Home
WS5100 Series Switch
Contents
1. Syntax show crypto ipsec isakmp key map pki show crypto ipsec sa security association lifetime transformset show crypto isakmp policy lt 1 10000 gt sa show crypto key mypubkey show crypto map interface tag show crypto pki request trustpoints Parameters ipsec ipsec sa security association security association security association lifetime lifetime transformset transformset isakmp isakmp policy policy sa security association key Authentication key management mypubkey Public Key map map interface interface tag tag pki Public Key Infrastructure commands request Certificate Request trustpoints Show trustpoints 2 25 2 26 WS5100 Series Switch CLI Reference Guide Usage Guidelines Security engine periodically updates the IPSec and Isakamp statistics for every 60 seconds Example WS5100 config show crypto pki request tptest EGIN CERTIFICATE REQU MIIB2zCCAUQCAQAWaDELMAkGA1U MBAGA1UEBXMJYmFuZ2Fsb3J1 ZDESMBAGA1LUEAxMJdGVzdC1 j gQC3qisZdTn7rKzv5TrGtkt7 mM90igqxX8mCZeSELJIATpAVT2 uilLoizZH9iqawmkXEDI1TF hvcNAQkOMSQw I JALBgNVHO8 fw 5U EBAI EBhMCaW4xE JAOBGNVBAgTCWthcm5ShdGFryYTES Q8wDOYDVOOKEwZzewW1ib2wxDDAKBgNVBASsTA3dp ZXJOMIGE AOGCSqGS Ib3DQEBAQUAA4GNADCBiQKB waYpgehy15214f DLZYY WITTJFyKwW6s Pq2R kb4Br 9YOQDCWHs8 40XRUxKPeZ3WscBld2soPvK BbDWiOc fnqQKn8Tddeax JQIDAQABoDMwMQYJKoZI1 CBLAwEwYDVRO 1B
2. con con con con con is con con con con con con con con con con con con con con con fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless wlan wlan wlan under development wlan wlan wlan wlan wlan wlan wlan 25 25 25 25 25 25 25 25 25 25 Wireless Instance 17 57 dot1li key rotation interval 2000 enable hotspot webpage external failure This kde server primary 1 2 3 4 auth port 50000 mobility enable radius accounting timeout 30 retransmit 50 radius mobile unit timeout 30 retransmit 5 ssid TestString symbol extensions fast roaming enable syslog accounting server 12 13 14 125 port 17 58 WS5100 Series Switch CLI Reference Guide Symbol Technologies Inc One Symbol Plaza Holtsville New York 11742 1300 http Awww symbol com 72E 85974 01 Revision A October 2006
3. Command Description Ref clrscr Clears the display screen page 13 3 deny Specify packets to reject page 13 4 end End current mode and change to EXEC mode page 13 6 exit End current mode and down to previous mode page 13 7 13 2 WS5100 Series Switch CLI Reference Guide Command Description Ref help Description of the interactive help system page 13 8 mark Specify packets to mark page 13 9 no Negate a command or set its defaults page 13 1 permit Specify packets to forward page 13 1 service Service Commands page 13 1 show Show running system information page 13 1 terminal Set terminal line parameters page 13 1 13 1 1 clrser gt Extended ACL Config Commands Use this CLI command to clear the display screen Syntax clrscr Parameters None Usage Guidelines Example WS5100 config ext nacl clrscr WS5100 config ext nacl Extended ACL Instance 13 3 13 4 WS5100 Series Switch CLI Reference Guide 13 1 2 deny gt Extended ACL Config Commands Use this CLI command to specify packets that you want to reject Syntax deny icmp ip tcp udp deny icmp Source IP Address Destination Address lt 0 255 gt 1log rule precedence lt 1 5000 gt wlan lt 1 32 gt deny icmp Source IP Address Destination Address log rule precedence lt 1 5000 gt deny icmp Source IP Address Destination Address rule precedence lt 1 5000 gt deny icmp Source IP Address
4. WS5100 Series Switch CLI REFERENCE GUIDE symbol The Enterprise Mobility Company About This Guide Chapter 1 Introduction 2 WS5100 Series Switch CLI Reference Guide Transposing Mistyped Characters 2 0 0 0 ccc cece eee ees 1 12 Controlling Capitalization er srierirrsriirererrrsrirriveirrrpiria 1 12 Chapter 2 Common Commands COMMOR Comma S 40s ceesprtoartenragdtdadraceserpraceebicaeanned 2 2 ren cemackacetageeant es EE E E E E E E 2 3 CME EESE OET EE TEE EEEE E E AE TETE E E EEE EEN 2 4 EE E EEE E E 2 5 a ES PIE ETE EE O EE E E TE 2 7 Ar ATN EET EEEE E ET A S rs nid hgh dp S I EENT 2 8 e CALC EEEE ae EEE EEE OE 2 19 E OME LEE ON O E eee hes O NETE E A AO ETEA E 2 20 O EEr IE EEEE EE EE E E EEE EEEE 2 22 a AENEIS EEEE VOTA EEEIEE VEE TA PEII TE EOE N ans 2 23 A ANNE AEE EA T EA T REOSE ITEN ET EEOSE 2 24 CIE eb eco NENS VITON LN EN IATE SLTA TTET 2 25 E E EE EE E E E EEE E E ET 2 28 MISO E EE EEE TA PEE EEEE IEE E EE EEEN 2 29 MEE e P EAE EE E ESENE show EE S E EAEE E E 2 30 ET EATE ENTE INNTE EIT ILLET ERT EIT EE 2 32 eE PEE MEE DEAT LETE EET E TEEN AE EOE O IT LETT 2 38 ae na en EE NA ERETTE LE A SE de ree aes A E E 2 40 GIG EELE VE Ke TETN TEAS ETEINEN EEE S VTE 2 41 Wee E A E E E AE ONE PISETE E E E 2 42 MANNION EE SASAE AA VAEA TIELET bebe E TIS TTE 2 43 i AEA ac owe EE AAA A EEA AE E ETET 2 44 Nr AA E E EE EEE EE SEE EIEE EE TT O O 2 47 HEHE SENET EISE E dana A TTE ETTET 2 49 E E
5. Specify authentication key transformset lt name gt Use the set transform set command to assign a transform set to a crypto map crypto map 10 13 Usage Guidelines WS5100 config crypto map set peer name If no peer IP address is configured the manual crypto map is not valid and not complete A peer IP address is required for manual crypto maps To change the peer IP address the no set peer command must be issued first then the new peer IP address can be configured WS5100 config crypto map set pfs If left at the default setting no perfect forward secrecy PFS will be used during IPSec SA key generation If PFS is specified then the specified Diffie Hellman Group exchange will be used for the initial and all subsequent key generation thus providing no data linkage between prior keys and future keys WS5100 config crypto map set security association lifetime kilobytes seconds Values can be entered for this command in both kilobytes and seconds Whichever limit is reached first will end the security association WS5100 config crypto map set session key inbound outbound ah esp WS5100 config crypto map set session key inbound outbound ah lt hexkey data gt WS5100 config crypto map set session key inbound outbound esp lt SPI gt cipher lt hexdata key gt authenticator lt hexkey data gt The inbound local SPI security parameter index must equal the outbound remote SPI The outbound local SPI
6. WS5100 config ext macl exit WS5100 config 15 8 WS5100 Series Switch CLI Reference Guide 15 1 5 help gt MAC Extended ACL Config Commands Use thie CLI command to access the systems interactive help system Syntax help Parameters None Usage Guidelines Example WS5100 config ext macl help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config ext macl 15 1 6 mark gt MAC Extended ACL Config Commands Extended MAC ACL Instance 15 9 Use this CLI command to specify packet that you want to mark Syntax mark 802 1p lt 0 7 gt tos lt 0 255 gt Source MAC Address Destination MAC Address dotlp lt 0 7 gt type vlan lt 1 4095 gt wlan lt 1 32 gt rule precedence lt 1 5000 gt mark 802 1p lt 0 7 gt tos lt 0 255 gt Source MAC Address Destination MAC Address dotlp lt 0 7 gt rule precedence lt 1 5000 gt mark 802 1p lt 0 7 gt tos lt 0 255 gt Source MAC Address Destination MAC Address type lt 1 65
7. gt Common to all modes Syntax show ldap configuration primary secondary Parameters Idap LDAP Server configuration Idap server configuration parameters primary primary ldap server secondary secondary ldap server Example WS5100 config radsrv show ldap configuration LDAP Server Config Details Primary LDAP Server configuration IP Address Port Login 10 10 10 1 369 sAMAccountName Stripped User Name User Name Bind DN cn kumar ou symbol dc activedirectory dc com Base D ou symbol dc activedirectory dc com Password 0 symbol 123 Password Attribute UserPassword Group Name cn Group Membership Filter amp objectClass group member Ldap UserDn Group Member Attr radiusGroupName Net timeout Secondary LDAP IP Address Port Login 1 second s 10 10 10 5 369 sAMAccountName Stripped User Name User Name Bind DN cn kumar ou symbol dc activedirectory dc com Base DN ou symbol dc activedirectory dc com Password Password Attribute Group Name Group Membership Filter UserDn Group Member Attr Net timeout Common Commands 2 39 0 symbol 123 UserPassword cn amp objectClass group member Ldap radiusGroupName 1 second s 2 40 WS5100 Series Switch CLI Reference Guide 22 10 licenses gt Common to all modes Syntax show licenses Parameters N
8. Clear Mobility MU Event Log peer log Clear Mobility PEER Event Log peer statisitcs Clear Mobility Peer Statistcs wireless statistics Clear all wireless statistics Example Privileged Exec Commands 4 11 4 1 6 clock gt Priv Exec Command Use this command to configure the software system clock Syntax clock set HH MM SS 1 31 MONTH 1993 2035 Parameters set Set system date amp time Usage Guidelines Example WS5100 clock set 15 10 30 08 Sep 2006 WS5100 show clock Sep 08 15 10 31 UTC 2006 4 12 WS5100 Series Switch CLI Reference Guide 4 1 7 cluster cli gt Priv Exec Command Use this CLI command to enable the cluster context Syntax cluster cli enable Parameters enable Enables cluster context Example 4 1 8 configure gt Priv Exec Command Use this CLI to enter into configuration mode Syntax configure terminal Parameters Privileged Exec Commands terminal Configure from the terminal Usage Guidelines Example WS5100 configure terminal Enter configuration commands one per line WS5100 config End with CNTL Z 4 13 4 14 WS5100 Series Switch CLI Reference Guide 4 1 9 copy gt Priv Exec Command Use this command to copy from one file to another file Syntax copy FILE URL FILE URL Parameters FILE File from which to copy URL URL from which to copy Usage Guidelines Example Transfering
9. drwx 1024 Thu Aug 31 23 50 09 2006 crashinfo rw 14271 Tue Jul 25 15 16 41 2006 Radius config rw 14271 Wed Jul 26 15 42 08 2006 flash drwx 1024 Wed Aug 9 17 35 08 2006 radius rw 3426 Wed Jul 26 16 08 02 2006 running config new rw 13163 Wed Jul 26 16 08 42 2006 radius config rw 80898 Thu Aug 17 14 59 39 2006 cli_commands txt rw 65015 Fri Aug 11 19 57 37 2006 cli_commands txtli_commands txt rw 65154 Thu Aug 17 15 11 23 2006 cli_commands_180B txt rw 32 Sat Sep 2 00 15 38 2006 cli_commands save 4 1 30 telnet gt Priv Exec Command Use this command to open a telnet session Syntax telnet WORD PORT Parameters Privileged Exec Commands WORD IP address or hostname of a remote system Usage Guidelines Example WS5100 telnet 157 111 222 33 Entering character mode Escape character is Red Hat Linux release 9 Shrike Kernel 2 4 20 6bigmem on an i686 login cli Password 4 37 4 38 WS5100 Series Switch CLI Reference Guide 4 1 31 traceroute gt Priv Exec Command Use this CLI command to trace the route to destination Syntax traceroute WORD ip WORD Parameters WORD Trace route to destination address or hostname ip IP Trace Example WS5100 traceroute 157 222 333 33 traceroute to 157 235 208 39 157 235 208 39 30 hops max 38 byte packets 1 157 235 208 39 157 235 208 39 0 466 ms 0 363 ms 0 226 ms WS5100 Privileged Exec Commands 4 1 32
10. dynamic authorization enable Configure support for Radius dynamic authorization extensions such as Disconnect Message and Change Of Authorization as described in RFC 3576 e enable Enable support for Radius dynamic authorization dynamic vlan assignment Allow users to be assigned to Radius server specified VLANs instead of only the vian that is mapped to this wlan e enable Enable dynamic radius assigned vlan assignment mobile unit timeout lt 60 gt retransmit lt 70 gt Modify Radius 802 1X supplicant related parameters e timeout lt 1 60 gt Time in seconds that the wireless switch waits for a response from the mobile unit before retrying e retransmit lt 1 10 gt Number of retries before the wireless switch will give up and disassociate the mobile unit reauth lt 30 65535 gt Enable periodic reauthentication of all associated mobile units e lt 30 65535 gt Reauthentication period in seconds server primary secondary ip address auth port lt 7024 65535 gt radius key 0 2 LINE Modify Radius 802 1X server parameters e primary Primary radius server e secondary Secondary radius server e ip address Radius server IP address e auth port lt 1024 65535 gt Radius server authentication port default 181 2 e radius key Radius server shared secret upto 127 characters e Password is specified UNENCRYPTED e 2 Password is encrypted with pa
11. 12 22 WS5100 Series Switch CLI Reference Guide 12 1 16 switchport gt Interface Config commands Use this CLI command to set switching mode characteristics of the selected interface Syntax switchport access mode trunk switchport access vlan lt 1 4094 gt switchport mode access trunk switchport trunk allowed native switchport trunk allowed vlan add none remove VLAN_ID switchport trunk native tagged vlan lt 1 4094 gt Parameters access Set access mode characteristics vlan Set VLAN when interface is in access mode lt 1 4094 gt Access VLAN ID mode Set the mode of the Layer2 interface access Set the Layer2 interface as access trunk Set the Layer2 interface as trunk trunk Set trunking mode characteristics allowed Set trunking mode allowed vian characteristics vlan Set the allowed VLANs add add VLANs to the current list none Allow no VLANs to Xmit Rx through the Layer2 interface remove Remove VLANs from the current list VLAN_ID The List of the VLAN IDs that will be added removed e g 10 20 25 30 35 native Set native trunking characteristics tagged Tag the native vlan vlan Set the native VLAN for classifying untagged traffic lt 1 4094 gt The native VLAN id when interface is in trunking mode interface Instance 12 23 Usage Guidelines Example WS5100 config if switchport mode access WS5100 config if 12 24 WS5100 Series Switch CLI Reference G
12. E ALETE EEE RAPAE ENE EEA EE VE EEIE EEEE EN 15 9 YOM PERE ted ted td cs OEE A EE EAN EEEE AEEA E E 15 11 EE AET E EE AAE AEA E EEA E PEA NT 15 12 e AIETE SFIN ESTANTE PIS EOTS S EINAT E TEST 15 13 BUM PEN AEE IA VE EAEE EIE AL EAE ANEI A AEN ET 15 15 e E EEEE ENL E Be E ET T EAT ca awe 15 17 Chapter 16 Radius Server Instance Radius Configuration Commands ssirsssereerierirriresrirreridriri ris 16 1 ee Eeo E EE E E E E E 16 3 A errrorioki irii rena aea ra aa 16 4 P aaraa eaaa aa 16 5 EE 1E EEEE OENE AE SESTE A E EENE E 16 6 ERETTI OEE S AEREE IEE TET ESI TETEE T E TEETE 16 7 E EEE E PIE E nee A AN E A EAEL Y YET ET TET E 6 8 COUP EENS EE EE E E A TEE A A N EE A EEE TET 16 9 Ga cers E EEA LAA E EEE EEA eae EA ELE 16 10 21s ae eee ont ee ae ee ate ear ee ener are ra ee ee rere eae 16 10 BU PAI S EIE E TE EEE EN OE TE PA PERES F T 16 11 OU arree aE 16 11 ESEO e e tegaan a re 16 12 E EE TE EEE TNE T E ESEA PEES CIE T 16 12 Menge a a E 16 13 O eo ae ee a a e EA 16 14 TE EEE TENE E E T PESE TENE PEE E 16 15 STG ETTET IEE E EEEE TEESE TETEN 16 16 IO cat wt nce oe EAE E EAN T OE EE E EEEN 16 16 n EET EEA E E IE EIN ITE TENENTES OE E AA 16 18 Example Creating aGroup 0 0 ce cece eee nee een ees 16 19 WN arere rier rerea ee eee Hass aae 16 21 aE EREITEA EAT ETTET PET ETEN SE EINE ATA T 16 22 E AORE NE PE EEE T EE PATTO ETEN AEA wae au AT 16 23 A ced PEIES cud PASATEN IE ET IENE VE AIEE ONSET TIT EEE 16 24 e noch E EE ES A A E TE EE A
13. Following are a few conventions to keep in mind while working within the command line interface Always use at the end of the command to view if there are any further sub modes that can be used If yes type the first few alphabets of the submode and press the tab key to add the submode Continue using the until you reach the final sub submode that you would like to use for configuration of the WS5100 Series Switch Pre defined CLI commands and keywords are case insensitive cfg cfg crc However mostly for clarity CLI commands and keywords are displayed in this guide using mixed case For example apPolicy trapHosts channelInfo You can enter commands in uppercase lowercase or mixed case Only passwords are case sensitive If an instance name or other parameter contains whitespace the name must be enclosed in quotes WS5000 Cfg gt spol Default Switch Policy WS5000 Cfg SPolicy Default Switch Policy gt NOTE CLI commands starting with at the ws5100 prompt is ignored and is not executed Any leading space before a CLI command is ignored in execution Introduction 1 5 Using CLI Editing Features and Shortcuts A variety of shortcuts and editing features are enabled for the Symbol CCB CLI The following subsections describe these features e Moving the Cursor on the Command Line e Completing a Partial Command Name e Deleting Entries e Re displaying the Current Command Line e Tra
14. Halt and perform a warm reboot Service Commands Show running system information Upgrade firmware image 15 14 WS5100 Series Switch CLI Reference Guide WS5100 config ext macl service save cli CLI command tree is saved as clitree html This tr can be viewed via web at http lt ipaddr gt cli clitree html WS5100 config ext mac1 WS5100 config ext macl service show cli Show CLI tree of current mode command history Display command except show commands history crash info Display information about core panic and AP dump files info Show snapshot of available support information D S S last passwd isplay last password used to enter shell reboot history how reboot history startup log how startup log upgrade history Show upgrade history WS5100 config ext macl service show WS5100 config ext macl service start shell Last password used password with MAC 00 a0 f8 65 ea 8e WS5100 config ext macl WS5100 config ext macl service tethereal LINE tethereal options in the format V print detailed packet x hex dump of packet p no promiscuous mode for interface n disable name resolution c lt count gt h detailed help E to capture ESPD J e capture nonEspd packets f lt capture filter expression in format xx xx xx gt i lt interface on which to capture packets gt W wisp packet only s lt
15. Wireless Instance 17 41 g wireless service tethereal LINE tethereal options in the format only print detailed packet x hex dump of packet no promiscuous mode for interface disable name resolution c lt count gt h detailed help to capture ESPD e capture nonEspd packets lt capture filter expression in format xx xx xx gt lt interface on which to capture packets gt W wisp packet lt snaplen gt r lt filename gt read contents of specified file WS5100 confi WS5100 confi dump core dump state mu history mu history rate scale request ap WS5100 confi lt savefile gt save capture in specified file for examples on tethereal capture filter g wireless service tethereal g wireless service wireless Create a core file of the ccsrvr process Create a ccsrvr dump file in nvram with internal state information Enable mu association history clear Delete all mu association history files Enable wireless rate scaling default log Request ap Log g wireless service wireless 17 42 WS5100 Series Switch CLI Reference Guide 17 1 26 show gt Wireless Configuration Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the parameters for which the
16. best effort category traffic dscp Use DSCP Differentiated Services Code Point bits in the IP header to determine packet priority video video traffic category traffic voice voice traffic category traffic aifsn Arbitration Inter Frame Spacing Number the wait time in milliSeconds between data frames is derived using AIFSN and the slot time cw Contention Window parameters wireless stations pick a number between 0 and the minimum contention window to wait before retrying transmission Stations then double their wait time on a collision until it reaches the maximum contention window txop limit transmit opportunity an interval of time when a particular WMM STA has the right to initiate transmissions onto the wireless medium acm admission control parameters Wireless Instance 17 53 radius accounting authentication protocol dscpdynamic authorization dynamic vlan assignment mobile unit reauth server Modify Radius 802 1X related parameters accounting Accounting Parameters authentication protocol Authentication protocol to use in the radius requests dscp Specify a DSCP Differentiated Services Code Point value to provide QoS to Radius packets dynamic authorization Configure support for Radius dynamic authorization extensions such as Disconnect Message and Change Of Authorization as described in RFC 3576 dynamic vlan assignment Allow users to be a
17. e switch to wired Disallow by switching the frame out on the wired side to allow an externalswitch to decide whether this frame is to be allowed or dropped qos Quality of Service commands classification background best effort video voice wmm Select how traffic on this WLAN must be classified relative prioritization on the access port e background All traffic on this wlan is treated as background traffic e best effort All traffic on this wlan is treated as Best Effort e video All traffic on this wlan is treated as Video e voice All traffic on this wlan is treated as Voice e wmm Use WMM based classification using DSCP or 802 1p tags to classify traffic into different queues mcast1 mcast2 AA BB CC DD EE FF The Egress prioritization multicast mask e AA BB CC DD EE FF Mac address in AA BB CC DD EE FF format prioritize voice Prioritize voice frames over general data frames applies non WMM mobile unit svp enable Enable Spectralink Voice Prioritization support on this WLAN 17 52 WS5100 Series Switch CLI Reference Guide wmm 8021 p background best effort dscp video voice aifsn cw txop limitjacm 802 11e Wireless MultiMedia WMM parameters supported only on AP300 8021p Use 802 1p frame priority field in the VLAN tag to determine packet priority background background category traffic best effort
18. 10 WS5100 Series Switch CLI Reference Guide Keystrokes Function Function Details Summary Ctrl E End of line Moves the cursor to the end of the command line Ctrl d Delete current characte Ctrl U Delete text up to cursor Ctrl K Delete from cursor to end of line Ctrl P Get prior command from history Ctrl N Get next command from history Esc C Convert rest of word to uppercase Esc L Convert rest of word to lowercase Esc D Delete remainder of word Ctrl W Delete word up to cursor Ctrl Z Enter command and return to root promp Ctrl L Refresh input line 1 5 2 Completing a Partial Command Name If you cannot remember a complete command name or if you want to reduce the amount of typing you have to perform enter the first few letters of the command then press the Tab key The command line parser will complete the command if the string entered is unique to the command mode If your keyboard does not have a Tab key press Ctrl l instead The CLI will recognize a command once you have entered enough characters to make the command unique For example if you enter conf in privileged EXEC mode the CLI will be able to associate your entry with the configure command because only the configure command begins with conf In the following example the CLI recognizes the unique string for privileged EXEC mode of conf when the Tab key is pressed WLAN Module conf lt Tab gt WLAN Module configure Wh
19. 2006 SKERN 5 NOTICE 255MB LOWMEM available Aug 30 15 32 43 2006 KERN On node 0 totalpages 65344 Aug 30 15 32 43 2006 KERN DMA zone 4096 pages LIFO batch 1 Aug 30 15 32 43 2006 KERN Normal zone 61248 pages LIFO batch 31 Aug 30 15 32 43 2006 KERN HighMem zone 0 pages LIFO batch 1 Aug 30 15 32 43 2006 SKERN 6 INFO DMI 2 3 present Aug 30 15 32 43 2006 KERN ACPI RSDP v000 ACPIAM Ox000 7720 Aug 30 15 32 43 2006 KERN ACPI RSDT v001 AM I OEMRSDT 0x09000512 MSFT 0x00000097 Ox0ff40000 Aug 30 15 32 43 2006 KERN ACPI FADT v002 AM I OEMFACP 0x09000512 MSFT 0x00000097 Ox0ff40200 Aug 30 15 32 43 2006 KERN ACPI MADT v001 AM I OEMAPIC 0x09000512 MSFT 0x00000097 Ox0ff40300 Aug 30 15 32 43 2006 KERN ACPI OEMB v001 AM I OEMBIOS 0x09000512 MSFT 0x00000097 Ox0ff50040 Aug 30 15 32 43 2006 KERN ACPI DSDT v001 1ABVF 1ABVF007 0x00000007 INTL 0x02002026 Ox00000000 WS5100 gt service show upgrade history 2 18 WS5100 Series Switch CLI Reference Guide Configured size Date amp Time Old Version of upgrade history is 50 New Version Status Aug 29 Aug 17 Aug 11 Aug 11 tftp Aug 09 Jul 26 Jul 26 tftp Jul 26 18 30 15 07 T9329 19 28 server 17303 Los Ts T5165 server LOLO 43 2006 3 03 2006 3 41 2006 3 52 2006 3 says File 25 2006 3 14 2006 3 40 2006 3 says File 08 2006 3 tftp C Unknown host
20. 40 12 2006 null vty 131 config t Aug 31 23 40 12 2006 null vty 131 enable Aug 31 23 40 11 2006 null vty 131 enable Aug 31 16 30 14 2006 null con 0 configure terminal Aug 31 16 30 04 2006 null con 0 en Aug 31 16 29 21 2006 null con 0 exit Aug 30 19 54 13 2006 null vty 130 enable Aug 30 19 53 09 2006 null vty 130 disable Aug 30 19 41 12 2006 null vty 130 clear mobility peer statistics 15 7 235 208 39 WS5100 gt service show crash info Coredump files Name Size Date amp Time imish_8990_200B core gz 299 5k Aug 31 23 50 WS5100 gt WS5100 gt service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 1M out of 18 6M available for crashinfo List of Files imish_8990_200B core gz 299 5k Aug 31 messages log 200 Aug 30 snmpd log 316 Aug 30 startup log 16 5k Aug 30 command history 9 6k Aug 31 reboot history 2 3k Aug 30 upgrade history 782 Aug 29 Please export thes WS5100 gt WS5100 gt service show memory MemTotal 256220 kB MemF ree 155628 kB Buffers 1596 kB Cached 27912 kB SwapCached 0 kB Active 53832 kB Inactive 16272 kB HighTotal 0 kB HighFree 0 kB LowTotal 256220 kB LowFree 155628 kB SwapTotal 0 kB SwapFree 0 kB Dirty 0 kB Writeback 0 kB apped 50768 kB Slab 9984 kB CommitLimit 128108 kB Committed_AS 75368 kB PageTables 468 kB 23 Ls 153 Ls 23 15 18 files or delete them for more 50 32 3
21. 4096 gt AA BB CC DD EE FF statistics how wireless phrase to key wep128 wep64 how wireless gqos mapping wired to wireless wireless to wired how wireless radio lt 1 1000 gt beacon table config lt 1 1000 gt default lla default 11b default 11bg monitor table statistics AnNnNnAAHAAN A show wireless regulatory country codes show wireless self heal config lt 1 1000 gt show wireless sensor default config discovered sensors show wireless unapproved aps show wireless wireless switch statistics detail s how wireless wlan config lt 1 32 gt all enabled statistics lt 1 32 gt 2 64 WS5100 Series Switch CLI Reference Guide Parameters ap Status of adopted access port lt 1 48 gt The index of the access port for detailed information AA BB CC DD EE FF The MAC address of a access port for detailed information ap detection config Detected AP Configuration Parameters ap images List of access port images on the wireless switch ap unadopted List of unadopted access port approved aps Approved APs seen by access port scans channel power List of available channel and power levels for a radio 11a radio is of type 802 11a 11b radio is of type 802 11b 11bg radio is of type 802 11bg indoor radio is placed indoor outdoor radio is placed outdoor config Wireless Configuration Parameters
22. CLI Reference Guide 11 1 14 subject name gt Trustpoint Config commands Use this CLI to create a subject name to configure a trustpoint Subject name is a collection of required parameters to configure a trustpoint Syntax subject name Parameters WORD Enter a brief description as prompted by the parameter Usage Guidelines Example WS5100 config trustpoint subject name TestPool WORD Country 2 character ISO Code WS5100 config trustpoint subject name TestPool US WORD State 2 to 128 characters WS5100 config trustpoint subject name TestPool US OH WORD City 2 to 128 characters WS5100 config trustpoint subject name TestPool US OH PB WORD Organization 2 to 64 characters WS5100 config trustpoint subject name TestPool US OH PB SYMBOL WORD Organization Unit 2 to 64 characters WS5100 config trustpoint subject name TestPool US OH PB SYMBOL WID lt cr gt WS5100 config trustpoint subject name TestPool US OH PB SYMBOL WID WS5100 config trustpoint interface Instance Use config if instance to configure the interfaces ethernet vlan and tunnel associated with the WS5100 Series Wireless Switch 12 1 Interface Config commands Table 12 1 summarizes the config i commands within the WS5100 Series Switch command line Table 12 1 Interface Config Command Summary Command Description Ref c
23. Destination Address wlan lt 1 32 gt log rule precedence lt 1 5000 gt Syntax deny ip Source IP Address Destination IP Address Log rule precedence lt 1 500 gt wlan lt 1 32 gt deny ip Source IP Address Destination IP Address log rule precedence lt 1 500 gt deny ip Source IP Address Destination IP Address rule precedence lt 1 500 gt deny ip Source IP Address Destination IP Address wlan lt 1 32 gt log rule precedence lt 1 500 gt Syntax deny tcpludp Source IP Address Destination IP Address deny tcpludp Source IP Address Destination IP Address log deny tcpludp Source IP Address Destination IP Address log wlan lt 1 32 gt deny tcpludp Source IP Address Destination IP Address log rule precedence lt 1 5000 gt deny tcpludp Source IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt Destination IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt deny tcpludp Source IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt Destination IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt log Extended ACL Instance 13 5 deny tcp udp Source IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt Destination IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt log wlan lt 1 32 gt deny tcp udp Source IP Address eq lt 1 65535 gt range lt 1 65535
24. Display SNMP engine parameters startup config Contents of startup configuration terminal Display terminal configuration parameters timezone Display timezone upgrade status Display last image upgrade status users Display information about terminal lines version Display software amp hardware version wireless Wireless configuration commands WS5100 config wireless show 17 44 WS5100 Series Switch CLI Reference Guide 17 1 27 smart scan channels gt Wireless Configuration Commands Use this CLI command to configure a list of channels that are used on the network This list will be provided to mobile units that can support partial scanning Syntax smart scan channels 1la 11bg lt 1 200 gt Parameters 11a Specify channel list for the 5Ghz band used by 802 11a mobile units 11bg Specify channel list for the 2 4Ghz band used by 802 11bg mobile units lt 1 200 gt List of channels Usage Guidelines Example EXAMPLE OUTPUT HE Wireless Instance 17 45 17 1 28 terminal gt Wireless Configuration Commands Use this command to set the length number of lines to be displayed on the terminal window Syntax terminal monitor no terminal no monitor Parameters monitor Copy debug output to the current terminal line no Negate a command or set its defaults Usage Guidelines Example WS5100 config wireless terminal monitor WS5100 config wireless WS5100 config wire
25. EENI OE EEE SN EEIE EE EEE EEE NA E T 13 3 CS pet agate eke nye eye ne ed eae ares ee eee 3 4 CN EEIE EOE PE eee seb TA ETE E 3 6 gt E EAEN E EET PEA ec ache ind hice babe 3 7 liE NEEE E IAEA E ESATE EA EE E E E O 3 8 E EERO AE AEMET E EE TEEI OAI AEE EA EN 3 9 ie EEN PETERE eel tele cere eek ES TATEN AIEE TETEE 13 11 E ENEE EEEE OTEN E SE PEE EEEE N OE 13 12 E AEE EEPE E EIEE E E EE EE T A E T 13 14 SW EENES TEETE ETE LEET PEELEN SEE EEIEIEE TEE TO 13 16 MBIA A E E E AE ETEN E E EE EN E ET 13 18 Chapter 14 Standard ACL Instance Standard ACL Contig Commands 1 0 0 2 20k0se0tesaexeaverendecas 14 1 OUT ocean at EEI TLEN AOE E NTO IEO EVEI NEIN TOTTA 14 3 DN EELE IEL T E ENA A VENT EE ENE E EE E EE 4 4 OM ERETT TEIE TEES LEE OLETE EE IEA EEE TOE CORET T 14 5 E AN E TEE PAT YE EEIE T PE ENEA T EIEEEI E TE 14 6 MEMS ct AN TET EE E ET ETA E ETEEN ESE TEOT EN 14 7 A ANER SIEEN TNE POEPEN E EELNE EA EEE TELE AT E E E ETET T 4 8 FD E E AES A EEE ENE AA T LE E E E EE A E 14 9 IEEE AEE AOE VE IEE TERLER PEINE EE ETS TO NN 14 10 SOONG N ESSEET TEE ETE EPET E EEEE 14 11 RUIN WSPA ce hd PEPE PEENE EEEE ATAI SE PISANE 14 13 A ereraa EE EE 14 15 Chapter 15 Extended MAC ACL Instance MAC Extended ACL Config Commands 000 0 cece eee eee es 15 1 OO ort oh EA Rane eee EVE OEP IEE E EIEE 15 3 E Kae E EE EAS EE PE EE ee 15 4 E PEIPER EEEE EE EASA AAAS N IE EEE EEIN AEAT F 15 7 Hei E PETET T E A E ek TE ET S dad ede A ENEE 15 8
26. ETE E E E S 16 25 10 WS5100 Series Switch CLI Reference Guide A E ceca hes E dreds LE SEAE TIEN S AA LE N ETEN 16 27 SUC EPE T E EE E ETE ATE AE AEE A E E EERE 16 28 E Nh dh sdten died sc ated PENE SEEE EITA ANES ES r 16 29 SOW eee AE EEE 16 30 Date EEE E EP S EE E EA OAE EL ede O TEN ETA 16 32 Chapter 17 Wireless Instance Wireless Configuration Commands n s aaae 0 000 c cece eee eee ees 17 1 SHOU ea aree e nest EET E taeda hard eed osdyedeineduds 17 4 adoption prefid nis occkeoacd ane vede nana eedehaw dee einananmaedes 17 5 PC E NE EE EN EEE EE ene eni E EE EE E A E 17 6 broadcast Speed eresie oe aA AES EAE ROEN 17 8 O seere irea a EN 17 9 a AN ESER ENES L ES E T E TAN 17 10 E aE EEEE EE EA EE AE E AEEA ETT 17 11 dems o ersrserdurdsidsniearida btr i Bung Wind wknd 4 ddas 17 14 dot11 shared key auth n on nannan cece ene ee 17 15 OM E AA EENE EAA T NT E ESAT NTT ITSEN 17 16 EN ALIAN E N A E ENT A E EE E ETT 17 17 E a e E EEE A E EE A EEN 7 18 E Tee ee oe ee EEIE ene eee L TERVE ET E LESE ere T 7 19 i syed dred eh AEA Pe eae Eada E EE NS 17 20 mac auth local oireena a ae ee 17 22 E EEEo ola e a E E E EE EE OE 17 23 MOUNT E EEE TETE LET E EE EEA EO E E EEE AET 17 24 We easton ET EEE E ELETE E E A NA E EETA 17 25 EE e EE E EEA S EENET TN 17 26 E a I NEEE and E E AEE A EE E EE EET 17 27 aea E EEEE EEEE EEEE E EET EET EEEN 17 28 PANG ss Saute es SAS Sad aoe A shoe bee EA lee cake AE 17 29 SOE ered ae line deere er
27. IP routing table to display A B C D M IP prefix lt network gt lt length gt e g 35 0 0 0 8 detail IP routing table in detail routing IP routing status ssh Secured Shell SSH server telnet Telnet server 2 34 WS5100 Series Switch CLI Reference Guide Usage Guidelines 1 It has been noted that the interface status and vlan status is displayed as UP inspite of a disconnection In such a case you need to shutdown the vlan Follow the steps gievn below a Check the status of interface and vlan using WS5100 config show ip interface brief Interface IP Address Status Protocol vlan1 157 235 208 69 DHCP up up vlan3 unassigned up up WS5100 config If the stauts of the VLAN is UP even if eth1 eth2 is diconnected then shutdown the VLAN associated with eth1 using WS5100 config if show ip interface vlan 3 brief Interface IP Address Status Protocol vlan3 unassigned up up WS5100 config if shutdown Now check the stauts and you will note that VLAN has now been disassociated and the status is now DOWN WS5100 config show ip interface brief Interface IP Address Status Protocol vlan1 157 235 208 69 DHCP up up vlan3 unassigned administratively down down WS5100 config 2 The above instance may also happen when a DHCP interface is disconnected The DHCP is not effected though because it runs on a virtual interface and not on teh physical interface In this case it is the physical interface that
28. Jan 1 00 00 00 2 root Jan 1 00 00 00 3 root Jan 1 00 00 00 LOCATION IDLE Console 00 00m 1970 157 235 208 105 00 38m 1970 157 235 208 105 00 00m 1970 WS5100 kill session 9 o Error Invalid session number WS5100 kill session 3 Connection closed by foreign host xyz xyz xyz 4 25 4 26 WS5100 Series Switch CLI Reference Guide 4 1 20 logout gt Priv Exec Command Use this CLI command to exit from the EXEC mode Syntax logout Parameters None Usage Guidelines Example WS5100 logout WS5100 release 3 0 0 0 200B Login as cli to access CLI WS5100 login 4 1 21 mkdir gt Priv Exec Command Use this CLI command to create a new directory in the filesystem Syntax mkdir DIR Parameters Privileged Exec Commands DIR Directory name Usage Guidelines Example WS5100 mkdir TestDIR WS5100 4 27 4 28 WS5100 Series Switch CLI Reference Guide 4 1 22 more gt Priv Exec Command Use this CLI command to view the contents of a file Syntax more FILE Parameters FILE Displays the content of the file Usage Guidelines Example WS5100 more flash log messages log Sep 08 12 27 30 2006 PM 5 PROCSTOP Process radiusd has been stopped Sep 08 12 27 31 2006 LICMGR 6 NEWLICENSE Licensed AP count changed to 48 Sep 08 12 27 31 2006 CC 5 COUNTRYCODE config setting country code to in India Sep 08 12
29. Parameters ipsec ipsec configuration security association security association lifetime kilobytes seconds lt value gt IPSec S A lifetime e kilobytes lifetime in kilobytes e seconds lifetime in seconds transform set lt setname1 gt lt setname 9 gt Use the crypto ipsec transform set command to define the transform configuration for securing data e ah md5 hmac e ah sha hmac e esp 3des e esp aes e esp aes 192 e esp aes 256 e esp des e esp md5 hmac e esp sha hmac The transform set is then assigned to a crypto map using the map s set transform set command See crypto ipsec on page 9 1 isakmp Internet Security Association and Key Management Protocol client crypto isakmp client configuration group default leads you to config crypto group instance For more details see crypto group on page 7 1 identity Global Identity type keepalive Number of seconds between DPD messages Global Configuration Commands 5 13 key peer key peer remote peer policy Isakmp Policy key Authentication key management export import rsa lt indentifier gt Rsa Keypair identifier Associated with Keypair tftp ftp URL to send the key to generate lt key pair gt Size of Keypair Shoule be between 7024 2048 zeroize map lt name gt crypto map entry name of 32 character length isakmp Ipsec isakmp
30. Parameters TIMEZONE Press lt tab gt to traverse list of files This displays list of files containing timezone information Usage Guidelines Example WS5100 config timezone America Asia Atlantic Australia Etc Europe Pacific Africa WS5100 config timezone America America Anchorage America Bogota America Buenos_Aires America Caracas America Chicago America Costa_Rica America Denver America Los_Angeles America Mexico_City America Montreal America New_York America Phoenix America Santiago America Sao_Paulo America St_Johns America Tegucigalpa America Thule America Winnipeg America Indianapolis WS5100 config timezone America Chicago WS5100 config 5 52 WS5100 Series Switch CLI Reference Guide 5 1 27 username gt Global Configuration Commands Use this CLI command to establish the user name authentication for the WS5100 Series Wireless Switch Syntax username Parameters WORD Enter a name to authenticate the WS5100 switch The username should be between 1 and 28 characters Usage Guidelines Example WS5100 config username GoldenSwitch WS5100 config 5 1 28 vpn Global Configuration Commands 5 53 gt Global Configuration Commands Use this CLI command to configure VPN Syntax vpn authentication method local radius Parameters authentication method Use this to select the authen local Used for user based authentication radi
31. Redundancy Redundancy Mode Redundancy Interface IP Number of configured peer s Heartbeat period Hold period Discovery period Handle STP Switch Installed License Switch running image version Feature group ID Redundancy Group Runtime Information Redundancy Protocol Version Redundancy Group License Cluster AP Adoption Count Switch AP Adoption Count Redundancy State Radio Portals adopted by Group Radio Portals adopted by this Switch Rogue APs detected in this Group Rogue APs detected by this Switch Us associated in this Group Us associated in this Switch Selfhealing APs in this Group Selfhealing APs in this Switch Group maximum AP adoption capacity Switch Adoption capacity Established Peer s Count Redundancy Group Connectivity status Group Configuration Detail Not Applicable Not Applicable Not Applicable Enabled 1 Primary 10 10 10 10 T 5 Seconds 15 Seconds 30 Seconds Disabled 48 3 0 0 0 19635X o je iscovery ODCORRPOONNURFPEHF AN A eA o 0 Not all members connected 2 2 19 redundancy history gt Common to all modes Syntax show redundancy history Parameters None Example WS5100 gt show redundancy history State Transition History Time Event Triggered State Sep 06 18 20 56 2006 Redundancy Disabled Disabled WS5100 gt Common Commands 2 53 2 54 WS5100 Series Switch CLI Reference Guide 2 2 20 redundancy members
32. S how CLI tree of current mode isplay command except show commands history isplay information about core panic and AP dump files how snapshot of available support information isplay last password used to enter shell how reboot history how startup log how upgrade history WS5100 config crypto peer service show WS5100 config crypto peer service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 4M out of 18 6M available for crashinfo List of Files messages log snmpd log startup log command history reboot history upgrade history 0 Oct 9 13 01 316 Oct 9 13 01 16 5k Oct 9 13 01 8 0k Oct 9 19 26 3 4k Oct 9 13 01 782 Aug 29 18 32 Please export thes files or delete them for more space WS5100 config crypto peer crypto peer 8 9 8 1 7 set Use this CLI command to configure the aggressive mode of crypto peer Syntax set aggressive mode password Parameters aggressive mode aggressive mode password password Example WS5100 config crypto peer set aggressive mode password CheckMeIn WS5100 config crypto peer 8 10 AP 5131 Access Point Product Reference Guide 8 1 8 show Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the parameters for which the information can be viewed using
33. SEE ES 5 36 O i CERE E EEE I ENEE EEA ETET 5 37 AE E E T E E EE E ETE S E ETET 5 39 AE FELNE AIEEE ENEN er adie ead TE EPET EE EAEE E 5 41 SUL ee ee ee ee AE ESN EEE EE TENE 5 43 DOG ENA E EA EEEE ORA E ROEI ET 5 50 AN e LAE EIN EAE A ENE EAE EE ETE EAEE ETE E 5 51 E EE N E E EEA SA VLAE E SAET LTN AE E 5 52 E EEIEIIE T INE TE ond ces e IENE EE E 5 53 VAIOIOSS ccc cnuciudasdsentenreeectahoareausnranedecamerenecaade 5 54 Chapter 6 crypto isakmp Crypto Isakmp Config commands 00 00 ccc cee eee eee nes 6 1 authenticator dsGhvdewdedsd bvlabatedeudedbiavieadeasdoes 6 3 CUS cia EIE SEAIN AANEEN ETE E S IEE INE E LIN TEENE EE 6 4 Ee T E E EEE E A E EE 6 5 E EEEE EASTA TA E E ELETE TEELE IIE TET EEEE T PETE E TEN 6 6 o i EEE AE ETE T A E E E AAEE E ELAT EA EET 6 7 e ETTE ETETE ELTSE A E EIE IEEE bee ee 6 8 E se TE AEE EN E AEEA E E NA EIEE NNA U EET 6 9 E EEA E A EE AEEA ASES SA T EA E N S 6 10 WESTIE PEE EEEE EAE NES E IE PE EEE ANT Sune 6 11 PIE LEEPER A E AEAEE E E EPEE ETENE IN pd STE 6 12 S E FEVERET EELEE TEN TENT We Se EENE EPEE CAET TPI F 6 13 NONE TEE A EE AEE EA ES AEE O E E E E OEE 6 14 6 WS5100 Series Switch CLI Reference Guide Chapter 7 crypto group Crypto Client Config commands 000 00 c ccc cee ees 7 1 CUT A VESEO NEES ES TN AEE ESAE AN ES INE TA 7 3 N A EE NAE EAE nea E AE A EA OA E EE TEET 7 4 i ORSETTO TATE LOT TOTE OEE TEE NEEE TOE OEA EE OT 7 5 O a a a a aaa AA 7 6 io Cuesta ape ee er Taree ea
