Symbol WS5100 Series Cli Reference Manual
Hide thumbs
Also See for WS5100 Series:
- Installation manual (34 pages) ,
- Installation manual (40 pages) ,
- Reviewer's manual (60 pages)
Table of Contents
Advertisement
Quick Links
Download this manual
See also:
Installation Manual
Advertisement
Table of Contents
Subscribe to Our Youtube Channel
Related Manuals for Symbol WS5100 Series
Summary of Contents for Symbol WS5100 Series
- Page 1 WS5100 Series Switch CLI REFERENCE GUIDE...
-
Page 2: Table Of Contents
Contents About This Guide Chapter 1. Introduction CLI Overview ............1-1 Getting Context Sensitive Help . - Page 3 WS5100 Series Switch CLI Reference Guide Transposing Mistyped Characters ....... . . 1-12 Controlling Capitalization .
- Page 4 version ............2-62 wireless .
- Page 5 WS5100 Series Switch CLI Reference Guide configure........... . . 4-13 copy.
- Page 6 end ............5-17 fallback.
- Page 7 WS5100 Series Switch CLI Reference Guide Chapter 7. crypto-group Crypto Client Config commands ........7-1 clrscr .
- Page 8 set ............10-11 show.
- Page 9 WS5100 Series Switch CLI Reference Guide switchport........... 12-22 terminal.
- Page 10 exit ............15-7 help .
- Page 11 WS5100 Series Switch CLI Reference Guide rad-user........... . . 16-27 server .
-
Page 12: About This Guide
About This Guide This preface introduces the WS5100 Series CLI Reference Guide and contains the following sections: • Who Should Use this Guide • How to Use this Guide • Conventions Used in this Guide • Service Information Who Should Use this Guide... -
Page 13: How To Use This Guide
WS5100 Series Switch CLI Reference Guide How to Use this Guide This guide will help you implement, configure, and administer the WS5100 Series Switch and associated network elements. This guide is organized into the following sections: Table 1 Quick Reference on How This Guide Is Organized Chapter Jump to this section if you want to... -
Page 14: Conventions Used In This Guide
Series Switch command line ACL Instance” instance Chapter 16, “Radius Server Summarizes the commands within the (config-radsrv) Instance” Wireless WS5100 Series Switch command line interface Chapter 17, “Wireless instance Summarizes the commands within the (config-wireless) Instance” Wireless WS5100 Series Switch command line interface. -
Page 15: Notational Conventions
WS5100 Series Switch CLI Reference Guide Notational Conventions The following notational conventions are used in this document: • Italics are used to highlight specific items in the general text, and to identify chapters and sections in this and related documents. -
Page 16: Service Information
Service Information Symbol Technologies provides its customers with prompt and accurate customer support. Use the Symbol Support Center as the primary contact for any technical problem, question or support issue involving Symbol products. If the Symbol Customer Support specialists cannot solve a problem, access to all technical disciplines within Symbol becomes available for further assistance and support. - Page 17 WS5100 Series Switch CLI Reference Guide International Contacts Outside North America: Symbol Technologies Symbol Place Winnersh Triangle, Berkshire, RG41 5TP United Kingdom 0800-328-2424 (Inside UK) +44 118 945 7529 (Outside UK) Web Support Sites MySymbolCare http://www.symbol.com/services/msc/msc.html Symbol Services Homepage http://symbol.com/services Symbol WS5100 Manuals http://www.symbol.com/legacy_manuals/wire/ws5100.html...
-
Page 18: Chapter 1. Introduction
This user interface allows you to execute commands, whether using a serial console or using remote access methods. This chapter describes the basic features of the Symbol CLI’s and how to use them. Topics covered include an introduction to Symbol command modes, navigation and editing features, help features,... - Page 19 WS5100 Series Switch CLI Reference Guide To aid in the configuration of Symbol devices, the Symbol CLI is divided into different command modes. Each command mode has its own set of commands available for the configuration, maintenance, and monitoring. The commands available to you at any given time depend on the mode you are in.
- Page 20 Introduction Table 1.1 below summarizes all the commands available to configure and monitor WS5100 Series Switch. Table 1.1 CLI Context Hierarchy for WS5100 Series Switch User Exec Mode Priv Exec Mode Global Configuration Mode autoinstall acknowledge clear archive access-list clrscr...
-
Page 21: Getting Context Sensitive Help
WS5100 Series Switch CLI Reference Guide Table 1.1 CLI Context Hierarchy for WS5100 Series Switch User Exec Mode Priv Exec Mode Global Configuration Mode mkdir prompt more radius-server redundancy page service ping show snmp-server quit terminal reload timezone rename username... - Page 22 Introduction To get help specific to a command mode, a command name, a keyword, or an argument, use any of the following commands: Command Description (prompt)# help Displays a brief description of the help system. (prompt)# abbreviated-command-entry? Lists commands in the current mode that begin with a particular character string.
-
Page 23: Using The No And Default Forms Of Commands
WS5100 Series Switch CLI Reference Guide save-cli Save CLI tree for all modes in html format show Show running system information start-shell Provide shell access tethereal Dump and analyze network traffic wireless Wireless parameters WS5100#service You can abbreviate commands and keywords to the number of characters that allow a unique abbreviation. -
Page 24: Using History Command
Introduction 1.4 Using History Command The Symbol CCB CLI provides a history or record of commands that you have entered. This feature is particularly useful for recalling long or complex commands or entries. To use the command history feature, perform any of the tasks described in the following sections: •... -
Page 25: Disabling The History Command Feature
If yes, type the first few alphabets of the submode and press the tab key to add the submode. Continue using the ? until you reach the final sub-submode that you would like to use for configuration of the WS5100 Series Switch. • Pre-defined CLI commands and keywords are case-insensitive: . -
Page 26: Using Cli Editing Features And Shortcuts
Introduction 1.5 Using CLI Editing Features and Shortcuts A variety of shortcuts and editing features are enabled for the Symbol CCB CLI. The following subsections describe these features: • Moving the Cursor on the Command Line • Completing a Partial Command Name •... -
Page 27: Completing A Partial Command Name
1-10 WS5100 Series Switch CLI Reference Guide Keystrokes Function Function Details Summary Ctrl-E End of line Moves the cursor to the end of the command line. Ctrl-d Delete current characte Ctrl-U Delete text up to cursor Ctrl-K Delete from cursor to end of line... -
Page 28: Deleting Entries
1-11 Introduction characters that could indicate more than one command, the system lists all commands that begin with that set of characters. Alternatively, enter a question mark (?) to obtain a list of commands that begin with that set of characters. -
Page 29: Command Output
WS5100 Series Switch CLI Reference Guide 1.5.5 Command Output pagination When working with the Symbol CCB CLI, output often extends beyond the visible screen length. For cases where output continues beyond the bottom of the screen, such as with the output of many ? or... -
Page 30: Common Commands
on Commands Comm This chapter explains the common CLI commands used amongst the USER EXEC and PRIV EXEC modes. PRIV EXEC command set contains all of the commands available in USER EXEC mode, some commands can be entered in either mode. Commands that can be entered in either USER EXEC mode or PRIV EXEC mode are referred to as EXEC mode commands. - Page 31 WS5100 Series Switch CLI Reference Guide 2.1 Common Commands Table 2.1 summarizes the commands common amongst many contexts and instance contexts within the WS5100 Series Switch command line interface. Table 2.1 Common commands amongst most contexts Command Description Ref. clrscr Clears the display screen.
-
Page 32: Clrscr
Common Commands 2.1.1 clrscr Common Commands Use this command to clear the screen displaying the cli and start afresh at the prompt (#). Syntax clrscr Parameters None. Usage Guidelines Example WS5100#clrscr... -
Page 33: Exit
WS5100 Series Switch CLI Reference Guide 2.1.2 exit Common Commands Use this command to end current mode and move to the previous mode. Syntax exit Parameters None. Usage Guidelines Example WS5100(config)#exit... -
Page 34: Help
Common Commands 2.1.3 help Common Commands Use this command to get access to the advanced help feature. You can also use “?” anytime at the command prompt to get access to the help topic. When using this command, if nothing matches then the help list will be empty and you must backup until entering a '?' shows the available options. - Page 35 WS5100 Series Switch CLI Reference Guide Network time protocol privilege Show current privilege level radius Radius configuration commands redundancy-group Display redundancy group parameters redundancy-history Display state transition history of the switch. redundancy-members Display redundancy group members in detail snmp Display SNMP engine parameters...
- Page 36 Common Commands 2.1.4 no Common Commands Use this command to either negate a command or set its defaults. Syntax Parameters None. Usage Guidelines Example WS5100>no ? autoinstall autoinstall configuration command cluster-cli Cluster context debug Debugging functions page Toggle paging service Service Commands...
-
Page 37: Service
WS5100 Series Switch CLI Reference Guide 2.1.5 service Common Commands Use this command to servie/debug the WS5100 Series Switch. Syntax service (diag (enable | led ( 1 (amber ( flashing|off|on) | blue | red ) | 2 (amber ( flashing|off|on) | blue | red ) ) | limit (buffer|fan|filesys(etc2|flash|ram)|load(1|15|5)|maxFDs|pkbuffers|procRAM| ram|routecache|tempreature) |period <100-30000>)|save-cli|show (cli|... - Page 38 Common Commands buffer Use to configure the buffer usage warning limit. The warning limit can be set to one of the following buffer limit size: • 12 – 128 byte buffer limit • 128k – 128k byte buffer limit • 16k –- 16k byte buffer limit •...
- Page 39 Use to configure the IP route cache usage. Can be set with an value between 0 - 65553 temperature Use to set the temperature sensor for the WS5100 Series Switch. You can set as many as 8 temperature sensors. period Use to set diagnostic period <100-30000>...
- Page 40 2-11 Common Commands upgrade-history Show upgrade history Usage Guidelines Example WS5100#service diag ? enable Enable in service diagnostics LED control limit diagnostic limit command period Set diagnostics period WS5100#service diag enable WS5100#service diag led ? 1 - upper LED 2 - lower LED WS5100#service diag led 1 ? amber amber...
- Page 41 2-12 WS5100 Series Switch CLI Reference Guide 128k 128k byte buffer limit 16k byte buffer limit 1k byte buffer limit 256 byte buffer limit 2k byte buffer limit 32 byte buffer limit 32k byte buffer limit 4k byte buffer limit...
- Page 42 2-13 Common Commands during the previous five minutes WS5100#service diag limit load 5 ? WORD percentage load from 0.0 to 100.0 WS5100#service diag limit load 5 50 WS5100#service diag limit maxFDs ? <0-32767> 0-32767 WS5100#service diag limit maxFDs 30000 WS5100#service diag limit pkbuffers ? <0-65535>...
- Page 43 2-14 WS5100 Series Switch CLI Reference Guide User Exec mode: +-autoinstall +-cluster-config +-enable [autoinstall (config|cluster-config|image) enable] +-url +-LINE [autoinstall (config|cluster-config|image) url LINE] +-config +-enable [autoinstall (config|cluster-config|image) enable] +-url +-LINE [autoinstall (config|cluster-config|image) url LINE] +-image +-enable [autoinstall (config|cluster-config|image) enable] +-url +-LINE [autoinstall (config|cluster-config|image) url LINE]...
- Page 44 2-15 Common Commands Coredump files: Name Size Date & Time ============================================= imish_8990_200B.core.gz 299.5k Aug 31 23:50 WS5100> WS5100>service show info 4.0M out of 4.0M available for logs. 9.7M out of 11.4M available for history. 16.1M out of 18.6M available for crashinfo. List of Files: imish_8990_200B.core.gz 299.5k...
- Page 45 2-16 WS5100 Series Switch CLI Reference Guide VmallocTotal: 778200 kB VmallocUsed: 19568 kB VmallocChunk: 757824 kB WS5100> WS5100>service show process STATUS PPID %CPU %MEM COMMAND 4.1 ccsrvr 8488 3.3 ccstatsd 5612 2.1 securitymgr 4480 1.7 snmpd 3932 1.5 imi 3424 1.3 isDiag...
- Page 46 Aug 11 19:31:32 2006 shutdown (graceful:user) WS5100> service show startup-log Aug 30 15:32:43 2006: %KERN-5-NOTICE: Linux version 2.6.13.4-ws-symbol (wios-eng@wios-build) (gcc version 3.4.5) #1. Aug 30 15:32:43 2006: %KERN-6-INFO: BIOS-provided physical RAM map:. Aug 30 15:32:43 2006: %KERN-6-INFO: BIOS-e820: 0000000000000000 - 000000000009fc00 (usable).
- Page 47 2-18 WS5100 Series Switch CLI Reference Guide Configured size of upgrade history is 50 Date & Time Old Version New Version Status ===================================================================== Aug 29 18:30:43 2006 3.0.0.0-180B 3.0.0.0-200B Successful Aug 17 15:07:03 2006 3.0.0.0-17872X 3.0.0.0-180B Successful Aug 11 19:29:41 2006 3.0.0.0-170B 3.0.0.0-17872X Successful Aug 11 19:28:52 2006 3.0.0.0-170B 3.0.0.0-170B Unable to get update file.
-
Page 48: Terminal
2-19 Common Commands 2.1.6 terminal Common Commands Use this command to set the length /number of lines to be displayed on the terminal window. Syntax terminal(length <0-512>|no(length <0-512>|width)|width <0-512> ) Parameters length Set number of lines on a screen. Negate a command or set its defaults. width Sets width/ number of characters on a screen line. -
Page 49: Show
2-20 WS5100 Series Switch CLI Reference Guide 2.2 show Common Commands This command is used to display the settings for the specified system component. There are a number of ways to invoke the show command: • Invoked without any arguments, show displays information about the current context. If the current context contains instances, then show command (usually) displays a list of these instances. - Page 50 2-21 Common Commands Display Parameters Description Mode Example Displays network time protocol. Common page 2-47 privilege Displays current privilege level. Common page 2-49 radius Displays radius configuration commands. Common page 2-50 redundancy-group Displays redundancy group parameters. Common page 2-51 redundancy-history Displays state transition history of the switch.
-
Page 51: Autoinstall
2-22 WS5100 Series Switch CLI Reference Guide Display Parameters Description Mode Example Displays FTP Server configuration. Privilege/ page 2-76 Global Config password-encryption Displays password encryption. Privilege/ page 2-77 Global Config running-config Displays current operating configuration. Privilege/ page 2-78 Global Config securitymgr Displays debug info for ACL, VPN and NAT. -
Page 52: Banner
2-23 Common Commands 2.2.2 banner Common to all modes Syntax show banner Parameters motd Use this to enter Message of the Day banner Example WS5100>show banner motd Welcome to CLI WS5100>... -
Page 53: Commands
2-24 WS5100 Series Switch CLI Reference Guide 2.2.3 commands Common to all modes Syntax WS5100>show commands Parameters None. Example WS5100>show commands autoinstall (config|cluster-config|image) enable autoinstall (config|cluster-config|image) url LINE autoinstall (config|cluster-config|image) enable autoinstall (config|cluster-config|image) url LINE autoinstall (config|cluster-config|image) enable autoinstall (config|cluster-config|image) url LINE autoinstall start clear crypto ike sa ( A.B.C.D |) -
Page 54: Crypto
2-25 Common Commands 2.2.4 crypto Common to all modes Syntax show crypto(ipsec|isakmp|key|map|pki) show crypto ipsec(sa|security-association(lifetime)|transformset) show crypto isakmp(policy(<1-10000>)|sa) show crypto key(mypubkey) show crypto map(interface|tag) show crypto pki(request|trustpoints) Parameters ipsec ipsec security association security-association security association lifetime lifetime transformset transformset isakmp isakmp policy policy... - Page 55 2-26 WS5100 Series Switch CLI Reference Guide Usage Guidelines Security engine periodically updates the IPSec and Isakamp statistics for every 60 seconds. Example WS5100(config)#show crypto pki request tptest -----BEGIN CERTIFICATE REQUEST----- MIIB2zCCAUQCAQAwaDELMAkGA1UEBhMCaW4xEjAQBgNVBAgTCWthcm5hdGFrYTES MBAGA1UEBxMJYmFuZ2Fsb3JlMQ8wDQYDVQQKEwZzeW1ib2wxDDAKBgNVBAsTA3dp ZDESMBAGA1UEAxMJdGVzdC1jZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB gQC3qisZdTn7rKzv5TrGtKt7fwMwaYpgehyl52I4fDLZYY/WTTTJFyKwW6s+Pq2R mM9oiqX8mCZeSEIJIATpAVT2M5Ukb4Br9YQDcWHs84oXRJxKPeZ3WscBld2soPvK ui1LoizZH9iqawmkXED1TFMBbDWiOcfnqQKn8Tddeax/JQIDAQABoDMwMQYJKoZI hvcNAQkOMSQwIjALBgNVHQ8EBAMCBLAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJ KoZIhvcNAQEEBQADgYEAoJMylm3aaY1CnkOO5TbxB+qL4F4MKL6+o/m0yRPqy/2S gkk/OwxHvc3TbA9WjbKkFWIDyqU7X0d+c8f9KogwxDwWHll2IBiTCtBAq6hpgKOv...
- Page 56 2-27 Common Commands email: testuser@domain.com Valid From: Sep 11 05:48:52 2006 GMT Valid Until: Sep 11 05:48:52 2007 GMT...
-
Page 57: Environment
2-28 WS5100 Series Switch CLI Reference Guide 2.2.5 environment Common to all modes Syntax show environment Parameters None. Example WS5100>show environment CPU temperature : 33.0 C system temperature : 33.0 C CPU fan 4354 rpm case fan 8766 rpm WS5100>... -
Page 58: History
2-29 Common Commands 2.2.6 history Common to all modes Syntax show history Parameters None. Example WS5100>show history 1 show 2 clrscr 3 enable 4 clrscr 5 configure terminal 6 exit 7 clrscr 8 show history WS5100>... -
Page 59: Interfaces
2-30 WS5100 Series Switch CLI Reference Guide 2.2.7 interfaces Common to all modes Syntax show interfaces(IFNAME|eth <1-2>|switchport|tunnel|vlan) Parameters IFNAME switchport tunnel vlan Usage Guidelines Example WS5100(config)#show interfaces eth1 Interface eth1 Hardware Type Ethernet, Interface Mode Layer 2, address is 00-a0-f8-65-... - Page 60 2-31 Common Commands WS5100(config)#interface tunnel 1 WS5100(config-if)#Sep 14 18:38:17 2006: %DAEMON-5-NOTICE: WIOS_SECURITYMGR[414]: DNSALG: Shutting down. Sep 14 18:38:17 2006: %DAEMON-5-NOTICE: WIOS_SECURITYMGR[414]: FTPALG: Shutting down. Sep 14 18:38:17 2006: %DAEMON-5-NOTICE: WIOS_SECURITYMGR[414]: FTPALG: Application gateway started. Sep 14 18:38:17 2006: %DAEMON-5-NOTICE: WIOS_SECURITYMGR[414]: DNSALG: Application gateway started WS5100(config-if)#show interfaces tunnel 1 Interface tunnel1...
- Page 61 2-32 WS5100 Series Switch CLI Reference Guide 2.2.8 ip Common to all modes Syntax show ip (access-group (IFNAME | eth <1-2> | vlan <1-4094>) | arp | ddns(binding)| dhcp-vendor-options | domain-name | http(secure-server|server)| interface(IFNAME|brief|tunnel|vlan) | name-server | route(A.B.C.D|A.B.C.D/M|detail) | routing | ssh | telnet ) show ip access-group (IFNAME|eth <1-2>...
