 10/100 Base-T Copper Cabling Use a Category 5 copper cable with RJ-45 termination for 100Base-T ports.
Page 28: Usage Restriction
Tx and Rx ports should be protected with an optical connector or a dust plug. Installation Installing and Removing a SFF/SFP GBIC Transceiver Caution: Use only 3.3V Avaya-authorized SFF/SFP GBIC transceivers. Use only SFF/SFP GBIC transceivers that are 3.3V and use Serial Identification. The SFF/SFP GBIC transceiver is fastened using a snap-in clip.
Page 29: Specifications
You should also ensure that the auto-negotiation is enabled for the port at the other end of the link: Use the command to check the auto-negotiation status of the transceiver show port ports. Use the command to enable set port negotiation <module>/<port> enable autonegotiation if necessary. Avaya W310 User’s Guide...
Page 30: Agency Approval
Gigabit Fiber Optic Cabling Modal Maximum Minimum Fiber Diameter Wavelength Gigabit Interface Bandwidth Distance Distance Type (µm) (nm) (MhzKm) 1000BASE-SX 62.5 1000BASE-SX 62.5 1000BASE-SX 1000BASE-SX 1000BASE-LX 62.5 1310 1000BASE-LX 1310 1000BASE-LX 10,000 1310 1000BASE-ELX 70,000 1550 Avaya W310 User’s Guide...
Page 31: Connector Pin Assignments
Chapter 3 Specifications Connector Pin Assignments Console Pin Assignments For direct Console communications, connect the W310 to the Console Terminal using the supplied RJ-45 crossed cable and RJ-45 to DB-9 adapter. Table B.4 Pinout of the Required Connection for Console Communications...
Page 32 Chapter 3 Specifications Avaya W310 User’s Guide...
Page 33 Section 2 ARDWARE NSTALLATION...
Page 35: Chapter 4 Installation
• Phillips (cross-blade) screwdriver Site Preparation You can mount the Avaya W310 in a standard 19-inch equipment rack in a wiring closet or equipment room. When deciding where to position the unit, ensure that the W310 is: • Accessible and cables can be connected easily and according to network design.
Page 36: Rack Mounting (Optional)
1U (44.45 mm, 1.75î) high. It is You can mount the Avaya W310 in a standard 19" rack either in front-mount or mid-mount positions with the brackets supplied with the chassis. The brackets are symmetric: you can fix either bracket on either side.
Page 37: Before You Install The W310 In A Rack
Be careful not to overtighten the screws. Insert the unit into the rack. Ensure that the four W310 screw holes are aligned with the rack hole positions as shown in Figure 4.1 and Figure 4.3.
Page 38 Chapter 4 Installation Figure 4.2 W310 Rack Mounting – Front Figure 4.3 W310 Rack Mounting – Mid Avaya W310 User’s Guide...
Page 39: Wall Mounting (Optional)
Caution: Ensure that the wall and screws can support the weight of the W310. The minimum weight of the W310 is 12 lb (5.5 kg). Place the unit on the wall. Ensure that the four W310 screw holes are aligned with the rack hole positions as shown in Figure 4.4.
Page 40: Making Connections To Network Equipment
Ensure that ventilation holes are not obstructed to ensure proper air flow. Making Connections to Network Equipment This section describes the physical connections that you can make between the W310 switch and other network equipment. Prerequisites...
Page 41 Connect an Ethernet fiberoptic cable (not supplied) to the GBIC transceiver. You can use LC or MT-RJ fiberoptic cables, depending on the GBIC type you are using. For a list of approved SFP GBIC transceivers, see www.avaya.com/support. For fiberoptic cable properties, see Table 4.4.
Page 42 Chapter 4 Installation Avaya W310 User’s Guide...
Page 43: Chapter 5 Powering Up The W310 Wlan Gateway
Chapter 5 Powering Up the W310 WLAN Gateway This section describes the procedures for powering up the W310 unit. Warning: To remove power from the switch, you must disconnect the AC and DC (if connected) power supplies. Using the DC Input You can use the DC input to provide backup power if the AC power source fails.
Page 44: Powering On
Insert the AC power cord into the power inlet in the back of the unit. The unit powers up. After power up or reset, the W310 performs a self-test procedure. — The top row of LEDs (LNK, COL, Tx, etc.) will light up.
Page 45: Recommended Power Supply Redundancy Scheme
This power shelf can house up to three 800W power supplies, yielding up to 2,400W of external power. It can provide up to 300W of Inline power per W310 switch. In a fully populated power shelf configuration, you can provide additional backup power for eight W310 switches (depending on configuration -- see Table 3).
Page 46 Chapter 5 Powering Up the W310 WLAN Gateway Figure 5.2 Connecting Redundant Power Supplies to the W310 AC power DC power (-) DC power (+) Table 5.2 Required Equipment Quantity Description Material code W310 Mobility Gateway APC (Advanced Power Conversion...
Page 47: Budgeting Power
When deciding how many 800W PSUs to install in the APC external DC power shelf, you need to take into account the configuration of the powerinline external power parameter in the W310 switch (set using the set powerinline external power CLI command). Refer to Table 5.3 for guidelines:...
Page 48 Chapter 5 Powering Up the W310 WLAN Gateway Avaya W310 User’s Guide...
Page 49: Chapter 6 Avaya W310 Wlan Gateway Front And Rear Panels
Function LEDs are selected by pressing the left or right button until the desired parameter LED is illuminated. Each function is displayed first for ports 1 to 16. The 10/100Base-T ports of the W310 are numbered 1 to 16. The two SFP GBIC Gigabit Ethernet ports are numbered 51 and 52.
Page 50 Chapter 6 Avaya W310 WLAN Gateway Front and Rear Panels Figure 6.2 W310 LEDs Function LEDs System LEDs Port LEDs Avaya W310 User’s Guide...
Page 51 Chapter 6 Avaya W310 WLAN Gateway Front and Rear Panels Figure 6.3 Order of Function Parameters Selected with the Left/Right Front Panel Buttons Starting Point (after Power-up or Reset) Left Right Button Button Hspd Table 6.1 Avaya W310 Function LED Descriptions...
Page 52 Chapter 6 Avaya W310 WLAN Gateway Front and Rear Panels Description State Meaning The function LEDs apply to all ports. Port is disabled. Port status Port is enabled and link is up. Blinking Port is enabled but the link is down.
Page 53: Right And Left Arrow Buttons
Not enough power All LEDs are lit during reset. Right and Left Arrow Buttons Table 6.2 for a description of the left and right buttons on the W310 front panel. Figure 6.4 Left and Right Arrow Buttons Table 6.2 Avaya W310...
Page 54: Avaya W310 Back Panel
Chapter 6 Avaya W310 WLAN Gateway Front and Rear Panels Avaya W310 Back Panel The W310 back panel contains an AC and DC power supply connectors. Figure 6.5 shows the back panel. Figure 6.5 Avaya W310 Back Panel AC input...
Page 55: Chapter 7 Establishing Switch Access
(Point to Point Protocol (PPP) connection). See Establishing a Modem (PPP) Connection with the W310. You must assign the W310 its own IP address once you have connected. See for more Assigning the W310 IP Address information. Avaya W310 User’s Guide...
Page 56: Establishing A Serial Connection
Establishing Switch Access Establishing a Serial Connection This section provides the procedure for establishing switch access between a terminal and the W310 switch over the serial port provided on the front panel of the W310 (RJ-45 connector labeled “CONSOLE”). Figure 7.1...
Page 57: Establishing A Telnet Connection
Perform the following steps to establish a Telnet connection to the W310 for configuration: Connect your station to the network. Verify that you can communicate with the W310 using Ping to the IP of the W310. If there is no response using Ping, check the IP address and default gateway of both the W310 and the station.
Page 58: Establishing A Modem (Ppp) Connection With The W310
At the prompt, type: set interface ppp <ip_addr><net-mask> with an IP address and netmask to be used by the W310 to connect via its PPP interface. The PPP interface configured with the set interface ppp command must be on a different subnet from the inband interface.
Page 59: Assigning The W310 Ip Address
Assigning the W310 IP Address All W310 switches are shipped with the same default IP address. You must change the IP address of the W310 switch in order to guarantee that it has its own unique IP address in the network.
Page 60 Chapter 7 Establishing Switch Access Avaya W310 User’s Guide...
Page 61: Chapter 8 User Authentication
A login name and password are always required to access the CLI and the commands or the W310 Device Manager. The login name, password, and access-type (i.e., security level) for a user account are established using the username CLI command.
Page 62: Switching Between Entities
Using the CLI: Entering the Supervisor Level The Supervisor level is the level in which you first enter W310 CLI and establish user names for up to 10 local users. When you enter the Supervisor level, you are asked for a Login name.
Page 63: Exiting The Supervisor Level
The Supervisor level prompt is shown below: W310(super)# Entering the W310 Manager If you installed the Avaya W310 Manager as part of Avaya Network Management, the following table provides instructions for starting Avaya W310 Manager. If you run the Avaya W310...
Page 64 Then use this procedure: Manager from: HP Network Node Manager From the network management map: (NNM) 1 Select the Avaya W310 Device you want to manage. 2 Click in the OpenView toolbar. Double-click on the Avaya W310 Device. Select Tools > Avaya Device Manager.
Page 65 3 To save the password on your computer, check the Save this password in your password list checkbox. 4 Click OK. The Avaya W310 Welcome page opens. — If the required Java plug-in is installed on your computer, the Java Plug-in Security Warning dialog box opens after a few seconds.
Page 66: Radius
