ملخص المحتوى في الصفحة رقم 1
Wireless LAN Mobility System
Wireless LAN Switch and Controller
Configuration Guide
WX4400 3CRWX440095A
WX2200 3CRWX220095A
WX1200 3CRWX120695A
WXR100 3CRWXR10095A
http://www.3Com.com/
Part No. 10015909
Published June 2007
ملخص المحتوى في الصفحة رقم 2
3Com Corporation Copyright © 2007, 3Com Corporation. All rights reserved. No part of this documentation may be reproduced in any form or by any means or used to make any derivative work (such as translation, transformation, or 350 Campus Drive adaptation) without written permission from 3Com Corporation. Marlborough, MA USA 3Com Corporation reserves the right to revise this documentation and to make changes in content from time 01752-3064 to time without obligation on the part of 3Com Corpor
ملخص المحتوى في الصفحة رقم 3
CONTENTS ABOUT THIS GUIDE Conventions 23 Documentation 24 Documentation Comments 25 1 USING THE COMMAND-LINE INTERFACE Overview 27 CLI Conventions 27 Command Prompts 28 Syntax Notation 28 Text Entry Conventions and Allowed Characters 28 User Globs, MAC Address Globs, and VLAN Globs 30 Port Lists 32 Virtual LAN Identification 33 Command-Line Editing 33 Keyboard Shortcuts 33 History Buffer 34 Tabs 34 Single-Asterisk (*) Wildcard Character 34 Double-Asterisk (**) Wildcard Characters 34 Using CLI He
ملخص المحتوى في الصفحة رقم 4
Web Quick Start Parameters 40 Web Quick Start Requirements 41 Accessing the Web Quick Start 41 CLI quickstart Command 44 Quickstart Example 46 Remote WX Configuration 49 Opening the QuickStart Network Plan in 3Com Wireless Switch Manager 49 3 CONFIGURING AAA FOR ADMINISTRATIVE AND LOCAL ACCESS Overview 51 Before You Start 54 About Administrative Access 54 Access Modes 54 Types of Administrative Access 54 First-Time Configuration via the Console 55 Enabling an Administrator 55 Setting the WX Swi
ملخص المحتوى في الصفحة رقم 5
Setting the Maximum Number of Login Attempts 67 Specifying Minimum Password Length 68 Configuring Password Expiration Time 69 Restoring Access to a Locked-Out User 70 Displaying Password Information 70 5 CONFIGURING AND MANAGING PORTS AND VLANS Configuring and Managing Ports 71 Setting the Port Type 71 Configuring a Port Name 77 Configuring Interface Preference on a Dual-Interface Gigabit Ethernet Port (WX4400 only) 78 Configuring Port Operating Parameters 79 Displaying Port Information 81 Conf
ملخص المحتوى في الصفحة رقم 6
Configuring the System IP Address 108 Designating the System IP Address 108 Displaying the System IP Address 108 Clearing the System IP Address 108 Configuring and Managing IP Routes 108 Displaying IP Routes 110 Adding a Static Route 111 Removing a Static Route 112 Managing the Management Services 113 Managing SSH 113 Managing Telnet 116 Managing HTTPS 118 Changing the Idle Timeout for CLI Management Sessions 119 Setting a Message of the Day (MOTD) Banner 120 Prompting the User to Acknowledge th
ملخص المحتوى في الصفحة رقم 7
Adding an ARP Entry 131 Changing the Aging Timeout 131 Pinging Another Device 132 Logging In to a Remote Device 132 Tracing a Route 133 IP Interfaces and Services Configuration Scenario 135 7 CONFIGURING SNMP Overview 139 Configuring SNMP 139 Setting the System Location and Contact Strings 140 Enabling SNMP Versions 140 Configuring Community Strings (SNMPv1 and SNMPv2c Only) 140 Creating a USM User for SNMPv3 141 Setting SNMP Security 143 Configuring a Notification Profile 144 Configuring a Noti
