User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine Corporate Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
C O N T E N T S Preface xiii Audience xiii Conventions xiii Related Documentation xiv Obtaining Documentation xv World Wide Web xv Ordering Documentation xvi Documentation Feedback xvi Obtaining Technical Assistance xvi Cisco.
Contents Managing Profiles 2-7 Creating a Profile 2-8 Copying a Profile 2-8 Renaming a Profile 2-9 Editing a Profile 2-9 Deleting a Profile 2-10 Assigning a Profile to a Device 2-10 Viewing Devices 2-11 Profile Choices 2-12 Notification Settings 2-20 Setting Trap Notification 2-21 Setting Syslog Notification 2-22 Emailing Faults 2-23 CHAPTER 3 Configuring Devices 3-1 Using the Templates 3-1 Template Choices 3-2 Creating a Template 3-132 Copying a Template 3-133 Editing a Template 3-134 Deleting a Templa
Contents Assigning an Auto-Managed Configuration 3-154 CHAPTER 4 Updating Device Firmware 4-1 Managing Firmware Images 4-1 Viewing Images on the WLSE 4-2 Editing Image Details on the WLSE 4-3 Deleting Images from the WLSE 4-4 Importing Images 4-4 Using a Remote TFTP Server for Image Upload 4-9 Managing Firmware Jobs 4-9 Job Choices 4-10 Creating a Firmware Job 4-18 Using the Job Functions 4-18 CHAPTER 5 Using Reports 5-1 Using the Device Center 5-1 Viewing the Fault Summary Report 5-3 Viewing Device
Contents Displaying a Per VLAN Client Report 5-20 Displaying a Group Policy Report 5-21 Displaying an AP Summary Report 5-24 Displaying a Detailed Report 5-26 Displaying a Current Client Association Report 5-29 Displaying an EAP Authentication Report 5-30 Displaying an AP Ethertype Protocol Filters Report 5-32 Displaying an AP IP Protocol Filters Report 5-33 Displaying an AP IP Port Filters Report 5-35 Displaying an AP Policy Report 5-36 Displaying an AP QBSS QoS Report 5-38 Displaying an AP SSID Report 5-
Contents Displaying a Server Response Time Graph 5-65 Exporting a Report 5-66 Emailing a Report 5-66 Scheduling Email Jobs 5-68 Viewing Email Job Details 5-69 CHAPTER 6 Performing Administrative Tasks 6-1 Using Discovery and Managing Devices 6-2 Managing Devices 6-2 Specifying Device Credentials 6-6 Managing Device Discovery 6-10 Running Inventories 6-24 Viewing Inventory and Discovery Task History 6-27 Importing Devices 6-28 Exporting Devices 6-31 Adding, Modifying and Deleting AAA Servers 6-33 Managin
Contents Specifying Name Servers 6-71 Specifying an SMTP Mail Server 6-71 Using Connectivity Tools 6-72 Managing System Parameters 6-73 Administering Users 6-75 Managing Roles 6-75 Managing Users 6-77 Modifying Your Profile 6-80 Linking to a CiscoWorks2000 Server 6-81 CHAPTER 7 Frequently Asked Questions 7-1 CHAPTER 8 Troubleshooting 8-1 APPENDIX A Naming Guidelines A-1 APPENDIX B Command Reference B-1 Using the CLI B-2 CLI Conventions B-2 Command Privileges B-2 Checking Command Syntax B-2 Comm
Contents show clock B-11 show domain-name B-12 show interfaces B-13 show process B-13 show version B-14 traceroute B-15 Privilege Level 15 Commands B-17 auth B-17 backup B-18 backupconfig B-19 cdp B-20 clock B-21 df B-22 erase config B-23 firewall B-24 gethostbyname B-25 hostname B-25 import B-26 install configure B-27 install list B-28 install update B-29 interface B-30 ip domain-name B-31 ip name-server B-32 listbackup B-33 mail B-34 mailcntrl clear B-35 mailcntrl list B-35 mailroute B-36 nslookup B-36
Contents ntp server B-37 reload B-39 reinitdb B-40 repository B-40 repository add B-41 repository delete B-42 repository list B-43 repository server B-44 restore B-45 route B-46 services B-46 show anilog B-48 show auth-cli B-49 show auth-http B-49 show backupconfig B-50 show bootlog B-51 show cdp neighbor B-52 show cdp run B-52 show collectorlog B-53 show config B-54 show daemonslog B-55 show dmgtdlog B-56 show webaccesslog B-57 show weberrorlog B-58 show websslaccesslog B-59 show import B-59 show install
Contents show proc B-62 show repository B-63 show route B-64 show securitylog B-64 show snmp-server B-66 show ssh-version B-66 show syslog B-67 show tech B-68 show telnetenable B-68 show tomcatlog B-69 shutdown B-70 snmp-server B-71 ssh B-71 ssh-version B-72 telnet B-72 telnetenable B-73 username B-74 Maintenance Image Commands B-75 erase config B-75 fsck B-76 reload B-76 GLOSSARY INDEX User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine 78-14947-01 xi
Contents User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine xii 78-14947-01
Preface This manual describes the Wireless LAN Solution Engine (WLSE) and provides instructions for using it. Audience This document is for system administrators responsible for managing a wireless network who are familiar with some of the concepts and terminology of Ethernet and wireless local area networking.