34. Set community string and access privileges ro Read only access with this community string rw Read write access with this community string contact Text for mib object sysContact LINE Identification of the contact person for this managed node enable traps Enable SNMP traps all enable all traps miscellaneous Enable miscellaneous traps lowFsSpace Available file system space is lower than the limit processMaxRestartsReached Process has reached max restart savedContigModified Saved configuration has been modified nsm Enable nsm traps dhcp PChanged DHCP IP changed Global Configuration Commands 5 45 redundancy Enable redundancy traps adoptionExceeded Redundancy port adoption exceeded grpAuthLevelChanged Redundancy group Authorization Level changed memberDown Redundancy member down memberMisConfigured Redundancy member mis configuration memberUp Redundancy member up snmp Enable SNMP traps authenticationFail Enable authentication failure trap coldstart Enable coldStart trap linkdown Enable linkDown trap linkup Enable linkUp trap wireless Enable wireless traps ap detection Enable wireless AP detection traps externalAPDetected External AP detected ids Enable wireless IDS traps excessiveAuthAssociation Excessive association authentication excessiveProbes Excessive probes
35. Use to set the fan speed limit You can configure the fan speed limit for both Fan 1 and Fan 2 filesys Use to set file system freespace limit You can select the freespace limit for the following sub context e etc2 e flash e ram load Use to configure aggregate processor load You can select from the following submodes e 1 Aggregate processor load during the previous minute e 15 Aggregate processor load during the previous 15 minute e 5 Aggregate processor load during the previous 5 minute maxFDs Use to configure the maximum number of file descriptors You can set anything between 0 to 32767 file descriptors 2 10 WS5100 Series Switch CLI Reference Guide pkbuffers Use to configure and set the packet buffer head cache limit You can set anything between 0 to 65535 as the buffer cache limit procRAM Use to configure the RAM space used by a process You can set he percentage of RAM space to be used by the processor from anything between 0 0 ti 100 0 percent ram Use to configure the free space for the RAM You can configure the free space to anything between 0 0 to 100 0 percent routecache Use to configure the IP route cache usage Can be set with an value between 0 65553 temperature Use to set the temperature sensor for the WS5100 Series Switch You can set as many as 8 temperature sensors period Use to set diagnostic period lt 100 30000 gt Use to configure Diagnostics perio
36. WS5100 Series Switch CLI Reference Guide 4 1 15 edit gt Priv Exec Command Use this CLI command to edit a text file Syntax edit FILE Parameters FILE Name of the file to be edited Usage Guidelines Example S5100 edit startup config GNU nano 1 2 4 File startup config configuration of WS5100 version 3 0 0 0 19193x version 1 0 service prompt crash info username ksd username jskdf username admin password 1 8e67bb26b358e2ed20fe552ed6fb832 397a507d username admin privilege superuser username operator password 1 e96dd39756ac41b74283a9292652d366d73931 username manager password 1 8e67bb26b358e2ed20fe552ed6fb832 397a507d username manager privilege superuser username test password 1 d11168bcad3 6 bbbdec594be55 5020cf0e086859 username test access ssh username test privilege superuser 1 ip access list extended remot Read 423 lines G Get Help O WriteOut R Read File Y Prev Page K Cut Text C Cur Pos X Exit J Justify W Where Is V Next Page U UnCut Txt T To Spell Privileged Exec Commands 4 21 lt this command will open the startup config file for editing gt lt edit amp save the config file amp exit gt WS5100 4 22 WS5100 Series Switch CLI Reference Guide 4 1 16 enable gt Priv Exec Command Use this CLI command to Turn on privileged mode command Syntax enable Parameters None Usage Guidelines Example WS510
37. WS5100 Series Switch CLI Reference Guide WS5100 WS5100 WS510 WS510 WS5100 SSInfo WS5100 16 1 7 8 policy con con con con con fig radsrv group no policy wlan 2 5 fig radsrv group fig radsrv group no rad user all fig radsrv group fig radsrv group no service radius Radius service stopped con fig radsrv group gt Radius Configuration Commands Use this CLI command to configure Radius group access policy Syntax policy day time vlan wlan policy day all fr mo sa su th tu we weekdays ploicy time start end lt 0 23 gt lt 0 59 gt policy vlan lt 1 4094 gt Parameters day Day of access policy configuration all All days from Sunday to Saturday fr Friday mo Monday sa Saturday su Sunday th Thursday tu Tuesday we Wednesday weekdays Allow access only in week days Mo Fr time Configure time of access policy for this group start Start time end End Time must be greater than the start time Radius Server Instance 16 15 lt 0 23 gt hour hh limit lt 0 59 gt mins mm limit vian VLAN id for this group lt 1 4094 gt VLAN range wlan Configure wlan access policy for this group lt 1 32 gt Wlan index Example WS5100 config radsrv group policy day weekdays WS5100 config radsrv group WS5100 config radsrv group policy time start 12 12 end 22 22 WS5100 con
38. address and mask e any Any destination host e host Exact destination MAC address to match dot1p lt 0 7 gt 802 1p priority rule precedence lt 1 5000 gt Access list entry precedence type lt 1 65535 gt arp ip ipv6 vlan wisp Etherlype vlan lt 1 4095 gt VLAN ID wlan lt 1 32 gt Filter packets based on WLAN 15 1 9 service gt MAC Extended ACL Config Commands Extended MAC ACL Instance 15 13 SyntaxUse this CLI command to invoke the service commands to trobuleshoot or debug the config if instance configurations Syntax service clear diag shell save cli show start shell tethereal Parameters clear Remove specified support information diag shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch save cli Saves the CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic Usage Guidelines Example WS5100 config ext macl service diag shell Diagnostic shell started for testing diag gt boot delete exit fallback help logout no reload service show upgrade diag gt Reboots the swi Deletes specifi tch Description of d file from the system Exit from the CLI Configures firmware fallback feature the interactive help system Exit from the CLI Negate a command or set its defaults
39. all modes Syntax show history Parameters None Example WS5100 gt show history 1 YHA B WD 8 show clrscr enable clrscr configure terminal exit clrscr show history WS5100 gt Common Commands 2 29 2 30 WS5100 Series Switch CLI 22 7 interfaces gt Common to all modes Syntax Reference Guide show interfaces IFNAME eth lt 1 2 gt switchport tunnel vlan Parameters IFNAME eth switchport tunnel vlan Usage Guidelines Example WS5100 config s Interface ethl how interfaces ethl Hardware Typ b0 4e index 2 metric Ethernet Interface Mode Layer 2 address is 00 a0 f 8 65 1 mtu 1500 lt UP BROADCAST RUNNING MULTICAST gt Speed Admin Auto Operational 100M Duplex Admin Auto Operational Full Switchport Set input packet input errors output packe output error collisions 0 WS5100 config s Interface ethl Switchport Set WS5100 config s Interface vlanl Switchport Set tings Mode Access Access Vlan 2100 s 38766 bytes 9483540 dropped 0 multicast packets 13377 0 length 0 overrun 0 CRC 0 frame 0 fifo 0 missed 0 ts 4 bytes 336 dropped 0 s 0 aborted 0 carrier 0 fifo 0 heartbeat 0 window 0 how interfaces switchport ethl tings Mode Access Access Vlan 2100 how interfaces switchport vlanl tings Mode Access Access Vlan 0 WS5100 config interface tunne WS5100 config if Sep 1
40. an external web server e advanced use login welcome failure web pages created by the user on the wireless switch e external use login welcome failure web pages on an external server e internal use login welcome failure web pages created automatically on the wireless switch inactivity timeout lt 60 86400 gt Inactivity timeout in seconds If a frame is not received from a mobile unit for this amount of time the mobile unit is disassociated kde Modify KDC related parameters password 0 2 LINE Kdc server password upto 127 characters e 0 Password is specified UNENCRYPTED e 2 Password is encrypted with password encryption secret e LINE Kde server password upto 127 characters realm LINE Kde realm 127 characters e LINE Kdc realm upto 127 characters Wireless Instance server primary secondary IP address auth port lt 1 65535 gt Modify KDC server parameters e primary Primary kdc server e secondary Secondary kdc server e P address Kde server IP address e auth port lt 1 65535 gt Kdc server authentication port Default is 88 server timeout lt 7 60 gt Modify KDC server parameters e timeout Time the wireless switch waits for a response from the kdc server before retrying mobility enable Enable L3 Mobility on WLAN s mu mu disallow switch to wired Disallow frames from one mu to another mu on this WLAN
41. channel power information for a particular country self heal config Self Healing Configuration Parameters lt 1 1000 gt A single radio index all All Configured radios sensor Wireless Intrusion Protection System parameters 2 66 WS5100 Series Switch CLI Reference Guide default contig Default configuration parameters for sensors discovered sensors sensor access ports discovered by the switch unapproved aps Unapproved APs seen by access port or mobile unit scans wireless switch wireless switch statistics statistics detail Detailed wireless switch statistics wlan Wireless LAN related parameters config Wlan configuration lt 1 32 gt A wlan index lt 1 32 gt all All wlans in configuration enabled Only wlans that are currently enabled statistics WLAN statistics lt 1 32 gt A wlan index lt 1 32 gt Example WS5100 gt show wireless ap Number of access ports adopted 22 0 Available licenses Clustering enabled Clustering mode WS5100 gt 20 Ni primary WS5100 gt show wireless ap detection config max detected aps mu assisted scan mu assisted scan refresh 100 disabled 1800 seconds configured approved aps Index Bss Mac Ssid WS5100 gt WS5100 gt show wireless ap images Idx ap type J ap300 2 ap300 Image Name Size bytes Version WISP AP300 293516 00 02 29 WIAP 300 244076 01 00 1635b ap300 AP300 ID
42. configuration commands redundancy group redundancy history Display redundancy group parameters Display state transition history of the switch redundancy members Display Extended ACL Instance 13 17 redundancy group members in detail running config Current Operating configuration securitymgr Display debug info for ACL VPN and NAT sessions Display current active open connections snmp Display SNMP engine parameters snmp server Display SNMP engine parameters startup config Contents of startup configuration terminal Display terminal configuration parameters timezone Display timezone upgrade status Display last image upgrade status users Display information about terminal lines version Display software amp hardware version wireless Wireless configuration commands WS5100 config ext nacl show 13 18 WS5100 Series Switch CLI Reference Guide 13 1 11 terminal gt Extended ACL Contig Commands Use this command to set the length number of lines to be displayed on the terminal window Syntax terminal monitor no terminal no monitor Parameters monitor Copy debug output to the current terminal line no Negate a command or set its defaults monitor Copy debug output to the current terminal line Usage Guidelines Example WS5100 config ext nacl terminal monitor WS5100 config ext nacl WS5100 config ext nacl terminal no monitor WS5100 config ext nacl Standard ACL Instance Us
43. crypto crypto debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface nam mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group redundancy history redundancy members running config securitymgr sessions snmp Display Display Display Current Display Display Display redundancy group parameters state transition history of the switch redundancy group members in detail Operating configuration debug info for ACL VPN and NAT current active open connections SNMP engine parameters snmp server startup config terminal timezone upgrade status users version wireless crypto map 10 15 Display SNMP engine parameters Contents of startup configuration Display terminal configuration parameters Display timezone Display last image upgrade status Display information about terminal lines Display software amp hardware version Wireless configuration commands WS5100 config crypto map sho
44. current mode and down to previous mode page 15 7 15 2 WS5100 Series Switch CLI Reference Guide Command Description Ref help Description of the interactive help system page 15 8 mark Specify packets to mark page 15 9 no Negate a command or set its defaults page 15 1 permit Specify packets to forward page 15 1 service Service Commands page 15 13 show Show running system information page 15 1 terminal Set terminal line parameters page 15 17 15 1 1 clrser gt MAC Extended ACL Config Commands Use this CLI command to clear the display screen Syntax clrscr Parameters None Usage Guidelines Example WS5100 config ext macl clrscr WS5100 config ext macl Extended MAC ACL Instance 18 3 15 4 WS5100 Series Switch CLI Reference Guide 15 1 2 deny gt MAC Extended ACL Config Commands Use this CLI command to specify packets that you want to reject Syntax deny Source MAC Address Destination MAC Address dotlp lt 0 7 gt type vilan lt 1 4095 gt wlan lt 1 32 gt rule precedende lt 1 5000 gt deny Source MAC Address Destination MAC Address dot1p lt 0 7 gt rule precedence lt 1 5000 gt deny Source MAC Address Destination MAC Address type lt 1 65535 gt arp ip ipv 6 vlan wisp gt rule precedence lt 1 5000 gt deny Source MAC Address Destination MAC Address wlan lt 1 32 gt dotlp lt 0 7 gt type vlan lt 1 4095 gt rule prece
45. eg 1 3 7 or range eg 3 7 of radio indices enable Monitor access ports and attempt to increase coverage on failure Wireless Instance 17 37 neighbors lt 1 71000 gt Add radios as neigbors lt 1 1000 gt RADIO run neighbor detect Disassociate all mobile units clear current neigbors and run neighbor detection Usage Guidelines Example EXAMPLE OUTPUT HERE 17 38 WS5100 Series Switch CLI Reference Guide 17 1 24 sensor gt Wireless Configuration Commands Use this CLI command to configure Wireless Intrusion Protection System parameters Syntax nun wn Parameters nsor default config vlan nsor default config ip mode wips server ip nsor default config ip mode dhcp static A B C D M A B C D nsor default config wips server ip primary secondary A B C D default config default configuration sent to sensors when they are configured ip mode configure the IP address mode of the sensors dhcp sensor should use DHCP to obtain an IP address static A B C _D MA B C D sensor must use the specific static IP address e A B C D M sensor IP address and network mask e A B C D specify the gateway IP address for sensors Wips server ip specify IP addresses of the WIPS server primary A B C D specify the primary IP address of the WIPS server secondary A B C D specify the seconary IP address of the WIP
46. file snmpd log to remote tftp server WS5100 copy flash log snmpd log tftp 157 235 208 105 snmpd log Accessing running config file from remote tftp server into switchrunning config WS5100 copy tftp 157 235 208 105 running config running config 4 1 10 debug gt Priv Exec Command Privileged Exec Commands Use this CLI for debugging purpose Apart from aii this CLI is also used to debug various features of the WS5100 Series Switch Syntax debug all debug Parameters other features all Enable all debugging Usage Guidelines Example WS5100 debug all cc certmgr dhcpsvr imi ip logging mgmt mobility nsm pktdrvr pm radius redundancy securitymgr wireless statistics Enable all debugging Cellcontroller wireless debugging messages Certificate Manager Debugging Messages DHCP Conf Server Debugging Messages Integrated Management Interface Internet Protocol IP Modify message logging facilities gmt daemon L3 Mobility etwork Service Module NSM Pktdrvr kernel wireless debugging messages Process Monitor Radius server debugging messages Redundancy Protocol debugging messages Security Manager Debugging Messages wireless statistics 4 16 WS5100 Series Switch CLI Reference Guide 4 1 11 delete gt Priv Exec Command Use this command to delete the specified file from the system Syntax delete force recursive FILE Param
47. from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Example WS5100 config radsrv group end WS5100 Radius Server Instance 16 11 16 1 7 3 exit gt Radius Configuration Commands Use this CLI command to end current mode and down to previous mode config radsrv The prompt now changes to ws5100 config Syntax exit Parameters None Example WS5100 config radsrv group exit WS5100 config radsrv group 16 1 7 4 group gt Radius Configuration Commands Use this CLI command to configure radius user group paramaters Syntax group Parameters WORD Radius group name Example WS5100 config radsrv group group TestGroup WS5100 config radsrv group 16 12 WS5100 Series Switch CLI Reference Guide 16 1 7 5 guest group gt Radius Configuration Commands Use this CLI command to configure a guest group Syntax guest group Parameters enable Enable this group as guest group Example WS5100 config radsrv group guest group enabl WS5100 config radsrv group 16 1 7 6 help gt Radius Configuration Commands Use thie CLI command to access the systems interactive help system Syntax help Parameters None Example WS5100 config radsrv group help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list wil
48. group configuration commands clrscr Clears the display screen end End current mode and change to EXEC mode exit End current mode and down to previous mode group Configure radius user group paramaters guest group Guest group configuration help Description of the interactive help system no Negate a command or set its defaults policy Radius group access policy configuration rad user Add Radius user to this group service Service Commands show Show running system information Use policy command to configure the group policies for the group created in Step 1 WS5100 config radsrv group policy day Day of access policy configuration time Configure time of access policy for this group vlan VLAN id for this group wlan Configure wlan access policy for this group WS510 WS510 Use policy vlan command to assign an vlan id of 10 to group Sales WS5100 config radsrv group policy vlan 10 0 config radsrv group policy day weekdays config radsrv group policy time start 12 30 end 15 30 Use policy wlan command to allow only authorised users to access this groups wlan LO WS5100 config radsrv group policy wlan 1 2 5 16 20 WS5100 Series Switch CLI Reference Guide 6 Use config radsrv rad user to create a user called testuser and add it to group Sales WS5100 config radsrv rad user testuser password testpassword group sales Sep 08 17 41 55 2006 RADCONF Adding user test
49. gt lt 1 65535 gt Destination IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt log rule precedence lt 1 5000 gt Parameters icmp ICMP Protocol ip Any Internet Protocol Source IP Source IP address can be one of the following e a B c D M Source IP address range to match e any Any source IP address e host Single host address Destination IP Destination IP address can be one of the following e a B c D M Destination IP address range to match e any Any destination IP address e host Single host address lt 0 255 gt ICMP Type log Log matches against this entry rule precedence lt 1 5000 gt Access list entry precedence wlan lt 1 32 gt Filter packets based on WLAN eq lt 71 65535 gt Match a specific destination port range lt 1 65535 gt lt 1 65535 gt Match a range of destination ports You can select between Starting destination port and Ending destination port Usage Guidelines Example EXAMPLE OUTPUT HERE 13 6 WS5100 Series Switch CLI Reference Guide 13 1 3 end gt Extended ACL Config Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config ext nacl end WS5100 Extended ACL Instance 13 7 13 1 4 exit gt Extended ACL Config Com
50. gt rule precedence lt 1 5000 gt Syntax mark 8021p tos lt 0 7 gt lt 0 255 gt Destination IP Address log ip Source IP Address rule precedence wlan log mark 8021p tos lt 0 7 gt lt 0 255 gt Destination IP Address log log rule precedence lt 1 500 gt ip Source IP Address rule precedence wlan mark 8021p tos lt 0 7 gt lt 0 255 gt ip Source IP Address Destination IP Address log wlan rule precedence lt 1 500 gt mark 8021p tos lt 0 7 gt lt 0 255 gt ip Source IP Address Destination IP Address log rule precedence wlan A B C D wlan lt 1 32 gt log rule precedence lt 1 500 gt Syntax mark 8021p tos lt 0 7 gt lt 0 255 gt tcp udp Source IP Address Destination IP Address rule precedence lt 1 5000 gt mark 8021p tos lt 0 7 gt Destination IP Address rule precedence lt 1 5000 gt mark 8021p tos lt 0 7 gt Destination IP Address rule precedence lt 1 5000 gt mark 8021p tos lt 0 7 gt Destination IP Address rule precedence lt 1 5000 gt lt 0 255 gt lt 0 255 gt lt 0 255 gt eq lt 1 65535 gt wlan lt 1 32 gt tcp eq lt 1 65535 gt wlan lt 1 32 gt tcp eq lt 1 65535 gt wlan lt 1 32 gt tcp eq lt 1 65535 gt log log log log log range lt 1 65535 gt lt 1 65535 gt udp Source IP Address range lt 1 65535 gt
51. help system Exit from the CLI Negate a command or set its defaults Halt and perform a warm reboot Service Commands Show running system information Upgrade firmware image WS5100 config if service save cli CLI command tree is saved as clitree html This tr can b viewed via web at http lt ipaddr gt cli clitree html WS5100 config if WS5100 config if service show ap cli command history crash info info last passwd reboot history startup log upgrade history wireless WS5100 config if WS5100 config if Last password used password with MAC 00 a0 f8 65 ea 8e access port serviceability parameters how CLI tree of current mode Display command except show commands history Display information about core panic and AP dump files Show snapshot of available support information Display last password used to enter shell S S S n how reboot history how startup log how upgrade history Wireless parameters service show service start shell service tethereal options in the format print detailed packet x hex dump of packet no promiscuous mode for interface disable name resolution c lt count gt h detailed help to capture ESPD e capture nonEspd packets Password WS5100 config if LINE tethereal V p n E f lt capture filter expression in format xx xx xx gt 12 16 W
52. is disconnected not hte virtual interface In WS5100 when the ethernet interface comes back up it will restart the dhcp client on any virtual interfaces SVIs of which the physical interface is a member port This ensures that if the interface was disconnected and reconnected to a different interface it will get a new ip address route name server domain name etc corresponding to the new dhcp server scope Common Commands 2 35 Example WS5100 config show ip access group eth 1 Interface ethl Inbound IP Access List Inbound MAC Access List WS5100 config show ip access group vlan 1 Interface vlanl Inbound IP Access List WS5100 config show ip access group eth2 Interface eth2 Inbound IP Access List Inbound MAC Access List WS5100 show ip dhcp binding IP MAC Client Id Type Expiry Time WS5100 show ip dhcp pool I ip dhcp pool pl ip dhcp pool pooll domain name test com bootfile 123 network 10 10 10 0 24 address range 10 10 10 2 10 10 10 30 1 ip dhcp pool poo110 next server 1 1 1 1 netbios node type b nod WS5100 show ip dhcp vendor options Server Info Firmware Image File Config File Cluster Config File WS5100 show ip domain name IP domain lookup Enable Domain Name symbol com WS5100 show ip http server HTTP server Running Config status Enabled 2 36 WS5100 Series Switch CLI Reference Guide WS5100 show ip http secure server HTTP secure server Running Conf
53. lt 1 65535 gt udp Source IP Address range lt 1 65535 gt lt 1 65535 gt log wlan lt 1 32 gt udp Source IP Address range lt 1 65535 gt lt 1 65535 gt wlan lt 1 32 gt log rule precedence lt 1 5000 gt WS5100 Series Switch CLI Reference Guide Parameters 8021p lt 0 7 gt Modify 802 1p VLAN user priority tos lt 0 255 gt Modify TOS bits in IP header icmp ICMP Protocol ip Any Internet Protocol tcp TCP Protocol udp UDP Protocol Source IP Address Source IP address can be one of the following e a B c D M Source IP address range to match e any Any source IP address e host Single host address Destination IP Address Destination IP address can be one of the following e a B c D M Destination IP address range to match e any Any Destination IP address e host Single host address lt 0 255 gt ICMP Type log Log matches against this entry rule precedence 7 5000 Access list entry precedence wlan 1 32 Filter packets based on WLAN eq lt 1 65535 gt Match a specific source port range lt 1 65535 gt lt 1 65535 gt Match a range of source ports Usage Guidelines Example EXAMP LE OUTPUT HERE Extended ACL Instance 13 11 13 1 7 no gt Extended ACL Config Commands Use this CLI command to negate a command or set its defaults Syntax no deny mark permit This command negates al
54. mode page 8 5 help Description of the interactive help system page 8 6 8 2 AP 5131 Access Point Product Reference Guide Command Description Ref no Negate a command or set its defaults pages7 Service Service Commands page 8 8 set set page 8 9 show Show running system information page 8 10 8 1 1 clrser Use this CLI command to clear the display screen Syntax clrscr Parameters None Example WS5100 config crypto peer clr WS5100 config crypto peer crypto peer 8 3 8 4 AP 5131 Access Point Product Reference Guide 8 1 2 end Use this CLI command to end and exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config crypto peer end WS5100 crypto peer 8 5 8 1 3 exit Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Syntax exit Parameters None Example WS5100 config crypto peer exit WS5100 config 8 6 AP 5131 Access Point Product Reference Guide 8 1 4 help Use thie CLI command to access the systems interactive help system Syntax help Parameters None Example WS5100 config crypto peer help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empt
55. must equal the inbound remote SPI The key values are the hexadecimal representations of the keys They are not true ASCII strings Therefore a key of 3031323334353637 represents 01234567 WS5100 config crypto map set transformset name Crypto map entries do not directly contain the transform configuration for securing data Instead the crypto map is associated with transform sets which contain specific security algorithms see crypto ipsec transform set lt setname gt lt parameters gt on page 150 If no transform set is configured for a crypto map then the entry is incomplete and will have no effect on the system For manual key crypto maps only one transform set can be specified Example WS5100 config crypto map set localid hostname TestMapHost WS5100 config crypto map 10 14 AP 5131 Access Point Product Reference Guide 10 1 9 show Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the parameters for which the information can be viewed using the show command Example WS5100 config crypto map show access list Internet Protocol IP alarm log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration clock Display system clock commands Show command lists
56. prompt more radius server no redundancy page service ping show pwd snmp server quit terminal reload timezone rename username rmdir wireless service show telnet terminal traceroute upgrade upgrade abort write 1 2 Getting Context Sensitive Help Entering a question mark at the system prompt displays a list of commands available for each command mode You also can get a list of the arguments and keywords available for any command with the context sensitive help feature Introduction To get help specific to a command mode a command name a keyword or an argument use any of the following commands Command Description orompt help Displays a brief description of the help system prompt abbreviated command entry Lists commands in the current mode that begin with a particular character string prompt abbreviated command Completes a partial command name entry lt Tab gt prompt Lists all commands available in the command mode prompt command Lists the available syntax options arguments and keywords for the command prompt command keyword Lists the next available syntax option for the command NOTE The system prompt will vary depending on which configuration mode you are in When using context sensitive help the space or lack of a space before the question mark is significant To obtain a list of commands that beg
57. redundancy group information runtime Display runtime redundancy group information Example WS5100 gt show redundancy group config Redundancy Feature Redundancy group ID Redundancy Mode Redundancy Interface IP Number of configured peer s Heartbeat period Hold period Discovery period Handle STP Switch Installed License Switch running image version WS5100 gt WS5100 gt show redundancy group runtime Redundancy Group Runtime Information Redundancy Protocol Version Redundancy Group License Cluster AP Adoption Count Switch AP Adoption Count Redundancy State Radio Portals adopted by Group Radio Portals adopted by this Switch Rogue APs detected in this Group Rogue APs detected by this Switch Us associated in this Group Us associated in this Switch Radios in selfhealing mode Selfhealing APs in this Switch Group maximum AP adoption capacity Redundancy Group Configuration Detail Disabled 1 Primary 0 04 0 0 0 5 Seconds 15 Seconds 30 Seconds Disabled 0 3 0 0 0 200B 2 0 0 ot Applicable Not Applicable Disabled Not Applicable Not Applicable ot Applicable Not Applicable ot Applicable Not Applicable Not Applicable Not Applicable ot Applicable 2 51 2 52 WS5100 Series Switch CLI Reference Guide Switch Adoption capacity Established Peer s Count Redundancy Group Connectivity status wWS5100 gt WS5100 config show redundancy group Redundancy Redundancy
58. redundancy members running config securitymgr Display Display Display Current Display redundancy group parameters state transition history of the switch redundancy group members in detail Operating configuration debug info for ACL VPN and NAT sessions snmp snmp server startup config terminal timezone upgrade status users version wireless Radius Server Instance 16 31 Display current active open connections Display SNMP engine parameters Display SNMP engine parameters Contents of startup configuration Display terminal configuration parameters Display timezone Display last image upgrade status Display information about terminal lines Display software amp hardware version Wireless configuration commands WS5100 config radsrv show 16 32 WS5100 Series Switch CLI Reference Guide 16 1 17 terminal gt Radius Configuration Commands Use this command to set the length number of lines to be displayed on the terminal window Syntax terminal monitor no terminal no monitor Parameters monitor Copy debug output to the current terminal line no Negate a command or set its defaults monitor Copy debug output to the current terminal line Usage Guidelines Example WS5100 config radsrv terminal monitor WS5100 config radsrv WS5100 config radsrv terminal no monitor WS5100 config radsrv Wireless Instance Use config wireless instance to configure local radius serv
59. sa A B C D clear crypto ipsec sa A B C D clear crypto ipsec sa A B C D clear mobility mu AA BB CC DD EE FF hom clear mobility mu AA BB CC DD EE FF hom clear mobility mu AA BB CC DD EE FF hom clear mobility mu AA BB CC DD EE FF hom clear mobility mu log clear mobility peer log clear mobility peer statistics A B C D clear mobility peer statistics A B C D clear wirel clrscr LESS statistics cluster cli enable debug certmgr debug certmgr debug certmgr debug ip ssh debug mobility debug mobility debug mobility debug mobility debug mobility debug mobility debug mobility error info all error info all error info all enable url LIN enable url LIN enable url LIN EJ E zal database foreign database all database foreign database all database foreign database all database foreign database all cc lerror forwarding mu packet peer system cc error forwarding mu packet peer system cc error forwarding mu packet peer system cc error forwarding mu packet peer system cc error forwarding mu packet peer system cc error forwarding mu packet peer system cc error forwarding mu packet peer system MORE next page Space next lin Enter quit Control C La Sa eae Ea aA a a a Ale ia Oe ob ee a eee contd 2 2 4 crypto Common Commands gt Common to all modes
60. snaplen gt r lt filename gt read contents of specified file w lt savefile gt save capture in specified file X for examples on tethereal capture filter WS5100 config ext macl service tethereal Extended MAC ACL Instance 15 15 15 1 10 show gt MAC Extended ACL Config Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the parameters for which the information can be viewed using the show command Usage Guidelines Example WS5100 config ext macl show access list Internet Protocol IP alarm log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration clock Display system clock commands Show command lists crypto crypto debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface nam mobility Display Mobility Parameters ntp Network time protocol passwor
61. terminal WS5100 config NOTE The system prompt changes to indicate that you are now in global configuration mode The prompt for global configuration mode consists of the host name of the device followed by config and the pound sign 5 2 WS5100 Series Switch CLI Reference Guide Commands entered in global configuration mode update the running configuration file as soon as they are entered However these changes are not saved into the startup configuration file until you issue the copy running config startup config EXEC mode command 5 1 Global Configuration Commands Table 5 1 summarizes the Gloabl Config commands within the WS5100 Series Switch command line interface Table 5 1 Global Cnfiguration Command Summary Command Description Ref aaa Authentication Authorization and Accounting page 5 4 access list Add an access list entry page 5 5 banner Define a login banner page 5 6 boot Reboots the wireless switch page 5 7 clrser the display screen page 2 3 country code Configure the country of operation All existing radio configuration will page 5 8 be erased crypto Encryption related commands page 5 11 do Run commands from Exec mode page 5 16 end End current mode and change to EXEC mode page 5 17 exit End current mode and down to previous mode page 2 4 fallback Configures software fallback feature page 5 18 ftp Configure FIP Server page 5 19 help Description of the
62. than or equal to 100000 00 gt undecrypt percent greater than lt gt percentage of undecryptable pkts is geater than lt A decimal number greater than 0 00 and less than or equal to 100 00 gt num mobile units greater than lt gt Number of associated mobile unit is greater than a decimal number in the range of lt 1 4096 gt host snmp server host A B C D snmp server host IP address location Text for mib object sysLocation manager Enable SNMP manager all Enable SNMP version v2 and v3 v2 Enable SNMP version v2 v3 Enable SNMP version v3 sysname snmp system name user Define a user who can access SNMP engine manager Manager user 5 48 WS5100 Series Switch CLI Reference Guide operator Operator user v3 User using v3 security model auth Authentication parameters for the user encrypted Specifying password as md5 digests md5 Use HMAC MD5 algorithm for authentication PASSWD Authentication password for user Usage Guidelines Example WS5100 config snmp server community TestCommunity ro WS5100 config WS5100 config snmp server contact TestManager WS5100 config WS5100 config snmp server enable traps all WS5100 config WS5100 config snmp server enable traps miscellaneous lowFsSpace WS5100 config WS5100 config snmp server enable traps redundancy memberUp WS5100 config WS5100 config snmp server enable traps snmp lin
63. the IP address to be configured for the trustpoint Usage Guidelines Example WS5100 config trustpoint ip address 157 200 200 02 WS5100 config trustpoint 11 1 9 no gt Trustpoint Config commands Use this CLI command to negate a command or set its defaults Syntax no lt previous command used gt Parameters None Usage Guidelines Example WS5100 config trustpoint no ip address WS5100 config trustpoint crypto trustpoint Instance 11 11 11 12 WS5100 Series Switch CLI Reference Guide 11 1 10 password gt Trustpoint Config commands Use this CLI command to set the challenge password applicable only for requests to acces trustpoint Syntax password 0 2 WORD Parameters 0 Password is specified UNENCRYPTED The password should be between 4 to 20 characters 2 Password is encrypted with password encryption secret The string length of encrypted password should be of 44 to 64 characters WORD Password 4 to 20 characters Usage Guidelines Example WS5100 config trustpoint password 0 TestPassword WS5100 config trustpoint crypto trustpoint Instance 11 13 11 1 11 rsakeypair gt Trustpoint Config commands Use thie CLI command to configure a RSA Keypair to associate with the trustpoint Syntax rsakeypair Parameters WORD Rsa Keypair Identifier Usage Guidelines RSA Key Pair Support feature allows you to configure WS5100 Sereies Wirele
64. the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config crypto map crypto map 10 7 10 1 5 match Use this CLI command to assign an IP access list to a crypto map definition The access list designates the IP packets to be encrypted by this crypto map Acrypto map entry is a single policy that describes how certain traffic is to be secured There are two types of crypto map entries ipsec manual and ipsec ike Each entry is given an index which is used to sort the ordered list When a non secured packet arrives on an interface the crypto map set associated with that interface is processed in order If a crypto map entry matches the non secured traffic the traffic is discarded When a packet Is to be transmitted on an interface the crypto map set associated with that interface is processed in order The first crypto map entry that matches the packet will be used to secure the packet If a suitable SA exists that is used for transmission Otherwise IKE is used to establish an SA with the peer If no SA exists and the crypto map entry is respond only the packet is discarded When a secured packet arrives on an interface its SPI is used to look
65. to look for APs max aps lt 7 000 gt Select the maximum amount of entries for unapproved seen and approved seen that can showed mu assisted scan mobile unit assisted scanning enable enable mobile unit assisted scanning refresh lt 70 86400 gt The period in seconds with which all scan capable mobile units are requested to scan for neighboring APs timeout lt 7 65535 gt The amount of seconds a AP will remain in the list after it is no longer seen Usage Guidelines Example WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 O ep oo oo oo oo con con con con con con con con con con con con fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless ction ction ction ction ction ction Wireless Instance 17 7 enable approved add 150 any any max aps 250 mu assisted scan enable mu assisted scan refresh 520 timeout 500 17 8 WS5100 Series Switch CLI Reference Guide 17 1 4 broadcast tx speed gt Wireless Configuration Commands Use this CLI command to configure the rate at which broadcast and multicast traffic should be transmitted between the WS5100 wireless switch and MU s Syntax broadcast tx speed range t
66. to run commands from the other exec mode User Exec and Priv Exec modes Syntax do command of other mode Parameters None Usage Guidelines Example WS5100 config do ping 157 235 208 69 PING 157 235 208 69 157 235 208 69 100 data bytes 128 bytes from 157 235 208 69 icmp_seq 0 ttl 64 time 0 1 ms 128 bytes from 157 235 208 69 icmp_seq 1 tt1l 64 time 0 0 ms 128 bytes from 157 235 208 69 icmp_seq 2 tt1l 64 time 0 0 ms 128 bytes from 157 235 208 69 icmp_seq 3 tt1l 64 time 0 0 ms 128 bytes from 157 235 208 69 icmp_seq 4 tt1l 64 time 0 0 ms gt 157 235 208 69 ping statistics 5 packets transmitted 5 packets received 0 packet loss round trip min avg max 0 0 0 0 0 1 ms WS5100 config NOTE In the example above ping is a PRIV EXEC command Global Configuration Commands 5 17 5 1 8 end gt Global Configuration Commands Use this CLI command to end the current mode and change to Exec mode Syntax end Parameters None Usage Guidelines Example WS5100 config end WS5100 Priv Exec commands acknowledge Acknowledge alarms archive Manage archive files autoinstall autoinstall configuration command cd Change current directory 5 18 WS5100 Series Switch CLI Reference Guide 5 1 9 fallback gt Global Configuration Commands Use this CLI command to enable and configures software fallback feature Failure to boot with configured use on boot image a
67. units key rotation interval lt 1800 86400 gt Configure the broadcast key rotation interval opp pmk caching Enable the opportunistic use of cached pairwise master keys fast roaming with eap 802 1X phrase 0 2 LINE Configure the passphrase e 0 Password is specified UNENCRYPTED e 2 Password is encrypted with password encryption secret e LINE A passphrase between 8 and 63 characters long pmk caching Enable the use of cached pairwise master keys fast roaming with eap 802 1X preauthentication Enable support for 802 111 preauthentication second key enable key phrase 0 2 WORD Configure a secondary set of key passphrase for this wlan e enable Enable the use of a secondary key passphrase e key Configure the key PMK e phrase Configure the passphrase e 0 Password is specified UNENCRYPTED e 2 Password is encrypted with password encryption secret e WORD The 256bit 64 hex characters long key Wireless Instance 17 49 tkip cntrmeas hold time lt 0 65535 gt Configure the hold time in seconds for which clients are blocked when tkip countermeasures are taken Default is 60 seconds enable enable specified wireless lan s encryption type The encryption type for this WLAN cemp AES Counter Mode CBC MAC Protocol AES CCM CCMP keyguard Keyguard MCM Mobile Computing Mode none no encryption tkip E
