Download  Print this page

Advertisement

management and
configuration guide
hp procurve
wireless access point 420
www.hp.com/go/hpprocurve

Advertisement

Chapters

   Summary of Contents for HP ProCurve 420

  • Page 1

    management and configuration guide hp procurve wireless access point 420 www.hp.com/go/hpprocurve...

  • Page 3

    HP ProCurve Wireless Access Point 420 October 2004 Management and Configuration Guide...

  • Page 4

    October 2004 not be liable for technical or editorial errors or omissions Edition 3 contained herein. Hewlett-Packard assumes no responsibility for the use or Applicable Products reliability of its software on equipment that is not furnished by Hewlett-Packard. HP ProCurve Wireless Access Point 420 na...

  • Page 5: Table Of Contents

    Contents 1 Getting Started Contents ............1-1 Introduction .

  • Page 6

    How To Move Between Levels ....... . 3-6 Listing Commands and Command Options ..... . 3-7 Listing Commands Available at Any Privilege Level .

  • Page 7

    Modifying System Management Access ......5-3 Web: Setting User Names and Passwords ..... . . 5-3 CLI: Setting User Names and Passwords .

  • Page 8

    Modifying Radio Settings ........5-53 Web: Modifying the Radio Working Mode and Settings .

  • Page 9

    logging level ..........6-16 logging facility-type .

  • Page 10

    radius-server timeout ........6-45 radius-server mac-format .

  • Page 11

    beacon-interval ..........6-73 dtim-period .

  • Page 12

    — This page is intentionally unused. —...

  • Page 13

    Getting Started Contents Introduction ........... 1-2 Conventions .

  • Page 14: Getting Started

    Getting Started Introduction Introduction This Management and Configuration Guide is intended to support the following access points: HP ProCurve Wireless Access Point 420 na ■ ■ HP ProCurve Wireless Access Point 420 ww This guide describes how to use the command line interface (CLI) and web browser interface to configure, manage, and monitor access point operation.

  • Page 15: Command Prompts

    Getting Started Conventions Italics indicate variables for which you must supply a value when ■ executing the command. For example, in this command syntax, <host_ip_address | host_name > indicates that you must provide an IP address or a host name: Syntax: radius-server address [secondary] <host_ip_address | host_name>...

  • Page 16: Related Publications

    Getting Started Related Publications Related Publications Installation and Getting Started Guide. Use the Installation and Get­ ting Started Guide shipped with your access point to prepare for and perform the physical installation. This guide also steps you through connecting the access point to your network and assigning IP addressing, as well as describ­...

  • Page 17: Getting Documentation From The Web

    Getting Started Getting Documentation From the Web Getting Documentation From the Web Go to the HP ProCurve website at http://www.hp.com/go/hpprocurve Click on Technical support. Click on Product manuals. Click on the product for which you want to view or download a manual. Figure 1-2.

  • Page 18: Sources For More Information

    Help options, refer to “Online Help for the HP Web Browser Interface” on page 4-16. ■ If you need further information on Hewlett-Packard access point technology, visit the HP ProCurve website at: http://www.hp.com/go/hpprocurve Need Only a Quick Start? IP Addressing.

  • Page 19

    Getting Started Need Only a Quick Start? Quickly assigning an IP address, subnet mask, and gateway, set a ■ Manager password, and (optionally) configure other basic features. Interpreting LED behavior. ■ For the latest version of the Installation and Getting Started Guide and other documentation for your access point, visit to the HP ProCurve website.

  • Page 20

    — This page is intentionally unused. —...

  • Page 21: Selecting A Management Interface

    Selecting a Management Interface Contents Overview ............2-2 Understanding Management Interfaces .

  • Page 22: Overview

    Selecting a Management Interface Overview Overview This chapter describes the following: ■ Access Point management interfaces Advantages of using each interface type ■ Understanding Management Interfaces Management interfaces enable you to reconfigure the access point and to monitor its status and performance. Interface types include: ■...

  • Page 23: Advantages Of Using The Cli

    Selecting a Management Interface Advantages of Using the CLI Advantages of Using the CLI Exec Level HP420# Global Configuration Level HP420(config)# Context Configuration Levels (Ethernet, wireless) HP420(<context>)# Figure 2-1. Command Prompt Examples Provides access to the complete set of the access point configuration ■...

  • Page 24: Advantages Of Using The Hp Web Browser Interface

    Selecting a Management Interface Advantages of Using the HP Web Browser Interface Advantages of Using the HP Web Browser Interface Figure 2-2. Example of the HP Web Browser Interface ■ Easy access to the access point from anywhere on the network ■...

  • Page 25: Contents

    Using the Command Line Interface (CLI) Contents Overview ............3-2 Accessing the CLI .

  • Page 26: Using The Command Line Interface (cli)

    Using the Command Line Interface (CLI) Overview Overview The CLI is a text-based command interface for configuring and monitoring the access point. The CLI gives you access to the access point’s full set of commands while providing the same password protection that is used in the web browser interface.

  • Page 27

    Using the Command Line Interface (CLI) Using the CLI When you use the CLI to log on to the access point, you will be prompted to enter a password. For example: Ready Password Prompt Username: admin Password: Figure 3-1. Example of CLI Log-On Screen with Password When you log onto the CLI, you will see a command prompt: HP420#_ C a u t i o n...

  • Page 28: Privilege Level Operation

    Using the Command Line Interface (CLI) Using the CLI Privilege Level Operation Manager Privileges 1. Exec Level 2. Global Configuration Level 3. Context Configuration Level Figure 3-2. Access Sequence for Privilege Levels Exec Privileges Exec privileges allow you to examine the current configuration, perform system-level actions that do not require saving changes, and move between the three levels of access: Exec, Global Configuration, and Context Configu­...

  • Page 29

    Using the Command Line Interface (CLI) Using the CLI The Context level is useful, for example, if you want to execute several commands directed at the same interface. To select this level, enter the specific context at the Global Configuration level prompt. For example, to select the context level for the Ethernet interface, you would enter the following command and see the indicated result: HP420(config)#interface ethernet...

  • Page 30: How To Move Between Levels

    Using the Command Line Interface (CLI) Using the CLI How To Move Between Levels Change in Levels Example of Prompt, Command, and Result Exec level HP420#config HP420(config)# Global configuration level Global configuration HP420(config)#interface ethernet level HP420(if-ethernet)# to a Context configuration level Move from any level HP420(if-ethernet)#end...

  • Page 31: Listing Commands And Command Options

    Using the Command Line Interface (CLI) Using the CLI Listing Commands and Command Options At any privilege level you can: ■ List all of the commands available at that level List the options for a specific command ■ Listing Commands Available at Any Privilege Level At a given privilege level you can list and execute the commands that level offers.

  • Page 32

    Using the Command Line Interface (CLI) Using the CLI Typing ? at the Configuration level produces this listing: HP420(config)#? Configure commands: 802.1x Set 802.1x Return to previous mode exit Exit to the EXEC mode filter Bridge protocol filtering help Description of the help system iapp Enable IAPP interface...

  • Page 33: Command Option Displays

    Using the Command Line Interface (CLI) Using the CLI the word for the CLI to distinguish it from other possibilities). For example, at the Global Configuration level, if you press immediately after typing [Tab] "u", the CLI displays the command that begins with "u". For example: HP420(config)#u [Tab] HP420(config)#username...

  • Page 34: Configuration Commands And The Context Configuration Modes

    Using the Command Line Interface (CLI) Using the CLI Configuration Commands and the Context Configuration Modes You can execute basic configuration commands in the global configuration mode. However, you must use a context mode to execute context-specific commands. The configuration options include interface (ethernet or wireless) context modes: Ethernet Context .

  • Page 35

    Using the Command Line Interface (CLI) Using the CLI Wireless Context . Includes wireless-specific commands that apply only to the wireless interface. The prompt for this mode includes the identity of the wireless interface: Command executed at configuration HP420(config)#interface wireless g level to enter wireless context.

  • Page 36: Cli Control And Editing

    Using the Command Line Interface (CLI) CLI Control and Editing CLI Control and Editing Keystrokes Function [Ctrl] [A] Jumps to the first character of the command line. or [<] Moves the cursor back one character. [Ctrl] [B] [Ctrl] [D] Deletes the character at the cursor. [Ctrl] [E] Jumps to the end of the current command line.

  • Page 37: Using The Hp Web Browser Interface

    Using the HP Web Browser Interface Contents Overview ............4-2 General Features .

  • Page 38: Overview

    Using the HP Web Browser Interface Overview Overview The HP web browser interface built into the access point lets you easily access the access point from a browser-based PC on your network. This lets you do the following: Make configuration changes to the access point ■...

  • Page 39: General Features

    Using the HP Web Browser Interface General Features General Features The access point includes these web browser interface features: Access Point Configuration: • System identification and service set identifier • IP settings via manual configuration or DHCP • RADIUS client identification •...

  • Page 40: Starting A Web Browser Interface Session With The Access Point

    Using the HP Web Browser Interface Starting a Web Browser Interface Session with the Access Point Starting a Web Browser Interface Session with the Access Point You can start a web browser session using a standalone web browser on a network connection from a PC in the following ways: •...

  • Page 41: Description Of Browser Interface

    Using the HP Web Browser Interface Description of Browser Interface N o t e : Access point management can be limited to access from the Ethernet inter- face. For more on this feature, see “Setting up Filter Control” on page 5-47. Type the IP address (or DNS name) of the access point in the browser Location or Address field and press .

  • Page 42: Support Url

    This page provides the following URL: http://www.hp.com/go/hpprocurve which is the World Wide Web site for Hewlett-Packard’s networking products. Click on the link on this page and you can get to support information regarding your access point, including white papers, firmware updates, and more.

  • Page 43: Tasks For Your First Hp Web Browser Interface Session

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Tasks for Your First HP Web Browser Interface Session The first time you access the web browser interface, there are a number of basic tasks that you should perform: ■...

  • Page 44

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Figure 4-2. The Change Password Window 2. Click in the appropriate box in the Change Password menu and enter a user name or password. You will be required to repeat the password string in the confirmation box.

