Resumen del contenido incluido en la página 1
WIRELESS LAN SWITCH AND CONTROLLER
MSS VERSION 6.0.4.6 RELEASE NOTES
Related Documentation What’s New in MSS Version 6.0
Please use these notes in conjunction with the following:
MSS Version 6.0 contains the following enhancements:
■ Wireless LAN Switch and Controller Quick Start Guide
■ New AP3150 and AP3850 support
■ Wireless LAN Switch and Controller Hardware
■ 802.1x Client Diagnostic Enhancement (additional
Installation Guide
debug information)
■ Wireless LAN Switch and Controller
■ SNM
Resumen del contenido incluido en la página 2
2 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES ■ RF Load Balancing Product Upgrade Path ■ Logout for Web Authentication WXR100 4.x -> 4.2.10.2.0 -> 6.0 ■ Mobility Domain WX Seed Redundancy WX1200 4.x -> 4.2.10.2.0 -> 6.0 ■ Local Switching (AP3850 only) WX4400 4.x -> 4.2.10.2.0 -> 6.0 WX2200 4.x -> 4.2.10.2.0 -> 6.0 ■ Mesh Services (AP3850 only) ■ Wireless Bridging (AP3850 only) CAUTION: Do not attempt to upgrade directly from ■ Enforceable Beacon Data Rate Control 4.2.3.
Resumen del contenido incluido en la página 3
Points to Note When Using the WXR100, WX1200, WX4400, or WX2200 3 backup, refer to the section titled “Backing Up and all Network changes before attempting to deploy any Restoring the System” on page 613 of the MSS con- Local changes. figuration guide. For details on the procedure for 7 After Network changes have been accepted and the 3WXM, refer to the section titled “Upgrading switch status has been refreshed, carefully examine 3WXM” of the 3WXM Reference Manual. any remaining Local chang
Resumen del contenido incluido en la página 4
4 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES Client and AAA Best Practices Protocol Advantages Disadvantages EAP-TTLS ■ Does not require ■ Requires third-party Follow these best-practice recommendations during client certificates 802.1X client software configuration and implementation to avoid or solve ■ Broadest compatibil- ■ Username/pass- issues you might experience. ity with user directo- word-based access ries might not be as Get Clients and AAA Working First
Resumen del contenido incluido en la página 5
Points to Note When Using the WXR100, WX1200, WX4400, or WX2200 5 Wireless NICs As new drivers are released by the manufacturers, 3Com expects general compatibility to improve. Most wireless NICs available now support 802.1X authentication. The following table lists the NICs that Mfgr Model, Driver, OS WEP Mixed TKIP CCMP Web have been used successfully with MSS. The majority and Driver Date TKIP/ were tested using recently available drivers using the WEP Microsoft native 802.1X client and
Resumen del contenido incluido en la página 6
6 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES Mfgr Model, Driver, OS WEP Mixed TKIP CCMP Web Mfgr Model, Driver, OS WEP Mixed TKIP CCMP Web and Driver Date TKIP/ and Driver Date TKIP/ WEP WEP Cisco Aironet 350 XP Pass Pass Not Not Not Linksys WPC54G 1.0 XP Pass Pass Pass Pass Pass Tested Tested Tested 3.60.7.0, 3/22/2004 † Dell TrueMobile 1150 XP Fail Fail NA NA Pass A00 Linksys WPC54GS XP Pass Pass Pass Pass Pass 7.43.0.9 3.50.21.10, 1/23/2004 ‡ Dell TrueMobile 1150 X
Resumen del contenido incluido en la página 7
Points to Note When Using the WXR100, WX1200, WX4400, or WX2200 7 Conversely, some adapters can associate only with a Mfgr Model, Driver, OS WEP Mixed TKIP CCMP Web and Driver Date TKIP/ beaconed SSID. Determine whether to beacon the WEP clear SSID based on the types of clients in the net- SMC SMC2835W XP Pass Pass Pass NA Pass work. 1.0 (99-012084-163) Standby mode can prevent some clients from reasso- 1.0.17.0, 6/16/2003 ciating. If a laptop PC whose wireless adapter is asso- Symbol LA-412
Resumen del contenido incluido en la página 8
8 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES Windows XP Windows XP is a popular platform for ■ Download current drivers for your NICs from the wireless clients because of its native support of 802.1X NIC vendor(s). authentication and simplified configuration of wireless ■ If your wireless NIC’s driver includes the AEGIS pro- networks. If you choose to use the 802.1X client tocol manager for WPA support, 3Com recom- built-in to Windows XP, please note the following: m
Resumen del contenido incluido en la página 9
Points to Note When Using the WXR100, WX1200, WX4400, or WX2200 9 Windows 2000 Many enterprises have a large ■ Windows 2000 does not include a full implemen- installed base of Windows 2000 laptops, making this tation of the Wireless Zero-Config service from a common choice of platform. Windows 2000 Service Windows XP, so you will need to use the client Pack 4 includes a native 802.1X client. If you choose manager software provided with your NIC to con- to use the 802.1X client built-in to Wind
Resumen del contenido incluido en la página 10
10 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES authenticates. You must contact Microsoft techni- ■ The Panther client will only connect successfully to an SSID which is only dynamic WEP, or only cal support for this hotfix. It is not available from WPA/TKIP. Any other configuration involving WEP their website. For more information on computer with WPA enabled or AES is not supported by the authentication, see “Computer Authentication”. current Panther client. If yo