Preface Related Documentation Note Caution Item Convention Menu items and button names boldface font Selecting a menu item Option > Network Preferences Means reader take note. Notes contain helpful suggestions or references to material not covered in the publication. Means reader be careful. In this situation, you might do something that could result in equipment damage or loss of data.
Preface Obtaining Documentation Online Documentation • Online help—Access the online help by clicking on the Help tab.
Preface Obtaining Technical Assistance Ordering Documentation Cisco documentation is available in these ways: • Registered Cisco.com users (Cisco direct customers) can order Cisco product documentation from the Networking Products MarketPlace: http://www.cisco.com/cgi-bin/order/order_root.pl • Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store: http://www.cisco.com/go/subscription • Nonregistered Cisco.
Preface Obtaining Technical Assistance Cisco.com Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world. Cisco.
Preface Obtaining Technical Assistance • Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available. • Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available. Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.
Preface Obtaining Technical Assistance To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to this URL: http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled: for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA).
Preface Obtaining Technical Assistance User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine xx 78-14947-01
C H A P T E R 1 Getting Started The following topics provide an overview of the Wireless LAN Solution Engine (WLSE), information about WLSE displays, and assistance with getting started: • Overview of the Wireless LAN Solution Engine, page 1-1 • Understanding the WLSE User Interface, page 1-2 • Logging In and Out, page 1-6 • Getting Started with Device Management, page 1-7 Overview of the Wireless LAN Solution Engine The WLSE is a hardware and software solution for managing Cisco wireless devices.
Chapter 1 Getting Started Understanding the WLSE User Interface The WLSE works by gathering fault, performance, and configuration information about Cisco devices that it discovers in your network. The devices must be properly configured for discovery. After devices are discovered, you decide which devices to manage with the WLSE.
Chapter 1 Getting Started Understanding the WLSE User Interface Tabs and Subtabs The dashboard contains the following tabs and subtabs: Table 1-1 Tabs and Subtabs Main Tab Subtabs For information, see... Faults Display faults—display device faults. Fault Monitoring, page 2-1. Manage Profiles—use profiles to set thresholds and policies. Fault Forwarding—send fault information (traps, syslog messages, and emails) Configure Templates—create configuration templates.
Chapter 1 Getting Started Understanding the WLSE User Interface Table 1-1 Main Tab Tabs and Subtabs (continued) Subtabs For information, see... Performing Administration Discover—run discoveries, enter device credentials, put devices under management, run immediate inventories, view Administrative Tasks, task history for inventory and discovery, import and export page 6-1. devices, and enter AAA servers (LEAP, RADIUS, and EAP-MD5) to be monitored. Group Management—view and manage device grouping.
Chapter 1 Getting Started Understanding the WLSE User Interface Device Name and IP Address Display Many WLSE displays include a field for the device name. The data displayed in this field differs depending upon the following: • If reverse DNS lookup is enabled on the WLSE, the device name is displayed in this field if the lookup succeeds. If the lookup fails, the device IP address is displayed.