  • Page 45: If You Lose The User Name Or Password

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session If You Lose the User Name or Password If you lose the user name or password, you can clear them by pressing the Reset button on the back of the access point for at least five seconds. This action deletes the password and resets the user name to the factory default settings for all of the access point’s interfaces.

  • Page 46: Setting The Ssid

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Select Enable to enable SNMP management. Type text strings to replace the default community names for read-only and read/write access. Click the button. [Apply Changes] Figure 4-3.

  • Page 47: Setting The Radio Channel

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Figure 4-4. Setting the SSID Setting the Radio Channel The access point’s radio channel settings are limited by local regulations, which determine the number of channels that are available. You can manually set the access point’s radio channel or allow it to automatically select an unoccupied channel.

  • Page 48

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session The access point uses the configured radio channel to communicate with wireless clients. When multiple access points are deployed in the same area, be sure to choose a channel separated by at least five channels to avoid having the channels interfere with each other.

  • Page 49: Configuring Tcp/ip Settings

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Figure 4-6. Radio Channel Selection Configuring TCP/IP Settings You can use the web browser interface to manage the access point only if it already has an IP address that is reachable through your network. You can set an initial IP address for the access point by using the CLI interface.

  • Page 50: Configuring Security Settings

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Enter the IP address for the primary and secondary DNS servers to be used for host-name to IP address resolution. Click the button. [Apply Changes] N o t e If you change the IP address using the web interface, you must log in again using the new address.

  • Page 51

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session For more secure data transmissions, the access point provides client authen­ tication and data encryption based on shared keys that are distributed to all stations. Wired Equivalent Privacy (WEP) is implemented to provide a basic level of security, preventing unauthorized access to the network and encrypting data transmitted between wireless clients and the access point.

  • Page 52: Online Help For The Hp Web Browser Interface

    Using the HP Web Browser Interface Tasks for Your First HP Web Browser Interface Session Figure 4-8. Security Settings Online Help for the HP Web Browser Interface Online Help is available for the web browser interface. You can use it by clicking on the question mark button in the upper-right corner of any of the web browser interface screens.

  • Page 53: Status Reporting Features

    Using the HP Web Browser Interface Status Reporting Features Status Reporting Features Browser elements covered in this section include: The AP Status window (below) ■ ■ Station status (page 4-19) ■ Event logs (page 4-21) The Status bar (page 4-22) ■...

  • Page 54

    Using the HP Web Browser Interface Status Reporting Features AP System Configuration. The AP System Configuration table displays the basic system configuration settings: ■ System Up Time: Length of time the access point has been up. MAC Address: The physical layer address for this device. ■...

  • Page 55: Station Status

    Using the HP Web Browser Interface Status Reporting Features Speed-Duplex: The operating speed and duplex mode of the access ■ point’s RJ-45 Ethernet interface. Station Status The Station Status window shows the wireless clients currently associated with the access point. Figure 4-11.

  • Page 56

    Using the HP Web Browser Interface Status Reporting Features association procedure allows the wireless system to track the location of each mobile client, and ensures that frames destined for each client are forwarded to the appropriate access point. ■ Forwarding Allowed: If 802.1X is being used shows if the station has passed 802.1X authentication and is now allowed to forward traffic to the access point.

  • Page 57: Event Logs

    Using the HP Web Browser Interface Status Reporting Features Event Logs The Event Logs window shows the log messages generated by the access point and stored in memory. Figure 4-12. The Event Logs Window The Event Logs table displays the following information: ■...

  • Page 58: The Status Bar

    Using the HP Web Browser Interface Status Reporting Features The Status Bar The Status Bar is displayed in the upper left corner of the web browser interface screen. Figure 4-13 shows an expanded view of the status bar. Status Indicator Status Description Product Name Figure 4-13.

  • Page 59: Access Point Configuration

    Access Point Configuration Contents Overview ............5-2 Modifying System Management Access .

  • Page 60: Overview

    Access Point Configuration Overview Web: Setting RADIUS Server Parameters ..... . 5-42 CLI: Setting RADIUS Server Parameters ..... . . 5-45 Setting up Filter Control .

  • Page 61: Modifying System Management Access

    Access Point Configuration Modifying System Management Access Modifying System Management Access Management access to the access point’s web and CLI interface is controlled through a single user name and password. You can also gain additional in-band access security by using control filters (see “Setting up Filter Control” on page 5-47).

  • Page 62: Cli: Setting User Names And Passwords

    Access Point Configuration Modifying System Management Access Figure 5-1. The Change Password Window CLI: Setting User Names and Passwords CLI Commands Used in This Section Command Syntax CLI Reference Page username <name> page 6-12 [no] password <password> page 6-13 This example shows how to set a new user name and password. HP420(config)#username bob HP420(config)#password hp420ap HP420(config)#...

  • Page 63: Modifying System Information

    Access Point Configuration Modifying System Information Modifying System Information The access point’s system information parameters can be left at their default settings. However, modifying these parameters can help you to more easily distinguish one device from another in your network. You should set a Service Set Identification (SSID) to identify the wireless network service provided by the access point.

  • Page 64: Cli: Setting The System Name And Ssid

    Access Point Configuration Modifying System Information Figure 5-2. The System Information Window CLI: Setting the System Name and SSID CLI Commands Used in This Section Command Syntax CLI Reference Page interface <ethernet | wireless g> page 6-62 system name <name> page 6-12 ssid <string>...

  • Page 65

    Access Point Configuration Modifying System Information To set the SSID to “RD-AP#3” and display it, enter the CLI commands shown in the following example. HP420(config)#interface wireless g Enter Wireless configuration commands, one per line. HP420(if-wireless g)#ssid RD-AP#3 HP420(if-wireless g)#show Wireless Interface Information =========================================================== ----------------Identification----------------------------- Description...

  • Page 66

    Access Point Configuration Modifying System Information ----------------Antenna----------------------------------- Antenna mode : Single Antenna gain attenuation Low channe : 100% Mid channe : 100% High chann : 100% =========================================================== HP420(if-wireless g)# To display the configured system name, use the show system command, as shown in the following example.

  • Page 67: Configuring Ip Settings

    Access Point Configuration Configuring IP Settings Configuring IP Settings Configuring the access point with an IP address expands your ability to manage the access point and use its features. A number of access point features depend on IP addressing to operate. N o t e You can use the web browser interface to access IP addressing only if the access point already has an IP address that is reachable through your network.

  • Page 68

    Access Point Configuration Configuring IP Settings • Primary and Secondary DNS Address: The IP address of Domain Name Servers on the network. A DNS maps numerical IP addresses to domain names and can be used to identify network hosts by familiar names instead of the IP addresses.

  • Page 69: Cli: Configuring Ip Settings Statically Or Via Dhcp

    Access Point Configuration Configuring IP Settings Figure 5-3. The IP Configuration Window CLI: Configuring IP Settings Statically or via DHCP CLI Commands Used in This Section Command Syntax CLI Reference Page interface <ethernet | wireless g> page 6-62 [no] ip address <ip-address> <netmask> <gateway> page 6-63 [no] ip dhcp page 6-64 dns primary-server <server-address>...

  • Page 70

    Access Point Configuration Configuring IP Settings The following example shows how to enable the DHCP client. HP420(config)#interface ethernet Enter Ethernet configuration commands, one per line. HP420(if-ethernet)#ip dhcp HP420(if-ethernet)# To set the access point’s IP parameters manually, you must first disable the DHCP client.

  • Page 71: Configuring Snmp

    Access Point Configuration Configuring SNMP Configuring SNMP You can use a network management application such as HP ProCurve Manager to manage the access point via the Simple Network Management Protocol (SNMP) from a network management station. To implement SNMP manage­ ment, the access point must have an IP address and subnet mask, configured either manually or dynamically.

  • Page 72

    Access Point Configuration Configuring SNMP Location: A text string that describes the system location. ■ (Maximum length: 255 characters) ■ Contact: A text string that describes the system contact. (Maximum length: 255 characters) Community Name (Read/Write): Defines the SNMP community access ■...

  • Page 73: Cli: Setting Basic Snmp Parameters

    Access Point Configuration Configuring SNMP Figure 5-4. The SNMP Window CLI: Setting Basic SNMP Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page [no] snmp-server enable server page 6-27 [no] snmp-server community <string> [ro | rw] page 6-26 [no] snmp-server contact <string>...

  • Page 74

    Access Point Configuration Configuring SNMP SNMP management on the access point is enabled by default. To disable SNMP management, type the following command: HP420(config)#no snmp-server enable server The following example shows how to enable SNMP, configure the community strings, and set the location and contact parameters. HP420(config)#snmp-server enable server HP420(config)#snmp-server community alpha rw HP420(config)#snmp-server community beta ro...

  • Page 75

    Access Point Configuration Configuring SNMP To display the current SNMP settings from the Exec level, use the show snmp­ server command, as shown in the following example. HP420#show snmp-server SNMP Information ============================================ Service State : Enable Community (ro) : ***** Community (rw) : ***** Location : 2F-R19...

  • Page 76: Web: Configuring Snmp V3 Users

    Access Point Configuration Configuring SNMP Web: Configuring SNMP v3 Users The SNMP window on the Configuration tab also enables the configuration of SNMP v3 users and the engine ID. An SNMP v3 engine is an independent SNMP agent that resides on the access point and is identified by an ID number.

  • Page 77

    Access Point Configuration Configuring SNMP N o t e SNMPv3 Users must be assigned to groups that have the same security levels. If a user who has “AuthPriv” security (uses authentication and encryption) is assigned to a read-only (RO) group, the user will not be able to access the database.

  • Page 78: Cli: Configuring Snmp V3 Users

    Access Point Configuration Configuring SNMP Figure 5-5. Configuring SNMPv3 Users CLI: Configuring SNMP v3 Users CLI Commands Used in This Section Command Syntax CLI Reference Page [no] snmpv3 engine-id <engine-id> page 6-31 [no] snmpv3 user [<user-name>] page 6-32 show snmpv3 page 6-37 Using the CLI to Set an Engine ID.