68. username admin access console snmp ssh telnet username admin privilege superuser username operator password 1 fe96dd39756ac41pb74283a9292652dqd366q73931f username operator access console snmp ssh telnet username operator privilege monitor username manager password 1 45b27d6483f c630981ad5096ff26a7956ce0c038 username manager access console snmp ssh telnet username manager privilege superuser ip domain lookup service pm max sys restarts 2 no service pm sys restart service diag period 1000 service diag enabl no country code redundancy group id 1 redundancy interface ip 0 0 0 0 redundancy mode primary 2 80 WS5100 Series Switch CLI Reference Guide redundancy heartbeat period 5 redundancy hold period 15 redundancy discovery period 30 no redundancy handle stp enable no redundancy enable MORE next page Space next line Enter quit Control C Common Commands 2 81 2 2 37 securitymgr gt Privilege Global Config Syntax show securitymgr debug logs Parameters debug logs Debug information Example 2 82 WS5100 Series Switch CLI Reference Guide 22 38 sessions gt Privilege Global Config Syntax show sessions Parameters None Example WS5100 show sessions SESSION USER LOCATION IDLE START TIME xl ETE Console 006days Jan 1 00 0 kx 2 elt 1572235 206 39 00 00m Jan 1 00 0 WS5100 00 1970 00 1970 I gt G Common Commands 2 83 2 2 39 startup con
69. vty ap clear dhcp diag shell password encryption pm prompt radius save cli set show start shell terminal length tethereal wireless Parameters advanced vty Enable advanced mode vty interface ap access port serviceability parameters clear Remove specified support information dhcp Enable the DHCP Server service diag shell Provide diag shell access password encryption Encrypt passwords in configuration pm max sys restarts sys restart Process Monitor e max sys restarts Maximum number of times PM will restart the system because of a failed processes e sys restart Enable PM to restart the system when a processes fails NOTE The process restart is one count lesser than what is configured prompt Enable crash info prompt radius Enable radius server save cli Save CLI tree for all modes in html format set Set service parameters show Show running system information 5 42 WS5100 Series Switch CLI Reference Guide start shell Provide shell access terminal length System wide terminal length configuration tethereal Dump and analyze network traffic wireless Wireless parameters Usage Guidelines Example EXAMPLE OUTPUT HE Global Configuration Commands 5 43 5 1 24 snmp server gt Global Configuration Commands USe this CLI command to modify SNMP engine parameters Syntax snmp server
70. wlan 10 group kumar3 1 4 18 4 1 13 dir gt Priv Exec Command WS5100 Series Switch CLI Reference Guide Use this CLI to view the list of files on a filesystem Syntax dir all recursive DIR all filesystems Parameters all List all files recursive List files recursively DIR List files in named file path all filesystems List files on all filesystems Output modifiers gt Output redirection gt gt Output redirection appending Usage Guidelines Example WS5100 dir Directory of flash drwx 1024 drwx 120 drwx 1024 rw 14271 rw 14271 drwx 1024 rw 3426 rw 13163 rw 80898 rw 65015 cli_commands txtli_commands txt rw 65154 WS5100 Wed Jul 19 19 14 05 200 Wed Aug 30 15 32 44 200 Thu Aug 31 23 50 09 200 Tue Jul 25 15 16 41 200 Wed Jul 26 15 42 08 200 Wed Aug 9 17 35 08 200 Wed Jul 26 16 08 02 200 Wed Jul 26 16 08 42 200 Thu Aug 17 14 59 39 200 Fri Aug 11 19 57 37 200 Thu Aug 17 15 11 23 200 DDDDADADAADIA AVA YD o gt hotspot log crashinfo Radius config flash radius running config new radius config cli_commands txt cli_commands_180B txt 4 1 14 disable gt Priv Exec Command Use this command to turn off privileged mode command Syntax disable Parameters None Usage Guidelines Example WS5100 disable WS5100 gt Privileged Exec Commands 4 19 4 20
71. 0 Syntax end Parameters None Usage Guidelines Example WS5100 config crypto group end WS5100 7 6 AP 5131 Access Point Product Reference Guide 7 1 4 exit Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Syntax exit Parameters None Example WS5100 config crypto group exit WS5100 config crypto group 7 7 7 1 5 help Use thie CLI command to access the systems interactive help system Syntax help Parameters None Example WS5100 config crypto group help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config crypto group 7 8 AP 5131 Access Point Product Reference Guide 7 1 6 service Use this CLI command to invoke the service commands to trobuleshoot or debug the config crypto isakmp instance configurations Syntax service clear diag shell save cli show start shell tethereal Parameters clear
72. 0 enable WS5100 4 1 17 erase gt Priv Exec Command Use this CLI command to erase a filesystem Privileged Exec Commands Syntax erase nvram flash startup config Parameters nvram Erase everything in nvram flash Erase everything in flash startup config Reset configuration to factory default Usage Guidelines Example ws5100 erase flash Error path is a directory WS5100 erase ne WS5100 erase nvram Error no user deleteable files in nvram WS5100 erase startup config WS5100 4 23 4 24 WS5100 Series Switch CLI Reference Guide 4 1 18 halt gt Priv Exec Command Use this CLI command to stop the WS5100 Series Switch Syntax halt Parameters None Usage Guidelines Example WS5100 halt Wireless switch will be halted do you want to continue y n y 4 1 19 kill gt Priv Exec Command Privileged Exec Commands Use this CLI command to kill a specified session Syntax kill session lt 1 Parameters 16 gt session Active session There are 16 active sessions which can be killed Usage Guidelines Example 157 235 208 93 Telnet to switch xyz xyz xyz telnet Trying 157 235 208 93 Connected to 157 235 208 93 157 235 208 93 Login as cli Escape character is WS5100 release 3 0 0 0 19193X to access CLI WS5100 login root WS5100 show sessions SESSION USER START TIME I root
73. 08000 WS5100 config WS5100 config no crypto isakmp key 12348 address 4 4 4 4 WS5100 config In the example above key 12345678 is associated with IP address 4 4 4 4 Currently you can delete this key by using the no command and a wrong key number Example WS5100 config crypto pki authenticat Authenticate and import CA Cert enroll Enroll export Export import Import trustpoint Define a CA trustpoint WS5100 config crypto pki trustpoint WORD Trustpoint Name WS5100 config crypto pki trustpoint Test WS5100 config trustpoint Trustpoint Config commands clrscr Clears the display screen company name Company Name Applicable only fo email email Global Configuration Commands 5 15 ificate r request end End current mode and change to EXEC mode exit End current mode and down to previous mode fqdn Domain Name Configuration help Description of the interactive help system ip address Internet Protocol IP no Negate a command or set its defaults password Challenge Password Applicable only for request rsakeypair Rsa Keypair to associate with the trustpoint service Service Commands show Show running system information subject nam Subject Name is a collection of configure a trustpoint WS5100 config trustpoint required parameters to 5 16 WS5100 Series Switch CLI Reference Guide 5 1 7 do gt Global Configuration Commands Use this CLI command
74. 100 config crypto map service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 4M out of 18 6M available for crashinfo List of Files messages log snmpd log startup log command history reboot history upgrade history 0 Oct 9 13 01 316 Oct 9 13 01 16 5k Oct 9 13 01 8 5k Oct 9 20 26 3 4k Oct 9 13 01 782 Aug 29 18 32 Please export thes files or delete them for more space WS5100 config crypto map crypto map 10 11 10 1 8 set Use this CLI command to set the various set parameters of the peer device localid mode peer pfs security association session key transformset localid IP Address dn hostname set security association level perhost lifetime kilobytes seconds lt value gt set session key inbound outbound ah esp set session key inbound outbound ah lt hexkey data gt set session key inbound outbound esp lt SPI gt cipher lt hexdata key gt authenticator lt hexkey data gt Parameters localid address dn hostname mode aggressive aggressive mode main main mode peer Use the set peer command to set the IP address of the peer device This can be set for multiple remote peers Remote peer can be either in IP Address or hostname NOTE For manual mode only one remote peer can be added for crypto map IP address Enter the IP address of the peer device If this is not configured it implies responder
75. 18 instead of Broadcast help Description of the interactive help system page 17 19 ids Intrusion Detection configuration commands page 17 20 mac auth local local mac authentication list page 17 22 manual wlan mapping Allow manual mapping un mapping of wlans to configured page 17 23 radios mobility Configure Mobility parameters page 17 24 no Negate a command or set its defaults page 17 25 oversized frames Attempt to use oversized frames for data traffic page 17 26 proxy arp Respond to ARP requests from the RON to WLAN on behalf of page 17 27 mobile units qos mapping QoS mappings between the wired and wireless domains page 17 28 radio Radio related commands page 17 29 self heal Self Healing configuration commands page 17 36 Wireless Instance Command Description Ref sensor Wireless Intrusion Protection System parameters page 17 38 service Service Commands page 17 39 show Show running system information page 17 42 smart scan channels Specify a list of channels that are used on the network This page 17 44 list will be provided to mobile units that can support partial scanning terminal Set terminal line parameters page 17 45 wlan Wireless LAN related commands page 17 46 17 3 17 4 WS5100 Series Switch CLI Reference Guide 17 1 1 adopt unconf radio gt Wireless Configuration Commands Use this CLI command to adopt a radio even if its not yet configured The default templates will be used for configuration Syntax a
76. 27 31 2006 SDAEMON 6 INFO radiusd 460 Ready to process requests Sep 08 12 27 35 2006 SDAEMON 6 INFO init Starting pid 328 console dev ttyso Sep 08 12 27 37 2006 SAUTH 6 INFO login 328 root login on ttyS0O from Console Sep 08 12 27 47 2006 IMI 5 USERAUTHSUCCESS User admin logged in with role of superuser from auth source local Sep 08 12 28 01 2006 NSM 6 DHCPDEFRT Default route with gateway 157 235 208 246 learnt via DHCP Sep 08 12 28 01 2006 NSM 6 DHCPIP Interface Privileged Exec Commands 4 29 vlanl acquired IP address 157 235 208 93 24 via DHCP Sep 08 12 29 07 2006 CC 5 RADIOADOPTED 11bg radio on AP 00 A0 F8 BF 8A A2 adopted Sep 08 12 29 07 2006 CC 5 RADIOADOPTED 11a radio on AP 00 A0 F8 BF 8A A2 adopted Sep 08 12 29 12 2006 SMOB 6 MUADD Station 00 OF 3D E9 A6 54 Added to Mobility Database Sep 08 12 29 12 2006 CC 6 STATIONASSOC Station 00 OF 3D E9 A6 54 associated to radio 3 wlan 1 MORE next page Space next lin Enter quit Control C 4 30 WS5100 Series Switch CLI Reference Guide 4 1 23 page gt Priv Exec Command Use this CLI command to toggle between the page Syntax page Parameters None Usage Guidelines Example WS5100 page WS5100 Privileged Exec Commands 4 31 4 1 24 ping gt Priv Exec Command Use this CLI command to send ICMP echo messages Syntax ping WORD Parameters W
77. 3 32 40 32 32 space Common Commands 2 15 2 16 WS5100 Series Switch CLI Reference Guide VmallocTotal VmallocUsed VmallocChunk WS5100 gt 778200 kB 19568 kB 757824 kB WS5100 gt service show process COL COL COL coL restart restart restart restart PID STATUS RSS PPID SCPU MEM COMMAND 320 S 10M 0 0 4 1 ccsrvr 345 S 8488 be 3e3 ecstatsd 387 S 5612 0 0 2 1 securitymgr 318 S 4480 0 0 1 7 snmpd 394 Ss 3932 0 0 1 5 imi 349 R 3424 1 0 0 1 3 isDiag 367 S 3264 279 0 0 1 2 radconfd 2l 2S 3208 279 0 0 1 2 CertMgr 391 S 3104 0 0 1 2 radiusd 373 S 2844 0 0 1 1 dhcpsvr 319 S 2744 1 0 0 1 0 licenseMgr 6823 S 2712 429 0 0 1 0 imish 6770 S 2668 0 0 1 0 imish 363 S 1824 1 0 0 0 7 nsm 339 S 1736 279 0 0 0 6 fileMgmt 291 1676 0 0 0 6 logd 3751 1672 0 0 0 6 wccpd 279 wS 1636 0 0 0 6 pmd 430 S 1636 0 0 0 6 stunnel 1370 S 1512 0 0 0 5 sshd 346 S 1448 1 0 0 0 5 mobd 340 S 1308 299 1030 05 5 PULEXE SLO aken estado Pes WS5100 gt service show reboot history Configured size of reboot history is 50 Date amp Time Event Aug 30 15 32 39 2006 startup Aug 30 15 31 17 2006 shutdown graceful user Aug 30 13 31 13 2006 startup Damia shutdown ungraceful unexpect Aug 29 18 40 38 2006 startup Aug 29 18 39 15 2006 shutdown graceful user Aug 28 12 38 09 2006 startup S n shutdown ungraceful unexpect Aug 23 13 33 02 2006 startu
78. 3 0 0 0 200B version 1 0 1 service prompt crash info 1 username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507q username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931F username manager password 1 45b27d6483fc630981ad5096ff26a7956ce0c038 username manager privilege superuser l no country code logging console 7 no logging on fallback enable ftp password 1 810a25d76c31e495cc070bdf42e076 7c9b0alcd ip http server ip http secure trustpoint local ip http secure server ip ssh ip telnet snmp server manager v2 snmp server manager v3 crypto isakmp identity address crypto isakmp keepalive 10 crypto ipsec security association lifetime kilobytes 4608000 1 Common Commands 2 79 wireless 1 crypto pki trustpoint local subject name 11 11 11 11 11 11 crypto pki trustpoint default trustpoint subject name Symbol Technologies crypto pki trustpoint slocal 1 radius server local 1 interface eth1 MORE next page Space next line Enter quit Control C WS5100 show running config include factory configuration of WS5100 version 3 0 0 0 200B version 1 0 no service password encryption service prompt crash info no service set command history no service set reboot history no service set upgrade history hostname WS5100 f banner motd Welcome to CLI 1 username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507q
79. 3 gt CCA mode value channel power indoor outdoor lt 1 2000 gt acs random lt 4 20 gt Location channel and transmit power level indoor Indoor location outdoor Outdoor location lt 1 2000 gt Channel number acs Auto channel selection radio will scan for the least congested channel at startup or reconfiguration random Random channel selection lt 4 20 gt Power in dBm Wireless Instance 17 31 coordinates X Y Z coordinates Configure the location of this radio in terms of x y z coordinates e lt 65535 65535 gt X Coordinate e lt 65535 65535 gt Y Coordinate e lt 65535 65535 gt Z Coordinate copy config from lt 1 1000 gt default 11al default 11b default 11bg Copy the configuration from a previously configured radio e lt 1 1000 gt A single radio index e default 11a default 11a configuration template default 11b default 11b configuration template e default 11bg default 11bg configuration template description Configure a description for this radio Should not exceed 20 characters detector Dedicate this radio as a detector No mobile units can associate to a detector dtim period lt 1 50 gt bss lt 1 4 gt DTIM period number of beacons between successive DTIMs radio dtim period lt 1 50 gt bss lt 1 4 gt e lt 1 50 gt DTIM period e bss BSS e lt 1 4 gt BSS index enforce spec mgmt e
80. 35 gt Redundancy group Id handle stp Delay the redundancy protocol state machine exec considering STP enable Set handle stp to true heartbeat period Set the redundancy heartbeat interval The heartbeat period must always be less than the hold period lt 1 255 gt heartbeat interval in secs default is 5 hold period Set the redundancy hold interval lt 10 255 gt hold interval in secs default is 15 interface ip Set redundancy interface IP address A B C D IP address of the switch 5 40 WS5100 Series Switch CLI Reference Guide member ip Add member to this redundancy group A B C D IP address of the member mode set the redundancy mode primary mode can be primary standby mode can be standby Usage Guidelines Example WS5100 confi WS5100 confi WS5100 confi WS5100 confi WS5100 confi WS5100 confi WS5100 confi WS5100 confi WS5100 confi WS5100 confi redundancy discovery period 20 redundancy handle stp enable redundancy heartbeat period 20 redundancy hold period 25 redundancy mode primary 5 1 23 service Global Configuration Commands 5 41 gt Global Configuration Commands Use this CLI commands to retrive system data that includes tables log files configuration status and operation for use in debugging and problem resolution while troubleshooting the WS5100 Series Wireless Switch configuration Syntax service advanced
81. 4 18 38 WIOS_SECURITYMGR 414 DNSALG Sep 14 18 38 17 2006 SDAEMON Shutting down Sep 14 18 38 17 2006 DAEMON Application gateway started Sep 14 18 38 17 2006 DAEMON Application gateway started WS5100 config if show interfa Interface tunnell Common Commands 2 31 11 17 2006 SDAEMON 5 NOTICE Shutting down 5 NOTICE WIOS_SECURITYMGR 414 FTPALG GI 5 NOTICE WIOS_SECURITYMGR 414 FTPALG E 5 NOTICE WIOS_SECURITYMGR 414 DNSALG E ces tunnel 1 Hardware Type Tunnel Interf index 9 metric 1 mtu 1476 lt Tunnel source UNKNOWN desti input packets 0 bytes 0 input errors 0 length 0 output packets 0 bytes 0 output errors 0 aborted 0 collisions 0 ace Mode Layer 3 UP RUNNING NOARP gt nation UNKNOWN Tunnel protocol transport GRE IP Tunnel TTL 255 dropped 0 multicast packets 0 overrun 0 CRC 0 frame 0 fifo 0 missed 0 dropped 0 carrier 0 fifo 0 heartbeat 0 window 0 2 32 WS5100 Series Switch CLI Reference Guide 228 ip gt Common to all modes Syntax show ip access group IFNAME eth lt 1 2 gt vlan lt 1 4094 gt arp ddns binding dhcp vendor options domain name http secure server server interface IFNAME brief tunnel vlan name server route A B C DJA B C D M detail routing ssh telnet show ip access group IF
82. 4 boot gt Global Configuration Commands This CLI command is used to reboot the WS5100 Series Wireless Switch Syntax boot system primary secondary Parameters system Specify boot image to use after reboot primary Primary image secondary Secondary image Usage Guidelines Example WS5100 config boot system primary Wireless switch will be rebooted do you want to continue Do you want to save teh configuration y n y The system is going down NOW o Connection is closed by administrator Please stand by while rebooting the system y n y 5 8 WS5100 Series Switch CLI Reference Guide 5 1 5 country code gt Global Configuration Commands Use this CLI command to configure the country of operation Syntax country code Parameters None Usage Guidelines All existing radio configuration will be erased when this command is used Example WS5100 config country code ae United Arab Emirates ar Argentina at Austria au Australia ba Bosnia Herzegovina be Belgium bg Bulgaria bh Bahrain bm Bermuda br Brazil bs Bahamas by Belarus ca Canada ch Switzerland cl Chile cn China co Colombia cr Costa Rica cy Cyprus cz Czech Republic de Germany dk Denmark do Dominican Republic ec Ecuador ee Estonia eg Egypt es Spain fi Finland fr France gb United Kingdom gr gt gu hk hn hr ht hu id ie il in is it jo jp kr kz li 1k Lt lu lv ma mt mx my n
83. 5 1 16 local gt Global Configuration Commands Use this CLI command to set the username and password for local user authentication Syntax local username password Parameters username Enter local user name The username can be a string of upto 64 characters password Enter local user password The password can be a string of upto 21 characters Usage Guidelines Example WS5100 config local username Noble Man password Noble Soul 5 1 17 logging Global Configuration Commands 5 29 gt Global Configuration Commands Use this CLI command to modify message logging facilities of the WS5100 Series Wireless Switch Syntax logging aggregation time buffered console facility host monitor on syslog logging aggregation time lt 1 20 gt logging buffered lt 0 7 gt alerts critical debugging emergencies errors informational notifications warnings Parameters aggregation time Set number of seconds for aggregating repeated messages The value can be configured between 1 60 seconds buffered Set buffered logging level console Set console logging level monitor Set terminal lines logging level syslog Set syslog servers logging level lt 0 7 gt Enter the Logging severity level Can be between 0 7 alerts Immediate action needed severity 1 critical Critical conditions severity 2 debugging Debugging messages severity emergencies System
84. 535 gt arp ip ipv6 vlan wisp rule precedence lt 1 5000 gt mark 802 1p lt 0 7 gt tos lt 0 255 gt Source MAC Address Destination MAC Address vlan lt 1 4095 gt rule precedence lt 1 5000 gt mark 802 1p lt 0 7 gt tos lt 0 255 gt Source MAC Address Destination MAC Address wlan lt 1 32 gt dotlp lt 0 7 gt type vlan lt 1 4095 gt rule precedence lt 1 5000 gt Parameters 8021p lt 0 7 gt Modify 802 1p VLAN user priority tos lt 0 255 gt Modify TOS bits in IP header Source MAC Address Source MAC Address can be one of the following e XXIXXIXXIXXIXXIXX XKXIXKXIXXIXXIXX1XX Source MAC address and mask e any Any source host host Exact source MAC address to match Destination MAC Address Destination MAC Address can be one of the following e XXIXXIXXIXXIXXIXX XKXIXXIXXIXXIXXIXX Destination MAC address and mask e any Any destination host host Exact destination MAC address to match dot1p lt 0 7 gt 802 1p priority rule precedence lt 7 5000 gt Access list entry precedence WS5100 Series Switch CLI Reference Guide type lt 7 65535 gt arp ip ipv6 vlan wisp Etherlype vian lt 1 4095 gt VLAN ID wlan lt 1 32 gt Filter packets based on WLAN Usage Guidelines Example EXAMPLE OUTPUT HERE Extended MAC ACL Instance 15 11 15 1 7 no gt MAC Extended ACL Config Commands Use this CLI command to negate a command or set its
85. 5535 gt Display details for specific alarm id acknowledged Display acknowledged alarms currently in the system all Display all alarms currently in the system count Display count of alarms currently in the system new Display new alarms currently in the system severity to limit Display all alarms having specified or higher severity critical Display all critical alarms informational Display all informational or higher severity alarms major Display all major or higher severity alarms normal Display all normal or higher severity alarms warning Display all warning or higher severity alarms Example 2 72 WS5100 Series Switch CLI Reference Guide 22 30 boot gt Privilege Global Config Syntax show boot Parameters None Example WS5100 show boot Image Build Date Install Date Version Primary Aug 28 14 05 16 2006 Aug 29 18 32 17 2006 3 0 0 0 200B Aug 17 15 08 28 2006 3 0 0 0 180B Secondary Aug 14 06 18 03 2006 Current Boot Primary Next Boot Primary Software Fallback Enabled WS5100 22 31 clock gt Priviledge Global Config Syntax show clock Parameters None Example WS5100 show clock Sep 13 16 46 27 UTC 2006 WS5100 Common Commands 2 73 2 74 WS5100 Series Switch CLI Reference Guide 2 2 32 debugging gt Priviledge Global Config Syntax show debugging Parameters None Example Common Commands 2 75 2 2 33 file gt Pri
86. 63 22 27 wireless gt Common to all modes Syntax show wireless ap lt 1 48 gt AA BB CC DD EE FF ap detection config ap images ap unadopted approved aps channel power lla indoor outdoor 11b indoor outdoor 1llbg indoor outdoor config hotspot config lt 1 32 gt ids filter list mac auth local lt 1 1000 gt mobile unit lt 1 4096 gt AA BB CC DD EE FF statistics phrase to key wep128 wep64 qos mapping wired to wireless wireless to wired radio lt 1 1000 gt beacon table config lt 1 1000 gt default lla default 1lb default 1lbg monitor table statistics lt 1 1000 gt beacon table config monitor table tatistics regulatory country codes self heal config lt 1 1000 gt sensor default config discovered sensors unapproved aps wireless switch tatistics detail wlan config lt 1 32 gt all enabled statistics lt 1 2 gt n Wn how wireless ap lt 1 48 gt AA BB CC DD EE FF how wireless ap detection config how wireless ap images how wireless ap unadopted how wireless approved aps how wireless channel power lla indoor outdoor 11b indoor outdoor 1llbg indoor outdoor NAnA NA DN how wireless config how wireless hotspot config lt 1 32 gt how wireless ids filter list how wireless mac auth local lt 1 1000 gt how wireless mobile unit lt 1
87. AwwCgY IKwYBBOQUHAWEWDOYJ KoZIhvcNAQEEBOADGYEAoJ gkk OwxHvc3TbA9WjbK Um9GFVMF ps 9XVkKKtYtt kFWIDyquU ylm3aaY1CnkOO5TbxB qL4F4MKL6 0 m0yRPqy 2S 7X0d c8f 9KogwxDwWH112IBiTCtBAq 6hpgkKOv 3fer9tA 6xY 9CK1lr1l2mNGOYFHyV jJMc3Pic0ODF iPHAU END CERTIFICATE REQU WS5100 config show crypto Trustpoint ES pki trustpoints default trustpoint Server certificate configured Subject Name Common Name Issuer Name Common Name Symbol Technologies Symbol Technologies Valid From Sep 13 16 14 49 2006 GMT Valid Until Sep 13 16 14 49 2007 GMT Trustpoint tptest CA certificate configured Subject Name Common Name Organizational Unit Organization Location State Country email Issuer Name Common Name Organizational Unit Organization Location State Country monarch wid symbol bangalore karnataka in testuser domain com monarch wid symbol bangalore karnataka in Common Commands 2 27 email testuser domain com Valid From Sep 11 05 48 52 2006 GMT Valid Until Sep 11 05 48 52 2007 GMT 2 28 WS5100 Series Switch CLI Reference Guide 22 5 environment gt Common to all modes Syntax show environment Parameters None Example WS5100 gt show environment CPU temperature 33 0 C system temperature 33 0 C CPU fan gt 4354 rpm case fan 8766 rpm WS5100 gt 2 2 6 history gt Common to
88. Config commands Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Syntax exit Parameters None Usage Guidelines Example WS5100 config if exit WS5100 config interface Instance 12 9 12 1 7 help gt Interface Config commands Use thie CLI command to access the systems interactive help system Syntax help Parameters None Usage Guidelines Example WS5100 config if help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config if 12 10 WS5100 Series Switch CLI Reference Guide 12 1 8 ip gt Interface Config commands Use this CLI command to configure the IP address for the assigned ethernet VLAN or tunnel Syntax ip access group address helper address nat ip access group lt 1 99 gt lt 100 199 gt lt 1300 1999 gt lt 2000 2699 gt in ip address A B C D M dhcp ip helper address A B C D ip nat inside out
89. Current Operating configuration Display debug info for ACL VPN and NAT Display current active open connections Display SNMP engine parameters Display SNMP engine parameters Contents of startup configuration Display terminal configuration parameters Display timezone Display last image upgrade status Display information about terminal lines Display software amp hardware version Wireless configuration commands nam 16 18 WS5100 Series Switch CLI Reference Guide 16 1 7 12 terminal gt Radius Configuration Commands Use this command to set the length number of lines to be displayed on the terminal window Syntax terminal monitor no terminal no monitor Parameters monitor Copy debug output to the current terminal line no Negate a command or set its defaults monitor Copy debug output to the current terminal line Usage Guidelines Example WS5100 config radsrv group terminal monitor WS5100 config radsrv group WS5100 config radsrv group terminal no monitor WS5100 config radsrv group Radius Server Instance 16 19 16 1 7 13 Example Creating a Group The usage of config radsrv group sub instance is explained through an example illustrated below T Create a group called Sales in the local radius server database WS5100 config radsrv group sales Check the Radius user group configuration commands WS5100 config radsrv group Radius user
90. E policy must have matching group settings in order for negotiation to be successful Example WS5100 config crypto isakmp group 5 WS5100 config crypto isakmp crypto isakmp 6 9 6 1 7 hash Use this CLI command to specify the hash algorithm to be used to authenticate the data transmitted over the IKE SA Syntax hash md5 sha Parameters md5 Choose the md5 hash algorithm sha Choose the sha hash algorithm Example WS5100 config crypto isakmp hash sha WS5100 config crypto isakmp 6 10 AP 5131 Access Point Product Reference Guide 6 1 8 help Use thie CLI command to access the systems interactive help system Syntax help Parameters None Example WS5100 config crypto isakmp help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config crypto isakmp crypto isakmp 6 11 6 1 9 lifetime Use this CLI command to specify how long an IKE SA is valid before expiring Syntax lifetime lt seconds gt Paramete
91. FETE T E 4 31 o PAREVE EPA E EET ATE A E VEE aes es 4 32 HON idee doug topes AESA ETA E NENANA E ENAT ENT E 4 33 Ma ELE EIEE ESA S ita ped Sade N ENE EIE IE TNE 4 34 E i AENA PEA EA NE TE O EE EE E EA TT 4 35 N EEOAE EEEE EA OET EEEE ET EEEO I AERE TE EEES 4 36 IO te edt E ETSE PE A E PEAAOS ENA O E EEES 4 37 Te OWS E E A AN E beaker EENT SETEN ESN T ETSA 4 38 Taa E EEA ITEE PERI T TE TAE EAE N ET E NS T IT 4 39 To ea 0 OA ao E E AE E EE 4 41 o Ne AEREE IATE TE LEAT INEEN ILE ne ae winks E LA EV T TS 4 42 Chapter 5 Global Configuration Commands Global Configuration Commands 0 00 0 ccc cece eee ees 5 2 ce eee eee ere eee ee ee ee ee ee eet ery ee ee 5 4 a A SDE EE S AE ENEA EAT E E EEE NET 5 5 lE E EEEE EE A NESI A AOE EE E EE EN 5 6 ty eh hep bab LIE TEELE VEFE ET A TEE eee 5 7 ANITE ra ETETA ANES OAE E E S E a TTET 5 8 S AA NEETER EINTE TE EEEE TET A T 5 11 TAN 24k ae tabbed eh bp E ETETE nae ie dears 5 18 aea pve ets dyssosg es aa es dae ae Ratha 5 19 MOS MIAINGS 5 deri A EEE E E E E E aed bo EE E T betas 5 20 MENE nie e EE EEN E E EEE E E EE E E E 5 21 eerrtortartiriri seiners teer Iree EEE 5 22 EEE PEEVEEN AA INI PTE TE A N E OEE NEEE ETT 5 26 li OEE EEE OEE E EE EEN oe eee as E aces 5 27 ME s ROERE ETIES EEEE TEE OEE SEE ESIN EATE EATE ETAT 5 28 WAU EE E ISE A E E E E CT TTE 5 29 1 EEEN E AE ENE N AA I TEE N L ETAS T L OEE ST ST 5 31 WM PEERAA ETENEE A PE EEEE E EAEE EA TEE 5 32 DMD EE E EEE E E E EAE A EE EAEE
92. Global enable flag for Traps N Enable flag status for Individual Traps odule Type Trap Type Enabled Y N snmp coldstart snmp linkdown snmp linkup N snmp authenticationFail nsm dhcpIPChanged N redundancy memberUp redundancy memberDown redundancy memberMisConfigured redundancy adopt ionExceeded N redundancy grpAuthLevelChanged N misc lowFsSpace misc processMaxRestartsReached wireless station associated wireless station disassociated wireless station deniedAssociationOnCapability wireless station deniedAssociationOnShortPream wireless station deniedAssociationon wireless station deniedAssociationOn wireless station deniedAssociationOn wireless station deniedAssociationOn wireless station deniedAssociationOn wireless station deniedAssociationAs wireless station tkipCounterMeasures wireless station deniedAuthenticatio wireless station radiusAuthFailed wireless radio adopted wireless radio unadopted wireless radio detectedRadar wireless ap detection externalAPDetected wireless self healing activated wireless ids excessiveAuthAssoci wireless ids excessiveProbes misc savedConfigModified WS5100 gt Common Commands Spectrum Err SSID Rates InvalidWPAWPA2IE PortCapacityReached n ation WS5100 gt show snmp server traps wireless statistics mobile unit pktsps greater than tput greater than avg bit speed less than avg signal less than nu percent greater
93. Jul 19 19 52 38 2006 3 Jul 19 19 52 07 2006 3 file tftp WS5100 gt G O GOO OOO GCGGOO OOGO O GO ome server says 17872x t found 17174X t found gt C 16786X 0 0 16786X O 180B 3 170B 3 170B 3 0 140D 3 0 140D 3 140D 3 w io 0 3 0 0 3s File not found OOWO DTO O O 0 0 0 200B Successful 0 0 180B Successful 0 17872X Successful 0 170B Unable to get update file 0 0 170B Successful 0 17174X Successful 0 140D Unable to get update file 0 140D Unable to get update file 0 0 140D Successful 0 0 16786X Unable to get update Common Commands 2 19 21 6 terminal gt Common Commands Use this command to set the length number of lines to be displayed on the terminal window Syntax terminal length lt 0 512 gt no length lt 0 512 gt width width lt 0 512 gt Parameters length Set number of lines on a screen no Negate a command or set its defaults width Sets width number of characters on a screen line Usage Guidelines Example WS5100 gt terminal length 100 WS5100 gt WS5100 gt terminal width 200 WS5100 gt 2 20 WS5100 Series Switch CLI Reference Guide 2 2 show gt Common Commands This command is used to display the settings for the specified system component There are a number of ways to invoke the show command e Invoked without any arguments sho
94. NAME eth lt 1 2 gt vlan lt 1 4094 gt Show ip access group lt interface name gt show ip arp show ip ddns binding show ip dhcp binding pool show ip dhcp vendor options show ip domain name show ip http secure server server show ip interface IFNAME brief tunnel vlan Snow ip name server show ip route A B C D A B C D M detail show ip routing show ip ssh show ip telnet Parameters access group Display ACLs attached to an interface IFNAME The name of the interface to which the ACL is associated It lists the details of ACLs configured on the particular Layer 3 or Layer 2 interface eth The name of the ethernet interface to which the ACL is associated vlan The name of the VLAN interface to which the ACL is associated arp Display Address Resolution Protocol ddns Displays DDNS configuration binding DNS Address bindings dhcp Displays DHCP Server Configuration binding DNS Address bindings pool DHCP Pools Common Commands 2 33 dhcp vendor options DHCP Option 43 parameters received from DHCP server domain name Default domain for DNS http Hyper Text Transfer Protocol secure server Secure HTTP server server HTTP server interface IP interface status and configuration IFNAME Interface name brief Brief summary of IP status and configuration tunnel Tunnel Interface vlan Vlan Interface name server DNS nameservers route IP routing table A B C D Network in the
95. None Usage Guidelines Example WS5100 clrscr 2 4 WS5100 Series Switch CLI Reference Guide 21 2 exit gt Common Commands Use this command to end current mode and move to the previous mode Syntax exit Parameters None Usage Guidelines Example WS5100 config exit 21 3 help gt Common Commands Common Commands 2 5 Use this command to get access to the advanced help feature You can also use anytime at the command prompt to get access to the help topic When using this command if nothing matches then the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve Syntax help or Parameters None Usage Guidelines Example WS5100 gt show autoinstall banner commands crypto environment history interfaces ip ldap licenses logging mac management mobility autoinstall configuration Display Message of the Day Login banner Show command lists crypto show environmental information Display the session command history Interface status and configuration Internet Protocol IP ldap server Show any installed licenses Show logging configura
96. None Usage Guidelines Example WS5100 gt enable User Exec Commands 3 11 3 1 7 logout gt User Exec Commands Use this command instead of exit command to exit from the EXEC mode Syntax logout Parameters None Usage Guidelines Example The WS5100 Series Switch logs off on execution of this command 3 12 WS5100 Series Switch CLI Reference Guide 3 1 8 page gt User Exec Commands Use this command to toggle paging Syntax page Parameters None Usage Guidelines Example User Exec Commands 3 13 3 1 9 quit gt User Exec Commands Use this command to exit from the current mode and go down to previous mode Syntax quit Parameters None Usage Guidelines Example The WS5100 Series Switch logs off on execution of this command 3 14 WS5100 Series Switch CLI Reference Guide Privileged Exec Commands Most of the PRIV EXEC mode commands set operating parameters privileged level access should be password protected to prevent unauthorized use The PRIV EXEC command set includes those commands contained in USER EXEC mode PRIV EXEC mode also provides access to configuration modes through the configure command and includes advanced testing commands The PRIV EXEC mode prompt consists of the host name of the device followed by a pound sign To access PRIV EXEC mode enter the following CLI command at the prompt WS5100 enable PRIV EXEC mode is sometimes referred to as enable mode because th
97. ORD server A B C D port lt 1024 65535 gt secret 0 2 WORD Parameters realm WORD Realm name WORD A string of up to 50 characters server A B C D proxy server A B C D proxy server ip address port lt 1024 65535 gt proxy server port lt 1024 65535 gt proxy server port number secret 0 2 WORD proxy server secret string 0 Password is specified UNENCRYPTED 2 Password is encrypted with password encryption secret WORD the proxy server shared secret upto 32 characters retry count lt 3 6 gt Proxy server retry count value lt 3 6 gt Retry count in numbers retry delay lt 5 70 gt Proxy server retry delay time lt 5 10 gt retry delay time in seconds Usage Guidelines 16 26 WS5100 Series Switch CLI Reference Guide Example WS5100 config radsrv Very Very Secret WS5100 config radsrv proxy realm Test server 10 10 10 1 port 2220 secret 1 T WS5100 config radsrv proxy retry count 5 WS5100 config radsrv WS5100 config radsrv proxy retry delay 8 WS5100 config radsrv 16 1 13 rad user Radius Server Instance 16 27 gt Radius Configuration Commands Use this CLI to configure RADIUS user parameters Syntax rad user WORD password 0 2 WORD Parameters WORD Enter user name upto 64 characters length password 0 2 WORD Radius user password 0 Password is specified UNENCRYPTED 2 Password i
98. ORD Ping destination address or hostname Usage Guidelines Example WS5100 ping 157 235 208 39 PING 157 235 208 39 157 235 208 39 100 data bytes 128 bytes from 157 235 208 39 icmp_seq 0 tt1l 64 time 2 3 ms 128 bytes from 157 235 208 39 icmp_seq 1 tt1l 64 time 0 2 ms 128 bytes from 157 235 208 39 icmp_seq 2 tt1l 64 time 0 3 ms 128 bytes from 157 235 208 39 icmp_seq 3 tt1l 64 time 0 2 ms 128 bytes from 157 235 208 39 icmp_seq 4 tt1l 64 time 0 1 ms 157 235 208 39 ping statistics 5 packets transmitted 5 packets received 0 packet loss round trip min avg max 0 1 0 6 2 3 ms WS5100 4 32 WS5100 Series Switch CLI Reference Guide 4 1 25 pwd gt Priv Exec Command Use this CLI command to view the contents of the current directory Syntax pwd Parameters None Usage Guidelines Example WS5100 pwd flash WS5100 Privileged Exec Commands 4 33 4 1 26 quit gt Priv Exec Command Use this CLI command to exit from the current mode and move down to previous mode Syntax quit Parameters None Usage Guidelines Example WS5100 quit WS5100 release 3 0 0 0 200B Login as cli to access CLI WS5100 login 4 34 WS5100 Series Switch CLI Reference Guide 4 1 27 reload gt Priv Exec Command Use this CLI to halt the WS5100 Series Switch and perform a warm reboot Syntax reload Parameters None Usage Guidelines Example WS5100 reload Privileged Exec Comm
99. Protocol IP alarm log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration clock Display system clock commands Show command lists crypto crypto debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface nam mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group redundancy history Display redundancy group parameters Display state transition history of the switch redundancy members running config securitymgr sessions snmp snmp server startup config terminal timezone upgrade status users version wireless 14 14 WS5100 Series Switch CLI Reference Guide Display Current Display Display Display Display redundancy group members in detail Operating configuration debug info for ACL VPN and NAT current active open connections SNMP engine parameters SNMP engine para
100. ROCNOR Sep 08 15 58 44 2006 K hdal internal journal Creating LILO files Running LILO Successful ERN 6 INFO ESP Process te file is 3 0 0 0 EXT3 FS on Sep 08 15 58 46 2006 SFWU 6 FWUDON update successful new version is 3 0 0 0 19193x WS5100 E Firmware Privileged Exec Commands 4 1 33 upgrade abort gt Priv Exec Command Use this CLI command to abort the process of an ongoing upgrade Syntax upgrade abort Parameters None Usage Guidelines Example WS5100 upgrade abort o Error No upgrade in progress WS5100 upgrade tftp 157 235 208 105 img background WS5100 Sep 08 16 01 38 2006 KERN 4 WARNING EXT3 fs warning maximal mount count reached running e2fsck is recommended Sep 08 16 01 38 2006 SKERN 6 INFO EXT3 FS on hdal internal journal SKERN 6 INFO kjournald starting Commit interval 5 seconds Sep 08 16 01 43 2006 SKERN 6 INFO EXT3 FS on hda6 internal journal Sep 08 16 01 43 2006 SKERN 6 INFO EXT3 fs mounted filesystem with ordered data mode WS5100 upgrade abort WS5100 WS5100 show upgrade status Last Image Upgrade Status Extracting files this can take some time Aborted Last Image Upgrade Time Fri Sep 8 16 01 54 2006 4 41 4 42 WS5100 Series Switch CLI Reference Guide 4 1 34 write gt Priv Exec Command Use this command to write running configuration to memory or ter
101. RROR VEEE OESIE EIN TNE SETA LOEN AANE EIES TTI TIAS 2 50 PSCUNGANEY AOUD naa A a a 2 51 idane O eee e EAEE i 2 53 PeduNdancy MOMBEMS 2 06 02 ceacraentoataasanpesaaeneaauns 2 54 SI O EE ETATE oe brs deere teed eerste ETE RIE 2 55 SMS GIVEN hatin dip adi aun E E NE E E EE E E E N T eee 2 56 i CALC AEAEE AEAT E EE E EE er OT 2 59 NEI ETE EATE T EOE EEEE EREE TE E E TET EEEN 2 60 Oc uaa ET Er trdiesa rs ae yand kode ae INE Aes asad 2 62 C OT ae ite ar deh ATE EPA TS EIEEE PI E ENE E 2 63 Ge a C EENE EEEIEE ETIA baled TEESE TE EEEE TE 2 70 EL E ETE E EAE AE EE A EAN ESN O TESTE 2 71 DAU ON A hops yee on ee T E A EE OEE E 2 72 Doe PERRINE FISET TEETER EIT ETORTEN ATF ETET 2 73 CCONIGU ING S es deed TE EEEIEE A E peeleb NETE 2 74 BIG EPEA 6 dng cn sane sea IEE E ogee ene E E E 2 75 Wis cdnsoesorseriee hos aidceesieddatadsaseaaaabesohacsasnsse 2 76 PaSSWOrd eNCryPtiON een eee 2 77 e a EE OE E T TETE A E ETES A EE ETT 2 78 E 2 Sc nto A AEE ante duke one ana A EE E 2 81 e e AE A E PEE EEEE E E ees eda EEEE 2 82 AEAEE EENET E TEE SOET EAS ETTI T ETET 2 83 Ute Sai see ET E E TE ETETE ISA EET 2 84 Chapter 3 User Exec Commands User Exec Commands ccc cstscccecncccmacnree prance EPEETAN EN 3 2 E e e EEEE OE EE E E EAEE E E ET N EE E 3 3 ENE EEE E Ka A EE AONE AE AEE ES SEENE a os 3 4 EE E oso IENEN T ke E E EE TEE de RS A ac 3 6 OT iat ee de P TEE EAEAN dai re ee POR ENTF 3 7 iE e N go EPEE NE AE FOENT E SA EON ECTE EE EPEE T 3 9 ENSE REEN
102. Remove specified support information diag shell Provide diag shell access save cli Save CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic Example WS5100 config crypto group service show fol Bal command history crash info info last passwd reboot history startup log upgrade history n D D S D S S S how CLI tree of current mode isplay command except show commands history isplay information about core panic and AP dump files how snapshot of available support information isplay last password used to enter shell how reboot history how startup log how upgrade history WS5100 config crypto group service show WS5100 config crypto group service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 4M out of 18 6M available for crashinfo List of Files messages log snmpd log startup log command history reboot history upgrade history 0 Oct 9 135 01 316 Oct 9 13 01 16 5k Oct 9 13 01 7 8k Oct 9 18 46 3 4k Oct 9 13 01 782 Aug 29 18 32 Please export thes files or delete them for more space WS5100 config crypto group 7 1 7 show crypto group 7 9 Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Param