(account) information is configured that provides various degrees of access to the switch. The W310 will run as a RADIUS client. When a user attempts to log into the W310, if there is no local user account for the entered user name and password, then the W310 will send an Authentication Request to the RADIUS server in an attempt to authenticate the user remotely.
Page 67 Local User account authenticated in switch? Authentication request sent to RADIUS Server User name and password authenticated? Authentication Reject Perform log-in according sent to switch to user's priviliege level User cannot access switch to switch embedded managegment Avaya W310 User’s Guide...
Page 68: Using Radius Cli Commands
The shared secrets will not be displayed For a complete description of the RADIUS CLI commands, including syntax and output examples, refer to W310 CLI Reference Guide. Using the W310 Manager To view or set the RADIUS configuration information about the device: —...
Page 69 Use the Set Primary Server Status field. server • Set to True so the configured primary RADIUS server is available for connection. • Set to False so the primary RADIUS server is not available for connection. Continued Avaya W310 User’s Guide...
Page 70 RADIUS Secondary Server Status field(s). Set to False so authentication server the RADIUS server is not available for connection. • Use the Primary Server IP Address and/or Secondary Server IP Address field(s). Remove the IP address. Avaya W310 User’s Guide...
Page 71: Allowed Managers
Show whether the status of allowed show allowed managers status managers is enabled or disabled Show the IP addresses of the managers show secure current that are currently connected Avaya W310 User’s Guide...
Page 72 Chapter 8 User Authentication Avaya W310 User’s Guide...
Page 73 Section 3 ONFIGURATION...
Page 75: Chapter 9 W310 Wlan Gateway Default Settings
Device Manager User’s Guide on the Documentation and Utilities CD. W310 Default Settings The default settings for the W310 switch and its ports are determined by the W310 software. These default settings are subject to change in newer versions of the W310 software. See the Release Notes for the most up-to-date settings.
Page 76 Chapter 9 W310 WLAN Gateway Default Settings Table 9.1 Default Switch Settings Function Default Setting Timezone offset 0 hours SNMP communities: Read-only Public Read-write Public Trap SNMP Public SNMP authentication trap Disabled CLI timeout 15 Minutes User Name/Password root/root Functions operate in their default settings unless configured otherwise.
Page 77 Chapter 9 W310 WLAN Gateway Default Settings Function Default Setting Eavesdropping Prevention Intrusion Prevention Tagging mode Clear Clear Port priority Spanning Tree cost Spanning Tree port priority InLine Power Enabled Not applicable InLine Power Priority Not applicable 1 Ensure that the other side is also set to Autonegotiation Enabled.
Page 78 Chapter 9 W310 WLAN Gateway Default Settings Avaya W310 User’s Guide...
Page 79: Chapter 10 Basic Switch Configuration
Clear the current terminal display clear screen Set the number of minutes before an set logout inactive CLI session automatically logs Display the number of minutes before show logout an inactive CLI session automatically times out Avaya W310 User’s Guide...
Page 80: System Parameter Configuration
Chapter 10 Basic Switch Configuration System Parameter Configuration Identifying the System Using the CLI In order to make a W310 WLAN Gateway switch easier to identify, you can define a • name for the switch, • contact information for the switch technician and the •...
Page 81 Use the Physical Location field to enter the current the W310 physical location of this device. View the identify of the See the Device Family field to view the model of the device family device. Continued Avaya W310 User’s Guide...
Page 82: Network Time Acquiring Protocols Parameter Configuration
Fatal - Device is reporting errors that are not recoverable. Network Time Acquiring Protocols Parameter Configuration The W310 can acquire the time from a Network Time Server. W310 supports the • Simple Network Time Protocol (SNTP) Protocol (RFC 958) over User Datagram Protocol (UDP) port 123 or •...
Page 83 Display the current time show time Display the time status and parameters show time parameters Display the current time zone offset show timezone Get the time from the time server get time Avaya W310 User’s Guide...
Page 84 Chapter 10 Basic Switch Configuration Avaya W310 User’s Guide...
Page 85: Chapter 11 W310 Wlan Gateway Layer 2 Features
W310 for Layer 2 operation. Overview The W310 family supports a range of Layer 2 features. Each feature has CLI commands associated with it. These commands are used to configure, operate, or monitor switch activity for each of the Layer 2 features.
Page 86: Ethernet
Chapter 11 W310 WLAN Gateway Layer 2 Features Ethernet Ethernet is one of the most widely implemented LAN standards. It uses the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) access method to handle simultaneous demands. CSMA/CD is a multi-user network allocation procedure in which every station can receive the transmissions of every other station.
Page 87: Flow Control
Priority By its nature, network traffic varies greatly over time, so short-term peak loads may exceed the W310 capacity. When this occurs, the W310 must buffer frames until there is enough capacity to forward them to the appropriate ports. This, however, can interrupt time-sensitive traffic streams, such as Voice and other converged applications.
Page 88: Media Access Control (Mac) Address
• If the ingress port was a W310 port or a W310 Gigabit Ethernet port (51,52), the packet will be tagged either priority 0 or priority 4, depending on the queue it was assigned to (High Priority=4, Normal Priority=0).
Page 89: Ethernet Configuration Cli Commands
Ethernet Configuration CLI Commands The following table contains a list of the configuration CLI commands for the Ethernet feature. The rules of syntax and output examples are all set out in detail in the Avaya W310 CLI Reference Guide. Table 11.1 Configuration CLI Commands for Ethernet Feature In order to...
Page 90: Ethernet Port Configuration Using The W310 Manager
* It is recommended to set ports connected to W110 to flow-control off and auto- negotiation enabled. Ethernet Port Configuration Using the W310 Manager To view the General tab of the Port Configuration dialog box for a selected port: •...
Page 91 Chapter 11 W310 WLAN Gateway Layer 2 Features The following table provides a list of the fields in the Port Configuration dialog box of the General tab and their descriptions. Table 11.2 Port Configuration Dialog Box - General Tab Parameters...
Page 92 Chapter 11 W310 WLAN Gateway Layer 2 Features Table 11.2 Port Configuration Dialog Box - General Tab Parameters (Continued) Field Description Tagging Mode The port’s operational mode regarding VLANs. The possible modes are: • Clear - Transmits each outgoing packet in untagged format if it belongs to the port’s VLAN.
Page 93 Chapter 11 W310 WLAN Gateway Layer 2 Features Table 11.2 Port Configuration Dialog Box - General Tab Parameters (Continued) Field Description Auto Negotiation Status The operational state of the Auto-Negotiation protocol between two stations. Possible statuses are: • Pass - The Auto-Negotiation protocol is enabled and a common protocol has been established.
Page 94: Vlan Configuration
Chapter 11 W310 WLAN Gateway Layer 2 Features VLAN Configuration VLAN Overview A VLAN is made up of a group of devices on one or more LANs that are configured so that they operate as if they form an independent LAN, when in fact they may be located on a number of different LAN segments.
Page 95: Vlan Tagging
Chapter 11 W310 WLAN Gateway Layer 2 Features In Figure 11.3, the W310 has three separate VLANs: Sales, Engineering, and Marketing. Each VLAN has several physical ports assigned to it with PCs connected to those ports. When traffic flows from a PC on the Sales VLAN for example, that traffic is only forwarded out the other ports assigned to that VLAN.
Page 96 Chapter 11 W310 WLAN Gateway Layer 2 Features In order to accomplish this, W310 allows you to set multiple VLANs per port. The three available Port Multi-VLAN binding modes are: • Bind to All – the port is programmed to support the entire 3K VLANs range. Traffic from any VLAN is forwarded through a port defined as “Bind to All”.
Page 97: Ingress Vlan Security
VLAN CLI Commands The following table contains a list of the CLI commands for the VLAN feature. The rules of syntax and output examples are all set out in detail in the W310 CLI Reference Guide. Table 11.3 VLAN CLI Commands In order to...
Page 98: Vlan Configuration Using The W310 Manager
Chapter 11 W310 WLAN Gateway Layer 2 Features VLAN Configuration Using the W310 Manager To configure VLAN names, numbers, and component switch ports: Click Select Configure > VLANs. The VLAN Configuration dialog box opens. Click the New button on the bottom of the dialog. The Port Configuration dialog appears.
Page 99 Chapter 11 W310 WLAN Gateway Layer 2 Features Table 11.4 Port Configuration Area Parameters (Continued) In order to . . . Do the following . . . Set the configured In the Binding Style field, from the drop-down menu, binding style on the port select the binding style configured on the port.
Page 100: Ieee 802.1X Pbnac (Port Based Network Access Control)
“unauthorized” which closes the port to any traffic. • As a result of an authentication attempt, the W310 port can be either in a “blocked” or a “forwarding” state. 802.1X interacts with existing standards to perform its authentication operation. Specifically,...
Page 101: Pbnac Implementation In The W310
• You can configure PBNAC on the 10/100 Mbps Ethernet ports only. • Works only if a RADIUS server is configured on the W310 and the RADIUS server is carefully configured to support 802.1X. • PBNAC and port/intermodule redundancy can co-exist on the same ports.