  • Page 79: Web: Configuring Snmp V3 Trap Targets And Filters

    Access Point Configuration Configuring SNMP Using the CLI to Configure SNMP v3 Users. The following example shows how to create an SNMP v3 user, assign the user to the RWPriv group, and set authentication and encryption parameters. HP420(config)#snmpv3 user User Name<1-32> :chris Group Name<1-32>...

  • Page 80

    Access Point Configuration Configuring SNMP SNMP Trap Filters: Configures SNMP v3 trap filters. ■ • Filter ID – A user-defined name that identifies the filter. (Maximum length: 32 characters) • Subtree OID – Specifies the MIB subtree to be filtered. The OID can specify one trap or include all the traps under the OID subtree.

  • Page 81

    Access Point Configuration Configuring SNMP To Create SNMP Trap Targets: Select the Configuration tab. Click the [ button. SNMP Trap] Click the button under under SNMP Targets. [New] In the SNMP Target Address window, type a name for the Target ID. Specify the IP address of the receiving management station and the UDP port used.

  • Page 82

    Access Point Configuration Configuring SNMP To Create SNMP Trap Filters: Select the Configuration tab. Click the [ button. SNMP Trap] Click on the button under SNMP Trap Filters. [New] Figure 5-8. Creating SNMP Trap Filters In the SNMP Notification New Filter window, type a name for the filter. Specify a MIB subtree OID to filter.

  • Page 83: Cli: Configuring Snmp V3 Trap Targets And Filters

    Access Point Configuration Configuring SNMP Figure 5-9. Adding SNMP Trap Filter Objects CLI: Configuring SNMP v3 Trap Targets and Filters CLI Commands Used in This Section Command Syntax CLI Reference Page [no] snmpv3 filter <filter-id> <include | exclude> <subtree> page 6-35 [no] snmpv3 filter-assignments <target-id>...

  • Page 84: Web: Configuring Snmp V1 And V2c Trap Destinations

    Access Point Configuration Configuring SNMP Creating SNMP v3 Trap Filters. To create a notification filter, use the snmp-server filter command from the CLI configuration mode. Use the command more than once with the same filter ID to build a filter that specifies multiple MIB objects.

  • Page 85

    Access Point Configuration Configuring SNMP Trap Destination Community Name: The community string sent with ■ the notification operation. (Maximum length: 32 characters) ■ Trap Configuration: Allows selection of specific SNMP notifications to send (includes traps for SNMP v1 and v2c hosts and v3 targets). The following are available: •...

  • Page 86

    Access Point Configuration Configuring SNMP • dot1xAuthFail – A 802.1X client station has failed RADIUS authen­ tication. (Object ID: 1.3.6.1.4.1.11.2.14.11.6.4.1.1.7.4.2.10) • localMacAddrAuthSuccess – A client station has successfully authenticated its MAC address witht the local database on the access point. (Object ID: 1.3.6.1.4.1.11.2.14.11.6.4.1.1.7.4.2.11) •...

  • Page 87: Cli: Configuring Snmp V1 And V2c Trap Destinations

    Access Point Configuration Configuring SNMP Figure 5-10. Configuring SNMP Trap Destinations CLI: Configuring SNMP v1 and v2c Trap Destinations CLI Commands Used in This Section Command Syntax CLI Reference Page [no] snmp-server host <server_index> <host_ip_address page 6-28 | host_name> <community-string> [no] snmp-server trap <trap>...

  • Page 88

    Access Point Configuration Configuring SNMP To send SNMP v1 and v2c traps to a management station, specify the host IP address using the snmp-server host command and enable specific traps using the snmp-server trap command. HP420(config)#snmp-server host 1 192.168.1.10 private HP420(config)#snmp-server host 2 192.168.1.19 private HP420(config)#snmp-server trap dot11stationassociation HP420(config)#snmp-server trap dot11stationauthentication...

  • Page 89: Enabling System Logging

    Access Point Configuration Enabling System Logging Enabling System Logging The access point supports a logging process that can control error messages saved to memory or sent to a Syslog server. The logged messages serve as a valuable tool for isolating access point and network problems. The system allows you to limit the messages that are logged by specifying a minimum severity level.

  • Page 90: Web: Setting Logging Parameters

    Access Point Configuration Enabling System Logging Web: Setting Logging Parameters The System Servers window on the Administration tab enables system logs and Syslog server details to be configured for the access point. The web interface enables you to modify these parameters: ■...

  • Page 91: Cli: Setting Logging Parameters

    Access Point Configuration Enabling System Logging Figure 5-11. Setting Logging Parameters CLI: Setting Logging Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page [no] logging on page 6-15 [no] logging host <host_name | host_ip_address> page 6-15 [no] logging console page 6-16 logging level <Alert | Critical | Error | Warning | page 6-16...

  • Page 92

    Access Point Configuration Enabling System Logging The following example shows how to enable logging, set the minimum severity level of messages to be logged, and send messages to the console. HP420(config)#logging on HP420(config)#logging level critical HP420(config)#logging console HP420(config)# The following example shows how to configure the access point to send logging messages to a Syslog server.

  • Page 93: Configuring Sntp

    Access Point Configuration Configuring SNTP Configuring SNTP Simple Network Time Protocol (SNTP) allows the access point to set its internal clock based on periodic updates from a time server (SNTP or NTP). Maintaining an accurate time on the access point enables the system log to record meaningful dates and times for event entries.

  • Page 94

    Access Point Configuration Configuring SNTP Enable Daylight Saving: The access point provides a way to automati­ ■ cally adjust the system clock for Daylight Saving Time (DST) changes. To use this feature you define the month and date to begin and to end the change from standard time.

  • Page 95: Cli: Setting Sntp Parameters

    Access Point Configuration Configuring SNTP Figure 5-12. Setting SNTP Parameters CLI: Setting SNTP Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page [no] sntp-server enable page 6-20 sntp-server ip <1 | 2> <ip> page 6-19 sntp-server date-time page 6-20 [no] sntp-server daylight-saving page 6-21...

  • Page 96

    Access Point Configuration Configuring SNTP The following example shows how to enable SNTP, configure primary and secondary time server IP addresses, set the time zone, and enable Daylight Saving. HP420(config)#sntp-server enable HP420(config)#sntp-server ip 1 10.1.0.19 HP420(config)#sntp-server ip 2 10.1.2.233 HP420(config)#sntp-server timezone -8 HP420(config)#sntp-server daylight-saving Enter Daylight saving from which month<1-12>: 3 and which day<1-31>: 31...

  • Page 97: Configuring Ethernet Interface Parameters

    Access Point Configuration Configuring Ethernet Interface Parameters Configuring Ethernet Interface Parameters The access point’s Ethernet interface can be configured to use auto-negotia­ tion to set the operating speed and duplex mode. When auto-negotiation is disabled, the operating speed and duplex mode must be manually set to match that of the connected device.

  • Page 98: Cli: Setting Ethernet Interface Parameters

    Access Point Configuration Configuring Ethernet Interface Parameters Figure 5-13. Setting Ethernet Interface Parameters CLI: Setting Ethernet Interface Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page interface <ethernet | wireless g> page 6-62 [no] shutdown page 6-65 speed-duplex <auto | 10MH | 10MF | 100MF | 100MH>...

  • Page 99

    Access Point Configuration Configuring Ethernet Interface Parameters To display the current Ethernet interface status from the Exec level, use the show interface ethernet command, as shown in the following example. HP420#show interface ethernet Ethernet Interface Information =========================================================== IP Address : 10.1.0.1 Subnet Mask : 255.255.255.0 Default Gateway...

  • Page 100: Configuring Radius Client Authentication

    Access Point Configuration Configuring RADIUS Client Authentication Configuring RADIUS Client Authentication Remote Authentication Dial-in User Service (RADIUS) is an authentication protocol that uses software running on a central server to control access to RADIUS-aware devices on the network. An authentication server contains a database of user credentials for each user that requires access to the network.

  • Page 101

    Access Point Configuration Configuring RADIUS Client Authentication VLAN ID Format: Sets the format for specifying VLAN IDs on the ■ RADIUS server. • Ascii - Enter VLAN IDs as an ASCII string. • Hex - Enter VLAN IDs as a hexadecimal number. Primary Radius Server Setup: Configure the following settings to use ■...

  • Page 102

    Access Point Configuration Configuring RADIUS Client Authentication 6. (Optional) For the Timeout and Retransmit Attempts fields, accept the default values unless you experience problems connecting to the RADIUS server over the network. 7. (Optional) If you have a secondary RADIUS server in the network, specify its IP address and other parameters in the appropriate fields.

  • Page 103: Cli: Setting Radius Server Parameters

    Access Point Configuration Configuring RADIUS Client Authentication CLI: Setting RADIUS Server Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page radius-server address [secondary] <host_ip_address | host_name> page 6-43 radius-server [secondary] port <port_number> page 6-44 radius-server [secondary] key <key_string> page 6-44 radius-server [secondary] retransmit <number_of_retries>...

  • Page 104

    Access Point Configuration Configuring RADIUS Client Authentication To display the current RADIUS server settings from the Exec level, use the show radius command, as shown in the following example. HP420#show radius ======================================== Radius MAC Address Format: SINGLE_DASH Radius VLAN ID Format: ASCII Radius Server Information ========================================...

  • Page 105: Setting Up Filter Control

    Access Point Configuration Setting up Filter Control Setting up Filter Control The access point can employ VLAN ID and network traffic frame filtering to control access to network resources and increase security. Access and Frame Filtering. You can prevent communications between wireless clients associated to the access point, only allowing traffic between clients and the wired network.

  • Page 106: Web: Enabling Vlan Support And Setting Filters

    Access Point Configuration Setting up Filter Control When VLAN filtering is enabled, the access point must be using a security configuration that enables 802.1X authentication (see page 5-74) and have a RADIUS server configured (see page 5-42). Wireless clients must also support 802.1X client software to be assigned to a specific VLAN.

  • Page 107

    Access Point Configuration Setting up Filter Control • Disable: Access point does not filter Ethernet protocol types. • Enable: Access point filters Ethernet protocol types based on the configuration of protocol types in the filter table. If a protocol has its status set to “ON,”...