ملخص المحتوى في الصفحة رقم 8
Configuring WX-WX Security 158 Monitoring the VLANs and Tunnels in a Mobility Domain 159 Displaying Roaming Stations 159 Displaying Roaming VLANs and Their Affinities 160 Displaying Tunnel Information 160 Understanding the Sessions of Roaming Users 161 Requirements for Roaming to Succeed 161 Effects of Timers on Roaming 162 Monitoring Roaming Sessions 162 Mobility Domain Scenario 163 9 CONFIGURING NETWORK DOMAINS About the Network Domain Feature 165 Network Domain Seed Affinity 168 Configuring a
ملخص المحتوى في الصفحة رقم 9
Configuring MAPs 213 Specifying the Country of Operation 213 Configuring an Auto-AP Profile for Automatic MAP Configuration 218 Configuring MAP Port Parameters 224 Configuring MAP-WX Security 229 Configuring a Service Profile 233 Configuring a Radio Profile 240 Configuring Radio-Specific Parameters 246 Mapping the Radio Profile to Service Profiles 249 Assigning a Radio Profile and Enabling Radios 249 Disabling or Reenabling Radios 250 Enabling or Disabling Individual Radios 250 Disabling or Reen
ملخص المحتوى في الصفحة رقم 10
Setting Strictness for RF Load Balancing 270 Exempting an SSID from RF Load Balancing 271 Displaying RF Load Balancing Information 271 12 CONFIGURING WLAN MESH SERVICES WLAN Mesh Services Overview 273 Configuring WLAN Mesh Services 274 Configuring the Mesh AP 275 Configuring the Service Profile for Mesh Services 276 Configuring Security 276 Enabling Link Calibration Packets on the Mesh Portal MAP 277 Deploying the Mesh AP 277 Configuring Wireless Bridging 278 Displaying WLAN Mesh Services Inform
ملخص المحتوى في الصفحة رقم 11
Enabling Dynamic WEP in a WPA Network 304 Configuring Encryption for MAC Clients 306 14 CONFIGURING RF AUTO-TUNING Overview 311 Initial Channel and Power Assignment 311 Channel and Power Tuning 312 RF Auto-Tuning Parameters 314 Changing RF Auto-Tuning Settings 316 Selecting Available Channels on the 802.11a Radio 316 Changing Channel Tuning Settings 316 Changing Power Tuning Settings 317 Locking Down Tuned Settings 318 Displaying RF Auto-Tuning Information 319 Displaying RF Auto-Tuning Settings
ملخص المحتوى في الصفحة رقم 12
Enabling U-APSD Support 342 Configuring Call Admission Control 343 Configuring Static CoS 343 Changing CoS Mappings 344 Using the Client’s DSCP Value to Classify QoS Level 344 Enabling Broadcast Control 345 Displaying QoS Information 345 Displaying a Radio Profile’s QoS Settings 345 Displaying a Service Profile’s QoS Settings 346 Displaying CoS Mappings 347 Displaying the DSCP Table 349 Displaying MAP Forwarding Queue Statistics 349 17 CONFIGURING AND MANAGING SPANNING TREE PROTOCOL Overview 351
ملخص المحتوى في الصفحة رقم 13
18 CONFIGURING AND MANAGING IGMP SNOOPING Overview 369 Disabling or Reenabling IGMP Snooping 369 Disabling or Reenabling Proxy Reporting 370 Enabling the Pseudo-Querier 370 Changing IGMP Timers 370 Changing the Query Interval 371 Changing the Other-Querier- Present Interval 371 Changing the Query Response Interval 371 Changing the Last Member Query Interval 371 Changing Robustness 371 Enabling Router Solicitation 372 Changing the Router Solicitation Interval 372 Configuring Static Multicast Port
ملخص المحتوى في الصفحة رقم 14