103. S Sensor ap100 AP100 ap4131 Revert AP4131 00 gt WS510 WS5100 gt 3 4 5 ap4131 AP4131 6 ab gt show wireless ap unadopted WS5100 gt show wireless approved aps access port detection is disabled WS5100 gt WS5100 gt WS5100 gt show Error No WS5100 gt show wireless config count ry code None adoption pref id ook proxy arp enabled adopt unconf radio enabled dot1i1 shared key auth disabled ap detection disabled oversized frames disabled manual wlan mapping disabled dhcp sniff state disabled dhcp fix windows disabled broadcast tx speed smart scan smart scan WS5100 gt WS5100 gt show wireless hotspot config WLAN 1 status Page Loca Internal lla channels llbg channels tion simple Pages Page type login Title Login Page Header Network Login Descrip Footer account Image URL main Image URL small Page typ welcom Title Authentication success 295064 31034 191440 665704 wireless channel power lla indoor valid channels or power levels optimize for throughput disabled description WLAN1 ssid 00 02 07 00 tion Please enter your username and password Contact the network administrator if you do not have an Common Commands 2 67 00 04 05 00 00 01 00 00 2 68 WS5100 Series Switch CLI Reference Guide Header Authentication Success Description You now have network access lt BR gt Click the discon
104. S server vlan lt 1 4094 gt Configure vlans where sensors are to be discovered Usage Guidelines Example WS5100 config wireless sensor vlan 268 500 WS5100 config wireless 17 1 25 service Wireless Instance 17 39 gt Wireless Configuration Commands Use this CLI command to invoke the service commands to trobuleshoot or debug the config wireless instance configurations Syntax service ap clear diag shell save cli showl start shell tethereal wireless service ap force dump service clear all cores dumps panics service show ap cli history startup log command history crash info info last passwd reboot upgrade history wireless service show ap beacon count Parameters ap access port serviceability parameters force dump trigger the access port to send a crash dump to the wireless switch clear Remove specified support information all Remove all core dump and panic files cores Remove all core files dumps Remove all dump files panics Remove all kernel panic files diag shell Provide diag shell access save cli Save CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic wireless Wireless parameters Usage Guidelines 17 40 WS5100 Series Switch CLI Reference Guide Example WS5100 config wireless service clear all WS5100 con
105. S5100 Series Switch CLI Reference Guide i lt interface on which to capture packets gt W wisp packet only s lt snaplen gt r lt filename gt read contents of specified file w lt savefile gt save capture in specified file X for examples on tethereal capture filter WS5100 config if service tethereal WS5100 config if service wireless dump core Create a core file of the ccsrvr process dump state Create a ccsrvr dump file in nvram with internal state information mu history Enable mu association history mu history clear Delete all mu association history files rate scale Enable wireless rate scaling default request ap log Request ap Log WS5100 config if service wireless request ap log 1 file output to file log output to syslog WS5100 config if interface Instance 12 17 12 1 13 show gt Interface Config commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the parameters for which the information can be viewed using the show command Usage Guidelines Example WS5100 config if show access list Internet Protocol IP alarm log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configur
106. S5100 gt show terminal Terminal Type vt102 Length 44 Width 125 WS5100 gt Common Commands 2 59 2 60 WS5100 Series Switch CLI Reference Guide 22 24 timezone gt Common to all modes Syntax show timezone Parameters None Example WS5100 gt show timezone Timezone is Etc UTC WS5100 gt 22 25 users gt Common to all modes Syntax show users Parameters None Example WS5100 gt show users Line PID User Uptime 0 con 0 306 6d07h11m 130 vty 0 1961 02 51 45 WS5100 gt Location ttysod 0 Common Commands 2 61 2 62 WS5100 Series Switch CLI Reference Guide 22 26 version gt Common to all modes Syntax show version verbose Parameters verbose Display software amp hardware details Example WS5100 gt show version WS5100 version 3 0 0 0 200B Copyright c 2006 Symbol Technologies Inc Booted from primary Switch uptime is 6 days 7 hours 23 minutes CPU is Intel R Pentium R 4 CPU 2 00GHz 256220 kB of on board RAM ide device hda disk model Kouwell DOM capacity 501760 blocks cache 0 WS5100 gt WS5100 gt show version verbose WS5100 version 3 0 0 0 200B Copyright c 2006 Symbol Technologies Inc Booted from primary Switch uptime is 6 days 7 hours 22 minutes CPU is Intel R Pentium R 4 CPU 2 00GHz 256220 kB of on board RAM ide device hda disk model Kouwell DOM capacity 501760 blocks cache 0 Failed to open proc pci for input WS5100 gt Common Commands 2
107. Series Wireless Switch as well as the many configuration options available Chapter 2 Common Commands Summarizes the commands common amongst many contexts and instance contexts within the WS5100 Series Wireless Switch command line interface Chapter 3 User Exec Commands Summarizes the User Exec commands within the WS5100 Series Wireless Switch command line interface Chapter 4 Privileged Exec Commands Summarizes the Priv Exec commands within the WS5100 Series Wireless Switch command line interface Chapter 5 Global Configuration Commands Summarizes the Global Config commands within the WS5100 Series Wireless Switch command line interface Chapter 6 crypto isakmp Summarizes the erypto isakmp commands within the WS5100 Series Switch command line interface Chapter 7 crypto group Summarizes the erypto group commands within the WS5100 Series Switch command line interface Chapter 8 crypto peer Summarizes the erypto peer commands within the WS5100 Series Switch command line interface Chapter 9 crypto ipsec Summarizes the erypto ipsee commands within the WS5100 Series Switch command line interface Chapter 10 crypto map Summarizes the erypto map commands within the WS5100 Series Switch command line interface Chapter 11 crypto trustpoint Instance Summarizes the crypto trustpoint commands within the WS5100 Serie
108. T ENE A ENESTE TAE pees 3 10 WHO EEEE E NPETE EEN OE EEEE S E E TE 3 11 Fes Strains a A E E E E 3 12 i A E EA TIEN ENEE S E A E ETE TN EA ES 3 13 Chapter 4 Privileged Exec Commands Priv Exee COMMANG ses serrsarrerriprti d PETENTE ERINEDES KEANNA dudes 4 2 E E E A E E E E EEEE EE AE E TEE EN 4 4 MME cccceeSeuddnoarraeoracdenigameaistaresdiuseecsaneeedons 4 5 PUM 5 ctu ie Bape tb eedebaniekie hd bledsudedbdgeehe heeded es 4 7 E EEEE EEIE EA ti dnine ket beta NESIE LOEN TET NE T 4 8 SN LANPI EE EN EER V EES EE A EN EE E 4 9 AE SOOLE EEEIEE E T E OESE LET TTEN E S EEEE 4 11 4 WS5100 Series Switch CLI Reference Guide CONE oi ke CEE I ENEE E EIEEE cen a eae eee es 4 13 CO seers ESE AE O EP reser EET EE E NTE ETT e 4 14 A a r a EE AEE 4 15 VE AENEA EEE EEN ESE IIA SEE AATRE A EEE 4 16 a ETE EEA E E EI EE IEEE A AE PEE AE ss 4 17 o ER EEE PEIEE TIETE Sphere ors Sekar coh E ATOT ENS PES PECOT 4 18 Ea AEN IEE N ESIS SAE ONEEN E AE VAN AIAT A 4 19 as re rae Se IEE AEN a dee a en E EE A ATE 4 20 PGE sci ocacrutdaased ELE E IEEE IEE OEE TE SOET ETE TE 4 22 Si AS TEIN EA cen PAIE IE E A E ESS T A E TET AT E 4 23 E EEA EET NESTE SEAS VEETA S TEEL ESA N SO TIETAS 4 24 PAM wer dines EIA EE PEL A EEEE Bn S OEE E E ER 4 25 O EEE AEE E EE E A OE TESA OA E es 4 26 E AEREE AEAT Aone PEE EE EENE LNE PIENE E AET 4 27 ole A TEN E T E A E E Rade E AE E TE AENT O 4 28 ai SIE EEEE TIE ENE EEEE VEEE T EENE E TT A ET 4 30 A PEETA EAE ATENE A EESE PIETEI EE
109. TP master clock peer Configure NTP peer server Configure NTP server WORD autokey Configure autokey peer authentication scheme key Configure peer authentication key lt 1 65534 gt Peer key number prefer Prefer this peer when possible version Configure NTP version lt 1 4 gt NTP version number trusted key Key numbers for trusted time sources lt 1 65534 gt Key number Usage Guidelines Global Configuration Commands 5 35 Example WS5100 config ntp peer WORD Name IP address of peer WS5100 config ntp peer TestPeer autokey Configure autokey peer authentication scheme key Configure peer authentication key prefer Prefer this peer when possible version Configure NTP version lt cr gt WS5100 config ntp peer TestPeer autokey prefer Prefer this peer when possible version Configure NTP version lt cr gt WS5100 config ntp peer TestPeer autokey prefer version Configure NTP version lt cr gt WS5100 config ntp peer TestPeer autokey prefer version lt 1 4 gt NTP version number WS510 WS510 config ntp peer TestPeer autokey prefer version 3 oro WS5100 config ntp peer TestPeer key lt 1 65534 gt Peer key number WS5100 config ntp peer TestPeer key 20 prefer Prefer this peer when possible version Configure NTP version lt cr gt WS5100 config ntp peer TestPeer key 20 prefer version Configure NTP version lt cr
110. add only one crypto mapset to one interface WS5100 wireless switch does not support the same cryptomap set to be attached to multiple interfaces Example EXAMPLE OUTPUT HERE 12 1 3 description gt Interface Config commands Use this CLI command to create an interface specific desciption Syntax description Parameters interface Instance LINE Characters describing this interface Usage Guidelines Example WS5100 config if description interface for RetailKing WS5100 config if 12 5 12 6 WS5100 Series Switch CLI Reference Guide 12 1 4 duplex gt Interface Config commands Use thsi CLI command to configure a duplex type to the interface NOTE e Duplexity can only be set for Ethernet type Interface You need to enter the config if instance using eth parameter of interface mode e Duplex can not be set until speed is set to non auto value Syntax duplex auto full half Parameters auto set auto negotiate full set full duplex half set half duplex Usage Guidelines Example interface Instance 12 7 12 1 5 end gt Interface Config commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config if end WS5100 12 8 WS5100 Series Switch CLI Reference Guide 12 1 6 exit gt Interface
111. adio lt 1 1000 gt RADIO add all lla all 11b all llbg configure 8021X default 11a default 11b default 11bg dns name radio lt 1 1000 gt adoption pref id antenna mode beacon interval bss cca level cca mode channel power coordinates copy config from description detector dtim period enforce spec mgmt image name location message mac max mobile units on channel scan reset reset ap rts threshold run acs self heal offset short preamble speed wmm radio bss lt 1 4 gt auto gt WLAN radio channel power indoor outdoor lt 1 200 gt acs random lt 4 20 gt radio coordinates x coordinates y coordinates z coordinates radio copy config from lt 1 1000 gt default 1la default 11b default 11lbg radio dtim period lt 1 50 gt bss lt 1 4 gt radio range 1 11 12 18 2 24 36 48 54 5p5 6 9 basicl basicllbasicl12 basicl18 basic2 basic24 basic36 basic48 basic54 basic5p5 basic6 basic9 default range throughput radio wmm background best effort video voice aifsn lt 1 15 gt burst lt 0 65535 gt cw lt 0 15 gt radio add lt 1 1000 gt MAC Address 1la ap300 11b ap100 ap4131 11lbg ap300 Parameters lt 1 1000 gt A single radio index RADIO A list eg 1 3 7 or range eg 3 7 of radio indices all 11a all 11a radios currently in configuration all 11b all 11b radios currently in configuration all 11bg all 11bg radios currently in con
112. al gt Wireless Configuration Commands Use this CLI command to configure Self Healing Syntax self heal interference avoidance neighbor recovery self heal interference avoidance enable hold time lt 0 65535 gt retries lt 0 0 15 0 gt self heal neighbor recovery action enable neighbors run neighbor detect self heal neighbor recovery action both none open rates raise power radio lt 1 1000 gt RADIO self heal neighbor recovery neighbors lt 1 1000 gt lt 1 1000 gt RADIO Parameters interference avoidance Interference Avoidance configuration enable enable disable interference avoidance hold time lt 0 65535 gt The number of seconds to disable interference avoidance after a detection This prevents a radio from changing channels continuously Set the hold time between 0 65535 seconds retries lt 0 0 15 0 gt The average number retries to cause a radio to re run auto channel selection Set a value between 0 15 neighbor recovery Neighbor Recovery configuration commands action Radio self healing action when neighbors are detected down both none open rates e both raise the power to max and open all rates raise power d hi radio lt 1 1000 gt RADIO none do nothing e open rates open all rates e raise power raise the power to max e radio modify the action for specified radio s e lt 1 1000 gt A single radio index e RADIO A list
113. ance 17 25 17 1 18 no gt Wireless Configuration Commands Use this CLI command to negate a command or set its defaults Syntax no adopt unconf radio adoption pref id ap detection broadcast tx speed country code dhcp sniff state dot11 shared key auth fix windows dhcp ids mac auth local manual wlan mapping mobile unit mobility oversized frames proxy arp qos mapping radio self heal sensor service smart scan channels wlan Parameters Refer to Table 17 1 on page 17 1 for the parameters that can be negated using no command Usage Guidelines Example WS5100 config wireless no mobility enable WS5100 config wireless 17 26 WS5100 Series Switch CLI Reference Guide 17 1 19 oversized frames gt Wireless Configuration Commands Use this CLI command to use oversized frames for data traffic Syntax oversized frames Parameters enable Enable support for oversized frames Usage Guidelines Example WS5100 config wireless oversized frames enabl WS5100 config wireless Wireless Instance 17 27 17 1 20 proxy arp gt Wireless Configuration Commands Use thie CLI command respond to ARP requests from the RON to WLAN on behalf of mobile units Syntax proxy arp Parameters enable Enable support for proxy arp Usage Guidelines Example WS5100 config wireless proxy arp enable WS5100 config wireless 17 28 WS5100 Series Switch CLI Reference Gui
114. ands are stored across switch reboots From global configuration mode you can enter a variety of protocol specific or feature specitic configuration modes The CLI hierarchy requires that you enter these specific configuration modes only through global configuration mode From global configuration modes you can enter configuration submodes Configuration submodes are used for the configuration of specific features within the scope of a given configuration mode The Table 1 7 below summarizes all the commands available to configure and monitor WS5100 Series Switch Table 1 1 CLI Context Hierarchy for WS51 Introduction 00 Series Switch User Exec Mode Priv Exec Mode Global Configuration Mode autoinstall acknowledge aaa clear archive access list clrscr autoinstall banner cluster cli cd boot debug clear clrscr disable clock country code enable clrscr crypto exit cluster cli do help configure end logout copy exit no debug fallback page delete ftp quit diff help service dir hostname show disable interface terminal edit ip enable license erase line exit local halt logging help mac kill no logout ntp 1 3 1 4 WS5100 Series Switch CLI Reference Guide Table 1 1 CLI Context Hierarchy for WS5100 Series Switch User Exec Mode Priv Exec Mode Global Configuration Mode mkdir
115. ands 4 35 4 1 28 rename gt Priv Exec Command Use this CLI command to rename a file in the existing filesystem Syntax rename FILE FILE Parameters FILE Flle to be rename Usage Guidelines Example WS5100 rename flash TestDIR NewTestDir WS5100 DIR Directory of flash drwx 1024 Wed Jul 19 19 14 05 2006 hotspot drwx 120 Wed Aug 30 15 32 44 2006 log drwx 1024 Thu Aug 31 23 50 09 2006 crashinfo rw 14271 Tue Jul 25 15 16 41 2006 Radius config rw 14271 Wed Jul 26 15 42 08 2006 flash drwx 1024 Wed Aug 9 17 35 08 2006 radius rw 3426 Wed Jul 26 16 08 02 2006 running config new rw 13163 Wed Jul 26 16 08 42 2006 radius config rw 80898 Thu Aug 17 14 59 39 2006 cli_commands txt rw 65015 Fri Aug 11 19 57 37 2006 cli_commands txtli_commands txt rw 65154 Thu Aug 17 15 11 23 2006 cli_commands_180B txt rw 32 Sat Sep 2 00 15 38 2006 cli_commands save drwx 1024 Sat Sep 2 00 31 24 2006 NewTestDir WS5100 4 36 WS5100 Series Switch CLI Reference Guide 4 1 29 rmdir gt Priv Exec Command Use this CLI command to delete a existing file from the file system Syntax rmdir DIR Parameters DIR Name of the Directory to be deleted Usage Guidelines Example WS5100 rmdir flash NewTestDir WS5100 DIR Directory of flash drwx 1024 Wed Jul 19 19 14 05 2006 hotspot drwx 120 Wed Aug 30 15 32 44 2006 log
116. ap match address TestMap WS5100 config crypto map 10 1 6 no Use this CLI command to negate a command or set its defaults Syntax no lt previous command used gt Parameters Use the commands that you have configured under this instance Example WS5100 config crypto map no aggrerssive mode WS5100 config crypto map crypto map 10 9 10 10 AP 5131 Access Point Product Reference Guide 10 1 7 service Use this CLI command to invoke the service commands to trobuleshoot or debug the config crypto isakmp instance configurations Syntax service clear diag shell save cli show start shell tethereal Parameters clear Remove specified support information diag shell Provide diag shell access save cli Save CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic Example WS5100 config crypto map service show fol Bal command history crash info info last passwd reboot history startup log upgrade history n D D S D S S S how CLI tree of current mode isplay command except show commands history isplay information about core panic and AP dump files how snapshot of available support information isplay last password used to enter shell how reboot history how startup log how upgrade history WS5100 config crypto map service show WS5
117. ation clock Display system clock commands Show command lists crypto crypto debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface nam mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group redundancy history Display redundancy group parameters Display state transition history of the switch 12 18 WS5100 Series Switch CLI Reference Guide redundancy members running config securitymgr sessions snmp snmp server startup config terminal timezone upgrade status users version wireless WS5100 config if show Display Current Display Display Display Display Content Display Display Display Display Display Wireles redundancy group members in detail Operating configuration debug info for ACL VPN and NAT current active open connections SNMP engine parameters SNMP engine parameters s of startup configuration terminal configuration parameters timezone last image upgrade s
118. aults page 16 24 proxy Radius proxy server page 16 25 rad user Radius user configuration page 16 27 server Configure server certificate parameters page 16 28 service Service Commands page 16 29 show Show running system information page 16 30 terminal Set terminal line parameters page 16 32 Radius Server Instance 16 3 16 1 1 authentication gt Radius Configuration Commands lt lt lt Text here gt gt gt Syntax authentication data source eap auth type authentication data source ldap local authentication eap auth type all peap gtc peap mschapv2 tls ttls md5 ttls mschapv2 ttls pap Parameters data source Radius Datasource for user authentication eap auth type Radius Eap and Default authentication type configuration all Enable both ttls and peap peap gtc Eap type peap with Default auth type gtc peap mschapv2 Eap type peap with Default auth type mschapv2 tls Eap type tls ttls md5 EAP type ttls with Default auth type md5 ttls mschapv2 EAP type ttls with Default auth type mschapv2 ttls pap EAP type ttls with Default auth type pap Usage Guidelines Example 16 4 WS5100 Series Switch CLI Reference Guide 16 1 2 ca gt Radius Configuration Commands Use this CLI command to configure CA Certificate Authority parameters Syntax ca trust point WORD Parameters trust point Trust point configuration WORD Existing trust point name Usage Guidelines Conf
119. available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config wireless WS5100 Series Switch CLI Reference Guide 17 1 14 ids gt Wireless Configuration Commands Use this CLI command to configure Intrusion Detection System Syntax ids anomaly detection detect window ex ops ids anomaly detection all invalid frame length multicast source null destination same source destination tkip countermeasures weak wep iv enable filter ageout ids detect window lt 5 300 gt ids ex ops 80211 replay fails all association requests authentication fails crypto replay fails decryption fails disassociations eap starts probe requests unassoc frames filter ageout lt 0 86400 gt threshold mu radio switch lt 0 9999 gt Parameters anomaly detection Configure parameters related to the detection of anomalous frames on the RF network all Enable for all types of anomalous frames invalid frame length invalid frame lengths multicast source broadcast or multicast source null destination all zero s addess same source destination identical source and destination addresses tkip counter
120. ay system clock Show command lists crypto Display debugging setting show environmental information Display filesystem information Display FTP Server configuration Display the session command history Interface status and configuration Internet Protocol IP ldap server Show any installed licenses Show logging configuration and buffer Media Access Control Display L3 Managment Interface nam Display Mobility Parameters Network time protocol password encryption Show current privilege level Radius configuration commands Display redundancy group parameters Display state transition history of the switch Display redundancy group members in detail Current Operating configuration Display debug info for ACL VPN and NAT Display current active open connections Display SNMP engine parameters snmp server startup config terminal timezone upgrade status users version wireless Display SNMP engine parameters Contents of startup configuration Display terminal configuration parameters Display timezone Display last image upgrade status Display information about terminal lines Display software amp hardware version Wireless configuration commands WS5100 config crypto isakmp show crypto isakmp 6 15 6 16 AP 5131 Access Point Product Reference Guide crypto group Use crypto isakmp client configuration group default to initiates config crypto group instance 7 1 Crypto Client Config commands Tab
121. c Example WS5100 config radsrv group service radius restart WS5100 config radsrv group 16 30 WS5100 Series Switch CLI Reference Guide 16 1 16 show gt Radius Configuration Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the parameters for which the information can be viewed using the show command Example WS5100 config radsrv show access list Internet Protocol IP alarm log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration clock Display system clock commands Show command lists crypto erypto debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface nam mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group redundancy history
122. cast source disabled weak wep iv disabled tkip countermeasures disabled invalid frame length disabled WS5100 gt WS5100 gt show wireless mac auth local 50 WS5100 gt WS5100 gt show wireless mobile unit statistics Error None of the mobil Filter Ageout 60 60 60 60 60 60 60 60 60 60 60 60 60 60 60 Sec Sec Sec Sec Sec Sec Sec Sec Sec Sec Sec Sec Sec Sec Sec units are associated Common Commands 2 69 2 70 WS5100 Series Switch CLI Reference Guide 22 28 access list gt Privilege Global Config This CLI command lists all the access lists numbered and named configured on the switch The numbered access list displays all numbered ACLs configured and the named access list displays the details of the name ACL configured Syntax show access list show access list lt 1 99 gt lt 100 199 gt lt 1300 1999 gt lt 2000 2699 gt WORD Show access list lt acl name gt Parameters lt 1 99 gt IP standard access list lt 100 199 gt IP extended access list lt 1300 1999 gt IP standard access list expanded range lt 2000 2699 gt IP extended access list expanded range WORD Name of ACL Example 22 29 alarm log gt Priviledge Global Config Common Commands 2 71 Syntax show alarm log lt 1 65535 gt acknowledged all count new severity to limit critical informational major normal warning Parameters lt 1 6
123. changes to ws5100 config Syntax exit Parameters None Usage Guidelines Example WS5100 config std nacl exit WS5100 config Standard ACL Instance 14 7 14 1 5 help gt Standard ACL Config Commands Use thie CLI command to access the systems interactive help system Syntax help Parameters None Usage Guidelines Example WS5100 config std nacl help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config std nacl 14 8 WS5100 Series Switch CLI Reference Guide 14 1 6 mark gt Standard ACL Config Commands Use this CLI command to specify packet that you want to mark Syntax mark 8021 1p lt 0 7 gt tos lt 0 255 gt A B C D M any host mark 8021 1p lt 0 7 gt tos lt 0 255 gt any host log rule precedence lt 1 5000 gt wlan lt 1 32 gt A B gt C D mark 8021 1p lt 0 7 gt tos lt 0 255 gt any wlan lt 1 32 gt log rule precedence lt 1 5000 gt Parameters Usage Guideline
124. client IP address WS5100 config radsrv nas 10 10 10 0 24 key Radius client shared secret WS5100 config radsrv nas 10 10 10 0 24 key 0 Password is specified UNENCRYPTED 2 Password is encrypted with password encryption secret LINE The secret client shared secret upto 32 characters WS5100 config radsrv nas 10 10 10 0 24 key 0 very secret 16 23 16 24 WS5100 Series Switch CLI Reference Guide 16 1 11 no gt Radius Configuration Commands Use this CLI command to negate a command or set its defaults Syntax no authentication ca crl check group ldap server nas proxy rad user server servic Parameters authentication Radius authentication ca Configure ca certificate parameters crl check Certificate Revocation List CRL check group Local radius server group configuration Idap server ldap server parameters nas Radius client proxy Radius proxy server rad user Radius user configuration server Configure server certificate parameters service Service Commands Usage Guidelines Example WS5100 config radsrv no authentication data source WS5100 config radsrv WS5100 config radsrv no ca trust point WS5100 config radsrv 16 1 12 proxy Radius Server Instance 16 25 gt Radius Configuration Commands Use this CLI command to configure RADIUS proxy server Syntax proxy realm retry count retry delay proxy relam W
125. command Syntax encryption 3des aes aes 192 aes 256 des Parameters 3des 3des Triple data encryption standard aes aes advanced data encryption standard aes 192 aes 192 advanced data encryption standard aes 256 aes 256 advanced data encryption standard des des data encryption standard Example WS5100 config crypto isakmp encryption 3des WS5100 config crypto isakmp WS5100 config crypto isakmp encryption aes 256 WS5100 config crypto isakmp 6 6 AP 5131 Access Point Product Reference Guide 6 1 4 end Use this CLI command to end and exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config crypto isakmp end WS5100 crypto isakmp 6 7 6 1 5 exit Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Syntax exit Parameters None Usage Guidelines Example WS5100 config crypto isakmp exit WS5100 config 6 8 AP 5131 Access Point Product Reference Guide 6 1 6 group Use this CLI command to specify the Diffie Hellman group 1 or 2 to be used by this IKE policy to generate the keys which are then used to create the IPSec SA Syntax group 1 215 Parameters 1 768 bit mod P 2 1024 bit mod P 5 Usage Guidelines The local IKE policy and the peer IK
126. community contact enable host location manager sysname user snmp server community WORD ro rw snmp server contact LINE snmp server enable traps all miscellaneous nsm redundancy snmp wireless wireless statistics snmp server enable traps all snmp server enable traps miscellaneous lowF sSpace processMaxRestartsReached savedConfigModified snmp server enable traps nsm dhcpIPChanged snmp server enable traps redundancy adoptionExceeded grpAuthLevelChanged memberDown memberMisConfigured memberUp snmp server enable traps snmp authenticationFail coldstart linkdown linkup snmp server enable traps wireless ap detection ids radio self healing station snmp server enable traps wireless ap detection externalAPDetected snmp server enable traps wireless ids excessiveAuthAssociation excessiveProbes snmp server enable traps wireless radio adopted detectedRadar unadopted snmp server enable traps wireless self healing activated snmp server enable traps wireless station associated deniedAssociationAsPortCapacityReached deniedAssociationOnCapability deniedAssociationOnErr deniedAssociationOnInvalidWPAWPA2IE deniedAssociationOnRates deniedAssociationOnSSID deniedAssociationOnShortPream deniedAssociationOnSpectrum deniedAuthentication disassociated radiusAuthFailed tkipCounterMeasures snmp server enable traps wireless statistics min packets mobile unit radio wireless switch w
127. d You can set a value of anything between 100 30000 milli seconds The default value is set to 1000 milliseconds save cli This command creates clitree html which saves and displays the cli tree for all modes cli Show CLI tree of current mode command history Display command except show commands history crash info Display information about core panic and AP dump files diag Diagnostics info Show snapshot of available support information memory Show memory statistics natstats Show ACL rule stats process Show processes sorted by memory usage reboot history Show reboot history rulestats Show ACL rule stats startup log Show startup log Common Commands upgrade history Show upgrade history Usage Guidelines Example WS5100 service diag enable led LED control limit Enable in service diagnostics diagnostic limit command period Set diagnostics period WS5100 service diag enable WS5100 service diag led 1 2 wWS5 1 upper 2 lower 100 service amber amber blue blue red red WSS f o 100 service lashing LED Flashing ff LED off ED ED diag led 1 diag led on LED on WSS WSS Wws5 Wws5 WSS 100 service 100 service 100 service 100 service 100 service WS5100 service buffer fan filesys load maxFDs pkbuffers procRAM ram routecache e diag led diag led diag led diag
128. d encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group redundancy history Display redundancy group parameters Display state transition history of the switch redundancy members running config securitymgr sessions snmp snmp server startup config terminal timezone upgrade status users version wireless 15 16 WS5100 Series Switch CLI Reference Guide Display Current Display Display Display Display redundancy group members in detail Operating configuration debug info for ACL VPN and NAT current active open connections SNMP engine parameters SNMP engine parameters Contents of startup configuration Display Display Display Display Display terminal configuration parameters timezone last image upgrade status information about terminal lines software amp hardware version Wireless configuration commands WS5100 config ext macl show Extended MAC ACL Instance 15 17 15 1 11 terminal gt MAC Extended ACL Config Commands Use this command to set the length number of lines to be displayed on the terminal window Syntax terminal monitor no terminal no monitor Parameters monitor Copy debug output to the current terminal line no Negate a command or set its defaults monitor Copy debug output to the current terminal line Usage Guidelines Example WS5100 config ext macl terminal monito
129. de 17 1 21 qos mapping gt Wireless Configuration Commands Use this CLI command to confiure and setup QoS mappings between the wired and wireless domains Syntax qos mapping wired to wireless wireless to wired gos mapping wired to wireless dot1p lt 0 7 gt dscp lt 0 63 gt background best effort video voice qos mapping wireless to wired background best effort video voice dot1ip lt 0 7 gt Parameters wired to wireless Mappings used while switching wired traffic over the air dot1p lt 0 7 gt Configure mappings of 802 1p tags to access categories You can specify more than one 802 1p tag 0 7 to be configured dscp lt 0 63 gt Configure mappings of DSCP values to access categories You can specify more than one DSCP value 0 63 to be configured background background category traffic best effort best effort category traffic video video traffic category traffic voice voice traffic category traffic wireless to wired Mappings used while switching wireless traffic to the RON side dot1p lt 0 7 gt Configure the 802 1p tags that corresponds to selected access category Usage Guidelines Example WS5100 config wireless qos mapping wireless to wired background dotlp 5 WS5100 config wireless Wireless Instance 17 29 17 1 22 radio gt Wireless Configuration Commands Use thie CLI command to configure radio related settings Syntax r
130. defaults Syntax no deny mark permit This command negates all the syntax combinatins that you have used in deny mark and permit to configure the Extended ACL Parameters deny Specify packets to reject mark Specify packets to mark permit Specify packets to forward Usage Guidelines Example EXAMPLE OUTPUT HERE 15 12 WS5100 Series Switch CLI Reference Guide 15 1 8 permit gt MAC Extended ACL Config Commands Use this CLI command to specify packets that you want to forward Syntax permit Source MAC Address Destination MAC Address dotlp lt 0 7 gt type vlan lt 1 4095 gt wlan lt 1 32 gt rule precedende lt 1 5000 gt permit Source MAC Address Destination MAC Address dot1p lt 0 7 gt rule precedence lt 1 5000 gt permit Source MAC Address Destination MAC Address type lt 1 65535 gt arp ip ipv 6 vlan wisp gt rule precedence lt 1 5000 gt permit Source MAC Address Destination MAC Address wlan lt 1 32 gt dotlp lt 0 7 gt type vlan lt 1 4095 gt rule precedence lt i1 5000 gt Parameters Source MAC Address Source MAC Address can be one of the following e XXIXXIXX1XXIXX1XX XXIXX1XXIXXIXX1XX Source MAC address and mask any Any source host host Exact source MAC address to match Destination MAC Address Destination MAC Address can be one of the following e XXIXXIXX1XXI1XX1XX XXIXXIXX1XXIXXIXX Destination MAC
131. dence lt i1 5000 gt Parameters Source Mask Source MAC Address can be one of the following XKIXKIXKIXKIXK1XK KKIXKIXKIXKIXKIXX Source MAC address and mask any Any source host e host Exact source MAC address to match Destination Mask Destination MAC Address can be one of the following bd XXIXKIXKIXKIXKIXK XKIXKIXKIXKIXKIXX Destination MAC address and mask e any Any destination host host Exact destination MAC address to match dot1p lt 0 7 gt 802 1p priority rule precedence lt 1 5000 gt Access list entry precedence type lt 1 65535 gt arp ip ipv6 vlan wisp Etherlype vlan lt 1 4095 gt VLAN ID wlan lt 1 32 gt Filter packets based on WLAN Extended MAC ACL Instance 15 5 Usage Guidelines Example EXAMPLE OUTPUT HERE 15 6 WS5100 Series Switch CLI Reference Guide 15 1 3 end gt MAC Extended ACL Config Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config ext macl end WS5100 Extended MAC ACL Instance 15 7 15 1 4 exit gt MAC Extended ACL Config Commands Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Syntax exit Parameters None Usage Guidelines Example
132. dopt unconf radio Parameters enable Enable the adoption of unconfigured radios Usage Guidelines Example WS5100 config wireless adopt unconf radio enabl WS5100 config wireless Wireless Instance 17 5 17 1 2 adoption pref id gt Wireless Configuration Commands Use this CLI command as a preference identifier for the WS5100 wireless switch All radios configured with this preference identifier are more likely to be adopted by this wireless switch Syntax adoption pref id Parameters lt 1 65535 gt Select a Pref ID within 1 65535 Usage Guidelines Example WS5100 config wireless adoption pref id 500 WS5100 config wireless 17 6 WS5100 Series Switch CLI Reference Guide 17 1 3 ap detection gt Wireless Configuration Commands Use this CLI command to configure AP detection Syntax ap detection approved enable max aps mu assisted scan timeout ap detection approved add lt 1 200 gt MAC Address SSID ap detection mu assisted scan enable refresh lt 10 86400 gt Parameters approved The approved AP list add Add an entry to the approved AP list lt 1 200 gt Index where this approved entry will be added lt 1 200 gt MAC Address You can select either e MAC Mac address in AA BB CC DD EE FF format e any any Mac address SSID You can select either e LINEA string of up to 32 characters e any any ssid enable Allow access ports
133. dress Max Roam Period Number of Peers 157 235 208 16 State DISABLED DISABLED 0 0 0 0 5 sec MU 00 0 00 0 00 0 00 0 Common Commands config show mobility event log mobile unit Evt Src IP ac 3d e9 ao 54 f 3d e9 a6 54 f 3d e9 a6 54 f 3d e9 a6 54 Tunnel 2 45 MU IP 0 0 0 0 0 0 0 0 0 0 0 0 HS Vlan Admin status is DISABLED 0 established 0 Number of MUs 0 Home 0 Foreign 0 Del pend 0 L3 Mobility enabled WLANs NONE WS5100 gt WS5100 config show mobility mobile unit detail HOME MU Database Total 1 MU MAC Address 00 0f 3d e9 a6 54 IP Address 157 235 208 134 SSID wios_rad_testl Home Switch 157 235 208 16 Current Switch 157 235 208 16 HS VLAN 1 Foreign MU Database Total 0 2 46 WS5100 Series Switch CLI Reference Guide WS5100 config show mobility peer detail Mobility Peers Total 1 Established 0 Peer 1 1 1 1 State PASSIVE CONNECTING Join Sent 0 Join Revd 0 Leave Sent 0 Leave Revd 0 Rehome Sent 0 Rehome Rcvd 0 L3roam Sent 0 L3roam Revd 0 Num flaps 0 Connect retries 0 Peer Uptime 0 days 00 00 00 WS5100 config show mobility statistics MU lt 00 0f 3d e9 a6 54 gt Mob State HS_AND_CS Inter RX Tx face Junicast MC BC Error unicast MC BC Error wlan_port 0 0 0 0 0 0 0 0 Common Commands 2 47 2 2 15 ntp gt Common to all mod
134. e Usage Guidelines Example WS5100 config radsrv exit WS5100 config Radius Server Instance 16 9 16 1 7 group gt Radius Configuration Commands Use this CLI command to configure radius user group paramaters The system moves to a sub instance mode when you create a new group and the prompt changes from ws5100 config radsrv to WS5100 config radsrv group Table 16 2 summarizes the Radius User Group commands withing the config radsrv group sub instance Table 16 2 Radius User Group Configuration Command Summary Command Description Ref clrscr Clears the display screen end End current mode and change to EXEC mode exit End current mode and down to previous mode group Configure radius user group paramaters guest group Guest group configuration help Description of the interactive help system no Negate a command or set its defaults policy Radius group access policy configuration rad user Add Radius user to this group service Service Commands show Show running system information terminal Set terminal line parameters 16 10 WS5100 Series Switch CLI Reference Guide 16 1 7 1 clrscr gt Radius Configuration Commands Use this CLI command to clear the display screen Syntax clrscr Parameters None Example WS5100 config radsrv group clrscr WS5100 config radsrv group 16 1 7 2 end gt Radius Configuration Commands Use this CLI command to endand exit
135. e config std nac1 instance to configure the ip access list standard ACLs associated with the WS5100 Series Wireless Switch 14 1 Standard ACL Config Commands Table 14 7 summarizes the config std nael commands within the WS5100 Series Switch command line Table 14 1 Extended ACL Config Command Summary Command Description Ref clrscr Clears the display screen page 14 3 deny Specify packets to reject page 14 4 end End current mode and change to EXEC mode page 14 5 exit End current mode and down to previous mode page 14 6 14 2 WS5100 Series Switch CLI Reference Guide Command Description Ref help Description of the interactive help system page 14 7 mark Specify packets to mark page 14 8 no Negate a command or set its defaults page 14 9 permit Specify packets to forward page 14 10 service Service Commands page 14 11 show Show running system information page 14 13 terminal Set terminal line parameters page 14 15 14 1 1 clrser gt Standard ACL Config Commands Use this CLI command to clear the display screen Syntax clrscr Parameters None Usage Guidelines Example WS5100 config std nacl clrscr WS5100 config std nacl Standard ACL Instance 14 3 14 4 WS5100 Series Switch CLI Reference Guide 14 1 2 deny gt Standard ACL Config Commands Use this CLI command to specify packets that you want to reject Syntax deny A B C D M any host deny any
136. e key lt 1 4 gt configure pre shared hex keys e ascii keys as ascii characters 5 characters for wep64 13 for key lt 1 4 gt wep128 e hex keys as hexadecimal characters 10 characters for wep64 26 for wep128 e 0 Password is specified UNENCRYPTED e 2 Password is encrypted with password encryption secret e WORD Key 10 hex or 5 ascii characters for wep64 26 hex or 13 ascii characters for wep128 e phrase Specify a passphrase from which the keys are to be derived e LINE the passphrase between 4 and 32 characters e wep defauly key lt 7 4 gt The key index to be used for transmission from AP to MU wep64 Configure WEP64 parameters Usage Guidelines Example WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 oo oo oo oo fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless fig wireless wlan 25 accounting syslog wlan 25 answer bcast ess wlan 25 authentication type kerberos wlan 25 description TestWLAN wlan 25 dot11i handshake timeout 2500 retransmit 5 wlan 25 dot11li key rotation enable WS510 WS510 WS510 WS510 WS510 featu WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 5005 WS510 oo oo re O38 oro oo oo G O OG