Chapter 1 Getting Started Logging In and Out It is recommended that you check the current time on the WLSE and reset it to the correct time the first time you log in. For more information about setting the current time, see Setting the Current Time and Date on the WLSE, page 6-69. The WLSE’s system time is Universal Coordinated Time (UTC), and UTC is used in certain logs, such as the Discovery Run Log. To display or reset the UTC time, use the CLI clock command.
Chapter 1 Getting Started Getting Started with Device Management Note Login sessions automatically time out after 30 minutes of inactivity. Getting Started with Device Management Before you can use WLSE monitoring, configuration, firmware upgrading (or downgrading), and reporting, you must set up your devices, initiate discovery, and move devices into the managed state.
Chapter 1 Getting Started Getting Started with Device Management Table 1-2 Basic Initial Tasks (continued) Task Description and References 6. Move devices to the managed state and run inventory. You must move devices to the managed state on the WLSE before you can use configuration, reporting, and monitoring features; or you can specify that all discovered devices be automatically managed (see Managing Devices, page 6-2).
C H A P T E R 2 Fault Monitoring The Faults tab displays information to help you monitor your devices. All the device information shown under this tab is polled from the devices in your network. Following are the subtabs under Faults: Note Some of the subtabs may not be visible to some users.
Chapter 2 Fault Monitoring Displaying Faults Note Your login determines whether you can use this option. Procedure Step 1 Select Faults > Display Faults. The Fault window appears. Step 2 Use the Filter: bar to display the faults you want to view: Table 2-1 Display Faults Filter Bar Field Description Devices From the list, select the device type whose fault summary you want to display.
Chapter 2 Fault Monitoring Displaying Faults Table 2-1 Display Faults Filter Bar (continued) Field Description State From the list, select a states to display: Name/IP • All—Faults in all states are displayed. • Active—Faults are active (current) and have not been acknowledged. • Acknowledged—Faults that are active and have been acknowledged. • Cleared—Faults that have been cleared (no longer in an Active or Acknowledged state). Enter a complete or partial device name or IP address.
Chapter 2 Fault Monitoring Displaying Faults Step 3 Click Apply. The following table appears: Note If no data is displayed in the table, there are no faults for your filtering selection to report. Table 2-2 Display Faults Table Column Description IP Address The device IP address. Click to see various reports about the device. For information on the reports, see Using the Device Center, page 5-1. Hostname The device for which the fault is reported. Click to see various reports about the device.
Chapter 2 Fault Monitoring Displaying Faults Step 4 Step 5 Step 6 To sort table data, click on the column heading you want to use to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted. To acknowledge (change the state from Active to Acknowledged): • A single fault, select it, then click Acknowledge. • All faults, click Select All, then click Acknowledge.
Chapter 2 Fault Monitoring Displaying Faults Table 2-3 Fault Details Table (continued) Column Description Family The device family. Product The product name. Type The device or the device sub-entity (which could include a logical entity, such as software or a service) in which the fault is found. Note ifIndex If the Type is a sub-entity, additional columns appear with keys and values to help identify the precise sub-entity. These additional keys and values are MIB variables.
Chapter 2 Fault Monitoring Managing Profiles Fault History Table 2-5 Fault History Table Column Description State The state of the device. Severity The fault severity level. Description A description of the fault. Change A description of the state change. Timestamp Indicates the time, based on the client browser, that the state of the device last changed. See Time Display, page 1-5. By Displays the username of the person who changed the fault state.
Chapter 2 Fault Monitoring Managing Profiles • Assigning a Profile to a Device, page 2-10 • Viewing Devices, page 2-11 Creating a Profile Use this option to create a profile. Note Your login determines whether you can use this option. Procedure Step 1 Select Faults > Manage Profiles. The Profiles dialog box appears. Step 2 Enter a unique name. (See Naming Guidelines, page A-1 for details.) Step 3 Click Create New. The new name appears in the Existing Profiles list.