  • Page 108: Cli: Enabling Vlan Support And Setting Filters

    Access Point Configuration Setting up Filter Control button from the Software 7. Reboot the access point by using the [Reboot] Upgrade screen on the Administration tab. Figure 5-15. The Filter Control Window CLI: Enabling VLAN Support and Setting Filters CLI Commands Used in This Section Command Syntax CLI Reference Page [no] vlan enable...

  • Page 109

    Access Point Configuration Setting up Filter Control Command Syntax CLI Reference Page [no] filter ethernet-type protocol <protocol> page 6-58 show filters page 6-59 The following example shows how to set the native VLAN ID and enable VLAN support. Note that to enable or disable VLAN support, you must reboot the access point.

  • Page 110

    Access Point Configuration Setting up Filter Control HP420#show filters Protocol Filter Information =========================================================== Local Bridge :ENABLED AP Management :ENABLED Ethernet Type Filter :ENABLED Enabled Protocol Filters ----------------------------------------------------------- Protocol: Novell_IPX(new) ISO: 0x8138 Protocol: Novell_IPX(old) ISO: 0x8137 =========================================================== HP420# 5-52...

  • Page 111: Modifying Radio Settings

    Access Point Configuration Modifying Radio Settings Modifying Radio Settings The access point can operate in three standard modes, IEEE 802.11b only, 802.11g only, or a mixed 802.11b/802.11g mode. N o t e Both the IEEE 802.11g and 802.11b standards operate within the 2.4 GHz band. In a wireless LAN environment there can often be interference from other 2.4 GHz devices, such as cordless phones.

  • Page 112: Web: Modifying The Radio Working Mode And Settings

    Access Point Configuration Modifying Radio Settings Web: Modifying the Radio Working Mode and Settings The Port/Radio Settings window on the Configuration tab provides the basic settings for the access point’s radio operation. The access point’s radio channel settings are limited by local regulations, which determine the number of channels that are available.

  • Page 113

    Access Point Configuration Modifying Radio Settings Beacon Interval: The rate at which beacon frames are transmitted from ■ the access point. The beacon frames allow wireless clients to maintain contact with the access point. They may also carry power-management information. ■...

  • Page 114

    Access Point Configuration Modifying Radio Settings Preamble: Sets the length of the signal preamble that is used at the start ■ of a data transmission. Using a short preamble (96 microseconds) instead of a long preamble (192 microseconds) can increase data throughput on the access point, but requires that all clients can support a short preamble.

  • Page 115: Cli: Modifying The Radio Working Mode And Settings

    Access Point Configuration Modifying Radio Settings Figure 5-16. Port/Radio Settings Window CLI: Modifying the Radio Working Mode and Settings CLI Commands Used in This Section Command Syntax CLI Reference Page country <country_code> page 6-9 interface <ethernet | wireless g> page 6-62 radio-mode <b | g | b+g>...

  • Page 116

    Access Point Configuration Modifying Radio Settings Command Syntax CLI Reference Page beacon-interval <interval> page 6-73 dtim-period <interval> page 6-73 fragmentation-length <length> page 6-74 rts-threshold <threshold> page 6-75 slot-time [short | long | auto] page 6-76 preamble [long | shortorlong] page 6-77 transmit-power <signal-strength>...

  • Page 117

    Access Point Configuration Modifying Radio Settings HP420#country ? WORD Country code: AL-ALBANIA, DZ-ALGERIA, AR-ARGENTINA, AM-ARMENIA, AU-AUSTRALIA, AT-AUSTRIA, AZ-AZERBAIJAN, BH-BAHRAIN, BY-BELARUS, BE-BELGIUM, BZ-BELIZE, BO-BOLVIA, BR-BRAZIL, BN-BRUNEI_DARUSSALAM, BG-BULGARIA, CA-CANADA, CL-CHILE, CN-CHINA, CO-COLOMBIA, CR-COSTA_RICA, HR-CROATIA, CY-CYPRUS, CZ-CZECH_REPUBLIC, DK-DENMARK, DO-DOMINICAN_REPUBLIC, EC-ECUADOR, EG-EGYPT, EE-ESTONIA, FI-FINLAND, FR-FRANCE, GE-GEORGIA, DE-GERMANY, GR-GREECE, GT-GUATEMALA, HK-HONG_KONG, HU-HUNGARY, IS-ICELAND, IN-INDIA, ID-INDONESIA, IR-IRAN, IE-IRELAND, IL-ISRAEL, IT-ITALY, JP-JAPAN, JO-JORDAN, KZ-KAZAKHSTAN,...

  • Page 118

    Access Point Configuration Modifying Radio Settings Using the CLI to Configure Radio Settings. The following example shows how to enable and disable the radio, as well as configure other radio parameters. HP420(config)#interface wireless g Enter Wireless configuration commands, one per line. HP420(if-wireless g)#shutdown HP420(if-wireless g)#speed 24 HP420(if-wireless g)#multicast-data-rate 2...

  • Page 119

    Access Point Configuration Modifying Radio Settings ----------------Security----------------------------------- Closed System : DISABLED 802.11 Authentication : OPEN WPA clients : SUPPORTED 802.1x : DISABLED Encryption : DISABLED **[WEP key]*********************************************** Key Length : -------- Default Transmit Key : 1 Cipher : WEP WEP Key Data Type : Hexadecimal Static Keys : Key 1: EMPTY...

  • Page 120: Web: Setting The Antenna Mode And Transmit Power Control

    Access Point Configuration Modifying Radio Settings Web: Setting the Antenna Mode and Transmit Power Control Limits The Port/Radio Settings window on the Configuration tab provides access to the configuration settings for external antennas. C a u t i o n An improper combination of transmit power and antenna gain may result in an EIRP power level in excess of the legally imposed limit.

  • Page 121

    Access Point Configuration Modifying Radio Settings 802.11g Transmit Power Control (TPC) Settings (%) External Antenna FCC/IC EU/ETSI Japan Taiwan 7 dBi Indoor/Outdoor Directional, J8443A 8 dBi Outdoor Omni, J8444A — — — 11 dBi Indoor/Outdoor wide angle — — — directional, J8446A* * Use of this antenna in the EU/ETSI region or Taiwan requires an additional insertion loss of 2 dB for this radio mode.

  • Page 122

    Access Point Configuration Modifying Radio Settings • High Channel: The percentage of full power allowed for high radio channels. ■ Antenna Mode: Sets the operation mode for the antenna type currently attached to the access point. (Default: Diversity) • Diversity: A diversity antenna system includes two identical antenna elements that are both used to transmit and receive radio signals.

  • Page 123: Cli: Setting The Antenna Mode And Transmit Power Control

    Access Point Configuration Modifying Radio Settings Figure 5-17. Antenna Mode and Port/Radio Settings Window CLI: Setting the Antenna Mode and Transmit Power Control Limits CLI Commands Used in This Section Command Syntax CLI Reference Page interface <ethernet | wireless g> page 6-62 antenna-mode <diversity | single>...

  • Page 124

    Access Point Configuration Modifying Radio Settings Using the CLI to Set the Antenna Mode. The following example shows how to set the antenna mode for the access point when using a non-diversity antenna. HP420(config)#interface wireless g Enter Wireless configuration commands, one per line. HP420(if-wireless g)#antenna-mode single HP420(if-wireless g)# Using the CLI to Set the Transmit Power Control Limits.

  • Page 125

    Access Point Configuration Modifying Radio Settings Beacon Interval : 60 TUs DTIM Interval : 8 beacons Preamble Length : SHORT OR LONG Slot time : SHORT Maximum Association : 64 stations ----------------Security----------------------------------- Closed System : DISABLED 802.11 Authentication : OPEN WPA clients : SUPPORTED 802.1x...

  • Page 126: Configuring Wireless Security

    Access Point Configuration Configuring Wireless Security Configuring Wireless Security The access point is configured by default as an “open system,” which broad- casts a beacon frame including the configured SSID. If a wireless client has a configured SSID of “any,” it can read the SSID from the beacon and use it to allow immediate connection to the access point.

  • Page 127

    Access Point Configuration Configuring Wireless Security network by requiring an 802.1X client application to submit user credentials for authentication. The 802.1X standard uses the Extensible Authentication Protocol (EAP) to pass user credentials (either digital certificates, usernames and passwords, or other) from the client to the RADIUS server. Client authen­ tication is then verified on the RADIUS server before the access point grants client access to the network.

  • Page 128

    Access Point Configuration Configuring Wireless Security starts with a master (temporal) key for each user session and then mathematically generates other keys to encrypt each data packet. TKIP provides further data encryption enhancements by including a message integrity check for each packet and a re-keying mechanism, which peri­ odically changes the master key.

  • Page 129

    Access Point Configuration Configuring Wireless Security Table 5-1. Summary of Wireless Security Security Mechanism Client Support Implementation Considerations Static WEP Keys Built-in support on all 802.11b and • Provides only weak security 802.11g devices • Requires manual key management Dynamic WEP Keys with Requires 802.1X client support in • Provides dynamic key rotation for improved WEP 802.1X system or by add-in software...

  • Page 130

    Access Point Configuration Configuring Wireless Security Table 5-1. Summary of Wireless Security Configuration Configuring Encryption in the HP ProCurve Wireless Access Point 420 Encryption Methods and CLI Privilege Level and Commands*** Additional Notes Process Requirements No Security Context Configuration Level 1. Configure Security HP420(if-wireless g)#security-suite 1 Suite wizard option 1...

  • Page 131

    Access Point Configuration Configuring Wireless Security Configuring Encryption in the HP ProCurve Wireless Access Point 420 Encryption Methods and CLI Privilege Level and Commands*** Additional Notes Process Requirements WEP Static ONLY Global Configuration Level WEP supported Requires manual client required. key management.

  • Page 132: Web: Using The Security Wizard

    Access Point Configuration Configuring Wireless Security Configuring MAC Authentication in the HP ProCurve Wireless Access Point 420 Local MAC MAC Authentication Table RADIUS Comments Authentication Authentication Authentication MAC Address Permission Mode MAC Table Active Inactive Permission Local MAC Local MAC Allow xx-xx-xx-xx-xx-xx All MAC addresses...

