manualshive.com logo in svg

Motorola RFS7000 Series, Reference Manual

The Motorola RFS7000 Series is a cutting-edge networking solution for seamless wireless communication. Simplify your installation process with our comprehensive Installation Manual, available for free download on our website. Unlock the full potential of your device and get started today at manualshive.com.

Share
Download
background image

20-3

 

radio

Radio related commands.

page 20-35

rate-limit

Sets default rate limits per user.

page 20-42

self-heal

Self healing configuration commands.

page 20-43

sensor

Wireless Intrusion Protection System (WIPS) parameters.

page 20-45

service

Service commands. 

page 20-46

show

Shows running system information.

page 20-51

wlan

Wireless LAN related commands. 

page 20-53

wlan-bw-
allocation

Allocates radio bandwidth per WLAN.

page 20-67

Command

Description

Ref.

Summary of Contents for RFS7000 Series

Page 1: ... RFS7000 Series RF Switch CLI Reference Guide ...

Page 2: ...Logo are registered in the US Patent Trademark Office Symbol is a registered trademark of Symbol Technologies Inc All other product or service names are the property of their respective owners Motorola Inc 2007 All rights reserved ...

Page 3: ...ns Table 1 Quick Reference on How This Guide Is Organized Chapter Jump to this section if you want to Chapter 1 Introduction Review the overall feature set of the RFS7000 Switch as well as the many configuration options available Chapter 2 Common Commands Summarize the commands common amongst many contexts and instance contexts within the RFS7000 Switch CLI Chapter 3 User Exec Commands Summarize t...

Page 4: ...cl commands within the RFS7000 Switch CLI Chapter 16 Extended MAC ACL Instance Summarize the config ext macl commands within the RFS7000 Switch CLI Chapter 17 DHCP Instance Summarize the config dhcp pool commands within the RFS7000 Switch CLI Chapter 18 DHCP Class Instance Summarize the config dhcp class instance commands within the RFS7000 Switch CLI Chapter 19 RADIUS Server Instance Summarize th...

Page 5: ... Table 1 1 Notational Convention used in the document Convention Example Token Description Valid Inputs bold Bold text indicates commands and keywords that you enter literally italics Italic text indicates arguments for which you supply values on off Grouping exactly one of a list of tokens on key1 key2 key3 Selective recursive multiple tokens allowed but each can only be used once key1 key3 key1 ...

Page 6: ... com When contacting Motorola Support Center please provide the following information Serial number of the unit Model number or product name Software type and version number Product Sales and Product Information General Information For general information contact Motorola at Telephone North America 1 800 722 6234 Telephone International 1 631 738 5200 Website http www motorola com North America In...

Page 7: ...nd intellectual property rights in and to the Software and any copies or portions thereof shall remain in Licensor and its suppliers or licensors Licensee understands that Licensor may modify or discontinue offering the Software at any time The Software is protected by the copyright laws of the United States and international copyright treaties The Software is licensed not sold This Agreement does...

Page 8: ...RIPTION OR NONINFRINGEMENT WITH REGARD TO THE SOFTWARE THE ENTIRE RISK AS TO THE QUALITY OF OR ARISING OUT OF USE OR PERFORMANCE OF THE SOFTWARE AND SUPPORT SERVICES IF ANY REMAINS WITH LICENSEE 7 EXCLUSION OF INCIDENTAL CONSEQUENTIAL AND CERTAIN OTHER DAMAGES TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW IN NO EVENT SHALL LICENSOR OR ITS SUPPLIERS BE LIABLE FOR ANY GENERAL SPECIAL INCIDENTAL ...

Page 9: ...cy or authority and Licensee shall not export or allow the export or re export of the Software in violation of any such restrictions laws or regulations By downloading or using the Software Licensee agrees to the foregoing and represents and warrants that Licensee is not located in under the control of or a national or resident of any restricted country 13 MISCELLANEOUS Licensee may not sublicense...

Page 10: ...x RFS7000 Series CLI Reference Guide ...

Page 11: ... Partial Command Name 1 7 Deleting Entries 1 7 Re displaying the Current Command Line 1 8 Command Output pagination 1 8 Transposing Mistyped Characters 1 8 Controlling Capitalization 1 9 Chapter 2 Common Commands Common Commands 2 2 clrscr 2 3 debug 2 4 exit 2 10 help 2 11 no 2 12 service 2 14 terminal 2 27 show 2 28 autoinstall 2 31 banner 2 32 commands 2 33 crypto 2 35 debugging 2 37 environment...

Page 12: ...tree 2 67 static channel group 2 69 terminal 2 70 timezone 2 71 users 2 72 version 2 73 wireless 2 74 wlan acl 2 81 access list 2 82 aclstats 2 83 alarm log 2 84 boot 2 85 clock 2 86 debugging 2 87 dhcp 2 88 environment 2 89 file 2 90 ftp 2 91 password encryption 2 92 running config 2 93 securitymgr 2 95 sessions 2 96 spanning tree 2 97 startup config 2 101 static channel group 2 102 upgrade statu...

Page 13: ...cluster cli 4 12 configure 4 13 copy 4 14 debug 4 16 delete 4 18 diff 4 19 dir 4 20 disable 4 21 edit 4 22 enable 4 23 erase 4 24 halt 4 25 kill 4 26 logout 4 27 mkdir 4 28 more 4 29 page 4 30 ping 4 31 pwd 4 32 quit 4 33 reload 4 34 rename 4 35 rmdir 4 36 show 4 37 telnet 4 40 traceroute 4 41 upgrade 4 42 upgrade abort 4 44 write 4 45 Chapter 5 Global Configuration Commands Global Configuration C...

Page 14: ...8 license 5 33 line 5 34 local 5 35 logging 5 36 mac 5 38 management 5 39 ntp 5 40 prompt 5 43 radius server 5 44 redundancy 5 45 service 5 47 show 5 49 snmp server 5 53 sole 5 64 spanning tree 5 65 timezone 5 68 username 5 69 vpn 5 70 wireless 5 71 wlan acl 5 72 Chapter 6 Crypto isakmp Instance Crypto ISAKMP Config Commands 6 1 authentication 6 2 clrscr 6 3 encryption 6 4 end 6 5 exit 6 6 group 6...

Page 15: ...ommands 8 1 clrscr 8 2 end 8 3 exit 8 4 help 8 5 no 8 6 service 8 7 set 8 8 show 8 9 Chapter 9 Crypto ipsec Instance Crypto IPsec Config Commands 9 1 mode 9 2 show 9 3 Chapter 10 Crypto map Instance Crypto Map Config Commands 10 1 clrscr 10 2 end 10 3 exit 10 4 help 10 5 match 10 6 no 10 7 service 10 8 set 10 9 show 10 12 Chapter 11 Crypto trustpoint Instance Trustpoint Config commands 11 19 clrsc...

Page 16: ... 12 1 clrscr 12 3 description 12 4 duplex 12 5 end 12 6 exit 12 7 help 12 8 ip 12 9 mac 12 11 management 12 12 mtu 12 13 no 12 14 port channel 12 15 service 12 16 show 12 17 shutdown 12 20 spanning tree 12 21 speed 12 23 static channel group 12 24 switchport 12 25 tunnel 12 27 Chapter 13 Spanning Tree MST Instance mst Config commands 13 1 clrscr 13 2 end 13 3 exit 13 4 help 13 5 instance 13 6 name...

Page 17: ... 15 Standard ACL Instance Standard ACL Config Commands 15 1 clrscr 15 3 deny 15 4 end 15 5 exit 15 6 help 15 7 mark 15 8 no 15 9 permit 15 10 service 15 11 show 15 12 terminal 15 14 Chapter 16 Extended MAC ACL Instance MAC Extended ACL Config Commands 16 2 clrscr 16 3 deny 16 4 end 16 6 exit 16 7 help 16 8 mark 16 9 no 16 11 permit 16 12 service 16 14 show 16 15 terminal 16 17 Chapter 17 DHCP Inst...

Page 18: ...7 21 network 17 22 next server 17 23 no 17 24 option 17 25 service 17 26 show 17 27 update 17 29 Configuring DHCP Server using CLI 17 30 Creating network pool 17 30 Creating host pool 17 30 Troubleshooting DHCP configuration 17 30 Chapter 18 DHCP Class Instance DHCP Server Class Config Commands 18 1 clrscr 18 2 end 18 2 exit 18 2 help 18 3 multiple user class 18 3 no 18 3 option 18 4 service 18 5 ...

Page 19: ...user 19 25 server 19 26 service 19 27 show 19 28 Chapter 20 Wireless Instance Wireless Configuration Commands 20 1 aap 20 4 adopt unconf radio 20 5 adoption pref id 20 6 ap 20 7 ap detection 20 8 ap ip 20 9 ap udp port 20 10 broadcast tx speed 20 11 client 20 12 config wireless client list 20 13 clrscr 20 15 convert ap 20 16 country code 20 17 dhcp sniff state 20 18 dot11 shared key auth 20 19 end...

Page 20: ...st throttle watermarks 20 31 no 20 32 proxy arp 20 33 qos mapping 20 34 radio 20 35 rate limit 20 42 self heal 20 43 sensor 20 45 service 20 46 show 20 51 wlan 20 53 wlan bw allocation 20 67 Chapter 21 SOLE Instance SOLE Config Commands 21 1 adapter 21 2 clrscr 21 3 end 21 4 exit 21 5 help 21 6 no 21 7 service 21 8 show 21 10 Appendix A Customer Support ...

Page 21: ...uction to command modes navigation and editing features help features and command history features The CLI is divided into different command modes Each command mode has its own set of commands available for configuration maintenance and monitoring The commands available at any given time depend on the mode you are in Enter a question mark at the system prompt to view the list of commands available...

Page 22: ...ds are stored across switch reboots Enter a variety of protocol specific or feature specific configuration modes from global configuration mode The CLI hierarchy requires you enter these specific configuration modes only through global configuration mode Enter configuration submodes from global configuration modes Configuration submodes are used to configure specific features within the scope of a...

Page 23: ...context sensitive help exit interface help ip kill license logout line mkdir logging more mac no management page no ping ntp pwd prompt quit radius server reload redundancy rename service rmdir show service snmp server show spanning tree telnet timezone terminal username traceroute vlan upgrade wireless upgrade abort wlan acl write Table 1 1 CLI Context Hierarchy for RFS7000 User Exec Mode Priv Ex...

Page 24: ...iate commands and keywords to the number of characters allowing a unique abbreviation For example configure terminal can be abbreviated as config t Since the abbreviated form of the command is unique the switch accepts the abbreviated form and executes the command Enter the help command available in any command mode to provide the following description RFS7000 help CLI provides advanced help featu...

Page 25: ... command to view if there are any further sub modes that can be used If so type the first few alphabets of the submode and press the tab key Continue using until you reach the final sub submode Pre defined CLI commands and keywords are case insensitive cfg Cfg CFG For clarity CLI commands and keywords are displayed using mixed case For example apPolicy trapHosts channelInfo Commands can be entered...

Page 26: ...tions In Table 1 2 bolded characters inside the Function Summary column indicate the relationship between the letter used and the function Table 1 2 Key Combinations Used to Move the Cursor Keystrokes Function Summary Function Details Left Arrow or Ctrl B Back character Moves the cursor one character to the left When you enter a command extending beyond a single line press the Left Arrow or Ctrl B...

Page 27: ...r Enter key This way the command can be modified if the full command was not what you intended by abbreviation Enter a set of characters that could indicate more than one command to list commands that begin with that set of characters Alternatively enter a question mark to obtain a list of commands that begin with that set of characters Do not leave a space between the last letter you enter and th...

Page 28: ...eturn key to scroll down one line or press the Spacebar to display the next full screen of output 1 5 6 Transposing Mistyped Characters If you have mistyped a command it is possible to transpose the mistyped characters To transpose characters use the following keystroke Ctrl D Deletes the character at the cursor Ctrl K Deletes all characters from the cursor to the end of the command line Ctrl W De...

Page 29: ...case insensitive and are typically in lowercase To change the capitalization of the commands use any of the following key sequences Keystrokes Purpose Esc C Capitalizes the letters at the right of cursor Esc L Changes the letters at the right of cursor to lowercase ...

Page 30: ...Overview 1 10 ...

Page 31: ...he PRIV EXEC command set contains the commands available in USER EXEC mode Some commands can be entered in either mode Commands entered in either USER EXEC mode or PRIV EXEC mode are referred to as EXEC mode commands If the user or privilege is not specified the referenced command can be entered in either mode ...

Page 32: ... clrscr Clears the display screen page 2 3 debug Debugging functions page 2 4 exit Ends the current mode and moves to the previous mode page 2 10 help Describes the interactive help system page 2 11 no Negates a command or set defaults page 2 12 service Displays service commands page 2 14 show Shows running system information page 2 28 terminal Sets terminal line parameters page 2 27 ...

Page 33: ...2 3 2 1 1 clrscr Common Commands Use this command to clear the screen and refresh the prompt Syntax clrscr Parameters None Example RFS7000 clrscr ...

Page 34: ...e manager messages all Traces error and informational messages from the Certificate Manager error Traces error messages from the Certificate Manager info Traces informational messages from the Certificate Manager ip https ssh Debugs Internet Protocol parameters https Secure HTTP HTTPS server ssh Secured Shell SSH server mobility cc error forwarding MAC Address mu packet peer system Debugs L3 Mobil...

Page 35: ... Layer3 mobility logs media Encapsulation media logs mobile unit Mobile unit logs radio Radio logs radius RADIUS client logs self heal Self Healing logs snmp SNMP logs system System call logs wips WIPS sensor logs wisp WISP logs debug All messages default err Error and higher severity messages info Information and higher severity messages warn Warning and higher severity messages ccstats module na...

Page 36: ...cli client CLI responses from protocol modules to IMI server cli server CLI commands from IMI server to protocol module errors Errors init Initialization process ntp NTP debug messages ip https ssh Internet Protocol IP https Secure HTTP HTTPS server ssh Secured Shell SSH server logging all errors init monitor subagent Modify message logging facilities all All debugging errors Errors init Logging m...

Page 37: ...ket protocol timer nsm all events kernel packet Network Service Module NSM all events kernel packet pktdrvr rate limit skip packet filter Pktdrvr kernel wireless debugging messages rate limit Log message rate limiting skip packet filter Do not call the packet filtering API when receiving or transmitting frames radius all err info warn RADIUS server debugging messages all Traces all messages from t...

Page 38: ...error ipsec pmdebug pmerror Security manager debugging messages all Traces all messages from the Security Manager debug Traces general debug messages from the Security Manager error Traces general error messages from the Security Manager ikeerror Traces debug messages for IKE ipsec Traces Policy Manager messages pmdebug Traces debug messages for the Policy Manager pmerror Traces error messages for...

Page 39: ... from 00 A0 F8 CD ED C4 Mar 15 15 41 49 2008 CC cluster standy mode Igoring Hello Discovery at attempts 1 Mar 15 15 41 49 2008 CC CW_Rx_Discovery 2815 Ignoring discovery attempts 1 from 00 A0 F8 CD ED C4 Mar 15 15 41 49 2008 CC cluster portal unadopted portal count now 5 Mar 15 15 41 49 2008 CC cluster tx to wccp ap 3 radio 5 mu 0 rogue 0 sheal 0 max ap 256 Mar 15 15 41 49 2008 CC cluster portal u...

Page 40: ...Overview 2 10 2 1 3 exit Common Commands Use this command to end the current mode and move to the previous mode Syntax exit Parameters None Example RFS7000 config exit ...

Page 41: ...P server licenses Show any installed licenses logging Show logging configuration and buffer mac MAC access list assignment mac address table Display MAC address table management Display L3 Managment Interface name mobility Display Mobility parameters ntp Network time protocol privilege Show current privilege level radius RADIUS configuration commands redundancy group Display redundancy group param...

Page 42: ...ured country code All existing radio configuration will be erased crypto encryption module errdisable errdisable ftp Configure FTP Server hostname Reset system s network name to default interface Delete a virtual interface ip Internet Protocol IP line Configure a terminal line local Local user authentication database for VPN logging Modify message logging facilities mac MAC configuration managemen...

Page 43: ...config no bridge max age RFS7000 config RFS7000 config no bridge max age RFS7000 config RFS7000 config no bridge spanning tree portfast bpdu filter RFS7000 config RFS7000 config no bridge spanning tree portfast bpduuard RFS7000 config RFS7000 config no bridge spanning tree errdisable timeout enable RFS7000 config RFS7000 config no bridge spanning tree errdisable timeout interval RFS7000 config ...

Page 44: ...E service show cli command history crash info diag info memory process reboot history startup log upgrade history Parameters User Exec Only service diag enable Enables service diagnostics identify Identifies this switch by flashing the LEDs limit buffer fan filesys inodes load maxFDs pkbuffers procRAM ram routecache temperature Diagnostic limit command buffer Buffer usage warning limit fan Fan spe...

Page 45: ...5 Buffer usage warning limit 0 65535 limit fan 1 3 Use this parameter to set the fan speed limit Configure the fan speed limit for both fans or just one limit filesys etc2 flash var Use this parameter to set the file system freespace limit Select the freespace limit for the following sub context etc2 flash ram limit inodes etc2 flash var File system inode limit Select the freespace limit for the f...

Page 46: ...s service encrypt encrypt secret 2 LINE Encrypts passwords with a secret phrase using SHA256 AES256 encryption service locator locator Flash all LEDS to locate the switch visually service save cli save cli Create a file clitree html which saves and displays the CLI tree for all modes service show show cli command history crash info diag info memory process reboot history startup log upgrade histor...

Page 47: ...swd memory pm history process name all process reboot history securitymgr startup log upgrade history watchdog wireless service test traps 1 100000 service wireless ap history buffer counters clear ap log 1 256 dump core idle radio send multicast legacy load balance map radios 1 127 rate scale request ap log 1 256 save ap log snmp trap throttle Parameters Priv Exec mode only service wireless wirel...

Page 48: ...ar File system inode limit load 1 15 5 Aggregate processor load during the previous minutes based on the option selected maxFDs 0 32767 Maximum number of file descriptors pkbuffers 0 65535 Packet buffer head cache procRAM 0 0 100 0 RAM used by a process ram 0 0 25 0 Percent free RAM routecache 0 65535 IP route cache usage temperature 1 8 critical high low Temperature limit period 100 30000 Set dia...

Page 49: ...nt filter Capture filter verbose Displays full packet body write Capture to a file vpn Capture at vpn count Limit capture packet count filter Capture filter inbound Capture ingress direction only outbound Capture egress direction only verbose Displays full packet body write Capture to a file pm stop Stop PM from monitoring all daemons save cli Saves CLI tree for all modes in html format securitymg...

Page 50: ...password used to enter shell memory Shows memory statistics pm history process name all Displays the configuration parameters of PM lite The history log file has a time stamped single line for every deamon that is had been started restarted process Displays processes sorted by memory usage reboot history Displays reboot history securitymgr Displays security manager details startup log Displays sta...

Page 51: ...S7000 1 0 1 1 map radios Sets radio to cpu mapping constant rate scale Enables wireless rate scaling default request ap log Requests access port log save ap log Saves a debug error log sent by the access port snmp trap throttle Limit the number of SNMP traps generated from the wireless module advanced vty Enables advanced mode vty interface dhcp Enables the DHCP server service password encryption ...

Page 52: ...imit 4k 4k byte buffer limit 512 512 byte buffer limit 64 64 byte buffer limit 64k 64k byte buffer limit 8k 8k byte buffer limit RFS7000 service diag limit buffer 32k 0 65535 buffer usage warning limit 0 65535 RFS7000 service diag limit buffer 32k 4096 RFS7000 service diag limit fan 1 3 Fan number RFS7000 service diag limit fan 1 prompt crash info Enables crash info prompt radius restart Enables t...

Page 53: ... 0 to 100 0 RFS7000 service diag limit load 5 50 RFS7000 service diag limit maxFDs 0 32767 0 32767 RFS7000 service diag limit maxFDs 30000 RFS7000 service diag limit pkbuffers 0 65535 limit from 0 65535 RFS7000 service diag limit pkbuffers 4096 RFS7000 service diag limit procRAM WORD limit from 0 0 100 0 RFS7000 service diag limit procRAM 10 RFS7000 service diag limit ram WORD limit from 0 0 100 0...

Page 54: ...ty 131 config t Aug 31 23 40 13 2006 null vty 131 enable Aug 31 23 40 12 2006 null vty 131 config t Aug 31 23 40 12 2006 null vty 131 enable Aug 31 23 40 11 2006 null vty 131 enable Aug 31 16 30 14 2006 null con 0 configure terminal Aug 31 16 30 04 2006 null con 0 en Aug 31 16 29 21 2006 null con 0 exit Aug 30 19 54 13 2006 null vty 130 enable Aug 30 19 53 09 2006 null vty 130 disable Aug 30 19 41...

Page 55: ...censeMgr 6823 S 2712 429 0 0 1 0 imish 6770 S 2668 1 0 0 1 0 imish 363 S 1824 1 0 0 0 7 nsm 339 S 1736 279 0 0 0 6 fileMgmt 291 S 1676 1 0 0 0 6 logd 375 S 1672 1 0 0 0 6 wccpd 279 S 1636 1 0 0 0 6 pmd 430 S 1636 1 0 0 0 6 stunnel 1370 S 1512 1 0 0 0 5 sshd 346 S 1448 1 0 0 0 5 mobd 340 S 1308 279 0 0 0 5 fileXferd RFS7000 service show reboot history Configured size of reboot history is 50 Date Ti...

Page 56: ... Aug 30 15 32 43 2006 KERN 6 INFO DMI 2 3 present Aug 30 15 32 43 2006 KERN ACPI RSDP v000 ACPIAM 0x000f7720 Aug 30 15 32 43 2006 KERN ACPI RSDT v001 A M I OEMRSDT 0x09000512 MSFT 0x00000097 0x0ff40000 Aug 30 15 32 43 2006 KERN ACPI FADT v002 A M I OEMFACP 0x09000512 MSFT 0x00000097 0x0ff40200 Aug 30 15 32 43 2006 KERN ACPI MADT v001 A M I OEMAPIC 0x09000512 MSFT 0x00000097 0x0ff40300 Aug 30 15 32...

Page 57: ...inal window Syntax terminal length 0 512 no length 0 512 width width 0 512 Parameters Example RFS7000 terminal length 100 RFS7000 RFS7000 terminal width 200 RFS7000 length Sets the number of lines on a screen no Negates a command or sets its defaults width Sets the width number of characters on a screen line ...

Page 58: ... 35 debugging Debugs information outputs Common page 2 37 environment Displays environmental information Common page 2 39 history Displays the session command history Common page 2 39 interfaces Displays interface status and configuration Common page 2 40 ip Displays the Internet Protocol Common page 2 42 ldap Displays LDAP server configuration parameters Common page 2 47 licenses Displays install...

Page 59: ...s Common page 2 70 timezone Displays the timezone Common page 2 71 users Displays information about terminal lines Common page 2 72 version Displays the software and hardware version Common page 2 73 wireless Displays wireless configuration commands Common page 2 74 wlan acl Displays WLAN based ACL information Common page 2 104 access list Displays access list Internet Protocol IP configuration Pr...

Page 60: ...ymgr Displays debug info for ACL VPN and NAT Privilege Global Config page 2 95 sessions Displays active open current connections Privilege Global Config page 2 96 spanning tree Display spanning tree information Privilege Global Config page 2 97 startup config Displays the contents of the startup configuration Privilege Global Config page 2 101 static channel group Displays the static channel group...

Page 61: ...2 31 2 2 1 autoinstall Common to all modes Syntax show autoinstall Parameters None Example RFS7000 show autoinstall RFS7000 ...

Page 62: ...Overview 2 32 2 2 2 banner Common to all modes Syntax show banner Parameters Example RFS7000 show banner motd Welcome to CLI RFS7000 motd Enters the Message of the Day banner ...