Page 102: Pbnac Cli Commands
Chapter 11 W310 WLAN Gateway Layer 2 Features Set the dot1x system-auth-config to enable; the authentication process starts: — The supplicant is asked to supply a user name and password. — If authentication is enabled on the port, the Authenticator initiates authentication when the link is up.
Page 103 Chapter 11 W310 WLAN Gateway Layer 2 Features In order to... Use the following command... Set the authentication period (an idle set dot1x re-authperiod time between re-authentication attempts) Set the authenticator-to-supplicant set dot1x supp-timeout retransmission timeout period (the time for the switch to wait for a reply from...
Page 104: Spanning Tree Protocol
Spanning Tree Protocol Overview W310 devices support both common Spanning Tree protocol (802.1d) and the enhanced Rapid Spanning Tree protocol (802.1w). The 802.1w is a faster and more sophisticated version of the 802.1d (STP) standard. Spanning Tree makes it possible to recover connectivity after an outage within a minute or so.
Page 105: Spanning Tree Per Port
The Spanning Tree can take up to 30 seconds to open traffic on a port. This delay can cause problems on ports carrying time-sensitive traffic. You can therefore enable/disable Spanning Tree in the W310 on a per-port basis to minimize this effect. Rapid Spanning Tree Protocol (RSTP) About the 802.1w Standard...
Page 106: Spanning Tree Implementation In The W310 Family
– automatic detection of point-to-point link – is sufficient for most networks. Spanning Tree Implementation in the W310 Family RSTP is implemented in the W310 family of products so that it is interoperable with the existing implementation of STP. In order to configure the switch to either common Spanning Tree or Rapid Spanning Tree protocol, use •...
Page 107: Spanning Tree Protocol Cli Commands
Spanning Tree Protocol CLI Commands The following table contains a list of CLI commands for the Spanning Tree feature. The rules of syntax and output examples are all set out in detail in the W310 CLI Reference Guide. Table 11.6 Spanning Tree Protocol CLI Commands In order to...
Page 108 Chapter 11 W310 WLAN Gateway Layer 2 Features Table 11.6 Spanning Tree Protocol CLI Commands In order to... Use the following command... Set the TX hold count for the STA set spantree tx-hold-count Add a port to the spanning tree...
Page 109: Spanning Tree Configuration Using The W310 Manager
In order to configure Spanning Tree parameters, do the following: Click the W310 symbol in the Chassis View. Click the W310 icon in the Tree View. The Device Information dialog box opens to the General tab. Select The Device Information Dialog - Advanced Tab. This tab provides you with network bridging information about the Avaya W310 device.
Page 110 Set the amount of time a In the STP Forward Delay field, click on the numeric W310 will wait before value to enter the amount of time for the W310 to begin forwarding packets forwarding packets when first joining a network.
Page 111 Set the amount of time the In the Aging Time (sec) field, click on the numeric value W310 must wait before it to enter the amount of time before the W310 requests requests STP information Spanning Tree information from neighboring devices.
Page 112: Mac Aging
MAC Aging CLI Commands The following table contains a list of the CLI commands for the MAC Aging feature. The rules of syntax and output examples are all set out in detail in the W310 CLI Reference Guide. Table 11.8 MAC Aging CLI Commands In order to...
Page 113: Link Aggregation Group (Lag)
10x). This logical port number can then be used as any regular panel port for all configuration required for the LAG (Spanning Tree, Redundancy, etc.) In the W310, you need to erase all ports in the LAG in order to remove it. LAG CLI Commands The following table contains a list of the CLI commands for the LAG feature.
Page 114: Lag Configuration Using The W310 Manager
Chapter 11 W310 WLAN Gateway Layer 2 Features LAG Configuration Using the W310 Manager To view the LAG Table: Click Select Configure > Port LAG. The LAG Information table opens. To configure a LAG, click the Wizard button on the bottom of the dialog.
Page 115: Lag Implementation In The W310
W310 WLAN Gateway Layer 2 Features LAG Implementation in the W310 This section describes the implementation of the LAG feature in the W310. With the W310, you can aggregate the following to form a maximum of four (4) LAGs per W310: •...
Page 116 Chapter 11 W310 WLAN Gateway Layer 2 Features Port Redundancy interworks with the Spanning Tree Algorithm. The Port Redundancy feature functions as follows: • Port Redundancy enables the user to establish 20 pairs of ports. Within each pair, primary and secondary ports are defined. To prevent loops, only one port is enabled at a time.
Page 117: Port Redundancy Cli Commands
Port Redundancy CLI Commands The following table contains a list of the CLI commands for the Redundancy feature. The rules of syntax and output examples are all set out in detail in the W310 CLI Reference Guide. Table 11.10 Redundancy CLI Commands (check spec) In order to...
Page 118 Chapter 11 W310 WLAN Gateway Layer 2 Features Update the device by clicking Apply. Figure 11.8 Port Redundancy Dialog Box The Port Redundancy dialog box provides a list of all port redundancies configured on the switch, with their respective primary and secondary ports and the device’s port redundancy configuration.
Page 119 Chapter 11 W310 WLAN Gateway Layer 2 Features Table 11.11 Port Redundancy Fields (Continued) In order to . . . Do the following . . . Select the secondary Use the Secondary field to enter the secondary port of redundancy port the port redundancy pair.
Page 120: Ip Multicast Filtering
This learning is based on IGMP (version 1 or 2) snooping. The multicast filtering function in the W310 is transparent to the IP hosts and routers. It does not affect the forwarding behavior apart from filtering multicast packets from certain ports where they are not needed.
Page 121: Setting Up Timers For Ip Multicast Filtering
IP Multicast CLI Commands The following table contains a list of the CLI commands for the IP Multicast feature. The rules of syntax and output examples are all set out in detail in the W310 CLI Reference Guide. Table 11.12 IP Multicast CLI Commands In order to...
Page 122: Ip Multicast Implementation In The Avaya W310
Chapter 11 W310 WLAN Gateway Layer 2 Features IP Multicast Implementation in the Avaya W310 This section describes the implementation of the IP multicast feature in the Avaya W310: • No. of multicast groups — 255 IP Multicast Filtering Configuration Using the W310 Manager To configure IP Multicast Filtering: •...
Page 123 This time allows other hosts to report to the device. filtering begins The valid range for this parameter is 1 - 300 seconds. To change the IP Multicast filtering configuration for the Avaya W310 Device, change the IP Multicast filtering parameters described above. •...
Page 124: Weighted Queuing
— Giga ports — the Low priority queue will transmit only if the High priority queue has nothing to transmit. — W310 10/100 ports — the Lower priority queue will transmit only if none of the Higher priority queue has nothing to transmit.
Page 125: Port Classification
Port Classification Overview With the W310, you can classify any port as regular or valuable. Setting a port to valuable means that, in case of Ethernet link failure of that port, a link fault trap can be sent even when the port is disabled and a fast aging operation on the CAM table will be performed.
Page 126 Chapter 11 W310 WLAN Gateway Layer 2 Features Figure 11.10 Port Configuration Dialog Box - Advanced Tab The following table provides a list of the fields in the Port Configuration dialog box specific to port classification. Table 11.15 Port Configuration Dialog Box - Advanced Tab Parameters In order to .
Page 127: Ports Connected To W110 Lap
Chapter 11 W310 WLAN Gateway Layer 2 Features Ports connected to W110 LAP Table 11.16 summarizes the changes in behavior when you connect W110 LAPs to an Ethernet port: Table 11.16 Ports connected to W110 LAPs Parameter/Function Change in behavior/value...
Page 128 Chapter 11 W310 WLAN Gateway Layer 2 Features Avaya W310 User’s Guide...
Page 129: Chapter 12 W310 Wlan Gateway Wireless Features
W310 for wireless operation. Overview The W310 performs all functions that were once part of the Access Point operation using a W110 WLAN Access Point (LAP). The W310 also supports the traditional Access Points that are migrated to Light Access Points (LAPs).
Page 130: W310 Wireless Network Configuration Using The W310 Manager Web Interface
IP address of the switch. Note: The user name is “root” The default password for read-write access is “root”. Once you enter the User Name and Password, the W310 Manager Welcome page appears (as shown on the next page).
Page 131: Step 2: Configure The Wireless Domain Servers
Configure the wireless domain with only one master and one backup (optional) W310. For each additional W310 that is a member of the domain, you must configure the W310 to point to the same master and backup. Also, if configuring a backup for the wireless domain, it must not be the same W310 as the master.
Page 132 Chapter 12 W310 WLAN Gateway Wireless Features Use the following table provides a list of the fields in the Wireless Domain Configuration dialog box. Use this field . . . To do the following . . . Master gateway IP address Click on the text field to enter the IP address of the primary wireless gateway.
Page 133 • When checked, all attached LAPs use the configured Wireless Domain Master Gateway Community string. - If you run the Avaya W310 Manager from an Avaya Network Management Console, Avaya W310 Manager uses the community string configured in the Network Management Console.