137. e 2 49 radius Displays radius configuration commands Common page 2 50 redundancy group Displays redundancy group parameters Common page 2 51 redundancy history Displays state transition history of the switch Common page 2 53 redundancy members Displays redundancy group members in detail Common page 2 54 snmp Displays SNMP engine parameters Common page 2 55 snmp server Displays SNMP engine parameters Common page 2 56 terminal Displays terminal configuration parameters Common page 2 59 timezone Displays timezone Common page 2 60 users Displays information about terminal lines Common page 2 61 version Displays software and hardware version Common page 2 62 wireless Displays wireless configuration commands Common page 2 63 access list Displays access list Internet Protocol IP Privilege page 2 70 configuration Global Config alarm log Displays all alarms currently in the system Privilege page 2 71 Global Config boot Displays boot configuration Privilege page 2 72 Global Config clock Displays system clock Privilege page 2 73 Global Config debugging Displays debugging setting Privilege page 2 74 Global Config file Displays filesystem information Privilege page 2 75 Global Config 2 21 2 22 WS5100 Series Switch CLI Reference Guide Display Parameters Description Mode Example ftp Displays FIP Server configuration Privilege page 2 76 Global Config password encryption Displays
138. e IP Address Destination IP Address log rule precedence lt 1 5000 gt permit tcp udp Source IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt Destination IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt permit tcp udp Source IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt Destination IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt log Extended ACL Instance 13 13 permit tcp udp Source IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt Destination IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt log wlan lt 1 32 gt permit tcp udp Source IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt Destination IP Address eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt log rule precedence lt 1 5000 gt Parameters icmp ICMP Protocol ip Any Internet Protocol Source IP Source IP address can be one of the following e a B c D M Source IP address range to match e any Any source IP address e host Single host address Destination IP Destination IP address can be one of the following e a B c D M Destination IP address range to match e any Any destination IP address e host Single host address lt 0 255 gt ICMP Type log Log matches against this entry rule precedence lt 1 5000 gt Access list entry precede
139. e enable command is used to enter the mode If a password has been configured on the system you will be prompted to enter it before being allowed access to privileged EXEC mode The password is not displayed on the screen and is case sensitive If an enable password has not been set PRIV EXEC mode can be accessed only from the router console terminal connected to the console port The system administrator uses the enable secret or enable password 4 2 WS5100 Series Switch CLI Reference Guide 4 1 Priv Exec Command Table 4 7 summarizes the Priv Exec commands within the WS5100 Series Switch command line interface Table 4 1 Priv Exec Command Summary Command Description Ref acknowledge Acknowledge alarms page 4 4 archive Manage archive files page 4 5 autoinstall autoinstall configuration command page 4 7 cd Change current directory page 4 8 clear Reset functions page 4 9 clock Configure software system clock page 4 11 clrser the display screen page 2 3 cluster cli Cluster context page 4 12 configure Enter configuration mode page 4 13 copy Copy from one file to another page 4 14 debug Debugging functions page 4 15 delete Deletes specified file from the system page 4 16 diff Display differences between two files page 4 17 dir List files on a filesystem page 4 18 disable Turn off privileged mode command page 4 19 edit Edit a text file page 4 20 enable Turn on pr
140. each command mode instance The use of specific commands allows you to navigate from one command mode to another The standard order that a user would access the modes is as follows USER EXEC mode PRIV EXEC mode and GLOBAL CONFIG mode When you start a session on a switch you generally begin in USER EXEC mode which is one of two access levels of the EXEC mode For security purposes only a limited subset of EXEC commands are available in USER EXEC mode This level of access is reserved for tasks that do not change the configuration of the switch such as determining the current switch configuration In order to have access to all commands you must enter PRIV EXEC mode which is the second level of access for the EXEC mode In PRIV EXEC mode you can enter any EXEC command as the PRIV EXEC mode is a superset of the USER EXEC mode commands Most EXEC mode commands are one time commands such as show commands which show the current configuration status and clear commands which clear counters or interfaces EXEC mode commands are not saved across reboots of the switch From PRIV EXEC mode you can enter GLOBAL CONFIG mode In this mode you can enter commands that configure general system characteristics You also can use global configuration mode to enter specific configuration modes Configuration modes including global configuration mode allow you to make changes to the running configuration If you later save the configuration these comm
141. en you use the command completion feature the CLI displays the full command name The command is not executed until you use the Return or Enter key This way you can modify the command if the full command was not what you intended by the abbreviation If you enter a set of Introduction 1 11 characters that could indicate more than one command the system lists all commands that begin with that set of characters Alternatively enter a question mark to obtain a list of commands that begin with that set of characters Do not leave a space between the last letter you enter and the question mark For example entering co will list all commands available in the current command mode WLAN Module co copy commit WLAN Module co NOTE The characters you enter before the question mark are reprinted to the screen to allow you to complete the command entry 1 5 3 Deleting Entries Use any of the following keys or key combinations to delete command entries if you make a mistake or change your mind Keystrokes Purpose Backspace Deletes the character to the left of the cursor Ctrl D Deletes the character at the cursor Ctrl K Deletes all characters from the cursor to the end of the command line Ctrl wW Deletes the word up to the cursor Esc D Deletes from the cursor to the end of the word 1 5 4 Re displaying the Current Command Line If you are entering a command and the system suddenly send
142. er parameters associated with the WS5100 Series Wireless Switch 17 1 Wireless Configuration Commands Table 17 1 summarizes the Gloabl Config commands within the WS5100 Series Switch command line Table 17 1 Extended ACL Config Command Summary Command Description Ref adopt unconf radio Adopt a radio even if its not yet configured The default page 17 4 templates will be used for configuration adoption pref id A preference identifier for this wireless switch All radios page 17 5 configured with this preference identifier are more likely to be adopted by this wireless switch ap detection AP detection configuration commands page 17 6 17 2 WS5100 Series Switch CLI Reference Guide Command Description Ref broadcast tx speed Set the rate at which broadcast and multicast traffic should page 17 8 be transmitted clrscr Clears the display screen page 17 9 convert ap Change the mode of operation of an AP page 17 10 country code Configure the country of operation All existing radio page 17 11 configuration will be erased dhep sniff state Record mobile unit DHCP state information page 17 14 dot11 shared key auth Enable support for 802 11 shared key authentication page 17 15 end End current mode and change to EXEC mode page 17 16 exit End current mode and down to previous mode page 17 17 fix windows dhcp Convert Windows DHCP server responses to be Unicast page 17
143. es Syntax show ntp association detail status Parameters ntp Network time protocol association NTP associations detail Displays NTP association details status Displays NTP status Example WS5100 gt show ntp associations address ref clock st when poll reach delay offset disp master synced master unsynced selected candidate configured WS5100 gt WS5100 gt show ntp status Clock is synchronized stratum 0 actual frequency is 0 0000 Hz precision is 2 0 reference time is 00000000 00000000 Feb 07 06 28 16 UTC 2036 clock offset is 0 000 msec root delay is 0 000 msec root dispersion is 0 000 msec WS5100 gt WS5100 config show ntp associations detail 157 235 208 105 configured sane valid leap_sub stratum 16 ref ID INIT time 00000000 00000000 Feb 07 06 28 16 UTC 2036 our mode client peer mode unspec our poll intvl 6 peer poll intvl 10 root delay 0 00 msec root disp 0 00 reach 000 delay 0 00 msec offset 0 0000 msec dispersion 0 00 precision 2 20 org time 00000000 00000000 Feb 07 06 28 16 UTC 2036 rcv time 00000000 00000000 Feb 07 06 28 16 UTC 2036 xmt time c8b42a7e 6eb04252 Sep 14 19 22 38 UTC 2006 filtdelay 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 00 filtoffset 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 00 filterror 16000 00 16000 00 16000 00 16000 00 16000 00 16000 00 16000 00 16000 00 2 48 WS5100 Series Switch CLI Reference Guide WS5100 config show ntp sta
144. escription Ref autoinstall autoinstall configuration command page 3 3 clear autoinstall configuration command page 3 4 clrser the display screen page 2 3 cluster cli Cluster context page 3 6 debug Debugging functions page 3 7 disable Turn off privileged mode command page 3 9 enable Turn on privileged mode command page 3 10 exit End current mode and down to previous mode page 2 4 help Description of the interactive help system page 2 5 logout Exit from the EXEC page 3 11 no Negate a command or set its defaults page 2 7 page Toggle paging page 3 12 quit Exit current mode and down to previous mode page 3 13 service Service Commands page 2 8 terminal Show running system information page 2 19 User Exec Commands 3 3 3 1 1 autoinstall gt User Exec Commands Use this command to configure the auto install feature of the WS5100 Series Switch Syntax autoinstall start autoinstall config cluster config image url LINE Parameters enable Enables all the autoinstall features Usage Guidelines Example WS5100 gt autoinstall enable WS5100 gt 3 4 WS5100 Series Switch CLI Reference Guide 3 1 2 clear gt User Exec Commands Use this command to reset the prevoius command implemented by you Syntax clear crypto ike sa A B C D ipsec sa A B C D mobility mu mu log peer log peer statistics wireless statistics Parameters cry
145. eters Displays all the parameters for which the information can be viewed using the show command Example WS5100 config crypto group show access list alarm log autoinstall banner boot clock commands crypto debugging environment file ftp history interfaces ip ldap licenses logging mac management mobility ntp password encryption privilege radius redundancy group redundancy history redundancy members running config securitymgr sessions snmp Internet Protocol IP Display all alarms currently in the system autoinstall configuration Display Message of the Day Login banner Display boot configuration Display system clock Show command lists crypto Display debugging setting show environmental information Display filesystem information Display FTP Server configuration Display the session command history Interface status and configuration Internet Protocol IP ldap server Show any installed licenses Show logging configuration and buffer Media Access Control Display L3 Managment Interface nam Display Mobility Parameters Network time protocol password encryption Show current privilege level Radius configuration commands Display redundancy group parameters Display state transition history of the switch Display redundancy group members in detail Current Operating configuration Display debug info for ACL VPN and NAT Display current active open connections Display SNMP engi
146. eters force Force deletion without prompt recursive Recursive delete FILE Filename s to be deleted Usage Guidelines Example WS5100 delete flash out tar flash out tar gz Delete flash out tar y n y Delete flash out tar gz y n y WS5100 delete force flash tmp txt WS5100 WS5100 delete recursive flash backup Delete flash backup fileMgmt_350_180B core y n y Delete y n n y n n WS5100 flash backup fileMgmt_350_18212X core_bk Delete flash backup imish_1087_18381X core gz Privileged Exec Commands 4 17 4 1 12 diff gt Priv Exec Command Use this CLI to view the difference between 2 files Syntax diff FILE URL FILE URL Parameters FILE Display the differences between FILE URL Display the differences between URL Usage Guidelines Example WS5100 diff startup config running config startup config running config 89 7 89 7 mobility peer 157 235 208 16 wlan 1 enable wlan 1 ssid wlanl23 wlan 1 encryption type wep128 wlan 1 encryption type tkip wlan 1 authentication type eap wlan 1 mobility enable wlan 1 radius server primary 127 0 0 1 184 10 184 12 rad user adam password 0 mypassword rad user eve password 0 mypassword123 rad user sumi password 0 mypassword rad user test password 0 mypassword123 rad user vasavi password 0 mypassword123 group kumar2 rad user sumi policy wlan 2 policy vlan 44 policy
147. fig radsrv group WS5100 config radsrv group policy vlan 20 WS5100 config radsrv group WS5100 config radsrv group policy wlan 20 21 22 23 WS5100 config radsrv group 16 1 7 9 rad user gt Radius Configuration Commands Use thie CLI command to add Radius user to this group Syntax rad user Parameters WORD Existing radius user name Example 16 16 WS5100 Series Switch CLI Reference Guide 16 1 7 10 service gt Radius Configuration Commands Use this CLI command to invoke the service commands to trobuleshoot or debug the config radsrv group instance configurations This command is also used to enable RADIUS server Syntax service clear diag shell radius save cli show start shell tethereal service radius restart Parameters clear Remove specified support information diag shell Provide diag shell access radius Enable radius server restart save cli Save CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic Example WS5100 config radsrv group service radius restart WS5100 config radsrv group 16 1 7 11 show gt Radius Configuration Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the paramete
148. fig wireless WS5100 config wireless service clear cores oo WS5100 config wireless WS5100 config wireless service save cli CLI command tree is saved as clitree html This tr can be viewed via web at http lt ipaddr gt cli clitree html WS5100 config wireless WS5100 config wireless service show ap access port serviceability parameters cli Show CLI tree of current mode command history Display command except show commands history crash info Display information about core panic and AP dump files info Show snapshot of available support information last passwd Display last password used to enter shell reboot history Show reboot history startup log Show startup log upgrade history Show upgrade history wireless Wireless parameters WS5100 config wireless WS5100 config wireless service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 4M out of 18 6M available for crashinfo List of Files messages log 0 Oct S 13243 snmpd log 316 OES ALIA startup log 16 6k Oct 3 13 43 command history 2 0k Oct 7 02 24 reboot history 3 3k Oct 3 13 43 upgrade history 782 Aug 29 18 32 Please export these files or delete them for more space WS5100 config wireless WS5100 config wireless service start shell Last password used password with MAC 00 a0 f8 65 ea 8e Password WS5100 config wireless WS5100 confi
149. figuration configure 8021X Configure 802 1X username and password on adopted access ports default 11a default 11a configuration template default 11b default 11b configuration template default 11bg default 11bg configuration template 17 30 WS5100 Series Switch CLI Reference Guide adoption pref id lt 0 65535 gt A preference identifier for this radio port The radio port is more likely to be adopted by a wireless switch that is its preferred wireless switch antenna mode lt diversity primary secondary gt Antenna diversity mode You can select from the following options NOTE diversity Full Diversity both antennas primary Primary Antenna only secondary Secondary Antenna only Before executing this command please ensure that the radio is present and is of type AP300 beacon interval lt 50 200 gt Beacon interval in K uSec bss lt 1 4 gt auto WLAN map wireless lans to radio bssids lt 1 4 gt The bss where wireless lans will be mapped auto Automatic assignment of bss The user selects wireless lans and the system assigns them to a bss automatically WLAN A list eg 1 3 7 or range eg 3 7 of wlan indices When a bss is also specified the first wlan will be used as the primary wlan When the auto option is used the system will automatically assign the first four wlans as primaries on their respective bss cca level lt 7 31 gt CCA level value cca mode lt 0
150. figuration Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config wireless end WS5100 Wireless Instance 17 17 17 1 11 exit gt Wireless Configuration Commands Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Syntax exit Parameters None Usage Guidelines Example WS5100 config wireless exit WS5100 config 17 18 WS5100 Series Switch CLI Reference Guide 17 1 12 fix windows dhcp gt Wireless Configuration Commands Use this CLI command to convert Windows DHCP server responses to be Unicast instead of Broadcast Syntax fix windows dhcp Parameters enable Enable support for converting Windows DHCP server responses Usage Guidelines Example WS5100 config wireless fix windows dhcp enable WS5100 config wireless Wireless Instance 17 19 17 1 13 help gt Wireless Configuration Commands Use thie CLI command to access the systems interactive help system Syntax help Parameters None Usage Guidelines Example WS5100 config wireless help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the
151. file system flash flash file system ram ram file system WS5100 service diag limit filesys flash WORD limit from 0 0 to 100 0 WS5100 service diag limi WS5100 service diag limi WS5100 service diag limi filesys flash 20 filesys etc2 10 filesys ram 30 ct ct ct WS5100 service diag limit load 1 during the previous minute 15 during the previous 15 minutes Common Commands 5 during the previous five minutes WS5100 service diag limit load 5 WORD percentage load from 0 0 to 100 0 WS5100 service diag limit load 5 50 WS5100 service diag limit maxFDs lt 0 32767 gt 0 32767 WS5100 service diag limit maxFDs 30000 WS5100 service diag limit pkbuffers lt 0 65535 gt limit from 0 65535 WS5100 service diag limit pkbuffers 4096 WS5100 service diag limit procRAM WORD limit from 0 0 100 0 WS5100 service diag limit procRAM 10 WS5100 service diag limit ram WORD limit from 0 0 100 0 WS5100 service diag limit ram 20 WS5100 service diag limit routecache lt 0 65535 gt limit from 0 65535 WS5100 service diag limit routecache 10240 WS5100 service diag limit temperature lt 1 8 gt temperature sensor number WS5100 service diag period 100 30000 gt Diagnostics period lt 100 30000 gt default 1000 milliseconds A WS5100 service diag period 20000 WS5100 service save cli usr scripts genclitree sh usr scripts genclitree sh 15 eth not found CLI command tree is saved as clitree htm
152. formational messages from Certificate Manager error Trace error messages from Certificate Manager info Trace informational messages from Certificate Manager ssh Secured Shell SSH server cc ccserver events error Error forwarding Dataplane forwarding mu MU events and state changes packet Control Packets peer Peer establishment system System events Usage Guidelines 3 8 WS5100 Series Switch CLI Reference Guide Example WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 WS510 oo OO on os em E o a e gt debug gt gt debug certmgr all gt debug gt debug gt debug gt gt debug gt debug gt debug gt gt debug gt debug gt debug gt certmgr error certmgr info ip ssh mobility cc mobility error mobility forwarding mobility mu mobility packet mobility peer mobility system User Exec Commands 3 9 3 1 5 disable gt User Exec Commands To use this command you first have to enable the PRIV mode Use this command to turn off and move out of the PRIV mode Syntax disable Parameters None Usage Guidelines Example WS5100 gt disable WS5100 gt 3 10 WS5100 Series Switch CLI Reference Guide 3 1 6 enable gt User Exec Commands Use this command to enter into the PRIV mode Syntax enable Parameters
153. g securitymgr sessi snmp ons snmp server startup config termi timez nal one upgrade status users versi wirel WS5100 on ess con fig trustpoin Standard IP access list deny any rule precedence 1 WS5100 WS5100 SESSION 1 xk 2 WS5100 WS5100 Line 0 co 130 vt WS5100 WS5100 WS5100 con con con con n 0 y 0 con con Last Image Last Image con fig trustpoin Upgrade Time fig trustpoin fig trustpoint fig trustpoint crypto trustpoint Instance 11 17 Display redundancy group members in detail Current Operating configuration Display debug info for ACL VPN and NAT Display current active open connections Display SNMP engine parameters Display SNMP engine parameters Contents of startup configuration Display terminal configuration parameters Display timezone Display last image upgrade status Display information about terminal lines Display software amp hardware version Wireless configuration commands al Upgrade Status show access list fig trustpoint show sessions USER LOCATION IDLE START TIME cli Console 06 12m Jan 1 00 00 00 1970 cli 157 235 206 39 00 00m Jan 1 00 00 00 1970 fig trustpoint fig trustpoint show users PID User Uptime Location 306 06 14 07 ttyso 2744 00 25 49 0 show upgrade status Successful Tue Aug 29 18 32 17 2006 11 18 WS5100 Series Switch
154. ge eg 3 7 of wlan indices accounting Accounting on this WLAN none radius syslog e none No accounting on this WLAN e radius Use RADIUS accounting on this WLAN e syslog Use Syslog accounting on this WLAN answer bcast ess Allow this WLAN to respond to probes for broadcast ESS authentication type eap hotspot kerberos mac auth none The authentication type of this WLAN e eap EAP authentication 802 1X e hotspot Web based authentication e kerberos Kerberos authentication Note encryption type will change to wep128 if its not already wep128 keyguard e mac auth MAC authentication Radius lookup of MAC address e none None pre shared keys description The description of this WLAN dot11i Modify tkip ccmp 802 111 related parameters 17 48 WS5100 Series Switch CLI Reference Guide handshake timeout lt 700 5000 gt retransmit lt 7 70 gt Use handshake to configure the timeout and retransmission e timeout lt 100 5000 gt The timeout in milliseconds between retries e retransmit lt 1 10 gt The number of retransmission attempts key 0 2 WORD Configure the key PMK e 0 Password is specified UNENCRYPTED e 2 Password is encrypted with password encryption secret e WORD The 256bit 64 hex characters long key key rotation enable Control the periodic update of the broadcast keys of all associated mobile
155. ged Exec Commands 4 9 4 1 5 clear gt Priv Exec Command Use this CLI to reset the current context Syntax clear alarm log arp cache crypto ip logging mobility wireless statistics clear alarm log lt 1 65535 gt acknowledge all1 new clear crypto ike ipsec sa remote peer clear ip dhcp binding A B C D nat translation clear mobility mu mu log peer log peer statistics clear mobility mu lt MAC Address gt all foreign database home database Parameters alarm log Clear alarm log e lt 1 65535 gt Clear specific alarm id e acknowledge Clear acknowledged alarms e all Clear all alarms e new Clear new alarms arp cache Clear Arp Cache crypto crypto e ike clear ike e ipsec clear ipsec e sa Security Association e remote peer Remote Peer IP address ip Clears Internet Protocol IP DHCP NAT e dhcp DHCP Server Configuration e binding DHCP Address bindings e Clear all bindings e AB C D Clear a specific binding e nat Network Address Translation NAT e translation Clears specified Translation logging Modify message logging facilities 4 10 WS5100 Series Switch CLI Reference Guide mobility Clear Mobility Attributes mu Clear Mobile unit MAC Address MAC address of the MU all All MUs Home and Foreign foreign database MUs present in the Foreign MU Database home database MUs present in the Home MU Database mu log
156. gt WS5100 config ntp peer TestPeer key 20 prefer version lt 1 4 gt NTP version number WS5100 config ntp peer TestPeer key 20 prefer version 2 Invalid server name TestPeer provided Pleas nter a valid name WS5100 config 5 36 WS5100 Series Switch CLI Reference Guide 5 1 20 prompt gt Global Configuration Commands Use this CLI command to configure and set the systems prompt Syntax prompt LINE Parameters LIMNE Enter the new prompt that will be displayed by the system WS5100 Series Wireless Switch Usage Guidelines Example WS5100 config prompt NobleMan NobleMan Global Configuration Commands 5 37 5 1 21 radius server gt Global Configuration Commands Use this CLI command to enter the RADIUS Server mode The WS5100 system prompt will change from the default config mode to Radius server mode NOTE radius server local mode leads you to the radius server context For more details see Radius Server Instance on page 16 1 Syntax radius server host key local retransmit timeout radius server radius server radius server radius server host A B C D key 0 2 LINE local retransmit lt 0 100 gt radius server timeout lt 1 1000 gt Parameters host Specify a RADIUS server A B C D IP address of RADIUS server key Encryption key shared with the radius servers 0 Password is spec
157. gt Common to all modes Syntax show redundancy members A B C D Parameters A B C D IP address of member switch Example WS5100 config show redundancy members brief Member ID Self 230 106 L010 Member State Not Applicable Member ID 10 10 10 1 Member State Peer Configured 2 2 21 snmp gt Common to all modes Common Commands WS5100 gt Syntax show snmp user manager operator Parameters user Displays the SNMP user manager show manager information operator show operator information Example WS5100 gt show snmp user manager userName access engineld Authentication Encryption snmpmanager ro 80000184017f 000001 MD5 DES snmpoperator ro 80000184017 000001 MD5 DES WS5100 gt WS5100 gt show snmp user operator userName access engineld Authentication Encryption snmpmanager ro 80000184017f 000001 MD5 DES snmpoperator ro 80000184017f 000001 MD5 DES 2 55 2 56 WS5100 Series Switch CLI Reference Guide 2 2 22 snmp server gt Common to all modes Syntax show snmp server traps wireless statistics mobile unit radio wireless switch wlan Parameters traps Display Trap enable flags wireless statistics Display wireless stats rate traps mobile unit Display mobile unit rate traps radio Display radio rate traps wireless switch Display wireless switch rate traps wlan Display wlan rate traps Example WS5100 gt show snmp server traps
158. h port lt 1 65535 gt wlan lt 1 32 gt qos classification mcast1 mcast2 prioritize voice svp wmm wlan lt 1 32 gt qos classification background best effort video voice wmm wlan lt 1 32 gt qos wmm 8021p background best effort dscp video voice aifsn cw txop limit acm wlan lt 1 32 gt radius accounting authentication protocol dscp dynamic authorization dynamic vlan assignment mobile unit reauth server lan lt 1 32 gt radius accounting mode timeout lan lt 1 32 gt radius accounting mode start interim stop interval 60 3600 gt start stop stop only lan lt 1 32 gt radius accounting timeout lt 1 60 gt retransmit lt 1 100 gt wW Ww lt WwW wlan lt 1 32 gt radius authentication protocol chap pap wl wl wW zoaz Lan lt Lan lt Lan lt an lt an lt lan lt J Wireless Instance 1 32 gt radius server primary secondary timeout l 32 gt radius server primary secondary ip address auth port lt 1024 65535 gt radius key 0 2 LINE l 32 gt radius server timeout lt 1 60 gt retransmit lt 1 10 gt 1 32 gt syslog accounting server lt IP Address gt port lt Port Number gt 1 32 gt tunnel lt 1 32 gt gateway lt IP Address and mask gt L 32 gt wep128 key lt 1 4 gt ascii hex 0 2 WORD phrase LINE wep default key lt 1 4 gt Parameters lt 1 32 gt A single wlan index WLAN A list eg 1 3 7 or ran
159. help system CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 1 3 Using the no and default Forms of Commands Almost every configuration command has a no form In general use the no form to disable a feature or function Use the command without the no keyword to re enable a disabled feature or to enable a feature that is disabled by default Introduction 1 4 Using History Command The Symbol CCB CLI provides a history or record of commands that you have entered This feature is particularly useful for recalling long or complex commands or entries To use the command history feature perform any of the tasks described in the following sections e Setting the History Command Buffer Size e Recalling Commands e Disabling the History Command Feature 1 4 1 Setting the History Command Buffer Size By default the system records 256 command lines in its history buffer To set the number of command lines that the system will record during the current terminal ses
160. hotspot config Wlan hotspot configuration lt 1 32 gt A wlan index lt 1 32 gt ids Intrusion detection parameters filter list Display the list of currently filtered mobile units mac auth local list out the mac auth local entries lt 1 1000 gt mac auth local entry to display mobile unit Details of associated mobile units lt 1 4096 gt Index of mobile unit Common Commands 2 65 AA BB CC DD EE FF MAC address of mobile unit Statistics mobile unit rf statistics phrase to key display the WEP keys generated by a passphrase wep128 display WEP128 keys wep64 display WEP64 keys qos mapping Quality of Service mappings used for mapping WMM access categories and 802 1p DSCP tags wired to wireless Mappings used when traffic is switched from wired to the wireless side wireless to wired Mappings used when traffic is switched from wireless to the wired side radio Radio related commands lt 1 1000 gt A single radio index beacon table The Radio to Radio beacon table config Radio configuration lt 1 1000 gt A single radio index default 11a default 11a configuration template default 11b default 11b configuration template default 11bg default 11bg configuration template monitor table The Radio to Radio monitoring table Statistics Radio statistics regulatory Regulatory allowed
161. hroughput Parameters range use lowest basic rate Provides maximum range throughput use highest basic rate Provides maximum throughput default Usage Guidelines Example WS5100 config wireless broadcast tx speed range WS5100 config wireless WS5100 config wireless broadcast tx speed throughput WS5100 config wireless 17 1 5 clrser gt Wireless Configuration Commands Use this CLI command to clear the display screen Syntax clrscr Parameters None Usage Guidelines Example WS5100 config wireless clrscr WS5100 config wireless Wireless Instance 17 9 17 10 WS5100 Series Switch CLI Reference Guide 17 1 6 convert ap gt Wireless Configuration Commands Use this CLI command to change the mode of operation of an AP to either sensor or standalone Syntax convert ap lt 1 48 gt default sensor standalone Parameters lt 1 48 gt Indices of the APs to be converted from the show wireless ap command default do not force any conversion Let the AP negotiate its normal mode of operation with the switch sensor Convert an AP300 to operate as an IDS sensor NOTE The switch will not be able to adopt this AP again until it is converted back to a regular AP300 using the sensor MAC revert to ap command standalone Convert a thin AP4131 back to a stand alone AP NOTE The switch will not be able to adopt this AP again until the AP is converted back to a thin AP
162. ified UNENCRYPTED 2 Password is encrypted with password encryption secret LINE Text of shared key upto 127 characters local Configure local radius server parameters This takes you to a new config radius server context Refer Radius Server Instance for more details retransmit Specify the number of retries to active server lt 0 100 gt Number of retries for a transaction default is 3 timeout Time to wait for a RADIUS server to reply lt 1 1000 gt Wait time default 5 seconds 5 38 WS5100 Series Switch CLI Reference Guide Usage Guidelines Example WS5100 config radius server local WS5100 config radsrv 5 1 22 redundancy Global Configuration Commands 5 39 gt Global Configuration Commands Use this CLI command to configure redundancy group parameters Syntax redundancy discovery period enable group id handle stp heartbeat period hold period interface ip member ip mode redundancy discovery period lt 10 60 gt redundancy enable redundancy group id lt 1 65535 gt redundancy handle stp enable redundancy heartbeat period redundancy hold period lt 10 255 gt redundancy interface ip A B C D redundancy member ip A B C D redundancy mode primary standby Parameters discovery period Set the redundancy discovery interval lt 10 60 gt discovery time in secs default is 30 enable Enable redundancy protocol group id Set the redundancy group id lt 1 655
163. ig status Enabled Trustpoint default trustpoint WS5100 show ip interface brief Interface IP Address Status Protocol vianl 157 235 208 233 DHCP up up tunnell unassigned up up WS5100 show ip interface tunnel 1 brief Brief summary of IP status and configuration WS5100 show ip interface tunnel 1 brief Interface IP Address Status Protocol tunnell unassigned up up WS5100 show ip interface vlan 1 brief Interface IP Address Status Protocol vlani 157 235 208 233 DHCP up up WS5100 show ip name server LOVI 195 dynamic LS Ae Z239 lt 3519 6 dynamic WS5100 show ip nat translations inside source S D Dir Actual Address NATed Address ACL Overload If WS5100 show ip nat translations outside destination S D Dir Actual Address NATed Address ACL Overload If WS5100 show ip routing IP routing is on WS5100 config show ip route detail Codes K kernel icmp C connected S static D DHCP gt Active route Next hop in FIB p stale info 1 1 0 0 16 1 0 via 1 inactive 1 1 1 0 24 1 0 via 2 inactive 10 0 0 0 8 1 0 via 10 10 10 10 inactive 157 235 208 0 24 1 0 via 157 235 208 246 inactive Lekels Lede NNnWN WS5100 show ip ssh SSH server enabled Status running Keypair name default_ssh_rsa_key Port 22 WS5100 show ip telnet Telnet server enabled Status running Port 23 Common Commands 2 37 2 38 WS5100 Series Switch CLI Reference Guide 2 2 9 Idap
164. ig trustpoint service save cli CLI command tree is saved as clitree html This tr WS5100 con can be viewed via web at http lt ipaddr gt cli clitree html fig trustpoint WS5100 config trustpoint service show cli Show CLI tree of current mode command history Display command except show commands history crash info Display information about core panic and AP dump files info Show snapshot of available support information last passwd Display last password used to enter shell reboot history Show reboot history startup log Show startup log upgrade history Show upgrade history WS5100 config trustpoint service start shell Last password used password with MAC 00 a0 f8 65 ea 8e Password WS5100 config trustpoint service tethereal LINE tethereal options in the format V print detailed packet x hex dump of packet p no promiscuous mode for interface n disable name resolution c lt count gt h detailed help E to capture ESPD J e capture nonEspd packets f lt capture filter expression in format xx xx xx gt i lt interface on which to capture packets gt W wisp packet only J s lt snaplen gt r lt filename gt read contents of specified file w lt savefile gt save capture in specified file for examples on tethereal capture filter 11 16 WS5100 Series Switch CLI Reference Guide 11 1 13 sho
165. igure the trustpoint that is used by the local radius server Ensure you create the trustpoint before it is used by the Crypto pki trustpoint command Example 16 1 3 clrser gt Radius Configuration Commands Use this CLI command to clear the display screen Syntax clrscr Parameters None Usage Guidelines Example WS5100 config radsrv clrscr WS5100 config radsrv Radius Server Instance 16 5 16 6 WS5100 Series Switch CLI Reference Guide 16 1 4 crl check gt Radius Configuration Commands Use this CLI command to enable Certificate Revocation List CRL check To enable the certificate revocation list ensure the cri list is loaded using crypto pki import lt trustpoint name gt crl command Syntax crl check Parameters enable enable CRL check Usage Guidelines Example WS5100 config radsrv crl check enable WS5100 config radsrv Radius Server Instance 16 7 16 1 5 end gt Radius Configuration Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config radsrv end WS5100 16 8 WS5100 Series Switch CLI Reference Guide 16 1 6 exit gt Radius Configuration Commands Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Syntax exit Parameters Non
166. in with a particular character sequence type in those characters followed immediately by the question mark Do not include a space This form of help is called word help because it completes a word for you WS5100 service servic Service Commands WS5100 service To list keywords or arguments enter a question mark in place of a keyword or argument Include a space before the This form of help is called command syntax help because it shows you which keywords or arguments are available based on the command keywords and arguments you already have entered WS5100 service ap access port serviceability parameters clear Reset functions copy Copy from one file to another diag Diagnostics diag shell Provide diag shell access radius Enable radius server 1 5 1 6 WS5100 Series Switch CLI Reference Guide save cli Save CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic wireless Wireless parameters WS5100 service You can abbreviate commands and keywords to the number of characters that allow a unique abbreviation For example you can abbreviate the configure terminal command to config t Because the abbreviated form of the command is unique the switch will accept the abbreviated form and execute the command Entering the help command available in any command mode will provide the following description of the
167. information can be viewed using the show command Usage Guidelines Example WS5100 config wireless show access list Internet Protocol IP alarm log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration clock Display system clock commands Show command lists crypto CEYPCO debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface nam mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group members in detail running config Current Operating configuration Wireless Instance 17 43 securitymgr Display debug info for ACL VPN and NAT sessions Display current active open connections snmp Display SNMP engine parameters snmp server
168. ing global mu AA BB CC DD EE FF detail mu log mu statistics AA BB CC DD EE FF peer A B C D detail peer log Parameters mobility Display Mobility Parameters forwarding Display MU Info in the forwarding plane global Global Mobility parameters mu Mobility MUs AA BB CC DD EE FF MAC address of the MU detail Detailed information display mu log Display Mobility MU Event Log mu statistics Display Mobility MU Stats AA BB CC DD EE FF MAC address of the MU peer Display Mobility peers A B C D IP address of Peer detail Detailed information display peer log Display Mobility Peer Event Log Example WS5100 config show mobility event log forwarding global mobile unit peer statistics WS5100 Time HS LE 09 14 19 17 157 235 208 09 14 19 17 1572354208 09 14 19 17 157 235 208 09 14 19 17 157 235 208 WS5100 gt show Mac Address WS5100 gt 52 134 sal 16 51 16 50 16 Event Log obile unit information in the forwarding plane Global Mobility parameters obile units in the Mobility Database obility peers obile unit Statistics Event CS IP IP UPD MU n a 157 235 208 16 ADD MU n a 157 235 208 16 DEL MU n a TSIs 235 5208 16 ADD MU n a 157 235 208 16 mobility forwarding IP Address WS5100 gt show mobility global Mobility Global Parameters Admin Status Operational Status Local Ad
169. ing timeout between 1 10 seconds pool Configure DHCP server address pool restart Restart DHCP Server to get the DHCP config changes into effect domain lookup Enable Domain Name Service DNS 5 24 WS5100 Series Switch CLI Reference Guide domain name Set default domain for DNS http Hyper Text Transfer Protocol HTTP secure server Secure HTTP server HTTPS secure trustpoint Enter the name of the trustpoint to be used for secure connection server HTTP server localhost Used only to serve requests from localhost local vpn local ip pool configuration pool Address pool default low ip address A B C D Internet Protocol name server Add a Nameserver to the DNS A B C D IP address of Nameserver to add nat Network Address Translation NAT inside outside destination Destination address static Static A B C D Inside local IP address A B C D source Source address list Access list WORD Access list name static A B C D Inside local IP address A B C D route Establish static routes Global Configuration Commands 5 25 A B C D IP destination prefix A B C D M IP destination prefix routing Turn on IP routing ssh Secured SHell SSH server port Listening port Value can be anything between 0 65536 rsa RSA encryption key keypair name Configure RSA keypair to be u
170. interactive help system page 2 5 hostname Set system s network name page 5 20 interface Select an interface to configure page 5 21 ip Internet Protocol IP page 5 22 Global Configuration Commands Command Description Ref license license management command page 5 26 line Configure a terminal line page 5 27 local Local user authentication page 5 28 logging Modify message logging facilities page 5 29 mac Configure MAC access lists page 5 31 no Negate a command or set its defaults page 2 7 ntp Configure NTP page 5 32 prompt Set system s prompt page 5 36 radius server Enter radius server mode page 5 37 redundancy Configure redundancy group parameters page 5 39 service Service Commands page 5 41 terminal Show running system information page 2 19 snmp server Modify SNMP engine parameters page 5 43 terminal Set terminal line parameters page 5 50 timezone Configure the timezone page 5 51 username Establish User Name Authentication page 5 52 vpn vpn page 5 53 wireless Configure Wireless Parameters page 5 54 9 3 5 4 WS5100 Series Switch CLI Reference Guide 5 1 1 aaa gt Global Configuration Commands Displays the current aaa Authentication Authorization and Accounting settings managed by WS5100 Series Wireless Switch Syntax aaa authentication login default local none radius nas vpn authentication primary A B C D