- Page 62 2-33 Common Commands dhcp-vendor-options DHCP Option 43 parameters received from DHCP server domain-name Default domain for DNS http Hyper Text Transfer Protocol secure-server Secure HTTP server server HTTP server interface IP interface status and configuration IFNAME Interface name brief Brief summary of IP status and configuration tunnel Tunnel Interface vlan...
- Page 63 2-34 WS5100 Series Switch CLI Reference Guide Usage Guidelines 1. It has been noted that the interface status and vlan status is displayed as UP inspite of a disconnection. In such a case you need to shutdown the vlan. Follow the steps gievn below: a.
- Page 64 1.1.1.1 netbios-node-type b-node WS5100#show ip dhcp-vendor-options Server Info: Firmware Image File: Config File: Cluster Config File: WS5100#show ip domain-name IP domain-lookup : Enable Domain Name : symbol.com WS5100#show ip http server HTTP server: Running Config status: Enabled...
- Page 65 2-36 WS5100 Series Switch CLI Reference Guide WS5100#show ip http secure-server HTTP secure server: Running Config status: Enabled Trustpoint: default-trustpoint WS5100#show ip interface brief Interface IP-Address Status Protocol vlan1 157.235.208.233(DHCP) tunnel1 unassigned WS5100#show ip interface tunnel 1 ? brief Brief summary of IP status and configuration...
- Page 66 2-37 Common Commands WS5100#show ip ssh SSH server: enabled Status: running Keypair name: default_ssh_rsa_key Port: 22 WS5100#show ip telnet Telnet server: enabled Status: running Port: 23...
-
Page 67: Ldap
2-38 WS5100 Series Switch CLI Reference Guide 2.2.9 ldap Common to all modes Syntax show ldap(configuration(primary|secondary)) Parameters ldap LDAP Server configuration ldap server configuration parameters primary primary ldap server secondary secondary ldap server Example WS5100(config-radsrv)#show ldap configuration LDAP Server Config Details... - Page 68 2-39 Common Commands Password : 0 symbol@123 Password Attribute : UserPassword Group Name : cn Group Membership Filter: (&(objectClass=group)(member=%{Ldap- UserDn})) Group Member Attr : radiusGroupName Net timeout : 1 second(s)
-
Page 69: Licenses
2-40 WS5100 Series Switch CLI Reference Guide 2.2.10 licenses Common to all modes Syntax show licenses Parameters None. Example WS5100(config)#show licenses feature usage license string license value usage 2FFD7fE9 CD016155 14A92C70... -
Page 70: Logging
2-41 Common Commands 2.2.11 logging Common to all modes Syntax show logging Parameters None. Example WS5100(config)#show logging Logging module: enabled Aggregation time: disabled Console logging: level debugging Buffered logging: level informational Syslog logging: level debugging Facility: local7 Logging to: 157.235.203.37 Logging to: 10.0.0.2 Log Buffer (6520 bytes): Sep 14 19:11:59 2006: %DAEMON-6-INFO: radiusd[4643]: Ready to process... -
Page 71: Mac
2-42 WS5100 Series Switch CLI Reference Guide 2.2.12 mac Common to all modes Syntax show mac(access-list) Parameters access-list List MAC access lists Example... -
Page 72: Management
2-43 Common Commands 2.2.13 management Common to all modes Syntax show management Parameters None. Example WS5100>show management Mgmt Interface: vlan1 WS5100>... -
Page 73: Mobility
2-44 WS5100 Series Switch CLI Reference Guide 2.2.14 mobility Common to all modes Syntax show mobility (forwarding | global | mu (AA-BB-CC-DD-EE-FF | detail)| mu-log | mu-statistics(AA-BB-CC-DD-EE-FF) | peer ( A.B.C.D | detail)| peer- log) Parameters mobility Display Mobility Parameters... - Page 74 2-45 Common Commands Example WS5100(config)#show mobility ? event-log Event Log forwarding Mobile-unit information in the forwarding plane global Global Mobility parameters mobile-unit Mobile-units in the Mobility Database peer Mobility peers statistics Mobile-unit Statistics WS5100(config)#show mobility event-log mobile-unit Time Event Evt-Src-IP MU-Mac MU-IP HS-IP...
- Page 75 2-46 WS5100 Series Switch CLI Reference Guide WS5100(config)#show mobility peer detail Mobility Peers: Total=1, Established=0 Peer: 1.1.1.1, State: PASSIVE-CONNECTING Join-Sent Join-Rcvd Leave-Sent : 0 Leave-Rcvd : Rehome-Sent: 0 Rehome-Rcvd: 0 L3roam-Sent: 0 L3roam-Rcvd: Num-flaps Connect-retries: 0 Peer-Uptime: 0 days, 00:00:00 WS5100(config)#show mobility statistics MU <00-0f-3d-e9-a6-54>...
-
Page 76: Ntp
2-47 Common Commands 2.2.15 ntp Common to all modes Syntax show ntp (association (detail)|status) Parameters Network time protocol association NTP associations detail Displays NTP association details. status Displays NTP status. Example WS5100>show ntp associations address ref clock when poll reach delay offset disp... - Page 77 2-48 WS5100 Series Switch CLI Reference Guide WS5100(config)#show ntp status Clock is unsynchronized, stratum 16, reference is INIT actual frequency is 0.0000 Hz, precision is 2**-20 reference time is 00000000.00000000 (Feb 07 06:28:16 UTC 2036) clock offset is 0.000 msec, root delay is 0.000 msec...
-
Page 78: Privilege
2-49 Common Commands 2.2.16 privilege Common to all modes Syntax show privilege Parameters None. Example WS5100>show privilege Current user privilege: superuser WS5100>... -
Page 79: Radius
2-50 WS5100 Series Switch CLI Reference Guide 2.2.17 radius Common to all modes Syntax show radius (configuration | eap (configuration)| group | nas ( A.B.C.D/M)| proxy | rad-user | trust-point) Parameters radius Radius configuration commands configuration radius server configuration parameters... -
Page 80: Redundancy-Group
2-51 Common Commands 2.2.18 redundancy-group Common to all modes Syntax show redundancy-group (config | runtime) Parameters config Display configured redundancy group information. runtime Display runtime redundancy group information Example WS5100>show redundancy-group config Redundancy Group Configuration Detail Redundancy Feature : Disabled Redundancy group ID Redundancy Mode : Primary... - Page 81 2-52 WS5100 Series Switch CLI Reference Guide Switch Adoption capacity : Not Applicable Established Peer(s) Count : Not Applicable Redundancy Group Connectivity status : Not Applicable WS5100> WS5100(config)#show redundancy-group Redundancy Group Configuration Detail Redundancy Feature : Enabled Redundancy group ID...
-
Page 82: Redundancy-History
2-53 Common Commands 2.2.19 redundancy-history Common to all modes Syntax show redundancy-history Parameters None. Example WS5100>show redundancy-history State Transition History Time Event Triggered State --------------------------------------------------------- Sep 06 18:20:56 2006 Redundancy Disabled Disabled WS5100>... -
Page 83: Redundancy-Members
2-54 WS5100 Series Switch CLI Reference Guide 2.2.20 redundancy-members Common to all modes Syntax show redundancy-members (A.B.C.D) Parameters A.B.C.D IP address of member switch Example WS5100(config)#show redundancy-members brief Member ID (Self) : 10.10.10.10 Member State : Not Applicable Member ID : 10.10.10.1... -
Page 84: Snmp
2-55 Common Commands 2.2.21 snmp Common to all modes Syntax show snmp (user(manager | operator)) Parameters user Displays the SNMP user. manager show manager information. operator show operator information. Example WS5100>show snmp user manager userName access engineId Authentication Encryption snmpmanager 80000184017f000001 snmpoperator 80000184017f000001... -
Page 85: Snmp-Server
2-56 WS5100 Series Switch CLI Reference Guide 2.2.22 snmp-server Common to all modes Syntax show snmp-server(traps(wireless-statistics( mobile-unit | radio | wireless-switch | wlan))) Parameters traps Display Trap enable flags wireless-statistics Display wireless-stats rate traps mobile-unit Display mobile-unit rate traps radio... - Page 86 2-57 Common Commands wireless station deniedAssociationOnSpectrum wireless station deniedAssociationOnErr wireless station deniedAssociationOnSSID wireless station deniedAssociationOnRates wireless station deniedAssociationOnInvalidWPAWPA2IE wireless station deniedAssociationAsPortCapacityReached N wireless station tkipCounterMeasures wireless station deniedAuthentication wireless station radiusAuthFailed wireless radio adopted wireless radio unadopted wireless radio detectedRadar wireless ap-detection externalAPDetected wireless self-healing...
- Page 87 2-58 WS5100 Series Switch CLI Reference Guide WS5100>show snmp-server traps wireless-statistics wlan pktsps-greater-than disabled tput-greater-than disabled avg-bit-speed-less-than disabled avg-signal-less-than disabled nu-percent-greater-than disabled gave-up-percent-greater-than disabled avg-retry-greater-than disabled undecrypt-percent-greater-than disabled num-stations-greater-than disabled WS5100>...
-
Page 88: Terminal
2-59 Common Commands 2.2.23 terminal Common to all modes Syntax show terminal Parameters None. Example WS5100>show terminal Terminal Type: vt102 Length: 44 Width: 125 WS5100>... -
Page 89: Timezone
2-60 WS5100 Series Switch CLI Reference Guide 2.2.24 timezone Common to all modes Syntax show timezone Parameters None. Example WS5100>show timezone Timezone is Etc/UTC WS5100>... -
Page 90: Users
2-61 Common Commands 2.2.25 users Common to all modes Syntax show users Parameters None. Example WS5100>show users Line User Uptime Location 0 con 0 6d07h11m ttyS0 130 vty 0 1961 02:51:45 WS5100>... -
Page 91: Version
2-62 WS5100 Series Switch CLI Reference Guide 2.2.26 version Common to all modes Syntax show version (verbose) Parameters verbose Display software & hardware details Example WS5100>show version WS5100 version 3.0.0.0-200B Copyright (c) 2006 Symbol Technologies, Inc. Booted from primary. Switch uptime is 6 days, 7 hours 23 minutes CPU is Intel(R) Pentium(R) 4 CPU 2.00GHz... -
Page 92: Wireless
2-63 Common Commands 2.2.27 wireless Common to all modes Syntax show wireless (ap (<1-48>|AA-BB-CC-DD-EE-FF)| ap-detection-config | ap-images | ap-unadopted | approved-aps | channel-power (11a (indoor | outdoor))| 11b (indoor | outdoor)| 11bg (indoor | outdoor))| config | hotspot-config <1-32>| ids (filter-list)|mac-auth-local<1-1000> | mobile-unit(<1-4096> | AA-BB-CC-DD-EE-FF | statistics) | phrase-to-key (wep128 | wep64)| qos-mapping (wired-to-wireless | wireless-to-wired)| radio ( <1-1000>... - Page 93 2-64 WS5100 Series Switch CLI Reference Guide Parameters Status of adopted access-port <1-48> The index of the access-port for detailed information AA-BB-CC-DD-EE-FF The MAC address of a access-port for detailed information ap-detection-config Detected-AP Configuration Parameters ap-images List of access-port images on the wireless switch...
- Page 94 2-65 Common Commands AA-BB-CC-DD-EE-FF MAC address of mobile-unit statistics mobile-unit rf statistics phrase-to-key display the WEP keys generated by a passphrase wep128 display WEP128 keys wep64 display WEP64 keys qos-mapping Quality of Service mappings used for mapping WMM access categories and 802.1p / DSCP tags.
- Page 95 2-66 WS5100 Series Switch CLI Reference Guide default-config Default configuration parameters for sensors discovered-sensors sensor access ports discovered by the switch unapproved-aps Unapproved APs seen by access-port or mobile-unit scans wireless-switch- wireless-switch statistics statistics detail Detailed wireless-switch statistics wlan Wireless LAN related parameters...
- Page 96 2-67 Common Commands ap300 AP300-IDS-Sensor 295064 00.00-04 ap100 AP100 31034 02.05-00 ap4131 AP4131 191440 07.00-01 ap4131 Revert-AP4131 665704 00.00-00 WS5100> WS5100>show wireless ap-unadopted WS5100> WS5100>show wireless approved-aps access-port detection is disabled WS5100> WS5100>show wireless channel-power 11a indoor % Error: No valid channels or power levels WS5100>...
- Page 97 2-68 WS5100 Series Switch CLI Reference Guide Header : Authentication Success. Description : You now have network access.<BR>Click the disconnect link below to end this session. Footer : Image URL main: Image URL small: Page-type : fail Title : Unable to authenticate Header : Authentication Failed.
- Page 98 2-69 Common Commands Anomaly Detection:: Status Filter-Ageout probe-requests disabled 60 Sec association-requests disabled 60 Sec disassociations disabled 60 Sec authentication-fails disabled 60 Sec crypto-replay-fails disabled 60 Sec 80211-replay-fails disabled 60 Sec decryption-fails disabled 60 Sec unassoc-frames disabled 60 Sec eap-starts disabled 60 Sec null-destination...
-
Page 99: Access-List
2-70 WS5100 Series Switch CLI Reference Guide 2.2.28 access-list Priviledge / Global Config This CLI command lists all the access lists (numbered and named) configured on the switch. The numbered access list displays all numbered ACLs configured and the named access-list displays the details of the name ACL configured. -
Page 100: Alarm-Log
2-71 Common Commands 2.2.29 alarm-log Priviledge / Global Config Syntax show alarm-log ( <1-65535>| acknowledged | all | count | new | severity-to-limit( critical |informational | major | normal | warning)) Parameters <1-65535> Display details for specific alarm id acknowledged Display acknowledged alarms currently in the system Display all alarms currently in the system count... -
Page 101: Boot
2-72 WS5100 Series Switch CLI Reference Guide 2.2.30 boot Priviledge / Global Config Syntax show boot Parameters None. Example WS5100#show boot Image Build Date Install Date Version ----- -------------------- -------------------- ------------ Primary Aug 28 14:05:16 2006 Aug 29 18:32:17 2006 3.0.0.0-200B... -
Page 102: Clock
2-73 Common Commands 2.2.31 clock Priviledge / Global Config Syntax show clock Parameters None. Example WS5100#show clock Sep 13 16:46:27 UTC 2006 WS5100#... -
Page 103: Debugging
2-74 WS5100 Series Switch CLI Reference Guide 2.2.32 debugging Priviledge / Global Config Syntax show debugging Parameters None. Example... -
Page 104: File
2-75 Common Commands 2.2.33 file Privilege / Global Config Syntax show file (information (FILE)| systems) Parameters information Display file information FILE Display information on FILE systems List filesystems Example WS5100#show file systems File Systems: Size(b) Free(b) Type Prefix opaque system: 13704192 11904000 flash... -
Page 105: Ftp
2-76 WS5100 Series Switch CLI Reference Guide 2.2.34 ftp Privilege / Global Config Syntax show ftp Parameters None. Example WS5100#show ftp FTP Server: Disabled User Name: anonymous or ftpuser Password: ******** Root dir: flash:/ WS5100#... -
Page 106: Password-Encryption
2-77 Common Commands 2.2.35 password-encryption Priviledge / Global Config Syntax show password-encryption (status) Parameters status Display password-encryption status Example WS5100#show password-encryption status Password encryption is disabled WS5100#... -
Page 107: Running-Config
2-78 WS5100 Series Switch CLI Reference Guide 2.2.36 running-config Privilege / Global Config Displays the contents of the configuration file for the switch including all configured MAC and IP access lists and which access groups are applied to an interface. - Page 108 Common Commands wireless crypto pki trustpoint local subject-name 11 11 11 11 11 11 crypto pki trustpoint default-trustpoint subject-name Symbol Technologies crypto pki trustpoint slocal radius-server local interface eth1 -- MORE --, next page: Space, next line: Enter, quit: Control-C ..........
- Page 109 2-80 WS5100 Series Switch CLI Reference Guide redundancy heartbeat-period 5 redundancy hold-period 15 redundancy discovery-period 30 no redundancy handle-stp enable no redundancy enable -- MORE --, next page: Space, next line: Enter, quit: Control-C ..........
-
Page 110: Securitymgr
2-81 Common Commands 2.2.37 securitymgr Privilege / Global Config Syntax show securitymgr(debug-logs) Parameters debug-logs Debug information Example... -
Page 111: Sessions
2-82 WS5100 Series Switch CLI Reference Guide 2.2.38 sessions Privilege / Global Config Syntax show sessions Parameters None. Example WS5100#show sessions SESSION USER LOCATION IDLE START TIME Console 006days 1 00:00:00 1970 ** 2 157.235.206.39 00:00m 1 00:00:00 1970 WS5100#... -
Page 112: Startup-Config
2-83 Common Commands 2.2.39 startup-config Privilege / Global Config Syntax show startup-config Parameters None. Example WS5100#show startup-config ! configuration of WS5100 version 3.0.0.0-16786X! version 1.0 service prompt crash-info username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507d username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931f username manager password 1 45b27d6483fc630981ad5096ff26a7956ce0c038 username manager privilege superuser... -
Page 113: Upgrade-Status
2-84 WS5100 Series Switch CLI Reference Guide 2.2.40 upgrade-status Privilege / Global Config Syntax show upgrade-status(detail) Parameters detail Last image upgrade log Example WS5100#show upgrade-status detail Last Image Upgrade Status : Successful Last Image Upgrade Time : Tue Aug 29 18:32:17 2006... -
Page 114: Chapter 3. User Exec Commands
User Exec Commands Logging in to the switch places you in USER EXEC command mode. Typically, log-in will require a user name and a password. You may try three times to enter a password before the connection attempt is refused.The USER EXEC commands available at the user level are a subset of those available at the privileged level. -
Page 115: User Exec Commands
WS5100 Series Switch CLI Reference Guide 3.1 User Exec Commands Table 3.1 summarizes the User Exec commands within the WS5100 Series Switch command line interface. Table 3.1 User Exec commands Summary Command Description Ref. autoinstall autoinstall configuration command. page 3-3 clear autoinstall configuration command. -
Page 116: Autoinstall
User Exec Commands 3.1.1 autoinstall User Exec Commands Use this command to configure the auto -install feature of the WS5100 Series Switch. Syntax autoinstall start autoinstall (config|cluster-config|image) url LINE Parameters enable Enables all the autoinstall features. Usage Guidelines Example WS5100>autoinstall enable... -
Page 117: Clear
WS5100 Series Switch CLI Reference Guide 3.1.2 clear User Exec Commands Use this command to reset the prevoius command implemented by you. Syntax clear (crypto (ike sa ( A.B.C.D| )|ipsec sa(A.B.C.D | ) )| mobility(mu|mu-log|peer-log|peer-statistics)| wireless-statistics ) Parameters crypto crypto... - Page 118 User Exec Commands Usage Guidelines Example WS5100>clear crypto ike sa 111.222.333.01 WS5100> WS5100>clear crypto ipsec sa WS5100>...