Page 134: Step 3: Create A Service Set Identifier (Ssid) For The W310 Light Access Point Ports
Chapter 12 W310 WLAN Gateway Wireless Features Step 3: Create a Service Set Identifier (SSID) For The W310 Light Access Point Ports Note: For information on SSIDs, see Multiple Service Set Identifiers (SSIDs). In the W310 Manager, select Configure and then SSID Table from the menu bar. The SSID Table displays as shown below.
Page 135 Chapter 12 W310 WLAN Gateway Wireless Features Note: You can edit the "default" SSID row if necessary by selecting any of the parameters. However, you cannot delete the default SSID. Use this field . . . To do the following . . .
Page 136 VLANs are accessible, while on others, only a limited set is accessible. An accessible VLAN does not require the tunneling of broadcasts to a W310 in cases where a client on the accessible VLAN roams to a W310. Normally, a VLAN is considered "accessible" if one of the following is true: •...
Page 137 • Client/server mutual authentication. • WPA-PSK (Pre-Shared Key): For networks that do not have 802.1x implemented, you can configure the W310 to authenticate clients based on a Pre-Shared Key. Note: For details on each security mode, see Authentication and Encryption Modes.
Page 138 Chapter 12 W310 WLAN Gateway Wireless Features Use this field . . . To do the following . . . Closed System Set closed system for an SSID using the drop-down menu. • When enabled, the clients must have the same SSID as the Access Point in order to communicate.
Page 139: Step 4: Define User Groups
Step 4: Define User Groups Note: If you are using a RADIUS server, you must define the User Group in the W310 Device Manager with the same name used for the RADIUS server User Group. The RADIUS server property for User Group is 841.
Page 140 Chapter 12 W310 WLAN Gateway Wireless Features In the W310 Device Manager User Group Table dialog, if you want to enter an IP address for a static Home Gateway, click on the Home Gateway field, highlight the text entry, and type in the IP address.
Page 141 Chapter 12 W310 WLAN Gateway Wireless Features Use this field . . . To do the following . . . Policy Name Policy User Group ID (PUGID) is a name of a group of users that is used for policy (ACL and QoS) classification.
Page 142: Step 5: Set Policy For The W310
Note: You can only set policy using the CLI. It is recommended that you keep the W310 Manager open since you will go back to it in Step 5. Use the following procedure and guidelines to set policy for the W310 wireless network.
Page 143 W310-1 (super/ACL 330/ip rule 21)# Define the IP rule parameters. The table that follows defines the parameters that you can use. You can find more detailed information on each command in the W310 CLI Reference Guide. Use this command . . .
Page 144 Chapter 12 W310 WLAN Gateway Wireless Features Use this command . . . To do the following . . . Set the IP protocol for the specified rule using either the ip-protocol name or number. <name> | <number> Protocol Description...
Page 145 25 Example: W310-1 (super/ACL 330)#ip-rule 21 W310-1 (super/ACL 330/ip rule 21)#composite-operation "Allow" W310-1 (super/ACL 330/ip rule 21)#ip-protocol tcp W310-1 (super/ACL 330/ip rule 21)#source-user-group guests (super/ACL 330/ip rule 21) destination-ip any tcp destination-port eq 25 Avaya W310 User’s Guide...
Page 146: Step 6: Define Access Point Groups
(LAP) port. For example, when a packet arrives from the W110 (ingress) to the W310 or to the W110 (egress) from the W310, the packet is checked against the policy list that is bound to the Access Point Group of that W110 port.
Page 147: Step 7: Configure The W110 (Lap(S))
Chapter 12 W310 WLAN Gateway Wireless Features Assign the W310 ports for the W110 (LAP) to the AP Interface. These are the LAPs that will use the policies described in the previous steps. W310-1 (super/AP-Group name)#add-ports <port_number> where: — <port_number> specifies the ports on the W310 which have LAPS attached.
Page 148 When enabled, the W110 (LAP) selects its channel frequency automatically. Automatic Channel Selection automatically enables when Regulatory Domain is ETSI. If you disable Automatic Channel Selection through the W310 Device Manager or the CLI (channel-selection selective), then you must set the Channel Frequency for the W110.
Page 149 Chapter 12 W310 WLAN Gateway Wireless Features Use this field . . . To do the following . . . Automatic Channel Available frequency bands for Automatic Channel Selection Allowed Band Selection to scan. Values are any combination of: •...
Page 150: Step 8: Create Or Modify A Mac Access Control List
If you need to configure any of the following, then continue to Step 8 and/or 9. Otherwise, you have completed the configuration of the W310 and its LAPs, go to Step — Step 8: Create or modify a MAC access control list.
Page 151 Chapter 12 W310 WLAN Gateway Wireless Features Use the following table to make entries to the fields in the Authorized MAC ACL. Use this field . . . To do the following . . . Authorized MAC Click Insert on the bottom of the dialog. A new row Address appears.
Page 152: Step 9: Create Or Modify A Rogue Ap Detection List
If you need to configure any the following, then continue to Step 9. Otherwise, you have completed the configuration of the W310 and its LAPs, go to Step 10. — Step 9: Create or modify a Rogue AP Detection List.
Page 153 Chapter 12 W310 WLAN Gateway Wireless Features Use the following table to make entries in the Rogue AP Detection List. Use this field . . . To do the followong . . . Authorized MAC Click Insert on the bottom of the dialog. A new row Address appears.In the new text field, enter the MAC address of...
Page 154: Step 10: Copy The Running Configuratin To The Startup Configuration
W310 Wireless Network Configuration Using the Command Line Interface Step 1: Entering the CLI Log on to the W310 and you are placed in the W310 CLI. The command line should appear as follows. W310-1(super)# The default username and password is root.
Page 155 Chapter 12 W310 WLAN Gateway Wireless Features Default W310 Settings Function Default Setting IP address 149.49.32.134 Subnet Mask 255.255.255.0 Default gateway 0.0.0.0 Management VLAN ID Spanning tree Enabled Bridge priority for Spanning Tree 32768 Keep alive frame transmission Enabled Network time acquisition...
Page 156 Chapter 12 W310 WLAN Gateway Wireless Features Default Port Settings Function Default Setting Ports 1 to 16 Ports 51 and 52 Duplex mode Half/Full duplex Full duplex only depends on auto- negotiation results Port speed 10/100 Mbps 1000 Mbps Depends on auto-...
Page 157: Step 3: Configure The Wireless Domain Parameters
— Enter a name for the domain up to 64 characters. For example: wireless-domain-servers 192.168.49.75 192.168.49.88 R&D Done! Note: If you do not have a backup, you must enter the IP address of the W310 master gateway and the domain. Avaya W310 User’s Guide...
Page 158: Step 4: Configure The Radius Authentication Server(S)
Set the shared secret • Optionally, set the amount of time to wait and the number of retries for the W310 to wait after sending an access request to the RADIUS server In the example, the RADIUS server with an IP address of 192.40.12.36 is set as the primary server.
Page 159: Step 5: Configure The Service Set Identifier (Ssid) Table Entry Parameters
An SSID named "guest" and "company" are created and assigned to all ports (guest) and port 5 only (company) on the W310. Once the SSID is assigned, — The SSID "guest" operates in a low security environment and does not require a "closed system"...
Page 160 W310 WLAN Gateway Wireless Features Example: Create "guest" SSID In this example, the SSID "guest" is created and assigned to all the W310 ports with W110s connected. Type y for yes when you receive the prompt to reboot the LAP(s).
Page 161 Example: Create "company" SSID In this example, the SSID "company" is created and it is assigned to the W110 (LAP) connected to only port 5 on the W310. W310-1(super)# ssid company W310-1(super/SSID company)# vlan by-user-group-table This command will reboot the LAP(s) - do you want to continue...
Page 162: Step 6: Define User Groups
W310-1(super/SSID company)# exit Step 6: Define User Groups Note: If you are using a RADIUS server, you must define the User Group in the W310 Device Manager with the same name used for the RADIUS server User Group. The RADIUS server property for User Group is 841.
Page 163 AP Groups in Step 7. — You can add or remove an AP Group that a user group can access with this command. Example W310-1(super/User group engineering)# allowed-ap-list add public-aps Done! Type exit to return to the W310-1(super)# prompt. Avaya W310 User’s Guide...
Page 164 Chapter 12 W310 WLAN Gateway Wireless Features Step 7: Set Policy for the W310 Use the following procedure and guidelines to set policy for the W310 wireless network. Create an access control list (ACL) as follows: W310-1 (super)#ip access-control-list <index>...
Page 165 Chapter 12 W310 WLAN Gateway Wireless Features Use this command . . . To do the following . . . Set the operation performed on packets/sessions that match composite- the specified IP rule. operation <Permit | Deny | • Permit (default) Deny-Notify | •...
Page 166 Chapter 12 W310 WLAN Gateway Wireless Features Use this command . . . To do the following . . . Set the IP protocol for the specified rule. ip-protocol <name> | <number> Protocol Description Authentication header protocol Encapsulation security protocol...
Page 167 Example: tcp destination-port eq 25 Example: W310-1 (super/ACL 330)#ip-rule 21 W310-1 (super/ACL 330/ip rule 21)#composite-operation "Allow" W310-1 (super/ACL 330/ip rule 21)#ip-protocol tcp W310-1 (super/ACL 330/ip rule 21)#source-user-group guests destination-ip any tcp destination-port eq 25 Avaya W310 User’s Guide...