171. ip A B C D M host A B C D any A B C D M host A B C D any wlan lt 1 32 gt log rule precedence lt 1 500 gt access list lt 100 199 gt lt 2000 2699 gt deny permit mark 8021p lt 0 7 gt tos lt 0 255 gt tcpludp A B C D M host A B C D any eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt A B C D M host A B C D any eq lt 1 65535 gt range lt 1 65535 gt lt 1 65535 gt wlan lt 1 32 gt log rule precedence lt 1 500 gt Parameters Enter a brief description Usage Guidelines Example EXAMPLE OUTPUT HERE 5 5 5 6 WS5100 Series Switch CLI Reference Guide 5 1 3 banner gt Global Configuration Commands Use this CLI command to define a login banner for the WS5100 Series Wireless Switch Syntax banner motd LINE default Parameters motd Set Message of the Day banner LINE Custom MOTD string default Default MOTD string Usage Guidelines Example WS5100 config banner motd Welcome to my WS5100 CLI WS5100 config WS5100 release 3 0 0 0 200B Login as cli to access CLI WS5100 login cli Welcome to my WS5100 CLI Welcome to my WS5100 CLI WS5100 gt WS510 WS510 0 config banner motd default 0 config WS5100 release 3 0 0 0 200B Login as cli to access CLI WS5100 login cli Welcome to CLI Welcome to CLI WS5100 gt Global Configuration Commands 5 7 5 1
172. is CLI command to clear the display screen Syntax clrscr Parameters None Usage Guidelines Example WS5100 config trustpoint clrscr WS5100 config trustpoint crypto trustpoint Instance 11 3 11 4 WS5100 Series Switch CLI Reference Guide 11 1 2 company name gt Trustpoint Config commands Company Name Applicable only for request Syntax company name Parameters WORD Company Name 2 to 64 characters Usage Guidelines Example WS5100 config trustpoint company name RetailKing WS5100 config trustpoint crypto trustpoint Instance 11 5 11 1 3 email gt Trustpoint Config commands Use this CLI command to configure you e mail ID for the trustpoint Syntax email Parameters WORD email address 2 to 64 characters Usage Guidelines Example WS5100 config trustpoint email abcTestemailID symbol com WS5100 config trustpoint 11 6 WS5100 Series Switch CLI Reference Guide 11 1 4 end gt Trustpoint Config commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config trustpoint end WS5100 crypto trustpoint Instance 11 7 11 1 5 exit gt Trustpoint Config commands Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Synta
173. is unusable severity 0 errors Error conditions severity 3 informational Informational messages severity 6 notifications Normal but significant conditions severity 5 warnings Warning conditions severity 4 facility Syslog facility in which log messages are sent local0 Syslog facility localO 5 30 WS5100 Series Switch CLI Reference Guide local1 Syslog facility local1 local2 Syslog facility local2 local3 Syslog facility local3 local4 Syslog facility local4 local5 Syslog facility local5 local6 Syslog facility local6 local7 Syslog facility local7 host Configure remote host to receive log messages A B C D Remote host s IP address on Enable logging of system messages Usage Guidelines Example WS5100 config logging aggregation time 20 WS5100 config Global Configuration Commands 5 31 5 1 18 mac gt Global Configuration Commands Use this CLI command to configure MAC access lists Syntax mac access list extended WORD Parameters access list ACL config for the MAC address extended MAC Extended ACL WORD Enter the name of the ACL Usage Guidelines To delete Standard Extended and MAC ACL use no access list lt access list name gt under the Global Config mode Example WS5100 config mac access list extended Testl WS5100 config ext mac1 NOTE Byusing the ip access list parameter y
174. ivileged mode command page 4 22 erase Erase a filesystem page 4 23 exit End current mode and down to previous mode page 2 4 halt Halt wireless switch page 4 24 Privileged Exec Commands Command Description Ref help Description of the interactive help system page 2 5 kill Kill specified session page 4 25 logout Exit from the EXEC page 4 26 mkdir Create a directory page 4 27 more Display the contents of a file page 4 28 no Negate a command or set its defaults page 2 7 page Toggle paging page 4 30 ping Send ICMP echo messages page 4 31 pwd Display current directory page 4 32 quit Exit current mode and down to previous mode page 4 33 reload Halt and perform a warm reboot page 4 34 rename Rename a file page 4 35 rmdir Delete a directory page 4 36 service Service Commands page 2 8 terminal Show running system information page 2 19 telnet Open a telnet connection page 4 37 traceroute Trace route to destination page 4 38 upgrade Upgrade software image page 4 39 upgrade abort Abort an ongoing upgrade page 4 41 write Write running configuration to memory or terminal page 4 42 4 3 4 4 WS5100 Series Switch CLI Reference Guide 4 1 1 acknowledge gt Priv Exec Command Use this command to acknowledge alarms generated by the WS5100 Series Switch Syntax acknowledge alarm log lt 1 65535 gt all Parameters alarm log Ackno
175. kup WS5100 config WS5100 config snmp server enable traps wireless ap detection externalAPDetected WS5100 config WS5100 config snmp server enable traps wireless ids excessiveProbes WS5100 config WS5100 config snmp server enable traps wireless radio adopted WS5100 config WS5100 config snmp server enable traps wireless self healing activated WS5100 config Global Configuration Commands 5 49 WS5100 config snmp server enable traps wireless station tkipCounterMeasures WS5100 config WS5100 config snmp server enable traps wireless statistics min packets 120 WS5100 config WS5100 config snmp server location Located at thh 5th FLoor WS5100 config WS5100 config snmp server sysname Gold Mine WS5100 config 5 50 WS5100 Series Switch CLI Reference Guide 5 1 25 terminal gt Global Configuration Commands Use this CLI command to set the length number of lines to be displayed on the terminal window Syntax terminal monitor no terminal no monitor Parameters monitor Copy debug output to the current terminal line no Negate a command or set its defaults Usage Guidelines Example WS5100 config terminal monitor WS5100 config Global Configuration Commands 5 51 5 1 26 timezone gt Global Configuration Commands Use this CLI command to configure the timezone settings of the WS5100 Series Wireless Switch Syntax timezone
176. l This tr can be viewed via web at http lt ipaddr gt cli clitree html WS5100 WS5100 gt service show cli 2 13 2 14 WS5100 Series Switch CLI Reference Guide User Exec mode autoinstall cluster config t enable autoinstall config cluster config image enable t url LINE autoinstall config cluster config image url LINE config t enable autoinstall config cluster config image enable t url LINE autoinstall config cluster config image url LINE image t enable autoinstall config cluster config image enable t url LINE autoinstall config cluster config image url LINE start autoinstall start clear crypto ike sa clear crypto ike sa A B C D A B C D clear crypto ike sa A B C D ipsec sa clear crypto ipsec sa A B C D WS5100 gt service show command history Configured size of command history is 200 Date amp Time User Location Command Aug 31 23 40 15 2006 null vty 131 wireless Aug 31 23 40 15 2006 null vty 131 config t Aug 31 23 40 15 2006 null vty 131 enable Aug 31 23 40 14 2006 null vty 131 interface eth0 Aug 31 23 40 14 2006 null vty 131 config t Aug 31 23 40 14 2006 null vty 131 enable Aug 31 23 40 13 2006 null vty 131 line console 0 Aug 31 23 40 13 2006 null vty 131 config t Aug 31 23 40 13 2006 null vty 131 enable Aug 31 23
177. l td nacl td nacl td nacl permit any log rule precedence 50 permit any rule precedence 60 permit any wlan 30 log rule precedence 250 Standard ACL Instance 14 11 14 1 9 service gt Standard ACL Config Commands Use this CLI command to invoke the service commands to trobuleshoot or debug the config if instance configurations Syntax service clear diag shell save cli show start shell tethereal Parameters clear Remove specified support information diag shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch save cli Saves the CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic Usage Guidelines Example WS5100 config std nacl service diag shell Diagnostic shell started for testing diag gt WS5100 config std nacl service save cli CLI command tree is saved as clitree html This tree can be viewed via web at http lt ipaddr gt cli clitree html WS5100 config std nacl 14 12 WS5100 Series Switch CLI Reference Guide WS5100 config std nacl service show cli Show CLI tree of current mode command history Display command except show commands history crash info Display information about core panic and AP dump files info Show snapshot of available support information D S S last passwd isplay last pa
178. l no nz om pe ph pl pt qa ro ru sa se Sg si sk th Ee tw ua Greece Guatemala Guam Hong Kong Honduras Croatia Haiti Hungary Indonesia Ireland Israel India Iceland Italy Jordan Japan South Korea Kuwait Kazakhstan Liechtenstein Sri Lanka Lithuania Luxembourg Latvia Orocco alta exico alaysia Netherlands Norway New Zealand Oman Peru Philippines Pakistan Poland Portugal Qatar Romania Russia Saudi Arabia Sweden Singapore Slovenia Slovak Republic Thailand Turkey Taiwan Ukraine Global Configuration Commands 5 9 5 10 WS5100 Series Switch CLI Reference Guide us uy ve vn za United States Uruguay Venezuela Vietnam South Africa WS5100 config country code 5 1 6 Global Configuration Commands 5 11 crypto gt Global Configuration Commands Use this CLI commands to configure the encryption related commands NOTE crypto isakmp policy Priority leads you to config crypto isakmp Instance For more details see crypto isakmp on page 6 1 crypto isakmp client configuration group default leads you to config crypto group instance For more details see crypto group on page 7 1 crypto isakmp peer IP Address leads you to config crypto peer Instance For more details see crypto peer on page 8 1 crypto ipsec transformset name lt value gt leads you to config crypto ipsec Use the crypto ipsec transform set command to define the transform c
179. l be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config radsrv group 16 1 7 7 no gt Radius Configuration Commands Radius Server Instance 16 13 Use this CLI command to negate a command or set its defaults Syntax no policy rad user service no policy day time vlan wlan no policy wlan lt 1 32 gt all lt 1 32 gt Parameters policy Radius group access policy configuration day Reset day of access policy for this group time Configure time of access policy for this group vlan VLAN id for this group wlan Configure wlan access policy for this group lt 1 32 gt Wlan Range all Remove all the wlan s allowed rad user Remove user from this group WORD Existing user name in this group all Remove all users from this group service Service Commands radius Disable radius server Example WS5100 config radsrv group no policy day WS5100 config radsrv group WS5100 config radsrv group no policy time WS5100 config radsrv group WS5100 config radsrv group no policy vlan WS5100 config radsrv group 16 14
180. l the syntax combinatins that you have used in deny mark and permit to configure the Extended ACL Parameters deny Specify packets to reject mark Specify packets to mark permit Specify packets to forward Usage Guidelines Example 13 12 WS5100 Series Switch CLI Reference Guide 13 1 8 permit gt Extended ACL Config Commands Syntax permit icmp ip tcp udp permit icmp Source IP Address Destination Address lt 0 255 gt log rule precedence lt 1 5000 gt wlan lt 1 32 gt permit icmp Source IP Address Destination Address log rule precedence lt 1 5000 gt permit icmp Source IP Address Destination Address rule precedence lt 1 5000 gt permit icmp Source IP Address Destination Address wlan lt 1 32 gt log rule precedence lt 1 5000 gt Syntax permit ip Source IP Address Destination IP Address Log rule precedence lt 1 500 gt wlan lt 1 32 gt permit ip Source IP Address Destination IP Address log rule precedence lt 1 500 gt permit ip Source IP Address Destination IP Address rule precedence lt 1 500 gt permit ip Source IP Address Destination IP Address wlan lt 1 32 gt log rule precedence lt 1 500 gt Syntax permit tcp udp Source IP Address Destination IP Address permit tcp udp Source IP Address Destination IP Address log permit tcp udp Source IP Address Destination IP Address log wlan lt 1 32 gt permit tcp udp Sourc
181. lan snmp server enable traps wireless statistics min packets lt 1 65535 gt snmp server enable traps wireless statistics mobile unit avg bit speed less than avg retry greater than avg signal less than gave up percent greater than nu percent greater than pktsps greater than tput greater than undecrypt percent greater than 5 44 WS5100 Series Switch CLI Reference Guide snmp server enable traps wireless statistics radio avg bit speed less than avg retry greater than avg signal less than gave up percent greater than nu percent greater than num mobile units greater than pktsps greater than tput greater than undecrypt percent greater than snmp server enable traps wireless statistics wireless switch num mobile units greater than pktsps greater than tput greater than snmp server enable traps wireless statistics wlan avg bit speed less than avg retry greater than avg signal less than gave up percent greater than nu percent greater than num mobile units greater than pktsps greater than tput greater than undecrypt percent greater than snmp server host A B C D snmp server location LINE snmp server manager all v2 v3 snmp server sysname snmp server user manager operator snmp server user manager v3 auth encrypted snmp server user manager v3 auth encrypted md5 PASSWD Parameters community
182. le 7 1 summarizes the config erypto group commands within the WS5100 Series Switch command line interface Table 7 1 Trustpoint Config Commands Summary Command Description Ref clrscr Clears the display screen page 7 3 dns Domain Name Server page 7 4 end End current mode and change to EXEC mode page 7 5 exit End current mode and down to previous mode page 7 6 7 2 AP 5131 Access Point Product Reference Guide Command Description Ref help Description of the interactive help system page77 service Service Commands page 7 8 show Show running system information page 7 9 wins Windows name server page 7 11 7 1 1 clrser Use this CLI command to clear the display screen Syntax clrscr Parameters None Example WS5100 config crypto group clr WS5100 config crypto group crypto group 7 3 7 4 AP 5131 Access Point Product Reference Guide 7 1 2 dns Use this CLIL command to specify the DNS server address es to assign to a client Syntax dns lt IP Address gt Parameters lt IP Address gt The first DNS server address to assign lt IP Address gt optional The second DNS server address to assign Example WS5100 config crypto group dns server 172 1 17 1 172 1 17 3 WS5100 config crypto group crypto group 7 5 7 1 3 end Use this CLI command to end and exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws510
183. led diag led 1 1 I 1 1 2 amber amber flashing amber flashing blue on red off amber flashing diag limit buffer usage warning limit Fan speed limit file system freespace limit agregate processor load maximum number of file descriptors packet buffer head cache percent RAM used by a process percent free RAM IP route cache usage mperatur temperatur limit WS5100 service diag limit buffer 128 128 byte buffer limit 2 11 2 12 WS5100 Series Switch CLI Reference Guide 128k 128k byte buffer limit 16k 16k byte buffer limit 1k 1k byte buffer limit 256 256 byte buffer limit 2k 2k byte buffer limit 32 32 byte buffer limit 32k 32k byte buffer limit 4k 4k byte buffer limit 512 512 byte buffer limit 64 64 byte buffer limit 64k 64k byte buffer limit 8k 8k byte buffer limit WS5100 service diag limit buffer 32k lt 0 65535 gt buffer usage warning limit 0 65535 WS5100 service diag limit buffer 32k 4096 WS5100 service diag limit fan lt 1 2 gt Fan number WS5100 service diag limit fan 1 low Low speed limit WS5100 service diag limit fan 1 low lt 1000 15000 gt Limit value from 1000 to 15 000 WS5100 service diag limit fan 1 low 1100 WS5100 service diag limit fan 2 low 10000 WS5100 Sep 01 15 51 54 2006 sDIAG 4 FANUNDERSPEED Fan case under speed 8881 RPM is under limit 10000 RPM WS5100 service diag limit filesys etc2 etc2
184. less Display SNMP engine parameters Contents of startup configuration Display terminal configuration parameters Display timezone Display last image upgrade status Display information about terminal lines Display software amp hardware version Wireless configuration commands WS5100 config crypto peer show crypto peer 8 11 8 12 AP 5131 Access Point Product Reference Guide crypto ipsec Use the config crypto ipsec instance to define the transform configuration for securing data e g esp 3des esp sha hmac etc The transform set is then assigned to a crypto map using the map s set transform set command For more details see crypto map transform set page 10 11 9 1 Crypto Ipsec Config commands Table 9 1 summarizes the config erypto ipsec commands within the WS5100 Series Switch command line interface Table 9 1 Trustpoint Config Commands Summary Command Description Ref clrscr Clears the display screen page 6 4 end End current mode and change to EXEC mode page 6 6 exit End current mode and down to previous mode page 6 7 help Description of the interactive help system page 6 10 9 2 AP 5131 Access Point Product Reference Guide Command Description Ref mode IPSec Transporation Mode page93 no Negate a command or set its defaults page 6 12 service Service Commands page 6 13 show Show running system information page 9 4 9 1 1 mode Use this CLI command to config
185. less terminal no monitor WS5100 config wireless 17 46 WS5100 Series Switch CLI Reference Guide 17 1 29 wlan gt Wireless Configuration Commands Use this CLI command to confiugure Wireless LAN related commands Syntax wlan lt 1 32 gt WLAN accounting answer bcast ess authentication type description dot1li enable encryption type hotspot inactivity timeout kdc mobility mu mu disallow qos radius secure beacon ssid symbol extensions syslog tunnel vlan wep128 wep64 wlan lt 1 32 gt none radius ssyslog wlan lt 1 32 gt authentication type eap hotspot kerberos mac auth none wlan lt 1 32 gt dot11i handshake key key rotation key rotation interval opp pmk caching phrase pmk caching preauthentication second key tkip cntrmeas hold time wlan lt 1 32 gt dot11i handshake timeout lt 100 5000 gt retransmit lt 1 10 gt wlan lt 1 32 gt key 0 2 WORD wlan lt 1 32 gt encryption type ccmp keyguard none tkip tkip ccmp wep128 wep128 keyguard wep64 wlan lt 1 32 gt hotspot allow list webpage webpage location wlan lt 1 32 gt hotspot allow list Rule index IP address wlan lt 1 32 gt hotspot webpage external internal failure login welcome wlan lt 1 32 gt hotspot webpage location advanced external internal wlan lt 1 32 gt kdc password 0 LINE realm LINE server primary secondary timeout wlan lt 1 32 gt kde server primary secondary timeout aut
186. lippines Pakistan Poland Portugal Qatar Romania Russia Saudi Arabia Sweden Singapore Slovenia Slovak Republic Thailand Cr tw ua us uy ve vn za ur Ukr Uni Uru Ven Vie Sou key Taiwan aine ted States guay ezuela tnam th Africa WS5100 config wireless count ry code Wireless Instance 17 13 17 14 WS5100 Series Switch CLI Reference Guide 17 1 8 dhcp sniff state gt Wireless Configuration Commands Use this CLI ccommand to record mobile unit DHCP state information Syntax dhep sniff state Parameters enable Enable support for recording DHCP state information for mobile units Usage Guidelines Example WS5100 config wireless dhcp sniff stat nabl WS5100 config wireless Wireless Instance 17 15 17 1 9 dot11 shared key auth gt Wireless Configuration Commands Use this CLI command to Enable support for 802 11 shared key authentication your WEP key It should only be configured to accomodate wireless NOTE Shared key authentication has known weaknesses that can compromise stations that are unable to carry out Open System authentication Syntax dot11 shared key auth Parameters enable Enable support for shared key authentication Usage Guidelines Example WS5100 config wireless dotll shared key auth enable WS5100 config wireless 17 16 WS5100 Series Switch CLI Reference Guide 17 1 10 end gt Wireless Con
187. llows booting with other image Syntax fallback enable Parameters enable Enable software fallback feature Usage Guidelines Example WS5100 config fallback enable WS5100 config Global Configuration Commands 5 19 5 1 10 ftp gt Global Configuration Commands Use this CLI command to configure the FIP server Syntax ftpenable ftp password 0 1 LINE ftp rootdir DIR Parameters enable Enable FTP Server password Configure FIP password You can set the password using one of the folllowing options e 0 Password is specified UNENCRYPTED e 1 Password is encrypted with SHA1 algorithm e LINE Password rootdir Configure FTP root dir Set the ROOT directory location of the FIP server using e DIR Used to set root dir of the ftp server Usage Guidelines Example WS5100 config ftp enable WS5100 config 5 20 WS5100 Series Switch CLI Reference Guide 5 1 11 hostname gt Global Configuration Commands Use this CLI command to change the name of the systems network Syntax hostname WORD Parameters WORD USed to provide the name for the systems network Usage Guidelines Example WS5100 config hostname Eldorado Eldorado config Global Configuration Commands 5 21 5 1 12 interface gt Global Configuration Commands Use this CLI command to select and interface to confiugre NOTE interface mode leads to config it instance F
188. log rule precedence wlan deny any log rul precedence lt 1 500 gt deny any rule precedence lt 1 500 gt deny any wlan lt 1 32 gt log rule precedence rule precedence lt 1 500 gt deny host A B C D Parameters A B C D M Source IP address range to match any Any source IP address log Log matches against this entry rule precedence lt 1 500 gt Access list entry precedence lt 1 500 gt Precedence Value wlan lt 1 32 gt Filter packets based on WLAN lt 1 32 gt WLAN index host Single host address A B C D Exact source IP address to match Usage Guidelines Example WS5100 WS5100 WS510 WS510 oS WS510 WS510 oo con con con con con con fig s fig s fig s fig s fig s fig s td nacl td nacl td nacl td nacl td nacl td nacl deny any log rule precedence 50 deny any rule precedence 60 deny any wlan 30 log rule precedence 250 Standard ACL Instance 14 5 14 1 3 end gt Standard ACL Config Commands Use this CLI command to endand exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config std nacl end WS5100 14 6 WS5100 Series Switch CLI Reference Guide 14 1 4 exit gt Standard ACL Config Commands Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now
189. lrscr Clears the display screen page 12 3 crypto crypto page 12 4 description Interface specific description page 12 5 duplex Set duplex to interface page 12 6 12 2 WS5100 Series Switch CLI Reference Guide Command Description Ref end End current mode and change to EXEC mode page 12 7 exit End current mode and down to previous mode page 12 8 help Description of the interactive help system page 12 9 ip Internet Protocol IP page 12 10 management Sets the selected interface as management interface page 12 11 mtu Set mtu value for vlan interface page 12 12 no Negate a command or set its defaults page 12 13 service Service Commands page 12 14 show Show running system information page 12 17 shutdown Shutdown the selected interface page 12 20 speed Configure speed page 12 21 switchport Set switching mode characteristics page 12 22 terminal Set terminal line parameters page 12 24 tunnel protocol over protocol tunneling page 12 25 12 1 1 clrser gt Interface Config commands Use this CLI command to clear the display screen Syntax clrscr Parameters None Usage Guidelines Example WS5100 config if clrscr WS5100 config if interface Instance 12 3 12 4 WS5100 Series Switch CLI Reference Guide 12 1 2 crypto gt Interface Config commands Syntax crypto map WORD Parameters map WORD Usage Guidelines At any given instance you can
190. mands Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Syntax exit Parameters None Usage Guidelines Example WS5100 config ext nacl exit WS5100 config 13 8 WS5100 Series Switch CLI Reference Guide 13 1 5 help gt Extended ACL Config Commands Use thie CLI command to access the systems interactive help system Syntax help Parameters None Usage Guidelines Example WS5100 config ext nacl help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config ext nacl Extended ACL Instance 13 9 13 1 6 mark gt Extended ACL Config Commands Use this CLI command to specify packet that you want to mark Syntax mark 8021p Source IP tos lt 0 7 gt lt 0 255 gt icmp ip tcp udp Address Destination IP Address mark 8021p tos lt 0 7 gt lt 0 255 gt icmp Source IP Address Destination IP Address lt 0 255 gt log wlan lt 1 32
191. manual Ipsec manual dynamic dynamic map entry remote VPN configuration pki Configure certificate parameters Public Key Infrastructure is a protocol that creates encrypted public keys using digital certificates from Certificate Authorities PKI ensures that each online party is who they claim to be authenticate Authenticate and import CA Certificate enroll Enroll export Export import Import trustpoint Define a CA trustpoint request Certificate Request mode of enrollment self signed Selfsigned Mode of enrollment 5 14 WS5100 Series Switch CLI Reference Guide trustpoint Trustpoint Configuration terminal Copy amp Paste mode of enrollment Usage Guidelines Currently a peer address can be deleted with wrong isakmp value Crypto currently matches only the IP address when a no command is issued This feature will be corrected in the next release WS5100 config crypto isakmp key 12345678 address 4 4 4 4 WS5100 config show running config configuration of WS5100 version 3 0 0 0 200B version 1 0 service prompt crash info username username username username admin password 1 8e67bb26b358e2ed20fe552ed6 b832 397a507d admin privilege superuser operator password 1 fe96dd39756ac41b74283a9292652d366d73931f manager password 1 45b27d6483fc630981ad5096f 26a7956ce0c038 crypto isakmp key 12345678 address 4 4 4 4 crypto ipsec security association lifetime kilobytes 46
192. mation by contacting Symbol at 1 800 722 6234 inside North America 1 516 738 5200 in outside North America http symbol com Introduction This chapter describes the commands that are defined by the WS5100 Series Command Line Interface CLI Access the CLI by running a terminal emulation program on a computer that is connected to the serial port at the front of the switch or by using Telnet via secure shell SSH to access the switch over the network The default cli user is cli The default username and password is admin and superuser respectively 1 1 CLI Overview The Symbol command line interface CLI is used for configuring monitoring and maintaining Symbol devices This user interface allows you to execute commands whether using a serial console or using remote access methods This chapter describes the basic features of the Symbol CLI s and how to use them Topics covered include an introduction to Symbol command modes navigation and editing features help features and command history features 1 2 WS5100 Series Switch CLI Reference Guide To aid in the configuration of Symbol devices the Symbol CLI is divided into different command modes Each command mode has Its own set of commands available for the configuration maintenance and monitoring The commands available to you at any given time depend on the mode you are in Enter a question mark at the system prompt to view the list of commands available for
193. me burst lt 0 65535 gt transmit opportunity An interval of time when a particular WMM STA has the right to initiate transmissions onto the wireless medium cw lt 0 15 gt Contention Window parameters wireless stations pick a number between 0 and the minimum contention window to wait before retrying transmission Stations then double their wait time on a collision until it reaches the maximum contention window add lt 7000 gt MAC Address 11a ap300 11b ap100 ap4131 11bg ap300 Add a new radio radio add lt 1 1000 gt MAC Address 11a ap300 11b ap100 ap4131 11bg ap300 lt 1 1000 gt Index where this radio is to be added MAC Mac address in AA BB CC DD EE FF format 11a 802 114 type radio 11b 802 11b type radio 11bg 802 1 1bg type radio ap300 ap300 type access port default for 11a and 11bg ap100 ap100 type access port default for 11b ap4131 ap4131 type access port Wireless Instance 17 35 dns name WORD MAC Address Configure dns name to be used in L3 Discovery on adopted access ports e AA BB CC DD EE FF Change the dns name only on the access port with a specified MAC address If not specified the dns name update is sent to all currently adopted access ports Usage Guidelines Example WS5100 config wireless radio 250 bss auto 3 5 WS5100 config wireless 17 36 WS5100 Series Switch CLI Reference Guide 17 1 23 self he
194. measures filter mobile units that cause tkip countermeasures weak wep iv use of weak wep sequence numbers enable Enable monitoring and filtering filter ageout Set the number of seconds for which mobile units will be filtered out detect window lt 5 300 gt Set the number of seconds for which information will be collected before analysis All the thresholds are a function of this window size eX ops Configure parameters related to the detection of excessive operations on the RF network Wireless Instance 17 21 80211 replay fails 802 11 replay check failure all Change for all types of excessive operations association requests 802 11 Authentication and Association Requests authentication fails Failure to Authenticate with servers Radius Kerberos crypto replay fails TKIP CCMP IV replay check failure decryption fails decryption failures disassociations Disassociation and Deauthentication frames eap starts EAP 802 1x Start frames probe requests Probe Request frames unassoc frames frames from unassociated stations filter ageout lt 0 86400 gt Configure the number of seconds for which mobile units will be filtered out threshold mu radio switch Configure the threshold of events allowed in the detection window e mu Use the threshold for monitoring on a per mobile unit basis e radio Use the threshold for monitoring o
195. meters Contents of startup configuration Display Display Display Display Display terminal configuration parameters timezone last image upgrade status information about terminal lines software amp hardware version Wireless configuration commands WS5100 config std nacl show Standard ACL Instance 14 15 14 1 11 terminal gt Standard ACL Config Commands Use this command to set the length number of lines to be displayed on the terminal window Syntax terminal monitor no terminal no monitor Parameters monitor Copy debug output to the current terminal line no Negate a command or set its defaults monitor Copy debug output to the current terminal line Usage Guidelines Example WS5100 config std nacl terminal monitor WS5100 config std nacl WS5100 config std nacl terminal no monitor WS5100 config std nacl 14 16 WS5100 Series Switch CLI Reference Guide Extended MAC ACL Instance Use config ext macl instance to configure the mac access list extended ACLs associated with the WS5100 Series Wireless Switch 15 1 MAC Extended ACL Config Commands Table 15 7 summarizes the config ext mac1 commands within the WS5100 Series Switch command line Table 15 1 Extended ACL Config Command Summary Command Description Ref clrscr Clears the display screen page 15 3 deny Specify packets to reject page 15 4 end End current mode and change to EXEC mode page 15 6 exit End
196. minal Syntax write memory terminal Parameters memory Write to NV memory terminal Write to terminal Usage Guidelines Example WS5100 write terminal configuration of WS5100 version 3 0 0 0 200B version 1 0 f service prompt crash info username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507d username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931F username manager password 1 45b27d6483fc630981ad5096ff26a7956ce0c038 username manager privilege superuser Ino country code logging console 7 no logging on fallback enable ftp password 1 810a25d76c31e495cc070bd 42e076f7c9b0alcd ip http server ip http secure trustpoint local ip http secure server ip ssh ip telnet snmp server manager v2 snmp server manager v3 crypto isakmp identity address crypto isakmp keepalive 10 crypto ipsec security association lifetime kilobytes 4608000 Global Configuration Commands The term global is used to indicate characteristics or features that affect the system as a whole Global configuration mode is used to configure the system globally or to enter specific configuration modes to configure specific elements such as interfaces or protocols Use the configure terminal command under PRIV EXEC to enter global configuration mode The example below describes the process of entering global configuration mode from privileged EXEC mode WS5100 configure
197. n a per radio basis e switch Use the threshold for monitoring at the switch level lt 0 9999 gt The threshold of events allowed in the detection window Usage Guidelines Example WS510 WS510 oo WS510 WS510 WS510 WS510 config wireless ids anomaly detection tkip countermeasures config wireless nabl config wireless ids detect window 250 config wireless config wireless ids ex ops 80211 replay fails filter ageout 5200 config wireless 17 22 WS5100 Series Switch CLI Reference Guide 17 1 15 mac auth local gt Wireless Configuration Commands Use this CLI command to configure local MAC authentication list Syntax mac auth local lt 1 1000 gt allow deny Starting MAC Address Ending MAC Address range list of WLAN indicies WORD Parameters lt 1 1000 gt mac auth local entry allow allow mobile units that match this rule to associate deny deny association to mobile units that match this rule Starting MAC Address Starting mac address in AA BB CC DD EE FF format Ending MAC Address Ending mac address in AA BB CC DD EE FF format Range List of WLAN A list eg 1 3 7 or range eg 3 7 of wlan indices Indices WORD Optional radio description substring Usage Guidelines Example WS5100 config wireless mac auth local 452 allow 12 11 11 120 12 11 11 150 3 7 TestString WS5100 config wireless Wireless Ins
198. nable Enforce spectrum management checks on specified radios Only mobile units that advertise spectrum management capabilities will be allowed to associate on this radio image name Image Name shoyud not exceed more than 20 characters location message Specify message that would be sent to all mobile units that associate with these radios This message should not exceed more than 80 characters mac AA BB CC DD EE FF Change the parent access port MAC address of the radio e AA BB CC DD EE FF MAC address in AA BB CC DD EE FF format max mobile units lt 1 256 gt Maximum number of mobile units allowed to associate on channel scan Enable rogue scanning on this radio 17 32 WS5100 Series Switch CLI Reference Guide reset reset a radio this will only reset the specified radio not the complete access port reset ap reset the parent ap this will reset all radios on that access port rts threshold lt 0 2347 gt RTS threshold in bytes run acs Run auto channel selection ona radio The radio should already have been configured for ACS self heal offset lt 0 30 gt Configure the self healing offset measured in dBm for regulatory NOTE This offset is based off the regulatory maximum power for the specified channel the command show wireless regulatory shows the max power allowed short preamble Enable support for Short preamble NOTE This will disable s
199. nable Temporal Key Integrity Protocol TKIP tkip ccmp Enable both tkip and cemp on this WLAN wep128 Enable Wired Equivalence Privacy WEP with 128 bit keys wep 128 keyguard Enable both WEP128 as well as Keyguard MCM on this WLAN wep64 Enable Wired Equivalence Privacy WEP with 64 bit keys NOTE A configuration where two WLANs are mapped to the same VLAN and one of them is configured with no encryption and the other with WEP is insecure It can lead to a compromise of the WEP key hotspot Modify hotspot related parameters allow Modify hotspot allow list parameters Users who have not yet authenticated Rule index IP address will be allowed access to these IP addresses e Rule index Allow list Rule index Should be between 1 10 e P address allow list IP address 17 50 WS5100 Series Switch CLI Reference Guide webpage externallinternal failure login welcome Modify hotspot page parameters e external Modify hotspot External page e internal Modify hotspot Internal page e failure Users are redirected to this webpage if they fail authentication e login Users are prompted for their username and password on this webpage e welcome Users are redirected to this webpage after they authenticate successfully webpage location advanced external internal The location of the webpages to be used for authentication These pages can either be hosted on the wireless switch or on
200. nce wlan lt 1 32 gt Filter packets based on WLAN eq lt 71 65535 gt Match a specific destination port range lt 1 65535 gt lt 1 65535 gt Match a range of destination ports You can select between Starting destination port and Ending destination port Usage Guidelines Example 13 14 WS5100 Series Switch CLI Reference Guide 13 1 9 service gt Extended ACL Config Commands Use this CLI command to invoke the service commands to trobuleshoot or debug the config if instance configurations Syntax service clear diag shell save cli show start shell tethereal Parameters clear Remove specified support information diag shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch save cli Saves the CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic Usage Guidelines Example WS5100 config ext nacl service diag shell Diagnostic shell started for testing diag gt boot delete exit fallback help logout no reload service show upgrade diag gt Reboots the switch Deletes specified file from the system Exit from the CLI Configures firmware fallback feature Description of the interactive help system Exit from the CLI Negate a command or set its defaults Halt and perform a warm reboot Service Commands Show ru
201. ncryption algorithm for protection suite page 6 5 end End current mode and change to EXEC mode page 6 6 exit End current mode and down to previous mode page 6 7 6 2 AP 5131 Access Point Product Reference Guide Command Description Ref group Set the Diffie Hellman group page6 e hash Set hash algorithm for protection suite page 6 9 help Description of the interactive help system page 6 10 lifetime Set lifetime for ISAKMP security association page 6 11 no Negate a command or set its defaults page 6 12 Service Service Commands page 6 13 show Show running system information page 6 14 6 1 1 authentication Use this CLI command to authenticate rsa sig and pre share keys crypto isakmp 6 3 Syntax authentication pre share rsa sig Parameters pre share pre shared key rsa sig rsa signature Example WS5100 config crypto isakmp authentication pre share WS5100 config crypto isakmp WS5100 config crypto isakmp authentication rsa sig WS5100 config crypto isakmp 6 4 AP 5131 Access Point Product Reference Guide 6 1 2 clrscr Use this CLI command to clear the display screen Syntax clrscr Parameters None Usage Guidelines Example WS5100 config crypto isakmp clr WS5100 config crypto isakmp crypto isakmp 6 5 6 1 3 encryption Use this CLI command to configure the encryption level of the data transmitted using the WS5100 Wireless Switch using crypto isakmp
202. ne parameters 7 10 AP 5131 Access Point Product Reference Guide snmp server Display SNMP engine parameters startup config Contents of startup configuration terminal Display terminal configuration parameters timezone Display timezone upgrade status Display last image upgrade status users Display information about terminal lines version Display software amp hardware version wireless Wireless configuration commands WS5100 config crypto group show crypto group 7 11 7 1 8 wins Use this CLIL command to specify the Windows Internet Naming Service WINS name servers to assign to a client Syntax wins lt IP Address gt lt IP Address gt Parameters lt IP Address gt The first WINs server address to assign lt IP Address gt optional The second WINs server address to assign Example WS5100 config crypto group wins 128 2 11 1 128 2 19 23 WS5100 config crypto group 7 12 AP 5131 Access Point Product Reference Guide crypto peer Use crypto isakmp peer IP Address dns hostname t0 initiates config crypto peer instance 8 1 Crypto Peer Config commands Table 8 1 summarizes the config erypto peer commands within the WS5100 Series Switch command line interface Table 8 1 Trustpoint Config Commands Summary Command Description Ref clrscr Clears the display screen page 8 3 end End current mode and change to EXEC mode page 8 4 exit End current mode and down to previous
203. nect link below to end this session Footer Image URL main Image URL small Page type fail Title Unable to authenticate Header Authentication Failed Description Either the username and password are invalid or service is unavailable at this time Footer Contact the network administrator if you do not have an account Image URL main Image URL small External Pages Page Type login URL Page Type welcom URL Page Type fail URL Allow list IP addresses WLAN 2 status disabled description WLAN2 ssid 102 Page Location simple Internal Pages Page type login Title Login Page MORE next page Space next line Enter quit Control C WS5100 gt show wireless ids detect window 10 seconds Excessive Operations Threshold mu radio switch Filter Ageout probe requests 0 0 0 60 Sec association requests 0 0 0 60 Sec disassociations 0 0 0 60 Sec authentication fails 0 0 0 60 Sec crypto replay fails 0 0 0 60 Sec 80211 replay fails 0 0 0 60 Sec decryption fails 0 0 0 60 Sec unassoc frames 0 0 0 60 Sec eap starts 0 0 0 60 Sec Anomaly Detection Status probe requests disabled association requests disabled disassociations disabled authentication fails disabled crypto replay fails disabled 80211 replay fails disabled decryption fails disabled unassoc frames disabled eap starts disabled null destination disabled same source destination disabled multi