-
Page 119: Cluster-Cli
WS5100 Series Switch CLI Reference Guide 3.1.3 cluster-cli User Exec Commands Use this command to cluster all the CLI pertaining to the context it appears in. Syntax cluster-cli enable Parameters enable Enables cluster context Usage Guidelines Example WS5100>cluster-cli enable WS5100>... -
Page 120: Debug
User Exec Commands 3.1.4 debug User Exec Commands Use this command to debug the WS5100 Series Switch. Syntax debug (certmgr(all|err|info)|ip ssh| mobility(cc|error|forwarding|mu|packet|peer|system)) Parameters certmgr Certificate Manager Debugging Messages Internet Protocol (IP) mobility L3 Mobility Trace error and informational messages from Certificate Manager... - Page 121 WS5100 Series Switch CLI Reference Guide Example WS5100>debug certmgr all WS5100> WS5100>debug certmgr error WS5100> WS5100>debug certmgr info WS5100> WS5100>debug ip ssh WS5100> WS5100>debug mobility cc WS5100> WS5100>debug mobility error WS5100> WS5100>debug mobility forwarding WS5100> WS5100>debug mobility mu WS5100> WS5100>debug mobility packet WS5100>...
-
Page 122: Disable
User Exec Commands 3.1.5 disable User Exec Commands To use this command you first have to enable the PRIV mode. Use this command to turn off and move out of the PRIV mode. Syntax disable Parameters None. Usage Guidelines Example WS5100>disable WS5100>... -
Page 123: Enable
3-10 WS5100 Series Switch CLI Reference Guide 3.1.6 enable User Exec Commands Use this command to enter into the PRIV mode. Syntax enable Parameters None. Usage Guidelines Example WS5100>enable... -
Page 124: Logout
3-11 User Exec Commands 3.1.7 logout User Exec Commands Use this command instead of command to exit from the EXEC mode. exit Syntax logout Parameters None. Usage Guidelines Example The WS5100 Series Switch logs off on execution of this command. - Page 125 3-12 WS5100 Series Switch CLI Reference Guide 3.1.8 page User Exec Commands Use this command to toggle paging. Syntax page Parameters None. Usage Guidelines Example...
-
Page 126: Quit
User Exec Commands 3.1.9 quit User Exec Commands Use this command to exit from the current mode and go down to previous mode. Syntax quit Parameters None. Usage Guidelines Example The WS5100 Series Switch logs off on execution of this command. - Page 127 3-14 WS5100 Series Switch CLI Reference Guide...
-
Page 128: Chapter 4. Privileged Exec Commands
Privileged Exec Commands Most of the PRIV EXEC mode commands set operating parameters, privileged-level access should be password protected to prevent unauthorized use. The PRIV EXEC command set includes those commands contained in USER EXEC mode. PRIV EXEC mode also provides access to configuration modes through the configure command, and includes advanced testing commands. -
Page 129: Priv Exec Command
WS5100 Series Switch CLI Reference Guide 4.1 Priv Exec Command Table 4.1 summarizes the Priv Exec commands within the WS5100 Series Switch command line interface. Table 4.1 Priv Exec Command Summary Command Description Ref. acknowledge Acknowledge alarms. page 4-4 archive Manage archive files. - Page 130 Privileged Exec Commands Command Description Ref. help Description of the interactive help system. page 2-5 kill Kill specified session. page 4-25 logout Exit from the EXEC. page 4-26 mkdir Create a directory. page 4-27 more Display the contents of a file. page 4-28 Negate a command or set its defaults.
-
Page 131: Acknowledge
WS5100 Series Switch CLI Reference Guide 4.1.1 acknowledge Priv Exec Command Use this command to acknowledge alarms generated by the WS5100 Series Switch. Syntax acknowledge alarm-log [<1-65535> | all] Parameters alarm-log Acknowledge alarms <1-65535> Acknowledge specific alarm id Acknowledge all alarms... -
Page 132: Archive
Privileged Exec Commands 4.1.2 archive Priv Exec Command Use this command to manage archive files. Syntax archive tar /table [FILE|URL] archive tar /create [FILE|URL] .FILE archive tar /xtract [FILE|URL] DIR Parameters Use to manipulate (create, list or extract) a tar file List files in a tar file /table Create a tar file... - Page 133 WS5100 Series Switch CLI Reference Guide Which files are tared? WS5100#archive tar /table flash:/out.tar drwxrwxrwt 0/600 0 2006-09-08 12:27:20 flash/log -rw-r--r-- 0/0 381 2006-09-08 12:27:28 flash/log/snmpd.log -rw-r--r-- 0/0 151327 2006-09-08 14:37:26 flash/log/messages.log -rw-r--r-- 0/0 17318 2006-09-08 12:27:29 flash/log/startup.log drwxrwxrwt 0/600 0 2006-09-08 12:27:14 flash/log/radius Untar fails..?
-
Page 134: Autoinstall
Privileged Exec Commands 4.1.3 autoinstall Priv Exec Command Use this CLI to configure auto-installation feature of the WS5100 Series Switch. Syntax autoinstall start autoinstall [config|cluster-config|image] url LINE Parameters start start the autoinstall sequence cluster-config enable autoinstall of cluster-config config enable autoinstall of config... - Page 135 WS5100 Series Switch CLI Reference Guide 4.1.4 cd Priv Exec Command Use this CLI to change the current directory. Syntax cd [DIR|] Parameters Change current directory to DIR. Usage Guidelines Example WS5100#cd nvram:/ system:/ flash:/ WS5100#cd flash:/? Change current directory to DIR...
-
Page 136: Clear
Privileged Exec Commands 4.1.5 clear Priv Exec Command Use this CLI to reset the current context. Syntax clear [alarm-log|arp-cache|crypto|ip|logging|mobility|wireless-statistics] clear alarm-log (<1-65535>|acknowledge|all|new) clear crypto(ike|ipsec)sa(remote peer) clear ip(dhcp(binding)[*|A.B.C.D]|nat(translation)*) clear mobility(mu|mu-log|peer-log|peer-statistics) clear mobility mu(<MAC Address>|all|foreign-database|home-database) Parameters alarm-log Clear alarm-log • <1-65535> – Clear specific alarm id •... - Page 137 4-10 WS5100 Series Switch CLI Reference Guide mobility Clear Mobility Attributes • mu – Clear Mobile-unit • MAC Address – MAC address of the MU • all – All MUs (Home and Foreign) • foreign-database – MUs present in the Foreign MU Database •...
-
Page 138: Clock
4-11 Privileged Exec Commands 4.1.6 clock Priv Exec Command Use this command to configure the software system clock. Syntax clock set HH:MM:SS [1-31] MONTH [1993-2035] Parameters Set system date & time Usage Guidelines Example WS5100#clock set 15:10:30 08 Sep 2006 WS5100#show clock Sep 08 15:10:31 UTC 2006... -
Page 139: Cluster-Cli
4-12 WS5100 Series Switch CLI Reference Guide 4.1.7 cluster-cli Priv Exec Command Use this CLI command to enable the cluster context. Syntax cluster-cli enable Parameters enable Enables cluster context Example... -
Page 140: Configure
4-13 Privileged Exec Commands 4.1.8 configure Priv Exec Command Use this CLI to enter into configuration mode. Syntax configure terminal Parameters terminal Configure from the terminal Usage Guidelines Example WS5100#configure terminal Enter configuration commands, one per line. End with CNTL/Z. WS5100(config)#... -
Page 141: Copy
4-14 WS5100 Series Switch CLI Reference Guide 4.1.9 copy Priv Exec Command Use this command to copy from one file to another file. Syntax copy (FILE|URL) (FILE|URL) Parameters FILE File from which to copy URL from which to copy Usage Guidelines Example Transfering file snmpd.log to remote tftp server? -
Page 142: Debug
Privileged Exec Commands 4.1.10 debug Priv Exec Command Use this CLI for debugging purpose. Apart from this CLI is also used to debug various features of the WS5100 Series Switch. Syntax debug all debug [other features] Parameters Enable all debugging... -
Page 143: Delete
4-16 WS5100 Series Switch CLI Reference Guide 4.1.11 delete Priv Exec Command Use this command to delete the specified file from the system. Syntax delete ({/force|/recursive}|) .FILE Parameters /force Force deletion without prompt /recursive Recursive delete FILE Filename(s) to be deleted... -
Page 144: Diff
4-17 Privileged Exec Commands 4.1.12 diff Priv Exec Command Use this CLI to view the difference between 2 files. Syntax diff (FILE|URL) (FILE|URL) Parameters FILE Display the differences between FILE Display the differences between URL Usage Guidelines Example WS5100#diff startup-config running-config --- startup-config +++ running-config @@ -89,7 +89,7 @@... -
Page 145: Dir
4-18 WS5100 Series Switch CLI Reference Guide 4.1.13 dir Priv Exec Command Use this CLI to view the list of files on a filesystem. Syntax dir ({/all|/recursive}|) (DIR|all-filesystems|) Parameters /all List all files /recursive List files recursively List files in named file path... -
Page 146: Disable
4-19 Privileged Exec Commands 4.1.14 disable Priv Exec Command Use this command to turn off privileged mode command. Syntax disable Parameters None. Usage Guidelines Example WS5100#disable WS5100>... -
Page 147: Edit
4-20 WS5100 Series Switch CLI Reference Guide 4.1.15 edit Priv Exec Command Use this CLI command to edit a text file. Syntax edit FILE Parameters FILE Name of the file to be edited. Usage Guidelines Example S5100# edit startup-config GNU nano 1.2.4 File: startup-config ! configuration of WS5100 version 3.0.0.0-... - Page 148 4-21 Privileged Exec Commands < this command will open the startup-config file for editing > < edit & save the config file & exit> WS5100#...
-
Page 149: Enable
4-22 WS5100 Series Switch CLI Reference Guide 4.1.16 enable Priv Exec Command Use this CLI command to Turn on privileged mode command. Syntax enable Parameters None. Usage Guidelines Example WS5100#enable WS5100#... -
Page 150: Erase
4-23 Privileged Exec Commands 4.1.17 erase Priv Exec Command Use this CLI command to erase a filesystem. Syntax erase (nvram:|flash:|startup-config) Parameters nvram: Erase everything in nvram: flash: Erase everything in flash: startup-config Reset configuration to factory default Usage Guidelines Example WS5100#erase flash: % Error: path is a directory WS5100#erase ne... -
Page 151: Halt
4-24 WS5100 Series Switch CLI Reference Guide 4.1.18 halt Priv Exec Command Use this CLI command to stop the WS5100 Series Switch. Syntax halt Parameters None. Usage Guidelines Example WS5100#halt Wireless switch will be halted, do you want to continue? (y/n): y... -
Page 152: Kill
4-25 Privileged Exec Commands 4.1.19 kill Priv Exec Command Use this CLI command to kill a specified session. Syntax kill session <1-16> Parameters session Active session. There are 16 active sessions which can be killed Usage Guidelines Example Telnet to switch [xyz@xyz xyz]$ telnet 157.235.208.93 Trying 157.235.208.93... -
Page 153: Logout
4-26 WS5100 Series Switch CLI Reference Guide 4.1.20 logout Priv Exec Command Use this CLI command to exit from the EXEC mode. Syntax logout Parameters None. Usage Guidelines Example WS5100#logout WS5100 release 3.0.0.0-200B Login as 'cli' to access CLI. WS5100 login:... -
Page 154: Mkdir
4-27 Privileged Exec Commands 4.1.21 mkdir Priv Exec Command Use this CLI command to create a new directory in the filesystem. Syntax mkdir DIR Parameters Directory name Usage Guidelines Example WS5100#mkdir TestDIR WS5100#... -
Page 155: More
4-28 WS5100 Series Switch CLI Reference Guide 4.1.22 more Priv Exec Command Use this CLI command to view the contents of a file. Syntax more FILE Parameters FILE Displays the content of the file Usage Guidelines Example WS5100#more flash:/log/messages.log Sep 08 12:27:30 2006: %PM-5-PROCSTOP: Process "radiusd"... - Page 156 4-29 Privileged Exec Commands vlan1 acquired IP address 157.235.208.93/24 via DHCP Sep 08 12:29:07 2006: %CC-5-RADIOADOPTED: 11bg radio on AP 00-A0-F8-BF-8A-A2 adopted Sep 08 12:29:07 2006: %CC-5-RADIOADOPTED: 11a radio on AP 00-A0-F8-BF-8A-A2 adopted Sep 08 12:29:12 2006: %MOB-6-MUADD: Station 00 -0F-3D-E9-A6-54: Added to Mobility Database Sep 08 12:29:12 2006: %CC-6-STATIONASSOC:...
- Page 157 4-30 WS5100 Series Switch CLI Reference Guide 4.1.23 page Priv Exec Command Use this CLI command to toggle between the page. Syntax page Parameters None. Usage Guidelines Example WS5100#page WS5100#...
-
Page 158: Ping
4-31 Privileged Exec Commands 4.1.24 ping Priv Exec Command Use this CLI command to send ICMP echo messages. Syntax ping WORD Parameters WORD Ping destination address or hostname. Usage Guidelines Example WS5100#ping 157.235.208.39 PING 157.235.208.39 (157.235.208.39): 100 data bytes 128 bytes from 157.235.208.39: icmp_seq=0 ttl=64 time=2.3 ms 128 bytes from 157.235.208.39: icmp_seq=1 ttl=64 time=0.2 ms 128 bytes from 157.235.208.39: icmp_seq=2 ttl=64 time=0.3 ms 128 bytes from 157.235.208.39: icmp_seq=3 ttl=64 time=0.2 ms... -
Page 159: Pwd
4-32 WS5100 Series Switch CLI Reference Guide 4.1.25 pwd Priv Exec Command Use this CLI command to view the contents of the current directory. Syntax Parameters None. Usage Guidelines Example WS5100#pwd flash:/ WS5100#... -
Page 160: Quit
4-33 Privileged Exec Commands 4.1.26 quit Priv Exec Command Use this CLI command to exit from the current mode and move down to previous mode. Syntax quit Parameters None. Usage Guidelines Example WS5100#quit WS5100 release 3.0.0.0-200B Login as 'cli' to access CLI. WS5100 login:... -
Page 161: Reload
4-34 WS5100 Series Switch CLI Reference Guide 4.1.27 reload Priv Exec Command Use this CLI to halt the WS5100 Series Switch and perform a warm reboot. Syntax reload Parameters None. Usage Guidelines Example WS5100#reload... -
Page 162: Rename
4-35 Privileged Exec Commands 4.1.28 rename Priv Exec Command Use this CLI command to rename a file in the existing filesystem. Syntax rename FILE FILE Parameters FILE FIle to be rename. Usage Guidelines Example WS5100#rename flash:/TestDIR/ NewTestDir WS5100#DIR Directory of flash:/ drwx 1024 Wed Jul 19 19:14:05 2006... -
Page 163: Rmdir
4-36 WS5100 Series Switch CLI Reference Guide 4.1.29 rmdir Priv Exec Command Use this CLI command to delete a existing file from the file system. Syntax rmdir DIR Parameters Name of the Directory to be deleted. Usage Guidelines Example WS5100#rmdir flash:/NewTestDir/... -
Page 164: Telnet
4-37 Privileged Exec Commands 4.1.30 telnet Priv Exec Command Use this command to open a telnet session. Syntax telnet WORD (PORT|) Parameters WORD IP address or hostname of a remote system Usage Guidelines Example WS5100#telnet 157.111.222.33 Entering character mode Escape character is '^]'. Red Hat Linux release 9 (Shrike) Kernel 2.4.20-6bigmem on an i686 login: cli... -
Page 165: Traceroute
4-38 WS5100 Series Switch CLI Reference Guide 4.1.31 traceroute Priv Exec Command Use this CLI command to trace the route to destination. Syntax traceroute (WORD | ip WORD) Parameters WORD Trace route to destination address or hostname IP Trace Example WS5100#traceroute 157.222.333.33... -
Page 166: Upgrade
4-39 Privileged Exec Commands 4.1.32 upgrade Priv Exec Command Use this CLI command to upgrade the software image on the Ws5100 Series Switch. Syntax upgrade URL (background|) Parameters Location of firmware image Example WS5100#upgrade tftp://157.235.208.105:/img var2 is 10 percent full... - Page 167 4-40 WS5100 Series Switch CLI Reference Guide "logd" is not responding Sep 08 15:58:44 2006: %PM-4-PROCNORESP: Process "logd" is not responding Sep 08 15:58:44 2006: %PM-4-PROCNORESP: Process "logd" is not responding Sep 08 15:58:44 2006: %PM-4-PROCNORESP: Process "logd" is not responding Version of firmware update file is 3.0.0.0-...
-
Page 168: Upgrade-Abort
4-41 Privileged Exec Commands 4.1.33 upgrade-abort Priv Exec Command Use this CLI command to abort the process of an ongoing upgrade. Syntax upgrade-abort Parameters None. Usage Guidelines Example WS5100#upgrade-abort % Error: No upgrade in progress WS5100#upgrade tftp://157.235.208.105:/img background WS5100#Sep 08 16:01:38 2006: %KERN-4-WARNING: EXT3-fs warning: maximal mount count reached, running e2fsck is recommended. -
Page 169: Write
4-42 WS5100 Series Switch CLI Reference Guide 4.1.34 write Priv Exec Command Use this command to write running configuration to memory or terminal Syntax write [memory | terminal] Parameters memory Write to NV memory terminal Write to terminal Usage Guidelines... -
Page 170: Chapter 5. Global Configuration Commands
Global Configuration Commands The term global is used to indicate characteristics or features that affect the system as a whole. Global configuration mode is used to configure the system globally, or to enter specific configuration modes to configure specific elements such as interfaces or protocols. Use the configure terminal command, under PRIV EXEC, to enter global configuration mode. -
Page 171: Global Configuration Commands
However, these changes are not saved into the startup configuration file until you issue the copy running-config startup-config EXEC mode command. 5.1 Global Configuration Commands Table 5.1 summarizes the Gloabl Config commands within the WS5100 Series Switch command line interface. Table 5.1 Global Cnfiguration Command Summary Command Description Ref. - Page 172 Global Configuration Commands Command Description Ref. license license management command. page 5-26 line Configure a terminal line. page 5-27 local Local user authentication. page 5-28 logging Modify message logging facilities. page 5-29 Configure MAC access-lists. page 5-31 Negate a command or set its defaults . page 2-7 Configure NTP.
-
Page 173: Aaa
WS5100 Series Switch CLI Reference Guide 5.1.1 aaa Global Configuration Commands Displays the current aaa (Authentication,Authorization and Accounting) settings managed by WS5100 Series Wireless Switch. Syntax aaa (authentication(login(default(local|none|radius)))|nas| vpn-authentication(primary(A.B.C.D))|secondary(A.B.C.D))) aaa authentication login default {none|{local|radius}} aaa nas WORD aaa vpn-authentication (primary|secondary) A.B.C.D key WORD (authport... -
Page 174: Access-List
Global Configuration Commands 5.1.2 access-list Global Configuration Commands Use this CLI command to add an access list entry. Syntax access-list access-list (<1-99>|<1300-1999>) (deny|permit|mark (8021p <0-7> | tos <0- 255>))(A.B.C.D/M | host A.B.C.D | any)(wlan <1-32>|)(log|) (rule- precedence <1-500>|) access-list (<100-199>|<2000-2699>) (deny|permit|mark (8021p <0-7> | tos <0-255>)) (icmp) (A.B.C.D/M | host A.B.C.D | any)(A.B.C.D/M | host A.B.C.D | any)(<0-255>... -
Page 175: Banner
WS5100 Series Switch CLI Reference Guide 5.1.3 banner Global Configuration Commands Use this CLI command to define a login banner for the WS5100 Series Wireless Switch. Syntax banner(motd(LINE|default)) Parameters motd Set Message of the Day banner LINE Custom MOTD string... -
Page 176: Boot
Global Configuration Commands 5.1.4 boot Global Configuration Commands This CLI command is used to reboot the WS5100 Series Wireless Switch. Syntax boot(system [primary|secondary]) Parameters system Specify boot image to use after reboot primary Primary image secondary Secondary image Usage Guidelines... -
Page 177: Country-Code
WS5100 Series Switch CLI Reference Guide 5.1.5 country-code Global Configuration Commands Use this CLI command to configure the country of operation. Syntax country-code Parameters None. Usage Guidelines All existing radio configuration will be erased when this command is used. Example... - Page 178 Global Configuration Commands Greece Guatemala Guam Hong Kong Honduras Croatia Haiti Hungary Indonesia Ireland Israel India Iceland Italy Jordan Japan South Korea Kuwait Kazakhstan Liechtenstein Sri Lanka Lithuania Luxembourg Latvia Morocco Malta Mexico Malaysia Netherlands Norway New Zealand Oman Peru Philippines Pakistan Poland...
