Resumen del contenido incluido en la página 1
Part No. NN47250-500
November 2008
4655 Great America Parkway
Santa Clara, CA 95054
Nortel WLAN—Security
Switch 2300 Series
Configuration Guide
Resumen del contenido incluido en la página 2
2 Copyright © 2007-2008 Nortel Networks. All rights reserved. The information in this document is subject to change without notice. The statements, configurations, technical data, and recommendations in this document are believed to be accurate and reliable, but are presented without express or implied warranty. Users must take full responsibility for their applications of any products specified in this document. The information in this document is proprietary to Nortel Networks. Trademarks a
Resumen del contenido incluido en la página 3
3 In addition, the program and information contained herein are licensed only pursuant to a license agreement that contains restrictions on use and disclosure (that may incorporate by reference certain limitations and notices imposed by third parties). Legal Information This section includes the following legal information: � “Trademarks and Service Marks” (page 2) � “Limited Product Warranty” (page 3) � “Nortel Networks software license agreement” (page 5) � “SSH Source Code Statement” (pa
Resumen del contenido incluido en la página 4
4 The End Customer or their designated reseller must obtain a Return Material Authorization number (RMA number) from Nortel for the non-conforming Product and the non-conforming Product must be returned to Nortel according to the then-current RMA procedures. The End Customer or their designated reseller is responsible to ensure that the shipments are insured, with the transportation charges prepaid and that the RMA number is clearly marked on the outside of the package. Nortel will not accep
Resumen del contenido incluido en la página 5
5 LIABILITY IN CONNECTION WITH THE SALE, INSTALLATION, MAINTENANCE OR USE OF ITS PRODUCTS. Nortel Networks software license agreement This Software License Agreement (“License Agreement”) is between you, the end-user (“Customer”) and Nortel Corporation and its subsidiaries and affiliates (“Nortel Networks”). PLEASE READ THE FOLLOWING CAREFULLY. YOU MUST ACCEPT THESE LICENSE TERMS IN ORDER TO DOWNLOAD AND/OR USE THE SOFTWARE. USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF THIS LICENSE AGR
Resumen del contenido incluido en la página 6
6 a)If Customer is the United States Government, the following paragraph shall apply: All Nortel Software available under this License Agreement is commercial computer software and commercial computer software documentation and, in the event Software is licensed for or on behalf of the United States Government, the respective rights to the software and software documentation are governed by Nortel standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sections 1
Resumen del contenido incluido en la página 7
7 OpenSSL Project License Statements Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEAPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
Resumen del contenido incluido en la página 8
8 NN47250-500 (Version 03.01)
Resumen del contenido incluido en la página 9
Contents 9 Contents Contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 How to get help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Introducing the Nortel WLAN 2300 system . . . . . . . . . . . . . . . . . . . . . . . . . 39 Nortel WLAN 2300 system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 Documentation . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 10
10 Contents WSS setup methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Quick starts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57 WLAN Management Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 CLI . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 11
Contents 11 Local authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87 Local authentication for console users and RADIUS authentication for Telnet users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88 Local override and backup local authentication . . . . . . . . . . . . . . . . . . . . . . . 89 Authentication when RADIUS servers do not respond . . . . . . . . . . . . . . . . . . 90 Managi
Resumen del contenido incluido en la página 12
12 Contents Displaying port information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Displaying port configuration and status . . . . . . . . . . . . . . . . . . . . . . . . . 113 Displaying PoE state . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 Displaying port statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 Clearing statistics counters . . . . . . . . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 13
Contents 13 Adding an entry to the forwarding database . . . . . . . . . . . . . . . . . . . . . . . . . 135 Removing entries from the forwarding database . . . . . . . . . . . . . . . . . . . . . 136 Configuring the aging timeout period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 Displaying the aging timeout period . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 Changing the aging timeout period . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137 Port
Resumen del contenido incluido en la página 14
14 Contents Changing the Telnet service port number . . . . . . . . . . . . . . . . . . . . . . . . 165 Resetting the Telnet service port number to its default . . . . . . . . . . . . . . 165 Managing Telnet server sessions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165 Managing HTTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166 Enabling HTTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Resumen del contenido incluido en la página 15
Contents 15 Displaying NTP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 Managing the ARP table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186 Displaying ARP table entries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Adding an ARP entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 Changing the aging timeout . . . . . . . . . . .
Resumen del contenido incluido en la página 16
16 Contents Configuring the seed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 Configuring member WSSs on the seed . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 Configuring a member . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218 Configuring mobility domain seed redundancy . . . . . . . . . . . . . . . . . . . . . . . 218 Displaying Mobility Domain status . . . . . . . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 17
Contents 17 Clearing a network domain peer from a network domain seed . . . . . . . . . . . 244 Clearing network domain seed or member configuration from a WSS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 Network domain scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 Configuring RF load balancing for APs. . . . . . . . . . . . . . . . . . . . . . . . . . . 249 RF load balancing overview
Resumen del contenido incluido en la página 18
18 Contents Default radio profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286 Radio-specific parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 Configuring global AP parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 Specifying the country of operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 Configuring an auto-AP profile for automatic AP configuration . . .
Resumen del contenido incluido en la página 19
Contents 19 Enforcing the Data Rates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309 Disabling idle-client probing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Changing the user idle timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Changing the short retry threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310 Changing the long retry threshold . . . . . . . . . . . . . . . . . . . . . . . . . .
Resumen del contenido incluido en la página 20
20 Contents WLAN mesh services overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 Configuring WLAN mesh services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 Configuring the Mesh AP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 Configuring the Service Profile for Mesh Services . . . . . . . . . . . . . . . . . . . . 356 Configuring Security . . . . . . . . . . . . . . . . . . . . . . . . .