  • Page 133

    Access Point Configuration Configuring Wireless Security Static WEP: Use static IEEE 802.11 Wired Equivalent Privacy (WEP) ■ shared keys for user authentication and data encryption. Requires the setting of at least one key by specifying the key length, type, and the transmit key index.

  • Page 134

    Access Point Configuration Configuring Wireless Security Dynamic WEP (802.1x): Use 802.1X for user authentication and to pass ■ dynamic WEP unicast session keys and static broadcast keys to wireless clients. Requires a RADIUS server to be configured and available in the wired network.

  • Page 135

    Access Point Configuration Configuring Wireless Security – None: The access point does not use 802.1X authentication for any wireless client. After successful wireless association with the access point, each client is allowed to access the network. – Supported: The access point supports 802.1X authentication only for clients initiating the 802.1X authentication process (the access point does not initiate 802.1X authentication).

  • Page 136

    Access Point Configuration Configuring Wireless Security Click the [ button. Security Suite] Select wizard option Static WEP. Select the key length to be used by all clients, 64, 128, or 152 bit. 5. For the Key Index, select one key to be used to encrypt data transmitted from the access point.

  • Page 137

    Access Point Configuration Configuring Wireless Security 6. Configure parameters for the primary RADIUS server and, optionally, a secondary RADIUS server. See “Web: Setting RADIUS Server Parameters” on page 5-42 for more details. Configure time interval periods for 802.1X reauthentication and key refresh rates.

  • Page 138

    Access Point Configuration Configuring Wireless Security Figure 5-18. Security Suite Window 5-80...

  • Page 139: Cli: Configuring Security Settings

    Access Point Configuration Configuring Wireless Security Figure 5-19. The Auth. Servers Window 802.1X Setup CLI: Configuring Security Settings CLI Commands Used in This Section Command Syntax CLI Reference Page interface <ethernet | wireless g> page 6-62 key-length-wep <64 | 128 | 152> page 6-80 transmit-key-wep <index>...

  • Page 140

    Access Point Configuration Configuring Wireless Security Command Syntax CLI Reference Page wpa-preshared-key <type> <value> page 6-85 802.1x broadcast-key-refresh-rate <rate> page 6-50 802.1x session-key-refresh-rate <rate> page 6-50 802.1x session-timeout <seconds> page 6-51 show interface wireless g page 6-86 show station page 6-87 To configure access point security using the CLI, the security-suite command provides wizard options to set parameters for six common security mecha­...

  • Page 141

    Access Point Configuration Configuring Wireless Security Using the CLI to Configure Static WEP Shared Keys. The following example shows how to configure the access point to use static WEP keys for authentication and encryption. The security-suite shared-key command must be used first to enable 802.11 shared-key authentication and enable encryp­ tion.

  • Page 142

    Access Point Configuration Configuring Wireless Security The following example shows how to configure access point security for WPA­ PSK mode. Supported clients must be WPA-enabled and configured with the same pre-shared key. HP420(if-wireless g)#security-suite 3 HP420(if-wireless g)#wpa-preshared-key ASCII a very good secret key HP420(if-wireless g)# Alternatively, you can use the following security-suite command to configure...

  • Page 143

    Access Point Configuration Configuring Wireless Security Using the CLI to Configure WPA with 802.1X. To configure the access point to support only WPA-enabled clients, use the security-suite command wizard option 6 for AES encryption, or option 7 for TKIP encryption. (Also requires RADIUS server configuration.) HP420(if-wireless g)#security-suite 6 HP420(if-wireless g)#end...

  • Page 144

    Access Point Configuration Configuring Wireless Security Using the CLI to Configure Mixed Mode Static WEP Keys and WPA­ PSK. The following example shows how to manually configure access point security to support static WEP users as well as WPA-PSK clients. HP420(if-wireless g)#security-suite open-system wpa­...

  • Page 145: Web: Configuring Mac Address Authentication

    Access Point Configuration Configuring Wireless Security Web: Configuring MAC Address Authentication The access point can be configured to authenticate client MAC addresses against a database stored locally on the access point or remotely on a RADIUS server. Client MAC addresses in the local database can be specified as allowed or denied access to the network.

  • Page 146

    Access Point Configuration Configuring Wireless Security N o t e The access point does not support a security combination of RADIUS MAC authentication and WPA with 802.1X or WPA pre-shared key. The MAC Authentication window on the Security tab enables the access point to be configured to use MAC address authentication.

  • Page 147

    Access Point Configuration Configuring Wireless Security • Delete: When selected, the specified MAC address entry is removed from the database when the button is clicked. [Apply Changes] To Configure MAC Authentication Using a Local Database: Select the Security tab. Click the [ button.

  • Page 148: Cli: Configuring Mac Address Authentication

    Access Point Configuration Configuring Wireless Security Figure 5-20. Local MAC Authentication CLI: Configuring MAC Address Authentication CLI Commands Used in This Section Command Syntax CLI Reference Page mac-authentication server [local | remote] page 6-53 mac-access permission <allowed | denied> page 6-52 mac-access entry <mac-address>...

  • Page 149

    Access Point Configuration Configuring Wireless Security Configuring Local MAC Authentication. The following example shows how to configure MAC address authentication using the access point’s local database. The example shows three client MAC addresses that are permitted to access the network. All other MAC addresses are denied access. HP420(config)#mac-authentication server local HP420(config)#mac-access permission allowed HP420(config)#mac-access entry 00-70-50-cc-99-1a active...

  • Page 150

    Access Point Configuration Configuring Wireless Security Displaying MAC Authentication Settings. The following example shows how to display the current authentication configuration on the access point from the Exec level. HP420#show authentication Authentication Information ========================================================= MAC Authentication Server : LOCAL MAC Auth Session Timeout Value : 0 secs 802.1x : DISABLED Broadcast Key Refresh Rate...

  • Page 151: Command Line Reference

    Command Line Reference Contents Overview ............6-2 General Commands .

  • Page 152: Overview

    Command Line Reference Overview Overview This chapter describes the commands provided by the CLI. The CLI commands can be broken down into the functional groups shown below. Command Group Description Page General Basic commands for entering configuration mode, restarting the system, or quitting the CLI System Controls user name, password, system logs, browser Management...

  • Page 153: General Commands

    Command Line Reference General Commands General Commands Command Function Mode Page configure Activates global configuration mode Exec Returns to the previous configuration mode GC, IC exit Returns to the Exec mode, or exits the CLI ping Sends ICMP echo request packets to another node Exec on the network reset Restarts the system...

  • Page 154: End

    Command Line Reference General Commands This command returns to the previous configuration mode. Default Setting None Command Mode Global Configuration, Interface Configuration Example This example shows how to return to the Configuration mode from the Ethernet Interface Configuration mode: HP420(if-ethernet)#end HP420(config)# exit This command returns to the Exec mode or exits the configuration program.

  • Page 155: Ping

    Command Line Reference General Commands ping This command sends ICMP echo request packets to another node on the network. Syntax ping <host_name | ip_address> • host_name - Alias of the host. ip_address - IP address of the host. • Default Setting None Command Mode Exec...

  • Page 156: Reset

    Command Line Reference General Commands reset This command restarts the system or restores the factory default settings. Syntax reset <board | configuration> • board - Reboots the system. configuration - Resets the configuration settings to the factory • defaults, and then reboots the system. Default Setting None Command Mode...

  • Page 157: Show Line

    Command Line Reference General Commands Example In this example, the show history command lists the contents of the command history buffer: HP420#show history config exit show history HP420# show line This command displays the console port’s configuration settings. Command Mode Exec Example The console port settings are fixed at the values shown below.

  • Page 158: System Management Commands

    Command Line Reference System Management Commands System Management Commands These commands are used to configure the user name, password, system logs, browser management options, clock settings, and a variety of other system information. Command Function Mode Page Country Setting Sets the country code for correct radio operation country Sets the access point country code Exec...

  • Page 159: Country

    Command Line Reference System Management Commands Command Function Mode Page System Clock Sets the system clock via an NTP/SNTP server sntp-server ip Specifies one or more time servers 6-19 sntp-server Accepts time from the specified time servers 6-20 enable sntp-server Manually sets the system date and time 6-20 date-time...

  • Page 160

    Command Line Reference System Management Commands Table 6-1. Access Point Country Codes Country Code Country Code Country Code Country Code Albania Dominican Repulic Kuwait Qatar Algeria Ecuador Latvia Romania Argentina Egypt Lebanon Russia Armenia Estonia Liechtenstein Saudia Arabia Australia Finland Lithuania Singapore Austria...

  • Page 161: Prompt

    Command Line Reference System Management Commands Command Mode Exec Command Usage • The access point’s Country Code must be set before the radio can be enabled. • The available Country Code settings can be displayed by using the country ? command. •...

  • Page 162: System Name

    Command Line Reference System Management Commands Example HP420(config)#prompt RD2 RD2(config)# system name This command specifies or modifies the system name for this device. Syntax system name <name> name - The name of this host. (Maximum length: 32 characters) Default Setting Enterprise AP Command Mode Global Configuration...

  • Page 163: Password

    Command Line Reference System Management Commands Example HP420(config)#username bob HP420(config)# password After initially logging onto the system, you should set the password. Remember to record it in a safe place. Use the no form to reset the default password. Syntax password <password>...

  • Page 164: Ip Http Server

    Command Line Reference System Management Commands Command Mode Global Configuration Command Usage To avoid using common reserved TCP port numbers below 1024, the configurable range is restricted to between 1024 and 65535. However, the default port number is 80. To reset the default port number, use the no ip http port command.

  • Page 165: Logging On

    Command Line Reference System Management Commands logging on This command controls logging of error messages, i.e., sending debug or error messages to memory. The no form disables the logging process. Syntax logging on no logging Default Setting None Command Mode Global Configuration Command Usage The logging process controls error messages saved to memory.

  • Page 166: Logging Console

    Command Line Reference System Management Commands Example HP420(config)#logging host 10.1.0.3 HP420(config)# logging console This command initiates logging of error messages to the console. Use the no form to disable logging to the console. Syntax logging console no logging console Default Setting Disabled Command Mode Global Configuration...