- Page 179 5-10 WS5100 Series Switch CLI Reference Guide United States Uruguay Venezuela Vietnam South Africa WS5100(config)#country-code...
-
Page 180: Crypto
5-11 Global Configuration Commands 5.1.6 crypto Global Configuration Commands Use this CLI commands to configure the encryption related commands. NOTE leads you to crypto isakmp(policy)Priority instance. For more details see crypto-isakmp on config-crypto-isakmp page 6-1. leads you to crypto isakmp(client)configuration group default instance. - Page 181 5-12 WS5100 Series Switch CLI Reference Guide crypto map (map name)<sequence number> (isakmp|manual)dynamic crypto pki(authenticate|enroll|export|import|trustpoint) crypto pki authenticate <name> (terminal|tftp|ftp) crypto pki enroll<name> (request|self-signed) crypto pki export <name> (request|trustpoint)(tftp|ftp) Parameters ipsec ipsec configuration security association security association lifetime(kilobytes|seconds) IPSec S-A lifetime.
- Page 182 5-13 Global Configuration Commands peer key peer remote peer policy Isakmp Policy Authentication key management export | import Rsa Keypair identifier Associated with Keypair rsa<indentifier> URL to send the key to. (tftp|ftp) generate Size of Keypair. Shoule be between 1024-2048 <key pair>...
- Page 183 5-14 WS5100 Series Switch CLI Reference Guide trustpoint Trustpoint Configuration terminal Copy & Paste mode of enrollment Usage Guidelines Currently a peer address can be deleted with wrong isakmp value. Crypto currently matches only the IP address when a command is issued. This feature will be corrected in the next release.
- Page 184 5-15 Global Configuration Commands authenticate Authenticate and import CA Certificate enroll Enroll export Export import Import trustpoint Define a CA trustpoint WS5100(config)#crypto pki trustpoint ? WORD Trustpoint Name WS5100(config)#crypto pki trustpoint Test WS5100(config-trustpoint)#? Trustpoint Config commands: clrscr Clears the display screen company-name Company Name(Applicable only for request) email...
- Page 185 5-16 WS5100 Series Switch CLI Reference Guide 5.1.7 do Global Configuration Commands Use this CLI command to run commands from the other exec mode — User Exec and Priv Exec modes. Syntax do (command of other mode) Parameters None. Usage Guidelines Example WS5100(config)#do ping 157.235.208.69...
-
Page 186: End
5-17 Global Configuration Commands 5.1.8 end Global Configuration Commands Use this CLI command to end the current mode and change to Exec mode Syntax Parameters None. Usage Guidelines Example WS5100(config)#end WS5100#? Priv Exec commands: acknowledge Acknowledge alarms archive Manage archive files autoinstall autoinstall configuration command Change current directory... -
Page 187: Fallback
5-18 WS5100 Series Switch CLI Reference Guide 5.1.9 fallback Global Configuration Commands Use this CLI command to enable and configures software fallback feature. Failure to boot with configured "use on boot" image allows booting with other image. Syntax fallback(enable) Parameters enable Enable software fallback feature. -
Page 188: Ftp
5-19 Global Configuration Commands 5.1.10 ftp Global Configuration Commands Use this CLI command to configure the FTP server. Syntax ftpenable ftp password(0|1|LINE) ftp rootdir(DIR) Parameters enable Enable FTP Server. password Configure FTP password. You can set the password using one of the folllowing options: •... -
Page 189: Hostname
5-20 WS5100 Series Switch CLI Reference Guide 5.1.11 hostname Global Configuration Commands Use this CLI command to change the name of the systems network. Syntax hostname(WORD) Parameters WORD USed to provide the name for the systems network. Usage Guidelines Example... -
Page 190: Interface
5-21 Global Configuration Commands 5.1.12 interface Global Configuration Commands Use this CLI command to select and interface to confiugre. NOTE interface mode leads to instance. For more details see config-if interface Instance on page 12-1. The prompt changes from ws5100(config) # ws5100(config-if) Syntax interface(IFNAME|eth|tunnel|vlan) - Page 191 5-22 WS5100 Series Switch CLI Reference Guide 5.1.13 ip Global Configuration Commands NOTE Using command leads you to access-list extended instance. For more details see Extended ACL (config-ext-nacl) Instance on page 13-1 Using command leads you to access-list extended instance. For more details see...
- Page 192 5-23 Global Configuration Commands ip nat(outside(destination(static(A.B.C.D))|source)) ip nat(outside(destination|source(list(WORD)|static(A.B.C.D)) ip route(A.B.C.D|A.B.C.D/M) ip routing ip ssh(port|rsa) ip ssh(port(<0-65536>)) ip ssh(rsa(keypair-name(WORD))) ip telnet(port(<0-65535>)) Parameters access-list ACL Config. Using the access list parameter options you enter the ext-nacl context and context. The prompt now changes to the context you std-nacl have entered.
- Page 193 5-24 WS5100 Series Switch CLI Reference Guide domain-name Set default domain for DNS http Hyper Text Transfer Protocol (HTTP) secure-server Secure HTTP server (HTTPS) secure-trustpoint Enter the name of the trustpoint to be used for secure connection server HTTP server...
- Page 194 5-25 Global Configuration Commands A.B.C.D IP destination prefix A.B.C.D/M IP destination prefix routing Turn on IP routing Secured SHell (SSH) server port Listening port. Value can be anything between 0-65536. RSA encryption key keypair-name Configure RSA keypair to be used for encryption WORD RSA keypair name telnet...
-
Page 195: License
5-26 WS5100 Series Switch CLI Reference Guide 5.1.14 license Global Configuration Commands <<< Text here>>> Syntax license Parameters WORD Enter the name of the feature for which you wish to add license. Usage Guidelines Example... -
Page 196: Line
5-27 Global Configuration Commands 5.1.15 line Global Configuration Commands Use this CLI command to configure the terminal line. Syntax line(console|vty) Parameters console Primary terminal line.You can configure a value between 0-0. Virtual terminal.You can configure a value between 0-871. Usage Guidelines Example... -
Page 197: Local
5-28 WS5100 Series Switch CLI Reference Guide 5.1.16 local Global Configuration Commands Use this CLI command to set the username and password for local user authentication. Syntax local(username,password) Parameters username Enter local user name. The username can be a string of upto 64 characters. -
Page 198: Logging
5-29 Global Configuration Commands 5.1.17 logging Global Configuration Commands Use this CLI command to modify message logging facilities of the WS5100 Series Wireless Switch. Syntax logging(aggregation-time|buffered|console|facility|host|monitor|on|syslog) logging aggregation-time(<1-20>) logging buffered(<0-7>|alerts|critical|debugging|emergencies|errors| informational|notifications|warnings) Parameters aggregation-time Set number of seconds for aggregating repeated messages. The value can be configured between 1-60 seconds. - Page 199 5-30 WS5100 Series Switch CLI Reference Guide local1 Syslog facility local1 local2 Syslog facility local2 local3 Syslog facility local3 local4 Syslog facility local4 local5 Syslog facility local5 local6 Syslog facility local6 local7 Syslog facility local7 host Configure remote host to receive log messages.
-
Page 200: Mac
5-31 Global Configuration Commands 5.1.18 mac Global Configuration Commands Use this CLI command to configure MAC access-lists. Syntax mac(access-list(extended(WORD))) Parameters access-list ACL config for the MAC address. extended MAC Extended ACL WORD Enter the name of the ACL. Usage Guidelines To delete Standard/Extended and MAC ACL use under the no access-list <access-list name>... -
Page 201: Ntp
5-32 WS5100 Series Switch CLI Reference Guide 5.1.19 ntp Global Configuration Commands Use this CLI command to configure NTP over the WS5100 Series Wireless Switch. Syntax ntp(access-group|authenticate|authentication-key|autokey| broadcast|broadcastdelay|master|peer|server|trusted-key) ntp access-group(peer|query-only|serve|serve-only) ntp access-group peer(<1-99>|<1300-1999>) ntp access-group query-only(<1-99>|<1300-1999>) ntp access-group serve(<1-99>|<1300-1999>) ntp access-group serve-only(<1-99>|<1300-1999>) - Page 202 5-33 Global Configuration Commands Parameters access-group Control NTP access peer Provide full access query-only Allow only control queries serve Provide server and query access serve-only Provide only server access <1-99> Standard IP access list <1300-1999> Standard IP access list (expanded range) authenticate Authenticate time sources authentication-key...
- Page 203 5-34 WS5100 Series Switch CLI Reference Guide master Act as a NTP master clock <1-15> Stratum number for the NTP master clock peer Configure NTP peer server Configure NTP server WORD autokey Configure autokey peer authentication scheme Configure peer authentication key <1-65534>...
- Page 204 5-35 Global Configuration Commands Example WS5100(config)#ntp peer ? WORD Name/IP address of peer WS5100(config)#ntp peer TestPeer ? autokey Configure autokey peer authentication scheme Configure peer authentication key prefer Prefer this peer when possible version Configure NTP version <cr> WS5100(config)#ntp peer TestPeer autokey ? prefer Prefer this peer when possible version...
-
Page 205: Prompt
5.1.20 prompt Global Configuration Commands Use this CLI command to configure and set the systems prompt. Syntax prompt(LINE) Parameters LIMNE Enter the new prompt that will be displayed by the system/WS5100 Series Wireless Switch. Usage Guidelines Example WS5100(config)#prompt NobleMan NobleMan... -
Page 206: Radius-Server
5-37 Global Configuration Commands 5.1.21 radius-server Global Configuration Commands Use this CLI command to enter the RADIUS Server mode. The WS5100 system prompt will change from the default config mode to Radius server mode. NOTE mode leads you to the radius-server context. For radius-server local more details see Radius Server Instance on page 16-1... - Page 207 5-38 WS5100 Series Switch CLI Reference Guide Usage Guidelines Example WS5100(config)#radius-server local WS5100(config-radsrv)#...
-
Page 208: Redundancy
5-39 Global Configuration Commands 5.1.22 redundancy Global Configuration Commands Use this CLI command to configure redundancy group parameters. Syntax redundancy(discovery-period|enable|group-id|handle-stp| heartbeat-period|hold-period|interface-ip|member-ip|mode) redundancy discovery-period <10-60> redundancy enable redundancy group-id <1-65535> redundancy handle-stp(enable) redundancy heartbeat-period redundancy hold-period <10-255> redundancy interface-ip(A.B.C.D) redundancy member-ip (A.B.C.D) redundancy mode(primary|standby) Parameters discovery-period... - Page 209 5-40 WS5100 Series Switch CLI Reference Guide member-ip Add member to this redundancy group. A.B.C.D IP address of the member mode set the redundancy mode. primary mode can be primary standby mode can be standby Usage Guidelines Example WS5100(config)#redundancy discovery-period 20...
-
Page 210: Service
Global Configuration Commands 5.1.23 service Global Configuration Commands Use this CLI commands to retrive system data that includes tables, log files, configuration, status and operation, for use in debugging and problem resolution while troubleshooting the WS5100 Series Wireless Switch configuration. Syntax service(advanced-vty|ap|clear|dhcp|diag-shell|password-... - Page 211 5-42 WS5100 Series Switch CLI Reference Guide start-shell Provide shell access terminal-length System wide terminal length configuration tethereal Dump and analyze network traffic wireless Wireless parameters Usage Guidelines Example EXAMPLE OUTPUT HERE...
-
Page 212: Snmp-Server
5-43 Global Configuration Commands 5.1.24 snmp-server Global Configuration Commands USe this CLI command to modify SNMP engine parameters. Syntax snmp-server(community|contact|enable|host|location|manager|sysname|user) snmp-server community(WORD(ro|rw)) snmp-server contact LINE snmp-server enable traps (all|miscellaneous|nsm|redundancy|snmp|wireless|wireless-statistics) snmp-server enable traps all snmp-server enable traps miscellaneous (lowFsSpace|processMaxRestartsReached|savedConfigModified) snmp-server enable traps nsm dhcpIPChanged snmp-server enable traps redundancy (adoptionExceeded|grpAuthLevelChanged|memberDown|memberMisConfigured| memberUp) - Page 213 5-44 WS5100 Series Switch CLI Reference Guide snmp-server enable traps wireless-statistics radio (avg-bit-speed-less-than|avg-retry-greater-than|avg-signal-less-than| gave-up-percent-greater-than|nu-percent-greater-than| num-mobile-units-greater-than|pktsps-greater-than|tput-greater-than| undecrypt-percent-greater-than) snmp-server enable traps wireless-statistics wireless-switch (num-mobile-units-greater-than|pktsps-greater-than|tput-greater-than) snmp-server enable traps wireless-statistics wlan (avg-bit-speed-less-than|avg-retry-greater-than|avg-signal-less-than| gave-up-percent-greater-than|nu-percent-greater-than| num-mobile-units-greater-than|pktsps-greater-than|tput-greater-than| undecrypt-percent-greater-than) snmp-server host(A.B.C.D) snmp-server location (LINE) snmp-server manager(all|v2|v3) snmp-server sysname...
- Page 214 5-45 Global Configuration Commands redundancy ( ) Enable redundancy traps adoptionExceeded Redundancy port adoption exceeded grpAuthLevelChanged Redundancy group Authorization Level changed memberDown Redundancy member down memberMisConfigured Redundancy member mis-configuration memberUp Redundancy member up snmp ( ) Enable SNMP traps authenticationFail Enable authentication failure trap coldstart Enable coldStart trap...
- Page 215 5-46 WS5100 Series Switch CLI Reference Guide associated Wireless station associated deniedAssociationAsPort Wireless station denied association due to port capacity reached CapacityReached deniedAssociationOnCapability Wireless station denied association due to unsupported capability deniedAssociationOnErr Wireless station denied association due to internal error...
- Page 216 5-47 Global Configuration Commands avg-bit-speed-less-than < > Average bit speed in Mbps is less than — < A decimal number greater than 0.00 and less than or equal to 54.00> avg-retry-greater-than < > Average retry is greater than — < A decimal number greater than 0.00 and less than or equal to 16.00>...
- Page 217 5-48 WS5100 Series Switch CLI Reference Guide operator Operator user v3 ( ) User using v3 security model auth ( ) Authentication parameters for the user encrypted ( ) Specifying password as md5 digests Use HMAC MD5 algorithm for authentication...
- Page 218 5-49 Global Configuration Commands WS5100(config)#snmp-server enable traps wireless station tkipCounterMeasures WS5100(config)# WS5100(config)#snmp-server enable traps wireless-statistics min-packets WS5100(config)# WS5100(config)#snmp-server location "Located at thh 5th FLoor" WS5100(config)# WS5100(config)#snmp-server sysname "Gold Mine" WS5100(config)#...
-
Page 219: Terminal
5-50 WS5100 Series Switch CLI Reference Guide 5.1.25 terminal Global Configuration Commands Use this CLI command to set the length /number of lines to be displayed on the terminal window. Syntax terminal(monitor|no) terminal no monitor Parameters monitor Copy debug output to the current terminal line... -
Page 220: Timezone
5-51 Global Configuration Commands 5.1.26 timezone Global Configuration Commands Use this CLI command to configure the timezone settings of the WS5100 Series Wireless Switch. Syntax timezone Parameters TIMEZONE Press <tab> to traverse list of files. This displays list of files containing timezone information. -
Page 221: Username
5-52 WS5100 Series Switch CLI Reference Guide 5.1.27 username Global Configuration Commands Use this CLI command to establish the user name authentication for the WS5100 Series Wireless Switch. Syntax username Parameters WORD Enter a name to authenticate the WS5100 switch. The username should be between 1 and 28 characters. -
Page 222: Vpn
5-53 Global Configuration Commands 5.1.28 vpn Global Configuration Commands Use this CLI command to configure VPN Syntax vpn authentication-method(local|radius) Parameters authentication-method Use this to select the authen local Used for user based authentication radius Used to radius server authentication Usage Guidelines Virtual Private Network. -
Page 223: Wireless
5-54 WS5100 Series Switch CLI Reference Guide 5.1.29 wireless Global Configuration Commands Use this CLI command to configure the wireless parameters of the WS5100 Series Wireless Switch. This command will lead you to instance. For more idetails see Wireless Instance... -
Page 224: Chapter 6. Crypto-Isakmp
6.1 Crypto Isakmp Config commands Table 6.1 summarizes the commands within the WS5100 Series Switch command crypto-isakmp line interface Table 6.1 Trustpoint Config Commands Summary Command Description Ref. authentication Set authentication method for protection suite... - Page 225 AP-5131 Access Point Product Reference Guide Command Description Ref. group Set the Diffie-Hellman group page 6-8 hash Set hash algorithm for protection suite page 6-9 help Description of the interactive help system page 6-10 lifetime Set lifetime for ISAKMP security association page 6-11 Negate a command or set its defaults page 6-12...