Page 168: Step 8: Define Access Point Groups
(LAP) port. For example, when a packet arrives from the W110 (ingress) to the W310 or to the W110 (egress) from the W310, the packet is checked against the policy list that is bound to the Access Point Group of that W110 port.
Page 169: Step 9: Configure Basic W110 (Lap) Parameters
W310-1 (super/AP-Group public-aps)#add-ports 1,3,5-8,12. Step 9: Configure Basic W110 (LAP) Parameters To configure the W110 (LAP) and associate it to a physical W310 port, you must enter and configure W110 (LAP) and radio 802.11 context mode modes. The following example shows: •...
Page 170: Step 10: Copy The Running Configuration To The Startup Configuration
Chapter 12 W310 WLAN Gateway Wireless Features Note: When assigning a radio card template, the example shows assigning an 802.11a template. If you are using a different radio, replace the "a" designation in the command reference with the W110 (LAP) technology you are using (for example, "g").
Page 171: Seamless Roaming
Chapter 12 W310 WLAN Gateway Wireless Features Seamless Roaming The W310 allows wireless clients to roam in the following types of environments: • Connected to the same W310 in the same VLAN • Connected to different W310s in the same VLAN •...
Page 172: Accessible Vlan
If there is no user group with a name equal to an SSID, then the VLAN from the default user group is assigned. If it is not configured, it will be equal to the VLAN of the W310 inband interface. If no VLAN is configured for a W310, then you must define an accessible VLAN.
Page 173: Multiple Ssids: Ssid Broadcast
Chapter 12 W310 WLAN Gateway Wireless Features Multiple SSIDs: SSID Broadcast Multiple SSIDs lets you mix and match the broadcasting of SSIDs. Each SSID can support its own set of broadcast and multicast encryption keys. The encryption keys are optional.
Page 174: Configuring An Ssid Entry
In the example that follows: • An SSID named "lobby" is created and assigned to physical port 1 on the W310. • Once the SSID is assigned, operation in a low security environment does not require a "closed system"...
Page 175: Ssid Table Cli Commands
Chapter 12 W310 WLAN Gateway Wireless Features SSID Table CLI Commands In order to... Use the following command... Enter or create an SSID table mode. ssid Display the SSID’s table parameters show ssid and associated Light Access Points (LAPs) Set an SSID to all W110s (LAP)
Page 176 Chapter 12 W310 WLAN Gateway Wireless Features In order to... Use the following command... Enable or disable a closed system. If closed-system broadcast is enabled, then closed system must be disabled. If closed-system is enabled (not-accept- any), the setting of the broadcast command has no effect.
Page 177: Ssid Table Configuration Using The W310 Wireless Manager
The SSID Table displays security and encryption information for LAPs connected to the Avaya W310 device. To view the SSID Table, select the W310 Wireless Manager tab > Configure from the menu bar > SSID Table in the Wireless Manager.
Page 178 Chapter 12 W310 WLAN Gateway Wireless Features The following table provides a list of the fields in the SSID Table and their descriptions: Figure 12.3 SSID Table Parameters Field Description Set a Service Set Click Insert and then enter the SSID name in the SSID Identifier (SSID) field.
Page 179 Chapter 12 W310 WLAN Gateway Wireless Features Figure 12.3 SSID Table Parameters (Continued) Field Description Enable or disable a Click Insert and select Enable or Disable from the drop- closed system down menu. • Enable - Only clients assigned with the same SSID name can communicate on the wireless network •...
Page 180: User Group Table
(for example, a RADIUS server), or • defined locally on the W310 (for example, the default group used for successful authentications). The typical topology for User Groups will included the following groups.
Page 181: User Group Table Attributes
— Policy User Group Using the W310 Manager • Allowed Access Point Group — Allowed Access Point Group CLI Commands — Allowed Access Point Group Using the W310 Manager • Home W310 Gateway — Home W310 Gateway CLI Command — Home W310 Gateway Using the W310 Manager •...
Page 182 W310 WLAN Gateway Wireless Features User Group Table Attributes The User Group Table is a W310 local table that contains an entry for each User Group name. The User Group Table of attributes includes the following: User Group Table Attribute...
Page 183 User Group Table Attribute Description In the W310 Device Manager User Group Table dialog, if you want to enter an IP address for a static Home Gateway, click on the Home Gateway field, highlight the text entry, and type in the IP address. If you want to change a static home gateway to a dynamic home gateway, click the down arrow to the right of the field and select “dynamic home...
Page 184: Issue
SSID to which the user logged on specifies in the VLAN field that it is "by user group table". The user’s VLAN, in this case, is the W310 User Group Table entry’s VLAN. Only a one SSID per W110 can have its VLAN field set "by user group table".
Page 185 Chapter 12 W310 WLAN Gateway Wireless Features User Group CLI Commands The following are the CLI commands used to configure or display a user group table. In order to... Use the following command... Show the user group table attributes show and default user-group.
Page 186 W310 WLAN Gateway Wireless Features User Group Using the W310 Manager To configure the User Group Table, select the W310 Wireless Manager tab > Configure > User Group Table in the Wireless Manager and click the Insert button. Figure 12.4 User Group Table...
Page 187: Policy User Group
Policy User Group Using the W310 Manager On the User Group Table dialog, you enter the name of the policy that will be applied to the user group (See Figure 12.4 User Group Table) Table 12.2...
Page 188: Allowed Access Point Group
Access Points. Allowed Access Point Group Using the W310 Manager To view the User Group Table, select Configure > User Group Table in the Wireless Manager. Avaya W310 User’s Guide...
Page 189 Chapter 12 W310 WLAN Gateway Wireless Features Figure 12.5 User Group Table The following table provides a list of the fields relevant to the AP Group in the Device IP Configuration dialog box Advanced tab and their descriptions: Table 12.3...
Page 190: Home W310 Gateway
The W310 determines when a user is no longer connected to the network so that when the user re-enters the network, the W310 with which the user first associates will be the new home gateway. The scenario may find that many users are associated to the same home gateway.
Page 191: Home W310 Gateway Using The W310 Manager
Home W310 Gateway Using the W310 Manager The Home W310 Gateway is configured through the User Group Table. To view the User Group Table, select the W310 Wireless Manager tab > Configure > User Group Table in the Wireless Manager.
Page 192: Vlan
Network Name (SSID). An Ethernet port on the access point connects a wireless cell or network to a wired backbone, in this case the W310. The access points communicate across a VLAN-capable switch (W310) that analyzes VLAN-tagged packet headers and directs traffic to the appropriate ports.
Page 193: Vlan Workgroups And Traffic Management
W310 WLAN Gateway Wireless Features In the figure below, the numbered items correspond to the following components: VLAN-enabled access point W310 VLAN-aware switch (IEEE 802.1Q uplink) AP management via wired host (SNMP, Web interface or CLI) DHCP Server RADIUS Server...
Page 194: Traffic Management
The AP would insert VLAN headers or “tags” with identifiers into the packets transmitted on the wired backbone to a network switch. Finally, the W310 would be configured to route packets from the EMPLOYEE workgroup to the appropriate corporate resources such as printers and servers. Packets from the GUEST workgroup could be restricted to a gateway that allowed access to only the Internet.
Page 195: Typical Vlan Management Configurations
Chapter 12 W310 WLAN Gateway Wireless Features Typical VLAN Management Configurations • Control Access to the AP Management access to the AP can easily be secured by making management stations or hosts and the AP itself members of a common VLAN. Simply configure a non-zero management VLAN ID and enable VLAN to restrict management of the AP to members of the same VLAN.
Page 196: Configuring Vlan Flow Chart
Chapter 12 W310 WLAN Gateway Wireless Features Configuring VLAN Flow Chart Enter the CLI or W310 Device Manager Is the SSID Security Did Authentication User rejected. Mode set to "none"? succeed? VLAN - SSID VLAN Is SSID VLAN defined? VLAN = User Group...
Page 197: Vlan Cli Commands
VLAN Using the W310 Manager Virtual Local Area Network (VLAN) is configured through the User Group Table. To view the User Group Table, select the W310 Wireless Manager tab > Configure > User Group Table in the Wireless Manager. Figure 12.8 User Group Table...
Page 198: Configuring A User Group Table
Configuring a User Group Table The following procedure explains how to create a User Group Table for the W310. The User Group Table consists of parameters for the User Group accessing the wireless network. Enter a name for the user group. In this example, the user group is named "marketing": W310-1<super># user-group marketing...
Page 199: Access Point (Ap) Group
User Group. The default is to have all users access all APs. However, in situations where you want to confine the use of certain APs, a system administrator can create an AP Group Interface. This interface consists of the W310 ports to which the Access Points are connected.
Page 200: Configuring An Access Point Group Interface