Page 63: ...cket peer system debug mobility cc error forwarding AA BB CC DD EE FF mu packet peer system debug mobility cc error forwarding AA BB CC DD EE FF mu packet peer system debug mobility cc error forwarding AA BB CC DD EE FF mu packet peer system debug mobility cc error forwarding AA BB CC DD EE FF mu packet peer system debug mobility cc error forwarding AA BB CC DD EE FF mu packet peer system debug mo...

Page 64: ...le no service diag period no service diag watchdog no service locator p page exit logout quit show autoinstall show autoinstall status show banner motd show commands show debugging show debugging mstp show environment show history contd RFS7000 ...

Page 65: ...me Common Name Motorola ipsec sa security association lifetime transformset name Displays IPSEC policy sa IPSec Security Association security association Security Association lifetime Lifetime transformset Transformset name Transform set name or all transform sets isakmp policy 1 10000 sa Displays ISAKMP policy 1 10000 Displays priorityall isakmp policies sa All crypto ISAKMP security association ...

Page 66: ...t_ssh_rsa_key Key length in bits 1024 Key Data D056BB4 B423B30 21CA504 8101955 3328D22 41C624D 07AB708 4D85B51 E4B2B12 7A332EC A3C004A B1B3A95 B67DDB2 89FCB16 FE699CE 71B69FC 0300C30 8DFA936 A4D5062 BF29749 C87E66B E6A2958 9103CD0 8FD659A FB02808 F10578E E0034B6 013963B D25BB78 D1871B7 7A31F55 833B4ED 23 RFS7000 config RFS7000 config show crypto ipsec security association lifetime Security associa...

Page 67: ...ing Common to all modes Syntax show debugging mstp Parameters Example RFS7000 config show debugging mstp MSTP debugging status RFS7000 config mstp Displays information related to the Multiple Spanning Tree Protocol MSTP ...

Page 68: ...ters None Example RFS7000 show environment upwind of CPU temperature 30 0 C CPU die temperature 53 0 C left side temperature 30 0 C by FPGA temperature 29 0 C front right temperature 27 0 C front left temperature 27 0 C fan 1 fan 6540 rpm fan 2 fan 6660 rpm fan 3 fan 6420 rpm RFS7000 ...

Page 69: ...2 39 2 2 7 history Common to all modes Syntax show history Parameters None Example RFS7000 show history 1 show 2 clrscr 3 enable 4 clrscr 5 configure terminal 6 exit 7 clrscr 8 show history RFS7000 ...

Page 70: ...dex 2001 metric 1 mtu 1500 HAL IF UP BROADCAST MULTICAST Speed Admin Auto Operational Unknown Maximum 1G Duplex Admin Auto Operational Unknown Active Medium Unknown Switchport Settings Mode Access Access Vlan 1 input packets 0 bytes 0 dropped 0 multicast packets 0 input errors 0 length 0 overrun 0 CRC 0 frame 0 fifo 0 missed 0 output packets 0 bytes 0 dropped 0 output errors 0 aborted 0 carrier 0 ...

Page 71: ...Interface fe Switchport Settings Mode Access Access Vlan 0 RFS7000 config RFS7000 config show interfaces switchport ge 1 Interface ge1 Switchport Settings Mode Access Access Vlan 1 RFS7000 config RFS7000 config show interfaces vlan 1 Interface vlan1 Hardware Type VLAN Interface Mode Layer 3 address is 00 15 70 37 fc 8f index 5 metric 1 mtu 1500 PAL IF UP BROADCAST RUNNING MULTICAST input packets 0...

Page 72: ...erface IFNAME brief tunnel vlan show ip name server show ip nat interfaces translations inside outside destination source show ip route A B C D A B C D M detail show ip routing show ip ssh show ip telnet Parameters access group Displays the ACLs attached to an interface IFNAME The interface name to which the ACL is associated It lists the details of ACLs configured on the particular Layer 3 or Lay...

Page 73: ...r HTTP server interface IP interface status and configuration IFNAME Interface name brief Brief summary of IP status and configuration ge GigabitEthernet interface me1 FastEthernet interface sa StaticAggregate interface vlan VLAN interface name server DNS nameservers ip nat interfaces translations ip nat translation inside outside verbose destination source Network Address Translation NAT interfac...

Page 74: ...ernet interface comes back up it restarts the DHCP client on any of the virtual interfaces SVIs in which the physical interface is a member port This ensures if the interface was disconnected and reconnected to a different interface it gets a new ip address route name server domain name etc corresponding to the new DHCP server scope Example RFS7000 config show ip access group all Interface fe Inbo...

Page 75: ...an1 157 235 208 233 DHCP up up tunnel1 unassigned up up RFS7000 show ip interface tunnel 1 brief Brief summary of IP status and configuration RFS7000 show ip interface tunnel 1 brief Interface IP Address Status Protocol tunnel1 unassigned up up RFS7000 show ip interface vlan 1 brief Interface IP Address Status Protocol vlan1 157 235 208 233 DHCP up up RFS7000 show ip name server 157 235 3 195 dyna...

Page 76: ... 10 0 0 0 8 1 0 via 10 10 10 10 inactive S 157 235 208 0 24 1 0 via 157 235 208 246 inactive RFS7000 show ip ssh SSH server enabled Status running Keypair name default_ssh_rsa_key Port 22 RFS7000 show ip telnet Telnet server enabled Status running Port 23 ...

Page 77: ...ute UserPassword Group Name cn Group Membership Filter objectClass group member Ldap UserDn Group Member Attr radiusGroupName Net timeout 1 second s Secondary LDAP IP Address 10 10 10 5 Port 369 Login sAMAccountName Stripped User Name User Name Bind DN cn kumar ou symbol dc activedirectory dc com Base DN ou symbol dc activedirectory dc com Password 0 symbol 123 Password Attribute UserPassword Grou...

Page 78: ...rview 2 48 2 2 11 licenses Common to all modes Syntax show licenses Parameters None Example RFS7000 config show licenses feature usage license string license value usage AP 2FFD7fE9 CD016155 14A92C70 48 1 ...

Page 79: ...RITYMGR 1109 FTPALG Application gateway started Feb 19 18 50 38 2007 DAEMON 5 NOTICE WIOS_SECURITYMGR 1109 FTPALG Shutting down Feb 19 18 50 38 2007 DAEMON 5 NOTICE WIOS_SECURITYMGR 1109 DNSALG Shutting down Feb 19 18 50 37 2007 DAEMON 5 NOTICE WIOS_SECURITYMGR 1109 DNSALG Application gateway started Feb 19 18 50 37 2007 DAEMON 5 NOTICE WIOS_SECURITYMGR 1109 FTPALG Application gateway started Feb ...

Page 80: ...Overview 2 50 2 2 13 mac Common to all modes Syntax show mac access list Parameters Example RFS7000 config show mac access list RFS7000 config access list Lists MAC access lists ...

Page 81: ... 742c 1 0 1 2 ifindex 0 000e 0c6e ade7 1 0 1 5 ifindex 0 00a0 f8ea 4c99 1 0 1 2 ifindex 0 0080 a366 d7b6 1 0 1 2 ifindex 0 0011 2599 9b35 1 0 1 2 ifindex 0 0012 0197 3794 1 0 1 2 ifindex 0 0013 723c ba60 1 0 1 1 vlan4 0015 7037 fac3 1 0 1 2 vlan4 0015 7037 fac3 1 0 1 3 vlan4 0015 7037 fac3 1 0 1 4 vlan4 0015 7037 fac3 1 0 1 5 vlan4 0015 7037 fac3 1 0 1 2 ifindex 0 000e 0c72 1922 1 0 1 2 ifindex 0 ...

Page 82: ...w 2 52 2 2 15 management Common to all modes Syntax show management Parameters None Example RFS7000 config show management Mgmt Interface vlan1 Management access permitted via any vlan interface RFS7000 config ...

Page 83: ...ABLED Operational Status DISABLED Admin status is DISABLED Local Address 0 0 0 0 Port Number 58788 Max Roam Period 5 sec Number of Peers 0 established 0 Number of MUs 0 Home 0 Foreign 0 Fwding plane 0 Delete pend 0 L3 Mobility enabled WLANs NONE RFS7000 config RFS7000 config show mobility event log mobile unit Time Event Evt Src IP MU Mac MU IP HS IP CS IP event log Displays mobility event logs mo...

Page 84: ...ec Number of Peers 0 established 0 Number of MUs 0 Home 0 Foreign 0 Delete pend 0 L3 Mobility enabled WLANs NONE RFS7000 RFS7000 config show mobility mobile unit detail HOME MU Database Total 1 MU MAC Address 00 0f 3d e9 a6 54 IP Address 157 235 208 134 SSID wios_rad_test1 Home Switch 157 235 208 16 Current Switch 157 235 208 16 HS VLAN 1 Foreign MU Database Total 0 RFS7000 config show mobility pe...

Page 85: ... peer mode unspec our poll intvl 6 peer poll intvl 10 root delay 0 00 msec root disp 0 00 reach 000 delay 0 00 msec offset 0 0000 msec dispersion 0 00 precision 2 20 org time 00000000 00000000 Feb 07 06 28 16 UTC 2036 rcv time 00000000 00000000 Feb 07 06 28 16 UTC 2036 xmt time c8b42a7e 6eb04252 Sep 14 19 22 38 UTC 2006 filtdelay 0 00 0 00 0 00 0 00 0 00 0 00 0 00 0 00 filtoffset 0 00 0 00 0 00 0 ...

Page 86: ...Overview 2 56 2 2 18 port channel Common to all modes Syntax show port channel load balance Parameters Example RFS7000 config show port channel load balance RFS7000 config load balance Load balancing ...

Page 87: ...2 57 2 2 19 privilege Common to all modes Syntax show privilege Parameters None Example RFS7000 show privilege Current user privilege superuser RFS7000 ...

Page 88: ...oxy retry count 4 Proxy Realm Details ___________________ Realm symbol com IP Address 10 10 10 5 Port 1812 Shared secret 0 secret123 radius RADIUS configuration commands configuration RADIUS server configuration parameters eap configuration EAP parameters and configuration group RADIUS group configuration nas A B C D M Enter a client IP address and mask proxy Proxy information rad user RADIUS user...

Page 89: ...536X Auto revert period 5 mins Auto revert Feature Enabled DHCP Server Redundancy Disabled Redundancy Group Runtime Information Redundancy Protocol Version 2 0 Redundancy Group License 0 Cluster AP Adoption Count Not Applicable Switch AP Adoption Count Not Applicable Redundancy State Disabled Radio Portals adopted by Group Not Applicable Radio Portals adopted by this Switch Not Applicable Rogue AP...

Page 90: ... Cluster AP Adoption Count Not Applicable Switch AP Adoption Count Not Applicable Redundancy State Disabled Radio Portals adopted by Group Not Applicable Radio Portals adopted by this Switch Not Applicable Rogue APs detected in this Group Not Applicable Rogue APs detected by this Switch Not Applicable MUs associated in this Group Not Applicable MUs associated in this Switch Not Applicable Selfheal...

Page 91: ...switch state transitions of the self switch Syntax show redundancy history Parameters None Example RFS7000 config show redundancy history State Transition History Time Event Triggered State Sep 18 09 57 36 2007 Redundancy Enabled Startup Sep 18 09 57 36 2007 Startup Done Startup Sep 18 09 57 36 2007 Discovery Done Startup Sep 18 09 57 36 2007 Redundancy Disabled Startup RFS7000 config ...

Page 92: ...itch The user can provide the IP address of the switch in cluster whose information alone is needed Syntax show redundancy members A B C D Parameters Example RFS7000 config show redundancy members brief Member ID Self 10 10 10 10 Member State Not Applicable Member ID 10 10 10 1 Member State Peer Configured A B C D IP address of the member switch ...

Page 93: ...000 config RFS7000 config show snmp user snmpoperator userName access engineId Authentication Encryption snmpoperator ro 80000184806b8b456745a3cccc MD5 DES RFS7000 config RFS7000 config show snmp user snmptrap userName access engineId Authentication Encryption snmptrap rw 80000184806b8b456745a3cccc MD5 DES RFS7000 config user Displays the SNMP user snmpmanager Shows manager information snmpoperato...

Page 94: ...ciationOnSpectrum N wireless station deniedAssociationOnErr N wireless station deniedAssociationOnSSID N wireless station deniedAssociationOnRates N wireless station deniedAssociationOnInvalidWPAWPA2IE N wireless station deniedAssociationAsPortCapacityReached N wireless station tkipCounterMeasures N wireless station deniedAuthentication N wireless station radiusAuthFailed N wireless radio adopted ...

Page 95: ...cent greater than disabled avg retry greater than disabled undecrypt percent greater than disabled num stations greater than disabled RFS7000 RFS7000 show snmp server traps wireless statistics wireless switch pktsps greater than disabled tput greater than disabled num stations greater than disabled RFS7000 RFS7000 show snmp server traps wireless statistics wlan pktsps greater than disabled tput gr...

Page 96: ...sent to engine 0 Time at which last message was received from engine Time at which last message was sent to engine RFS7000 config RFS7000 config show sole status adapter Type Status 1 AeroScout enabled RFS7000 config RFS7000 config show sole status engine Type Engine State AeroScout 0 0 0 0 Idle RFS7000 config config adapter ADAPTER NAME Displays SOLE configuration information adapter Displays con...

Page 97: ...portfast bpdu filter enabled portfast bpdu guard disabled portfast errdisable timeout disabled portfast errdisable timeout interval 300 sec cisco interoperability not configured Current cisco interoperability off ge1 Port 2001 Id 87d1 Role Designated State Forwarding ge1 Designated External Path Cost 0 Internal Path Cost 0 config Displays MSTP configuration information detail interface IF Name fe ...

Page 98: ...ge1 CIST Hello Time 2 Forward Delay 15 ge1 CIST Forward Timer 0 Msg Age Timer 0 Hello Timer 0 ge1 Version Multiple Spanning Tree Protocol Received None Send MSTP ge1 Portfast configured Current portfast on ge1 portfast bpdu guard default Current portfast bpdu guard off ge1 portfast bpdu filter default Current portfast bpdu filter on ge1 no root guard configured Current root guard off ge1 Configure...

Page 99: ...2 69 2 2 28 static channel group Common to all modes Syntax show static channel group Parameters None Example RFS7000 show static channel group RFS7000 ...

Page 100: ...Overview 2 70 2 2 29 terminal Common to all modes Syntax show terminal Parameters None Example RFS7000 config show terminal Terminal Type vt102 Length 42 Width 125 RFS7000 config ...

Page 101: ...2 71 2 2 30 timezone Common to all modes Syntax show timezone Parameters None Example RFS7000 show timezone Timezone is Etc UTC RFS7000 ...

Page 102: ... 72 2 2 31 users Common to all modes Syntax show users Parameters None Example RFS7000 config show users Line PID User Uptime Location 0 con 0 1003 admin 11 38m ttyS0 130 vty 0 27693 admin 10 21m 0 RFS7000 config ...

Page 103: ...how version verbose RFS7000 version 1 0 0 0 228D MIB 01a Copyright c 2006 Symbol Technologies Inc Booted from primary Switch uptime is 0 days 11 hours 53 minutes CPU is RMI Phoenix V0 4 PCI bus 0 device 3 function 2 USB Controller unknown mfg unknown PCI bus 0 device 3 function 1 USB Controller unknown mfg unknown PCI bus 0 device 3 function 0 USB Controller unknown mfg unknown PCI bus 0 device 1 ...

Page 104: ...show wireless aap version show wireless ap 1 48 AA BB CC DD EE FF show wireless ap detection config Show wireless ap images show wireless ap unadopted show wireless approved aps show wireless channel power 11a 11b 11bg indoor outdoor show wireless client exclude list include list show wireless config show wireless country code list show wireless enhanced beacon table config report show wireless en...

Page 105: ...or a radio 11a Radio is 802 11a 11b Radio is 802 11b 11bg Radio is 802 11bg indoor Radio is placed indoors outdoor Radio is placed outdoors client exclude list include list Wireless client configuration exclude list Exclude list configuration include list Include list configuration config Wireless configuration parameters country code list List of supported country names and 2 letter IS0 3166 code...

Page 106: ...f mobile unit AA BB CC DD EE FF MAC address of mobile unit association history mac adress Displays mobile unit history Enter the mobile unit MAC address in AA BB CC DD EE FF format probe history Displays MU probe history 1 200 Index to display probe logging config list List probe history MAC addresses radio 1 4096 Show mobile units associated with this radio statistics Mobile unit rf statistics wl...

Page 107: ...efault 11b Default 11b configuration template default 11bg Default 11bg configuration template monitor table The radio to radio monitoring table statistics Radio statistics regulatory Regulatory allowed channel power information for a particular country self heal config 1 1000 Self healing Configuration Parameters sensor Wireless Intrusion Protection System parameters default config Default config...

Page 108: ...tive ap parameters local bridging disabled config apply def delay 30 seconds config apply mesh delay 3 minutes dn link rate limit usr unlimited up link rate limit usr unlimited RFS7000 config RFS7000 show wireless hotspot config WLAN 1 status disabled description WLAN1 ssid 101 Page Location simple Internal Pages Page type login Title Login Page Header Network Login Description Please enter your u...

Page 109: ...ame length disabled 60 Sec invalid 8021x frame disabled 60 Sec invalid frame type disabled 60 Sec beacon broadcast essid disabled 60 Sec bad essid frame disabled 60 Sec unencrypted traffic disabled 60 Sec non changing wep iv disabled 60 Sec RFS7000 RFS7000 show wireless mac auth local 50 RFS7000 RFS7000 show wireless mobile unit statistics Error None of the mobile units are associated RFS7000 conf...

Page 110: ...ission control disabled max mobile unit 32 WMM video aifsn 1 txop limit 94 cwmin 3 cwmax 4 admission control disabled max mobile unit 32 WMM voice aifsn 1 txop limit 47 cwmin 2 cwmax 3 admission control disabled max mobile unit 32 neighbors for smart scan Enhanced Beacon Table N Enhanced Probe Table N RFS7000 config ...

Page 111: ... Example RFS7000 show wlan acl 200 WLAN port 200 Inbound IP Access List Inbound MAC Access List Outbound IP Access List Outbound MAC Access List RFS7000 RFS7000 show wlan acl all RFS7000 1 256 Displays ACLs attached to the specified WLAN ID all Displays ACLs attached to the WLAN port ...

Page 112: ...ermit ip 192 168 1 0 24 192 168 100 0 24 rule precedence 5 permit ip 192 168 63 0 24 192 168 100 0 24 rule precedence 63 permit ip 192 168 157 0 24 192 168 100 0 24 rule precedence 157 RFS7000 config RFS7000 config show access list 110 Extended IP access list 110 permit ip 192 168 1 0 24 192 168 100 0 24 rule precedence 5 permit ip 192 168 63 0 24 192 168 100 0 24 rule precedence 63 permit ip 192 ...

Page 113: ...RFS7000 config if RFS7000 config interface sa 2 RFS7000 config if RFS7000 config interface tunnel 27 RFS7000 config if RFS7000 config interface vlan 400 RFS7000 config if IFNAME Interface name fe FastEthernet interface ge 1 4 GigabitEthernet interface Select an index value between 1 4 sa 1 4 StaticAggregate interface Select an index value between 1 4 tunnel 1 32 Tunnel interface Select from an ind...

Page 114: ...ntly in the system all Displays all alarms currently in the system count Displays count of alarms currently in the system new Displays new alarms currently in the system severity to limit Displays alarms having a specified or higher severity critical Displays critical alarms informational Displays all informational or higher severity alarms major Displays major or higher severity alarms normal Dis...

Page 115: ... None Example RFS7000 show boot Image Build Date Install Date Version Primary Feb 05 20 27 25 2007 Feb 13 19 29 28 2007 1 0 0 0 228D Secondary Jan 19 06 41 09 2007 Jan 23 20 14 19 2007 1 0 0 0 200D Current Boot Primary Next Boot Primary Software Fallback Enabled RFS7000 ...

Page 116: ...Overview 2 86 2 2 39 clock Priviledge Global Config Syntax show clock Parameters None Example RFS7000 show clock Sep 13 16 46 27 UTC 2006 RFS7000 ...

Page 117: ...g Syntax show debugging mstp Parameters Example RFS7000 show debugging mstp MSTP debugging status MSTP all debugging is on RFS7000 show debugging mstp MSTP debugging status MSTP all debugging is on RFS7000 mstp Displays MSTP debugging information ...

Page 118: ...yntax show dhcp config status Parameters Example RFS7000 show dhcp config service dhcp ip dhcp pool vlan63 default router 192 168 157 2 network 192 168 63 0 24 address range 192 168 63 20 192 168 63 30 RFS7000 config Displays DHCP server configuration status Displays whether the DHCP server is running or not ...

Page 119: ...rs None Example RFS7000 show environment upwind of CPU temperature 33 0 C CPU die temperature 62 0 C left side temperature 31 0 C by FPGA temperature 30 0 C front right temperature 28 0 C front left temperature 29 0 C fan 1 fan 6540 rpm fan 2 fan 6600 rpm fan 3 fan 6480 rpm RFS7000 ...

Page 120: ...fig show file systems File Systems Size b Free b Type Prefix opaque system 10485760 9912320 flash nvram 20971520 19742720 flash flash network null network null network sftp network http network ftp network tftp 20971520 19742720 hotspot RFS7000 config information FILE Displays information on FILE systems Lists filesystems ...

Page 121: ...2 91 2 2 44 ftp Privilege Global Config Syntax show ftp Parameters None Example RFS7000 show ftp FTP Server Disabled User Name anonymous or ftpuser Password Root dir flash RFS7000 ...

Page 122: ...assword encryption Priviledge Global Config Syntax show password encryption status Parameters Example RFS7000 show password encryption status Password encryption is disabled RFS7000 status Displays password encryption status ...

Page 123: ...My Name errdisable recovery interval 100 country code us snmp server sysname RFS7000 snmp server manager v2 snmp server manager v3 snmp server user snmptrap v3 encrypted auth md5 0x7be2cb56f6060226f15974c936e2739b snmp server user snmpmanager v3 encrypted auth md5 0x7be2cb56f6060226f15974c936e2739b snmp server user snmpoperator v3 encrypted auth md5 0x49c451c7c6893ffcede0491bbd0a12c4 vpn authentic...

Page 124: ...elnet username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931f username operator access console web ssh telnet username operator privilege monitor spanning tree mst cisco interoperability enable spanning tree mst config name My Name no management secure ip domain lookup errdisable recovery interval 100 service diag period 1000 service diag enable cou...

Page 125: ...s Parameters Example RFS7000 show securitymgr event logs Event Logs 1 Tue Mar 13 2007 19 15 55 CORRUPT_PACKET source vlan200 udp Src 157 235 188 241 Dst 157 235 188 255 Src Port 137 Dst Port 137 IP TTL less than required traceroute RFS7000 event logs Displays securitymgr event logs ...

Page 126: ...lege Global Config Syntax show sessions Parameters None Example RFS7000 config show sessions SESSION USER LOCATION IDLE START TIME 1 cli Console 10 18m Feb 19 13 31 42 2007 2 cli xxx xxx xxx xxx 00 00m Feb 19 14 48 24 2007 RFS7000 config ...

Page 127: ... sa2 portfast bpdu guard default Current portfast bpdu guard off sa2 portfast bpdu filter default Current portfast bpdu filter on sa2 no root guard configured Current root guard off sa2 Configured Link Type point to point Current shared tunnel27 Port 6 Id 8006 Role Designated State Forwarding tunnel27 Designated External Path Cost 0 Internal Path Cost 0 tunnel27 Configured Path Cost 20000000 Add t...