-
Page 226: Authentication
crypto-isakmp 6.1.1 authentication Use this CLI command to authenticate keys. rsa-sig pre-share Syntax authentication(pre-share|rsa-sig) Parameters pre-share pre shared key rsa-sig rsa signature Example WS5100(config-crypto-isakmp)#authentication pre-share WS5100(config-crypto-isakmp)# WS5100(config-crypto-isakmp)#authentication rsa-sig WS5100(config-crypto-isakmp)#... -
Page 227: Clrscr
AP-5131 Access Point Product Reference Guide 6.1.2 clrscr Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Usage Guidelines Example WS5100(config-crypto-isakmp)#clr WS5100(config-crypto-isakmp)#... -
Page 228: Encryption
crypto-isakmp 6.1.3 encryption Use this CLI command to configure the encryption level of the data transmitted using the WS5100 Wireless Switch using crypto-isakmp command. Syntax encryption(3des|aes|aes-192|aes-256|des) Parameters 3des 3des - Triple data encryption standard aes - advanced data encryption standard aes-192 aes-192 - advanced data encryption standard aes-256... -
Page 229: End
AP-5131 Access Point Product Reference Guide 6.1.4 end Use this CLI command to end and exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines Example WS5100(config-crypto-isakmp))#end WS5100#... -
Page 230: Exit
crypto-isakmp 6.1.5 exit Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Usage Guidelines Example WS5100(config-crypto-isakmp)#exit WS5100(config)#... -
Page 231: Group
AP-5131 Access Point Product Reference Guide 6.1.6 group Use this CLI command to specify the Diffie-Hellman group (1 or 2) to be used by this IKE policy to generate the keys (which are then used to create the IPSec SA). Syntax group(1|2|5) Parameters... -
Page 232: Hash
crypto-isakmp 6.1.7 hash Use this CLI command to specify the hash algorithm to be used to authenticate the data transmitted over the IKE SA. Syntax hash(md5|sha) Parameters Choose the md5 hash algorithm. Choose the sha hash algorithm. Example WS5100(config-crypto-isakmp)#hash sha WS5100(config-crypto-isakmp)#... -
Page 233: Help
6-10 AP-5131 Access Point Product Reference Guide 6.1.8 help Use thie CLI command to access the systems interactive help system Syntax help Parameters None. Example WS5100(config-crypto-isakmp)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. -
Page 234: Lifetime
6-11 crypto-isakmp 6.1.9 lifetime Use this CLI command to specify how long an IKE SA is valid before expiring. Syntax lifetime <seconds> Parameters <seconds> Specify how many seconds an IKE SA will last before expiring.Time stamp in secondscan be configured between 3600 and 2147483647. Example WS5100(config-crypto-isakmp)#lifetime 5200 WS5100(config-crypto-isakmp)#... - Page 235 6-12 AP-5131 Access Point Product Reference Guide 6.1.10 no Use this CLI command to negate a command or set its defaults. Syntax no <previous command used> Parameters Use the commands that you have configured under this instance. Example WS5100(config-crypto-isakmp)#no lifetime WS5100(config-crypto-isakmp)#...
-
Page 236: Service
6-13 crypto-isakmp 6.1.11 service Use this CLI command to invoke the service commands to trobuleshoot or debug the instance configurations. (config-crypto-isakmp) Syntax service(clear|diag-shell|save-cli|show|start-shell|tethereal) Parameters clear Remove specified support information diag-shell Provide diag shell access save-cli Save CLI tree for all modes in html format show Show running system information start-shell... -
Page 237: Show
6-14 AP-5131 Access Point Product Reference Guide 6.1.12 show Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show <paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 238 6-15 crypto-isakmp snmp-server Display SNMP engine parameters startup-config Contents of startup configuration terminal Display terminal configuration parameters timezone Display timezone upgrade-status Display last image upgrade status users Display information about terminal lines version Display software & hardware version wireless Wireless configuration commands WS5100(config-crypto-isakmp)#show...
- Page 239 6-16 AP-5131 Access Point Product Reference Guide...
-
Page 240: Chapter 7. Crypto-Group
7.1 Crypto Client Config commands Table 7.1 summarizes the commands within the WS5100 Series Switch config-crypto-group command line interface Table 7.1 Trustpoint Config Commands Summary Command Description Ref. clrscr Clears the display screen... - Page 241 AP-5131 Access Point Product Reference Guide Command Description Ref. help Description of the interactive help system page 7-7 service Service Commands page 7-8 show Show running system information page 7-9 wins Windows name server page 7-11...
-
Page 242: Clrscr
crypto-group 7.1.1 clrscr Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Example WS5100(config-crypto-group)#clr WS5100(config-crypto-group)#... -
Page 243: Dns
AP-5131 Access Point Product Reference Guide 7.1.2 dns Use this CLIL command to specify the DNS server address(es) to assign to a client. Syntax dns <IP Address> Parameters <IP Address> The first DNS server address to assign. <IP Address> optional The second DNS server address to assign. -
Page 244: End
crypto-group 7.1.3 end Use this CLI command to end and exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines Example WS5100(config-crypto-group)#end WS5100#... -
Page 245: Exit
AP-5131 Access Point Product Reference Guide 7.1.4 exit Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Example WS5100(config-crypto-group)#exit WS5100(config)#... -
Page 246: Help
crypto-group 7.1.5 help Use thie CLI command to access the systems interactive help system Syntax help Parameters None. Example WS5100(config-crypto-group)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. -
Page 247: Service
AP-5131 Access Point Product Reference Guide 7.1.6 service Use this CLI command to invoke the service commands to trobuleshoot or debug the instance configurations. (config-crypto-isakmp) Syntax service(clear|diag-shell|save-cli|show|start-shell|tethereal) Parameters clear Remove specified support information diag-shell Provide diag shell access save-cli Save CLI tree for all modes in html format show Show running system information start-shell... -
Page 248: Show
7.1.7 show Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show <paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 249 7-10 AP-5131 Access Point Product Reference Guide snmp-server Display SNMP engine parameters startup-config Contents of startup configuration terminal Display terminal configuration parameters timezone Display timezone upgrade-status Display last image upgrade status users Display information about terminal lines version Display software & hardware version wireless Wireless configuration commands WS5100(config-crypto-group)#show...
-
Page 250: Wins
7-11 crypto-group 7.1.8 wins Use this CLIL command to specify the Windows Internet Naming Service (WINS) name servers to assign to a client. Syntax wins <IP Address> <IP Address> Parameters <IP Address> The first WINs server address to assign. <IP Address> optional The second WINs server address to assign. - Page 251 7-12 AP-5131 Access Point Product Reference Guide...
-
Page 252: Chapter 8. Crypto-Peer
Address|dns|hostname] config-crypto-peer instance. 8.1 Crypto Peer Config commands Table 8.1 summarizes the commands within the WS5100 Series Switch config-crypto-peer command line interface Table 8.1 Trustpoint Config Commands Summary Command Description Ref. clrscr Clears the display screen... - Page 253 AP-5131 Access Point Product Reference Guide Command Description Ref. Negate a command or set its defaults page 8-7 service Service Commands page 8-8 page 8-9 show Show running system information page 8-10...
-
Page 254: Clrscr
crypto-peer 8.1.1 clrscr Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Example WS5100(config-crypto-peer)#clr WS5100(config-crypto-peer) -
Page 255: End
AP-5131 Access Point Product Reference Guide 8.1.2 end Use this CLI command to end and exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines Example WS5100(config-crypto-peer)#end WS5100#... -
Page 256: Exit
crypto-peer 8.1.3 exit Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Example WS5100(config-crypto-peer)#exit WS5100(config)#... -
Page 257: Help
AP-5131 Access Point Product Reference Guide 8.1.4 help Use thie CLI command to access the systems interactive help system Syntax help Parameters None. Example WS5100(config-crypto-peer)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. - Page 258 crypto-peer 8.1.5 no Use this CLI command to negate a command or set its defaults. Syntax no <previous command used> Parameters Use the commands that you have configured under this instance. Example WS5100(config-crypto-peer)#no aggrerssive-mode WS5100(config-crypto-peer)#...
-
Page 259: Service
AP-5131 Access Point Product Reference Guide 8.1.6 service Use this CLI command to invoke the service commands to trobuleshoot or debug the instance configurations. (config-crypto-isakmp) Syntax service(clear|diag-shell|save-cli|show|start-shell|tethereal) Parameters clear Remove specified support information diag-shell Provide diag shell access save-cli Save CLI tree for all modes in html format show Show running system information start-shell... -
Page 260: Set
crypto-peer 8.1.7 set Use this CLI command to configure the aggressive-mode of crypto-peer. Syntax set aggressive-mode (password) Parameters aggressive-mode aggressive mode password password Example WS5100(config-crypto-peer)#set aggressive-mode password CheckMeIn WS5100(config-crypto-peer)#... -
Page 261: Show
8-10 AP-5131 Access Point Product Reference Guide 8.1.8 show Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show <paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 262 8-11 crypto-peer snmp-server Display SNMP engine parameters startup-config Contents of startup configuration terminal Display terminal configuration parameters timezone Display timezone upgrade-status Display last image upgrade status users Display information about terminal lines version Display software & hardware version wireless Wireless configuration commands WS5100(config-crypto-peer)#show...
- Page 263 8-12 AP-5131 Access Point Product Reference Guide...
-
Page 264: Chapter 9. Crypto-Ipsec
For more details see crypto-map transform-set page 10-11. 9.1 Crypto Ipsec Config commands Table 9.1 summarizes the commands within the WS5100 Series Switch config-crypto-ipsec command line interface Table 9.1 Trustpoint Config Commands Summary Command Description Ref. - Page 265 AP-5131 Access Point Product Reference Guide Command Description Ref. mode IPSec Transporation Mode page 9-3 Negate a command or set its defaults page 6-12 service Service Commands page 6-13 show Show running system information page 9-4...
-
Page 266: Mode
crypto-ipsec 9.1.1 mode Use this CLI command to configure the IP Sec transportation mode. Syntax mode(transport|tunnel) Parameters transport Transport Mode tunnel Tunnel Mode Example WS5100(config-crypto-ipsec)#mode transport WS5100(config-crypto-ipsec)#... -
Page 267: Show
AP-5131 Access Point Product Reference Guide 9.1.2 show Syntax clrscr Parameters Displays all the parameters for which the information can be viewed using the show command. Example WS5100(config-crypto-ipsec)#show ? access-list Internet Protocol (IP) alarm-log Display all alarms currently in the system autoinstall autoinstall configuration banner... - Page 268 crypto-ipsec timezone Display timezone upgrade-status Display last image upgrade status users Display information about terminal lines version Display software & hardware version wireless Wireless configuration commands WS5100(config-crypto-ipsec)#show...
- Page 269 AP-5131 Access Point Product Reference Guide...
-
Page 270: Chapter 10. Crypto-Map
10.1 Trustpoint Config commands Table 10.1 summarizes the commands within the WS5100 Series Switch config-crypto-map command line interface Table 10.1 Trustpoint Config Commands Summary Command Description Ref. clrscr... - Page 271 10-2 AP-5131 Access Point Product Reference Guide Command Description Ref. match Match values Negate a command or set its defaults service Service Commands Set values for encryption/decryption show Show running system information...
-
Page 272: Clrscr
10-3 crypto-map 10.1.1 clrscr Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Example WS5100(config-crypto-map)#clr WS5100(config-crypto-map) -
Page 273: End
10-4 AP-5131 Access Point Product Reference Guide 10.1.2 end Use this CLI command to end and exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines Example WS5100(config-crypto-map)#end WS5100#... -
Page 274: Exit
10-5 crypto-map 10.1.3 exit Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Example WS5100(config-crypto-map)#exit WS5100(config)#... -
Page 275: Help
10-6 AP-5131 Access Point Product Reference Guide 10.1.4 help Use thie CLI command to access the systems interactive help system Syntax help Parameters None. Example WS5100(config-crypto-map)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. -
Page 276: Match
10-7 crypto-map 10.1.5 match Use this CLI command to assign an IP access-list to a crypto map definition. The access-list designates the IP packets to be encrypted by this crypto map. A crypto map entry is a single policy that describes how certain traffic is to be secured. There are two types of crypto map entries: ipsec-manual and ipsec-ike. - Page 277 10-8 AP-5131 Access Point Product Reference Guide Example The following example shows setting up an ACL (called TestList) and then assigning the new list to a crypto map (called TestMap): WS5100(config)#ip access-list extended TestList Configuring New Extended ACL "TestList" (config-ext-nacl)#exit WS5100(config)#crypto map TestMap 220 isakmp dynamic WS5100(config-crypto-map)# WS5100(config-crypto-map)#match address TestMap...
- Page 278 10-9 crypto-map 10.1.6 no Use this CLI command to negate a command or set its defaults. Syntax no <previous command used> Parameters Use the commands that you have configured under this instance. Example WS5100(config-crypto-map)#no aggrerssive-mode WS5100(config-crypto-map)#...
-
Page 279: Service
10-10 AP-5131 Access Point Product Reference Guide 10.1.7 service Use this CLI command to invoke the service commands to trobuleshoot or debug the instance configurations. (config-crypto-isakmp) Syntax service(clear|diag-shell|save-cli|show|start-shell|tethereal) Parameters clear Remove specified support information diag-shell Provide diag shell access save-cli Save CLI tree for all modes in html format show Show running system information... -
Page 280: Set
10-11 crypto-map 10.1.8 set Use this CLI command to set the various set parameters of the peer device. Syntax set (localid|mode|peer|pfs|security-association|session-key|transformset) set localid(IP Address|dn|hostname) set security-association (level(perhost)|lifetime(kilobytes|seconds)<value>) set session-key (inbound|outbound)(ah|esp) set session-key (inbound|outbound) ah <hexkey data> set session-key (inbound|outbound) esp <SPI> cipher <hexdata key> authenticator <hexkey data>... - Page 281 10-12 AP-5131 Access Point Product Reference Guide group 1 IPSec is required to use Diffie-Hellman Group 1 (768-bit modulus) exchange during IPSec SA key generation. group 2 IPSec is required to use Diffie-Hellman Group 2 (1024-bit modulus) exchange during IPSec SA key generation. group 5 IPSec is required to use Diffie-Hellman Group 5 security-association...
- Page 282 10-13 crypto-map Usage Guidelines WS5100(config-crypto-map)#set peer (name) If no peer IP address is configured, the manual crypto map is not valid and not complete. A peer IP address is required for manual crypto maps. To change the peer IP address, the no set peer command must be issued first;...
-
Page 283: Show
10-14 AP-5131 Access Point Product Reference Guide 10.1.9 show Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show <paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 284 10-15 crypto-map snmp-server Display SNMP engine parameters startup-config Contents of startup configuration terminal Display terminal configuration parameters timezone Display timezone upgrade-status Display last image upgrade status users Display information about terminal lines version Display software & hardware version wireless Wireless configuration commands WS5100(config-crypto-map)#show...
- Page 285 10-16 AP-5131 Access Point Product Reference Guide...
- Page 286 This is a seperate instance by itself but belongs to the mode crypto pki trustpoint under instance. config 11.1 Trustpoint Config commands Table 11.1 summarizes the commands within the WS5100 Series config-crypto-trustpoint Switch command line interface Table 11.1 Trustpoint Config Commands Summary Command Description Ref. clrscr Clears the display screen...
- Page 287 11-2 WS5100 Series Switch CLI Reference Guide Command Description Ref. End current mode and change to EXEC mode page 11-6 exit End current mode and down to previous mode page 11-7 fqdn Domain Name Configuration page 11-8 help Description of the interactive help system...
-
Page 288: Chapter 11. Crypto-Trustpoint Instance
11-3 crypto-trustpoint Instance 11.1.1 clrscr Trustpoint Config commands Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Usage Guidelines Example WS5100(config-trustpoint)#clrscr WS5100(config-trustpoint)#... -
Page 289: Company-Name
11-4 WS5100 Series Switch CLI Reference Guide 11.1.2 company-name Trustpoint Config commands Company Name(Applicable only for request) Syntax company-name Parameters WORD Company Name(2 to 64 characters) Usage Guidelines Example WS5100(config-trustpoint)#company-name RetailKing WS5100(config-trustpoint)#... -
Page 290: Email
11-5 crypto-trustpoint Instance 11.1.3 email Trustpoint Config commands Use this CLI command to configure you e-mail ID for the trustpoint. Syntax email Parameters WORD email address( 2 to 64 characters ) Usage Guidelines Example WS5100(config-trustpoint)#email abcTestemailID@symbol.com WS5100(config-trustpoint)#... -
Page 291: End
11-6 WS5100 Series Switch CLI Reference Guide 11.1.4 end Trustpoint Config commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100#. Syntax Parameters None. Usage Guidelines Example... -
Page 292: Exit
11-7 crypto-trustpoint Instance 11.1.5 exit Trustpoint Config commands Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Usage Guidelines Example WS5100(config-trustpoint)#exit WS5100(config)#... -
Page 293: Fqdn
11-8 WS5100 Series Switch CLI Reference Guide 11.1.6 fqdn Trustpoint Config commands Use this CLI command to configure the domain name of the trustpoint. Syntax fqdn Parameters None Usage Guidelines Example WS5100(config-trustpoint)#fqdn RetailKing.com WS5100(config-trustpoint)#... -
Page 294: Help
11-9 crypto-trustpoint Instance 11.1.7 help Trustpoint Config commands Use thie CLI command to access the systems interactive help system. Syntax help Parameters None. Usage Guidelines Example WS5100(config-trustpoint)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. -
Page 295: Ip-Address
11-10 WS5100 Series Switch CLI Reference Guide 11.1.8 ip-address Trustpoint Config commands Use this CLI command to configure a IP adress for the trustpoint. Syntax ip-address Parameters A.B.C.D Enter the IP address to be configured for the trustpoint. Usage Guidelines Example WS5100(config-trustpoint)#ip-address 157.200.200.02... - Page 296 11-11 crypto-trustpoint Instance 11.1.9 no Trustpoint Config commands Use this CLI command to negate a command or set its defaults. Syntax no <previous command used> Parameters None. Usage Guidelines Example WS5100(config-trustpoint)#no ip-address WS5100(config-trustpoint)#...
-
Page 297: Password
11-12 WS5100 Series Switch CLI Reference Guide 11.1.10 password Trustpoint Config commands Use this CLI command to set the challenge password, applicable only for requests, to acces trustpoint. Syntax password(0|2|WORD) Parameters Password is specified UNENCRYPTED. The password should be between 4 to 20 characters. -
Page 298: Rsakeypair
Usage Guidelines RSA Key Pair Support feature allows you to configure WS5100 Sereies Wireless Switch to have Rivest, Shamir, and Adelman (RSA) key pairs. Thus, the WS5100 Series Wireless Switch software can maintain a different key pair for each identity certificate. -
Page 299: Service
Syntax service(clear|diag-shell|save-cli|show|start-shell|tethereal) Parameters clear Remove specified support information. diag-shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch. save-cli Saves the CLI tree for all modes in html format. show Show running system information. start-shell Provide shell access. - Page 300 11-15 crypto-trustpoint Instance diag > WS5100(config-trustpoint)#service save-cli CLI command tree is saved as clitree.html. This tree can be viewed via web at http://<ipaddr>/cli/clitree.html WS5100(config-trustpoint)# WS5100(config-trustpoint)#service show ? Show CLI tree of current mode command-history Display command (except show commands) history. crash-info Display information about core, panic and AP dump files info...
-
Page 301: Show
11-16 WS5100 Series Switch CLI Reference Guide 11.1.13 show Trustpoint Config commands Use thie CLI command to view the current system information t hat is running on the WS5100 Series Wirteless Switch. Syntax show <parameter> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 302 11-17 crypto-trustpoint Instance redundancy-members Display redundancy group members in detail running-config Current Operating configuration securitymgr Display debug info for ACL, VPN and NAT sessions Display current active open connections snmp Display SNMP engine parameters snmp-server Display SNMP engine parameters startup-config Contents of startup configuration terminal Display terminal configuration parameters...
-
Page 303: Subject-Name
WS5100(config-trustpoint)#subject-name TestPool US OH PB ? WORD Organization( 2 to 64 characters ) WS5100(config-trustpoint)#subject-name TestPool US OH PB SYMBOL ? WORD Organization Unit( 2 to 64 characters ) WS5100(config-trustpoint)#subject-name TestPool US OH PB SYMBOL WID ? <cr> WS5100(config-trustpoint)#subject-name TestPool US OH PB SYMBOL WID WS5100(config-trustpoint)#... -
Page 304: Chapter 12. Interface Instance
) instance to configure the interfaces — ethernet,vlan and tunnel associated with (config-if the WS5100 Series Wireless Switch. 12.1 Interface Config commands Table 12.1 summarizes the commands within the WS5100 Series Switch command line config-if Table 12.1 Interface Config Command Summary Command Description Ref. - Page 305 12-2 WS5100 Series Switch CLI Reference Guide Command Description Ref. End current mode and change to EXEC mode page 12-7 exit End current mode and down to previous mode page 12-8 help Description of the interactive help system page 12-9...