  • Page 167: Logging Facility-type

    Command Line Reference System Management Commands Command Usage Messages sent include the selected level down to the Alert level. Level Argument Description Alerts Immediate action needed Critical Critical conditions (for example, memory allocation, or free memory error - resource exhausted) Error Error conditions (for example, invalid input, default used) Warning...

  • Page 168: Show Logging

    Command Line Reference System Management Commands Command Usage The command specifies the facility type tag sent in Syslog messages. (See RFC 3164.) This type has no effect on the kind of messages reported by the access point. However, it may be used by the Syslog server to sort messages or to store messages in the corresponding database.

  • Page 169: Sntp-server Ip

    Command Line Reference System Management Commands sntp-server ip This command sets the IP address of the servers to which SNTP time requests are issued. Use this command with no arguments to clear all time servers from the current list. Syntax sntp-server ip <1 | 2>...

  • Page 170: Sntp-server Enable

    Command Line Reference System Management Commands sntp-server enable This command enables SNTP client requests for time synchronization with NTP or SNTP time servers specified by the sntp-server ip command. Use the no form to disable SNTP client requests. Syntax sntp-server enable no sntp-server enable Default Setting Disabled...

  • Page 171: Sntp-server Daylight-saving

    Command Line Reference System Management Commands Example This example sets the system clock to 17:37 June 19, 2003. HP420#sntp-server date-time Enter Year<1970-2100>: 2003 Enter Month<1-12>: 6 Enter Day<1-31>: 19 Enter Hour<0-23>: 17 Enter Min<0-59>: 37 HP420# Related Commands sntp-server enable (page 6-20) sntp-server daylight-saving This command sets the start and end dates for daylight savings time.

  • Page 172: Sntp-server Timezone

    Command Line Reference System Management Commands Example This sets daylight savings time to be used from March 31st to October 31st. HP420(config)#sntp-server daylight-saving Enter Daylight saving from which month<1-12>: 3 and which day<1-31>: 31 Enter Daylight saving end to which month<1-12>: 10 and which day<1-31>: 31 HP420(config)# sntp-server timezone...

  • Page 173: Show Sntp

    Command Line Reference System Management Commands show sntp This command displays the current time and configuration settings for the SNTP client. Command Mode Exec Example HP420#show sntp SNTP Information ========================================================= Service State : Enabled SNTP (server 1) IP : 137.92.140.80 SNTP (server 2) IP : 192.43.244.18 Current Time...

  • Page 174: Show Version

    Command Line Reference System Management Commands Example HP420#show system System Information =========================================================== Serial Number : 0000000001 System Up time : 0 days, 6 hours, 10 minutes, 25 seconds System Name : Enterprise AP System Location System Contact : Contact System Country Code : NA - North America MAC Address : 00-30-F1-81-83-12 IP Address...

  • Page 175: Snmp Commands

    Command Line Reference SNMP Commands SNMP Commands The access point includes an agent that supports Simple Network Manage­ ment Protocol (SNMP) versions 1, 2c, and 3. Access to the agent using SNMP v1 and v2c is controlled by community strings. To communicate with the access point, a management station must first submit a valid community string for authentication.

  • Page 176: Snmp-server Community

    Command Line Reference SNMP Commands snmp-server community This command defines the community access string for the Simple Network Management Protocol. Use the no form to remove the specified community string. Syntax snmp-server community <string> [ro | rw] no snmp-server community <string> •...

  • Page 177: Snmp-server Contact

    Command Line Reference SNMP Commands snmp-server contact This command sets the system contact string. Use the no form to remove the system contact information. Syntax snmp-server contact <string> no snmp-server contact string - String that describes the system contact. (Maximum length: 255 characters) Default Setting Contact Command Mode...

  • Page 178: Snmp-server Host

    Command Line Reference SNMP Commands Command Usage • This command enables both authentication failure notifications and link up-down notifications. • The snmp-server host command specifies the host device that will receive SNMP notifications. Example HP420(config)#snmp-server enable server HP420(config)# Related Commands snmp-server host (page 6-28) snmp-server host This command specifies the recipient of an SNMP notification.

  • Page 179: Snmp-server Trap

    Command Line Reference SNMP Commands Command Usage The snmp-server host command is used in conjunction with the snmp-server enable server command to enable SNMP notifications. Example HP420(config)#snmp-server host 1 10.1.19.23 batman HP420(config)# Related Commands snmp-server enable server (page 6-27) snmp-server trap This command enables the access point to send specific SNMP traps (i.e., notifications) to SNMP v1 and v2c hosts and v3 targets.

  • Page 180

    Command Line Reference SNMP Commands – iappContextDataSent - a client station’s Context Data has been sent to another access point with which the station has associated – iappStationRoamedFrom - a client station has roamed from another access point (identified by its IP address) –...

  • Page 181: Snmp-server Location

    Command Line Reference SNMP Commands snmp-server location This command sets the system location string. Use the no form to remove the location string. Syntax snmp-server location <text> no snmp-server location text - String that describes the system location. (Maximum length: 255 characters) Default Setting None Command Mode...

  • Page 182: Snmpv3 User

    Command Line Reference SNMP Commands Command Usage This command is used in conjuction with the snmpv3 user command. • • Entering this command invalidates the engine ID that is currently configured. • If the engine ID is deleted or changed, all SNMP users will be cleared. You will need to reconfigure all existing users.

  • Page 183

    Command Line Reference SNMP Commands • The access point enables SNMP v3 users to be assigned to three pre- defined groups. Other groups cannot be defined. The available groups are: – RO - A read-only group using no authentication and no data encryption.

  • Page 184: Snmpv3 Targets

    Command Line Reference SNMP Commands Example HP420(config)#snmpv3 user User Name<1-32> :chris Group Name<1-32> :RWPriv Authtype(md5,<cr>none):md5 Passphrase<8-32>:a good secret Privacy(des,<cr>none) :des Passphrase<8-32>:a very good secret HP420(config)# snmpv3 targets This command configures SNMP v3 notification targets. Use the no form to delete an SNMP v3 target. Syntax snmpv3 targets <target-id>...

  • Page 185: Snmpv3 Filter

    Command Line Reference SNMP Commands • The SNMP v3 user name that is specfied in the target must first be configured using the snmpv3 user command. Example HP420(config)#snmpv3 targets mytraps 192.168.1.33 chris HP420(config)# snmpv3 filter This command configures SNMP v3 notification filters. Use the no form to delete an SNMP v3 filter or remove a subtree from a filter.

  • Page 186: Snmpv3 Filter-assignments

    Command Line Reference SNMP Commands Example This example creates a filter "trapfilter" that will send only the hpdot11StationAssociation trap to the assigned receiving target. HP420(config)#snmpv3 filter trapfilter exclude .1 HP420(config)#snmpv3 filter trapfilter include .1.3.6.1.4.1.11.2.14.11.6.4.1.1.7.4.2.1 HP420(config)# snmpv3 filter-assignments This command assigns SNMP v3 notification filters to targets. Use the no form to remove an SNMP v3 filter assignment.

  • Page 187: Show Snmpv3

    Command Line Reference SNMP Commands show snmpv3 This command displays the SNMP v3 users, trap targets, filter assignments and settings. Command Mode Exec Example HP420#show snmpv3 EngineId :00:00:00:0b:00:00:00:30:f1:81:83:12 EngineBoots:4 SNMP Users ============================================= UserName :chris GroupName :RWPriv AuthType :MD5 Passphrase:**************** PrivType :DES Passphrase:**************** ---------------------------------------------...

  • Page 188: Show Snmp-server

    Command Line Reference SNMP Commands show snmp-server This command displays the SNMP configuration settings. Command Mode Exec Example HP420#show snmp-server SNMP Information ============================================== Service State : Enable Community (ro) : ***** Community (rw) : ***** Location : WC-19 Contact : Paul EngineId :80:00:07:e5:80:00:00:2e:62:00:00:00:18 EngineBoots:1...

  • Page 189: Flash/file Commands

    Command Line Reference Flash/File Commands Flash/File Commands These commands are used to manage the system software or configuration files. Command Function Mode Page bootfile Specifies the software file used to start up the system Exec 6-39 copy Copies a software or configuration file between flash Exec 6-40 memory and a FTP/TFTP server...

  • Page 190: Copy

    Command Line Reference Flash/File Commands copy This command copies a boot file or software file between an FTP/TFTP server and the access point’s flash memory. It also allows you to upload a copy of the configuration file from the access point’s flash memory to an FTP/TFTP server. When you save the configuration settings to a file on an FTP/TFTP server, that file can later be downloaded to the access point to restore system operation.

  • Page 191: Delete

    Command Line Reference Flash/File Commands Example The following example shows how to upload the configuration settings to a file on the TFTP server: HP420#copy config tftp TFTP Source file name:syscfg TFTP Server IP:192.168.1.19 HP420# The following example shows how to download a configuration file: HP420#copy tftp file 1.

  • Page 192: Dir

    Command Line Reference Flash/File Commands Example This example shows how to delete the test.cfg configuration file from flash memory. HP420#delete test.cfg Are you sure you wish to delete this file? <y/n>: HP420# Related Commands bootfile (page 6-39) dir (page 6-42) This command displays a list of files in flash memory.

  • Page 193: Radius Client

    Command Line Reference RADIUS Client RADIUS Client Remote Authentication Dial-in User Service (RADIUS) is a logon authentica­ tion protocol that uses software running on a central server to control access for RADIUS-aware devices to the network. An authentication server contains a database of user credentials for each wireless client that requires access to the network.

  • Page 194: Radius-server Port

    Command Line Reference RADIUS Client Command Mode Global Configuration Example HP420(config)#radius-server address 192.168.1.25 HP420(config)# radius-server port This command sets the RADIUS server network port. Syntax radius-server [secondary] port <port_number> • secondary - Secondary server. • port_number - RADIUS server UDP port used for authentication messages.

  • Page 195: Radius-server Retransmit

    Command Line Reference RADIUS Client Default Setting DEFAULT Command Mode Global Configuration Example HP420(config)#radius-server key green HP420(config)# radius-server retransmit This command sets the number of retries. Syntax radius-server [secondary] retransmit <number_of_retries> secondary - Secondary server. • • number_of_retries - Number of times the access point will try to authenticate logon access via the RADIUS server.