Chapter 2 Fault Monitoring Managing Profiles Step 2 Select the profile you want to copy from the Existing Profiles box, then click Create Copy. A dialog box appears asking you to enter a name for the copy. Step 3 Enter a unique name. (See Naming Guidelines, page A-1 for details.) Step 4 Click OK. The new name appears in the Existing Profiles list. Step 5 Select the name, then click Edit. The Editing Profile window appears. (See Editing a Profile, page 2-9.
Chapter 2 Fault Monitoring Managing Profiles Step 2 Select the policy you want to edit from the Existing Policies box, then click Edit. The Editing Profile window appears. Step 3 Select the policies and thresholds in the left pane that you want to assign to the profile. For a description, see Profile Choices, page 2-12. Deleting a Profile Use this option to delete a profile. Note Your login determines whether you can use this option. Procedure Step 1 Select Faults > Manage Profiles.
Chapter 2 Fault Monitoring Managing Profiles Procedure Step 1 Select Faults > Manage Profiles. The Profiles dialog box appears. Step 2 Select the profile you want to assign to the devices from the Existing Profiles box, then click Assign to Devices. The Assigning Profiles window appears. Step 3 If you want to search for devices, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b.
Chapter 2 Fault Monitoring Managing Profiles Procedure Step 1 Select Faults > Manage Profiles. The Profiles dialog box appears. Step 2 Select a profile from Existing Profiles box, then click View Devices. A window appears listing the devices that are assigned to that profile.
Chapter 2 Fault Monitoring Managing Profiles Step 2 • WEP Key Length—Go to Step 10 • HTTP Disabled—Go to Step 8 • Telnet Disabled—Go to Step 8 • PSPF Enabled—Go to Step 8 • User Manager Enforced—Go to Step 8 • HTTP Authentication—Go to Step 8 To activate the policy, do the following: Field Description Verify Select if you want to verify that SSID is enabled. Poll Interval From the list, select the polling interval.
Chapter 2 Fault Monitoring Managing Profiles Step 7 To remove a firmware version from the list, select it, click Remove, then go to Step 11.
Chapter 2 Fault Monitoring Managing Profiles Specifying Fault Thresholds This option allows you to set polling and exception threshold values collected from the devices you are monitoring. The threshold values you set in this window will determine how the faults are displayed in the Faults > Display Faults subtab. Note Your login determines whether you can use this option. Threshold choices include the following options: • Access Point—See Setting Access Point Fault Thresholds, page 2-15.
Chapter 2 Fault Monitoring Managing Profiles Step 2 • Ethernet Port Utilization—Go to Step 4. • Ethernet Port Packet Errors—Go to Step 4. • Associated Clients—Go toStep 4. • SSID Mismatch Rate—Go toStep 4. • Association Rate—Go to Step 4. Complete the following: Field Description Enable Select to enable a threshold for this component. Poll Interval From the list, select the polling interval.
Chapter 2 Fault Monitoring Managing Profiles Step 5 Field Description Degraded From the list, select the severity level, the percentage, and the number of polling cycles before the status is Degraded. OK From the list, select the severity level, the percentage, and the number of polling cycles before the status is OK. Click Reset to refresh any fields you have changed but want to restore, or Apply to set the new entries.
Chapter 2 Fault Monitoring Managing Profiles Step 2 Complete the following: Field Description Enable Select to enable a threshold for this component. Poll Interval From the list, select the polling interval. Settings Down From the list, select the severity level and the number of polling cycles before the status is Down. Up From the list, select the number of polling cycles before the fault is cleared and the status is Up. Step 3 Go to step Step 5.
Chapter 2 Fault Monitoring Managing Profiles Setting Router Fault Thresholds Using this option, you can set up the router’s SNMP reachable threshold. When the threshold is exceeded, a fault is generated and can be viewed under Faults > Display Faults. Procedure Step 1 Complete the following: Field Enable Poll Interval Settings Down Up Step 2 Description Select to enable a threshold for this component. From the list, select the polling interval.
Chapter 2 Fault Monitoring Notification Settings Procedure Step 1 Complete the following: Field Enable Poll Interval Settings Overloaded Degraded OK Step 2 Description Select to enable a threshold for this component. From the list, select the polling interval. From the list, select the severity level, the response time, and the number of polling cycles before the status is Overloaded.