-
Page 306: Clrscr
12-3 interface Instance 12.1.1 clrscr Interface Config commands Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Usage Guidelines Example WS5100(config-if)#clrscr WS5100(config-if)#... -
Page 307: Crypto
12-4 WS5100 Series Switch CLI Reference Guide 12.1.2 crypto Interface Config commands Syntax crypto map(WORD) Parameters WORD Usage Guidelines At any given instance you can add only one crypto mapset to one interface. WS5100 wireless switch does not support the same cryptomap set to be attached to multiple interfaces. -
Page 308: Description
12-5 interface Instance 12.1.3 description Interface Config commands Use this CLI command to create an interface specific desciption. Syntax description Parameters LINE Characters describing this interface Usage Guidelines Example WS5100(config-if)#description "interface for RetailKing" WS5100(config-if)#... -
Page 309: Duplex
12-6 WS5100 Series Switch CLI Reference Guide 12.1.4 duplex Interface Config commands Use thsi CLI command to configure a duplex type to the interface. NOTE • Duplexity can only be set for Ethernet type Interface.You need to enter the instance using parameter of mode. -
Page 310: End
12-7 interface Instance 12.1.5 end Interface Config commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines Example WS5100(config-if)#end WS5100#... -
Page 311: Exit
12-8 WS5100 Series Switch CLI Reference Guide 12.1.6 exit Interface Config commands Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Usage Guidelines Example WS5100(config-if)#exit... -
Page 312: Help
12-9 interface Instance 12.1.7 help Interface Config commands Use thie CLI command to access the systems interactive help system. Syntax help Parameters None. Usage Guidelines Example WS5100(config-if)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. - Page 313 12-10 WS5100 Series Switch CLI Reference Guide 12.1.8 ip Interface Config commands Use this CLI command to configure the IP address for the assigned ethernet, VLAN or tunnel. Syntax ip(access-group|address|helper-address|nat) ip access-group(<1-99>|<100-199>|<1300-1999>|<2000-2699>)in ip address(A.B.C.D/M|dhcp) ip helper-address A.B.C.D ip nat(inside|outside) Parameters...
-
Page 314: Management
12-11 interface Instance 12.1.9 management Interface Config commands Use this CLI command to configure the selected interface as management interface. Syntax management Parameters None. Usage Guidelines Example... -
Page 315: Mtu
12-12 WS5100 Series Switch CLI Reference Guide 12.1.10 mtu Interface Config commands Use this CLI command to set the mtu value for an VLAN interface. NOTE This command is valid only with an VLAN interface. Syntax mtu <512-1500> Parameters <512-1500>... - Page 316 12-13 interface Instance 12.1.11 no Interface Config commands Use this CLI command to negate a command or set its defaults. Syntax no <previous command used> Parameters None. Usage Guidelines Example WS5100(config-if)#no mtu WS5100(config-if)#...
-
Page 317: Service
Remove specified support information. diag-shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch. save-cli Saves the CLI tree for all modes in html format. - Page 318 12-15 interface Instance WS5100(config-if)#service diag-shell Diagnostic shell started for testing diag > boot Reboots the switch delete Deletes specified file from the system. exit Exit from the CLI fallback Configures firmware fallback feature help Description of the interactive help system logout Exit from the CLI Negate a command or set its defaults...
- Page 319 12-16 WS5100 Series Switch CLI Reference Guide [-i <interface on which to capture packets> ] [-W (wisp packet only)] [-s <snaplen> ] [-r <filename> (read contents of specified file)] [-w <savefile> (save capture in specified file) ] [-X (for examples on tethereal capture filter) ]...
-
Page 320: Show
12-17 interface Instance 12.1.13 show Interface Config commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show <paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 321 12-18 WS5100 Series Switch CLI Reference Guide redundancy-members Display redundancy group members in detail running-config Current Operating configuration securitymgr Display debug info for ACL, VPN and NAT sessions Display current active open connections snmp Display SNMP engine parameters snmp-server Display SNMP engine parameters...
- Page 322 12-19 interface Instance phrase-to-key display the WEP keys generated by a passphrase qos-mapping Quality of Service mappings used for mapping WMM access categories and 802.1p / DSCP tags radio Radio related commands regulatory Regulatory (allowed channel/power) information for a particular country self-heal-config Self-Healing Configuration Parameters sensor...
-
Page 323: Shutdown
12-20 WS5100 Series Switch CLI Reference Guide 12.1.14 shutdown Interface Config commands Use thie CLI command to shutdown the selected interface. Syntax shutdown Parameters None. Usage Guidelines Example WS5100(config-if)#shutdown WS5100(config-if)#... -
Page 324: Speed
12-21 interface Instance 12.1.15 speed Interface Config commands Use this CLI command to configure the speed of the selected interface in Mbps. Syntax speed(10|100|1000|auto) Parameters Force 10 Mbps operation Force 100 Mbps operation 1000 Force 1000 Mbps operation auto Enable AUTO speed configuration Usage Guidelines Example WS5100(config-if)#speed auto... -
Page 325: Switchport
12-22 WS5100 Series Switch CLI Reference Guide 12.1.16 switchport Interface Config commands Use this CLI command to set switching mode characteristics of the selected interface. Syntax switchport(access|mode|trunk) switchport access vlan <1-4094> switchport mode(access|trunk) switchport trunk(allowed|native) switchport trunk allowed vlan(add|none|remove)[VLAN_ID] switchport trunk native(tagged|vlan<1-4094>) - Page 326 12-23 interface Instance Usage Guidelines Example WS5100(config-if)#switchport mode access WS5100(config-if)#...
-
Page 327: Terminal
12-24 WS5100 Series Switch CLI Reference Guide 12.1.17 terminal Interface Config commands Use this command to set the length /number of lines to be displayed on the terminal window. Syntax terminal(monitor|no) terminal no(monitor) Parameters monitor Copy debug output to the current terminal line... -
Page 328: Tunnel
12-25 interface Instance 12.1.18 tunnel Interface Config commands Use this CLI command to configure protocol-over-protocol tunneling. Syntax tunnel(destination|source|ttl) tunnel destination A.B.C.D tunnel source A.B.C.D tunnel ttl<1-255> Parameters destination destination of tunnel packets source source of tunnel packets A.B.C.D Internet Protocol (IP) set time to live <1-255>... - Page 329 12-26 WS5100 Series Switch CLI Reference Guide...
-
Page 330: Chapter 13. Extended Acl Instance
Extended ACL Instance instance to configure the ACLs associated (config-ext-nacl) ip access-list extended with the WS5100 Series Wireless Switch. 13.1 Extended ACL Config Commands Table 13.1 summarizes the commands within the WS5100 Series Switch config-ext-nacl command line Table 13.1 Extended ACL Config Command Summary... - Page 331 13-2 WS5100 Series Switch CLI Reference Guide Command Description Ref. help Description of the interactive help system page 13-8 mark Specify packets to mark page 13-9 Negate a command or set its defaults page 13-11 permit Specify packets to forward...
-
Page 332: Clrscr
13-3 Extended ACL Instance 13.1.1 clrscr Extended ACL Config Commands Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Usage Guidelines Example WS5100(config-ext-nacl)#clrscr WS5100(config-ext-nacl)#... -
Page 333: Deny
13-4 WS5100 Series Switch CLI Reference Guide 13.1.2 deny Extended ACL Config Commands Use this CLI command to specify packets that you want to reject. Syntax deny(icmp|ip|tcp|udp) deny icmp(Source IP Address)(Destination Address) (<0-255>|log|rule-precedence<1-5000>|wlan<1-32>) deny icmp(Source IP Address)(Destination Address) log rule-precedence<1-5000>... - Page 334 13-5 Extended ACL Instance deny (tcp|udp)(Source IP Address) (eq <1-65535>|range <1-65535> <1-65535>) (Destination IP Address)(eq <1-65535>|range <1-65535> <1-65535>) log wlan <1-32> deny (tcp|udp)(Source IP Address) (eq <1-65535>|range <1-65535> <1-65535>) (Destination IP Address)(eq <1-65535>|range <1-65535> <1-65535>) log rule-precedence <1-5000> Parameters icmp ICMP Protocol Any Internet Protocol Source IP...
-
Page 335: End
13-6 WS5100 Series Switch CLI Reference Guide 13.1.3 end Extended ACL Config Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines... -
Page 336: Exit
13-7 Extended ACL Instance 13.1.4 exit Extended ACL Config Commands Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Usage Guidelines Example WS5100(config-ext-nacl)#exit WS5100(config)#... -
Page 337: Help
13-8 WS5100 Series Switch CLI Reference Guide 13.1.5 help Extended ACL Config Commands Use thie CLI command to access the systems interactive help system. Syntax help Parameters None. Usage Guidelines Example WS5100(config-ext-nacl)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. -
Page 338: Mark
13-9 Extended ACL Instance 13.1.6 mark Extended ACL Config Commands Use this CLI command to specify packet that you want to mark. Syntax mark(8021p|tos)(<0-7>|<0-255>)(icmp|ip|tcp|udp) (Source IP Address)(Destination IP Address) mark(8021p|tos)(<0-7>|<0-255>) icmp(Source IP Address) (Destination IP Address)(<0-255>|log|wlan<1-32> rule-precedence<1-5000> Syntax mark(8021p|tos)(<0-7>|<0-255>) ip(Source IP Address) (Destination IP Address)(log|rule-precedence|wlan)log mark(8021p|tos)(<0-7>|<0-255>) ip(Source IP Address) (Destination IP Address)(log|rule-precedence|wlan) - Page 339 13-10 WS5100 Series Switch CLI Reference Guide Parameters 8021p <0-7> Modify 802.1p VLAN user priority tos <0-255> Modify TOS bits in IP header icmp ICMP Protocol Any Internet Protocol TCP Protocol UDP Protocol Source IP Address Source IP address can be one of the following: •...
- Page 340 13-11 Extended ACL Instance 13.1.7 no Extended ACL Config Commands Use this CLI command to negate a command or set its defaults. Syntax no(deny|mark|permit) This command negates all the syntax combinatins that you have used in deny, mark permit configure the Extended ACL. Parameters deny Specify packets to reject...
-
Page 341: Permit
13-12 WS5100 Series Switch CLI Reference Guide 13.1.8 permit Extended ACL Config Commands Syntax permit(icmp|ip|tcp|udp) permit icmp(Source IP Address)(Destination Address) (<0-255>|log|rule-precedence<1-5000>|wlan<1-32>) permit icmp(Source IP Address)(Destination Address) log rule-precedence<1-5000> permit icmp(Source IP Address)(Destination Address) rule-precedence<1-5000> permit icmp(Source IP Address)(Destination Address) wlan<1-32> log rule-precedence<1-5000>... - Page 342 13-13 Extended ACL Instance permit(tcp|udp)(Source IP Address)(eq <1-65535>|range <1-65535> <1-65535>) (Destination IP Address)(eq <1-65535>|range <1-65535> <1-65535>) log wlan <1-32> permit(tcp|udp)(Source IP Address)(eq <1-65535>|range <1-65535> <1-65535>) (Destination IP Address)(eq <1-65535>|range <1-65535> <1-65535>) log rule-precedence <1-5000> Parameters icmp ICMP Protocol Any Internet Protocol Source IP Source IP address can be one of the following: •...
-
Page 343: Service
Syntax service(clear|diag-shell|save-cli|show|start-shell|tethereal) Parameters clear Remove specified support information. diag-shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch. save-cli Saves the CLI tree for all modes in html format. show Show running system information. start-shell Provide shell access. - Page 344 13-15 Extended ACL Instance WS5100(config-ext-nacl)#service save-cli CLI command tree is saved as clitree.html. This tree can be viewed via web at http://<ipaddr>/cli/clitree.html WS5100(config-ext-nacl)# WS5100(config-ext-nacl)#service show ? Show CLI tree of current mode command-history Display command (except show commands) history. crash-info Display information about core, panic and AP dump files info Show snapshot of available support information...
-
Page 345: Show
13-16 WS5100 Series Switch CLI Reference Guide 13.1.10 show Extended ACL Config Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show<paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 346 13-17 Extended ACL Instance redundancy-members Display redundancy group members in detail running-config Current Operating configuration securitymgr Display debug info for ACL, VPN and NAT sessions Display current active open connections snmp Display SNMP engine parameters snmp-server Display SNMP engine parameters startup-config Contents of startup configuration terminal...
-
Page 347: Terminal
13-18 WS5100 Series Switch CLI Reference Guide 13.1.11 terminal Extended ACL Config Commands Use this command to set the length /number of lines to be displayed on the terminal window. Syntax terminal(monitor|no) terminal no(monitor) Parameters monitor Copy debug output to the current terminal line... -
Page 348: Chapter 14. Standard Acl Instance
Standard ACL Instance instance to configure the ACLs associated (config-std-nacl) ip access-list standard with the WS5100 Series Wireless Switch. 14.1 Standard ACL Config Commands Table 14.1 summarizes the commands within the WS5100 Series Switch config-std-nacl command line Table 14.1 Extended ACL Config Command Summary... - Page 349 14-2 WS5100 Series Switch CLI Reference Guide Command Description Ref. help Description of the interactive help system page 14-7 mark Specify packets to mark page 14-8 Negate a command or set its defaults page 14-9 permit Specify packets to forward...
-
Page 350: Clrscr
14-3 Standard ACL Instance 14.1.1 clrscr Standard ACL Config Commands Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Usage Guidelines Example WS5100(config-std-nacl)#clrscr WS5100(config-std-nacl)#... -
Page 351: Deny
14-4 WS5100 Series Switch CLI Reference Guide 14.1.2 deny Standard ACL Config Commands Use this CLI command to specify packets that you want to reject. Syntax deny(A.B.C.D/M|any|host) deny any(log|rule-precedence|wlan) deny any log(rule-precedence)<1-500> deny any rule-precedence<1-500> deny any wlan<1-32>(log|rule-precedence)(rule-precedence)<1-500> deny host A.B.C.D Parameters A.B.C.D/M... -
Page 352: End
14-5 Standard ACL Instance 14.1.3 end Standard ACL Config Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines Example WS5100(config-std-nacl)#end WS5100#... -
Page 353: Exit
14-6 WS5100 Series Switch CLI Reference Guide 14.1.4 exit Standard ACL Config Commands Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Usage Guidelines Example... -
Page 354: Help
14-7 Standard ACL Instance 14.1.5 help Standard ACL Config Commands Use thie CLI command to access the systems interactive help system. Syntax help Parameters None. Usage Guidelines Example WS5100(config-std-nacl)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. -
Page 355: Mark
14-8 WS5100 Series Switch CLI Reference Guide 14.1.6 mark Standard ACL Config Commands Use this CLI command to specify packet that you want to mark. Syntax mark(8021.1p<0-7>|tos<0-255>)(A.B.C.D/M|any|host) mark(8021.1p<0-7>|tos<0-255>)any|host(log|rule-precedence<1-5000>| wlan<1-32>|A.B>C.D) mark(8021.1p<0-7>|tos<0-255>)any wlan<1-32>(log|rule-precedence<1-5000>) Parameters Usage Guidelines Example EXAMPLE OUTPUT HERE... - Page 356 14-9 Standard ACL Instance 14.1.7 no Standard ACL Config Commands Use this CLI command to negate a command or set its defaults. Syntax no(deny|mark|permit) This command negates all the syntax combinatins that you have used in deny, mark permit configure the Extended ACL. Parameters deny Specify packets to reject...
-
Page 357: Permit
14-10 WS5100 Series Switch CLI Reference Guide 14.1.8 permit Standard ACL Config Commands permit(A.B.C.D/M|any|host) permit any(log|rule-precedence|wlan) permit any log(rule-precedence)<1-500> permit any rule-precedence<1-500> permit any wlan<1-32>(log|rule-precedence)(rule-precedence)<1-500> permit host A.B.C.D Parameters A.B.C.D/M Source IP address range to match Any source IP address Log matches against this entry rule-precedence<1-500>... -
Page 358: Service
Syntax service(clear|diag-shell|save-cli|show|start-shell|tethereal) Parameters clear Remove specified support information. diag-shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch. save-cli Saves the CLI tree for all modes in html format. show Show running system information. start-shell Provide shell access. - Page 359 14-12 WS5100 Series Switch CLI Reference Guide WS5100(config-std-nacl)#service show ? Show CLI tree of current mode command-history Display command (except show commands) history. crash-info Display information about core, panic and AP dump files info Show snapshot of available support information...
-
Page 360: Show
14-13 Standard ACL Instance 14.1.10 show Standard ACL Config Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show<paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 361 14-14 WS5100 Series Switch CLI Reference Guide redundancy-members Display redundancy group members in detail running-config Current Operating configuration securitymgr Display debug info for ACL, VPN and NAT sessions Display current active open connections snmp Display SNMP engine parameters snmp-server Display SNMP engine parameters...
-
Page 362: Terminal
14-15 Standard ACL Instance 14.1.11 terminal Standard ACL Config Commands Use this command to set the length /number of lines to be displayed on the terminal window. Syntax terminal(monitor|no) terminal no(monitor) Parameters monitor Copy debug output to the current terminal line Negate a command or set its defaults monitor Copy debug output to the current terminal line... - Page 363 14-16 WS5100 Series Switch CLI Reference Guide...
-
Page 364: Chapter 15. Extended Mac Acl Instance
Extended MAC ACL Instance instance to configure the ACLs associated (config-ext-macl) mac access-list extended with the WS5100 Series Wireless Switch. 15.1 MAC Extended ACL Config Commands Table 15.1 summarizes the commands within the WS5100 Series Switch config-ext-macl command line Table 15.1 Extended ACL Config Command Summary... - Page 365 15-2 WS5100 Series Switch CLI Reference Guide Command Description Ref. help Description of the interactive help system page 15-8 mark Specify packets to mark page 15-9 Negate a command or set its defaults page 15-11 permit Specify packets to forward...
-
Page 366: Clrscr
15-3 Extended MAC ACL Instance 15.1.1 clrscr MAC Extended ACL Config Commands Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Usage Guidelines Example WS5100(config-ext-macl)#clrscr WS5100(config-ext-macl)#... -
Page 367: Deny
15-4 WS5100 Series Switch CLI Reference Guide 15.1.2 deny MAC Extended ACL Config Commands Use this CLI command to specify packets that you want to reject. Syntax deny(Source MAC Address)(Destination MAC Address) (dot1p<0-7>|type|vlan<1-4095>|wlan<1-32>)rule-precedende<1-5000> deny(Source MAC Address)(Destination MAC Address)dot1p<0-7> rule-precedence<1-5000> deny(Source MAC Address)(Destination MAC Address)type (<1-65535>|arp|ip|ipv6|vlan|wisp>)rule-precedence<1-5000>... - Page 368 15-5 Extended MAC ACL Instance Usage Guidelines Example EXAMPLE OUTPUT HERE...