  • Page 196: Radius-server Mac-format

    Command Line Reference RADIUS Client number_of_seconds - Number of seconds the access point waits for a • reply before resending a request. (Range: 1-60) Default Setting Command Mode Global Configuration Example HP420(config)#radius-server timeout 10 HP420(config)# radius-server mac-format This command sets the format for specifying MAC addresses on the RADIUS server.

  • Page 197: Radius-server Vlan-format

    Command Line Reference RADIUS Client radius-server vlan-format This command sets the format for specifying VLAN IDs on the RADIUS server. Syntax radius-server vlan-format <hex | ascii> • hex - Enter VLAN IDs as a hexadecimal number. ascii - Enter VLAN IDs as an ASCII string. •...

  • Page 198

    Command Line Reference RADIUS Client Example HP420#show radius =========================================================== Radius MAC Address Format: NO_DELIMITER Radius VLAN ID Format: HEX Radius Server Information ======================================== : 192.168.1.25 Port : 181 : ***** Retransmit : 5 Timeout : 10 ======================================== Radius Secondary Server Information ======================================== : 0.0.0.0 Port...

  • Page 199: Authentication

    Command Line Reference Authentication Authentication The access point supports IEEE 802.1X (802.1X) access control for wireless clients. This control feature prevents unauthorized access to the network by requiring an 802.1X client application to submit user credentials for authenti­ cation. Client authentication is then verified by a RADIUS server using EAP (Extensible Authentication Protocol) before the access point grants client access to the network.

  • Page 200: 802.1x Broadcast-key-refresh-rate

    Command Line Reference Authentication 802.1x broadcast-key-refresh-rate This command sets the interval at which the broadcast keys are refreshed for stations using 802.1X dynamic keying. Syntax 802.1x broadcast-key-refresh-rate <rate> rate - The interval at which the access point rotates broadcast keys. (Range: 0 - 1440 minutes) Default Setting 0 (Disabled)

  • Page 201: 802.1x Session-timeout

    Command Line Reference Authentication Default Setting 0 (Disabled) Command Mode Global Configuration Command Usage Session keys are unique to each client, and are used to authenticate a client connection, and correlate traffic passing between a specific client and the access point. Example HP420(config)#802.1x session-key-refresh-rate 5 HP420(config)#...

  • Page 202: Mac-access Permission

    Command Line Reference Authentication mac-access permission This command sets filtering to allow or deny listed MAC addresses. Syntax mac-access permission <allowed | denied> • allowed - Only MAC addresses entered as “active” in the address filtering table are permitted access. denied - MAC addresses entered as “active”...

  • Page 203: Mac-authentication Server

    Command Line Reference Authentication Command Mode Global Configuration Command Usage • Software version 2.0.37 or earlier supports up to only 256 MAC addresses in the local filter table. Software version 2.0.38 or later supports up to 1024 MAC addresses. • An active MAC address entry in the filter table may be allowed or denied access depending on the global setting configured for the table using the mac-access permission command.

  • Page 204: Mac-authentication Session-timeout

    Command Line Reference Authentication Example HP420(config)#mac-authentication server remote HP420(config)# Related Commands mac-access entry (page 6-52) radius-server address (page 6-43) show authentication (page 6-54) mac-authentication session-timeout This command sets the interval at which associated clients will be reauthen­ ticated with the RADIUS server authentication database. Use the no form to disable reauthentication.

  • Page 205

    Command Line Reference Authentication Example HP420#show authentication Authentication Information ========================================================= MAC Authentication Server : LOCAL MAC Auth Session Timeout Value : 0 secs 802.1x : DISABLED Broadcast Key Refresh Rate : 0 min Session Key Refresh Rate : 0 min 802.1x Session Timeout Value : 0 secs MAC table permission...

  • Page 206: Filtering Commands

    Command Line Reference Filtering Commands Filtering Commands The commands described in this section are used to filter communications between wireless clients, control access to the management interface from wireless clients, and filter traffic using specific Ethernet protocol types. Command Function Mode Page filter local-bridge Disables communication between wireless clients...

  • Page 207: Filter Ap-manage

    Command Line Reference Filtering Commands Example HP420(config)#filter local-bridge HP420(config)# filter ap-manage This command prevents wireless clients from accessing the management interface on the access point. Use the no form to disable this filtering. Syntax filter ap-manage no filter ap-manage Default Disabled Command Mode Global Configuration...

  • Page 208: Filter Ethernet-type Protocol

    Command Line Reference Filtering Commands Command Usage This command is used in conjunction with the filter ethernet-type protocol command to determine which Ethernet protocol types are to be filtered. Example HP420(config)#filter ethernet-type enable HP420(config)# Related Commands filter ethernet-type protocol (page 6-58) filter ethernet-type protocol This command sets a filter for a specific Ethernet type.

  • Page 209: Show Filters

    Command Line Reference Filtering Commands Default None Command Mode Global Configuration Command Usage Use the filter e thernet-type e nable command to enable filtering for Ethernet types specified in the filtering table, or the no filter ethernet-type enable command to disable all filtering based on the filtering table. Example HP420(config)#filter ethernet-type protocol ARP HP420(config)#...

  • Page 210: Interface Commands

    Command Line Reference Interface Commands Interface Commands The commands described in this section configure connection parameters for the Ethernet interface and wireless interface. Command Function Mode Page General Interface interface Enters specified interface configuration mode GC 6-62 Ethernet Interface dns primary-server Specifies the primary name server IC-E 6-62...

  • Page 211

    Command Line Reference Interface Commands Command Function Mode Page dtim-period Configures the rate at which stations in sleep IC-W 6-73 mode must wake up to receive broadcast/ multicast transmissions fragmentation-length Configures the minimum packet size that can IC-W 6-74 be fragmented rts-threshold Sets the packet size threshold at which an RTS IC-W 6-75...

  • Page 212: Interface

    Command Line Reference Interface Commands interface This command configures an interface type and enters interface configuration mode. Syntax interface <ethernet | wireless g> ethernet - Interface for wired network. • wireless g - Interface for wireless clients. • Default Setting None Command Mode Global Configuration...

  • Page 213: Ip Address

    Command Line Reference Interface Commands Command Usage The primary and secondary name servers are queried in sequence. Example This example specifies two domain-name servers. HP420(if-ethernet)#dns primary-server 192.168.1.55 HP420(if-ethernet)#dns secondary-server 10.1.0.55 HP420(if-ethernet)# Related Commands show interface ethernet (page 6-66) ip address This command sets the IP address for the (10/100Base-TX) Ethernet interface.

  • Page 214: Ip Dhcp

    Command Line Reference Interface Commands ip dhcp command. Valid IP addresses consist of four numbers, 0 to 255, separated by periods. Anything other than this format will not be accepted by the configuration program. Example HP420(config)#interface ethernet Enter Ethernet configuration commands, one per line. HP420(if-ethernet)#ip address 192.168.1.2 255.255.255.0 192.168.1.253 HP420(if-ethernet)#...

  • Page 215: Shutdown

    Command Line Reference Interface Commands Example HP420(config)#interface ethernet Enter Ethernet configuration commands, one per line. HP420(if-ethernet)#ip dhcp HP420(if-ethernet)# Related Commands ip address (page 6-63) shutdown This command disables the Ethernet interface. To restart a disabled interface, use the no form. Syntax shutdown no shutdown...

  • Page 216: Speed-duplex

    Command Line Reference Interface Commands speed-duplex This command configures the speed and duplex mode of the Ethernet inter- face when auto-negotiation is disabled. Use the no form to restore the default. Syntax speed-duplex <auto | 10MH | 10MF | 100MH | 100MF> auto - autonegotiate the speed and duplex mode •...

  • Page 217: Radio-mode

    Command Line Reference Interface Commands Command Mode Exec Example HP420#show interface ethernet Ethernet Interface Information ======================================== IP Address : 192.168.1.1 Subnet Mask : 255.255.255.0 Default Gateway : 192.168.1.253 Primary DNS : 192.168.1.55 Secondary DNS : 10.1.0.55 Speed-duplex : 100Base-TX Half Duplex Admin status : Up Operational status...

  • Page 218: Antenna-mode

    Command Line Reference Interface Commands antenna-mode This command sets the antenna mode for the access point. Syntax antenna-mode <diversity | single> • diversity - A diversity antenna system includes two identical antenna elements that are both used to transmit and receive radio signals. The access point’s antennas are diversity antennas.

  • Page 219: Closed-system

    Command Line Reference Interface Commands Command Mode Interface Configuration (Wireless) Example HP420(config)#interface wireless g HP420(if-wireless g)#description RD-AP#3 HP420(if-wireless g)# closed-system This command closes access to clients without a pre-configured SSID. Use the no form to disable this feature. Syntax closed-system no closed-system Default Setting Disabled...

  • Page 220: Speed

    Command Line Reference Interface Commands speed This command configures the maximum data rate at which a station can connect to the access point. Syntax speed <speed> speed - Maximum access speed allowed for wireless clients. (Options: 1, 2, 5.5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbps) Default Setting 54 Mbps Command Mode...

  • Page 221: Channel

    Command Line Reference Interface Commands Default Setting 1 Mbps for b-only and b+g modes 6 Mbps for g-only mode Command Mode Interface Configuration (Wireless) Example HP420(if-wireless g)#multicast-data-rate 2 HP420(if-wireless g)# channel This command configures the radio channel through which the access point communicates with wireless clients.

  • Page 222: Ssid

    Command Line Reference Interface Commands • For most wireless adapters, the channel for wireless clients is auto­ matically set to the same as that used by the access point to which it is linked. Example HP420(if-wireless g)#channel 1 HP420(if-wireless g)# ssid This command configures the Service Set IDentifier (SSID).

  • Page 223: Beacon-interval

    Command Line Reference Interface Commands beacon-interval This command configures the rate at which beacon frames are transmitted from the access point. Syntax beacon-interval <interval> interval - The rate for transmitting beacon frames. (Range: 20-1000 milliseconds) Default Setting Command Mode Interface Configuration (Wireless) Command Usage The beacon frames allow wireless clients to maintain contact with the access point.