Chapter 2 Fault Monitoring Notification Settings Related Topics • Displaying Faults, page 2-1 • Specifying Fault Thresholds, page 2-15 • Notification Settings, page 2-20 Setting Trap Notification This option allows you to enable the WLSE to send north-bound exception notification to one or more SNMP trap receivers. The exception notification contains information such as device name and IP, fault number, timestamp, exception severity, and a message describing the problem.
Chapter 2 Fault Monitoring Notification Settings Step 4 If you want a different host to receive trap notification, click add row. There is no limit to the number you can enter. To delete a row, click delete, next to the row you want to remove. Step 5 Click Reset to refresh any fields you have changed but want to restore, or Apply to save your settings.
Chapter 2 Fault Monitoring Notification Settings Step 3 Complete the following: Field Description Syslog Select to send syslog messages to designated syslog servers. Enter Syslog host names Enter the hostname/IP for the syslog servers. Names must be separated by a space, a comma, a semicolon, or a new line. Step 4 Click Reset to refresh any fields you have changed but want to restore, or Apply to save your settings.
Chapter 2 Fault Monitoring Notification Settings You have the option of sending the email notification as plain text or in an XML format. • An example of a message using plain text will appear as follows: FaultId 19 DeviceId 106 DeviceIp 172.20.29.
Chapter 2 Fault Monitoring Notification Settings Step 3 Complete the following: Field Description Email Select to enable email notification of exception information. Enter email addresses Enter the email addresses of users you want to receive exception notification. Addresses must be separated by a space, a comma, a semicolon, or a new line. Priority Tip From the list, select the priority of the exceptions you want to email.
Chapter 2 Fault Monitoring Notification Settings User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine 2-26 78-14947-01
C H A P T E R 3 Configuring Devices The Configure tab allows you to view, create, copy, edit, and delete configuration templates and apply them to large numbers of devices at a time.It also allows you to schedule a configuration job and to check on the job’s status. Following are the subtabs under Configure: Note Some of the subtabs may not be visible to some users. • Templates—See Using the Templates, page 3-1. • Jobs—See Managing Configuration Jobs, page 3-137.
Chapter 3 Configuring Devices Using the Templates • Importing a Template, page 3-135 • Exporting a Template, page 3-137 Related Topic Managing Configuration Jobs, page 3-137 Template Choices Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. When you create or edit a configuration template, the following choices appear in the left pane of the Templates window: 1.
Chapter 3 Configuring Devices Using the Templates Naming the Template This option enables to you to name the template. Procedure Note Step 1 Clicking Clear removes all the entries you have made. Select Template Name. The Template Name dialog box appears: Field Name Description Description Enter a name for the template. See Naming Guidelines, page A-1. Enter a description of the purpose of the template. See Naming Guidelines, page A-1 Step 2 Select a template category.
Chapter 3 Configuring Devices Using the Templates Procedure Step 1 Select Express Template. The Express dialog box displays in the right pane: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Table 3-1 Express Template Settings Field Description Reboot Device From the list, select Yes if you want to allow device reboots. SysName Enter a system name.
Chapter 3 Configuring Devices Using the Templates Table 3-1 Express Template Settings (continued) Field Description Configuration Server Protocol Set this entry to match the network’s method of IP address assignment. From the list, select one of the following options: Default Subnet Mask • None-Static IP—Use this if your network does not have an automatic system for IP address assignment.
Chapter 3 Configuring Devices Using the Templates Table 3-1 Express Template Settings (continued) Field Description Radio Service Set ID (SSID) Enter any alphanumeric, case-sensitive string, from 2 to 32 characters long. The SSID is a unique identifier that client devices use to associate with the access point. The SSID helps client devices distinguish between multiple wireless networks in the same vicinity and provides access to VLANs by wireless client devices.
Chapter 3 Configuring Devices Using the Templates Table 3-1 Express Template Settings (continued) Field Description Role in Network From the list, select one of the following: • Access Point—Use this setting if the access point is connected to the wired LAN. • Repeater—Use this setting for access points not connected to the wired LAN. • Survey Client—Use this setting when performing a site survey for a repeater access point.