Resumen del contenido incluido en la página 11
Points to Note When Using the WXR100, WX1200, WX4400, or WX2200 11 tory domain. Microsoft Knowledgebase Article Feature Scenario Requiring Computer Authentication KB313407 explains how to enable the automatic Active Directory computer Computer–based Group Policy is applied during distribution of computer certificates through Group Policy computer start up and at timed intervals—even when no on is logged in to windows. Active Directory. Network logon scripts Network logon scripts are run dur
Resumen del contenido incluido en la página 12
12 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES Computer authentication also requires specific con- ture. A result of NT (Not Tested) indicates that the fea- figuration considerations on the WX switch: ture was not tested. ■ The username of a computer authentication connection RADIUS Servers Tested will be in the form of host/fully-qualified-domain-name, for example host/bob-laptop.3Com.com or Win Win Funk Cisco Free- Configuration 2000 IAS 2003 IAS Steel ACS Radius ho
Resumen del contenido incluido en la página 13
Points to Note When Using the WXR100, WX1200, WX4400, or WX2200 13 ■ Windows 2000 with Service Pack 4 ent’s re-association attempt because the key infor- mation presented by the client is invalid. ■ Cisco ACS 3.2 or later is required to support PEAP-MS-CHAP-V2 If you experience this issue, clear the Session-Time- out attribute on the affected users. WPA The WX switch will not force a reauthentication of WPA compatibility testing was conducted with a vari- WPA/TKIP and WPA/CCMP users periodica
Resumen del contenido incluido en la página 14
14 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES http://www.verisign.com If you require the same MAC user to be able to con- nect to more than one SSID, you can use encryption http://www.entrust.com assignment to enforce the type of encryption a user http://www.microsoft.com or group must have to access the network. When you assign the Encryption-Type attribute to a user or If you use a self-signed certificate, configure the cli- group, the encryption type or types are
Resumen del contenido incluido en la página 15
Points to Note When Using the WXR100, WX1200, WX4400, or WX2200 15 ■ Access to 3WXM. To secure access, configure user Configure a username and password, so that MSS accounts within 3WXM. requires login even for console access. Usernames and their passwords are not specific to the type of ■ Access to the 3WXM monitoring service. To secure management access. You can use the same username access, configure user accounts within the moni- and password for access through the console, Telnet, tor
Resumen del contenido incluido en la página 16
16 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES 3WXM mentation and its configuration requirements changed in MSS Version 4.0. By default, access to 3WXM and the 3WXM monitor- ing service do not require passwords. To secure Communication Between the WX Switch and 3WXM access, configure user accounts within each instance or WebView of 3WXM and the monitoring service. Administration certificate requirement (11974) The monitoring service uses a signed certificate for aut
Resumen del contenido incluido en la página 17
Points to Note When Using the WXR100, WX1200, WX4400, or WX2200 17 Distributed MAP Best Practice When Using STP reports using a 0.0.0.0 source IP address. In this case, either assign an IP address to the VLAN inter- A Distributed MAP is a leaf device. You need not face on the WX switch or disable IGMP proxy enable STP on the port directly connected to the MAP. reporting. To disable proxy reporting, use the If Spanning Tree Protocol (STP) is enabled on the port command set igmp proxy-report
Resumen del contenido incluido en la página 18
18 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES Rogue Detection Active Scan Interval Is Longer System Parameter Support During a SpectraLink SVP Call. (23317) The following tables list the recommended or maxi- The active scan feature can be used during SVP calls. mum supported values for major system parameters. However, when a call is active, the interval at which active scan goes off-channel to look for rogues in- Mobility System Parameter Supported Value creases fr
Resumen del contenido incluido en la página 19
System Parameter Support 19 Network Parameter Supported Value Management Parameter Supported Value Forwarding database entries WX4400: 16383 Maximum instances of Wireless Switch 3 Manager (3WXM) simultaneously WX2200: 16383 managing a network WX1200: 8192 Telnet management sessions WX4400: 8 WXR100: 8192 WX2200: 8 Statically configured VLANs 100 WX1200: 4 Virtual ports (sum of all statically con- 256 WXR100: 4 figured VLAN physical port member- The maximum combined number of ships) management
Resumen del contenido incluido en la página 20
20 WIRELESS LAN SWITCH AND CONTROLLER MSS VERSION 6.0.4.6 RELEASE NOTES When upgrading systems with large Client and Session Parameter Supported Value configurations, it may be necessary to save the Active AAA sessions (clients trying to WX4400: 2500 establish active connections) per WX configuration to a backup file. (41330) WX2200: 3200 switch WX1200: 300 When upgrading systems with very large configura- WXR100: 75 tions, for example, hundreds of APs or hundreds of These are the suggested m