Page 128: ... External Path Cost 0 Internal Path Cost 0 ge1 Configured Path Cost 20000000 Add type Explicit ref count 1 ge1 Designated Port Id 0 CST Priority 128 ge1 CIST Root 0000000000000000 ge1 Regional Root 0000000000000000 ge1 Designated Bridge 0000000000000000 ge1 Message Age 0 Max Age 0 ge1 CIST Hello Time 0 Forward Delay 0 ge1 CIST Forward Timer 0 Msg Age Timer 0 Hello Timer 0 ge1 Version Multiple Span...

Page 129: ...g Age Timer 0 Hello Timer 0 ge4 Version Multiple Spanning Tree Protocol Received None Send STP ge4 No portfast configured Current portfast off ge4 portfast bpdu guard default Current portfast bpdu guard off ge4 portfast bpdu filter default Current portfast bpdu filter on ge4 no root guard configured Current root guard off ge4 Configured Link Type point to point Current shared ge2 Port 2002 Id 87d2...

Page 130: ...Overview 2 100 ge1 no root guard configured Current root guard off ge1 Configured Link Type point to point Current shared RFS7000 config ...

Page 131: ... code logging console 7 snmp server manager v2 snmp server manager v3 snmp server user snmptrap v3 encrypted auth md5 0x218d29df4dfde16bdec86f22cb11bc1a snmp server user snmpmanager v3 encrypted auth md5 0x218d29df4dfde16bdec86f22cb11bc1a snmp server user snmpoperator v3 encrypted auth md5 0xd9f4ec243f05174c68efb24234f16f0a ip http server ip http secure trustpoint default trustpoint ip http secure...

Page 132: ...bal Config Use the show static channel group privileged EXEC command to display configured static channel groups Syntax show static channel group Parameters None Example RFS7000 config show static channel group Static Aggregator sa2 Member ge3 RFS7000 config ...

Page 133: ... full tmp is 5 percent full Free Memory 151944 kB FWU invoked via Linux shell Running from partition dev hda6 partition to update is dev hda5 Reading image file header Removing other partition Added 3 0 0 0 180B Making file system Extracting files this can take some time Version of firmware update file is 3 0 0 0 200B Creating LILO files Running LILO Added 3 0 0 0 180B Added 3 0 0 0 200B Successfu...

Page 134: ...wlan acl 102 WLAN port 102 Inbound IP Access List 110 Inbound MAC Access List Outbound IP Access List Outbound MAC Access List RFS7000 config 1 256 Displays ACLs attached to the specified WLAN ID all Displays ACLs attached to WLAN port NOTE The above example applies ACL 110 to a WLAN index 102 in inbound direction ...

Page 135: ...vailable at the user level are a subset of those available at the privileged level In general the user EXEC commands allow you to connect to remote devices perform basic tests and list system information To list available USER EXEC commands use the at the command prompt The USER EXEC mode prompt consists of the device host name followed by an angle bracket The default host name is generally RFS700...

Page 136: ...urns off privileged mode page 3 7 enable Turns on privileged mode page 3 8 exit Ends the current mode and moves to the previous mode page 2 10 help Description of the interactive help system page 2 11 logout Exits the EXEC mode page 3 9 no Negates a command or sets defaults page 2 12 page Toggle paging page 3 10 quit Exits the current mode and moves to the previous mode page 3 11 service Displays ...

Page 137: ...etected protocols bridge interface Parameters aclstats Clears ACL statistics alarm log 1 65535 acknowledged all new Clears alarm log 1 65535 Clears specific alarm id acknowledged Clear acknowledged alarms all Clears all alarms new Clears new alarms arp cache Clears ARP cache crypto ipsec isakmp sa A B C D Clears encryption subsystem ipsec Flushes IPSec SA isakmp Flushes the ISAKMP database sa Clea...

Page 138: ...rs all multicast entries static Clears all entries configured through management address Clears the specified MAC Address bridge Bridges group commands interface Clears all mac address for the specified vlan vlan Clears all mac address for the specified interface mobility Clears mobility attributes event log Clears mobility attirbutes from event log of mobile unit Mobile unit event logs peer Peer ...

Page 139: ...t Seen Mar 15 16 25 00 2008 Number of HB sent 38044 Number of HB received 3 Number of Update sent 0 Number of Update received 0 Member Standby Mode Primary Member AP adoption count 0 Member Installed License Count 0 Member Radio portal Count 0 Member Associated MU Count 0 Member Rogue AP detected Count 0 Member Self Healing AP Count 0 Member Switch Adopt Capacity 0 Member Running Image Version RFS...

Page 140: ...ebug certmgr all RFS7000 RFS7000 debug certmgr error RFS7000 RFS7000 debug certmgr info RFS7000 certmgr Certificate manager debugging messages ip Internet Protocol IP https Secure HTTP HTTPS server ssh Secured Shell SSH server mobility L3 Mobility cc ccserver events error Error forwarding Dataplane forwarding mu MU events and state changes packet Control packets peer Peer establishment system Syst...

Page 141: ...3 7 3 1 4 disable User Exec Commands Enable the PRIV mode to use this command Then use the disable command to exit the PRIV mode Syntax disable Parameters None Example RFS7000 disable RFS7000 ...

Page 142: ...Overview 3 8 3 1 5 enable User Exec Commands Use this command to enter the PRIV mode Syntax enable Parameters None Example RFS7000 enable ...

Page 143: ... 9 3 1 6 logout User Exec Commands Use this command instead of the exit command to exit the EXEC mode Syntax logout Parameters None Example The RFS7000 Series Switch logs off on execution of this command ...

Page 144: ...ow running config configuration of RFS7000 version 1 0 1 0 005D version 1 0 service prompt crash info username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507d username admin privilege superuser access list 110 permit ip 192 168 1 0 24 192 168 100 0 24 rule precedence 5 access list 110 permit ip 192 168 63 0 24 192 168 100 0 24 rule precedence 63 access list 110 permit ip 192 168 157 0 24...

Page 145: ...3 11 3 1 8 quit User Exec Commands Use this command to exit the current mode and move back to the previous mode Syntax quit Parameters None Example The switch logs off upon execution of this command ...

Page 146: ...e logging configuration and buffer information mac Displays MAC access list assignment mac address table Displays the MAC address table management Displays L3 Managment Interface name mobility Displays mobility parameters ntp Displays the network time protocol port channel Displays port channel commands privilege Displays the current privilege level radius Displays RADIUS configuration commands re...

Page 147: ...erver Display SNMP engine parameters sole Smart Opportunistic Location Engine Configuration spanning tree Display spanning tree information static channel group static channel group membership terminal Display terminal configuration parameters timezone Display timezone users Display information about currently logged in users version Display software hardware version wireless Wireless configuratio...

Page 148: ...235 208 122 24 broadcast 157 235 208 255 input packets 138225 bytes 39061067 dropped 0 multicast packets 0 input errors 0 length 0 overrun 0 CRC 0 frame 0 fifo 0 missed 0 output packets 4642 bytes 424662 dropped 0 output errors 0 aborted 0 carrier 0 fifo 0 heartbeat 0 window 0 collisions 0 Interface vlan1 Hardware Type VLAN Interface Mode Layer 3 address is 00 15 70 37 fc 8f index 5 metric 1 mtu 1...

Page 149: ...w 0 Interface ge4 Hardware Type Ethernet Interface Mode Layer 2 address is 00 15 70 37 fc 92 index 2004 metric 1 mtu 1500 HAL IF UP BROADCAST MULTICAST Speed Admin Auto Operational Unknown Maximum 1G Duplex Admin Auto Operational Unknown Active Medium Unknown Switchport Settings Mode Access Access Vlan 1 input packets 0 bytes 0 dropped 0 multicast packets 0 input errors 0 length 0 overrun 0 CRC 0 ...

Page 150: ...Overview 3 16 RFS7000 show management Mgmt Interface vlan1 Management access permitted via any vlan interface RFS7000 ...

Page 151: ...me of the device followed by a pound sign To access PRIV EXEC mode enter the following command at the prompt RFS7000 enable The PRIV EXEC mode is sometimes referred to as enable mode because the enable command is used to enter the mode If a password has been configured on the system you are prompted to enter the password before you are allowed access to privileged EXEC mode The password is not dis...

Page 152: ...to another page 4 14 debug Debugging functions page 4 16 delete Deletes a specified file from the system page 4 18 diff Displays the differences between two files page 4 19 dir Lists files on a file system page 4 20 disable Turns off a privileged mode command page 4 21 edit Edits a text file page 4 22 enable Turns on the privileged mode command page 4 23 erase Erases a filesystem page 4 24 exit En...

Page 153: ...enames a file page 4 35 rmdir Deletes a directory page 4 36 service Displays service commands page 2 14 show Shows system information page 4 37 telnet Opens a telnet connection page 4 40 terminal Shows running system information page 2 27 traceroute Traces a route to a destination page 4 41 upgrade Upgrades the software image page 4 42 upgrade abort Aborts the upgrade process page 4 44 write Write...

Page 154: ...alarm log 1 65535 all Parameters Example RFS7000 acknowledge alarm log all No corresponding record found in the Alarm Log RFS7000 acknowledge alarm log 200 No corresponding record found in the Alarm Log RFS7000 alarm log Acknowledges an alarm 1 65535 Acknowledges specific alarm id all Acknowledges all alarms ...

Page 155: ... passwd hostname port or IP path file http hostname port or IP path file sftp user hostname port or IP path file RFS7000 archive tar Manipulates creates lists or extracts a tar file table Lists files in a tar file create Creates a tar file xtract Extracts files from a tar file FILE Tar filename The file can exist in flash path file cf path file usb1 path file usb2 path file URL Tar file URL The fi...

Page 156: ...e flash out tar flash log tar Removing leading from member names flash log flash log snmpd log flash log messages log flash log startup log flash log radius RFS7000 dir flash Viewing the output tar file Directory of flash drwx 1024 Thu Aug 17 08 25 50 2006 hotspot drwx 120 Fri Sep 8 12 27 20 2006 log drwx 1024 Thu Sep 7 16 23 34 2006 crashinfo drwx 1024 Wed Aug 23 15 30 19 2006 backup rw 173056 Fr...

Page 157: ...e RFS7000 cd nvram system flash RFS7000 cd flash DIR Change current directory to DIR RFS7000 cd flash flash backup flash crashinfo flash hotspot flash log flash out RFS7000 cd flash log DIR Change current directory to DIR RFS7000 cd flash log RFS7000 pwd flash log RFS7000 DIR Changes the current directory to DIR ...

Page 158: ...or the old password and new password fields Ensure the console displays the password successfully changed message Example RFS7000 change passwd Enter old password Enter new password Password for user admin changed successfully RFS7000 NOTE The console by default does not display any user entered keyword for the old pasword and new password fields Leaving the old password and new password fields em...

Page 159: ...arms all Clears all alarms new Clears new alarms arp cache Clears the Arp cache ip dhcp binding A B C D Clears the Internet Protocol IP of DHCP dhcp DHCP Server configuration binding DHCP Address bindings Clears all bindings A B C D Clear a specific binding logging Modifies message logging facilities mac address table dynamic multicast static address bridge 1 32 interface vlan Clears layer 2 MAC e...

Page 160: ... database home database peer statistics Peer IP Address Clears mobility attributes event log Clears all event logs mobile unit Mobile unit event logs peer Peer event logs mobile unit Clears a mobile unit AA BB CC DD EE FF MAC address of the mobile unit all All mobile units Home and Foreign foreign database Mobile units present in the foreign mobile unit database home database Mobile units present ...

Page 161: ...se this command to configure the software system clock Syntax clock set HH MM SS 1 31 MONTH 1993 2035 Parameters Example RFS7000 clock set 15 10 30 08 Sep 2006 RFS7000 show clock Sep 08 15 10 31 UTC 2006 set Sets the system date and time ...

Page 162: ... 24 54 2008 Member Last Seen Mar 15 16 25 00 2008 Number of HB sent 38044 Number of HB received 3 Number of Update sent 0 Number of Update received 0 Member Standby Mode Primary Member AP adoption count 0 Member Installed License Count 0 Member Radio portal Count 0 Member Associated MU Count 0 Member Rogue AP detected Count 0 Member Self Healing AP Count 0 Member Switch Adopt Capacity 0 Member Run...

Page 163: ...nd Use this command to move into the configuration mode Syntax configure terminal Parameters Example RFS7000 configure terminal Enter configuration commands one per line End with CNTL Z RFS7000 config terminal Configures from the terminal ...

Page 164: ...g file merges it with the existing running config Both the exisitng running config and the new config file are applied as the current running config of the switch Copying a new config file onto a start up config file replaces the exisitng start up config file with the parameters of the new config file It is always better to erase the existing start up file from the switch and then copy the new con...

Page 165: ...og to remote tftp server RFS7000 copy flash log snmpd log tftp 157 235 208 105 snmpd log Accessing running config file from remote tftp server into switchrunning config RFS7000 copy tftp 157 235 208 105 running config running config ...

Page 166: ...m all errors heartbeats init proc shutdown subagent sys debug radius all err info warn debug redundancy all ccmsg config errors general heartbeats init packets proc shutdown states subagent timer warnings debug securitymgr all debug error ikeerror pmdebug pmerror Parameters all Enables debugging functionalities cc Cellcontroller wireless debugging messages ccstats Cellcontroller wireless debugging...

Page 167: ...ges imi Integrated Management Interface ip Internet Protocol IP logging Modify message logging facilities mgmt Mgmt daemon mobility L3 Mobility mstp Multiple Spanning Tree Protocol MSTP nsm Network Service Module NSM pktdrvr Pktdrvr kernel wireless debugging messages pm Process Monitor radius RADIUS server debugging messages redundancy Redundancy Protocol debugging messages securitymgr Security Ma...

Page 168: ... delete RFS7000 delete flash out tar flash out tar gz Delete flash out tar y n y Delete flash out tar gz y n y RFS7000 delete force flash tmp txt RFS7000 RFS7000 delete recursive flash backup Delete flash backup fileMgmt_350_180B core y n y Delete flash backup fileMgmt_350_18212X core_bk y n n Delete flash backup imish_1087_18381X core gz y n n RFS7000 force Forces deletion without a prompt recurs...

Page 169: ...type wep128 wlan 1 encryption type tkip wlan 1 authentication type eap wlan 1 mobility enable wlan 1 radius server primary 127 0 0 1 184 10 184 12 rad user adam password 0 mypassword rad user eve password 0 mypassword123 rad user sumi password 0 mypassword rad user test password 0 mypassword123 rad user vasavi password 0 mypassword123 group kumar2 rad user sumi policy wlan 2 policy vlan 44 policy ...

Page 170: ...ue Jul 25 15 16 41 2006 Radius config rw 14271 Wed Jul 26 15 42 08 2006 flash drwx 1024 Wed Aug 9 17 35 08 2006 radius rw 3426 Wed Jul 26 16 08 02 2006 running config new rw 13163 Wed Jul 26 16 08 42 2006 radius config rw 80898 Thu Aug 17 14 59 39 2006 cli_commands txt rw 65015 Fri Aug 11 19 57 37 2006 cli_commands txtli_commands txt rw 65154 Thu Aug 17 15 11 23 2006 cli_commands_180B txt RFS7000 ...

Page 171: ...4 21 4 1 14 disable Priv Exec Command Use this command to exit the Exec mode Syntax disable Parameters None Example RFS7000 disable RFS7000 ...

Page 172: ... ss ss crypto pki trustpoint thippeswamy subject name TestPool US OH PB MOTOROLA WID fqdn RetailKing com email abcTestmailid motorola com rsakey were company name RetailKing password 2 1QMdio rj0xoNM5zCnhFxlwvXMOIkDNwolSFg0N9hgBA country code us logging console 7 snmp server sysname RFS7000 snmp server manager v2 snmp server manager v3 snmp server user snmptrap v3 encrypted auth md5 0xe111883194e1...

Page 173: ...4 23 4 1 16 enable Priv Exec Command Use this command to turn on the privileged mode command Syntax enable Parameters None Example RFS7000 enable RFS7000 ...

Page 174: ...ything in flash nvram Erase everything in nvram startup config Reset configuration to factory default usb1 Erase everything in usb1 usb2 Erase everything in usb2 RFS7000 erase cf Erases contents of compact flash flash Erases contents of flash nvram Erases contents of nvram startup config Resets the switch configuration to factory default settings usb1 Erases everything in usb1 usb2 Erases everythi...

Page 175: ...d is similar to reload commad The only diffrence is that halt command stops the switch and reload stops and restarts the switch Syntax kill Parameters None Example RFS7000 halt Wireless switch will be halted do you want to continue y n y Do you want to save current configuration y n ...

Page 176: ...SER LOCATION IDLE START TIME 1 cli Console 00 00m Apr 16 20 58 58 2007 2 root xxx xxx xxx x9 00 01m Apr 16 21 00 06 2007 RFS7000 RFS7000 kill session 1 Please press Enter to activate this console RFS7000 login cli User Access Verification Username admin Password Welcome to CLI RFS7000 enable RFS7000 session Active session There are 16 active sessions which can be terminated ...

Page 177: ...4 27 4 1 20 logout Priv Exec Command Use this command to exit the EXEC mode Syntax logout Parameters None Example RFS7000 logout Please press Enter to activate this console ...

Page 178: ...Overview 4 28 4 1 21 mkdir Priv Exec Command Use this command to create a new directory in the filesystem Syntax mkdir DIR Parameters Example RFS7000 mkdir TestDIR RFS7000 DIR Directory name ...

Page 179: ...06 AUTH 6 INFO login 328 root login on ttyS0 from Console Sep 08 12 27 47 2006 IMI 5 USERAUTHSUCCESS User admin logged in with role of superuser from auth source local Sep 08 12 28 01 2006 NSM 6 DHCPDEFRT Default route with gateway 157 235 208 246 learnt via DHCP Sep 08 12 28 01 2006 NSM 6 DHCPIP Interface vlan1 acquired IP address 157 235 208 93 24 via DHCP Sep 08 12 29 07 2006 CC 5 RADIOADOPTED ...

Page 180: ...show running config configuration of RFS7000 version 1 0 1 0 005D version 1 0 service prompt crash info username admin password 1 8e67bb26b358e2ed20fe552ed6fb832f397a507d username admin privilege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931f spanning tree mst cisco interoperability enable spanning tree mst config name My Name no country code snmp server manager v2...

Page 181: ...0 ttl 64 time 2 3 ms 128 bytes from 111 222 222 39 icmp_seq 1 ttl 64 time 0 2 ms 128 bytes from 111 222 222 39 icmp_seq 2 ttl 64 time 0 3 ms 128 bytes from 111 222 222 39 icmp_seq 3 ttl 64 time 0 2 ms 128 bytes from 111 222 222 39 icmp_seq 4 ttl 64 time 0 1 ms 157 235 208 39 ping statistics 5 packets transmitted 5 packets received 0 packet loss round trip min avg max 0 1 0 6 2 3 ms RFS7000 IP addr...

Page 182: ...Overview 4 32 4 1 25 pwd Priv Exec Command Use this command to view the contents of the current directory Syntax pwd Parameters None Example RFS7000 pwd flash RFS7000 ...

Page 183: ...quit Priv Exec Command Use this command to exit the current mode and move to the previous mode Syntax quit Parameters None Example RFS7000 quit RFS7000 release 1 0 1 0 005D Login as cli to access CLI RFS7000 login ...

Page 184: ...d by administrator Please stand by while rebooting the system BootOS c 2004 2007 Symbol Technologies All rights reserved version 1 0 1 0 005D booting from NAND image1 Note qchip watchdog is disabled 0 ddr2 c 540 configure_ddr2 Clamping DIMM 0 speed at 533MHz Loading runtime image 1 Running Primary software version 1 0 1 0 005D Alternate software Secondary version 1 0 0 0 357R Software fallback fea...

Page 185: ...rashinfo rw 14271 Tue Jul 25 15 16 41 2006 Radius config rw 14271 Wed Jul 26 15 42 08 2006 flash drwx 1024 Wed Aug 9 17 35 08 2006 radius rw 3426 Wed Jul 26 16 08 02 2006 running config new rw 13163 Wed Jul 26 16 08 42 2006 radius config rw 80898 Thu Aug 17 14 59 39 2006 cli_commands txt rw 65015 Fri Aug 11 19 57 37 2006 cli_commands txtli_commands txt rw 65154 Thu Aug 17 15 11 23 2006 cli_command...

Page 186: ...2006 crashinfo rw 14271 Tue Jul 25 15 16 41 2006 Radius config rw 14271 Wed Jul 26 15 42 08 2006 flash drwx 1024 Wed Aug 9 17 35 08 2006 radius rw 3426 Wed Jul 26 16 08 02 2006 running config new rw 13163 Wed Jul 26 16 08 42 2006 radius config rw 80898 Thu Aug 17 14 59 39 2006 cli_commands txt rw 65015 Fri Aug 11 19 57 37 2006 cli_commands txtli_commands txt rw 65154 Thu Aug 17 15 11 23 2006 cli_c...

Page 187: ...ommands debugging Displays debugging information outputs dhcp Displays the DHCP Server configuration environment Displays environmental information file Displays filesystem information ftp Displays the FTP server configuration history Displays the session command history interfaces Displays interface status ip Displays Internet Protocol IP address ldap Displays LDAP server data licenses Displays i...

Page 188: ... transition history of the switch redundancy members Displays redundancy group members in detail running config Displays the current operating configuration securitymgr Displays securitymgr parameters sessions Displays current active open connections snmp Displays SNMP engine parameters snmp server Displays SNMP engine parameters sole Displays Smart Opportunistic Location Engine SOLE configuration...

Page 189: ...edundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group members in detail running config Current Operating configuration securitymgr Securitymgr parameters sessions Display current active open connections snmp Display SNMP engine parameters snmp server Display SNMP engine parameters sole Smart Opportunistic Location E...

Page 190: ... session Syntax telnet IP address hostname Parameters Example RFS7000 telnet 157 111 222 33 Entering character mode Escape character is Red Hat Linux release 9 Shrike Kernel 2 4 20 6bigmem on an i686 login cli Password IP address host name IP address or hostname of a remote system ...

Page 191: ... Syntax traceroute WORD ip WORD Parameters Example RFS7000 traceroute 157 222 333 33 traceroute to 157 235 208 39 157 235 208 39 30 hops max 38 byte packets 1 157 235 208 39 157 235 208 39 0 466 ms 0 363 ms 0 226 ms RFS7000 WORD Traces the route to a destination address or hostname ip IP trace ...

Page 192: ...rtition to update is dev hda6 Reading image file header Removing other partition Sep 08 15 57 18 2006 KERN 6 INFO EXT3 FS on hda1 internal journal Making file system Extracting files this can take some time Sep 08 15 57 23 2006 KERN 6 INFO kjournald starting Commit interval 5 seconds Sep 08 15 57 23 2006 KERN 6 INFO EXT3 FS on hda6 internal journal Sep 08 15 57 23 2006 KERN 6 INFO EXT3 fs mounted ...

Page 193: ...gd is not responding Version of firmware update file is 1 0 0 0 264B Sep 08 15 58 44 2006 KERN 6 INFO EXT3 FS on hda1 internal journal Creating LILO files Running LILO Successful Sep 08 15 58 46 2006 FWU 6 FWUDONE Firmware update successful new version is 1 0 0 0 264B RFS7000 ...

Page 194: ...ng maximal mount count reached running e2fsck is recommended Sep 08 16 01 38 2006 KERN 6 INFO EXT3 FS on hda1 internal journal KERN 6 INFO kjournald starting Commit interval 5 seconds Sep 08 16 01 43 2006 KERN 6 INFO EXT3 FS on hda6 internal journal Sep 08 16 01 43 2006 KERN 6 INFO EXT3 fs mounted filesystem with ordered data mode RFS7000 upgrade abort RFS7000 RFS7000 show upgrade status Last Imag...

Page 195: ...ege superuser username operator password 1 fe96dd39756ac41b74283a9292652d366d73931f username manager password 1 45b27d6483fc630981ad5096ff26a7956ce0c038 username manager privilege superuser no country code logging console 7 no logging on fallback enable ftp password 1 810a25d76c31e495cc070bdf42e076f7c9b0a1cd ip http server ip http secure trustpoint local ip http secure server ip ssh ip telnet snmp...

Page 196: ...Overview 4 46 ...

Page 197: ...ample below describes how to enter the global configuration mode from the privileged EXEC mode RFS7000 configure terminal RFS7000 config Commands entered in the global configuration mode update the running configuration file as soon as they are entered However these changes are not saved in the startup configuration file until a copy running config startup config EXEC mode command is issued NOTE T...

Page 198: ...Runs commands from EXEC mode page 5 21 end Ends the current mode and change to the EXEC mode page 5 22 errdisable Enables the timeour mechanism for the port page 5 23 exit Ends the current mode and moves down to the previous mode page 2 10 format Formats file system page 5 24 ftp Configures FTP server page 5 25 help Description of the interactive help system page 2 11 hostname Sets the system s ne...

Page 199: ...mation Refer to Global Config show commands page 5 49 snmp server Modifies SNMP engine parameters page 5 53 sole Configures the Smart Opportunistic Location Engine SOLE configuration page 5 64 spanning tree Spanning tree commands page 5 65 timezone Configures the timezone page 5 68 username Establishes user name authentication page 5 69 vpn Configures VPN commands page 5 70 wireless Configures wir...

Page 200: ...ser authentication must be performed against a loacl user database or an external RADIUS server Example RFS7000 config username motorolaadmin password motorola RFS7000 config username motorolaadmin privilege superuser RFS7000 config aaa authentication login default local RFS7000 config authentication Authentication configuration parameters login Sets an authentication list for logins default The d...

Page 201: ...2000 2699 deny permit mark dot1p 0 7 tos 0 255 icmp source source mask host source any destination destination mask host destination any icmp type icmp type icmp code log rule precedence access list entry precedence access list 100 199 2000 2699 deny permit mark dot1p 0 7 tos 0 255 tcp udp source source mask host source any operator source port destination destination mask host destination any ope...

Page 202: ...y type of service tos values A B C D M host A B C D any Source is the source address of the network or host in dotted decimal Source mask is the network mask For example 10 1 1 10 24 indicates the first 24 bits of the source IP are used for matching The keyword any is an abbreviation for a source IP of 0 0 0 0 and source mask bits equal to 0 The keyword host is an abbreviation for exact source A B...

Page 203: ...p Specify ip to match any protocol source source mask host source any Source is the source address of the network or host in dotted decimal Source mask is the network mask For example 10 1 1 10 24 indicates the first 24 bits of the source IP are used for matching The keyword any is an abbreviation for source IP of 0 0 0 0 and source mask bits equal to 0 The keyword host is an abbreviation for exac...

Page 204: ...l Source mask is the network mask For example 10 1 1 10 24 indicates the first 24 bits of the source IP are used for matching The keyword any is an abbreviation for source an IP of 0 0 0 0 and source mask bits equal to 0 The keyword host is an abbreviation for exact source A B C D and source mask bits equal to 32 destination destination mask host destination any The destination host IP address or ...

Page 205: ...ark dot1p 0 7 tos 0 255 Action types on an ACL The action type mark is functional only over a Port ACL tcp udp Specifies tcp or udp as the protocol source source mask host source any Source is the source address of the network or host in dotted decimal Source mask is the network mask For e g 10 1 1 10 24 indicates that the first 24 bits of the source IP are used for matching any is an abbreviation...

Page 206: ...list 101 permit ip 192 168 1 0 24 192 168 2 0 24 RFS7000 config The example below creates an extended access list to permit tcp traffic between two networks with a destination port range between 20 and 23 RFS7000 config access list 101 permit tcp 192 168 1 0 24 192 168 2 0 24 range 20 23 RFS7000 config The example below denies icmp traffic from any source to any destination RFS7000 config access l...

Page 207: ...ath file ftp user passwd hostname port or IP path file http hostname port or IP path file cf path file usb1 path file usb2 path file RFS7000 config RFS7000 config autoinstall image url URL Remote external location of the file URLs tftp hostname port or IP path file ftp user passwd hostname port or IP path file http hostname port or IP path file cf path file usb1 path file usb2 path file RFS7000 co...

Page 208: ... press Enter to activate this console RFS7000 login cli Welcome to my RFS7000 CLI User Access Verification Username admin Password Welcome to my RFS7000 CLI RFS7000 RFS7000 config banner motd default RFS7000 config exit RFS7000 exit Please press Enter to activate this console RFS7000 login cli Welcome to CLI User Access Verification Username admin Password Welcome to CLI RFS7000 motd Sets the mess...

Page 209: ...ndary Parameters Example RFS7000 config boot system primary Wireless switch will be rebooted do you want to continue y n y Do you want to save the configuration y n y The system is going down NOW Connection is closed by administrator Please stand by while rebooting the system system Specifies the boot image used after reboot primary Specifies the primary image secondary Specifies the secondary ima...

Page 210: ... and change all ports to forwarding state Example RFS7000 config bridge multiple spanning tree enable RFS7000 config 1 32 address ageing time The bridge groups available for bridging address Address of the selected bridge group ageing time Time a learned MAC address persists after last update address MAC discard forward NAME fe ge sa tunnel vlan MAC address of the interface selected for bridging T...

Page 211: ...ralia ba Bosnia Herzegovina be Belgium bg Bulgaria bh Bahrain bm Bermuda br Brazil bs Bahamas by Belarus ca Canada ch Switzerland cl Chile cn China co Colombia cr Costa Rica cy Cyprus cz Czech Republic de Germany dk Denmark do Dominican Republic ec Ecuador ee Estonia eg Egypt es Spain fi Finland fr France gb United Kingdom gr Greece gt Guatemala gu Guam hk Hong Kong hn Honduras hr Croatia ht Haiti...

Page 212: ...ia nl Netherlands no Norway nz New Zealand om Oman pe Peru ph Philippines pk Pakistan pl Poland pt Portugal qa Qatar ro Romania ru Russia sa Saudi Arabia se Sweden sg Singapore si Slovenia sk Slovak Republic th Thailand tr Turkey tw Taiwan ua Ukraine us United States uy Uruguay ve Venezuela vn Vietnam za South Africa RFS7000 config country code ...

Page 213: ...me request self signed crypto pki import export name request trustpoint URL NOTE crypto isakmp policy Priority leads you to config crypto isakmp instance For more details see Crypto isakmp Instance on page 6 1 crypto isakmp client configuration group default leads you to config crypto group instance For more details see Crypto group Instance on page 7 1 crypto isakmp peer IP Address leads you to c...

Page 214: ... duration Minimum is 500 KB and maximum is 2147483646 KB seconds Time based key duration Minimum is 90 seconds and maximum is 2147483646 seconds transform set set name Uses the crypto ipsec transform set command to define the transform configuration for securing data ah md5 hmac ah sha hmac esp 3des esp aes esp aes 192 esp aes 256 esp des esp md5 hmac esp sha hmac The transform set is then assigne...

Page 215: ...Name hostname The identity of remote peer is hostname policy 1 10000 Set policy for an ISAKMP protection suite key export generate import zeroize Authentication key management export rsa name URL tftp ftp Exports a keypair related configuration generate rsa name 1024 2048 Generates a keypair 1024 2048 Size of keypair in bit import rsa name URL tftp ftp Imports keypair related configuration zeroize...

Page 216: ...icable only for request rsakeypair Rsa Keypair to associate with the trustpoint service Service Commands show Show running system information subject name Subject Name is a collection of required parameters to configure a trustpoint RFS7000 config trustpoint pki authenticate enroll export import trustpoint Configures certificate parameters The public key infrastructure is a protocol that creates e...

Page 217: ...m 157 235 208 69 icmp_seq 0 ttl 64 time 0 1 ms 128 bytes from 157 235 208 69 icmp_seq 1 ttl 64 time 0 0 ms 128 bytes from 157 235 208 69 icmp_seq 2 ttl 64 time 0 0 ms 128 bytes from 157 235 208 69 icmp_seq 3 ttl 64 time 0 0 ms 128 bytes from 157 235 208 69 icmp_seq 4 ttl 64 time 0 0 ms 157 235 208 69 ping statistics 5 packets transmitted 5 packets received 0 packet loss round trip min avg max 0 0 ...

Page 218: ...and to end the current mode and change to the Exec mode Syntax end Parameters None Example RFS7000 config end RFS7000 Priv Exec commands acknowledge Acknowledge alarms archive Manage archive files autoinstall autoinstall configuration command cd Change current directory ...

Page 219: ...m for the port Example RFS7000 config errdisable recovery interval 100 RFS7000 config RFS7000 config errdisable recovery cause bpduguard RFS7000 config RFS7000 config no errdisable recovery cause bpduguard RFS7000 config recovery Enables the timeout mechanism for the port to be enabled back cause bpduguard Reason for errdisable bpduguard Recover from errdisable due to bpduguard interval 10 1000000...

Page 220: ...rview 5 24 5 1 12 format Global Configuration Commands Use this command to format the Compact Flash CF card Syntax format Parameters Example RFS7000 config format cf RFS7000 config cf Formats compact flash ...

Page 221: ...ample RFS7000 config ftp enable RFS7000 config enable Enables FTP server password Configures a FTP password Set the password using one of the folllowing 0 Password is specified UNENCRYPTED 1 Password is encrypted with SHA1 algorithm LINE Password rootdir Configures the FTP root dir Set the ROOT directory location of the FTP server using DIR Sets root dir of the ftp server ...

Page 222: ...e Global Configuration Commands Use this command to change the system s network name Syntax hostname WORD Parameters Example RFS7000 config hostname Eldorado Eldorado config WORD Use this command to provide a name for the network ...

Page 223: ...g interface me1 RFS7000 config if RFS7000 config interface ge 3 RFS7000 config if RFS7000 config interface sa 2 RFS7000 config if RFS7000 config interface tunnel 27 RFS7000 config if RFS7000 config interface vlan 400 RFS7000 config if NOTE The interface mode leads to the config if instance For additional information see Interface Instance on page 12 1 The prompt changes from RFS7000 config to RFS7...

Page 224: ...re trustpoint WORD server localhost ip local pool default low ip address A B C D ip name server A B C D ip nat inside outside source list access list name interface interface name overload ip nat inside outside source destination static local ip tcp udp 1 65535 nat ip 1 65535 ip route A B C D A B C D M next hop ip routing ip ssh port rsa ip ssh port 0 65536 ip ssh rsa keypair name WORD ip telnet p...

Page 225: ... Server from assigning certain addresses A B C D Low IP Address option Defines the DHCP server option name ping Specifies the ping parameters used by DHCP server timeout Specifies a ping timeout between 1 10 seconds pool Configures the DHCP Server address pool restart Restarts DHCP Server to get the DHCP config changes into effect domain lookup Enables DNS based name to address translation on the ...

Page 226: ...address of the traffic gets translated to the IP address of the selected interface Note Use this command to configure port NAT Syntax ip nat inside outside source list access list name overload interface interface name inside outside Defines the interface as private inside or public external NAT translations refer to this keyword to identify translations applied to incoming packets on an interface...

Page 227: ...st on a public network to communicate with the host on the private network using its public IP Port NAT maps multiple local addresses to a single global address and dynamic port numbers Use ip nat inside to mark VLAN interfaces as an inside interface The keyword inside defines the VLAN interface as internal interface This command is used in the config if mode check ip on page 12 9 for more detials...

Page 228: ... classes with a pool RFS7000 config dhcp class RFS7000DHCPclass RFS7000 config dhcp class 5 The switch leads you to a new mode config dhcp class Use this mode to add an address range used for the DHCP class associated with the pool RFS7000 config dhcp class address range 11 22 33 44 Example The example below creates a named extended IP access list RFS7000 config ip access list extended TestACL RFS...

Page 229: ... to display the details of the license Syntax license Parameters Example RFS7000 config show licenses Serial Number 6283529900020 feature license string license value usage AP 256 4 RFS7000 config WORD Enter the name of the feature for which you wish to add a license ...

Page 230: ...ration Commands Use this command to configure the terminal line Syntax line console vty Parameters NOTE The line vty command moves to the config line instance console Primary terminal line vty Virtual terminal Configure a value between 0 871 ...

Page 231: ...er authentication Syntax local username password Parameters Example RFS7000 config local username SuperAdmin password Superuser RFS7000 config username Enter local user name The username can be a string of up to 64 characters password Enter local user password The password can be a string of up to 21 characters ...

Page 232: ... severity 1 critical Critical conditions severity 2 debugging Debugging messages severity 7 emergencies System is unusable severity 0 errors Error conditions severity 3 informational Informational messages severity 6 notifications Normal but significant conditions severity 5 warnings Warning conditions severity 4 console Sets the console logging level alerts Immediate action needed severity 1 crit...

Page 233: ...ty 1 critical Critical conditions severity 2 debugging Debugging messages severity 7 emergencies System is unusable severity 0 errors Error conditions severity 3 informational Informational messages severity 6 notifications Normal but significant conditions severity 5 warnings Warning conditions severity 4 on Enables the logging of system messages syslog Sets the syslog servers logging level alert...

Page 234: ...ended or MAC ACL use no access list access list name under the Global Config mode Example RFS7000 config mac access list extended Test1 RFS7000 config ext macl access list extended name Enter a name for MAC extended ACL NOTE By using the mac access list parameter the following context is supplied ext macl Extended MAC ACL For additional information see Extended MAC ACL Instance on page 16 1 ...

Page 235: ...iguration Commands Use this command to set management interface properties Syntax management secure Parameters Example RFS7000 config management secure RFS7000 config secure Limits local access Web Telnet etc to the management interface ...

Page 236: ... authentication key 1 65534 ntp autokey client only host ntp broadcast client destination ntp broadcast destination name key 1 65534 version 1 4 ntp broadcastdelay 1 999999 ntp master 1 15 ntp peer name ntp peer name autokey key prefer version ntp peer name autokey prefer version 1 4 ntp peer name key 1 65534 prefer version 1 4 ntp peer name prefer version 1 4 ntp peer name version 1 4 ntp server ...

Page 237: ...rusted time sources Select a key number between 1 and 65534 autokey Enables NTP autokey authentication scheme client only Switch is a client to other trusted hosts in the autokey group host Configures the switch as a trusted host broadcast Configures NTP broadcast service client Listens to NTP broadcasts destination ip address Configures broadcast destination address key 1 65534 Broadcast key Sele...

Page 238: ...onfigure NTP version cr RFS7000 config ntp peer TestPeer autokey prefer version 1 4 NTP version number RFS7000 config ntp peer TestPeer autokey prefer version 3 RFS7000 config RFS7000 config ntp peer TestPeer key 1 65534 Peer key number RFS7000 config ntp peer TestPeer key 20 prefer Prefer this peer when possible version Configure NTP version cr RFS7000 config ntp peer TestPeer key 20 prefer versi...

Page 239: ...mpt Global Configuration Commands Use this command to configure and set the system prompt Syntax prompt LINE Parameters Example RFS7000 config prompt NobleMan NobleMan LINE Enter the new prompt displayed by the switch ...

Page 240: ...ig radius server local RFS7000 config radsrv NOTE radius server local mode moves to the radius server context For more details see RADIUS Server Instance on page 19 1 host Specifies a RADIUS server A B C D IP address of RADIUS server key Encryption key shared with RADIUS servers 0 Password specified as UNENCRYPTED 2 Password is encrypted with password encryption secret LINE Text of shared key up t...

Page 241: ... auto revert period 1 1800 Sets the redundancy auto revert delay interval 1 1800 Auto revert delay interval in mins default is 5 dhcp server enable Enables DHCP Redundancy protocol discovery period Sets the redundancy discovery interval 10 60 Discovery time in secs default is 30 enable Enables the redundancy protocol group id Sets the redundancy cluster group Id 1 65535 Redundancy group Id handle ...

Page 242: ... redundancy heartbeat period 20 RFS7000 config RFS7000 config redundancy hold period 25 RFS7000 config RFS7000 config redundancy mode primary RFS7000 config member ip Adds a member to this redundancy group A B C D IP address of the member mode Sets the switch mode to either primary or standby primary Defines mode as primary standby Defines mode as standby ...

Page 243: ... sys restarts Maximum number of PM restarts because of a failed processes Select a value between 1 and 5 sys restart Enables PM to restart the system when a processes fails Note The process restart is one count less than what is configured prompt crash info Enables crash info prompt radius restart Enables the RADIUS server set command history 10 300 reboot history 10 100 upgrade history 10 100 Set...

Page 244: ... radius radius aaa authentication login default none local radius access list 1 99 deny A B C D M access list 1 99 1300 1999 deny permit mark 8021p 0 7 tos 0 255 A B C D M host A B C D any log rule precedence 1 5000 log access list 1 99 1300 1999 deny permit mark 8021p 0 7 tos 0 255 A B C D M host A B C D any log rule precedence 1 5000 rule precedence 1 5000 access list 1 99 1300 1999 deny permit ...

Page 245: ...isplays debugging information outputs dhcp Displays the DHCP Server configuration environment Displays environmental information file Displays filesystem information ftp Displays the FTP Server configuration history Displays the session command history interfaces Displays an interface status ip Displays the Internet Protocol IP address ldap Displays the LDAP server configuration licenses Displays ...

Page 246: ... include factory Include factory defaults Note If the AP MU locationing configuration has non default parameters it shows up here securitymgr Displays securitymgr parameters sessions Displays current active open connections snmp Displays SNMP engine parameters snmp server Displays SNMP server parameters sole Displays Smart Opportunistic Location Engine SOLE configuration spanning tree Displays spa...

Page 247: ...te transition history of the switch redundancy members Display redundancy group members in detail running config Current Operating configuration securitymgr Securitymgr parameters sessions Display current active open connections snmp Display SNMP engine parameters snmp server Display SNMP engine parameters sole Smart Opportunistic Location Engine Configuration spanning tree Display spanning tree i...

Page 248: ... ap300 radio 2 rss enable radio default 11a rss enable radio default 11bg rss enable radio default 11b rss enable radio 1 neighbor smart scan 1 ids anomaly detection bad essid frame enable service wireless map radios 1 service wireless legacy load balance enhanced beacon table enable enhanced beacon table max ap 5 enhanced beacon table scan interval 30 enhanced beacon table scan time 500 enhanced ...

Page 249: ...raps wireless ap detection externalAPDetected snmp server enable traps wireless ids muExcessiveEvents radioExcessiveEvents switchExcessiveEvents snmp server enable traps wireless radio adopted detectedRadar unadopted snmp server enable traps wireless self healing activated snmp server enable traps wireless station associated deniedAssociationAsPortCapacityReached deniedAssociationOnCapability deni...

Page 250: ...peed less than avg retry greater than avg signal less than gave up percent greater than nu percent greater than num mobile units greater than pktsps greater than tput greater than undecrypt percent greater than snmp server host host IP address v2c 1 65535 v3 1 65535 snmp server location LINE snmp server manager all v2 v3 snmp server sysname snmp server user snmpmanager snmpoperator snmptrap snmp s...

Page 251: ...HCP server down dhcpServerUp DHCP server up diagnostics Enables diagnostics traps cpuLoad15Min Average CPU load for last 15 minutes exceeds limit cpuLoad1Min Average CPU load for last minute exceeds limit cpuLoad5Min Average CPU load for last five minutes exceeds limit fanSpeedLow Fan speed below limit fileDescriptors File descriptor number exceeds limit ipRouteCache IP route cache size exceeds li...

Page 252: ...p Radius server up redundancy Enables redundancy traps adoptionExceeded Redundancy port adoption exceeded grpAuthLevelChanged Redundancygroupauthorizationlevel changed memberDown Redundancy member down memberMisConfigured Redundancy member mis configured memberUp Redundancy member up snmp Enables SNMP traps authenticationFail Enables authentication failure traps coldstart Enables coldStart trap li...

Page 253: ...ociationAsPortCapacityReached Denied association due to reached port capacity deniedAssociationOnCapability Denied association due to unsupported capability deniedAssociationOnErr Denied association due to internal error deniedAssociationOnInvalidWPAWPA2IE Denied association due to invalid absent WPA WPA2 IE deniedAssociationOnRates Denied association due to incompatible transmission rate deniedAs...

Page 254: ...than or equal to 120 00 gave up percent greater than Percentage of pkts dropped is greater than a decimal number greater than 0 00 and less than or equal to 100 00 nu percent greater than Percentage of non unicast pkts is greater than a decimal number greater than 0 00 and less than or equal to 100 00 num mobile units greater than Number of associated mobile unit is greater than a decimal number i...

Page 255: ...er than value Percentage of pkts dropped is greater than a decimal number greater than 0 00 and less than or equal to 100 00 nu percent greater than value Percentage of non unicast pkts is greater than a decimal number greater than 0 00 and less than or equal to 100 00 pktsps greater than value Packets per sec is greather than a decimal number greater than 0 00 and less than or equal to 100000 00 ...

Page 256: ...er than value Percentage of pkts dropped is greater than a decimal number greater than 0 00 and less than or equal to 100 00 nu percent greater than value Percentage of non unicast pkts is greater than a decimal number greater than 0 00 and less than or equal to 100 00 num mobile units greater than 1 8192 Number of associated mobile unit is greater than a decimal number in the range 1 8192 pktsps ...

Page 257: ...o 16 00 avg signal less than value Average signal in dBm is less than a decimal number less than 0 00 and greater than or equal to 120 00 gave up percent greater than value Percentage of pkts dropped is greater than a decimal number greater than 0 00 and less than or equal to 100 00 nu percent greater than value Percentage of non unicast pkts is greater than a decimal number greater than 0 00 and ...

Page 258: ...rver host IP address v2c 1 65535 Uses SNMP version 2c Select a host port number within the range of 1 65535 v3 1 65535 Uses SNMP version 3 Select a host port number within the range of 1 65535 location Text for mib object sysLocation manager Enables SNMP manager all Enables SNMP version v2 and v3 v2 Enables SNMP version v2 v3 Enables SNMP version v3 sysname SNMP system name user Defines a user who...

Page 259: ...fig snmp server enable traps wireless self healing activated RFS7000 config RFS7000 config snmp server enable traps wireless station tkipCounterMeasures RFS7000 config RFS7000 config snmp server enable traps wireless statistics min packets 120 RFS7000 config RFS7000 config snmp server location Located at thh 5th FLoor RFS7000 config RFS7000 config snmp server sysname Gold Mine RFS7000 config ...

Page 260: ...This command leads you to the config sole instance For more information on SOLE related parameters refer to SOLE Instance on page 21 1 Syntax sole Parameters None Usage Guidelines The SOLE command is used to enter the config sole instance The prompt changes from the regular RFS7000 config to RFS7000 config sole Example RFS7000 config sole RFS7000 config sole ...

Page 261: ...ee Protocol on a bridge 0 15 priority 0 61440 Set the bridge priority for an MST instance to the value specified Use the no parameter with this command to restore the default bridge priority value priority Bridge priority for the common instance 0 61440 Bridge priority in increments of 4096 Lower priority indicates greater likelihood of becoming root The default value of the priority for each inst...

Page 262: ...mand to set the max age for a bridge This value is used by all instances The default value of bridge max age is 20 seconds max hops 7 127 Specifies the maximum allowed hops for a BPDU in an MST region This parameter is used by all MST instances To restore the default value use the no parameter with this command The default max hops in a MST region is 20 portfast bpdufilter bpduguard def ault Enabl...

Page 263: ...ce If a bridge does not hear bridge protocol data units BPDUs from the root bridge within the specified interval defined in the max age seconds parameter assume the network has changed and recompute the spanning tree topology Example RFS7000 config spanning tree portfast bpduguard default RFS7000 config ...