204. njury or equipment damage X WS5100 Series Switch CLI Reference Guide Notational Conventions The following notational conventions are used in this document e italics are used to highlight specific items in the general text and to identify chapters and sections in this and related documents e Bullets indicate e action items e lists of alternatives e lists of required steps that are not necessarily sequential e Sequential lists those describing step by step procedures appear as numbered lists Table 1 1 Notational Convention used in the document Convention Example Token Description Valid Inputs bold Bold text indicates commands and keywords that you enter literally italics Italic text indicates arguments for which you supply values on off Grouping exactly one of a list of tokens on key1 key2 key3 Selective recursive multiple tokens allowed key1 key3 but each can only be used once key1 key2 key3 Infinite recursive multiple tokens allowed ey1 key1 key2 each can be used multiple times ey3 key2 key3 lt 1 10 gt Simple infinite recursive 126 key1 key2 Selective keyword in infinite recursive ey1 key1 key2 multiple tokens but you can pick one that s only allowed once xi Service Information Symbol Technologies provides its customers with prompt and accurate customer support Use the Symbol Support Center as the primary contact for an
205. nning system information Upgrade firmware image Extended ACL Instance WS5100 config ext nacl service save cli CLI command tree is saved as clitree html This tr can be viewed via web at http lt ipaddr gt cli clitree html WS5100 config ext nacl WS5100 config ext nacl service show cli Show CLI tree of current mode command history Display command except show commands history crash info D info Show snapshot of available support information last passwd Display last password used to enter shell S S S reboot history how reboot history startup log how startup log upgrade history how upgrade history WS5100 config ext nacl service show WS5100 config ext nacl service start shell Last password used password with MAC 00 a0 f8 65 ea 8e Password WS5100 config ext nacl service tethereal LINE tethereal options in the format isplay information about core panic and AP dump files V print detailed packet x hex dump of packet p no promiscuous mode for interface n disable name resolution c lt count gt h detailed help E to capture ESPD J e capture nonEspd packets f lt capture filter expression in format xx xx xx gt i lt interface on which to capture packets gt W wisp packet only J s lt snaplen gt r lt filename gt read contents of specified file w lt savefile gt save cap
206. nsposing Mistyped Characters e Controlling Capitalization 1 5 1 Moving the Cursor on the Command Line Table 1 2 shows the key combinations or sequences you can use to move the cursor around on the command line to make corrections or changes Ctrl indicates the Control key which must be pressed simultaneously with its associated letter key Ese indicates the Escape key which must be pressed first followed by its associated letter key Keys are not case sensitive Many letters used for CLI navigation and editing were chosen to provide an easy way of remembering their functions In Table 1 2 characters in bold inside the Function Summary column indicate the relation between the letter used and the function Table 1 2 Key Combinations Used to Move the Cursor Keystrokes Function Function Details Summary Left Arrow or Back Moves the cursor one character to the left Ctrl B character When you enter a command that extends beyond a single line you can press the Left Arrow or Ctrl B keys repeatedly to scroll back toward the system prompt and verify the beginning of the command entry or you can press the Ctrl A key combination Right Arrow or Forward Moves the cursor one character to the right Ctrl F character Esc B Back word Moves the cursor back one word Esc F Forward word Moves the cursor forward one word Ctrl A Beginning of Moves the cursor to the beginning of the line line 1 9 1
207. o lt previous command used gt Parameters None Usage Guidelines Example WS5100 config if no mtu WS5100 config if interface Instance 12 13 12 14 WS5100 Series Switch CLI Reference Guide 12 1 12 service gt Interface Config commands Use this CLI command to invoke the service commands to trobuleshoot or debug the config if instance configurations Syntax service ap clear diag shell save cli show start shell tethereal wireless service ap force dump Parameters ap access port serviceability parameters force dump trigger the access port to send a crash dump to the wireless switch clear Remove specified support information diag shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch save cli Saves the CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic wireless Wireless parameters Usage Guidelines Example WS5100 config if service ap force dump WS5100 config if interface Instance 12 15 WS5100 config if service diag shell Diagnostic shell started for testing diag gt boot delete exit fallback help logout no reload service show upgrade diag gt Reboots the switch Deletes specified file from the system Exit from the CLI Configures firmware fallback feature Description of the interactive
208. one Example WS5100 config show licenses feature usage license string AP 2FFD7 E9 CD016155 14A92C70 license value 48 usage 1 Common Commands 2 41 2 2 11 logging gt Common to all modes Syntax show logging Parameters None Example WS5100 config show logging Logging module enabled Aggregation time disabled Console logging level debugging Buffered logging level informational Syslog logging level debugging Facility local7 Logging to 157 235 203 37 Logging to 10 0 0 2 Log Buffer 6520 bytes Sep 14 19 11 59 2006 SDAEMON 6 INFO radiusd 4643 Ready to process requests oX Sep 14 19 11 58 2006 PM 5 PROCSTOP Process radiusd has been stopped Sep 14 18 51 14 2006 CC 5 RADIOADOPTED lla radio on AP 00 A0 F8 BF 8A A2 adopted T Sep 14 18 51 14 2006 CC 5 RADIOADOPTED 11bg radio on AP 00 A0 F8 BF 8A A2 adopted 2 42 WS5100 Series Switch CLI Reference Guide 22 12 mac gt Common to all modes Syntax show mac access list Parameters access list List MAC access lists Example 2 2 13 management gt Common to all modes Syntax show management Parameters None Example WS5100 gt show management Mgmt Interface vlanl WS5100 gt Common Commands 2 43 2 2 14 mobility gt Common to all modes 2 44 WS5100 Series Switch CLI Reference Guide Syntax show mobility forward
209. onfiguration for securing data e g esp 3des esp sha hmac etc The transform set is then assigned to a crypto map using the map s set transform set command For more details see crypto ipsec on page 9 1 crypto pki trustpoint mode leads to config trustpoint instance For more details see crypto trustpoint Instance on page 11 1 Syntax cryp cryp cryp cryp to ipsec isakmp key map pki to ipsec security association transform set to ipsec security association lifetime kilobyte Seconds WORD to ipsec transform set ah md5 hmac ah sha hmac esp 3des esp aes sp aes 192 esp aes 256 esp des esp md5 hmac esp sha hmac cryp cryp cryp cryp cryp cryp cryp to isakmp client identity keepalive key peer policy to isakmp client configuration group default to isakmp identity keepalive key peer policy to key export generate import zeroize to key export import rsa lt indentifier gt tftp ftp to key generate rsa lt indentifier gt lt key pair gt lt key pair gt to zeroize rsa lt identifier gt 5 12 WS5100 Series Switch CLI Reference Guide crypto map map name lt sequence number gt isakmp manual dynamic crypto pki authenticate enroll export import trustpoint crypto pki authenticate lt name gt terminal tftp ftp crypto pki enroll lt name gt request self signed crypto pki export lt name gt request trustpoint tftp ftp
210. only to any peer pfs Use the set pfs command to choose the type of perfect forward secrecy if any that will be required during IPSec negotiation of security associations for this crypto map Use the no form of this command to require no PFS 10 12 AP 5131 Access Point Product Reference Guide group 1 IPSec is required to use Diffie Hellman Group 1 768 bit modulus exchange during IPSec SA key generation group 2 IPSec is required to use Diffie Hellman Group 2 1024 bit modulus exchange during IPSec SA key generation group 5 IPSec is required to use Diffie Hellman Group 5 security association Use the set security association lifetime command to define the lifetime in kilobytes and or seconds of the IPSec SAs created by this crypto map level perhost ipsec sa level lifetime kilobyte seconds ipsec sa lifetime e kilobytes SA lifetime limit in kilobytes e seconds SA lifetime limit in seconds session key Use the set session key command to define the encryption and authentication keys for this crypto map inbound Use this keyword to define encryption keys for inbound traffic outbound Use this keyword to define encryption keys for outbound traffic ah Authentication header protocol esp Encapsulating security payload protocol SPI Security Parameter Index cipher lt hex key data gt Specify encryption decryption key authenticator lt hex key data gt
211. or more details see interface Instance on page 12 1 The prompt changes from ws5100 config tO ws5100 config if Syntax interface IFNAME eth tunnel vlan Parameters IFNAME Interface name eth Ethernet interface tunnel Tunnel interface vlan Vlan interface Usage Guidelines Example WS5100 config interface eth 2 WS5100 config if WS5100 config interface vlan 2 WS5100 config if 5 22 WS5100 Series Switch CLI Reference Guide 5 1 13 ip gt Global Configuration Commands NOTE Using access list extended command leads you to config ext nacl instance For more details see Extended ACL Instance on page 13 1 Using access list extended command leads you to config std nacl instance For more details see Standard ACL Instance on page 14 1 Syntax ip access list default gateway dhcp domain lookup domain name http local name server nat route routing ssh telnet ip access list extended lt 100 199 lt 2000 2699 gt WORD standard lt 1 99 gt lt 1300 1999 gt WORD ip ip ip ip ip ip ip ip ip ip ip ip default gateway A B C D dhcp bootp excluded address option ping pool restart dhcp bootp ignore dhcp excluded address A B C D dhcp option option name dhcp ping timeout lt 1 10 gt dhcp pool pool name dhcp restart domain lookup domain name WORD http secure server secure trust
212. ou enter the following contexts e ext macl extended MAC ACL For more details see Extended MAC ACL Instance on page 15 1 5 32 WS5100 Series Switch CLI Reference Guide 5 1 19 ntp gt Global Configuration Commands Use this CLI command to configure NTP over the WS5100 Series Wireless Switch Syntax n 55355 5 5 5955 5 el t B t 555555 m 5595555 t tp tp tp tp tp tp access group authenticate authentication key autokey broadcast broadcastdelay master peer server trusted key access group peer query only serve serve only access group peer lt 1 99 gt lt 1300 1999 gt access group query only lt 1 99 gt lt 1300 1999 gt access group serve lt 1 99 gt lt 1300 1999 gt access group serve only lt 1 99 gt lt 1300 1999 gt authenticate authentication key md5 WORD autokey client only host broadcast client destination broadcast destination WORD key version broadcast destination WORD key lt 1 65534 gt broadcast destination WORD version lt 1 4 gt broadcastdelay lt 1 999999 gt master lt 1 15 gt peer WORD peer WORD autokey key prefer version peer WORD autokey prefer version lt 1 4 gt peer WORD key lt 1 65534 gt prefer version lt 1 4 gt peer WORD prefer version lt 1 4 gt peer TestPeer version lt 1 4 gt server WORD server WORD autokey key prefer version server WORD autoke
213. out tar drwxrwxrwt rw r r rw r r rw r r drwxrwxrwt Untar fails 0 600 0 0 0 0 0 0 0 600 381 151327 17318 0 2006 09 08 12 27 20 flash log 2006 09 08 12 27 28 flash log snmpd log 2006 09 08 14 37 26 flash log messages log 2006 09 08 12 27 29 flash log startup log 0 2006 09 08 12 27 14 flash log radius WS5100 archive tar xtract flash out tar flash out tar flash out tar No such file or directory Privileged Exec Commands 4 7 4 1 3 autoinstall gt Priv Exec Command Use this CLI to configure auto installation feature of the WS5100 Series Switch Syntax autoinstall start autoinstall config cluster config image url LINE Parameters start start the autoinstall sequence cluster config enable autoinstall of cluster config config enable autoinstall of config image enable autoinstall of image Example 4 8 WS5100 Series Switch CLI Reference Guide 4 1 4 cd gt Priv Exec Command Use this CLI to change the current directory Syntax cd DIR Parameters DIR Change current directory to DIR Usage Guidelines Example WS5100 cd nvram system flash WS5100 cd flash DIR Change current directory to DIR WS5100 cd flash flash backup flash crashinfo flash hotspot flash log flash out WS5100 cd flash log DIR Change current directory to DIR wWS5100 cd flash log WS5100 pwd flash log WS5100 oo Privile
214. p eit shutdown ungraceful unexpect Aug 21 13 10 09 2006 startup an ae shutdown ungraceful unexpect Aug 17 15 10 21 2006 startup Aug 17 15 08 58 2006 shutdown graceful user Common Commands 2 17 Aug 16 13 48 41 2006 startup e shutdown ungraceful unexpected cold restart Aug 11 19 32 55 2006 startup Aug 11 19 31 32 2006 shutdown graceful user WS5100 gt service show startup log Aug 30 15 32 43 2006 SKERN 5 NOTICE Linux version 2 6 13 4 ws symbol wios eng wios build gcc version 3 4 5 1 Aug 30 15 32 43 2006 KERN 6 INFO BIOS provided physical RAM map Aug 30 15 32 43 2006 SKERN 6 INFO BIOS e820 0000000000000000 000000000009fc00 usable Aug 30 15 32 43 2006 SKERN 6 INFO BIOS e820 000000000009fc00 00000000000a0000 reserved Aug 30 15 32 43 2006 SKERN 6 INFO BIOS e820 00000000000e0000 0000000000100000 reserved Aug 30 15 32 43 2006 SKERN 6 INFO BIOS e820 0000000000100000 000000000ff40000 usable Aug 30 15 32 43 2006 SKERN 6 INFO BIOS e820 000000000f f40000 000000000ff50000 ACPI data Aug 30 15 32 43 2006 SKERN 6 INFO BIOS e820 000000000 f f50000 0000000010000000 ACPI NVS Aug 30 15 32 43 2006 SKERN 6 INFO BIOS e820 00000000fec80000 00000000fec81000 reserved Aug 30 15 32 43 2006 SKERN 6 INFO BIOS e820 00000000fff80000 0000000100000000 reserved Aug 30 15 32 43
215. password encryption Privilege page 2 77 Global Config running contig Displays current operating configuration Privilege page 2 78 Global Config securitymgr Displays debug info for ACL VPN and NAT Privilege page 2 81 Global Config sessions Displays current active open connections Privilege page 2 82 Global Config startup contig Displays contents of startup configuration Privilege page 2 83 Global Config upgrade status Displays last image upgrade status Privilege page 2 84 Global Config 22 1 autoinstall gt Common to all modes Syntax show autoinstall Parameters None Example WS5100 gt show autoinstall WS5100 gt Common Commands 2 23 22 2 banner gt Common to all modes Syntax show banner Parameters motd Use this to enter Message of the Day banner Example WS5100 gt show banner motd Welcome to CLI WS5100 gt 2 24 WS5100 Series Switch CLI Reference Guide 22 3 commands gt Common to all modes Syntax WS5100 gt show commands Parameters None Example WS5100 gt show commands autoinstall autoinstall autoinstall config cluster config image config cluster config image config cluster config image autoinstall config cluster config image autoinstall config cluster config image autoinstall config cluster config image autoinstall start clear crypto ike sa A B C D clear crypto ike
216. point WORD server localhost local pool default low ip address A B C D ip name server A B C D ip ip ip ip ip nat inside outside nat inside destination source nat inside destination static A B C D source nat inside destination source list WORD static A B C D nat outside destination source Global Configuration Commands 5 23 ip nat outside destination static A B C D source ip nat outside destination source list WORD static A B C D ip route A B C DJA B C D M ip routing ip ssh port rsa ip ssh port lt 0 65536 gt ip ssh rsa keypair name WORD ip telnet port lt 0 65535 gt Parameters access list ACL Config Using the access list parameter options you enter the ext nac1 context and std nac1 context The prompt now changes to the context you have entered For more details see Extended ACL Instance on page 13 1 for extended ACL and Standard ACL Instance on page 14 1 for standard ACL default gateway Configure default gateway A B C D IP gateway address dhcp DHCP Server configuration bootp BOOTP specific configuration ignore Configure DHCP Server to ignore BOOTP requests excluded address Prevent DHCP Server from assigning certain addresses A B C D Low IP Address option Define DHCP server option name ping Specify ping parameters used by DHCP Server timeout Specify p
217. pose Esc C Capitalizes the letters at the right of cursor Esc L Changes the letters at the right of cursor to lowercase Common Commands This chapter explains the common CLI commands used amongst the USER EXEC and PRIV EXEC modes PRIV EXEC command set contains all of the commands available in USER EXEC mode some commands can be entered in either mode Commands that can be entered in either USER EXEC mode or PRIV EXEC mode are referred to as EXEC mode commands If user or privileged is not specified in the documentation assume that you can enter the referenced commands in either mode 2 2 WS5100 Series Switch CLI Reference Guide 2 1 Common Commands Table 2 1 summarizes the commands common amongst many contexts and instance contexts within the WS5100 Series Switch command line interface Table 2 1 Common commands amongst most contexts Command Description Ref clrscr Clears the display screen page 2 3 exit End current mode and down to previous mode page 2 4 help Description of the interactive help system page 2 5 no Negate a command or set its defaults page 2 7 service Service Commands page 2 8 show Shows running system information page 2 20 terminal Set terminal line parameters page 2 19 Common Commands 2 3 2 1 1 clrscr gt Common Commands Use this command to clear the screen displaying the cli and start afresh at the prompt Syntax clrscr Parameters
218. pto crypto mobility Clear Mobility Attributes wireless statisitcs Clear all wireless statistics ike ipsec sa Security association remote peer IP address IP address of the remote peer peer IP address IP addres of the peer mu Clear Mobile unit AA BB CC DD EE FF MAC address of the MU all All MUs Home and Foreign foreign database MUs present in the Foreign MU Database home database MUs present in the Home MU Database mu log Clear Mobility MU Event Log peer log Clear Mobility PEER Event Log peer statisitcs Clear Mobility Peer Statistcs A B C D IP address of the peer User Exec Commands 3 5 Usage Guidelines Example WS5100 gt clear crypto ike sa 111 222 333 01 WS5100 gt WS5100 gt clear crypto ipsec sa WS5100 gt 3 6 WS5100 Series Switch CLI Reference Guide 3 1 3 cluster cli gt User Exec Commands Use this command to cluster all the CLI pertaining to the context it appears in Syntax cluster cli enable Parameters enable Enables cluster context Usage Guidelines Example WS5100 gt cluster cli enable WS5100 gt 3 1 4 debug gt User Exec Commands User Exec Commands 3 7 Use this command to debug the WS5100 Series Switch Syntax debug certmgr all err info ip ssh mobility cc error forwarding mu packet peer system Parameters certmgr Certificate Manager Debugging Messages ip Internet Protocol IP mobility L3 Mobility all Trace error and in
219. r WS5100 config ext macl WS5100 config ext macl terminal no monitor WS5100 config ext macl 15 18 WS5100 Series Switch CLI Reference Guide Radius Server Instance The radius server local cli command takes you to radius server mode The local Onboard radius server configuration commands are listed under this mode Use config radsrv instance to configure local radius server parameters associated with the WS5100 Series Wireless Switch 16 1 Radius Configuration Commands Table 16 1 summarizes the Gloabl Config commands within the WS5100 Series Switch command line Table 16 1 Extended ACL Config Command Summary Command Description Ref authentication Radius authentication page 16 3 ca Configure ca certificate parameters page 16 4 clrscr Clears the display screen page 16 5 crl check Certificate Revocation List CRL check page 16 6 16 2 WS5100 Series Switch CLI Reference Guide Command Description Ref end End current mode and change to EXEC mode page 16 7 exit End current mode and down to previous mode page 16 8 group Configure radius user group paramaters page 16 9 NOTE This command create another sub instance called config radsrv group with its own set of command summary help Description of the interactive help system page 16 21 Idap server Idap server parameters page 16 22 nas Radius client page 16 23 no Negate a command or set its def
220. r E aa e e a EOT 7 i ETE er eee E E EE AN E E ETE EA EEATT 8 EI ES PE IEA A E ed TE EEA E PA TA 9 PANS aare a eh eer 10 a ENEE ET hed N SE A EN ENES IES OEN ET 1 ee A n E E AE EAE E TEI T E TE 11 12 PRAIA E IE EEE E ESEE T ETTE EEEE 11 13 a EE A A AEE EEA AAN S EN L STET aa has 11 14 SMO L EE PEE EE A E ETA N EAE E NT 6 AE EEEE EE A EEE EE A EN E E A nae 8 Chapter 12 interface Instance Interface Config commands 0 00 ccc cece eee eens 12 1 CNS scscoserdugdahuechasiesiuidhtesdsecaueadessexesbagaass 12 3 VOD 5S eicad ve oe Ae Sten Hal pie adn Aa he drew eon ods eax ta 2 4 Eea x tnt chor kdudGe sud detesosehecdeeuatarsebadaabaddads 2 5 GU ts ct EAE TEP EAEE E EE EIEII IEEE E TE ee ae 2 6 hi vO AA ee A E N EEA cn E A E A EAE eet 2 7 er Cees TIFI ee E TOENE R E PELLENTE NE E T ETT 2 8 ENEE A EE EE E Graded EIE NEE IE E 2 9 AAT N EE PAINI E AEE EE A AEAN E POPES T weiss 12 10 MANBBO MEME EEE EOE EEEE EEEE TE eae bee ws 12 11 NU E A E ET E EEE ET EE E ET T 12 12 eee a eer AEE AAS TEI Y AEE EAT TETTE rere ney eee eee EE 12 13 a E E I I NETES INEA TN TA NT 12 14 CN SEE EOE EEE E E ET EAE 12 17 SHUM EEE E E E SSTA ET TEOTAN 12 20 arae eta A E ee hance wae 12 21 8 WS5100 Series Switch CLI Reference Guide E ARENE TEN TIIE ana beara ete a eee eae wee es 12 22 TOMA lieu onder pedueaeun edd E T E ETE T E 12 24 ca a eaae e krei 12 25 Chapter 13 Extended ACL Instance Extended ACL Config Commands nnana naana 13 1 PGT
221. r at ecreer eee ae a cree ee creamer n 7 7 AET a MENSE ete hop de did heed E ce dog a EENAA T EEN A SA E T T 7 8 SOUT ENE NE EE L E EEEE EL EEEE E A E EEN 7 9 N AEETI ANE PL TEETE T E EEEE ENT NIENIE IEEE EET EE 7 11 Chapter 8 crypto peer Crypto Peer Config commands ss srisesrrsrirrerrserir eri rka eens 8 1 SEPETE EEIE TE E PEIE TO PET EIES E EI E ER 8 3 BB EEE ede sesh LEEENA PTT VEEE NE EE DIE EEEIEE OIDE T 8 4 E N OEE ae N E EEE E ea R A EA EEN E E AE EA 8 5 ite AERE E ANE TENTE I STEES a EPEAT TES T ETA I ert 8 6 a EE E T AE de ide be ET 8 7 Ar MARNE EPET PETERE AET OI AET EE E T A E EY 8 8 ele ony ed ke ETE OE EIE E E E E E T aed eee E E A oe 8 9 SY PRIENT PEELE EIEEE PERTE EEE A EE ETE TNE ET AOE 8 10 Crypto Ipsec Config commands isrirssrrsririrrsanrii tiraria ees 9 1 e TO EENET E E E TYEE E ETET 9 3 SNOW A PEA EE A T A NEA AE ELTA SNT IETT TAEAE 9 4 Chapter 10 crypto map Tiustpoint CONTIG commands e sis crdoe ig our sfer RENE ER SEENE nuns 10 1 CAN eE EE 10 3 le T E IETEN be TE ITEE EEES ONET T PTEE E EA 10 4 e EETA EPEE te obi E NE PSE EE E AE ETE 10 5 M E E E E TES OEN VEE TUATEA 10 6 OI OEE EA E AE EE EAN TA E EE EN E 10 7 A EET TENETE E T E EE E E E A E E E EN TE 10 9 Trustpoint CONTE commands 0 lt 5 24 00ceccridccetersecsyesodesedeeoauses 1 A A AEE EAE A AEE E E AEA E T 3 oea o E E EE EET E EEE EESE 4 UCL ee ESEE I P E E Cem ETET EATE ee PESTE 11 5 OG PREE crear PEE E E A TIETE PE P EES 11 6 ae a
222. ractive help system 10 2 AP 5131 Access Point Product Reference Guide Command Description Ref match Match values no Negate a command or set its defaults Service Service Commands set Set values for encryption decryption show Show running system information 10 1 1 clrser Use this CLI command to clear the display screen Syntax clrscr Parameters None Example WS5100 config crypto map clr WS5100 config crypto map crypto map 10 3 10 4 AP 5131 Access Point Product Reference Guide 10 1 2 end Use this CLI command to end and exit from the current mode and change to PRIV EXEC mode The prompt now changes to ws5100 Syntax end Parameters None Usage Guidelines Example WS5100 config crypto map end WS5100 crypto map 10 5 10 1 3 exit Use this CLI command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to ws5100 config Syntax exit Parameters None Example WS5100 config crypto map exit WS5100 config 10 6 AP 5131 Access Point Product Reference Guide 10 1 4 help Use thie CLI command to access the systems interactive help system Syntax help Parameters None Example WS5100 config crypto map help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows
223. radio Enable wireless radio traps adopted Radio adopted detectedRadar Radio detected radar unadopted Radio unadopted self healing Enable self healing traps activated Self healing activated station Enable wireless station traps 5 46 WS5100 Series Switch CLI Reference Guide associated Wireless station associated deniedAssociationAsPort CapacityReached Wireless station denied association due to port capacity reached deniedAssociationOnCapability Wireless station denied association due to unsupported capability deniedAssociationOnErr Wireless station denied association due to internal error deniedAssociationOnInvalid WPAWPAZIE Wireless station denied association due to invalid absent WPA WPAZ IE deniedAssociationOnRates Wireless station denied association due to incompatible Transmission rates deniedAssociationOnSS D Wireless station denied association due to invalid SSID deniedAssociationOnShort Pream Wireless station denied association due to lack of short preamble support deniedAssociationOnSpectrum Wireless station denied association due to lack of spectrum management capability deniedAuthentication Wireless station denied 802 11 authentication disassociated Wireless station disassociated radiusAuthFailed Wireless station failed radius authentication tkipCounterMeasures TKIP counter measures invoked wireless statistics Modify wi
224. reless stats rate traps min packets Minimum packets for sending the trap This can be set with a decimal number in the range of lt 1 65535 gt mobile unit Modify mobile unit rate traps radio Modify radio rate traps wireless switch Modify wireless switch rate traps wlan Modify wlan rate traps Global Configuration Commands 5 47 avg bit speed less than lt gt Average bit speed in Mbps is less than lt A decimal number greater than 0 00 and less than or equal to 54 00 gt avg retry greater than lt gt Average retry is greater than lt A decimal number greater than 0 00 and less than or equal to 16 00 gt avg signal less than lt gt Average signal in dBm is less than lt A decimal number less than 0 00 and greater than or equal to 120 00 gt gave up percent greater than lt gt percentage of pkts dropped is greater than lt A decimal number greater than 0 00 and less than or equal to 100 00 gt nu percent greater than lt gt percentage of non unicast pkts is greater than lt A decimal number greater than 0 00 and less than or equal to 100 00 gt pktsps greater than lt gt Packets per sec is greather than lt A decimal number greater than 0 00 and less than or equal to 100000 00 gt tput greater than lt gt Throughput in Mbps is greather than lt A decimal number greater than 0 00 and less
225. rs lt seconds gt Specify how many seconds an IKE SA will last before expiring Time stamp in secondscan be configured between 3600 and 2147483647 Example WS5100 config crypto isakmp lifetime 5200 WS5100 config crypto isakmp 6 12 AP 5131 Access Point Product Reference Guide 6 1 10 no Use this CLI command to negate a command or set its defaults Syntax no lt previous command used gt Parameters Use the commands that you have configured under this instance Example WS5100 config crypto isakmp no lifetime WS5100 config crypto isakmp crypto isakmp 6 13 6 1 11 service Use this CLI command to invoke the service commands to trobuleshoot or debug the config crypto isakmp instance configurations Syntax service clear diag shell save cli show start shell tethereal Parameters clear Remove specified support information diag shell Provide diag shell access save cli Save CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic Example WS5100 config crypto isakmp service show en lan how CLI tree of current mode command history Display command except show commands history crash info Display information about core panic and AP dump files info Show snapshot of available support information last passwd Display last password used to enter shell S S 5 n reboot histo
226. rs for which the information can be viewed using the show command Example WS5100 config radsrv group access list alarm log autoinstall banner boot clock commands crypto debugging environment file ftp history interfaces ip ldap licenses logging mac management mobility ntp password encryption privilege radius redundancy group redundancy history redundancy members running config securitymgr sessions snmp snmp server startup config terminal timezone upgrade status users version wireless WS5100 config radsrv group Radius Server Instance 16 17 show Internet Protocol IP Display all alarms currently in the system autoinstall configuration Display Message of the Day Login banner Display boot configuration Display system clock Show command lists crypto Display debugging setting show environmental information Display filesystem information Display FTP Server configuration Display the session command history Interface status and configuration Internet Protocol IP ldap server Show any installed licenses Show logging configuration and buffer Media Access Control Display L3 Managment Interfac Display Mobility Parameters Network time protocol password encryption Show current privilege level Radius configuration commands Display redundancy group parameters Display state transition history of the switch Display redundancy group members in detail
227. ry how reboot history startup log how startup log upgrade history how upgrade history WS5100 config crypto isakmp service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 4M out of 18 6M available for crashinfo List of Files messages log 0 Oct 9 132 01 snmpd log 316 Oct 9 13 01 startup log 16 5k Oct 9 13 01 command history 7 6k Oct 9 18 19 reboot history 3 4k Oct 9s 13201 upgrade history 782 Aug 29 18 32 Please export these files or delete them for more space WS5100 config crypto isakmp 6 14 AP 5131 Access Point Product Reference Guide 6 1 12 show Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the parameters for which the information can be viewed using the show command Example WS5100 config crypto isakmp show access list alarm log autoinstall banner boot clock commands crypto debugging environment file ftp history interfaces ip ldap licenses logging mac management mobility ntp password encryption privilege radius redundancy group redundancy history redundancy members running config securitymgr sessions snmp Internet Protocol IP Display all alarms currently in the system autoinstall configuration Display Message of the Day Login banner Display boot configuration Displ
228. s Example EXAMPLE OUTPUT HERE Standard ACL Instance 14 9 14 1 7 no gt Standard ACL Config Commands Use this CLI command to negate a command or set its defaults Syntax no deny mark permit This command negates all the syntax combinatins that you have used in deny mark and permit to configure the Extended ACL Parameters deny Specify packets to reject mark Specify packets to mark permit Specify packets to forward Usage Guidelines Example 14 10 WS5100 Series Switch CLI Reference Guide 14 1 8 permit gt Standard ACL Config Commands permit A B C D M any host permit any log rule precedence wlan permit any log rule precedence lt 1 500 gt permit any rule precedence lt 1 500 gt permit any wlan lt 1 32 gt log rule precedence rule precedence lt 1 500 gt permit host A B C D Parameters A B C D M Source IP address range to match any Any source IP address log Log matches against this entry rule precedence lt 1 500 gt Access list entry precedence lt 1 500 gt Precedence Value wlan lt 1 32 gt Filter packets based on WLAN lt 1 32 gt WLAN index host Single host address A B C D Exact source IP address to match Usage Guidelines Example WS5100 WS5100 WS510 WS510 oo WS510 WS510 oo con con con con con con fig s fig s fig s fig s fig s fig s td nacl td nacl td nac
229. s Wireless Switch command line interface Chapter 12 interface Instance Summarizes the config if commands within the WS5100 Series Wireless Switch command line interface Table 1 Quick Reference on How This Guide Is Organized Continued Chapter Jump to this section if you want to Chapter 13 Extended ACL Summarizes the config ext nael commands within the WS5100 Instance Series Switch command line Chapter 14 Standard ACL Summarizes the config std nael commands within the WS5100 Instance Series Switch command line Chapter 15 Extended MAC Summarizes the config ext macl commands within the WS5100 ACL Instance Series Switch command line Chapter 16 Radius Server Summarizes the config radsrv Instance commands within the Instance WS5100 Series Wireless Switch command line interface Chapter 17 Wireless Summarizes the config wireless instance commands within the Instance WS5100 Series Wireless Switch command line interface Conventions Used in this Guide This section describes the following topics e Annotated Symbols e Notationa l Conventions Annotated Symbols The following document conventions are used in this document AN A NOTE Indicate tips or special requirements CAUTION Indicates conditions that can cause equipment damage or data loss WARNING Indicates a condition or procedure that could result in personal i
230. s a message to your screen you can easily recall your current command line entry To redisplay the current command line refresh the screen use either of the following key combinations Keystrokes Purpose Ctrl L Redisplays the current command line 1 12 WS5100 Series Switch CLI Reference Guide 1 5 5 Command Output pagination When working with the Symbol CCB CLI output often extends beyond the visible screen length For cases where output continues beyond the bottom of the screen such as with the output of many or show commands the output is paused and Press Any Key to Continue Q to Quit promptis displayed at the bottom of the screen To resume output press the Return key to scroll down one line or press the Spacebar to display the next full screen of output 1 5 6 Transposing Mistyped Characters If you have mistyped a command entry you can transpose the mistyped characters To transpose characters use the following key combination Keystrokes Purpose Ctrl T Transposes the character to the left of the cursor with the character located at the cursor 1 5 7 Controlling Capitalization You can capitalize or lowercase words or capitalize a set of letters with simple key sequences Note however that Symbol CCB commands are generally case insensitive and are typically all in lowercase To change the capitalization of commands use any of the following key sequences Keystrokes Pur
231. s arira rear akire iri eire 7 36 So DEREN PENT LENONS OE A OSEE SNETI AEETI ET 7 38 SON orenean ia eE ale aeee ate 7 39 UA Eee ee ae EE FETE ETTE TE eee eee ee renee eee bee ere 7 42 E A vie ec ebra deve de ede ie beeees T E 7 44 EPONA dhe SE VENIE E EEE T E E PETEA AEE T S TE OES 7 45 E EEE E EAE EE E E EE as ee EE 17 46 About This Guide This preface introduces the WS5700 Series CLI Reference Guide and contains the following sections e Who Should Use this Guide e How to Use this Guide e Conventions Used in this Guide e Service Information Who Should Use this Guide The WS5100 Series CLI Reference Guide is intended for system administrators responsible for the implementing configuring and maintaining the WS5100 Series Switch within the wireless local area network It also serves as a reference for configuring and modifying most common system settings The administrator should be familiar with wireless technologies network concepts ethernet concepts as well as IP addressing and SNMP concepts viii WS5100 Series Switch CLI Reference Guide How to Use this Guide This guide will help you implement configure and administer the WS5100 Series Switch and associated network elements This guide is organized into the following sections Table 1 Quick Reference on How This Guide Is Organized Chapter Chapter 1 Introduction Jump to this section if you want to Review the overall feature set of the WS5100
232. s encrypted with password encryption secret WORD Enter password upto 21 characters length Usage Guidelines Example WS5100 config radsrv rad user TestRadUser password I SPY U WS5100 config radsrv 16 28 WS5100 Series Switch CLI Reference Guide 16 1 14 server gt Radius Configuration Commands Use this CLI command to configure server certificate parameters You must create a trustpoint using crypto pki trustpoint or have an existing trustpoint to configure server Syntax server trust point Parameters trust point Trust point configuration WORD Existing trust point name Usage Guidelines Example WS5100 config radsrv server trust point TestTP 6sError Specified Trust point does not exists WS5100 config radsrv 16 1 15 service Radius Server Instance 16 29 gt Radius Configuration Commands Use this CLI command to invoke the service commands to trobuleshoot or debug the config radsrv instance configurations This command is also used to enable RADIUS server Syntax service clear diag shell radius save cli show start shell tethereal service radius restart Parameters clear Remove specified support information diag shell Provide diag shell access radius Enable radius server restart save cli Save CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffi
233. secondary A B C D aaa authentication login default none local radius aaa nas WORD aaa vpn authentication primary secondary A B C D key WORD authport PORT_RANGE Parameters authentication Authentication configuration parameters login Set authentication lists for logins default The default authentication list local Use local user database none No authentication radius Use external radius server nas nas identifier This parameter accepts a string of 64 charaters vpn authentication vpn authentication using radius primary primay address secondary secondary address A B C D address Usage Guidelines Example 5 1 2 access list gt Global Configuration Commands Use this CLI command to add an access list entry Syntax access list access list lt 1 99 gt lt 1300 1999 gt 255 gt A B C D M host A B C D precedence lt 1 500 gt access list lt 100 199 gt lt 2000 2699 gt deny permit mark any wlan lt 1 32 gt log deny permit mark Global Configuration Commands 8021p lt 0 7 gt tos lt 0 rule 8021p lt 0 7 gt tos lt 0 255 gt icmp A B C D M host A B C D any A B C D M host A B C D any lt 0 255 gt lt 0 255 gt lt 0 255 gt wlan lt 1 32 gt log rule precedence lt 1 500 gt access list lt 100 199 gt lt 2000 2699 gt deny permit mark 8021p lt 0 7 gt tos lt 0 255 gt
234. sed for encryption WORD RSA keypair name telnet Telnet server port Value of the listening port The value can be anything between 0 65535 Usage Guidelines By using the ip access list parameter you enter the following contexts e ext nacl extended ACL For more details see Extended ACL Instance on page 13 1 e std nacl Standard ACL For more details see Standard ACL Instance on page 14 1 e You can clear the ip dhcp binding using the clear command NOTE To delete Standard Extended and MAC ACL use no access list lt access list name gt under the Global Config mode Example WS5100 config ip access list extended TestACL WS5100 config ext nacl WS5100 config ip access list standard TestStdACL WS5100 config std nacl 5 26 WS5100 Series Switch CLI Reference Guide 5 1 14 license gt Global Configuration Commands lt lt lt Text here gt gt gt Syntax license Parameters WORD Enter the name of the feature for which you wish to add license Usage Guidelines Example Global Configuration Commands 5 27 5 1 15 line gt Global Configuration Commands Use this CLI command to configure the terminal line Syntax line console vty Parameters console Primary terminal line You can configure a value between 0 0 vty Virtual terminal You can configure a value between 0 871 Usage Guidelines Example 5 28 WS5100 Series Switch CLI Reference Guide
235. service diag enable led 1 amber flashing offl on blue red 2 amber flashing off on blue red limit buffer fan filesys etc2 flash ram load 1 15 5 maxFDs pkbuffers procRAM ram routecache tempreature period lt 100 30000 gt save cli show clil command history crash info diag info memory natstats process reboot history rulestats startup log upgrade history Parameters diag Diagnostics save cli Save CLI tree for all modes in html format show Show running system information enable Enables the service diagnostics mode led Use to configure LED display sequence 1 Use to configure upper LED You can select from the following options e amber e blue e red 2 Use to configure lower LED You can select from the following options e amber e blue e red limit Use to set the diagnostic limit submodes commands Common Commands 2 9 buffer Use to configure the buffer usage warning limit The warning limit can be set to one of the following buffer limit size e 12 128 byte buffer limit e 128k 128k byte buffer limit e 16k 16k byte buffer limit e 1k 1k byte buffer limit e 256 256 byte buffer limit e 2k 2k byte buffer limit e 32 32 byte buffer limit e 32k 32k byte buffer limit e Ak 4k byte buffer limit e 512 512 byte buffer limit e 64 64 byte buffer limit e 64k 64k byte buffer limit e 8k 8 byte buffer limit fan
236. side Parameters access group Access group lt 1 99 gt lt 100 199 gt IP extended access list lt 1300 1999 gt lt 2000 2699 gt IP extended access list expanded range WORD Access List Name in Incoming packets address Set the IP address of an interface A B C D M IP address e g 10 0 0 1 8 dhcp Use DHCP Client to obtain IP address for this interface helper address Forward DHCP and BOOTP packets A B C D IP to which DHCP and BOOTP packets are forwarded nat Network Address Translation NAT inside Inside interface outside Outside interface Usage Guidelines Example interface Instance 12 11 12 1 9 management gt Interface Config commands Use this CLI command to configure the selected interface as management interface Syntax management Parameters None Usage Guidelines Example 12 12 WS5100 Series Switch CLI Reference Guide 12 1 10 mtu gt Interface Config commands Use this CLI command to set the mtu value for an VLAN interface NOTE This command is valid only with an VLAN interface Syntax mtu lt 512 1500 gt Parameters lt 512 1500 gt Value of MTU in bytes Usage Guidelines Example WS5100 config interface vlan 20 WS5100 config if mtu 520 WS5100 config if 12 1 11 no gt Interface Config commands Use this CLI command to negate a command or set its defaults Syntax n