Chapter 3 Configuring Devices Using the Templates Table 3-1 Express Template Settings (continued) Field Description Ensure Compatibility with Cisco From the list, select one of the following: Ensure Compatibility with 2MB/sec Clients Step 2 • Enable—Use this setting to automatically configure the device to be compatible with other Cisco devices on your wireless LAN.
Chapter 3 Configuring Devices Using the Templates Procedure Step 1 Select Association. The menu expands and the Association dialog box displays in the right pane. Step 2 Select one of the following from the Association menu: • Spanning Tree—See Defining Spanning Tree Protocol, page 3-9. • Address Filters—See Defining Address Filters, page 3-12. • Ethertype Filters—See Defining Ethertype Filters, page 3-14. • IP Protocol Filters—See Defining IP Protocol Filters, page 3-18.
Chapter 3 Configuring Devices Using the Templates Step 3 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Table 3-2 Spanning Tree Protocol Settings Field Description Spanning Tree Protocol (STP) From the list, select one of the following: Always Unblock Ethernet when STP is disabled • Enable—Use this setting to enable STP on the bridge.
Chapter 3 Configuring Devices Using the Templates Table 3-2 Spanning Tree Protocol Settings (continued) Field Description Max Age (6-40 Seconds) Enter the number of seconds to define how long the bridge waits before deciding the network has changed and the spanning tree needs to be rebuilt. For example, with Max Age set to 20, the bridge attempts to rebuild the spanning tree if it does not receive a hello BDPU from the root bridge in the spanning tree within 20 seconds.
Chapter 3 Configuring Devices Using the Templates Step 4 Select one of the following: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.
Chapter 3 Configuring Devices Using the Templates Field Description Lookup MAC address on Authentication Server if not in an Existing Filter List? Click one of the following: • Yes—Use this setting to allow looking up a MAC address on the authentication server. • No—Use this setting to disallow looking up a MAC address.
Chapter 3 Configuring Devices Using the Templates Step 5 Select one of the following: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Defining Ethertype Filters Procedure Step 1 Select Association > Ethertype Filters. The Association: Ethertype Filters dialog box appears.
Chapter 3 Configuring Devices Using the Templates Table 3-3 Creating New Ethertype Filters Settings Field Description Add New Ethertype Filter Set ID Enter an identification number for the filter set. Set Name Enter a descriptive filter set name. See Naming Guidelines, page A-1. Default Disposition From the list, select one of the following: • Forward—Use this setting to forward protocol traffic. • Block—Use this setting to block protocol traffic.
Chapter 3 Configuring Devices Using the Templates Deleting Ethertype Filters Procedure Step 1 To delete protocol filters for the access point's Ethernet port, select the set name from the Current Ethertype Filters list, then click Delete. Step 2 Select one of the following: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options.
Chapter 3 Configuring Devices Using the Templates Table 3-4 Ethertype Filter Special Cases Settings (continued) Field Description Priority From the list, select one of the following: • Default—This setting is the same as best effort, which applies to normal LAN traffic. • Background—Use this setting for bulk transfers and other activities that are allowed on the network but should not impact network use by other users and applications.
Chapter 3 Configuring Devices Using the Templates Step 4 Select one of the following: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.
Chapter 3 Configuring Devices Using the Templates Using this option you can also: • Create Special Cases —See Creating Special Cases, page 3-21. • Delete Special Cases—See Deleting Special Cases, page 3-23. Creating New IP Protocol Filters Procedure Step 1 To create and enable IP protocol filters, enter the following: Note Refer to the following URL for a list of IP protocols: http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/acc sspts/ap350scg/ap350axb.
Chapter 3 Configuring Devices Using the Templates Step 2 Click Add. The new name is added to the Current Protocol Filters list. Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.
Chapter 3 Configuring Devices Using the Templates Creating Special Cases Procedure Step 1 Select the default filter for which you want to define a special case. Step 2 Enter the following: Table 3-5 IP Protocol Filters Special Cases Settings Field Description Special Cases Protocol Enter the IP protocol name. Disposition From the list, select one of the following: • Default—Use the disposition you set for the protocol filter. • Forward—Use this setting to forward traffic.