  • Page 224: Fragmentation-length

    Command Line Reference Interface Commands Command Usage • The Delivery Traffic Indication Map (DTIM) packet interval value indicates how often the MAC layer forwards broadcast/multicast traffic. This parameter is necessary to wake up stations that are using Power Save mode. •...

  • Page 225: Rts-threshold

    Command Line Reference Interface Commands cant interference present, or collisions due to high network utiliza­ tion, try setting the fragment size to send smaller fragments. This will speed up the retransmission of smaller frames. However, it is more efficient to set the fragment size larger if very little or no interference is present because it requires overhead to send multiple frames.

  • Page 226: Slot-time

    Command Line Reference Interface Commands Example HP420(if-wireless g)#rts-threshold 256 HP420(if-wireless g)# slot-time This command sets the basic unit of time the access point uses for calculating waiting times before data is transmitted. Syntax slot-time [short | long | auto] short - Sets the slot time to short (9 microseconds). •...

  • Page 227: Preamble

    Command Line Reference Interface Commands preamble This command sets the length of the signal preamble that is used at the start of a data transmission. Syntax preamble [long | short-or-long] long - Sets the preamble to long. • short-or-long - Sets the preamble according to the capability of •...

  • Page 228: Transmit-power

    Command Line Reference Interface Commands middle - The percentage of full power allowed for middle radio chan­ nels. (Options: 100, 90, 80, 70, 63, 56, 50, 45, 40, 35, 32, 28, 25, 22, 20, 18, 16, 14, 13, 11, 10) high - The percentage of full power allowed for high radio channels.

  • Page 229: Max-association

    Command Line Reference Interface Commands Command Usage The min keyword indicates minimum power. • • The longer the transmission distance, the higher the transmission power required. Example HP420(if-wireless g)#transmit-power 50% HP420(if-wireless g)# max-association This command configures the maximum number of clients that can be asso­ ciated with the access point at the same time.

  • Page 230: Key-length-wep

    Command Line Reference Interface Commands key-length-wep This command defines the bit length of WEP keys. Syntax key-length-wep <64 | 128 | 152> • 64 - Set the WEP key length as 64 bits. 128 - Set the WEP key length as 128 bits. •...

  • Page 231: Transmit-key-wep

    Command Line Reference Interface Commands value - The key string. • – For 64-bit keys, use 5 alphanumeric characters or 10 hexadec­ imal digits. – For 128-bit keys, use 13 alphanumeric characters or 26 hexa­ decimal digits. – For 152-bit keys, use 16 alphanumeric characters or 32 hexa­ decimal digits.

  • Page 232: Security-suite

    Command Line Reference Interface Commands Default Setting Command Mode Interface Configuration (Wireless) Command Usage • If you use WEP key encryption, the access point uses the transmit key to encrypt multicast and broadcast data signals that it sends to client devices. Other keys can be used for decryption of data from clients.

  • Page 233

    Command Line Reference Interface Commands 6 - WPA with 802.1X using AES encryption for the multicast – cipher. 7 - WPA with 802.1X using TKIP encryption for the multicast – cipher. open-system - Accepts clients without verifying identities using a •...

  • Page 234

    When wpa-required or wpa-supported is selected, clients are authenti­ • cated using 802.1X via a RADIUS server. Each client has to be WPA- enabled or support 802.1X client software. A RADIUS server must also be configured and be available in the wired network. When the WPA mode is set to psk, the key must first be generated and •...

  • Page 235: Wpa-preshared-key

    Command Line Reference Interface Commands wpa-preshared-key This command defines a Wi-Fi Protected Access (WPA) pre-shared key. Syntax wpa-preshared-key <type> <value> • type - Input format. (Options: ASCII, HEX) value - The key string. • For ASCII input, type a string between 8 and 63 alphanumeric –...

  • Page 236: Show Interface Wireless G

    Command Line Reference Interface Commands Default Setting v2.0.37 software or earlier: Interface enabled v2.0.38 software or later: Interface disabled Command Mode Interface Configuration (Wireless) Example HP420(if-wireless g)#shutdown HP420(if-wireless g)# show interface wireless g This command displays the status for the wireless interface. Command Mode Exec Example...

  • Page 237: Show Station

    Command Line Reference Interface Commands ----------------Security----------------------------------- Closed System : DISABLED 802.11 Authentication : OPEN WPA clients : SUPPORTED 802.1x : DISABLED Encryption : DISABLED **[WEP key]*********************************************** Key Length : -------- Default Transmit Key : 1 Cipher : WEP WEP Key Data Type : Hexadecimal Static Keys : Key 1: EMPTY...

  • Page 238: Iapp Command

    Command Line Reference IAPP Command IAPP Command The command described in this section enables the protocol signaling required to ensure the successful handover of wireless clients roaming between different IEEE 802.11f-compliant access points. The IEEE 802.11f protocol can ensure successful roaming between access points in a multi- vendor environment.

  • Page 239: Vlan Commands

    Command Line Reference VLAN Commands VLAN Commands The access point can enable the support of VLAN-tagged traffic passing between wireless clients and the wired network. Up to 64 VLAN IDs can be mapped to specific wireless clients, allowing users to remain within the same VLAN as they move around a campus site.

  • Page 240: Native-vlanid

    Command Line Reference VLAN Commands Command Usage When VLANs support is enabled or disabled on the access point, the system requires a reboot. Example HP420(config)#vlan enable Reboot system now? <y/n>: y native-vlanid This command configures the native VLAN ID for the access point. Syntax native-vlanid <vlan-id>...

  • Page 241

    File Transfers Contents Overview ........... . . A-2 Downloading Access Point Software .

  • Page 242: A File Transfers

    File Transfers Overview Overview You can download new access point software and upload or download con- figuration files. These features are useful for acquiring periodic access point software upgrades and for storing or retrieving a switch configuration. This appendix includes the following information: ■...

  • Page 243: Downloading Access Point Software

    File Transfers Downloading Access Point Software Downloading Access Point Software HP periodically provides access point software updates through the HP ProCurve website (http://www.hp.com/go/hpprocurve). For more information, see the support and warranty booklet shipped with the access point. After you acquire a new access point software file, you can use one of the following methods for downloading the software code to the access point.

  • Page 244: Web: Tftp/ftp Software Download To The Access Point

    File Transfers Downloading Access Point Software The TFTP or FTP server is accessible to the access point through IP. ■ Before you use the procedure, do the following: ■ Obtain the IP address of the TFTP or FTP server on which the access point software file has been stored.

  • Page 245

    File Transfers Downloading Access Point Software Restore Factory Settings: Click the Restore button to reset the access ■ point’s configuration settings to the factory defaults and reboot the system. ■ Reset Access Point: Click the Reset button to reboot the system. To Download New Software Using FTP or TFTP: Select the Administration tab.

  • Page 246: Cli: Tftp/ftp Software Download To The Access Point

    File Transfers Downloading Access Point Software Figure A-1. Remote Software Upgrade CLI: TFTP/FTP Software Download to the Access Point CLI Commands Used in This Section Command Syntax CLI Reference Page copy <ftp | tftp> file page 6-40 page 6-42 reset <board | configuration> page 6-6 A-6...

  • Page 247

    File Transfers Downloading Access Point Software The following example shows how to download new software to the access point using a TFTP server. HP420#copy tftp file 1. Application image 2. Config file 3. Boot block image Select the type of download<1,2,3>: [1]:1 TFTP Source file name:hp420-2038.bin TFTP Server IP:10.1.0.9...

  • Page 248: Using The Web Interface To Download Software From The Local

    File Transfers Downloading Access Point Software C a u t i o n New software that is incompatible with the current configuration automati­ cally restores the access point to default values when first activated after a reboot. If you typed “n” to continue using the current configuration settings, you must type reset board to reboot the access point and activate the downloaded software.

  • Page 249

    File Transfers Downloading Access Point Software To Download New Code: Select the Administration tab. Click the [ button. Software Upgrade] 3. Under Software Upgrade Local, in the text field New Software File, specify the path and file name of the software on the local computer. You can use button to find the file.

  • Page 250: Transferring Configuration Files

    File Transfers Transferring Configuration Files Transferring Configuration Files CLI Commands Used in This Section Command Syntax CLI Reference Page copy config <ftp | tftp> page 6-40 copy <ftp | tftp> file page 6-40 page 6-42 reset <board | configuration> page 6-6 Using the CLI commands described in this section, you can copy access point configuration files to and from an FTP or TFTP server.

  • Page 251

    File Transfers Transferring Configuration Files The following example shows how to download a configuration file to the access point using a TFTP server. After downloading the configuration file, you must reboot the access point. HP420#copy tftp file 1. Application image 2.

  • Page 252

    — This page is intentionally unused. —...

  • Page 253

    Index Numerics 802.1x authentication … 5-68, 6-49 hardware version, displaying … 6-24 HP web browser interface … 2-4 address filtering … 5-69 Advanced Encryption Standard … 5-70 IAPP … 6-88 AES … 5-70 IEEE 802.11f … 6-88 antenna mode, setting … 5-62, 6-68 IEEE 802.1x …...

  • Page 254

    trap manager … 6-28 SNTP … 5-35 password … 4-7, 4-8 software administrator setting … 6-12 displaying version … 6-24 creating … 4-7 downloading … 6-40 delete … 4-9 SSID … 5-5 if you lose the password … 4-9 startup files lost …...

  • Page 255

    first-time tasks … 4-7 main screen … 4-5, 4-17, 4-19, 4-21 overview … 4-5, 4-17, 4-19, 4-21 Overview window … 4-5, 4-17, 4-19, 4-21 password lost … 4-9 password, setting … 4-7 screen elements … 4-5, 4-17 security … 4-7 standalone …...

  • Page 257

    Technical information in this document€ is subject to change without notice.€ ©Copyright 2002, 2004€ Hewlett-Packard Development Company, L.P.€ Reproduction, adaptation, or translation€ without prior written permission is prohibited€ except as allowed under the copyright laws.€ Printed in Taiwan€ October 2004€...

Comments to this Manuals

Symbols: 0
Latest comments: