Inhaltszusammenfassung zur Seite Nr. 1
Part No. NN47250-500
November 2008
4655 Great America Parkway
Santa Clara, CA 95054
Nortel WLAN—Security
Switch 2300 Series
Configuration Guide
Inhaltszusammenfassung zur Seite Nr. 2
2 Copyright © 2007-2008 Nortel Networks. All rights reserved. The information in this document is subject to change without notice. The statements, configurations, technical data, and recommendations in this document are believed to be accurate and reliable, but are presented without express or implied warranty. Users must take full responsibility for their applications of any products specified in this document. The information in this document is proprietary to Nortel Networks. Trademarks a
Inhaltszusammenfassung zur Seite Nr. 3
3 In addition, the program and information contained herein are licensed only pursuant to a license agreement that contains restrictions on use and disclosure (that may incorporate by reference certain limitations and notices imposed by third parties). Legal Information This section includes the following legal information: � “Trademarks and Service Marks” (page 2) � “Limited Product Warranty” (page 3) � “Nortel Networks software license agreement” (page 5) � “SSH Source Code Statement” (pa
Inhaltszusammenfassung zur Seite Nr. 4
4 The End Customer or their designated reseller must obtain a Return Material Authorization number (RMA number) from Nortel for the non-conforming Product and the non-conforming Product must be returned to Nortel according to the then-current RMA procedures. The End Customer or their designated reseller is responsible to ensure that the shipments are insured, with the transportation charges prepaid and that the RMA number is clearly marked on the outside of the package. Nortel will not accep
Inhaltszusammenfassung zur Seite Nr. 5
5 LIABILITY IN CONNECTION WITH THE SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS. Nortel Networks software license agreement This Software License Agreement (“License Agreement”) is between you, the end-user (“Customer”) and Nortel Corporation and its subsidiaries and affiliates (“Nortel Networks”). PLEASE READ THE FOLLOWING CAREFULLY. YOU MUST ACCEPT THESE LICENSE TERMS IN ORDER TO DOWNLOAD AND/OR USE THE SOFTWARE. USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF THIS LICENSE AGR
Inhaltszusammenfassung zur Seite Nr. 6
6 a)If Customer is the United States Government, the following paragraph shall apply: All Nortel Software available under this License Agreement is commercial computer software and commercial computer software documentation and, in the event Software is licensed for or on behalf of the United States Government, the respective rights to the software and software documentation are governed by Nortel standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sections 1
Inhaltszusammenfassung zur Seite Nr. 7
7 OpenSSL Project License Statements Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEAPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
Inhaltszusammenfassung zur Seite Nr. 8
8 NN47250-500 (Version 03.01)
Inhaltszusammenfassung zur Seite Nr. 9
Contents 9 Contents Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 How to get help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Introducing the Nortel WLAN 2300 system . . . . . . . . . . . . . . . . . . . . . . . . . 39 Nortel WLAN 2300 system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Documentation . . . . . . . . . . . . . .
Inhaltszusammenfassung zur Seite Nr. 10
10 Contents WSS setup methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Quick starts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 WLAN Management Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 CLI . . . . . . . . . . . . . . . .
Inhaltszusammenfassung zur Seite Nr. 11
Contents 11 Local authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Local authentication for console users and RADIUS authentication for Telnet users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Local override and backup local authentication . . . . . . . . . . . . . . . . . . . . . . . 89 Authentication when RADIUS servers do not respond . . . . . . . . . . . . . . . . . . 90 Managi
Inhaltszusammenfassung zur Seite Nr. 12
12 Contents Displaying port information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Displaying port configuration and status . . . . . . . . . . . . . . . . . . . . . . . . . 113 Displaying PoE state . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Displaying port statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 Clearing statistics counters . . . . . . . . . . . . . . . . . . . . . . .
Inhaltszusammenfassung zur Seite Nr. 13
Contents 13 Adding an entry to the forwarding database . . . . . . . . . . . . . . . . . . . . . . . . . 135 Removing entries from the forwarding database . . . . . . . . . . . . . . . . . . . . . 136 Configuring the aging timeout period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 Displaying the aging timeout period . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 Changing the aging timeout period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 Port
Inhaltszusammenfassung zur Seite Nr. 14
14 Contents Changing the Telnet service port number . . . . . . . . . . . . . . . . . . . . . . . . 165 Resetting the Telnet service port number to its default . . . . . . . . . . . . . . 165 Managing Telnet server sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165 Managing HTTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 Enabling HTTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Inhaltszusammenfassung zur Seite Nr. 15
Contents 15 Displaying NTP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 Managing the ARP table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 Displaying ARP table entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Adding an ARP entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Changing the aging timeout . . . . . . . . . . .
Inhaltszusammenfassung zur Seite Nr. 16
16 Contents Configuring the seed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 Configuring member WSSs on the seed . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 Configuring a member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218 Configuring mobility domain seed redundancy . . . . . . . . . . . . . . . . . . . . . . . 218 Displaying Mobility Domain status . . . . . . . . . . . . . . . . . . . . . .
Inhaltszusammenfassung zur Seite Nr. 17
Contents 17 Clearing a network domain peer from a network domain seed . . . . . . . . . . . 244 Clearing network domain seed or member configuration from a WSS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 Network domain scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 Configuring RF load balancing for APs. . . . . . . . . . . . . . . . . . . . . . . . . . . 249 RF load balancing overview
Inhaltszusammenfassung zur Seite Nr. 18
18 Contents Default radio profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286 Radio-specific parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 Configuring global AP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 Specifying the country of operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 Configuring an auto-AP profile for automatic AP configuration . . .
Inhaltszusammenfassung zur Seite Nr. 19
Contents 19 Enforcing the Data Rates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309 Disabling idle-client probing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Changing the user idle timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Changing the short retry threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Changing the long retry threshold . . . . . . . . . . . . . . . . . . . . . . . . . .
Inhaltszusammenfassung zur Seite Nr. 20
20 Contents WLAN mesh services overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 Configuring WLAN mesh services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 Configuring the Mesh AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 Configuring the Service Profile for Mesh Services . . . . . . . . . . . . . . . . . . . . 356 Configuring Security . . . . . . . . . . . . . . . . . . . . . . . . .