Page 264: ...Anchorage America Bogota America Buenos_Aires America Caracas America Chicago America Costa_Rica America Denver America Los_Angeles America Mexico_City America Montreal America New_York America Phoenix America Santiago America Sao_Paulo America St_Johns America Tegucigalpa America Thule America Winnipeg America Indianapolis RFS7000 config timezone America Chicago RFS7000 config TIMEZONE Press tab ...

Page 265: ...28 characters access Sets the user access mode console Only allowed from console ssh Only allowed from ssh telnet Only allowed from telnet web Only allowed from applet webUI password Specifies the user password 0 Password is specified UNENCRYPTED 1 Password is encrypted with SHA1 algorithm LINE User password plaintext passsword length must be between 8 and 32 characters privilege Sets user access ...

Page 266: ...ables IP traffic to travel securely over a public TCP IP network by encrypting all traffic from one network to another VPN uses tunneling to encrypt all information at the IP level Example RFS7000 config vpn authentication method local RFS7000 config authentication method Selects the authenication scheme local Used for user based authentication radius Used for RADIUS server authentication ...

Page 267: ...he config wireless instance For additional information see Wireless Instance on page 20 1 Syntax wireless Parameters None Usage Guidelines The wireless command is used to enter the config wireless instance The prompt changes from the regular RFS7000 config to RFS7000 config wireless Example RFS7000 config wireless RFS7000 config wireless ...

Page 268: ... wireless LAN index Apply an ACL to a WLAN index in the outbound direction to filter traffic from both wired and wireless interfaces wlan acl can be attached both in the inbound and outbound directions The last ACE in the access list is an implict deny statement Whenever the interface receives the packet its content is checked against all the ACE s in the ACL It is allowed denied based on the ACL ...

Page 269: ...an acl 200 150 in RFS7000 config The example below applies an ACL to WLAN index 200 in an outbound direction from the global config mode RFS7000 config wlan acl 200 150 out RFS7000 config NOTE A MAC access list entry to allow arp is mandatory to apply an IP based ACL to an interface MAC ACL always takes precedence over IP based ACL s ...

Page 270: ...Overview 5 74 ...

Page 271: ...n suite page 6 2 clrscr Clears the display screen page 6 3 encryption Sets encryption algorithm for protection suite page 6 4 end Ends current mode and change to EXEC mode page 6 5 exit Ends current mode and moves to previous mode page 6 6 group Sets the Diffie Hellman group page 6 7 hash Sets hash algorithm for protection suite page 6 8 help Displays the interactive help system page 6 9 lifetime ...

Page 272: ...uthentication pre share rsa sig Parameters Example RFS7000 config crypto isakmp authentication pre share RFS7000 config crypto isakmp RFS7000 config crypto isakmp authentication rsa sig RFS7000 config crypto isakmp show Shows running system information page 6 12 pre share pre shared key rsa sig rsa signature Command Description Ref ...

Page 273: ...6 3 6 1 2 clrscr Crypto ISAKMP Config Commands Use this command to clear the display screen Syntax clrscr Parameters None Example RFS7000 config crypto isakmp clr RFS7000 config crypto isakmp ...

Page 274: ...es 256 des Parameters Example RFS7000 config crypto isakmp encryption 3des RFS7000 config crypto isakmp RFS7000 config crypto isakmp encryption aes 256 RFS7000 config crypto isakmp 3des 3des Triple data encryption standard aes aes advanced data encryption standard aes 192 aes 192 advanced data encryption standard aes 256 aes 256 advanced data encryption standard des des data encryption standard ...

Page 275: ...rypto ISAKMP Config Commands Use this command to end and exit the current mode and moves to PRIV EXEC mode The prompt now changes to RFS7000 Syntax end Parameters None Example RFS7000 config crypto isakmp end RFS7000 ...

Page 276: ...pto ISAKMP Config Commands Use this command to end current mode and move to previous mode GLOBAL CONFIG The prompt now changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config crypto isakmp exit RFS7000 config ...

Page 277: ...o generate the keys which are then used to create the IPSec SA Syntax group 1 2 5 Parameters Usage Guidelines The local IKE policy and the peer IKE policy must have matching group settings in order for negotiation to be successful Example RFS7000 config crypto isakmp group 5 RFS7000 config crypto isakmp 1 768 bit mod P 2 1024 bit mod P 5 ...

Page 278: ...nd to specify the hash algorithm to be used to authenticate the data transmitted over the IKE SA Syntax hash md5 sha Parameters Example RFS7000 config crypto isakmp hash sha RFS7000 config crypto isakmp md5 Choose the md5 hash algorithm sha Choose the sha hash algorithm ...

Page 279: ... command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match th...

Page 280: ... long an IKE SA is valid before expiring Syntax lifetime seconds Parameters Example RFS7000 config crypto isakmp lifetime 5200 RFS7000 config crypto isakmp seconds Specify how many seconds an IKE SA will last before expiring Time stamp in secondscan be configured between 3600 and 2147483647 ...

Page 281: ...nds Use this command to negate a command or set its defaults Syntax no previous command used Parameters Use the commands that you have configured under this instance Example RFS7000 config crypto isakmp no lifetime RFS7000 config crypto isakmp ...

Page 282: ...story Show reboot history startup log Show startup log upgrade history Show upgrade history RFS7000 config crypto isakmp service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 4M out of 18 6M available for crashinfo List of Files messages log 0 Oct 9 13 01 snmpd log 316 Oct 9 13 01 startup log 16 5k Oct 9 13 01 command history 7 6k Oct 9 18 19 reboot histo...

Page 283: ...ss Control management Display L3 Managment Interface name mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group ...

Page 284: ...Overview 6 14 ...

Page 285: ...1 Crypto Group Command Summary Command Description Ref clrscr Clears the display screen page 7 2 dns Configures Domain Name Server DNS page 7 3 end Ends the current mode and moves to EXEC mode page 7 4 exit Ends the current mode and moves to previous mode page 7 5 help Description of the interactive help system page 7 6 service Displays service commands page 7 7 show Shows running system informati...

Page 286: ...Overview 7 2 7 1 1 clrscr Crypto Group Config Commands Use this command to clear the display screen Syntax clrscr Parameters None Example RFS7000 config crypto group clr RFS7000 config crypto group ...

Page 287: ... server address es to assign to a client Syntax dns IP Address Parameters Example RFS7000 config crypto group dns server 172 1 17 1 172 1 17 3 RFS7000 config crypto group IP Address The first DNS server address to assign IP Address optional The second DNS server address to assign ...

Page 288: ...d Crypto Group Config Commands Use this command to end and exit from the current mode and change to PRIV EXEC mode The prompt now changes to RFS7000 Syntax end Parameters None Example RFS7000 config crypto group end RFS7000 ...

Page 289: ...Group Config Commands Use this command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config crypto group exit RFS7000 config ...

Page 290: ... the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments matc...

Page 291: ...startup log Show startup log upgrade history Show upgrade history RFS7000 config crypto group service show RFS7000 config crypto group service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 4M out of 18 6M available for crashinfo List of Files messages log 0 Oct 9 13 01 snmpd log 316 Oct 9 13 01 startup log 16 5k Oct 9 13 01 command history 7 8k Oct 9 18 4...

Page 292: ...ess Control management Display L3 Managment Interface name mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group...

Page 293: ...ng Service WINS name servers to assign to a client Syntax wins IP Address IP Address Parameters Example RFS7000 config crypto group wins 128 2 11 1 128 2 19 23 RFS7000 config crypto group IP Address The first WINs server address to assign IP Address optional The second WINs server address to assign ...

Page 294: ...Overview 7 10 ...

Page 295: ... 8 1 Crypto Peer Command Summary Command Description Ref clrscr Clears the display screen page 8 2 end Ends the current mode and moves to EXEC mode page 8 3 exit Ends the current mode and moves to the previous mode page 8 4 help Displays the interactive help system page 8 5 no Negates a command or set its defaults page 8 6 service Displays service commands page 8 7 set Sets the configuration page ...

Page 296: ...Overview 8 2 8 1 1 clrscr Crypto Peer Config Commands Use this command to clear the display screen Syntax clrscr Parameters None Example RFS7000 config crypto peer clr RFS7000 config crypto peer ...

Page 297: ...ypto Peer Config Commands Use this command to end and exit from the current mode and change to PRIV EXEC mode The prompt now changes to RFS7000 Syntax end Parameters None Example RFS7000 config crypto peer end RFS7000 ...

Page 298: ...rypto Peer Config Commands Use this command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config crypto peer exit RFS7000 config ...

Page 299: ...command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the...

Page 300: ...nds Use this command to negate a command or set its defaults Syntax no previous command used Parameters Use the commands that you have configured under this instance Example RFS7000 config crypto peer no aggrerssive mode RFS7000 config crypto peer ...

Page 301: ...w reboot history startup log Show startup log upgrade history Show upgrade history RFS7000 config crypto peer service show RFS7000 config crypto peer service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 4M out of 18 6M available for crashinfo List of Files messages log 0 Oct 9 13 01 snmpd log 316 Oct 9 13 01 startup log 16 5k Oct 9 13 01 command history ...

Page 302: ...his command to configure the aggressive mode of crypto peer Syntax set aggressive mode password Parameters Example RFS7000 config crypto peer set aggressive mode password CheckMeIn RFS7000 config crypto peer aggressive mode aggressive mode password password ...

Page 303: ... Control management Display L3 Managment Interface name mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group me...

Page 304: ...Overview 8 10 ...

Page 305: ... config crypto ipsec commands within the RFS7000 Switch command line interface Table 9 1 Crypto IPSec Command Summary Command Description Ref clrscr Clears the display screen page 6 2 end Ends the current mode and moves to the EXEC mode page 6 3 exit Ends the current mode and moves to the previous mode page 6 4 help Displays the interactive help system page 6 5 mode Configures IPSec Transporation ...

Page 306: ...Config Commands Use this command to configure the IP Sec transportation mode Syntax mode transport tunnel Parameters Example RFS7000 config crypto ipsec mode transport RFS7000 config crypto ipsec transport Transport mode tunnel Tunnel mode ...

Page 307: ...ame mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group members in detail running config Current Operating con...

Page 308: ...Overview 9 4 ...

Page 309: ...mand line interface T Table 10 1 Crypto Map Command Summary Command Description Ref clrscr Clears the display screen page 10 2 end Ends the current mode and moves to the EXEC mode page 10 3 exit Ends the current mode and moves to previous mode page 10 4 help Displays the interactive help system page 10 5 match Match values page 10 6 no Negates a command or set its defaults page 10 7 service Displa...

Page 310: ...Overview 10 2 10 1 1 clrscr Crypto Map Config Commands Use this command to clear the display screen Syntax clrscr Parameters None Example RFS7000 config crypto map clr RFS7000 config crypto map ...

Page 311: ...Crypto Map Config Commands Use this command to end and exit from the current mode and change to PRIV EXEC mode The prompt now changes to RFS7000 Syntax end Parameters None Example RFS7000 config crypto map end RFS7000 ...

Page 312: ... Crypto Map Config Commands Use this command to end current mode and down to previous mode GLOBAL CONFIG The prompt now changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config crypto map exit RFS7000 config ...

Page 313: ... command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match th...

Page 314: ... exist or if the packet fails any of the security checks bad authentication traffic does not match SA selectors etc it is discarded If all checks pass the packet is forwarded normally Syntax match list name Parameters Usage Guidelines Crypto map entries do not directly contain the selectors used to determine which data to secure Instead the crypto map entry refers to an access control list An acce...

Page 315: ... Use this command to negate a command or set its defaults Syntax no previous command used Parameters Use the commands that you have configured under this instance Example RFS7000 config crypto map no aggrerssive mode RFS7000 config crypto map ...

Page 316: ...ry Show reboot history startup log Show startup log upgrade history Show upgrade history RFS7000 config crypto map service show RFS7000 config crypto map service show info 4 0M out of 4 0M available for logs 9 7M out of 11 4M available for history 16 4M out of 18 6M available for crashinfo List of Files messages log 0 Oct 9 13 01 snmpd log 316 Oct 9 13 01 startup log 16 5k Oct 9 13 01 command hist...

Page 317: ...vice This can be set for multiple remote peers Remote peer can be either in IP Address or hostname Note For manual mode only one remote peer can be added for crypto map IP address Enter the IP address of the peer device If this is not configured it implies responder only to any peer pfs Use the set pfs command to choose the type of perfect forward secrecy if any that will be required during IPSec ...

Page 318: ...st equal the inbound remote SPI The key values are the hexadecimal representations of the keys They are not true ASCII strings Therefore a key of 3031323334353637 represents 01234567 RFS7000 config crypto map set transformset name Crypto map entries do not directly contain the transform configuration for securing data Instead the crypto map is associated with transform sets which contain specific ...

Page 319: ...or a crypto map then the entry is incomplete and will have no effect on the system For manual key crypto maps only one transform set can be specified Example RFS7000 config crypto map set localid hostname TestMapHost RFS7000 config crypto map ...

Page 320: ... Control management Display L3 Managment Interface name mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group me...

Page 321: ...ummary Command Description Ref clrscr Clears the display screen page 11 21 company name Company name applicable only for request page 11 22 email Email ID page 11 23 end Ends the current mode and moves to the EXEC mode page 11 24 exit Ends the current mode and moves to the previous mode page 11 25 fqdn Domain name configuration page 11 26 help Describes the interactive help system page 11 27 ip ad...

Page 322: ...ce Displays service commands page 11 32 show Shows the running system information page 11 33 subject name Subject name is a collection of required parameters to configure a trustpoint It consists of the common_name country state organization org name etc page 11 35 Command Description Ref ...

Page 323: ...11 21 11 1 1 clrscr Trustpoint Config commands Use this command to clear the display screen Syntax clrscr Parameters None Example RFS7000 config trustpoint clrscr RFS7000 config trustpoint ...

Page 324: ...mpany name applicable only by request to a trustpoint Syntax company name Parameters Usage Guidelines The company name defined must be between 2 to 64 characters only Example RFS7000 config trustpoint company name RetailKing RFS7000 config trustpoint WORD Company name 2 64 characters in length ...

Page 325: ...figure an e mail ID for a trustpoint Syntax email Parameters Usage Guidelines The email defined must be between of 2 to 64 characters only Example RFS7000 config trustpoint email abcTestemailID motorola com RFS7000 config trustpoint WORD email address 2 to 64 characters ...

Page 326: ... 1 4 end Trustpoint Config commands Use this command to end and exit the current mode and move to the PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config trustpoint end RFS7000 ...

Page 327: ...point Config commands Use this command to end the current mode and move to previous mode GLOBAL CONFIG The prompt now changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config trustpoint exit RFS7000 config ...

Page 328: ...and to configure the fully qualified domain name fqdn for the trustpoint Syntax fqdn Parameters None Usage Guidelines The string length of the domain name must be between 9 to 64 characters Example RFS7000 config trustpoint fqdn RetailKing com RFS7000 config trustpoint ...

Page 329: ... command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match th...

Page 330: ...fig commands Use this command to configure an IP address for the trustpoint Syntax ip address Parameters Example RFS7000 config trustpoint ip address 157 200 200 02 RFS7000 config trustpoint A B C D Enter the IP address configured for the trustpoint ...

Page 331: ... 1 9 no Trustpoint Config commands Use this command to negate a command or set defaults Syntax no previous command used Parameters None Example RFS7000 config trustpoint no ip address RFS7000 config trustpoint ...

Page 332: ... password 0 2 WORD Parameters Example RFS7000 config trustpoint password 0 TestPassword RFS7000 config trustpoint 0 Password is specified as UNENCRYPTED The password must be between 4 20 characters 2 Password is encrypted with a password encryption secret The string length of an encrypted password must be between 44 64 characters WORD Password 4 20 characters ...

Page 333: ...Guidelines Use RSA Key Pair support to configure the switch to have Rivest Shamir and Adelman RSA key pairs The switch software can maintain a different key pair for each identity certificate Example RFS7000 config trustpoint rsakeypair were RFS7000 config trustpoint The rsakeypair name were in this example is an exisitng keypair value WORD RSA keypair identifier ...

Page 334: ... exit fqdn WORD fqdn WORD help help ip address A B C D ip address A B C D no company name no company name email no email fqdn no fqdn ip address no ip address subject name no subject name password 0 WORD password 0 2 WORD 2 WORD password 0 2 WORD WORD password 0 2 WORD quit quit rsakey WORD rsakey WORD rsakeypair WORD rsakeypair WORD s commands show commands WORD show commands WORD running config ...

Page 335: ...nterface name mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius RADIUS configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group members in detail running config Current Ope...

Page 336: ... list 1 deny any rule precedence 1 RFS7000 config trustpoint RFS7000 config trustpoint show sessions SESSION USER LOCATION IDLE START TIME 1 cli Console 06 12m Jan 1 00 00 00 1970 2 cli 157 235 206 39 00 00m Jan 1 00 00 00 1970 RFS7000 config trustpoint RFS7000 config trustpoint show users Line PID User Uptime Location 0 con 0 306 06 14 07 ttyS0 130 vty 0 2744 00 25 49 0 RFS7000 config trustpoint ...

Page 337: ...ROLA WORD Organization Unit 2 to 64 characters RFS7000 config trustpoint subject name TestPool US OH PB MOTOROLA WID cr RFS7000 config trustpoint subject name TestPool US OH PB MOTOORLA WID RFS7000 config trustpoint WORD The subject name is a collection of required parameters to configure a trustpoint It consists of the common_name country state org name etc Name Name of the trustpoint being certi...

Page 338: ...Overview 11 36 ...

Page 339: ...ption Interface specific description page 12 4 duplex Defines the duplex mode of operation page 12 5 end Ends the current mode and moves to the EXEC mode page 12 6 exit Ends the current mode and moves down to the previous mode page 12 7 help Describes the interactive help system page 12 8 ip Configures an IP address for the assigned Ethernet VLAN or tunnel page 12 9 mac MAC interface commands to c...

Page 340: ... Shows the running system information page 12 17 shutdown Shuts down the selected interface page 12 20 spanning tree Configures spanning tree page 12 21 speed Configures speed page 12 23 static channel group Configures static channel commands page 12 24 switchport Sets switching mode characteristics page 12 25 tunnel Configures protocol over protocol tunneling page 12 27 Command Description Ref ...

Page 341: ...12 3 12 1 1 clrscr Interface Config commands Use this command to clear the screen Syntax clrscr Parameters None Example RFS7000 config if clrscr RFS7000 config if ...

Page 342: ...terface Config commands Use this command to create an interface specific desciption Syntax description Parameters Example RFS7000 config if description interface for RetailKing RFS7000 config if LINE Characters to describe this interface ...

Page 343: ... ge4 RFS7000 config if duplex auto set auto negotiate full set full duplex half set half duplex RFS7000 config if duplex full RFS7000 config if NOTE Duplexity can only be set for an Ethernet type interface Enter the config if instance using an ge me parameter in an interface mode Duplex cannot be set until the speed is set to a non auto value auto Sets the auto negotiate parameter Port is in full ...

Page 344: ... 12 6 12 1 4 end Interface Config commands Use this command to exit the current mode and move to the PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config if end RFS7000 ...

Page 345: ...nterface Config commands Use this command to end the current mode and move to the previous mode GLOBAL CONFIG The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config if exit RFS7000 config ...

Page 346: ... the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments matc...

Page 347: ... no ip options command to undo all the above ip based interface configurations Example RFS7000 config if ip access group 110 in RFS7000 config if RFS7000 config if ip address 192 168 234 1 24 RFS7000 config if access group Access group 1 99 100 199 IP extended access list 1300 1999 2000 2699 IP extended access list expanded range WORD Access list name in Incoming packets address Sets a static IP a...

Page 348: ...nfig if interface vlan 2000 RFS7000 config if ip address 172 168 200 1 24 RFS7000 config if ip helper address 172 168 100 10 vlan 1000 RFS7000 config if The example below displays static NAT source translation RFS7000 config interface vlan 1000 RFS7000 config if ip nat inside RFS7000 config if interface vlan 2000 RFS7000 config if ip nat outside RFS7000 config ip nat inside source static 172 168 2...

Page 349: ...gabit ethernet interface Syntax mac access group acl_name in Parameters Example RFS7000 config if mac access group Ark200 in RFS7000 config if NOTE Access list cannot be appllied on a management interface me1 access group acl_name Sets MAC access groups ACL in Applies the ACL to ingress packets ...

Page 350: ...e VLAN 1 is by default the management interface for the RFS7000 switch Syntax management Parameters None Usage Guidelines Management privilage can be set only on a L3 interface Use this command along with the config management secure in config mode This ensures switch management access is restricted to the management VLAN only Refer management on page 5 39 for config management secure configuratio...

Page 351: ...have a default maximum packet size of 1500 bytes Use the mtu command to set the MTU size of the packets thats travels through the interface Example RFS7000 config interface vlan 20 RFS7000 config if mtu 520 RFS7000 config if NOTE This command is valid only with a VLAN interface 512 1500 Maximum packet size in bytes The minimum value is 512 and maximum value is 1500 ...

Page 352: ...es any command associated with it Wherever required use the same parameters associated with the command getting negated Example RFS7000 config if no mtu RFS7000 config if RFS7000 config if no spanning tree link type RFS7000 config if RFS7000 config if no spanning tree portfast RFS7000 config if RFS7000 config if no spanning tree portfast bpdu guard RFS7000 config if RFS7000 config if no spanning t...

Page 353: ...hannel group 1 with interface ge1 and ge 2 RFS7000 config interface ge1 RFS7000 config if static channel group 1 RFS7000 config interface ge2 RFS7000 config if static channel group 1 The example below defines the load balance based on the IP or MAC address RFS7000 config interface sa1 RFS7000 config if port channel load balance src dst ip RFS7000 config if load balance src dst ip src dst mac Sets ...

Page 354: ...n LINE description LINE do LINE do LINE duplex auto duplex half full auto full duplex half full auto half duplex half full auto end end exit exit help help ip access group 1 99 in ip access group 1 99 100 199 1300 1999 2000 2699 WORD in 100 199 in ip access group 1 99 100 199 1300 1999 2000 2699 WORD in 1300 1999 in ip access group 1 99 100 199 1300 1999 2000 2699 WORD in 2000 2699 in ip access gr...

Page 355: ...bility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius RADIUS configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group members in detail running config Current Operating configura...

Page 356: ... mapping WMM access categories and 802 1p DSCP tags radio Radio related commands regulatory Regulatory allowed channel power information for a particular country self heal config Self Healing Configuration Parameters sensor Wireless Intrusion Protection System parameters unapproved aps Unapproved APs seen by access port or mobile unit scans wireless switch statistics wireless switch statistics wla...

Page 357: ... bpdu guard disabled portfast errdisable timeout disabled portfast errdisable timeout interval 300 sec cisco interoperability not configured Current cisco interoperability off Instance VLAN 0 1 4095 RFS7000 config if ...

Page 358: ...nfig commands Use this command to shutdown disable the selected interface The interface is administratively enabled unless explicitly disbaled using this command Syntax shutdown Parameters None Example RFS7000 config if shutdown RFS7000 config if ...

Page 359: ... is set for a bridge all portfast enabled ports that have bpdu guard set to default shut down the port upon receiving a BPDU If this occurs the BPDU is not processed The port can be brought back either manually using the no shutdown command or by configuring the errdisable timeout to enable the port after the specified interval edgeport Enables an interface as an edgeport force version 0 3 Specifi...

Page 360: ...00000000 port priority 0 240 port cisco interoperability disable enable Configures mst on a spanning tree 0 15 Instance ID cost 1 200000000 Path cost for a port port priority 0 240 Port priority for a bridge port cisco interoperability disable enable Enables or disables interoperability with Cisco s version of MSTP which is incompatible with standard MSTP enable Enables CISCO Interoperability disa...

Page 361: ...37 fb 73 index 2002 metric 1 mtu 1500 HAL IF UP BROADCAST MULTICAST Speed Admin 1G Operational Unknown Maximum 1G Duplex Admin Auto Operational Unknown Active Medium Unknown Switchport Settings Mode Access Access Vlan 1 input packets 0 bytes 0 dropped 0 multicast packets 0 input errors 0 length 0 overrun 0 CRC 0 frame 0 fifo 0 missed 0 output packets 767 bytes 144486 dropped 0 output errors 0 abor...

Page 362: ...al giga port s into a single aggregate link to provide a larger bandwidth The static channel group is used to provide additional bandwidth in multiples of 1Gbps on the switch All MAC layer and higher protocols see only the static channel group aggregate link rather than the individual ports that comprise it Example RFS7000 config if static channel group 2 RFS7000 config if 1 4 Static channel group...

Page 363: ...VLAN will be automatically set to VLAN1 In this mode only untagged packets in the access VLAN vlan1 will be accepted on this port All tagged packets will be discarded trunk If trunk mode is selected tagged packets in all VLANs will be accepted The native VLAN will be automatically set to VLAN1 Untagged packets will be placed in the native VLAN by the switch Outgoing packets in the native VLAN will...

Page 364: ...llow packets only from the native VLANs Use no switchport access mode trunk to undo the above switchport configurations Example RFS7000 config if switchport mode access RFS7000 config if trunk native tagged vlan 1 4094 Configures the native VLAN ID of the trunk mode port tagged Sets the native VLAN for classifying untagged traffic vlan 1 4094 Sets the native VLAN for classifying untagged traffic w...

Page 365: ...rface Mode Layer 3 index 13 metric 1 mtu 1476 PAL IF UP POINTOPOINT RUNNING NOARP Tunnel source 172 168 100 20 destination 172 168 200 20 Tunnel protocol transport GRE IP Tunnel TTL 33 input packets 0 bytes 0 dropped 0 multicast packets 0 input errors 0 length 0 overrun 0 CRC 0 frame 0 fifo 0 missed 0 output packets 0 bytes 0 dropped 0 output errors 0 aborted 0 carrier 0 fifo 0 heartbeat 0 window ...

Page 366: ...Overview 12 28 ...

Page 367: ...e display screen page 13 2 end Ends the current mode and moves to the EXEC mode page 13 3 exit Ends the current mode and moves to the previous mode page 13 4 help Describes the interactive help system page 13 5 instance Assigns a VLAN to the bridge instance page 13 6 name Sets a name for the MST region page 13 7 no Negates a command or sets defaults page 13 8 revision Configures the revision numbe...

Page 368: ...Overview 13 2 13 1 1 clrscr mst Config commands Use this command to clear the display Syntax clrscr Parameters None Example RFS7000 config mst clrscr RFS7000 config mst ...

Page 369: ...1 2 end mst Config commands Use this command to end and exit from the current mode and move to the PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config mst end RFS7000 ...

Page 370: ... exit mst Config commands Use this command to end the current mode and move to the previous mode GLOBAL CONFIG The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config mst exit RFS7000 config ...

Page 371: ...mand line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the in...

Page 372: ...ted with multiple instances Switches with same instance VLAN mapping revision number and region names creates a region Switches in the same region exchange bridge protocol data units BPDU with instance record information Example The example below creates an instance named 10 and maps VLAN 20 to it RFS7000 config mst instance 10 vlan 20 RFS7000 config mst 1 15 Defines the instance ID to which the V...

Page 373: ... 13 1 6 name mst Config commands Use this command to set a name for the MST region Syntax name region name Parameters Example RFS7000 config mst name MyRegion RFS7000 config mst region name MST region name ...

Page 374: ...s any command associated with it Wherever required use the same parameters associated with the command getting negated Example RFS7000 config mst no instance 10 vlan 20 RFS7000 config mst RFS7000 config mst no name MyRegion RFS7000 config mst RFS7000 config mst no revision RFS7000 config mst instance Instance name MST region revision Revision number for configuration information ...

Page 375: ...Config commands Use this command to configure the revision number of the MST bridge Syntax revision 0 255 Parameters Example RFS7000 config mst revision 20 RFS7000 config mst 0 255 Revision number for configuration information ...

Page 376: ... 1 15 no bridge instance 1 15 vlan 1 4094 no bridge instance 1 15 vlan 1 4094 region no bridge region revision no bridge revision quit quit s commands show commands WORD show commands WORD running config show running config full show running config full include factory show running config include factory service show cli service show cli show access list show access list 1 99 show access list 1 99...

Page 377: ...ity Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius RADIUS configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group members in detail running config Current Operating configuratio...

Page 378: ...precedence 5 permit ip 192 168 63 0 24 192 168 100 0 24 rule precedence 63 permit ip 192 168 157 0 24 192 168 100 0 24 rule precedence 157 RFS7000 config mst RFS7000 config mst show wlan acl all WLAN port 102 Inbound IP Access List 110 Inbound MAC Access List Outbound IP Access List Outbound MAC Access List RFS7000 config mst ...

Page 379: ...configuration using the mst config mode RFS7000 config mst instance 1 vlan vlan id 2 Use the following to enable disable MSTP RFS7000 config bridge multiple spanning tree 3 Use the following command to configure spanning tree RFS7000 config bridge multiple spanning tree RFS7000 config spanning tree 4 Use the following command to configure spanning tree for ports RFS7000 config if spanning tree ...

Page 380: ...Overview 13 14 ...

Page 381: ...pecifies packets to reject page 14 3 end Ends the current mode and changes to the EXEC mode page 14 7 exit Ends the current mode and moves back to the previous mode page 14 8 help Displays the interactive help system page 14 9 mark Specifies packets to mark page 14 10 no Negates a command or set default values page 14 14 permit Specifies packets to forward page 14 15 service Service commands page ...

Page 382: ...Overview 14 2 14 1 1 clrscr Extended ACL Config Commands Use this command to clear the display screen Syntax clrscr Parameters None Example RFS7000 config ext nacl clrscr RFS7000 config ext nacl ...

Page 383: ...nce access list entry precedence Use with a deny command to reject IP packets deny The keyword specifies deny action on an ACL ip Specifies IP to match any protocol source source mask host source any The keyword source is the source IP address of the network or host in dotted decimal format Source mask is the network mask For example 10 1 1 10 24 indicates the first 24 bits of the source IP are us...

Page 384: ...source IP are used for matching any is an abbreviation for source IP of 0 0 0 0 and source mask bits equal to 0 host is an abbreviation for exact source A B C D and source mask bits equal to 32 destination destination mask host destination any The destination host IP address or destination network address icmp type icmp type icmp code ICMP type value from 0 to 255 Valid only for protocol type icmp...

Page 385: ... the protocol source source mask host source any The keyword source is the source IP address of the network or host in dotted decimal format Source mask is the network mask For example 10 1 1 10 24 indicates the first 24 bits of the source IP are used for matching any is an abbreviation for source IP of 0 0 0 0 and source mask bits equal to 0 host is an abbreviation for exact source A B C D and so...

Page 386: ...fig ext nacl permit ip any any RFS7000 config ext nacl The following example denies udp traffic with a source port range between 20 23 from the source subnet to destination sub net RFS7000 config ext nacl deny udp 192 168 1 0 24 192 168 2 0 24 range 20 23 RFS7000 config ext nacl permit ip any any RFS7000 config ext nacl The following example denies icmp traffic from any source to any destination T...

Page 387: ...nd Extended ACL Config Commands Use this command to end and exit the current mode and change to the PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config ext nacl end RFS7000 ...

Page 388: ...xtended ACL Config Commands Use this command to end the current mode and move to the previous mode GLOBAL CONFIG The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config ext nacl exit RFS7000 config ...

Page 389: ...e command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match t...

Page 390: ...ked mark dot1p 0 7 tos 0 255 The keyword specifies mark action on an ACL The action type mark is functional only over a Port ACL dot1p 0 7 Used only with action type mark to specify 8021p priority values tos 0 255 Used only with action type mark to specify Type Of Service tos values ip Specifies IP to match any protocol source source mask host source any The keyword source is the source IP address...

Page 391: ...0 1 1 10 24 indicates that the first 24 bits of the source IP are used for matching any is an abbreviation for source IP of 0 0 0 0 and source mask bits equal to 0 host is an abbreviation for exact source A B C D and source mask bits equal to 32 destination destination mask host destination any The destination host IP address or destination network address icmp type icmp type icmp code ICMP type v...

Page 392: ...specifies mark action on an ACL The action type mark is functional only over a Port ACL tcp udp Specifies tcp or udp as the protocol used source source mask host source any source is the source IP address of the network or host in dotted decimal Source mask is the network mask For example 10 1 1 10 24 indicates that the first 24 bits of the source IP are used for matching any is an abbreviation fo...

Page 393: ...ming from the source subnet RFS7000 config ext nacl mark 8021p 5 tcp 192 168 2 0 24 any RFS7000 config ext nacl The example below marks the tos value in the IP header to 245 to all tcp traffic coming from the source subnet RFS7000 config ext nacl mark tos 245 tcp 192 168 2 0 24 any RFS7000 config ext nacl NOTE The log option is functional only for router ACL s The log option provides an informatio...

Page 394: ...command to remove an access list control entry Provide the rule precedence value when using the no command Example RFS7000 config ext nacl no mark 8021p 5 tcp 192 168 2 0 24 any rule precedence 10 RFS7000 config ext nacl RFS7000 config ext nacl no permit ip any any rule precedence 10 RFS7000 config ext nacl RFS7000 config ext nacl no deny icmp any any rule precedence 10 RFS7000 config ext nacl den...

Page 395: ... 255 255 RFS7000 config ext nacl permit ip source source mask host source any destination destination mask host destination any log rule precedence access list entry precedence Use the permit command to allow IP packets permit The keyword specifies permit action on an ACL ip Specify IP to match any protocol source source mask host source any source is the source IP address of the network or host i...

Page 396: ...ts of the source IP are used for matching any is an abbreviation for source IP of 0 0 0 0 and source mask bits equal to 0 host is an abbreviation for exact source A B C D and source mask bits equal to 32 destination destination mask host destination any The destination host IP address or destination network address icmp type icmp type icmp code ICMP type value from 0 to 255 Valid only for protocol...

Page 397: ... tcp or udp as the protocol source source mask host source any source is the source IP address of the network or host in dotted decimal Source mask is the network mask For example 10 1 1 10 24 indicates the first 24 bits of the source IP are used for matching any is an abbreviation for source IP of 0 0 0 0 and source mask bits equal to 0 host is an abbreviation for exact source A B C D and source ...

Page 398: ...l The example below permits telnet from the source subnet and the destination subnet and denies all other traffic over an interface RFS7000 config ext nacl permit tcp 192 168 4 0 24 192 168 5 0 24 eq 23 rule pre cedence 10 RFS7000 config ext nacl The example below permits icmp based traffic and denies all other traffic over an interface RFS7000 config ext nacl permit icmp any any rule precedence 3...

Page 399: ...cli CLI command tree is saved as clitree html This tree can be viewed via web at http ipaddr cli clitree html RFS7000 config ext nacl RFS7000 config ext nacl service show cli Show CLI tree of current mode command history Display command except show commands history crash info Display information about core panic and AP dump files info Show snapshot of available support information last passwd Disp...

Page 400: ...nstalled licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface name mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display state...

Page 401: ...ence 10 permit ip any any rule precedence 20 Extended IP access list 110 deny ip host 192 168 1 95 host 192 168 2 98 log rule precedence 10 permit ip any any rule precedence 20 Extended IP access list symbol deny tcp 192 168 2 0 24 192 168 1 0 24 rule precedence 10 permit ip any any rule precedence 20 RFS7000 config ext nacl ...

Page 402: ...og messages are generally not displayed over a telnet session Use the terminal monitor command to view the log messages over a telnet session Example RFS7000 config ext nacl terminal monitor RFS7000 config ext nacl RFS7000 config ext nacl terminal no monitor RFS7000 config ext nacl monitor Copies debug output to the current terminal line no Negates a command or set its defaults monitor Copies debu...

Page 403: ... Ref clrscr Clears the display screen page 15 3 deny Specifies packets to reject page 15 4 end Ends the current mode and changes to EXEC mode page 15 5 exit Ends the current mode and moves to the previous mode page 15 6 help Displays the interactive help system page 15 7 mark Specifies packets to mark page 15 8 no Negates a command or set its defaults page 15 9 permit Specifies packets to forward ...

Page 404: ...Overview 15 2 terminal Sets terminal line parameters page 15 14 Command Description Ref ...

Page 405: ...15 3 15 1 1 clrscr Standard ACL Config Commands Use this command to clear the display screen Syntax clrscr Parameters None Example RFS7000 config std nacl clrscr RFS7000 config std nacl ...

Page 406: ...affic entering the interface A log message is generated in the console whenever the interface receives a packet RFS7000 config std nacl deny any log rule precedence 50 RFS7000 config std nacl The example below denies traffic from the source network xxx xxx 1 0 24 and allows all other traffic to flow through the interface RFS7000 config std nacl deny xxx xxx 1 0 24 rule precedence 60 RFS7000 config...

Page 407: ...1 3 end Standard ACL Config Commands Use this command to exit the current mode and move to the PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config std nacl end RFS7000 ...

Page 408: ...tandard ACL Config Commands Use this command to end the current mode and move to the previous mode GLOBAL CONFIG The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config std nacl exit RFS7000 config ...

Page 409: ...e command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match t...

Page 410: ...ue to 254 for all traffic coming from the source network RFS7000 config access list 3 mark tos 254 xxx xxx 3 0 24 RFS7000 config access list 3 permit any 8021 1p 0 7 tos 0 255 Specifies 1p priority value between 0 and 7 Specifies a Type of Service tos value between 0 and 255 A B C D M any host source is the source IP address of the network or host in dotted decimal format Source mask is the networ...

Page 411: ...mands to configure the Extended ACL Parameters Example RFS7000 config std nacl no permit any rule precedence 10 RFS7000 config std nacl RFS7000 config std nacl no deny any rule precedence 20 RFS7000 config std nacl RFS7000 config std nacl no mark tos 4 192 168 2 0 24 rule precedence 30 RFS7000 config std nacl deny Specifies packets to reject mark Specifies packets to mark permit Specifies packets ...

Page 412: ...ased on the ACL configuration Example The example below permits all traffic to the interface RFS7000 config std nacl permit any rule precedence 50 RFS7000 config std nacl The example below permits traffic from the source network and provides a log message RFS7000 config std nacl permit xxx xxx 1 0 24 log rule precedence 60 RFS7000 config std nacl A B C D M Source IP address range to match any Any ...

Page 413: ...rent mode command history Display command except show commands history crash info Display information about core panic and AP dump files info Show snapshot of available support information last passwd Display last password used to enter shell reboot history Show reboot history startup log Show startup log upgrade history Show upgrade history RFS7000 config std nacl service show RFS7000 config std ...

Page 414: ... installed licenses logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface name mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display sta...

Page 415: ... any rule precedence 20 Extended IP access list 110 deny ip host 192 168 1 95 host 192 168 2 98 log rule precedence 10 permit ip any any rule precedence 20 Standard IP access list moto deny 192 168 1 0 24 rule precedence 10 permit any rule precedence 20 Extended IP access list symbol deny tcp 192 168 2 0 24 192 168 1 0 24 rule precedence 10 permit ip any any rule precedence 20 RFS7000 config std n...

Page 416: ...og messages are not displayed over a Telnet session Use the terminal monitor command to view the log messages over a Telnet session Example RFS7000 config std nacl terminal monitor RFS7000 config std nacl RFS7000 config std nacl terminal no monitor RFS7000 config std nacl monitor Copies debug output to the current terminal line no Negates a command or set its defaults monitor Copies debug output t...

Page 417: ...h the switch Use a decimal value representation of ethertypes to implement permit deny mark packet The command set for Extended MAC ACLs provides hexadecimal values for each of its listed ethertypes The switch supports all ethertypes Use the decimal equvilant of the ethertype listed in the CLI for any other ethertype ...

Page 418: ... Ends the current mode and changes to EXEC mode page 16 6 exit Ends the current mode and moves to the previous mode page 16 7 help Displays the interactive help system page 16 8 mark Specifies packets to mark page 16 9 no Negates a command or set its defaults page 16 11 permit Specifies packets to forward page 16 12 service Displays service commands page 16 14 show Shows the running system informa...

Page 419: ...16 3 16 1 1 clrscr MAC Extended ACL Config Commands Use this command to clear the display screen Syntax clrscr Parameters None Example RFS7000 config ext macl clrscr RFS7000 config ext macl ...

Page 420: ...decimal value representation of ethertypes to implement a permit deny mark designation for a packet The command set for Extended MAC ACLs provides hexadecimal values for each listed ethertype The switch supports all ethertypes Use the decimal equvilant of the ethertype listed or for any other type of ethertype Source Mask Bit mask specifying the bits to match Source wildcard can be any one of the ...

Page 421: ... below denies traffic from any source MAC address to a particular host MAC address RFS7000 config ext macl deny any host 00 01 ae 00 22 11 RFS7000 config ext macl The MAC ACL in the example below denies dot1q tagged traffic from VLAN interface 5 RFS7000 config ext macl deny any any vlan 5 type 8021q RFS7000 config ext macl The example below denies traffic between two hosts based on MAC addresses R...

Page 422: ... 1 3 end MAC Extended ACL Config Commands Use this command to exit from the current mode and change to PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config ext macl end RFS7000 ...

Page 423: ...nded ACL Config Commands Use this command to end the current mode and move to the previous mode GLOBAL CONFIG The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config ext macl exit RFS7000 config ...

Page 424: ... at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments m...

Page 425: ...in the CLI or for any other type of ethertype 8021p 0 7 Modifies the 802 1p VLAN user priority tos 0 255 Modifies the TOS bits in an IP header Source MAC Address Bit mask specifying the bits to match The source wildcard can be any one of the following xx xx xx xx xx xx xx xx xx xx xx xx Source MAC address and mask any Any source host host Exact source MAC address to match Destination MAC Address B...

Page 426: ... against all the ACE s in the ACL It is marked based on the ACL configuration Example The example below marks the dot1p priority value to 6 for all 802 1q tagged traffic from VLAN interface 5 RFS7000 config ext macl mark 8021p 6 any any vlan 5 type 8021q RFS7000 config ext macl The example below marks the tos field to 254 for all IP traffic coming from the source MAC address RFS7000 config ext mac...

Page 427: ...CL Parameters Example RFS7000 config ext macl no mark tos 254 host 00 33 44 55 66 77 any type ip rule precedence 50 RFS7000 config ext macl RFS7000 config ext macl no deny any any vlan 5 type 8021q rule precedence 10 RFS7000 config ext macl RFS7000 config ext macl no permit any any type wisp rule precedence 50 RFS7000 config ext macl deny Specifies packets to reject mark Specifies packets to mark ...

Page 428: ...e hexadecimal values for each listed ethertype The switch supports all ethertypes Use the decimal equvilant of the ethertype listed in the CLI or for any other type of ethertype Source MAC Address Bit mask specifying the bits to match The source wildcard can be any one of the following xx xx xx xx xx xx xx xx xx xx xx xx Source MAC address and mask any Any source host host Exact source MAC address...

Page 429: ...ast ACE in the access list is an implict deny statement Whenever the interface receives the packet its content is checked against all the ACEs in the ACL It is allowed denied based on the ACL configuration Example The example below permits wisp based traffic from any source MAC address to any destination MAC address RFS7000 config ext macl permit any any type wisp RFS7000 config ext macl The examp...

Page 430: ...vice save cli CLI command tree is saved as clitree html This tree can be viewed via web at http ipaddr cli clitree html RFS7000 config ext macl RFS7000 config ext macl service show cli Show CLI tree of current mode command history Display command except show commands history crash info Display information about core panic and AP dump files info Show snapshot of available support information last p...

Page 431: ...censes logging Show logging configuration and buffer mac Media Access Control management Display L3 Managment Interface name mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition...

Page 432: ... access list 200 permit any any type arp rule precedence 10 permit any any type wisp rule precedence 20 Extended MAC access list 250 deny host 01 02 fe 45 76 89 host 01 02 89 78 78 45 rule precedence 10 permit any any type arp rule precedence 20 RFS7000 config ext macl ...

Page 433: ...ages are generally not displayed over a Telnet session Use the terminal monitor command to view t log messages using Telnet Example RFS7000 config ext macl terminal monitor RFS7000 config ext macl RFS7000 config ext macl terminal no monitor RFS7000 config ext macl monitor Copies debug output to the current terminal line no Negates a command or sets defaults monitor Copies debug output to the curre...

Page 434: ...Overview 16 18 ...

Page 435: ...include range page 17 3 bootfile Assigns a boot file name The bootfile name can contain letters numbers dots and hyphens Consecutive dots and hyphens are not permitted page 17 4 class Configures DHCP server class page 17 5 client identifier Uses an ascii string as a client identifier page 17 7 client name Assigns a client name page 17 8 clrscr Clears the display screen page 17 9 ddns Configures Dy...

Page 436: ...e Assigns the lease time for the dhcp IP address page 17 19 netbios name server Configures NetBIOS WINS name servers page 17 20 netbios node type Confiures NetBIOS node type page 17 21 network Configures a network number and mask for the DHCP Server page 17 22 next server Configures the next server in boot process page 17 23 no Negates a command or sets defaults page 17 24 option Assigns a name fo...

Page 437: ...clients from the address range A high IP address is the upper limit for providing the IP address and low IP address is the lower limit for providing the IP address Use the no address range command to remove the DHCP address range Example RFS7000 config dhcp address range 2 2 2 2 2 2 2 50 RFS7000 config dhcp range low IP address high IP address Use this command to add an address range for the DHCP ...

Page 438: ...bootp clients DHCP clients Only one boot file is allowed per pool Use no bootfile command to remove the bootfile Do not use the file name with the bootfile command as only one bootfile exists per pool The command no bootfile will remove the exisitng command from the pool Example RFS7000 config dhcp bootfile bootexample txt RFS7000 config dhcp bootfile filename Indicates the boot image for bootp cl...

Page 439: ...te a USER class named MC800 The privilege mode changes to config dhcpclass The switch supports a maximum of 8 Users classes per DHCP class RFS7000 config dhcpclass option user class MC800 RFS7000 config dhcpclass 3 Create a Pool named WID using config mode RFS7000 config ip dhcp pool WID RFS7000 config dhcp 4 Associate the DHCP class created in Step 1 with the pool created in Step 3 The switch sup...

Page 440: ...ress high IP Address Parameters Example RFS7000 config dhcp class address range 11 22 13 14 11 22 33 56 RFS7000 config dhcp class Command Description address Sets an address range for a DHCP class in a DHCP server address pool clrscr Clears the display screen end Ends current mode and change to EXEC mode exit Ends current mode and moves to the to previous mode help Displays the interactive help sy...

Page 441: ...fier A client identifier is used to reserve an IP address for DHCP clients Syntax client identifier ascii string Parameters Example RFS7000 config dhcp client identifier testid RFS7000 config dhcp client identifier ascii string To prepend a null character use 0 at beginning A single in the input is ignored ...

Page 442: ...s Use this command to a add client name for the DHCP clients Syntax client name name Parameters Example RFS7000 config dhcp client name testpc RFS7000 config dhcp client name name Use client name to add a client name The domain name must not be included ...

Page 443: ...17 9 17 1 6 clrscr DHCP Config Commands Use this command to clear the screen Syntax clrscr Parameters None Example RFS7000 config dhcp clrscr RFS7000 config dhcp ...

Page 444: ...configured as DDNS domain name This is used internally in DHCP packets between the DHCP server on the switch and the DNS server Example RFS7000 config dhcp ddns domainname TestDomain com RFS7000 config dhcp RFS7000 config dhcp ddns multiple user class RFS7000 config dhcp RFS7000 config dhcp ddns ttl 1000 RFS7000 config dhcp RFS7000 config dhcp ddns update all RFS7000 config dhcp domainname name Se...

Page 445: ...use the no default router command default router Router IP address Parameters Usage Guidelines The IP address of the router should be on the same subnet as the client subnet Example RFS7000 config dhcp default router 2 2 2 1 RFS7000 config dhcp default router router IP address Specifies the default router IP address for the network pool router IP address Router s IP address ...

Page 446: ...ax dns server ip address1 ip address2 ip address3 ip address8 Parameters Usage Guidelines For DHCP client s the DNS server s IP address is used to map the host name to IP address The DHCP client uses the DNS servers IP address based on the order sequence configured Example RFS7000 config dhcp dns server 2 2 2 222 RFS7000 config dhcp dns server IP address Configures the DNS Server s IP address IP a...

Page 447: ...work pool Use the no domain name command to remove the domain name Syntax domain name name Parameters Usage Guidelines The domain name cannot be more than 256 characters Example RFS7000 config dhcp domain name Engineering RFS7000 config dhcp domain name name Configures the domain name for the network pool ...

Page 448: ... 17 14 17 1 11 end DHCP Config Commands Use this command to exit the current mode and moves to the PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config dhcp end RFS7000 ...

Page 449: ...nds Use this command to end the current mode and move to the previous mode GLOBAL CONFIG The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config ip dhcp pool TestPool RFS7000 config dhcp exit RFS7000 config ...

Page 450: ...the DHCP pool Syntax hardware address XX XX XX XX XX XX XX XX XX XX XX XX Parameters Usage Guidelines This command accepts only hexadecimal values Example RFS7000 config dhcp hardware address 00 01 23 45 32 22 RFS7000 config dhcp hardware address XX XX XX XX XX XX XX XX XX XX XX XX Configures the client s hardware address XX XX XX XX XX XX Dashed hexadecimal string XX XX XX XX XX XX Dotted hexadec...

Page 451: ...ommand line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the ...

Page 452: ... hardware address client identifier configuration must contain a host IP address client name and hardware address client identifier The host IP address must belong to subnet on the switch There must be a DHCP network pool corresponding to that host IP address There is no limit on the number of manual binding s but you can configure only one manual binding per host pool Example RFS7000 config dhcp ...

Page 453: ...t value is used The default lease value is 24 hours The lease vlaue for DHCP host pool is infinite Example RFS7000 config dhcp lease 20 12 30 RFS7000 config dhcp lease 0 365 0 23 0 59 infinite Sets the lease time for IP address 0 365 Lease period in days Days can be made as 0 only when hours and or mins are greater than 0 0 23 Used with the above to set the hours for the lease period 0 59 Used wit...

Page 454: ...nd to configure the netbios name server s IP address Syntax netbios name server IP address Parameters Example RFS7000 config dhcp netbios name server 2 2 2 222 RFS7000 config dhcp netbios name server IP address NetBIOS WINS name servers IP address NetBIOS name server s IP address ...

Page 455: ...e type Syntax netbios node type b node h node m node p node Parameters Example RFS7000 config dhcp netbios node type p node RFS7000 config dhcp netbios node type b node h node m node p node NetBIOS WINS name servers b node Broadcast node h node Hybrid node m node Mixed node p node Peer to peer node ...

Page 456: ...network A B C D A B C D M Parameters Usage Guidelines Ensure a VLAN interface with specific network subnet exists on the switch before mapping the DHCP pool to a particular network Example RFS7000 config dhcp network 2 2 2 0 24 RFS7000 config dhcp network A B C D A B C D M Network number and mask A B C D Network number in dotted decimal format A B C D M Network number and mask ...

Page 457: ...onfigure the IP address of the next server in the boot process Syntax next server IP address Parameters Example RFS7000 config dhcp next server 2 2 2 22 RFS7000 config dhcp next server IP address Defines the next server in the boot process IP address Server s IP address ...

Page 458: ...ers The no command negates any command associated with it Wherever required use the same parameters associated with the command getting negated The pool has only one bootfile and hence the filename is not required when using the no command To remove a bootfile use no bootfile command only Example RFS7000 config no ip dhcp pool hotpool RFS7000 config RFS7000 config no ip dhcp pool test RFS7000 conf...

Page 459: ...ion name IP Value ASCII Value Parameters Usage Guidelines Used to define non standard DHCP options option code 0 254 Example RFS7000 config ip dhcp option option189 ascii RFS7000 config option name Raw DHCP options name Name of the DHCP option IP Value IP Value of the DHCP option ASCII Value Ascii Value of DHCP option ...

Page 460: ...B C D ttl 1 864000 ddns ttl 1 864000 update all ddns update all default router A B C D default router A B C D dns server A B C D dns server A B C D do LINE do LINE domain name WORD domain name WORD end end exit exit hardware address XX XX XX XX XX XX hardware address XX XX XX XX XX XX XX XX XX XX XX XX ethernet token ring ethernet hardware address XX XX XX XX XX XX XX XX XX XX XX XX ethernet token...

Page 461: ...Display L3 Managment Interface name mobility Display Mobility parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius RADIUS configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group members in detail runn...

Page 462: ...0 4 4 4 200 ip dhcp pool vlan2 ip dhcp pool TestPool lease 200 12 30 domain name TestDomain bootfile DHCPbootfile netbios node type p node ddns domainname TestDomain address range 1 2 3 2 2 3 2 1 RFS7000 config show dhcp status DHCP Server is Running on following interfaces vlan4 RFS7000 config RFS7000 config show ip dhcp binding IP MAC Client Id Type Expiry Time RFS7000 config ...

Page 463: ...ecords RR s A TXT and PTR The DHCP Server can always override the client even if the client is configured to perform the updates In the network pool of DHCP Server FQDN is configured asa DDNS domain name This is used internally in DHCP packets between the switch s DHCP Server and the DNS server Example RFS7000 config dhcp update dns override RFS7000 config dhcp update dns override Controls the usa...

Page 464: ...2 2 Creating host pool RFS7000 config ip dhcp pool hostpool RFS7000 config dhcp client name linuxbox RFS7000 config dhcp host 192 168 0 50 RFS7000 config dhcp hardware 00 a0 f8 6f 6b 88 RFS7000 config dhcp exit 17 2 3 Troubleshooting DHCP configuration DHCP Server configurations come into effect only after rebooting the DHCP Server Execute the ip dhcp restart at a global level to restart the DHCP ...

Page 465: ...ool should have its corresponding network pool configured otherwise the host pool is useless The fixed IP address configured in the host pool must be in the subnet of the corresponding network pool 7 Use the global configuration mode service dhcp to enable disable the DHCP Server This enables disables the DHCP Server on all interfaces 8 If you create a pool and map it to interface it automatically...

Page 466: ...Overview 17 32 ...

Page 467: ... Config Commands Command Description Ref clrscr Clears the display screen page 18 2 end Ends the current mode and moves to the EXEC mode page 18 2 exit Ends the current mode and moves to the previous mode page 18 2 help Displays the interactive help system page 18 3 multiple user class Enables multiple user class option page 18 3 no Negates a command or set its defaults page 18 3 option Configures...

Page 468: ...ands Use this command to end and exit from the current mode and change to the PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config dhcpclass end RFS7000 18 1 3 exit DHCP Server Class Config Commands Use this command to end the current mode and move to the previous mode GLOBAL CONFIG The prompt changes to RFS7000 config Syntax exit Parameters None Example R...

Page 469: ... to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input e g show ve RFS7000 config dhcpclass 18 1 5 multiple user class DHCP Server Class Config Commands Use this command to enable the multiple user class option This specifies the client MU sends multiple user c...

Page 470: ...s a maximum of 8 Users classes per DHCP class RFS7000 config dhcpclass option user class MC800 RFS7000 config dhcpclass 3 Create a Pool named WID using config mode RFS7000 config ip dhcp pool WID RFS7000 config dhcp 4 Associate the DHCP class created in Step 1 with the pool created in Step 3 RFS7000 supports association of only 8 CDHCP classes with a pool RFS7000 config dhcp class RFS7000DHCPclass...

Page 471: ... factory show running config include factory service show cli service show cli show access list show access list 1 99 show access list 1 99 100 199 1300 1999 2000 2699 WORD 100 199 show access list 1 99 100 199 1300 1999 2000 2699 WORD 1300 1999 show access list 1 99 100 199 1300 1999 2000 2699 WORD 2000 2699 show access list 1 99 100 199 1300 1999 2000 2699 WORD WORD show access list 1 99 100 199...

Page 472: ...n and buffer mac Internet Protocol IP mac address table Display MAC address table management Display L3 Managment Interface name mobility Display Mobility parameters ntp Network time protocol password encryption password encryption port channel Portchannel commands privilege Show current privilege level radius RADIUS configuration commands redundancy group Display redundancy group parameters redun...

Page 473: ... 10 10 10 110 00 0e 9b 98 f9 34 Mon Sep 17 13 34 31 2007 RFS7000 config dhcpclass RFS7000 config dhcpclass show ip dhcp class ip dhcp class DHCPclass1 ip dhcp class TestDHCPclas2 option user class MC800 multiple user class ip dhcp class TestDHCPclass ip dhcp class TestDHCPclass2 RFS7000 config dhcpclass RFS7000 config dhcpclass show ip dhcp pool ip dhcp pool vlan1 default router 10 10 10 2 network...

Page 474: ...Overview 18 8 ...

Page 475: ... 19 1 RADIUS Config Command Summary Command Description Ref authentication RADIUS authentication page 19 3 ca Configures ca certificate parameters page 19 4 clrscr Clears the display screen page 19 5 crl check Certificate Revocation List CRL check page 19 6 end Ends the current mode and moves to the EXEC mode page 19 7 exit Ends the current mode and moves to the previous mode page 19 8 group Confi...

Page 476: ...US client page 19 22 no Negates a command or set its defaults page 19 23 proxy RADIUS proxy server page 19 24 rad user RADIUS user configuration page 19 25 server Configures server certificate parameters page 19 26 service Service commands page 19 27 show Shows running system information page 19 28 Command Description Ref ...

Page 477: ...s based authentication RADIUS requests from the mobile unit Setting eap auth type to tls ensures only tls authentications are serviced Example RFS7000 config radsrv authentication eap auth type peap mschapv2 RFS7000 config radsrv RFS7000 config radsrv authentication data source ldap RFS7000 config radsrv data source RADIUS data source for user authentication ldap Remote LDAP server local Local use...

Page 478: ... local RADIUS server Create the trustpoint before it is used by the crypto pki trustpoint command The default trustpoint in use is default trustpoint Example In the example below the trustpoint tp1 already has a certificate associated with it RFS7000 config radius server local RFS7000 config radsrv ca trust point tp1 RFS7000 config radsrv trust point WORD Trustpoint configuration WORD Existing tru...

Page 479: ...19 5 19 1 3 clrscr RADIUS Configuration Commands Use this command to clear the screen Syntax clrscr Parameters None Example RFS7000 config radsrv clrscr RFS7000 config radsrv ...

Page 480: ...to pki import trustpoint name crl command Syntax crl check Parameters Usage Guidelines A CRL that is updated with a trustpoint contains index numbers of all the revoked certifictes tls authentication type uses certificate for authentication and the CRL checks for any revoked certificate used for tls authentication Example RFS7000 config radsrv crl check enable RFS7000 config radsrv enable Enables ...

Page 481: ...end RADIUS Configuration Commands Use this command to exit from the current mode and move to the PRIV EXEC mode The prompt now changes to RFS7000 Syntax end Parameters None Example RFS7000 config radsrv end RFS7000 ...

Page 482: ...ADIUS Configuration Commands Use this command to exit the current mode and move to the previous mode GLOBAL CONFIG The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config radsrv exit RFS7000 config ...

Page 483: ... clrscr Parameters None Example RFS7000 config radsrv group clrscr RFS7000 config radsrv group Command Description Ref clrscr Clears the display screen page 19 9 end Ends the current mode and changes to the EXEC mode page 19 10 exit Ends the current mode and moves to the previous mode page 19 10 group Configures RADIUS user group paramaters page 19 10 guest group Guest group configuration page 19 ...

Page 484: ...command to exit the current mode and move to the previous mode config radsrv The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config radsrv group exit RFS7000 config radsrv 19 1 7 4 group RADIUS Configuration Commands Use this command to configure RADIUS user group paramaters This command creates a group within an exisitng RADIUS group Syntax group Parameters Exampl...

Page 485: ...p system Syntax help Parameters None Example RFS7000 config radsrv group help CLI provides advanced help feature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show an...

Page 486: ...icy RADIUS Configuration Commands Use this command to configure authorization policies for a particular group like day time of access WLAN s allowed and to set a user based VLAN policy RADIUS group access policy configuration day Resets the access policy day for this group time Configures access policy time for this group vlan VLAN ID for this group wlan Configures WLAN access policy for this grou...

Page 487: ...group RFS7000 config radsrv group policy wlan 20 21 22 23 RFS7000 config radsrv group day Day of access policy configuration all All days from Sunday to Saturday fr Friday mo Monday sa Saturday su Sunday th Thursday tu Tuesday we Wednesday weekdays Allows access only in week days Mo Fr time Configures the group time of access policy start Start time 0 23 hour hh limit 0 59 mins mm limit end End ti...

Page 488: ...s command to invoke RADIUS service commands This command is used to enable the RADIUS Server A service RADIUS restart is executed only from the config mode Syntax service show cli Parameters Example RFS7000 config radsrv group service show cli Radius user group configuration mode clrscr clrscr do LINE do LINE end end exit exit group WORD group WORD guest group enable guest group enable help help n...

Page 489: ...isplay system clock commands Show command lists crypto crypto debugging Display debugging setting environment show environmental information file Display filesystem information ftp Display FTP Server configuration history Display the session command history interfaces Interface status and configuration ip Internet Protocol IP ldap ldap server licenses Show any installed licenses logging Show loggi...

Page 490: ...tus Display last image upgrade status users Display information about terminal lines version Display software hardware version wireless Wireless configuration commands RFS7000 config radsrv group RFS7000 config show radius trust point Trust point Configured For Radius ________________________________ Server Trust point tp1 CA Trust point default trustpoint RFS7000 config show radius configuration ...

Page 491: ...this group vlan VLAN id for this group wlan Configure wlan access policy for this group RFS7000 config radsrv group policy day weekdays RFS7000 config radsrv group policy time start 12 30 end 15 30 4 Use the policy vlan command to assign VLAN ID of 10 to Sales group RFS7000 config radsrv group policy vlan 10 5 Use the policy wlan command to allow only authorised users to access this group s wlan R...

Page 492: ...t 0 testing 9 Save the changes and restart the RADIUS service RFS7000 config radsrv service radius restart Sep 08 17 48 04 2006 PM 5 PROCSTOP Process radiusd has been stopped Sep 08 17 48 05 2006 RADCONF radius config files generated successfully RFS7000 config radsrv Sep 08 17 48 05 2006 DAEMON 6 INFO radiusd 8830 Ready to process requests ...

Page 493: ...ature When you need help anytime at the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and y...

Page 494: ...y LDAP server configuration secondary Secondary LDAP server configuration host LDAP IP Address LDAP server ip configuration A B C D LDAP server ip address port number Enter the TCP IP port number for the LDAP server acting as the data source login Use the following as the login sAMAccountName Stripped User Name User Name bind dn Specifies the distinguished name to bind with the LDAP server base dn...

Page 495: ...er Name bin d dn cn admin ou wid dc symbolTech dc local base dn ou wid dc symbolTech dc local passwd SYMBOL 123 passwd attr UserPassword group attr cn group filter objectClass group member Ldap UserDn objectClass GroupOfUniqueNames uniquemember L dap UserDn group membership radiusGroupName net timeout 1 RFS7000 config ...

Page 496: ...dsrv nas A B C D M Radius client IP address RFS7000 config radsrv nas 10 10 10 0 24 key Radius client shared secret RFS7000 config radsrv nas 10 10 10 0 24 key 0 Password is specified UNENCRYPTED 2 Password is encrypted with password encryption secret LINE The secret client shared secret upto 32 characters RFS7000 config radsrv nas 10 10 10 0 24 key 0 very secret A B C D M RADIUS Client IP address...

Page 497: ... data source RFS7000 config radsrv RFS7000 config radsrv no ca trust point RFS7000 config radsrv authentication RADIUS authentication ca Configures ca certificate parameters crl check Certificate Revocation List CRL check group Local RADIUS Server group configuration ldap server LDAP server parameters nas RADIUS client proxy RADIUS proxy server rad user RADIUS user configuration server Configures ...

Page 498: ...h waits for a reply to a RADIUS request before retransmitting the request Example RFS7000 config radsrv proxy realm Test server 10 10 10 1 port 2220 secret Very Very Secret RFS7000 config radsrv RFS7000 config radsrv proxy retry count 5 RFS7000 config radsrv RFS7000 config radsrv proxy retry delay 8 RFS7000 config radsrv realm WORD Realm name is a string of up to 50 characters server A B C D Proxy...

Page 499: ...0 config radsrv rad user guest1 password 0 password1 group guest group guest expiry time 12 12 expiry date 05 12 2007 start time 12 12 start date 05 11 2007 RFS7000 config radsrv WORD Enter a user name up to 64 characters in length password 0 2 WORD RADIUS user password 0 Password is specified as UNENCRYPTED 2 Password is encrypted with a password encryption secret WORD Enter password up to 21 cha...

Page 500: ...reated crypto on page 5 17 Syntax server trust point Parameters Usage Guidelines Create a trustpoint using crypto pki trustpoint Server certificate is created under the trustpoint using crypto pki commands Refer to crypto on page 5 17 for more details Example RFS7000 config radsrv server trust point TestTP RFS7000 config radsrv trust point WORD Trustpoint configuration WORD Existing trustpoint nam...

Page 501: ...p gtc peap mschapv2 tls all peap mschapv2 authentication eap auth type ttls md5 ttls pap ttls mschapv2 peap gtc peap mschapv2 tls all tls authentication eap auth type ttls md5 ttls pap ttls mschapv2 peap gtc peap mschapv2 tls all ttls md5 authentication eap auth type ttls md5 ttls pap ttls mschapv2 peap gtc peap mschapv2 tls all ttls mschapv2 authentication eap auth type ttls md5 ttls pap ttls msc...

Page 502: ...uration and buffer mac Media Access Control management Display L3 Managment Interface name mobility Display Mobility Parameters ntp Network time protocol password encryption password encryption privilege Show current privilege level radius Radius configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy ...

Page 503: ...Trust point Configured For Radius ________________________________ Server Trust point tp1 CA Trust point default trustpoint RFS7000 config show radius configuration Radius Server Configuration Server Status enabled Data Source local RFS7000 config ...

Page 504: ...Overview 19 30 ...

Page 505: ...ations to adopted APs page 20 4 adopt unconf radio Adopts a radio even if not configured The default templates is used for configuration page 20 5 adoption pref id Defines a preference identifier for the switch All radios configured with this identifier are more likely to be adopted by this switch page 20 6 ap Envokes AP related commands to define the name and location of the AP page 20 7 ap detec...

Page 506: ... and moves to the EXEC mode page 20 20 exit Ends the current mode and moves to the previous mode page 20 21 fix broadcast dhcp rsp Converts broadcast DHCP server responses to unicast response page 20 22 help Describes the interactive help system page 20 23 ids Intrusion detection configuration commands page 20 24 mac auth local Local MAC authentication list page 20 26 manual wlan mapping Allows ma...

Page 507: ... configuration commands page 20 43 sensor Wireless Intrusion Protection System WIPS parameters page 20 45 service Service commands page 20 46 show Shows running system information page 20 51 wlan Wireless LAN related commands page 20 53 wlan bw allocation Allocates radio bandwidth per WLAN page 20 67 Command Description Ref ...

Page 508: ...RFS7000 config wireless aap config apply def delay 100 RFS7000 config wireless RFS7000 config wireless aap config apply mesh delay 100 RFS7000 config wireless config apply def delay mesh delay 30 10000 Apply Configuration settings def delay 30 10000 Default time in seconds to delay before applying config mesh delay 30 10000 Time to delay in seconds before applying config to Mesh APs ...

Page 509: ...is command to adopt a radio even if not yet configured The default template is used for configuration Syntax adopt unconf radio Parameters Example RFS7000 config wireless adopt unconf radio enable RFS7000 config wireless enable Enables the adoption of unconfigured radios ...

Page 510: ...s command as a switch preference identifier Radios configured with this identifier are more likely to be adopted by this switch Syntax adoption pref id Parameters Example RFS7000 config wireless adoption pref id 500 RFS7000 config wireless 1 65535 Select a pref ID within 1 65535 ...

Page 511: ...p AP index MAC Address location name Parameters Example RFS7000 config wireless ap 00 15 70 14 FE C4 location 5th Floor SalesUnit RFS7000 config wireless AP Index A single AP index Use show wireless ap command ot view the AP s index value MAC Address AP s MAC address Use show wireless ap command ot view the AP s index value ...

Page 512: ...h 520 RFS7000 config wireless RFS7000 config wireless ap detection timeout approved 500 RFS7000 config wireless approved The approved access port list add 1 200 Adds an entry to the approved access port list MAC Address Select either MAC MAC address in AA BB CC DD EE FF format any Any MAC address SSID Select either LINE A string of up to 32 characters any Any SSID enable Allows access ports to loo...

Page 513: ...p ip 1 switch ip add 192 168 10 25 10 10 1 4 RFS7000 config wireless RFS7000 config wireless ap ip default ap switch ip set default RFS7000 config wireless List of Indices MAC address Use show wireless ap to view the AP s index or MAC address Select the AP s index MAC Address to modify its static IP address static ip Static IP address netmask and gateway address of the AP A B C D M Static IP addre...

Page 514: ...d to configure the UDP port for layer 3 AP adoption Configure the DHCP server supporting the AP s with the same parameter Syntax ap udp port 1 65535 Parameters Example RFS7000 config wireless ap udp port 10 RFS7000 config wireless 1 65535 The port number used for layer 3 AP adoption ...

Page 515: ...and mobile units Syntax broadcast tx speed range throughput Parameters Example RFS7000 config wireless broadcast tx speed range RFS7000 config wireless RFS7000 config wireless broadcast tx speed throughput RFS7000 config wireless range Uses the lowest basic rate Provides the maximum range throughput Uses the highest basic rate Provides the maximum throughput default ...

Page 516: ...ig wireless wlan 1 nac server primary 192 168 0 1 RFS7000 config wireless wlan 1 nac server primary radius key 0 testing RFS7000 config wireless wlan 1 nac server secondary 192 168 1 1 RFS7000 config wireless wlan 1 nac server secondary radius key 0 testing123 Enable NAC mode for WLAN RFS7000 config wireless wlan 1 nac mode do nac except exclude list Undo the above configuration RFS7000 config wir...

Page 517: ...less client list station host name MU mac address MU mac mask Parameters Example RFS7000 config wireless client list station ExcludeList1 AA BB CC DD EE FF RFS7000 config wireless client list Command Description clrscr Clears the display screen end Ends the current mode and moves to the EXEC mode exit Ends the current mode and moves to the previous mode help Description of the interactive help sys...

Page 518: ... wlan 1 256 WLAN to delete the client exclude list name from the WLAN Syntax config wireless client list wlan 1 256 WLAN name Parameters Example RFS7000 config wireless client list wlan 1 RFS7000 config wireless client list wlan 1 256 WLAN name 1 256 A single wlan index WLAN A list eg 1 3 7 or range eg 3 7 of wlan indices ...

Page 519: ...20 15 20 1 10 clrscr Wireless Configuration Commands Use this command to clear the screen Syntax clrscr Parameters None Example RFS7000 config wireless clrscr RFS7000 config wireless ...

Page 520: ...ss convert ap 1 default RFS7000 config wireless 1 256 Indices of the access port s converted from the show wireless ap command default Lets the access port negotiate its normal mode of operation with the switch without enforcing any conversion sensor Converts an AP300 to operate as an IDS sensor Note The switch does not adopt this access port again until it is converted back to a regular AP300 usi...