237. sion use the following command in EXEC mode Command Description WS5100 history size number of lines Sets the size of command history buffer WLAN Module history Enables command history feature Use no history command disables the command history feature 1 4 2 Recalling Commands To recall commands from the history buffer use one of the following commands or key combinations most recent command Repeat the key sequence to recall successively older commands Command Description Ctrl P or the Up Arrow key Recalls commands in the history buffer beginning with the Ctrl N or the Down Arrow key Returns to more recent commands in the history buffer after recalling commands with Ctrl P or the Up Arrow key Repeat the key sequence to recall successively more recent commands lI Executes the last command from the command history buffer lt n gt Executes nth command from command history buffer 1 7 1 8 WS5100 Series Switch CLI Reference Guide Command Description WS5100 gt show history While in EXEC mode lists the last several commands entered 1 4 3 Disabling the History Command Feature The command history feature is automatically enabled To disable it during the current terminal session use the following command in EXEC mode Command Description WLAN Module no history Disables command history for the current session 1 4 4 Basic Conventions
238. splay Mobility Parameters Network time protocol password encryption Show current privilege level Radius configuration commands Display redundancy group parameters Display state transition history of the switch Display redundancy group members in detail Current Operating configuration Display debug info for ACL VPN and NAT Display current active open connections Display SNMP engine parameters Display SNMP engine parameters Contents of startup configuration Display terminal configuration parameters nam timezone upgrade status users version wireless Display timezone Display last image upgrade status Display information about terminal lines Display software amp hardware version Wireless configuration commands WS5100 config crypto ipsec show crypto ipsec 9 5 9 6 AP 5131 Access Point Product Reference Guide crypto map config crypto map CLI commands are used to define a Certificate Authority CA trustpoint This is a seperate instance by itself but belongs to the crypto pki trustpoint mode under config instance 10 1 Trustpoint Config commands Table 10 7 summarizes the config crypto map commands within the WS5100 Series Switch command line interface Table 10 1 Trustpoint Config Commands Summary Command Description Ref clrscr Clears the display screen end End current mode and change to EXEC mode exit End current mode and down to previous mode help Description of the inte
239. ss Switch to have Rivest Shamir and Adelman RSA key pairs Thus the WS5100 Series Wireless Switch software can maintain a different key pair for each identity certificate Example 11 14 WS5100 Series Switch CLI Reference Guide 11 1 12 service gt Trustpoint Config commands Use this CLI command to invoke the service commands to trobuleshoot or debug the crypto pki trustpoint instance configurations Syntax service clear diag shell save cli show start shell tethereal Parameters clear Remove specified support information diag shell Provide diagnostic shell access to debug and test the WS5100 Series Wireless Switch save cli Saves the CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic Usage Guidelines Example WS5100 config trustpoint service diag shell Diagnostic shell started for testing diag gt boot delete exit fallback help logout no reload service show upgrade Reboots the swi Deletes specifi tch Description of d file from the system Exit from the CLI Configures firmware fallback feature the interactive help system Exit from the CLI Negate a command or set its defaults Halt and perform a warm reboot Service Commands Show running system information Upgrade firmware image diag gt WS5100 con crypto trustpoint Instance 11 15 f
240. ssigned to Radius server specified VLANs instead of only the vlan that is mapped to this wlan mobile unit Modify Radius 802 1X supplicant related parameters reauth Enable periodic reauthentication of all associated mobile units server Modify Radius 802 1X server parameters accounting mode start interim stop interval lt 60 3600 gt start stop stop only Use this to configure the radius accounting parameters mode Accounting Mode on this WLAN start interim stop Accounting Start Interim Stop interval lt 60 3600 gt Time Interval between successive accounting updates start stop Send Accounting Start Stop stop only Send Accounting Stop only accounting timeout lt 1 60 gt retransmit lt 7 700 gt Use this to configure the radius accounting parameters timeout lt 7 60 gt Time in seconds that the wireless switch waits for a response from the radius server before retrying Accounting retransmit lt 7 700 gt Number of retries before the wireless switch will give up Accounting 17 54 WS5100 Series Switch CLI Reference Guide authentication protocol chap pap Authentication protocol to use in the radius requests e chap Challenge Handshake Authentication Protocol e pap Password Authentication Protocol dscp lt 0 63 gt Specify a DSCP Differentiated Services Code Point value to provide QoS to Radius packets The DSCP value should be between 0 63
241. ssword encryption secret e LINE Radius server shared secret upto 127 characters Wireless Instance 17 55 server timeout lt 60 gt retransmit lt 7 0 gt Modify Radius 802 1X server parameters e timeout lt 7 60 gt Time in seconds the wireless switch waits for a response from the radius server before retrying e retransmit lt 1 10 gt Number of retries before the wireless switch will give up and disassociate the mobile unit secure beacon dont include the SSID of this WLAN in Beacon frames ssid The SSID of this WLAN symbol extensions fast roaming enable Enable support for Symbol extensions e fast roaming enable Enable support for Symbol fast roaming syslog accounting server lt IP Address gt port lt Port number gt Syslog Accounting e accounting Modify Accounting Parameters e server lt IP Address gt Modify Syslog Accounting Server IP Address e port lt Port Number gt Syslog Server Port Default port number is 514 tunnel lt 32 gt gateway lt IP Address and mask gt e tunnel lt 1 32 gt The tunnel index mapping for this WLAN e gateway lt IP address gt The gateway IP address and mask vian lt 1 4094 gt The VLAN assignment of this WLAN 17 56 WS5100 Series Switch CLI Reference Guide wep128 key lt 4 gt ascii hex lt 0 2 WORD gt phrase LINE wep default Configure WEP128 parameters
242. ssword used to enter shell reboot history how reboot history startup log how startup log upgrade history Show upgrade history WS5100 config std nacl service show WS5100 config std nacl service start shell Last password used password with MAC 00 a0 f8 65 ea 8e Password WS5100 config std nacl WS510 LIN config std nacl service tethereal tethereal options in the format V print detailed packet x hex dump of packet p no promiscuous mode for interface n disable name resolution c lt count gt h detailed help E to capture ESPD J e capture nonEspd packets f lt capture filter expression in format xx xx xx gt i lt interface on which to capture packets gt W wisp packet Ho only s lt snaplen gt r lt filename gt read contents of specified file w lt savefile gt save capture in specified file X for examples on tethereal capture filter WS5100 config std nacl Standard ACL Instance 14 13 14 1 10 show gt Standard ACL Config Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the parameters for which the information can be viewed using the show command Usage Guidelines Example WS5100 config std nacl show access list Internet
243. t full tmp is 5 percent full Free Memory 151944 kB FWU invoked via Linux shell Running from partition dev hda6 partition to update is dev hda5 Reading image file header Removing other partition Added 3 0 0 0 180B aking file system Extracting files this can take some time Version of firmware update file is 3 0 0 0 200B Creating LILO files Running LILO Added 3 0 0 0 180B Added 3 0 0 0 200B Successful WS5100 User Exec Commands Logging in to the switch places you in USER EXEC command mode Typically log in will require a user name and a password You may try three times to enter a password before the connection attempt is refused The USER EXEC commands available at the user level are a subset of those available at the privileged level In general the user EXEC commands allow you to connect to remote devices perform basic tests and list system information To list the available USER EXEC commands use the at the command prompt The USER EXEC mode prompt consists of the host name of the device followed by an angle bracket gt The default host name is generally WLAN Module You can change the host name using the hostname GLOBAL CONFIG command 3 2 WS5100 Series Switch CLI Reference Guide 3 1 User Exec Commands Table 3 1 summarizes the User Exec commands within the WS5100 Series Switch command line interface Table 3 1 User Exec commands Summary Command D
244. tance 17 23 17 1 16 manual wlan mapping gt Wireless Configuration Commands Use this CLI command to manually map map un map the wlans configured on a radio Syntax manual wlan mapping Parameters enable Enable support for manual wlan mapping Usage Guidelines Example WS5100 config wireless manual wlan mapping enable WS5100 config wireless 17 24 WS5100 Series Switch CLI Reference Guide 17 1 17 mobility gt Wireless Configuration Commands Use this CLI command to configure mobility parameters Syntax mobility enable local address max roam period peer mobility local address IP Address mobility max roam period lt 1 15 gt mobililty peer IP Address Parameters enable Enable Mobility Globally local address Set Local Addr for Mobility A B C D IP Address of A B C D format max roam period lt 7 75 gt Set Max Roam Period for an MU in seconds peer Add a Peer to this mobility region A B C D IP address of the Peer Usage Guidelines Example WS5100 WS5100 WS510 WS510 SS WS510 WS510 oo WS510 WS510 oo con con con con con con con con fig wireless mobility enable fig wireless fig wireless mobility local address 12 12 12 1 fig wireless fig wireless mobility max roam period 10 fig wireless fig wireless mobility peer 157 208 235 108 fig wireless Wireless Inst
245. tatus information about terminal lines software amp hardware version s configuration commands WS5100 config if show access list Standard IP access list 1 WS5100 config if deny any rule precedence 1 WS5100 config if show boot Image Build Date Install Date Version Primary Aug 28 14 05 16 2006 Aug 29 18 32 17 2006 3 0 0 0 200B Secondary Aug 14 06 18 03 2006 Aug 17 15 08 28 2006 3 0 0 0 180B Current Boot Primary Next Boot Primary Software Fallback Enabled WS5100 config if WS5100 config if show wireless ap ap detection config ap images ap unadopted approved aps channel power for config hotspot config ids mac auth local mobile unit Status of adopted access port Detected AP Configuration Parameters List of access port images on the wireless switch List of unadopted access port Approved APs seen by access port scans List of available channel and power levels a radio Wireless Configuration Parameters Wlan hotspot configuration Intrusion detection parameters list out the mac auth local entries Details of associated mobile units phrase to key passphrase qos mapping radio regulatory information self heal config sensor parameters unapproved aps wireless switch statistics wlan WS5100 config if interface Instance 12 19 display the WEP keys generated by a Quality of Service mappings used for mapping WMM access ca
246. tegories and 802 1p DSCP tags Radio related commands Regulatory allowed channel power for a particular country Self Healing Configuration Parameters Wireless Intrusion Protection System Unapproved APs seen by access port or mobile unit scans wireless switch statistics Wireless LAN related parameters WS5100 config if show wireless config count ry code None adoption pref id lt I proxy arp enabled adopt unconf radio enabled dot11 shared key auth disabled ap detection disabled oversized frames disabled manual wlan mapping disabled dhcp sniff state disabled dhcp fix windows disabled broadcast tx speed optimize for throughput smart scan lla channels smart scan 11bg channels WS5100 config if 12 20 WS5100 Series Switch CLI Reference Guide 12 1 14 shutdown gt Interface Config commands Use thie CLI command to shutdown the selected interface Syntax shutdown Parameters None Usage Guidelines Example WS5100 config if shutdown WS5100 config if interface Instance 12 21 12 1 15 speed gt Interface Config commands Use this CLI command to configure the speed of the selected interface in Mbps Syntax speed 10 100 1000 auto Parameters 10 Force 10 Mbps operation 100 Force 100 Mbps operation 1000 Force 1000 Mbps operation auto Enable AUTO speed configuration Usage Guidelines Example WS5100 config if speed auto WS5100 config if
247. than gave up percent greater than avg retry greater than undecrypt percent greater than WS5100 gt disabled disabled disabled disabled disabled disabled disabled disabled WS5100 gt show snmp server traps wireless statistics radio pktsps greater than tput greater than avg bit speed less than avg signal less than nu percent greater than gave up percent greater than avg retry greater than undecrypt percent greater than num stations greater than WS5100 gt WS5100 gt show snmp server traps wireless statistics wireless switch pktsps greater than tput greater than num stations greater than WS5100 gt disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled disabled RBA waeaeaeaeawaeaeeaeaeaweasw 2 5 7 2 58 WS5100 Series Switch CLI Reference Guide WS5100 gt show snmp server traps wireless statistics wlan pktsps greater than tput greater than avg bit speed less than avg signal less than nu percent greater than gave up percent greater than avg retry greater than undecrypt percent greater than num stations greater than WS5100 gt disabl disabl disabl disabl disabl disabl disabl disabl disabl led led led led led led led led led 22 23 terminal gt Common to all modes Syntax show terminal Parameters None Example W
248. the show command Example WS5100 config crypto peer show access list Internet Protocol IP alarm log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration clock Display system clock commands Show command lists crypto crypto debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface nam mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group redundancy history redundancy members running config securitymgr sessions snmp Display Display Display Current Display Display Display redundancy group parameters state transition history of the switch redundancy group members in detail Operating configuration debug info for ACL VPN and NAT current active open connections SNMP engine parameters snmp server startup config terminal timezone upgrade status users version wire
249. tig gt Privilege Global Config Syntax show startup config Parameters None Example WS5100 show startup config 1 configuration of WS5100 version 3 0 0 0 16786x version 1 0 1 service prompt crash info 1 username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507q username admin privilege superuser username operator password 1 fe96dd39756ac41pb74283a9292652dqd366q73931f username manager password 1 45b27d6483fc630981lad5096ff26a7956ce0c038 username manager privilege superuser 1 no country code logging console 7 no logging on fallback enable ftp password 1 810a25d76c31e495cc070bdf42e076f7c9bValcd ip http server ip http secure trustpoint local ip http secure server ip ssh ip telnet snmp server manager v2 snmp server manager v3 snmp server user manager v3 encrypted auth md5 Oxfdcealff 2d738d4bf1lbc072 0d6094b7 snmp server user operator v3 encrypted auth md5 Oxfb2392al4cf80787b878006ab968a2 9b crypto ipsec security association lifetime kilobytes 4608000 f wireless 1 Crypto pki Crust porn Sloc lreue sid terete cs a a n E a S 2 84 WS5100 Series Switch CLI Reference Guide 2 2 40 upgrade status gt Privilege Global Config Syntax show upgrade status detail Parameters detail Last image upgrade log Example WS5100 show upgrade status detail Last Image Upgrade Status Successful Last Image Upgrade Time Tue Aug 29 18 32 17 2006 var2 is 10 percen
250. tion and buffer Media Access Control Display L3 Managment Interface name Display Mobility Parameters ntp privilege radius redundancy group redundancy history redundancy members snmp snmp server terminal timezone users version wireless Output modifiers WS5100 Series Switch CLI Reference Guide Disp Disp Disp Disp Disp Disp Disp Disp Disp Lay Lay Lay Lay Lay Lay Lay Lay Lay Wirel WS5100 gt show autoinstall gt Output redirection gt gt less configuration commandsE etwork time protocol Show current privilege level Radius configuration commands redundancy group parameters state transition history of the switch redundancy group members in detail SNMP engine parameters SNMP engine parameters terminal configuration parameters timezone information about terminal lines software amp hardware version Output redirection appending 2 1 4 no gt Common Commands Use this command to either negate a command or set its defaults Syntax no Parameters None Usage Guidelines Example WS5100 gt no autoinstall cluster cli debug page service autoinstall configuration command Cluster context Debugging functions Toggle paging Service Commands Common Commands 2 7 2 8 WS5100 Series Switch CLI Reference Guide 21 5 service gt Common Commands Use this command to servie debug the WS5100 Series Switch Syntax
251. ture in specified file X for examples on tethereal capture filter WS5100 config ext nacl service tethereal 13 16 WS5100 Series Switch CLI Reference Guide 13 1 10 show gt Extended ACL Config Commands Use thie CLI command to view the current system information that is running on the WS5100 Series Wirteless Switch Syntax show lt paramater gt Parameters Displays all the parameters for which the information can be viewed using the show command Usage Guidelines Example WS5100 config ext nacl show access list Internet Protocol IP alarm log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration clock Display system clock commands Show command lists crypto crypto debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface nam mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius
252. tus Clock is unsynchronized stratum 16 reference is INIT actual frequency is 0 0000 Hz precision is 2 20 reference time is 00000000 00000000 Feb 07 06 28 16 UTC 2036 clock offset is 0 000 msec root delay is 0 000 msec root dispersion is 1395 000 msec 2 2 16 privilege gt Common to all modes Syntax show privilege Parameters None Example WS5100 gt show privilege Current user privilege superuser WS5100 gt Common Commands 2 49 2 50 22 17 radius gt Common to all modes WS5100 Series Switch CLI Reference Guide Syntax show radius configuration eap configuration proxy rad user trust point Parameters radius Radius configuration commands group nas A B C D M configuration radius server configuration parameters eap Eap parameters configuration Eap configuration group Radius group configuration nas client information A B C D M client ip address mask proxy proxy information rad user Radius user information trust point Radius trust point configuration Example WS5100 config show radius proxy Proxy Details Proxy retry delay 6 seconds Proxy retry count 4 Proxy Realm Details Realm symbol com IP Address 10 10 10 5 Port 1812 Shared secret 0 secret123 2 2 18 redundancy group gt Common to all modes Common Commands Syntax show redundancy group config runtime Parameters config Display configured
253. uide 12 1 17 terminal gt Interface Config commands Use this command to set the length number of lines to be displayed on the terminal window Syntax terminal monitor no terminal no monitor Parameters monitor Copy debug output to the current terminal line no Negate a command or set its defaults monitor Copy debug output to the current terminal line Usage Guidelines Example WS5100 config if terminal no monitor WS5100 config if WS5100 config if terminal monitor WS5100 config if 12 1 18 tunnel gt Interface Config commands Use this CLI command to configure protocol over protocol tunneling Syntax tunnel destination source ttl tunnel destination A B C D tunnel source A B C D tunnel tt1 lt 1 255 gt interface Instance Parameters destination destination of tunnel packets source source of tunnel packets A B C D Internet Protocol IP ttl set time to live lt 1 255 gt ttl in seconds Usage Guidelines Example EXAMPLE OUTPUT HERE 12 25 12 26 WS5100 Series Switch CLI Reference Guide Extended ACL Instance Use config ext nac1 instance to configure the ip access list extended ACLs associated with the WS5100 Series Wireless Switch 13 1 Extended ACL Config Commands Table 13 7 summarizes the config ext nac1 commands within the WS5100 Series Switch command line Table 13 1 Extended ACL Config Command Summary
254. up an SA If an SA does not exist or if the packet fails any of the security checks bad authentication traffic does not match SA selectors etc it is discarded If all checks pass the packet is forwarded normally Syntax match lt list name gt Parameters list name Enter the name of the access list or acl id you wish to assign to this crypto map Usage Guidelines Crypto map entries do not directly contain the selectors used to determine which data to secure Instead the crypto map entry refers to an access control list An access control list ACL is assigned to the crypto map using the match address command see crypto map on page 151 If no ACL is configured for a crypto map then the entry is incomplete and will have no effect on the system The entries of the ACL used in a crypto map should be created with respect to traffic sent by the OS product The source information must be the local OS product and the destination must be the peer Only extended access lists can be used in crypto maps 10 8 AP 5131 Access Point Product Reference Guide Example The following example shows setting up an ACL called TestList and then assigning the new list to a crypto map called TestMap WS5100 config ip access list extended TestList Configuring New Extended ACL TestList config ext nacl exit WS5100 config crypto map TestMap 220 isakmp dynamic WS5100 config crypto map WS5100 config crypto m
255. upgrade gt Priv Exec Command Use this CLI command to upgrade the software image on the Ws5100 Series Switch Syntax upgrade URL background Parameters URL Location of firmware image Example WS5100 upgrade tftp 157 235 208 105 img var2 is 10 percent full tmp is 2 percent full Free Memory 161896 kB FWU invoked via Linux shell Running from partition dev hda5 partition to update is dev hda6 Reading image file header Removing other partition Sep 08 15 57 18 2006 KERN 6 INFO EXT3 FS on hdal internal journal aking file system Extracting files this can take some time Sep 08 15 57 23 2006 SKERN 6 INFO kjournald starting Commit interval 5 seconds Sep 08 15 57 23 2006 SKERN 6 INFO EXT3 FS on hda6 internal journal Sep 08 15 57 23 2006 SKERN 6 INFO EXT3 fs mounted filesystem with ordered data mode Sep 08 15 58 17 2006 DIAG 4 CPULOAD One minute average load limit exceeded value is 100 00 limit is 99 90 top process kernel ISR 100 00 Sep 08 15 58 44 2006 PM 4 PROCNORESP Process 4 39 4 40 WS5100 Series Switch CLI Reference Guide logd is not responding Sep 08 15 58 44 2006 P logd is not responding Sep 08 15 58 44 2006 P logd is not responding Sep 08 15 58 44 2006 P logd is not responding Version of firmware upda 19193x 4 PROCNOR 4 PROCNOR ESP Process ESP Process 4 P
256. upport for long preamble and mobile units that only support long preamble wont be able to associate Wireless Instance 17 33 speed Configure the basic and supported data rates speed 1 1 Mbps 11 11 Mbps 12 12 Mbps 18 18 Mbps 2 2 Mbps 24 24 Mbps 36 36 Mbps 48 48 Mbps 54 54 Mbps opo 5 5 Mbps 6 6 Mbps 9 9 Mbps basic basic 1 Mbps basic11 basic 11 Mbps basic12 basic 12 Mbps basic18 basic 18 Mbps basic basic 2 Mbps basic24 basic 24 Mbps basic36 basic 36 Mbps basic48 basic 48 Mbps basicb4 basic 54 Mbps basicop5 basic 5 5 Mbps basic6 basic 6 Mbps basic9 basic 9 Mbps default factory default rates based on radio type range all rates enabled the lowest one set to basic throughput all rates basic note only g clients allowed on 11bg radios 17 34 WS5100 Series Switch CLI Reference Guide wmm background best effort video voice aifsn lt 7 15 gt burst lt 0 65535 gt cw lt 0 15 gt 802 11e Wireless MultiMedia WMM parameters supported only on AP300 radio wmm background best effort video voice aifsn lt 1 15 gt burst lt 0 65535 gt cw lt 0 15 gt background background category traffic best effort best effort category traffic video video traffic category traffic voice voice traffic category traffic aifsn lt 7 15 gt Arbitration Inter Frame Spacing Number The wait time in milliseconds between data frames is derived using AIFSN and the slot ti
257. ure the IP Sec transportation mode Syntax mode transport tunnel crypto ipsec 9 3 Parameters transport Transport Mode tunnel Tunnel Mode Example WS5100 config crypto ipsec mode transport WS5100 config crypto ipsec 9 4 AP 5131 Access Point Product Reference Guide 9 1 2 show Syntax clrscr Parameters Displays all the parameters for which the information can be viewed using the show command Example WS5100 config crypto ipsec access list alarm log autoinstall banner boot clock commands crypto debugging environment file ftp history interfaces ip ldap licenses logging mac management mobility ntp password encryption privilege radius redundancy group redundancy history redundancy members running config securitymgr sessions snmp snmp server startup config terminal show Internet Protocol IP Display all alarms currently in the system autoinstall configuration Display Message of the Day Login banner Display boot configuration Display system clock Show command lists crypto Display debugging setting show environmental information Display filesystem information Display FTP Server configuration Display the session command history Interface status and configuration Internet Protocol IP ldap server Show any installed licenses Show logging configuration and buffer Media Access Control Display L3 Managment Interfac Di
258. us Used to radius server authentication Usage Guidelines Virtual Private Network Enables IP traffic to travel securely over a public TCP IP network by encrypting all traffic from one network to another A VPN uses tunneling to encrypt all information at the IP level Example 5 54 WS5100 Series Switch CLI Reference Guide 5 1 29 wireless gt Global Configuration Commands Use this CLI command to configure the wireless parameters of the WS5100 Series Wireless Switch This command will lead you to config wireless instance For more idetails see Wireless Instance on page 17 1 Syntax wireless Parameters None Usage Guidelines The wireless command is used to enter the config wireless instance wherein you can configure the WS5100 wireless parameters You can confirm that you have entrered the wireless instance as the prompt changes from the the regular ws5100 config t0 WS5100 config wireless Example WS5100 config wireless WS5100 config wireless crypto isakmp Use crypto isakmp policy priority to instantiate config crypto isakmp instance 6 1 Crypto lsakmp Config commands Table 6 1 summarizes the erypto isakmp commands within the WS5100 Series Switch command line interface Table 6 1 Trustpoint Config Commands Summary Command Description Ref authentication Set authentication method for protection suite page 6 3 clrscr Clears the display screen page 6 4 encryption Set e
259. user into local database Sep 08 17 41 55 2006 RADCONF User testuser is added to group sales 7 Use config radsrv nas to add a NAS entry for the group WS5100 config radsrv nas A B C D M Radius client IP address WS5100 config radsrv nas 10 10 10 0 24 key Radius client shared secret WS5100 config radsrv nas 10 10 10 0 24 key 0 Password is specified UNENCRYPTED 2 Password is encrypted with password encryption secret LINE The secret client shared secret upto 32 characters WS5100 config radsrv nas 10 10 10 0 24 key 0 very secret 8 Use config radsrv proxy to add a realm name for the group WS5100 config radsrv proxy realm mydomain com server 10 10 1 10 port 1812 secret 0 testing 9 Save the changes and restart the radius service WS5100 config radsrv service radius restart Sep 08 17 48 04 2006 SPM 5 PROCSTOP Process radiusd has been stopped Sep 08 17 48 05 2006 RADCONF radius config files generated successfully WS5100 config radsrv Sep 08 17 48 05 2006 SDAEMON 6 INFO radiusd 8830 Ready to process requests Radius Server Instance 16 21 16 1 8 help gt Radius Configuration Commands Use thie CLI command to access the systems interactive help system Syntax help Parameters None Usage Guidelines Example WS5100 config radsrv help help Description of the interactive help system WS5100 config radsrv help CLI pro
260. using the APs configuration interface Usage Guidelines Example Wireless Instance 17 11 17 1 7 country code gt Wireless Configuration Commands USe this CLI command to configure the country of operation All existing radio configuration will be erased when u use this command Syntax country code Parameters Abbrevation Use the country abbrevation to confiugre the WS5100 switch to operate in a particular country Usage Guidelines Example WS5100 config wireless country code ae United Arab Emirates ar Argentina at Austria au Australia ba Bosnia Herzegovina be Belgium bg Bulgaria bh Bahrain bm Bermuda br Brazil bs Bahamas by Belarus ca Canada ch Switzerland cl Chile cn China co Colombia cr Costa Rica cy Cyprus cz Czech Republic de Germany dk Denmark do Dominican Republic ec Ecuador ee Estonia eg Egypt es Spain 17 12 WS5100 Series Switch CLI Reference Guide fi fr gb Gt gu hk hr ht hu id ie il in is it jo jp kr kw kz li 1k lt lu lv ma mt mx my nl no nz om pe ph pl pt qa ro ru sa se sg si sk th Finland France United Kingdom Greece Guatemala Guam Hong Kong Honduras Croatia Haiti Hungary Indonesia Ireland Israel India Iceland Italy Jordan Japan South Korea Kuwait Kazakhstan Liechtenstein Sri Lanka Lithuania Luxembourg Latvia Orocco alta exico alaysia Netherlands Norway New Zealand Oman Peru Phi
261. vides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config radsrv 16 22 WS5100 Series Switch CLI Reference Guide 16 1 9 Idap server gt Radius Configuration Commands Use thie CLI command to configure LDAP server parameters Syntax ldap server primary secondary host A B C D Parameters primary primary ldap server configuration secondary secondary ldap server configuration host Idap server ip configuration A B C D ldap server ip address Usage Guidelines Example 16 1 10 nas gt Radius Configuration Commands Use this CLI to configure the RADIUS client Radius Server Instance Syntax nas A B C D M key 0 2 LINE Parameters A B C D M Radius Client IP address key Radius Client shared key 0 Password is specified UNENCRYPTED 2 Password is encrypted with password encryption secret LINE The secret client shared secret upto 32 characters Example WS5100 config radsrv nas A B C D M Radius
262. vilege Global Config Syntax show file information FILE systems Parameters information Display file information FILE Display information on FILE systems List filesystems Example WS5100 show file systems File Systems Size b Free b Type Prefix opaque system 13704192 11904000 flash nvram 19524608 16866304 flash flash network sftp network http network ftp network tftp WS5100 2 76 WS5100 Series Switch CLI Reference Guide 22 34 ftp gt Privilege Global Config Syntax show ftp Parameters None Example WS5100 show ftp FTP Server Disabled User Name anonymous or ftpuser Password KREE A ES Root dir flash WS5100 Common Commands 2 77 2 2 35 password encryption gt Priviledge Global Config Syntax show password encryption status Parameters status Display password encryption status Example WS5100 show password encryption status Password encryption is disabled WS5100 2 78 WS5100 Series Switch CLI Reference Guide 2 2 36 running contig gt Privilege Global Config Displays the contents of the configuration file for the switch including all configured MAC and IP access lists and which access groups are applied to an interface Syntax show running config full include factory Parameters full full configuration include factory Include Factory Defaults Example WS5100 show running config full 1 configuration of WS5100 version
263. w gt Trustpoint Config commands Use thie CLI command to view the current system information t hat is running on the WS5100 Series Wirteless Switch Syntax show lt parameter gt Parameters Displays all the parameters for which the information can be viewed using the show command Usage Guidelines Example WS5100 config trustpoint show access list Internet Protocol IP alarm log Display all alarms currently in the system autoinstall autoinstall configuration banner Display Message of the Day Login banner boot Display boot configuration clock Display system clock commands Show command lists crypto crypto debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface nam mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group redundancy history Display redundancy group parameters Display state transition history of the switch redundancy members running confi
264. w 10 16 AP 5131 Access Point Product Reference Guide crypto trustpoint Instance config crypto trustpoint CLI commands are used to define a Certificate Authority CA trustpoint This is a seperate instance by itself but belongs to the crypto pki trustpoint mode under config Instance 11 1 Trustpoint Config commands Table 11 7 summarizes the config crypto trustpoint commands within the WS5100 Series Switch command line interface Table 11 1 Trustpoint Config Commands Summary Command Description Ref clrscr Clears the display screen page 11 3 company name Company Name Applicable only for request page 11 4 email email page 11 5 11 2 WS5100 Series Switch CLI Reference Guide Command Description Ref end End current mode and change to EXEC mode page 11 exit End current mode and down to previous mode page 11 fqdn Domain Name Configuration page 11 help Description of the interactive help system page 11 ip address Internet Protocol IP page 11 1 no Negate a command or set its defaults page 11 1 password Challenge Password Applicable only for request page 11 1 rsakeypair Rsa Keypair to associate with the trustpoint page 11 1 service Service Commands page 11 1 show Show running system information page 11 1 subject name Subject Name is a collection of required parameters to configure a page 11 1 trustpoint 11 1 1 clrser gt Trustpoint Config commands Use th
265. w displays information about the current context If the current context contains instances then show command usually displays a list of these instances e Invoked with the display_parameter it displays information about that component Syntax show display_parameter Parameters Display Parameters Description Mode Example autoinstall Displays autoinstall configuration Common page 2 22 banner Displays message of the day login banner Common page 2 23 commands Displays command lists Common page 2 24 crypto Common page 2 25 environment Displays environmental information Common page 2 29 history Displays the session command history Common page 2 29 interfaces Displays interface status and configuration Common page 2 30 ip Displays internet protocol Common page 2 32 ldap Displays Idap server configuration parameters Common page 2 38 licenses Displays the installed licenses if any Common page 2 40 logging Displays logging configuration and buffer Common page 2 41 mac Displays media access control IP configuration Common page 2 42 management Displays L3 management interface name Common page 2 43 mobility Displays mobility parameters Common page 2 44 Common Commands Display Parameters Description Mode Example ntp Displays network time protocol Common page 2 47 privilege Displays current privilege level Common pag
266. wledge alarms lt 1 65535 gt Acknowledge specific alarm id all Acknowledge all alarms Example WS5100 acknowledge alarm log all No corresponding record found in the Alarm Log WS5100 acknowledge alarm log 200 No corresponding record found in the Alarm Log WS5100 4 1 2 archive gt Priv Exec Command Use this command to manage archive files Syntax Privileged Exec Commands 4 5 archive tar table FILE URL archive tar create FILE URL FILE archive tar xtract FILE URL DIR Parameters tar Use to manipulate create list or extract a tar file table List files in a tar file create Create a tar file xtract Extract files from a tar file FILE Tar filename URL Tar file URL Example How to zip the folder flash log WS5100 archive tar create flash out tar flash log tar Removing leadi flash log flash log snmpd log flash log messages flash log startup 1 flash log radius WS5100 dir flash Viewing the output tar file Directory of flash drwx 1024 drwx 120 drwx 1024 drwx 1024 rw 173056 ng UF log og Thu Aug Fri Sep Thu Sep Wed Aug Fri Sep 08 T2 16 T5 14 29 220 23 30 39 27 50 34 19 48 from member names 2006 2006 2006 2006 2006 hotspot log crashinfo backup out tar 4 6 WS5100 Series Switch CLI Reference Guide Which files are tared WS5100 archive tar table flash
267. x exit Parameters None Usage Guidelines Example WS5100 config trustpoint exit WS5100 config 11 8 WS5100 Series Switch CLI Reference Guide 11 1 6 fqdn gt Trustpoint Config commands Use this CLI command to configure the domain name of the trustpoint Syntax fqdn Parameters None Usage Guidelines Example WS5100 config trustpoint fqdn RetailKing com WS5100 config trustpoint crypto trustpoint Instance 11 9 11 1 7 help gt Trustpoint Config commands Use thie CLI command to access the systems interactive help system Syntax help Parameters None Usage Guidelines Example WS5100 config trustpoint help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config trustpoint 11 10 WS5100 Series Switch CLI Reference Guide 11 1 8 ip address gt Trustpoint Config commands Use this CLI command to configure a IP adress for the trustpoint Syntax ip address Parameters A B C D Enter
268. y prefer version lt 1 4 gt server WORD key lt 1 65534 gt prefer version lt 1 4 gt server WORD prefer version lt 1 4 gt server TestPeer version lt 1 4 gt trusted key lt 1 65534 gt Parameters Global Configuration Commands 5 33 access group Control NTP access peer Provide full access query only Allow only control queries serve Provide server and query access serve only Provide only server access lt 1 99 gt Standard IP access list lt 1300 1999 gt Standard IP access list expanded range authenticate Authenticate time sources authentication key Authentication key for trusted time sources md5 MD5 authentication WORD Authentication key autokey Enable NTP autokey authentication scheme client only Switch will be a client to other trusted hosts in the autokey group host Configure the switch as a trusted host broadcast Configure NTP broadcast service client Listen to NTP broadcasts destination Configure broadcast destination address WORD Destination broadcast IP address key Broadcast key lt 1 65534 gt Key ID version NTP version lt 1 4 gt NTP Version number broadcastdelay Estimated round trip delay lt 1 999999 gt Round trip delay in microseconds 5 34 WS5100 Series Switch CLI Reference Guide master Act as a NTP master clock lt 1 15 gt Stratum number for the N
269. y and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve WS5100 config crypto peer 8 1 5 no Use this CLI command to negate a command or set its defaults Syntax no lt previous command used gt Parameters Use the commands that you have configured under this instance Example WS5100 config crypto peer no aggrerssive mode WS5100 config crypto peer crypto peer 8 7 8 8 AP 5131 Access Point Product Reference Guide 8 1 6 service Use this CLI command to invoke the service commands to trobuleshoot or debug the config crypto isakmp instance configurations Syntax service clear diag shell save cli show start shell tethereal Parameters clear Remove specified support information diag shell Provide diag shell access save cli Save CLI tree for all modes in html format show Show running system information start shell Provide shell access tethereal Dump and analyze network traffic Example WS5100 config crypto peer service show fol Bal command history crash info info last passwd reboot history startup log upgrade history S D D S D S S
270. y technical problem question or support issue involving Symbol products If the Symbol Customer Support specialists cannot solve a problem access to all technical disciplines within Symbol becomes available for further assistance and support Symbol Customer Support responds to calls by email telephone or fax within the time limits set forth in individual contractual agreements When contacting Symbol Customer Support please provide the following information e serial number of unit e model number or product name e software type and version number North American Contacts Inside North America Symbol Technologies Inc One Symbol Plaza Holtsville New York 11742 1300 Telephone 1 631 738 2400 1 800 SCAN 234 Fax 1 631 738 5990 Symbol Support Center for warranty and service information telephone 1 800 653 5350 fax 631 738 5410 Email support symbol com xii WS5100 Series Switch CLI Reference Guide International Contacts Outside North America Symbol Technologies Symbol Place Winnersh Triangle Berkshire RG41 5TP United Kingdom 0800 328 2424 Inside UK 44 118 945 7529 Outside UK Web Support Sites MySymbolCare http Awww symbol com services msc msc html Symbol Services Homepage http symbol com services Symbol WS5100 Manuals http www symbol com legacy_manuals wire ws5100 html Symbol Developer Program http devzone symbol com Additional Information Obtain additional infor
Download Pdf Manuals
Related Search
Related Contents
Indoor Unit Outdoor Unit CS-YE9QKE CS-YE12QKE CS Hubbell Electric Fire Pump Controllers LXi 2200 User's Manual Sony CDX-C90 User's Manual dad cameroun Philips FW391C User's Manual conectar a los dispositivos antes de empezar sugerencias FORIS FX2301TV 取扱説明書 Avaya X.25 User's Manual Bosch Video Management System 5.5.5 Copyright © All rights reserved.
Failed to retrieve file