-
Page 369: End
15-6 WS5100 Series Switch CLI Reference Guide 15.1.3 end MAC Extended ACL Config Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines... -
Page 370: Exit
15-7 Extended MAC ACL Instance 15.1.4 exit MAC Extended ACL Config Commands Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Usage Guidelines Example WS5100(config-ext-macl)#exit WS5100(config)#... -
Page 371: Help
15-8 WS5100 Series Switch CLI Reference Guide 15.1.5 help MAC Extended ACL Config Commands Use thie CLI command to access the systems interactive help system. Syntax help Parameters None. Usage Guidelines Example WS5100(config-ext-macl)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. -
Page 372: Mark
15-9 Extended MAC ACL Instance 15.1.6 mark MAC Extended ACL Config Commands Use this CLI command to specify packet that you want to mark. Syntax mark(802.1p<0-7>|tos<0-255>)(Source MAC Address)(Destination MAC Address) (dot1p<0-7>|type|vlan<1-4095>|wlan<1-32>)rule-precedence<1-5000> mark(802.1p<0-7>|tos<0-255>)(Source MAC Address)(Destination MAC Address) dot1p<0-7> rule-precedence<1-5000> mark(802.1p<0-7>|tos<0-255>)(Source MAC Address)(Destination MAC Address) type(<1-65535>|arp|ip|ipv6|vlan|wisp)rule-precedence<1-5000>... - Page 373 15-10 WS5100 Series Switch CLI Reference Guide type(<1-65535>|arp|ip|ipv6|vlan|wisp) EtherType vlan<1-4095> VLAN ID wlan<1-32> Filter packets based on WLAN Usage Guidelines Example EXAMPLE OUTPUT HERE...
- Page 374 15-11 Extended MAC ACL Instance 15.1.7 no MAC Extended ACL Config Commands Use this CLI command to negate a command or set its defaults. Syntax no(deny|mark|permit) This command negates all the syntax combinatins that you have used in deny, mark permit configure the Extended ACL.
-
Page 375: Permit
15-12 WS5100 Series Switch CLI Reference Guide 15.1.8 permit MAC Extended ACL Config Commands Use this CLI command to specify packets that you want to forward. Syntax permit(Source MAC Address)(Destination MAC Address) (dot1p<0-7>|type|vlan<1-4095>|wlan<1-32>)rule-precedende<1-5000> permit(Source MAC Address)(Destination MAC Address)dot1p<0-7> rule-precedence<1-5000> permit(Source MAC Address)(Destination MAC Address)type (<1-65535>|arp|ip|ipv6|vlan|wisp>)rule-precedence<1-5000>... -
Page 376: Service
(config-if) Syntax service(clear|diag-shell|save-cli|show|start-shell|tethereal) Parameters clear Remove specified support information. diag-shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch. save-cli Saves the CLI tree for all modes in html format. show Show running system information. start-shell Provide shell access. - Page 377 15-14 WS5100 Series Switch CLI Reference Guide WS5100(config-ext-macl)#service save-cli CLI command tree is saved as clitree.html. This tree can be viewed via web at http://<ipaddr>/cli/clitree.html WS5100(config-ext-macl)# WS5100(config-ext-macl)#service show ? Show CLI tree of current mode command-history Display command (except show commands) history.
-
Page 378: Show
15-15 Extended MAC ACL Instance 15.1.10 show MAC Extended ACL Config Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show<paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 379 15-16 WS5100 Series Switch CLI Reference Guide redundancy-members Display redundancy group members in detail running-config Current Operating configuration securitymgr Display debug info for ACL, VPN and NAT sessions Display current active open connections snmp Display SNMP engine parameters snmp-server Display SNMP engine parameters...
-
Page 380: Terminal
15-17 Extended MAC ACL Instance 15.1.11 terminal MAC Extended ACL Config Commands Use this command to set the length /number of lines to be displayed on the terminal window. Syntax terminal(monitor|no) terminal no(monitor) Parameters monitor Copy debug output to the current terminal line Negate a command or set its defaults monitor Copy debug output to the current terminal line... - Page 381 15-18 WS5100 Series Switch CLI Reference Guide...
-
Page 382: Chapter 16. Radius Server Instance
Use instance to (config-radsrv) configure local radius server parameters associated with the WS5100 Series Wireless Switch. 16.1 Radius Configuration Commands Table 16.1 summarizes the Gloabl Config commands within the WS5100 Series Switch command line Table 16.1 Extended ACL Config Command Summary... - Page 383 16-2 WS5100 Series Switch CLI Reference Guide Command Description Ref. End current mode and change to EXEC mode page 16-7 exit End current mode and down to previous mode page 16-8 group Configure radius user group paramaters. page 16-9 NOTE This command create another sub-instance called...
-
Page 384: Authentication
16-3 Radius Server Instance 16.1.1 authentication Radius Configuration Commands <<< Text here>>> Syntax authentication(data-source|eap-auth-type) authentication data-source(ldap|local) authentication eap-auth-type(all|peap-gtc|peap-mschapv2|tls|ttls-md5| ttls-mschapv2|ttls-pap) Parameters data-source Radius Datasource for user authentication eap-auth-type Radius Eap and Default authentication type configuration Enable both ttls and peap peap-gtc Eap type peap with Default auth type gtc peap-mschapv2 Eap type peap with Default auth type mschapv2... - Page 385 16-4 WS5100 Series Switch CLI Reference Guide 16.1.2 ca Radius Configuration Commands Use this CLI command to configure CA (Certificate Authority) parameters. Syntax ca trust-point(WORD) Parameters trust-point Trust point configuration WORD Existing trust point name Usage Guidelines Configure the trustpoint that is used by the local radius server.Ensure you create the...
-
Page 386: Clrscr
16-5 Radius Server Instance 16.1.3 clrscr Radius Configuration Commands Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Usage Guidelines Example WS5100(config-radsrv)#clrscr WS5100(config-radsrv)#... -
Page 387: Crl-Check
16-6 WS5100 Series Switch CLI Reference Guide 16.1.4 crl-check Radius Configuration Commands Use this CLI command to enable Certificate Revocation List( CRL ) check.To enable the certificate revocation list ensure the is loaded using crl list crypto pki import <trustpoint-name> crl command. -
Page 388: End
16-7 Radius Server Instance 16.1.5 end Radius Configuration Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines Example WS5100(config-radsrv)#end WS5100#... -
Page 389: Exit
16-8 WS5100 Series Switch CLI Reference Guide 16.1.6 exit Radius Configuration Commands Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Usage Guidelines Example WS5100(config-radsrv)#exit... -
Page 390: Group
16-9 Radius Server Instance 16.1.7 group Radius Configuration Commands Use this CLI command to configure radius user group paramaters.The system moves to a sub-instance mode when you create a new group and the prompt changes from WS5100(config-radsrv)# WS5100(config-radsrv-group)#. Table 16.2 summarizes the Radius User Group commands withing the (config-radsrv-group) sub- instance. -
Page 391: Clrscr
16-10 WS5100 Series Switch CLI Reference Guide 16.1.7.1 clrscr Radius Configuration Commands Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Example WS5100(config-radsrv-group)#clrscr WS5100(config-radsrv-group)# 16.1.7.2 end Radius Configuration Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode.The... -
Page 392: Exit
16-11 Radius Server Instance 16.1.7.3 exit Radius Configuration Commands Use this CLI command to end current mode and down to previous mode ). The (config-radsrv) prompt now changes to WS5100(config)# Syntax exit Parameters None. Example WS5100(config-radsrv-group)#exit WS5100(config-radsrv)#group 16.1.7.4 group Radius Configuration Commands Use this CLI command to configure radius user group paramaters. -
Page 393: Guest-Group
16-12 WS5100 Series Switch CLI Reference Guide 16.1.7.5 guest-group Radius Configuration Commands Use this CLI command to configure a guest group. Syntax guest-group Parameters enable Enable this group as guest group Example WS5100(config-radsrv-group)#guest-group enable WS5100(config-radsrv-group)# 16.1.7.6 help Radius Configuration Commands Use thie CLI command to access the systems interactive help system. -
Page 394: Policy
16-13 Radius Server Instance 16.1.7.7 no Radius Configuration Commands Use this CLI command to negate a command or set its defaults. Syntax no(policy|rad-user|service) no policy(day|time|vlan|wlan) no policy wlan(<1-32>|all)<1-32> Parameters policy Radius group access policy configuration Reset day of access policy for this group time Configure time of access policy for this group vlan... - Page 395 16-14 WS5100 Series Switch CLI Reference Guide WS5100(config-radsrv-group)#no policy wlan 2 5 WS5100(config-radsrv-group)# WS5100(config-radsrv-group)#no rad-user all WS5100(config-radsrv-group)# WS5100(config-radsrv-group)#no service radius %%Info: Radius service stopped... WS5100(config-radsrv-group)# 16.1.7.8 policy Radius Configuration Commands Use this CLI command to configure Radius group access policy.
-
Page 396: Rad-User
16-15 Radius Server Instance <0-23> hour (hh) limit <0-59> mins (mm) limit vlan VLAN id for this group <1-4094> VLAN range wlan Configure wlan access policy for this group <1-32> Wlan index Example WS5100(config-radsrv-group)#policy day weekdays WS5100(config-radsrv-group)# WS5100(config-radsrv-group)#policy time start 12 12 end 22 22 WS5100(config-radsrv-group)# WS5100(config-radsrv-group)#policy vlan 20 WS5100(config-radsrv-group)#... -
Page 397: Service
Example WS5100(config-radsrv-group)#service radius restart WS5100(config-radsrv-group)# 16.1.7.11 show Radius Configuration Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show<paramater> Parameters Displays all the parameters for which the information can be viewed using the... - Page 398 16-17 Radius Server Instance Example WS5100(config-radsrv-group)#show ? access-list Internet Protocol (IP) alarm-log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration. clock Display system clock commands Show command lists crypto crypto debugging...
-
Page 399: Terminal
16-18 WS5100 Series Switch CLI Reference Guide 16.1.7.12 terminal Radius Configuration Commands Use this command to set the length /number of lines to be displayed on the terminal window. Syntax terminal(monitor|no) terminal no(monitor) Parameters monitor Copy debug output to the current terminal line... -
Page 400: Example-Creating A Group
16-19 Radius Server Instance 16.1.7.13 Example–Creating a Group The usage of sub-instance is explained through an example illustrated (config-radsrv-group) below: 1. Create a group called Sales in the local radius server database. WS5100(config-radsrv)#group sales 2. Check the Radius user group configuration commands. WS5100(config-radsrv-group)#? Radius user group configuration commands: clrscr... - Page 401 16-20 WS5100 Series Switch CLI Reference Guide 6. Use to create a user called testuser and add it to group (config-radsrv)#rad-user Sales WS5100(config-radsrv)#rad-user testuser password testpassword group sales Sep 08 17:41:55 2006: RADCONF: Adding user "testuser" into local database Sep 08 17:41:55 2006: RADCONF: User "testuser" is added to group "sales"...
-
Page 402: Help
16-21 Radius Server Instance 16.1.8 help Radius Configuration Commands Use thie CLI command to access the systems interactive help system. Syntax help Parameters None. Usage Guidelines Example WS5100(config-radsrv)#help? help Description of the interactive help system WS5100(config-radsrv)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. -
Page 403: Ldap-Server
16-22 WS5100 Series Switch CLI Reference Guide 16.1.9 ldap-server Radius Configuration Commands Use thie CLI command to configure LDAP server parameters. Syntax ldap-server(primary|secondary)host(A.B.C.D) Parameters primary primary ldap server configuration secondary secondary ldap server configuration host ldap server ip configuration A.B.C.D... -
Page 404: Nas
16-23 Radius Server Instance 16.1.10 nas Radius Configuration Commands Use this CLI to configure the RADIUS client. Syntax nas(A.B.C.D/M)key(0|2|LINE) Parameters A.B.C.D/M Radius Client IP address Radius Client shared key Password is specified UNENCRYPTED Password is encrypted with password-encryption secret LINE The secret (client shared secret),upto 32 characters. - Page 405 16-24 WS5100 Series Switch CLI Reference Guide 16.1.11 no Radius Configuration Commands Use this CLI command to negate a command or set its defaults. Syntax no(authentication|ca|crl-check|group|ldap-server|nas|proxy|rad- user|server|service) Parameters authentication Radius authentication Configure ca certificate parameters crl-check Certificate Revocation List( CRL ) check...
-
Page 406: Proxy
16-25 Radius Server Instance 16.1.12 proxy Radius Configuration Commands Use this CLI command to configure RADIUS proxy server. Syntax proxy(realm|retry-count|retry-delay) proxy relam(WORD)server(A.B.C.D)port(<1024-65535>)secret(0|2|WORD) Parameters realm WORD Realm name WORD A string of up to 50 characters server (A.B.C.D) proxy server A.B.C.D proxy server ip address port <1024-65535>... - Page 407 16-26 WS5100 Series Switch CLI Reference Guide Example WS5100(config-radsrv)#proxy realm Test server 10.10.10.1 port 2220 secret "Very Very Secret !!!" WS5100(config-radsrv)# WS5100(config-radsrv)#proxy retry-count 5 WS5100(config-radsrv)# WS5100(config-radsrv)#proxy retry-delay 8 WS5100(config-radsrv)#...
-
Page 408: Rad-User
16-27 Radius Server Instance 16.1.13 rad-user Radius Configuration Commands Use this CLI to configure RADIUS user parameters. Syntax rad-user(WORD)password(0|2|WORD) Parameters WORD Enter user name upto 64 characters length password(0|2|WORD) Radius user password Password is specified UNENCRYPTED Password is encrypted with password-encryption secret WORD Enter password upto 21 characters length Usage Guidelines... -
Page 409: Server
16-28 WS5100 Series Switch CLI Reference Guide 16.1.14 server Radius Configuration Commands Use this CLI command to configure server certificate parameters. You must create a trustpoint using or have an existing trustpoint to configure crypto-pki-trustpoint server. Syntax server trust-point Parameters... -
Page 410: Service
16-29 Radius Server Instance 16.1.15 service Radius Configuration Commands Use this CLI command to invoke the service commands to trobuleshoot or debug the instance configurations.This command is also used to enable RADIUS server. (config-radsrv) Syntax service(clear|diag-shell|radius|save-cli|show|start-shell|tethereal) service radius restart Parameters clear Remove specified support information diag-shell... -
Page 411: Show
16-30 WS5100 Series Switch CLI Reference Guide 16.1.16 show Radius Configuration Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show<paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 412 16-31 Radius Server Instance sessions Display current active open connections snmp Display SNMP engine parameters snmp-server Display SNMP engine parameters startup-config Contents of startup configuration terminal Display terminal configuration parameters timezone Display timezone upgrade-status Display last image upgrade status users Display information about terminal lines version Display software &...
-
Page 413: Terminal
16-32 WS5100 Series Switch CLI Reference Guide 16.1.17 terminal Radius Configuration Commands Use this command to set the length /number of lines to be displayed on the terminal window. Syntax terminal(monitor|no) terminal no(monitor) Parameters monitor Copy debug output to the current terminal line... - Page 414 (config-wireless) WS5100 Series Wireless Switch. 17.1 Wireless Configuration Commands Table 17.1 summarizes the Gloabl Config commands within the WS5100 Series Switch command line Table 17.1 Extended ACL Config Command Summary Command Description Ref.
- Page 415 17-2 WS5100 Series Switch CLI Reference Guide Command Description Ref. broadcast-tx-speed Set the rate at which broadcast and multicast traffic should page 17-8 be transmitted clrscr Clears the display screen page 17-9 convert-ap Change the mode of operation of an AP...
-
Page 416: Chapter 17. Wireless Instance
17-3 Wireless Instance Command Description Ref. sensor Wireless Intrusion Protection System parameters page 17-38 service Service Commands page 17-39 show Show running system information page 17-42 smart-scan-channels Specify a list of channels that are used on the network. This page 17-44 list will be provided to mobile-units that can support partial scanning terminal... -
Page 417: Wireless Configuration Commands
17-4 WS5100 Series Switch CLI Reference Guide 17.1.1 adopt-unconf-radio Wireless Configuration Commands Use this CLI command to adopt a radio even if its not yet configured. The default templates will be used for configuration. Syntax adopt-unconf-radio Parameters enable Enable the adoption of unconfigured radios... -
Page 418: Adoption-Pref-Id
17-5 Wireless Instance 17.1.2 adoption-pref-id Wireless Configuration Commands Use this CLI command as a preference identifier for the WS5100 wireless switch. All radios configured with this preference identifier are more likely to be adopted by this wireless-switch. Syntax adoption-pref-id Parameters <1-65535>... -
Page 419: Ap-Detection
17-6 WS5100 Series Switch CLI Reference Guide 17.1.3 ap-detection Wireless Configuration Commands Use this CLI command to configure AP detection. Syntax ap-detection(approved|enable|max-aps|mu-assisted-scan|timeout) ap-detection approved add <1-200> (MAC Address)(SSID) ap-detection mu-assisted-scan(enable|refresh<10-86400>) Parameters approved The approved AP list Add an entry to the approved AP list. - Page 420 17-7 Wireless Instance Example WS5100(config-wireless)#ap-detection enable WS5100(config-wireless)# WS5100(config-wireless)#ap-detection approved add 150 any any WS5100(config-wireless)# WS5100(config-wireless)#ap-detection max-aps 250 WS5100(config-wireless)# WS5100(config-wireless)#ap-detection mu-assisted-scan enable WS5100(config-wireless)# WS5100(config-wireless)#ap-detection mu-assisted-scan refresh 520 WS5100(config-wireless)# WS5100(config-wireless)#ap-detection timeout 500 WS5100(config-wireless)#...
-
Page 421: Broadcast-Tx-Speed
17-8 WS5100 Series Switch CLI Reference Guide 17.1.4 broadcast-tx-speed Wireless Configuration Commands Use this CLI command to configure the rate at which broadcast and multicast traffic should be transmitted between the WS5100 wireless switch and MU’s. Syntax broadcast-tx-speed(range|throughput) Parameters range use lowest basic rate. -
Page 422: Clrscr
17-9 Wireless Instance 17.1.5 clrscr Wireless Configuration Commands Use this CLI command to clear the display screen. Syntax clrscr Parameters None. Usage Guidelines Example WS5100(config-wireless)#clrscr WS5100(config-wireless)#... -
Page 423: Convert-Ap
17-10 WS5100 Series Switch CLI Reference Guide 17.1.6 convert-ap Wireless Configuration Commands Use this CLI command to change the mode of operation of an AP to either sensor or standalone. Syntax convert-ap <1-48>(default|sensor|standalone) Parameters <1-48> Indices of the APs to be converted, from the ['show wireless ap' command] default do not force any conversion. -
Page 424: Country-Code
17-11 Wireless Instance 17.1.7 country-code Wireless Configuration Commands USe this CLI command to configure the country of operation. All existing radio configuration will be erased when u use this command. Syntax country-code Parameters Abbrevation Use the country abbrevation to confiugre the WS5100 switch to operate in a particular country. - Page 425 17-12 WS5100 Series Switch CLI Reference Guide Finland France United Kingdom Greece Guatemala Guam Hong Kong Honduras Croatia Haiti Hungary Indonesia Ireland Israel India Iceland Italy Jordan Japan South Korea Kuwait Kazakhstan Liechtenstein Sri Lanka Lithuania Luxembourg Latvia Morocco Malta...
- Page 426 17-13 Wireless Instance Turkey Taiwan Ukraine United States Uruguay Venezuela Vietnam South Africa WS5100(config-wireless)#country-code...