Page 521: ... Usage Guidelines Use the show wireless country code command to view the list of supported countries Example RFS7000 config country code us WARNING Select only the country in which you are using the device Any other selection may make the operation of this device illegal RFS7000 config country code Uses the two letter ISO 3166 country code show wireless country code list to view the list of suppor...

Page 522: ...ion Commands Use this command to record mobile unit DHCP state information Syntax dhcp sniff state Parameters Example RFS7000 config wireless dhcp sniff state enable RFS7000 config wireless enable Enables the recording of DHCP state information for mobile units ...

Page 523: ...1 shared key auth Parameters Example RFS7000 config wireless dot11 shared key auth enable RFS7000 config wireless NOTE Shared key authentication has known weaknesses that compromise WEP key It must only be configured to accomodate mobile units unable to conduct Open System authentication enable Enables support for shared key authentication ...

Page 524: ... 15 end Wireless Configuration Commands Use this command to end and exit the current mode and move to the PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config wireless end RFS7000 ...

Page 525: ...Wireless Configuration Commands Use this command to exit the current mode and move to the previous mode The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config wireless exit RFS7000 config ...

Page 526: ...this command to convert broadcast DHCP server responses to be unicast Syntax fix broadcast dhcp rsp enable Parameters Example RFS7000 config wireless fix broadcast dhcp rsp enable RFS7000 config wireless enable Enables support for converting broadcast DHCP server responses to unicast ...

Page 527: ...the command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match...

Page 528: ... of anomalous frames on the RF network all Enables anomalous frames bad essid frame 1 10 Enables an AP detector to find frames with bad ESSIDs beacon broadcast essid Enables an AP detector to find beacons with broadcast ESSIDs invalid 8021x frame Detects invalid 802 1x frames invalid frame length Detects invalid frame lengths invalid frame type Detects invalid frame types multicast source Broadcas...

Page 529: ... authentication and association requests authentication fails Failure to authenticate Radius Kerberos crypto replay fails TKIP CCMP IV replay check failure decryption fails Decryption failures disassociations Disassociation and de authentication frames eap naks Excessive EAP NAKs eap starts EAP 802 1x start frames probe requests Probe request frames unassoc frames Frames from unassociated mobile u...

Page 530: ...c auth local 452 allow 12 11 11 120 12 11 11 150 3 7 TestString RFS7000 config wireless 1 1000 Entry for mac auth local allow Allows mobile units that match this rule to associate deny Denies association to mobile units that match this rule Starting MAC Address Starting MAC address in AA BB CC DD EE FF format Ending MAC Address Ending MAC address in AA BB CC DD EE FF format Range List of WLAN Indi...

Page 531: ...ration Commands Use this command to manually map un map WLANs configured on a radio Syntax manual wlan mapping Parameters Example RFS7000 config wireless manual wlan mapping enable RFS7000 config wireless enable Enables support for manual WLAN mapping ...

Page 532: ...ile unit association history enable RFS7000 config wireless RFS7000 config wireless mobile unit probe history add 20 AA BB CC DD EE FF RFS7000 config wireless association history Enables the mobile unit s association history enable Enables the mobile unit s association history probe history Mobile unit probe logging configuration commands add 1 200 Adds a mobile unit to probe history logging Selec...

Page 533: ...s RFS7000 config wireless mobility local address 12 12 12 1 RFS7000 config wireless RFS7000 config wireless mobility max roam period 10 RFS7000 config wireless RFS7000 config wireless mobility peer 157 208 235 108 RFS7000 config wireless enable Enables mobility globally local address IP address Sets the local address for mobility A B C D IP Address of A B C D format max roam period 1 300 Sets the ...

Page 534: ...lan range Parameters Example RFS7000 config wireless multicast packet limit 120 50 RFS7000 config wireless multicast packet limit RFS7000 config wireless multicast packet limit 120 1 10 25 RFS7000 config wireless multicast packet limit 0 128 1 4094 vlan range Multicast packet limit per second 1 4094 Single VLAN ID 1 4094 that the new limit applies to vlan range A list 1 3 7 or range 3 7 of VLAN ID...

Page 535: ...multicast throttle watermarks low 10 high 20 RFS7000 config wireless low 0 100 Configures the low water mark If the percentage of free packets in the system is lower than this threshold the incoming frame will be dropped high 0 100 Configure the high water mark If the percentage of free packets in the system is between the low water mark and this value the packet is subjected to a random early dro...

Page 536: ...d country code dhcp sniff state dot11 shared key auth fix windows dhcp ids mac auth local manual wlan mapping mobile unit mobility oversized frames proxy arp qos mapping radio self heal sensor service smart scan channels wlan Parameters Refer to Table 20 1 on page 20 1 for the parameters negated using the no command Example RFS7000 config wireless no mobility enable RFS7000 config wireless ...

Page 537: ...s Configuration Commands Use this command to respond to ARP requests on behalf of mobile units Syntax proxy arp Parameters Example RFS7000 config wireless proxy arp enable RFS7000 config wireless enable Enables support for proxy arp ...

Page 538: ... RFS7000 config wireless wired to wireless Mappings used while switching wired traffic over the air dot1p 0 7 Configures the mapping of 802 1p tags to access categories Specify more than one 802 1p tag 0 7 if needed dscp 0 63 Configures the mapping of DSCP values to access categories Specify more than one DSCP value 0 63 if needed background Background category traffic best effort Best effort cate...

Page 539: ...cs random 4 20 radio 1 4096 client bridge bridge select mode auto manual enable mesh timeout 2 200 ssid SSID name radio 1 4096 coordinates x coordinates y coordinates z coordinates radio 1 4096 copy config from 1 1000 default 11a default 11b default 11bg radio 1 4096 dtim period 1 50 bss 1 4 radio 1 4096 location led start flashing stop flashing radio 1 4096 neighbor smart scan 1 4096 radio range ...

Page 540: ...ser selects wireless lans d the system assigns them to a BSS automatically WLAN A list 1 3 7 or range 3 7 of WLAN indices When a BSS is specified the first WLAN is used as the primary WLAN When the auto option is used the system automatically assigns the first four WLANs as primaries on their respective BSS s channel power indoor outdoor 1 2000 acs random 4 20 Location channel and transmit power l...

Page 541: ...nhanced beacon table for AP locationing enhanced probe table Enables enhanced probe table for MU locationing location led start flashing stop flashing Changes the mode of operation of the LEDs on an AP start flashing Requests parent ap of specified radio to begin flashing its LEDs to help locate it stop flashing Requests parent ap of specified radio to revert its LEDs to normal mode of operation l...

Page 542: ...uns Auto Channel Selection on a radio The radio must already have been configured for ACS self heal offset 0 30 Configures the self healing offset measured in dBm for regulatory Note This offset is based off the regulatory maximum power for the specified channel the command show wireless regulatory shows the max power allowed short preamble Enables short preamble support Note Disables support for ...

Page 543: ...sic11 basic 11 Mbps basic12 basic 12 Mbps basic18 basic 18 Mbps basic2 basic 2 Mbps basic24 basic 24 Mbps basic36 basic 36 Mbps basic48 basic 48 Mbps basic54 basic 54 Mbps basic5p5 basic 5 5 Mbps basic6 basic 6 Mbps basic9 basic 9 Mbps default Factory default rates based on radio type range All rates enabled the lowest one set to basic throughput All rates basic note only g clients allowed on 11bg...

Page 544: ...Arbitration Inter Frame Spacing Number AIFSN is the wait time in milliSeconds between data framesderived using AIFSN and the slot time burst 0 65535 transmit opportunity An interval when a particular WMM mobile unit has the right to initiate transmissions on the wireless medium cw 0 15 Contention Window parameters Select a number between 0 and the minimum contention window to wait before re attemp...

Page 545: ...config wireless all 11b All 11b radios currently in configuration all 11bg All 11bg radios currently in configuration configure 8021X Configures the 802 1X username and password on adopted access ports default 11a Default 11a configuration template default 11b Default 11b configuration template dns name WORD MAC Address Configures the DNS name used in the L3 Discovery of adopted access ports AA BB...

Page 546: ...000 config wireless rate limit down 1000 RFS7000 config wireless RFS7000 config wireless rate limit up 20000 RFS7000 config wireless down 0 100000 Up link direction From wireless client to network Defined in the range of 0 100000 kbps 0 disable rate limit up 0 100000 Down link direction From network to wireless client Defined in the range of 0 100000 kbps 0 disable rate limit ...

Page 547: ...vents a radio from changing channels continuously Set the hold time between 0 65535 seconds retries 0 0 15 0 The average number retries to force a radio to re run auto channel selection Set a value between 0 15 neighbor recovery Neighbor recovery configuration commands action both none open rates raise power radio 1 4096 RADIO Radio self healing action when neighbors are detected down both Raises ...

Page 548: ...erence avoidance hold time 600 RFS7000 config wireless RFS7000 config wireless self heal neighbor recovery enable Note reducing the configured transmit power of radios will ensure that there is room to increase power when a neighbor fails RFS7000 config wireless RFS7000 config wireless self heal neighbor recovery neighbors 1 1 RFS7000 config wireless ...

Page 549: ...on of the sensor to defaults request config Poll the sensor for its latest configuration information revert to ap Revert an IDS sensor back to an access port that can service mobile units default config ip mode wips server ip Default configuration sent to sensors when configured ip mode Configures the IP address mode of the sensors dhcp Sensors must use DHCP to obtain an IP address static A B C D ...

Page 550: ...ory to access port history The following options can be used to access ap history XX XX XX XX XX XX Access port MAC buffer counters Allocation counts for various buffers enhanced beacon table config report This command displays the details of the configuration and the information gathered for AP locationing config Displays the configuration of AP locationing report Displays the information gathere...

Page 551: ... interval 10 60 scan time 100 1000 This command configures and use an AP for detecting and locating other AP s in the network channel set a bg 1 200 802 11a 802 11bg channel set settings used for AP locationing a bg Add channels to channel set for Enhanced Beacon Table for 802 11a bg A seperate channel set can be configured for radio type a and radio type bg 1 200 List of space separated channel n...

Page 552: ...obes received by an AP enable Disables or enables gathering of information for MU locationing erase report Erases all MU Probe Table locationing reports collected by the switch max mu 0 512 Configures the maximum number of MUs that can be scanned reported for Probe Table information preferred MAC Address Adds an entry to the preferred MU list This lists the MU MAC addresses for which the MU Locati...

Page 553: ...22 wlan 1 vlan_id 0 limit 0 users 0 log_sent 0 23 wlan 1 vlan_id 0 limit 0 users 0 log_sent 0 24 wlan 1 vlan_id 0 limit 0 users 0 log_sent 0 25 wlan 1 vlan_id 0 limit 0 users 0 log_sent 0 26 wlan 1 vlan_id 0 limit 0 users 0 log_sent 0 27 wlan 1 vlan_id 0 limit 0 users 0 log_sent 0 28 wlan 1 vlan_id 0 limit 0 users 0 log_sent 0 29 wlan 1 vlan_id 0 limit 0 users 0 log_sent 0 30 wlan 1 vlan_id 0 limi...

Page 554: ...anced beacon table channel set a 44 52 RFS7000 config wireless RFS7000 config wireless service enhanced beacon table enable RFS7000 config wireless RFS7000 config wireless service enhanced beacon table erase report RFS7000 config wireless RFS7000 config wireless service enhanced beacon table max ap 50 RFS7000 config wireless RFS7000 config wireless service enhanced beacon table scan interval 30 RF...

Page 555: ...ce name mobility Display Mobility parameters ntp Network time protocol password encryption password encryption port channel Portchannel commands privilege Show current privilege level radius RADIUS configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch redundancy members Display redundancy group members in detai...

Page 556: ...ss AP Number of access ports adopted 2 Available licenses 254 Redundancy enabled N Redundancy mode active Mac Radios indices Model Number Adoption Mode 1 00 15 70 11 34 82 2 3 4 WSAP 5100 100 WW L2 vlan 1 2 00 A0 F8 EA 4C 99 2 1 2 WSAP 5100 100 WW L2 vlan 2 RFS7000 config wireless ...

Page 557: ...list webpage webpage location wlan 1 256 hotspot allow list Rule index IP address wlan 1 256 hotspot webpage external internal failure login welcome wlan 1 256 hotspot webpage location advanced external internal wlan 1 256 kdc password 0 LINE realm LINE server primary secondary timeout wlan 1 256 kdc server primary secondary timeout auth port 1 65535 wlan 1 256 nac mode bypass nac except include l...

Page 558: ...ve command fast roaming enable Enables the 802 11 extension accounting none radius syslog Accounting on this WLAN none No accounting on this WLAN radius Uses RADIUS accounting on this WLAN syslog Uses syslog accounting on this WLAN add vlan 1 4094 VLAN limit 0 8192 Instead of starting a new VLAN assignment for the given WLAN this command adds a VLAN assignment to the existing VLAN assignment All p...

Page 559: ...ot Web based authentication kerberos Kerberos authentication encryption type changes to wep128 if its not already wep128 keyguard mac auth MAC authentication RADIUS lookup of MAC address none None pre shared keys client bridge backhaul enable Enables Client bridge backhaul support on this WLAN description The description of this WLAN ...

Page 560: ...irwise master keys fast roaming with eap 802 1X phrase 0 2 LINE Configures the passphrase 0 Password is specified UNENCRYPTED 2 Password is encrypted with password encryption secret LINE A passphrase between 8 and 63 characters long pmk caching Enables the use of cached pairwise master keys fast roaming with eap 802 1X preauthentication Enables support for 802 11i pre authentication second key ena...

Page 561: ...l Key Integrity Protocol TKIP tkip ccmp Enables both tkip and ccmp on this WLAN wep128 Enables Wired Equivalence Privacy WEP with 128 bit keys wep128 keyguard Enables both WEP128 as well as Keyguard MCM on this WLAN wep64 Enables Wired Equivalence Privacy WEP with 64 bit keys Note A wep64 configuration is insecure when two WLANs are mapped to the same VLAN and one uses no encryption and the other ...

Page 562: ...entication login Users are prompted for their username and password within this Web page welcome Users are redirected to this Web page after they authenticate successfully webpage location advanced external internal The location of the Web pages used for authentication These pages can either be hosted on the switch or an external Web Server advanced Uses login welcome failure Web pages created by ...

Page 563: ...ies KDC server parameters timeout Time the switch waits for a response from the KDC Server before retrying mobility enable Enables L3 Mobility on WLAN s mu mu disallow switch to wired Disallows frames from one MU to another MU on this WLAN switch to wired Disallows switching the frame out on the wired side to allow an external switch to decide whether this frame is allowed or dropped nac mode bypa...

Page 564: ...UNENCRYPTED 2 Password is encrypted with password encryption secret Shared Configuring NAC server shared secret timeout 1 300 Time the wireless switch waits for a response from the RADIUS server before retrying This is a global setting for both the primary and secondary server retransmit 1 100 Number of retries before the wireless switch will give up and disassociate the mobile unit Note The RFS70...

Page 565: ...st2 AA BB CC DD EE FF The Egress prioritization multicast mask AA BB CC DD EE FF MAC address in AA BB CC DD EE FF format prioritize voice Prioritizes voice frames over general data frames applies non WMM mobile unit svp enable Enables Spectralink Voice Prioritization support on this WLAN weight 1 10 Sets the egress weight relative priority to other WLANs of this WLAN wmm 8021p background best effo...

Page 566: ...ent mac auth format mobile unit reauth server Modify Radius 802 1X related parameters accounting mode start interim stop interval 60 3600 start stop stop only Used to configure RADIUS accounting parameters mode Accounting Mode on the WLAN start interim stop Accounting Start Interim Stop interval 60 3600 Interval between successive accounting updates start stop Sends Accounting Start Stop stop only...

Page 567: ... EE FF pair dash Dash Delimiter per Pair AA BB CC DD EE FF quad dot Dot Delimiter per Four Hex AABB CCDD EEFF mobile unit timeout 1 60 retransmit 1 10 Modifies RADIUS 802 1X supplicant related parameters timeout 1 60 Time in seconds the switch waits for a response from the mobile unit before retrying retransmit 1 10 Number of retries before the switch gives up and disassociates the mobile unit rea...

Page 568: ...in Beacon frames set vlan user limit 1 4094 VLAN Sets user limits on vlans for this WLAN 1 4094 VLAN VLAN range list It can be either a single index or a list eg 1 3 7 or range eg 3 7 of indices ssid The SSID of this WLAN syslog accounting server IP Address port Port number Syslog Accounting accounting Modifies accounting parameters server IP Address Modifies syslog accounting server IP address po...

Page 569: ...0 config wireless RFS7000 config wireless wlan 25 kdc server primary 1 2 3 4 auth port 50000 RFS7000 config wireless RFS7000 config wireless wlan 25 mobility enable RFS7000 config wireless RFS7000 config wireless wlan 1 nac mode bypass nac except include list RFS7000 config wireless wep128 key 1 4 ascii hex 0 2 WORD phrase LINE wep default key 1 4 Configures WEP128 parameters key 1 4 Configures pr...

Page 570: ... 25 radius accounting timeout 30 retransmit 50 RFS7000 config wireless RFS7000 config wireless wlan 25 radius mobile unit timeout 30 retransmit 5 RFS7000 config wireless RFS7000 config wireless wlan 25 ssid TestString RFS7000 config wireless RFS7000 config wireless wlan 25 syslog accounting server 12 13 14 125 port 5005 RFS7000 config wireless ...

Page 571: ... Commands Use this command to enable WLAN bandwidth allocation on all radios Syntax wlan bw allocation enable Parameters Example RFS7000 config wireless wlan bw allocation enable RFS7000 config wireless enable Enables WLAN bandwidth allocation on all radios ...

Page 572: ...Overview 20 68 ...

Page 573: ...mary Command Description Ref adapter Configures the SOLE Adapter page 21 2 clrscr Clears the display screen page 21 3 end Ends current mode and moves to the EXEC mode page 21 4 exit Ends current mode and moves to the previous mode page 21 5 help Displays the interactive help system page 21 6 no Negates a command or set its defaults page 21 7 service Displays service commands page 21 8 show Display...

Page 574: ...idelines Use no adapter aeroscout enable enable to disable aeroscout or all SOLE adapter The SOLE adapter is disabled by default Example RFS7000 config sole adapter aeroscout enable RFS7000 config sole adapter aeroscout enable SOLE Adapter name aeroscout Name of the adapter enable Enables SOLE adapter NOTE SOLE currently supports only Aeroscout adapter ...

Page 575: ...21 3 21 1 2 clrscr SOLE Config Commands Use this command to clear the display screen Syntax clrscr Parameters None Example RFS7000 config sole clrscr RFS7000 config sole ...

Page 576: ...21 1 3 end SOLE Config Commands Use this command to end and exit from the current mode and change to the PRIV EXEC mode The prompt changes to RFS7000 Syntax end Parameters None Example RFS7000 config sole end RFS7000 ...

Page 577: ...t SOLE Config Commands Use this command to end current mode and move to the previous mode GLOBAL CONFIG The prompt changes to RFS7000 config Syntax exit Parameters None Example RFS7000 config sole exit RFS7000 config ...

Page 578: ...e command line please press If nothing matches the help list will be empty and you must backup until entering a shows the available options Two styles of help are provided 1 Full help is available when you are ready to enter a command argument e g show and describes each possible argument 2 Partial help is provided when an abbreviated argument is entered and you want to know what arguments match t...

Page 579: ...elines Use no adapter aeroscout enable enable to either disable the aeroscout adapter or all SOLE adapters The SOLE adapter is disabled by default Example RFS7000 config sole no adapter aeroscout enable RFS7000 config sole ADAPTER enable Disables the specified SOLE adapter enable Using this with no disables all SOLE adapters ...

Page 580: ...vice show cli service show cli show access list show access list 1 99 show access list 1 99 100 199 1300 1999 2000 2699 WORD 100 199 show access list 1 99 100 199 1300 1999 2000 2699 WORD 1300 1999 show access list 1 99 100 199 1300 1999 2000 2699 WORD 2000 2699 show access list 1 99 100 199 1300 1999 2000 2699 WORD WORD show access list 1 99 100 199 1300 1999 2000 2699 WORD aclstats vlan 1 4094 s...

Page 581: ...21 9 new show alarm log count all new acknowledged severity to limit 1 65535 RFS7000 config sole ...

Page 582: ... MAC address table management Display L3 Managment Interface name mobility Display Mobility parameters ntp Network time protocol password encryption password encryption port channel Portchannel commands privilege Show current privilege level radius RADIUS configuration commands redundancy group Display redundancy group parameters redundancy history Display state transition history of the switch re...

Page 583: ...00 config sole show sole stats adapter Adapter Type AeroScout Adapter Status enabled Number of messages received from engine 0 Number of messages sent to engine 0 Number of tag reports sent to engine 0 Time at which last message was received from engine Time at which last message was sent to engine RFS7000 config sole RFS7000 config sole show sole status adapter Type Status 1 AeroScout enabled RFS...

Page 584: ...Overview 21 12 ...

Page 585: ...t forth in support agreements If you purchased your Enterprise Mobility business product from a Motorola business partner contact that business partner for support Customer Support Web Site Motorola s Support Central Web site located at www symbol com support provides information and online assistance including developer tools software downloads product manuals and online repair requests Downloads...

Page 586: ...A 2 RFS7000 Series CLI Reference Guide ...

Page 587: ......

Page 588: ...MOTOROLA INC 1303 E ALGONQUIN ROAD SCHAUMBURG IL 60196 http www motorola com 72E 103891 01 Revision A January 2008 ...

Reviews:

No comments

Related manuals for RFS7000 Series

D-Link ShareCenter Quattro DNS-345 Quick Install Manual preview
ShareCenter Quattro DNS-345
Brand: D-Link Pages: 40
D-Link ShareCenter Quattro DNS-345 Datasheet preview
ShareCenter Quattro DNS-345
Brand: D-Link Pages: 4
D-Link AirPlus G DWL-G710 Troubleshooting preview
AirPlus G DWL-G710
Brand: D-Link Pages: 5
D-Link MYDLINK DNR-322L Datasheet preview
MYDLINK DNR-322L
Brand: D-Link Pages: 4
D-Link mydlink DNR-312L Quick Install Manual preview
mydlink DNR-312L
Brand: D-Link Pages: 8
D-Link AC750 Quick Install Manual preview
AC750
Brand: D-Link Pages: 12
D-Link DNS-722-4 Quick Install Manual preview
DNS-722-4
Brand: D-Link Pages: 16
D-Link DNS-722-4 User Manual preview
DNS-722-4
Brand: D-Link Pages: 88
SeaLevel 7406e User Manual preview
7406e
Brand: SeaLevel Pages: 17
Automationdirect.com CLICK PLUS C2-02CPU Quick Start Manual preview
CLICK PLUS C2-02CPU
Brand: Automationdirect.com Pages: 10
LSI MegaRAID SATA 300-4XLP Quick Installation Manual preview
MegaRAID SATA 300-4XLP
Brand: LSI Pages: 3
RAK RAK3372 Quick Start Manual preview
RAK3372
Brand: RAK Pages: 30
Zoom 4412A User Manual preview
4412A
Brand: Zoom Pages: 48
E-Lins H900 Series Quick Start Manual preview
H900 Series
Brand: E-Lins Pages: 9
Nvidia DGX A100 User Manual preview
DGX A100
Brand: Nvidia Pages: 115
ZyXEL Communications NBG318S v2 Specifications preview
NBG318S v2
Brand: ZyXEL Communications Pages: 2
ETC Power Control Processor Configuration Manual preview
Power Control Processor
Brand: ETC Pages: 64
Intel Core 2 Quad Q9400 Product Brief preview
Core 2 Quad Q9400
Brand: Intel Pages: 2

Brands by name

Popular brands

Load more brands