Assign a name to the Access Point Group Interface. W310-1(super)#interface AP-Group engineering W310-1(super/AP-Group engineering) Add the W310 ports that are connected to the Access Points you want in the AP Group. W310-1(super/AP-Group engineering)#add-ports 8-12 W310-1(super/AP-Group engineering) Check your entries by using the show command.
Page 201: Ap Group Configuration Using The W310 Manager
The AP Group is configured through the general wireless parameters of a W110 (LAP) attached to the Avaya W310. In order to configure the AP Group, do the following: Click on the desired W110 (LAP) symbol in the Tree View. The W110 (LAP) Device Configuration dialog box opens to the General tab.
Page 202: Authentication And Encryption Modes
Chapter 12 W310 WLAN Gateway Wireless Features Authentication and Encryption Modes The W310 supports the following wireless authentication and security features. • Open Authentication: An IEEE standard for client authentication. • WEP Encryption: Encryption technique specified by the IEEE 802.11 standard.
Page 203: Wep Key Management
Chapter 12 W310 WLAN Gateway Wireless Features When Encryption is enabled, two 802.11 devices must have the same Encryption Keys and both devices must be configured to use Encryption in order to communicate. If one device is configured to use Encryption but a second device is not, then the two devices will not communicate, even if both devices have the same Encryption Keys.
Page 204: How To Configure Wep
Chapter 12 W310 WLAN Gateway Wireless Features How To Configure WEP The following procedure shows you how to configure WEP using the CLI or the W310 Manager interface. The procedure assumes you have logged onto the CLI or the W310 Manager.
Page 205 Exit User Group mode and specify the W110 (LAP) you want to configure first. The command places you in W110 (LAP) mode for that port. In the example, the W110 (LAP) connected to the W310’s port 16 is used. W310-1(super/User group engineering@companya)# exit W310-1(super)# lap port-16 Specify the radio mode for the W110 (LAP).
Page 206: Configuring Wep Using The W310 Manager
Configuring WEP Using the W310 Manager Create a Service Set Identifier (SSID). This is done as follows Click on the Wireless tab in the W310 Manager. Click on the icon to bring up the SSID Table. The SSID Table displays.
Page 207 Chapter 12 W310 WLAN Gateway Wireless Features Set the security mode for the wireless network to Wired Equivalent Privacy (WEP). In the SSID Table for the new SSID, click on Security Mode and select WEP from the drop-down menu. Configure the WEP encryption keys. You can configure up to four keys for encryption.
Page 208 12. Click Apply when done. 13. Select the W310 icon from the Tree View on the left. This displays the Configuration Template dialog as shown on the next page. 14. Click the Operational tab and select 802.11b only from the drop-down menu. Click Apply when done.
Page 209: 802.1X Authentication
Chapter 12 W310 WLAN Gateway Wireless Features 802.1x Authentication IEEE 802.1x is a standard that provides a means to authenticate and authorize network devices attached to a LAN port. A port in the context mode of IEEE 802.1x is a point of attachment to the LAN, either a physical Ethernet connection or a wireless link to an Access Point.
Page 210 Chapter 12 W310 WLAN Gateway Wireless Features WPA provides the following new security measures not available with WEP: • Improved packet encryption using the Temporal Key Integrity Protocol (TKIP) and the Michael Message Integrity Check (MIC). • Per-user, per-session dynamic encryption keys: —...
Page 211: Mixed Mode (802.1X And Wep Encryption)
Chapter 12 W310 WLAN Gateway Wireless Features Mixed Mode (802.1x and WEP Encryption) Certain clients do not support 802.1x and use only WEP encryption for security purposes. In order to accommodate security for both 802.1x and WEP encryption, you can use both simultaneously.
Page 212: Authentication And Encryption Cli Commands
Chapter 12 W310 WLAN Gateway Wireless Features Authentication and Encryption CLI Commands In order to... Use the following command... Enter or create an SSID table context ssid mode. Display the SSID’s table parameters show ssid and associated Light Access Points...
Page 213: Authentication And Encryption Configuration Using The W310 Manager
Chapter 12 W310 WLAN Gateway Wireless Features Authentication and Encryption Configuration Using the W310 Manager The SSID Table displays security and encryption information for LAPs connected to the Avaya W310 device. To view the SSID Table, select Configure > SSID Table in the Wireless Manager.
Page 214 Chapter 12 W310 WLAN Gateway Wireless Features Table 12.7 SSID Table Parameters (Continued) Field Description Enable or disable a Select Enable or Disable from the drop-down menu. closed system • Enable - Only clients assigned with the same SSID name can communicate on the wireless network •...
Page 215: Wireless Domain Parameters
You can set parameters for a master and backup server in the wireless domain. There is also a wireless domain secret that is used for W310 to W310 and W310 to an Access Point communications.
Page 216: Configuring Wireless Domain Parameters
W310-1#wireless-domain-servers 192.168.49.75 192.168.49.68 R&D Done! Wireless Domain CLI Commands CAUTION: You must configure the W310 with a master wireless domain server before you configure any other wireless parameters. In order to... Use the following command... Set the master and backup servers for...
Page 217 Chapter 12 W310 WLAN Gateway Wireless Features In order to... Use the following command... Enable/Disable forwarding IP multicast ip-multicast-over-the-air traffic toward the wireless medium. Enable/Disable support for spectralink-compatible-phone SpectraLink compatible phones. If you enable support for SpectraLink or SpectraLink-compatible phones, it is...
Page 218: Wireless Domain Configuration Using The W310 Manager
Chapter 12 W310 WLAN Gateway Wireless Features Wireless Domain Configuration Using the W310 Manager To view or modify global wireless domain information, select Configure > Wireless Domain Configuration in the Wireless Manager. Figure 12.11 Wireless Domain Configuration Tab Avaya W310 User’s Guide...
Page 219 Configure the wireless domain with only one master and one backup (optional) W310. For each additional W310 that is a member of the domain, you must configure the W310 to point to the same master and backup. Also, if configuring a backup for the wireless domain, it must not be the same W310 as the master.
Page 220: Mac Access Control List
Network Management Console. • If you run Avaya W310 Manager in standalone mode, the device’s community string is used. When unchecked, the Community field becomes read-write, and Avaya W310 Manager uses the value entered in the Community field.
Page 221: Mac Access Cli Commands
Displays the list of authorized MAC show mac address authorized list addresses and their access type MAC Access Configuration Using the W310 Manager To view the Authorized MAC Access Control List, select Configure > Authorized MAC ACL. Figure 12.12 Authorized MAC ACL...
Page 222: Rogue Access Point Detection
The W110 will periodically scan the air for other LAPs. All LAPs discovered are reported back to the W310. The W310 checks the list of LAPs against a known list of authenticated LAPs and reports any LAP that may be considered a rogue AP.
Page 223: Rogue Ap Detection Cli Commands
Displays the rogue AP MAC address show rogue ap authorized mac list list Rogue AP Detection Configuration Using the W310 Manager To view a list of W110 (LAP) interfaces able to detect rogue Access Point devices, select Configure > Rogue AP Detection List.
Page 224: Radius
RADIUS server. The topics covered in this section include: • RADIUS • MAC Access Control Via RADIUS Authentication • RADIUS Authentication with 802.1x • RADIUS Authentication CLI Commands • RADIUS Authentication Configuration Using the W310 Manager Avaya W310 User’s Guide...
Page 225: Mac Access Control Via Radius Authentication
Chapter 12 W310 WLAN Gateway Wireless Features MAC Access Control Via RADIUS Authentication If you want to control wireless access to the network and if your network includes a RADIUS Server, you can store the list of MAC addresses on the RADIUS server rather than configure each AP individually.
Page 226: Radius Authentication Configuration Using The W310 Manager
Chapter 12 W310 WLAN Gateway Wireless Features RADIUS Authentication Configuration Using the W310 Manager The Device Information Dialog Box - Radius Tab provides you with Radius authentication server information about the Avaya W310 device. Figure 12.14 Device Information Dialog Box - Radius Tab The following table provides a list of the fields in the RADIUS tab of the Device Information dialog box and their descriptions.
Page 227 Chapter 12 W310 WLAN Gateway Wireless Features Table 12.11 Device Information Fields - Radius Tab (Continued) In order to . . . Do the following . . . Set the secondary server From the Secondary Server Status field drop-down status menu, select True to make the configured secondary Radius server available for connection.
Page 228: W110 (Lap) Configuration
W310 WLAN Gateway Wireless Features W110 (LAP) Configuration The W110 (LAP) is configured and managed through the W310. The W310 applies Layer 2 and Layer 3 network services (VLANs, QoS) to inbound traffic and switches it onto the wired Ethernet LAN infrastructure. The W310 also is responsible for automatically detecting and configuring the LAPs.
Page 229: General Lap Cli Configuration Parameters
Set or change the identifier for the LAP lap-location location. This is the actual physical location of the LAP. Display the parameters for specified or show lap parameters all LAPs connected to the W310 , including: • LAP name, location, description, and up time. •...
Page 230 Chapter 12 W310 WLAN Gateway Wireless Features In order to... Use the following command... Apply the default template to the LAP. apply-template This is the default settings for the LAP’s operation. Reset the LAP template to factory restore-to-factory-default default and reset all LAPs.
Page 231: Lap Configuration Using The W310 Manager
• LAP Template Configuration - View and modify the standard configuration template for Wireless Light Access Point (LAP) units attached to the Avaya W310. To access this dialog, do the following: — To view the standard wireless configuration parameters of the LAPs attached to the Avaya W310, click on the W310 device symbol in the Tree View.
Page 232: Rogue Access Point Status And Detection
APs Load Balancing The W310 lets you set load balancing for the LAP. This allows the distribution of processing and communications activity evenly across the network so that no single LAP is overwhelmed. This allows clients to evaluate which LAP to use based on the current LAP loads.
Page 233: Multicast Transmission Rates
In this case, set the multicast transmission rate to 1 or 2 Mbits/sec. Note: Changes in operational mode of the W310 802.11g-template will reset multicast rates to factory default. By default this value is set to 2 Mbits/sec.
Page 234: Unicast Transmission Rate
This setting is dependent on what transmission rates the wireless interface supports. Note: Changes in operational mode of the W310 802.11g-template will reset multicast rates to factory default. The following is unicast CLI command for the radio card context mode: In order to...
Page 235: Operational Mode
Chapter 12 W310 WLAN Gateway Wireless Features The following are the channel selection CLI commands for the radio card context mode: In order to... Use the following command... Enable or disable automatic channel automatic-channel-selection selection for the wireless interface If you disable Automatic...
Page 236: 802.11 Interfaces
Chapter 12 W310 WLAN Gateway Wireless Features 802.11 Interfaces The 802.11 wireless interfaces supported by the W310 include: • 802.11a • 802.11b • 802.11a • 802.11b/g Interface Parameters Each parameter described in the table is for all interfaces unless otherwise noted.
Page 237 Chapter 12 W310 WLAN Gateway Wireless Features Parameter Description RTS Threshold The 802.11 standard supports optional RTS/CTS communication based on packet size. The RTS Threshold value determines when RTS/CTS should be used. Without RTS/CTS, a sending radio listens to see if another radio is already using the medium before transmitting a data packet.
Page 238 Chapter 12 W310 WLAN Gateway Wireless Features Parameter Description Fragmentation Threshold The 802.11 standard includes the ability for radio-based network interface cards (NICs) and APs to fragment packets for improving performance in the presence of RF interference and marginal coverage areas.
Page 239 Chapter 12 W310 WLAN Gateway Wireless Features Parameter Description Power Level The Power Level parameter lets allows you to configure the transmit power level of the radio card in the AP at one of four levels. Each level represents the maximum transmit power level of the radio card: •...
Page 240: Radio Card Cli Commands
Chapter 12 W310 WLAN Gateway Wireless Features Radio Card CLI Commands In order to... Use the following command... Set the power management mode power-management-mode Set the number of beacon intervals that dtim-period will elapse between transmission of beacon frames containing a Traffic...
Page 241: W110 (Lap) And Radio Card Configuration Using The W310 Manager
• To view the standard wireless configuration parameters of the LAPs attached to the Avaya W310, click on the W310 device symbol in the Tree View. The LAP Template Configuration dialog box opens to the Advanced - 802.11a tab. •...
Page 242 To view the standard configuration of a wireless slot for a LAP with 802.11b or 802.11g transceivers: Click on the Avaya W310 device symbol in the Tree View. The LAP Template Configuration dialog box opens to the Advanced -802.11a tab.
Page 243 Chapter 12 W310 WLAN Gateway Wireless Features Figure 12.16 LAP Template Configuration Dialog Box - 802.11g Tab The following table provides a list of the fields in the Advanced - 802.11a/802.11g tab of the LAP Template Configuration dialog box and their descriptions: Table 12.12 LAP Template Configuration Dialog Box - Advanced - 802.11a/802.11g Tab...
Page 244 Automatic Channel Selection automatically enables when the Regulatory Domain is ETSI. If you disable Automatic Channel Selection through the W310 Device Manager or the CLI (channel-selection selective), then you must set the Channel Frequency for the W110 Select the channel...
Page 245 Chapter 12 W310 WLAN Gateway Wireless Features Table 12.12 LAP Template Configuration Dialog Box - Advanced - 802.11a/802.11g Tab Parameters (Continued) Field Description Set the automatic From the Automatic Channel Selection Allowed Band channel selection drop-down menu, select any available frequency bands for allowed band Automatic Channel Selection to scan.
Page 246: Lap Template Configuration - Operational Mode Tab Using The W310 Manager
• To view the operational mode configuration of a wireless slot: Click on the Avaya W310 device symbol in the Tree View. The LAP Template Configuration dialog box opens to the Advanced - 802.11a tab. Click Operational Mode. The Operational Mode tab of the LAP Template Configuration dialog box appears.
Page 247 Chapter 12 W310 WLAN Gateway Wireless Features Figure 12.17 LAP Template Configuration Dialog Box - Operational Mode Tab The following table provides a list of the fields in the Operational Mode tab of the LAP Template Configuration dialog box and their descriptions: Table 12.13 LAP Template Configuration Dialog Box - Operational Mode Tab...
Page 248: Viewing Lap Configuration Using The W310 Manager
• To view the general wireless parameters of a LAP attached to the Avaya W310, click on the desired LAP symbol in the Tree View. The LAP Device Configuration dialog box opens to the General tab.
Page 249 View the port to See the Physical Port field to view the number of the port on which the LAP is the Avaya W310 to which the LAP is connected. connected on the W310 Set the operational...
Page 250: Configuring Basic Lap Parameters
Name for the LAP the LAP belongs. Configuring Basic LAP Parameters To configure the LAP and associate it to a physical W310 port, you must enter and configure LAP and radio 802.11 context mode modes. The following example shows how to: •...
Page 251: Saving The W310 And W110 Configurations
For more information, use 'show copy status' command W310-1(super) • In the W310 Device Manager, do the following: Copy the running configuration to the startup configuration. From the menu bar, select Actions and then Commit. This saves and re-executes the settings specified in this procedure.
Page 252 Chapter 12 W310 WLAN Gateway Wireless Features Avaya W310 User’s Guide...
Page 253: Chapter 13 Poe (Power Over Ethernet) Features
The W310 switches are pre-configured to supply power according to the load detection criteria (see Load Detection), so you can use it right out of the box. The W310 switches provide power over standard Category 3 and Category 5 cables.
Page 254: How The W310 Switches Detect A Powered Device
Specific Resistance Signature (IEEE 802.3af) The W310 switches apply a low voltage to the power feed pairs and measures the current. A resistance of 19k. to 26.5k. is considered valid according to the IEEE standard; if a valid signature is detected, power is supplied to the port.
Page 255: Plug And Play" Operation
Powering Devices The W310 ports can receive Inline power from one of two sources: an internal -48VDC power supply or an external DC power supply. Each port can supply up to 15.4W by default as the maximum consumed by the powered device.
Page 256: Poe Configuration Cli Commands
Set the maximum power available from set powerinline external power the external power supply to power Show the current status of the PD inline show powerinline power on all ports Avaya W310 User’s Guide...
Page 257: Poe Configuration Using The W310 Manager
Chapter 13 PoE (Power over Ethernet) Features PoE Configuration Using the W310 Manager To view the PoE configuration on a port that supports PoE, select the Power tab in the port’s configuration dialog box.. Figure 13.2 Port Configuration - Power Tab...
Page 258 When the demand for power exceeds the modules capacity, ports with lower priority will be prevented from supplying power before ports with a higher priority. Priorities include: • Critical • High • Avaya W310 User’s Guide...
Page 259: Chapter 14 Embedded Web Manager
• Software Redundancy - Setting software redundancy for ports in an W310 Switch. • Port Mirroring - Setting up port mirroring for ports in an W310 Switch. • Trap Managers Configuration - Viewing and modifying the Trap Managers Table. •...
Page 260: Running The Embedded Web Manager
You should assign an IP address to the switch before beginning this procedure. Open your browser. Enter the url of the switch in the format http://aaa.bbb.ccc.ddd where aaa.bbb.ccc.ddd is the IP address of the switch. The user name is “root” The default password for read-write access is “root”. Avaya W310 User’s Guide...
Page 261 The Web management passwords are the same as those of the CLI. If you have created additional CLI user names or changed the default passwords then you can use those passwords for Web management as well. Avaya W310 User’s Guide...
Page 262 The welcome page is displayed: Figure 14.1 The Welcome Page • If you have the Java plug-in installed, the W310 Manager should open in a new window. • If you do not have the Java plug-in installed, follow the instructions on the Welcome page that offers a variety of options to install the plug-in (see Figure 14.1).
Page 263: Installing The Java Plug-In
Installing from the W310 Documentation and Utilities CD Close all unnecessary applications on your PC. Insert the “W310 Documentation and Utilities” CD into the CD drive. Click Start on the task bar. Select Run. Type x:\emweb-aux-files\plug-in_1_4_2.exe where x: is the CD drive letter.
Page 264: Installing The On-Line Help And Java Plug-In On Your Web Site
Utilities” CD to your local Web server. Please refer to your Web server documentation for full instructions. Define the URL in the W310 using the following CLI command: set web aux-files-url //IP address/directory name where //IP address/directory name is the location of the directory from the previous step.
Page 265: Chapter 15 Configuring Policy
— instructions for viewing the configuration of policy lists and testing their effects on simulated IP packets Policy Overview This section provides an overview of policy lists on the W310 and includes the following topics: • General Guidelines for W310 Policy •...
Page 266 W310 ports. An ACL and QoS list is applied to AP Groups and to traffic going through the W310. A Policy User Group ID (PUGID) is a name of a group of users, used for policy (ACL and QoS) classification.
Page 267: Access Control Lists (Acl)
You can use QoS lists to change the DSCP and Ethernet IEEE 802.1p CoS fields in packets. When a packet matches a rule on the QoS list, the W310 sets one or both of the QoS fields in the packet. The following table shows these QoS fields:...
Page 268: Managing Policy Lists
QoS lists have the following parts: • Rule list — a list of filtering rules and actions for the W310 to take when a packet matches the rule. Match actions on this list are pointers to the composite operation table.
Page 269: Defining Policy Lists
— instructions on how to configure the attributes of a policy list, such as a list name, owner, and cookie • Default Actions — lists the default action the W310 takes when no rule in the policy list matches the packet • Deleting a Policy List —...
Page 270: Defining List Identification Attributes
, followed by a list number ip access-control-list in the range 300-399. The W310 includes one pre-configured access control list. The pre- configured access control list is list number 300. Thus, to create a new access control list, you can type the following command:...
Page 271: Default Actions
Egress Access Control List • Egress QoS List When a packet enters the W310 through an interface, the W310 applies the policy lists in the following order: Apply the Ingress Access Control List. If the Ingress Access Control List does not drop the packet: Apply the Ingress QoS List.
Page 272 Configuring Policy When a packet exits the W310 through an interface, the W310 applies the policy lists in the following order: Apply the Egress Access Control List. If the Egress Access Control List does not drop the packet: Apply the Egress QoS List.
Page 273 Access control list 301 becomes the Ingress Access Control List for VLAN 2. QoS list 401 becomes the Egress QoS List for VLAN 2. W310-1# interface Vlan 2 W310-1(if:Vlan 2)# ip access-group 301 in Done! W310-1(if:Vlan 2)# ip qos-group 401 out Done! •...
Page 274: Device-Wide Policy Lists
Configuring Policy Device-Wide Policy Lists You can attach a policy list to every interface on the W310 using one command. To do this, attach a policy list to the Loopback 1 interface. For more information, see Attaching policy lists to an interface.
Page 275: Defining Rules
The following example defines a rule in Access Control List 301 that denies access to all incoming packets that contain IP fragments: W310-1(super)# ip access-control-list 301 W310-1(super/ACL 301)# ip-fragments-in Deny Done! Defining Rules...
Page 276: Editing And Creating Rules
— instructions on how to define packet matching by ICMP type or code • TCP Establish Bit (Access Control Lists only) — instructions on how to define packet matching for TCP packets by whether the ack bit is burned on Avaya W310 User’s Guide...
Page 277: Ip Protocol
The following command specifies any IP protocol except IGMP for rule 3 in access control list 302: W310-1(ACL 302/ip rule 3)# not ip-protocol igmp Source and Destination IP Address To specify a range of source and destination IP addresses to which the rule applies, use the commands , followed by the IP range criteria.
Page 278: Source And Destination Port Range
10.10.255.255 for rule 1 in access control 10.10.0.0 0.0.255.255 list 30 Specify a source IP address outside the range W310-1(ACL 308/ip rule 7)# not source- 64.236.24.0 through 64.236.24.255 for rule 7 in ip 64.236.24.0 0.0.0.255 access control list 308...
Page 279: Icmp Type And Code
The following command specifies any destination TCP port in the range 5000 through 5010 for rule 1 in access control list 301: W310-1(ACL 301/ip rule 1)# tcp destination-port range 5000 5010 The following command specifies any source TCP port except a port named http for rule 7 in...
Page 280: Tcp Establish Bit (Access Control Lists Only)
Lists. The following command specifies that rule 4 in access control list 302 drops packets that match the rule, and causes the W310 to send a trap and reset the connection when the packet is dropped: W310-1(ACL 304/ip rule 4)# operation Deny-Notify-Rst Note: Composite operation names are case-sensitive.
Page 281: Composite Operations
Overview of Composite Operations A composite operation is a set of operations that the W310 can perform when a rule matches a packet. Every rule in a policy list has an operation field that specifies a composite operation.
Page 282: Pre-Configured Composite Operations For Qos Lists
Access — determines whether the operation forwards (forward) or drops (deny) the packet • Notify — determines whether the operation causes the W310 to send a trap when it drops a packet • Reset Connection — determines whether the operation causes the W310 to reset the...
Page 283: Configuring Composite Operations
, or use the command no change no dscp — — determines the value to which the rule resets the packet’s CoS field. To ignore the CoS field, use the argument , or use the command no change no cos Avaya W310 User’s Guide...
Page 284: Composite Operation Example
The following commands create a new composite operation called dscp5 and assign the new composite operation to rule 3 in QoS list 402. If the packet matches a rule, the W310 changes the value of the DSCP field in the packet to 5.
Page 285: Displaying And Testing Policy Lists
33 in QoS list 401. Every packet with DSCP equal to 33 is assigned CoS priority W310-1# ip qos-list 401 W310-1(QoS 401)# dscp-table 33 W310-1(QoS 401/dscp 33)# composite-operation CoS5 Done! The following commands create a new composite operation called dscp5 and assign the new composite operation to DSCP table entry 7 in QoS list 402.
Page 286 • In access control list rule context mode: — — displays the parameters of the composite operation show composite-operation assigned to the current rule — — displays the parameters of the current rule show ip-rule Avaya W310 User’s Guide...
Page 287: Simulating Packets
The following command simulates the effect of applying QoS list number 401 to a packet entering the W310 through interface VLAN 2: W310-1(if:Vlan 2)# ip simulate 401 in CoS1 dscp46 10.1.1.1 10.2.2.2 tcp 1182 20 The simulated packet has the following properties: •...
Page 288: Policy Capabilities
Configuring Policy When you run the command, the W310 displays the effect of the policy rules on ip simulate the simulated packet. For example: W310-1(super-if:Vlan 2)# ip simulate 401 in CoS1 dscp46 10.1.1.1 10.2.2.2 tcp 1182 20 Rule match for simulated packet is the default rule...
Page 289 Section 4 ROUBLESHOOTING...
Page 291: Chapter 16 Troubleshooting The Installation
This section will allow you to perform basic troubleshooting of the installation. If you are unable to solve the problem after following the procedures in this chapter, please contact Avaya Technical Support. Refer to "How to Contact Us" for full details. Table 16.1...
Page 292: Troubleshooting Image Downloads
Check that module is installed correctly Troubleshooting Image Downloads This section details issue you may face after downloading images to the W310. If you are unable to solve the problem after following the procedures in this chapter, please contact Avaya Technical Support. Refer to "How to Contact Us" for full details.
Page 293: Chapter 17 Updating The Software
Updating the Software This section provides the basic procedure for downloading and updating the W310 WLAN Gateway system software. Caution: Please refer to “Before You Install the W310” before undertaking any of the procedures detailed in this section. Software Download You can perform software download using the CLI or Avaya Software Update Manager (part of the Avaya Integrated Management Suite).
Page 294: Download New Version Without Overwriting Existing Version
To perform this process: copy tftp SW_image <new_ver_file> EW_archive <dummy_file_name> <TFTP_server_IP_addr> 1 Example: copy tftp SW_image c:\versions\W310\w310 EW_archive x 149.49.138.170 1 Since file “x” doesn't exist the Embedded web image will not be downloaded. Avaya W310 User’s Guide...

Avaya W310 User Manual

Chapter 1 Avaya W310 WLAN Gateway Overview

Chapter 2 Standards and Compatibility

Chapter 3 Specifications

Chapter 4 Installation

Chapter 5 Powering up the W310 WLAN Gateway

Chapter 6 Avaya W310 WLAN Gateway Front and Rear Panels

Chapter 7 Establishing Switch Access

Chapter 8 User Authentication

Chapter 9 W310 WLAN Gateway Default Settings

Chapter 10 Basic Switch Configuration

Chapter 11 W310 WLAN Gateway Layer 2 Features

Chapter 12 W310 WLAN Gateway Wireless Features

Chapter 13 Poe (Power over Ethernet) Features

Quick Links

Installation and Configuration

Troubleshooting

Related Manuals for Avaya W310

Summary of Contents for Avaya W310