-
Page 427: Dhcp-Sniff-State
17-14 WS5100 Series Switch CLI Reference Guide 17.1.8 dhcp-sniff-state Wireless Configuration Commands Use this CLI ccommand to record mobile-unit DHCP state information. Syntax dhcp-sniff-state Parameters enable Enable support for recording DHCP state information for mobile-units. Usage Guidelines Example WS5100(config-wireless)#dhcp-sniff-state enable... -
Page 428: Dot11-Shared-Key-Auth
17-15 Wireless Instance 17.1.9 dot11-shared-key-auth Wireless Configuration Commands Use this CLI command to Enable support for 802.11 shared key authentication. NOTE Shared key authentication has known weaknesses that can compromise your WEP key. It should only be configured to accomodate wireless stations that are unable to carry out Open-System authentication. -
Page 429: End
17-16 WS5100 Series Switch CLI Reference Guide 17.1.10 end Wireless Configuration Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode.The prompt now changes to WS5100# Syntax Parameters None. Usage Guidelines Example... -
Page 430: Exit
17-17 Wireless Instance 17.1.11 exit Wireless Configuration Commands Use this CLI command to end current mode and down to previous mode (GLOBAL-CONFIG). The prompt now changes to WS5100(config)# Syntax exit Parameters None. Usage Guidelines Example WS5100(config-wireless)#exit WS5100(config)#... -
Page 431: Fix-Windows-Dhcp
17-18 WS5100 Series Switch CLI Reference Guide 17.1.12 fix-windows-dhcp Wireless Configuration Commands Use this CLI command to convert Windows DHCP server responses to be Unicast instead of Broadcast Syntax fix-windows-dhcp Parameters enable Enable support for converting Windows DHCP server responses... -
Page 432: Help
17-19 Wireless Instance 17.1.13 help Wireless Configuration Commands Use thie CLI command to access the systems interactive help system. Syntax help Parameters None. Usage Guidelines Example WS5100(config-wireless)#help CLI provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. -
Page 433: Ids
17-20 WS5100 Series Switch CLI Reference Guide 17.1.14 ids Wireless Configuration Commands Use this CLI command to configure Intrusion Detection System. Syntax ids(anomaly-detection|detect-window|ex-ops) ids anomaly-detection(all|invalid-frame-length|multicast-source| null-destination|same-source-destination|tkip-countermeasures|weak-wep-iv) (enable|filter-ageout) ids detect-window<5-300> ids ex-ops(80211-replay-fails|all|association-requests| authentication-fails|crypto-replay-fails|decryption-fails| disassociations|eap-starts|probe-requests|unassoc-frames) <0-86400> (filter-ageout |threshold(mu|radio|switch)<0-9999>) Parameters anomaly-detection Configure parameters related to the detection of anomalous frames on the RF network. - Page 434 17-21 Wireless Instance 80211-replay-fails 802.11 replay check failure Change for all types of excessive operations association-requests 802.11 Authentication and Association Requests authentication-fails Failure to Authenticate with servers (Radius/Kerberos) crypto-replay-fails TKIP/CCMP IV replay check failure decryption-fails decryption failures disassociations Disassociation and Deauthentication frames eap-starts EAP (802.1x) Start frames probe-requests...
-
Page 435: Mac-Auth-Local
17-22 WS5100 Series Switch CLI Reference Guide 17.1.15 mac-auth-local Wireless Configuration Commands Use this CLI command to configure local MAC authentication list. Syntax mac-auth-local<1-1000> (allow|deny)(Starting MAC Address)(Ending MAC Address)(range/list of WLAN indicies)WORD Parameters <1-1000> mac-auth-local entry allow allow mobile-units that match this rule to associate... -
Page 436: Manual-Wlan-Mapping
17-23 Wireless Instance 17.1.16 manual-wlan-mapping Wireless Configuration Commands Use this CLI command to manually map map/un-map the wlans configured on a radio. Syntax manual-wlan-mapping Parameters enable Enable support for manual-wlan-mapping Usage Guidelines Example WS5100(config-wireless)#manual-wlan-mapping enable WS5100(config-wireless)#... -
Page 437: Mobility
17-24 WS5100 Series Switch CLI Reference Guide 17.1.17 mobility Wireless Configuration Commands Use this CLI command to configure mobility parameters Syntax mobility(enable|local-address|max-roam-period|peer) mobility local-address (IP Address) mobility max-roam-period<1-15> mobililty peer (IP Address) Parameters enable Enable Mobility Globally local-address Set Local Addr for Mobility A.B.C.D... - Page 438 17-25 Wireless Instance 17.1.18 no Wireless Configuration Commands Use this CLI command to negate a command or set its defaults. Syntax no(adopt-unconf-radio|adoption-pref-id|ap-detection|broadcast-tx- speed|country-code|dhcp-sniff-state|dot11-shared-key-auth|fix-windows- dhcp|ids|mac-auth-local|manual-wlan-mapping|mobile- unit|mobility|oversized-frames|proxy-arp|qos-mapping|radio|self- heal|sensor|service|smart-scan-channels|wlan) Parameters Refer to Table 17.1 on page 17-1 for the parameters that can be negated using command.
-
Page 439: Oversized-Frames
17-26 WS5100 Series Switch CLI Reference Guide 17.1.19 oversized-frames Wireless Configuration Commands Use this CLI command to use oversized frames for data traffic. Syntax oversized-frames Parameters enable Enable support for oversized frames Usage Guidelines Example WS5100(config-wireless)#oversized-frames enable WS5100(config-wireless)#... -
Page 440: Proxy-Arp
17-27 Wireless Instance 17.1.20 proxy-arp Wireless Configuration Commands Use thie CLI command respond to ARP requests from the RON to WLAN on behalf of mobile-units. Syntax proxy-arp Parameters enable Enable support for proxy arp Usage Guidelines Example WS5100(config-wireless)#proxy-arp enable WS5100(config-wireless)#... -
Page 441: Qos-Mapping
17-28 WS5100 Series Switch CLI Reference Guide 17.1.21 qos-mapping Wireless Configuration Commands Use this CLI command to confiure and setup QoS mappings between the wired and wireless domains. Syntax qos-mapping(wired-to-wireless|wireless-to-wired) qos-mapping wired-to-wireless(dot1p<0-7>|dscp<0-63>) (background|best-effort|video|voice) qos-mapping wireless-to-wired(background|best-effort|video|voice) dot1p<0-7> Parameters wired-to-wireless Mappings used while switching wired traffic over the air. -
Page 442: Radio
17-29 Wireless Instance 17.1.22 radio Wireless Configuration Commands Use thie CLI command to configure radio related settings. Syntax radio (<1-1000>|RADIO|add|all-11a|all-11b|all-11bg| configure-8021X|default-11a|default-11b|default-11bg|dns-name) radio<1-1000>(adoption-pref-id|antenna-mode|beacon-interval|bss| cca-level|cca-mode|channel-power|coordinates| copy-config-from|description|detector|dtim-period|enforce-spec-mgmt| image-name|location-message|mac|max-mobile-units| on-channel-scan|reset|reset-ap|rts-threshold|run-acs| self-heal-offset|short-preamble|speed|wmm|) radio bss(<1-4>|auto>)WLAN radio channel-power(indoor|outdoor)(<1-200>|acs|random)<4-20> radio coordinates (x coordinates) (y coordinates)(z coordinates) radio copy-config-from(<1-1000>|default-11a|default-11b|default-11bg) radio dtim-period<1-50>... - Page 443 17-30 WS5100 Series Switch CLI Reference Guide adoption-pref-id <0-65535> A preference identifier for this radio port. The radio port is more likely to be adopted by a wireless switch that is its preferred wireless switch. antenna-mode Antenna diversity mode. You can select from the following options: <diversity|primary|secondary>...
- Page 444 17-31 Wireless Instance coordinates Configure the location of this radio in terms of x.y.z coordinates. (X,Y,Z coordinates) • <-65535-65535> – X Coordinate • <-65535-65535> – Y Coordinate • <-65535-65535> – Z Coordinate copy-config-from Copy the configuration from a previously configured radio. (<1-1000>|default-11a| •...
- Page 445 17-32 WS5100 Series Switch CLI Reference Guide reset reset a radio (this will only reset the specified radio, not the complete access-port) reset-ap reset the parent ap (this will reset all radios on that access-port) rts-threshold<0-2347> RTS threshold in bytes.
- Page 446 17-33 Wireless Instance speed Configure the basic and supported data rates / speed. • 1 1-Mbps • 11 11-Mbps • 12 12-Mbps • 18 18-Mbps • 2 2-Mbps • 24 24-Mbps • 36 36-Mbps • 48 48-Mbps • 54 54-Mbps •...
- Page 447 17-34 WS5100 Series Switch CLI Reference Guide wmm(background|best- 802.11e / Wireless MultiMedia (WMM) parameters (supported only on effort|video|voice) AP300). (aifsn<1-15>|burst<0-65535>| radio wmm(background|best- cw<0-15>) effort|video|voice)(aifsn<1-15>|burst<0-65535>| cw<0-15>) • background – background category traffic • best-effort– best effort category traffic • video –video traffic category traffic •...
- Page 448 17-35 Wireless Instance dns-name WORD (MAC Configure dns-name to be used in L3-Discovery on adopted access-ports. Address) • AA-BB-CC-DD-EE-FF – Change the dns-name only on the access-port with a specified MAC address. If not specified, the dns-name update is sent to all currently adopted access-ports.
-
Page 449: Self-Heal
17-36 WS5100 Series Switch CLI Reference Guide 17.1.23 self-heal Wireless Configuration Commands Use this CLI command to configure Self Healing. Syntax self-heal(interference-avoidance|neighbor-recovery) self-heal interference-avoidance(enable|hold-time<0-65535>| retries<0.0-15.0>) self-heal neighbor-recovery(action|enable|neighbors|run-neighbor-detect) self-heal neighbor-recovery action(both|none|open-rates|raise-power) radio(<1-1000>|RADIO) self-heal neighbor-recovery neighbors<1-1000>(<1-1000>|RADIO) Parameters interference-avoidance Interference Avoidance configuration enable enable/disable interference avoidance hold-time<0-65535>... - Page 450 17-37 Wireless Instance neighbors<1-1000> Add radios as neigbors. (<1-1000>|RADIO) run-neighbor-detect Disassociate all mobile-units, clear current neigbors and run neighbor detection. Usage Guidelines Example EXAMPLE OUTPUT HERE...
-
Page 451: Sensor
17-38 WS5100 Series Switch CLI Reference Guide 17.1.24 sensor Wireless Configuration Commands Use this CLI command to configure Wireless Intrusion Protection System parameters. Syntax sensor(default-config|vlan) sensor default-config(ip-mode|wips-server-ip) sensor default-config ip-mode(dhcp|static(A.B.C.D/M)(A.B.C.D)) sensor default-config wips-server-ip(primary|secondary)(A.B.C.D) Parameters default-config default configuration sent to sensors when they are configured. -
Page 452: Service
17-39 Wireless Instance 17.1.25 service Wireless Configuration Commands Use this CLI command to invoke the service commands to trobuleshoot or debug the instance configurations. (config-wireless) Syntax service(ap|clear|diag-shell|save-cli|show| start-shell|tethereal|wireless) service ap(force-dump)) service clear(all|cores|dumps|panics) service show(ap|cli|command-history|crash-info|info|last-passwd|reboot- history|startup-log|upgrade-history|wireless) service show ap beacon-count Parameters access-port serviceability parameters. - Page 453 17-40 WS5100 Series Switch CLI Reference Guide Example WS5100(config-wireless)#service clear all WS5100(config-wireless)# WS5100(config-wireless)#service clear cores WS5100(config-wireless)# WS5100(config-wireless)#service save-cli CLI command tree is saved as clitree.html. This tree can be viewed via web at http://<ipaddr>/cli/clitree.html WS5100(config-wireless)# WS5100(config-wireless)#service show ? access-port serviceability parameters...
- Page 454 17-41 Wireless Instance WS5100(config-wireless)#service tethereal ? LINE tethereal options in the format [-V (print detailed packet)] [-x (hex dump of packet)] [-p (no promiscuous mode for interface)] [-n (disable name resolution)] [-c <count> ] [-h (detailed help)] [-E (to capture ESPD) ][-e (capture nonEspd packets)] [-f <capture filter expression in format "xx xx xx">...
-
Page 455: Show
17-42 WS5100 Series Switch CLI Reference Guide 17.1.26 show Wireless Configuration Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch. Syntax show<paramater> Parameters Displays all the parameters for which the information can be viewed using the show command. - Page 456 17-43 Wireless Instance securitymgr Display debug info for ACL, VPN and NAT sessions Display current active open connections snmp Display SNMP engine parameters snmp-server Display SNMP engine parameters startup-config Contents of startup configuration terminal Display terminal configuration parameters timezone Display timezone upgrade-status Display last image upgrade status users...
-
Page 457: Smart-Scan-Channels
17-44 WS5100 Series Switch CLI Reference Guide 17.1.27 smart-scan-channels Wireless Configuration Commands Use this CLI command to configure a list of channels that are used on the network. This list will be provided to mobile-units that can support partial scanning. -
Page 458: Terminal
17-45 Wireless Instance 17.1.28 terminal Wireless Configuration Commands Use this command to set the length /number of lines to be displayed on the terminal window. Syntax terminal(monitor|no) terminal no(monitor) Parameters monitor Copy debug output to the current terminal line Negate a command or set its defaults Usage Guidelines Example WS5100(config-wireless)#terminal monitor... -
Page 459: Wlan
17-46 WS5100 Series Switch CLI Reference Guide 17.1.29 wlan Wireless Configuration Commands Use this CLI command to confiugure Wireless LAN related commands. Syntax wlan(<1-32>|WLAN) (accounting|answer-bcast-ess|authentication-type| description |dot11i|enable|encryption-type|hotspot|inactivity-timeout|kdc|mobility| mu-mu-disallow|qos|radius|secure-beacon|ssid|symbol-extensions |syslog|tunnel|vlan|wep128|wep64) wlan<1-32>(none|radius|ssyslog) wlan<1-32> authentication-type(eap|hotspot|kerberos|mac-auth|none) wlan<1-32> dot11i(handshake|key|key-rotation|key-rotation-interval| opp-pmk-caching|phrase|pmk-caching|preauthentication|second-key| tkip-cntrmeas-hold-time) wlan<1-32> dot11i handshake timeout<100-5000> retransmit<1-10>... - Page 460 17-47 Wireless Instance wlan<1-32> radius server(primary|secondary|timeout) wlan<1-32> radius server(primary|secondary) (ip-address(auth-port)<1024-65535>)(radius-key(0|2|LINE)) wlan<1-32> radius server timeout<1-60> retransmit<1-10> wlan<1-32> syslog (accounting) server<IP Address> port<Port Number> wlan<1-32> tunnel<1-32> gateway<IP Address and mask> wlan<1-32> wep128(key<1-4> (ascii|hex[0|2|WORD])|phrase(LINE)| wep-default-key<1-4>) Parameters <1-32> A single wlan index. WLAN A list (eg: 1,3,7) or range (eg: 3-7) of wlan indices. accounting Accounting on this WLAN.
- Page 461 17-48 WS5100 Series Switch CLI Reference Guide handshake Use handshake to configure the timeout and retransmission. timeout<100-5000> • timeout<100-5000> – The timeout in milliseconds, between retransmit<1-10> retries. • retransmit<1-10> – The number of retransmission attempts. key(0|2|WORD) Configure the key (PMK).
- Page 462 17-49 Wireless Instance tkip-cntrmeas-hold-time Configure the hold-time in seconds for which clients are blocked when tkip <0-65535> countermeasures are taken.Default is 60 seconds. enable() enable specified wireless lan(s). encryption-type() The encryption type for this WLAN. ccmp AES Counter Mode CBC-MAC Protocol (AES-CCM/CCMP) keyguard Keyguard-MCM (Mobile Computing Mode) none...
- Page 463 17-50 WS5100 Series Switch CLI Reference Guide webpage(external|internal) Modify hotspot page parameters. (failure|login|welcome) • external – Modify hotspot External page. • internal – Modify hotspot Internal page. • failure – Users are redirected to this webpage if they fail authentication.
- Page 464 17-51 Wireless Instance server Modify KDC server parameters. (primary|secondary) • primary – Primary kdc server (IP address) • secondary – Secondary kdc server auth-port <1-65535> • IP address – Kdc server IP address • auth-port<1-65535> – Kdc server authentication port. Default is 88.
- Page 465 17-52 WS5100 Series Switch CLI Reference Guide 802.11e / Wireless MultiMedia (WMM) parameters (supported only on (8021p|background| AP300). best-effort| • 8021p – Use 802.1p frame priority (field in the VLAN tag) to dscp|video|voice) determine packet priority. (aifsn|cw|txop-limit|acm) • background – background category traffic.
- Page 466 17-53 Wireless Instance radius (accounting| Modify Radius/802.1X related parameters. authentication-protocol| • accounting – Accounting Parameters dscpdynamic-authorization| • authentication-protocol – Authentication protocol to use in dynamic-vlan-assignment| the radius requests mobile-unit|reauth|server) • dscp – Specify a DSCP (Differentiated Services Code Point) value to provide QoS to Radius packets. •...
- Page 467 17-54 WS5100 Series Switch CLI Reference Guide authentication-protocol Authentication protocol to use in the radius requests. (chap|pap) • chap – Challenge Handshake Authentication Protocol • pap – Password Authentication Protocol dscp<0-63> Specify a DSCP (Differentiated Services Code Point) value to provide QoS to Radius packets.The DSCP value should be between 0-63.
- Page 468 SSID of this WLAN in Beacon frames. ssid The SSID of this WLAN. symbol-extensions fast- Enable support for Symbol extensions roaming (enable) • fast-roaming(enable) – Enable support for Symbol fast roaming. syslog (accounting) Syslog Accounting. server <IP Address> • accounting – Modify Accounting Parameters port <Port number>...
- Page 469 17-56 WS5100 Series Switch CLI Reference Guide wep128 (key<1-4> Configure WEP128 parameters. (ascii|hex)<0|2|WORD> | • key<1-4> – configure pre-shared hex keys phrase(LINE) | wep-default- • ascii – keys as ascii characters (5 characters for wep64, 13 for key<1-4>) wep128) • hex – keys as hexadecimal characters (10 characters for wep64, 26 for wep128) •...
- Page 470 WS5100(config-wireless)#wlan 25 mobility enable WS5100(config-wireless)# WS5100(config-wireless)#wlan 25 radius accounting timeout 30 retransmit 50 WS5100(config-wireless)# WS5100(config-wireless)#wlan 25 radius mobile-unit timeout 30 retransmit 5 WS5100(config-wireless)# WS5100(config-wireless)#wlan 25 ssid TestString WS5100(config-wireless)# WS5100(config-wireless)#wlan 25 symbol-extensions fast-roaming enable WS5100(config-wireless)# WS5100(config-wireless)#wlan 25 syslog accounting server 12.13.14.125 port 5005 WS5100(config-wireless)#...
- Page 471 17-58 WS5100 Series Switch CLI Reference Guide...
- Page 472 Symbol Technologies, Inc. One Symbol Plaza Holtsville, New York 11742-1300 http://www.symbol.com 72E-85974-01 Revision A October 2006...
Need help?
Do you have a question about the WS5100 Series and is the answer not in the manual?
Questions and answers