Mapping Security ACLs 390 Mapping User-Based Security ACLs 390 Mapping Security ACLs to Ports, VLANs, Virtual Ports, or Distributed MAPs 392 Modifying a Security ACL 394 Adding Another ACE to a Security ACL 394 Placing One ACE before Another 395 Modifying an Existing Security ACL 396 Clearing Security ACLs from the Edit Buffer 397 Using ACLs to Change CoS 399 Filtering Based on DSCP Values 399 Enabling Prioritization for Legacy Voice over IP 401 General Guidelines 402 Enabling VoIP Support for
ملخص المحتوى في الصفحة رقم 15
Key and Certificate Configuration Scenarios 427 Creating Self-Signed Certificates 427 Installing CA-Signed Certificates from PKCS #12 Object Files 429 Installing CA-Signed Certificates Using a PKCS #10 Object File (CSR) and a PKCS #7 Object File 431 21 CONFIGURING AAA FOR NETWORK USERS About AAA for Network Users 433 Authentication 433 Authorization 438 Accounting 440 Summary of AAA Features 440 AAA Tools for Network Users 441 “Globs” and Groups for Network User Classification 442 AAA Methods f
ملخص المحتوى في الصفحة رقم 16
Configuring Last-Resort Access for Wired Authentication Ports 481 Configuring AAA for Users of Third-Party APs 482 Authentication Process for Users of a Third-Party AP 482 Requirements 483 Configuring Authentication for 802.1X Users of a Third-Party AP with Tagged SSIDs 484 Configuring Authentication for Non-802.1X Users of a Third-Party AP with Tagged SSIDs 487 Configuring Access for Any Users of a Non-Tagged SSID 487 Assigning Authorization Attributes 487 Assigning Attributes to Users and Gr
ملخص المحتوى في الصفحة رقم 17
22 CONFIGURING COMMUNICATION WITH RADIUS RADIUS Overview 519 Before You Begin 521 Configuring RADIUS Servers 521 Configuring Global RADIUS Defaults 522 Setting the System IP Address as the Source Address 523 Configuring Individual RADIUS Servers 523 Deleting RADIUS Servers 524 Configuring RADIUS Server Groups 524 Creating Server Groups 525 Deleting a Server Group 527 RADIUS and Server Group Configuration Scenario 528 23 MANAGING 802.1X ON THE WX SWITCH Managing 802.1X on Wired Authentication Por
ملخص المحتوى في الصفحة رقم 18
24 CONFIGURING SODA ENDPOINT SECURITY FOR A WX SWITCH About SODA Endpoint Security 543 SODA Endpoint Security Support on WX Switches 544 How SODA Functionality Works on WX Switches 545 Configuring SODA Functionality 546 Configuring Web Portal WebAAA for the Service Profile 547 Creating the SODA Agent with SODA Manager 547 Copying the SODA Agent to the WX Switch 549 Installing the SODA Agent Files on the WX Switch 549 Enabling SODA Functionality for the Service Profile 550 Disabling Enforcement o
ملخص المحتوى في الصفحة رقم 19
26 ROGUE DETECTION AND COUNTERMEASURES Overview 567 About Rogues and RF Detection 567 Rogue Access Points and Clients 567 RF Detection Scans 571 Countermeasures 572 Mobility Domain Requirement 572 Summary of Rogue Detection Features 573 Configuring Rogue Detection Lists 574 Configuring a Permitted Vendor List 574 Configuring a Permitted SSID List 576 Configuring a Client Black List 577 Configuring an Attack List 578 Configuring an Ignore List 579 Enabling Countermeasures 580 Using On-Demand Coun
ملخص المحتوى في الصفحة رقم 20
27 MANAGING SYSTEM FILES About System Files 599 Displaying Software Version Information 599 Displaying Boot Information 601 Working with Files 602 Displaying a List of Files 602 Copying a File 604 Using an Image File’s MD5 Checksum To Verify Its Integrity 606 Deleting a File 607 Creating a Subdirectory 608 Removing a Subdirectory 608 Managing Configuration Files 609 Displaying the Running Configuration 609 Saving Configuration Changes 610 Specifying the Configuration File to Use After the Next R