Chapter 3 Configuring Devices Using the Templates Table 3-5 IP Protocol Filters Special Cases Settings (continued) Field Description Priority From the list, select one of the following: • Default—This setting is the same as best effort, which applies to normal LAN traffic. • Background—Use this setting for bulk transfers and other activities that are allowed on the network but should not impact network use by other users and applications.
Chapter 3 Configuring Devices Using the Templates Step 3 Click Add. The new name is added to the list box. Step 4 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.
Chapter 3 Configuring Devices Using the Templates Using this option you can also: • Create Special Cases —See Creating Special Cases, page 3-26. • Delete Special Cases—See Deleting Special Cases, page 3-28. Creating New Port Filters Procedure Step 1 To create and enable port filters, enter the following: Note Refer to the following URL for a list of IP port protocols: http://www.cisco.com/univercd/cc/td/doc/product/wireless/airo_350/acc sspts/ap350scg/ap350axb.
Chapter 3 Configuring Devices Using the Templates Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Deleting Port Filters Procedure Step 1 To delete a protocol filter, select the name from the Current Port Filters list, then click Delete.
Chapter 3 Configuring Devices Using the Templates Creating Special Cases Procedure Step 1 Select the default filter for which you want to define a special case. Step 2 Enter the following: Table 3-6 IP Port Filters Special Cases Settings Field Description Special Cases Port Enter the IP Port filter name. Disposition From the list, select one of the following: • Default—Use the disposition you set for the port filter. • Forward—Use this setting to forward protocol traffic.
Chapter 3 Configuring Devices Using the Templates Table 3-6 IP Port Filters Special Cases Settings (continued) Field Description Priority From the list, select one of the following: • Default—This setting is the same as best effort, which applies to normal LAN traffic. • Background—Use this setting for bulk transfers and other activities that are allowed on the network but should not impact network use by other users and applications.
Chapter 3 Configuring Devices Using the Templates Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Deleting Special Cases Procedure Step 1 To delete special cases, select the port name from the list box, then click Delete.
Chapter 3 Configuring Devices Using the Templates Procedure Step 1 Select Association > Policy Group. The Association: Policy Group dialog box appears. Step 2 Click see details to see which versions this option is valid for. Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Note Step 3 Using this option you can: • Add and delete a policy group—See Adding or Deleting a New Policy Group, page 3-29.
Chapter 3 Configuring Devices Using the Templates Field Description Receive Enter the ID of a defined IP protocol filter, or select one of the filters you created using Association > IP Protocol Filters. Transmit Enter the ID of a defined IP protocol filter, or select one of the filters you created using Association > IP Protocol Filters. IP Port Receive Enter the ID of a defined IP port filter, or select one of the filters you created using Association > IP Port Filters.
Chapter 3 Configuring Devices Using the Templates Step 2 To delete an identification number from the Policy Groups to Delete list, select it, then click Delete. Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.
Chapter 3 Configuring Devices Using the Templates Step 3 Enter the following information: Field Description VLAN (802.1Q) Tagging From the list, select one of the following: • Enabled—Use this setting to allow IEEE 802.1Q protocol tagging on VLAN packets. The IEEE 802.1Q protocol is used to interconnect multiple switches and routers, and for defining VLAN topologies. • Native VLAN ID Disabled—Use this setting to not allow tagging. Enter identification number of the access point’s native VLAN.
Chapter 3 Configuring Devices Using the Templates Adding a New VLAN Step 1 To add a new VLAN, enter the following: Table 3-7 Adding a New VLAN Settings Field Description VLAN ID Enter the identification number of the VLAN. Note This setting must match the setting on the switch. VLAN Name Enter the a unique name for the VLAN configured on the access point.
Chapter 3 Configuring Devices Using the Templates Table 3-7 Adding a New VLAN Settings (continued) Field Description Enhanced MIC verify WEP From the list, select one of the following: • None—Use this setting if you do not want Message Integrity Check (MIC) enabled. • MMH—Use this setting if you want MIC enabled to protect WEP keys. Note Temp Key Integrity Protocol When you enable MIC, only MIC-capable client devices can communicate with the access point.
Chapter 3 Configuring Devices Using the Templates Table 3-7 Step 2 Adding a New VLAN Settings (continued) Field Description Alert From the list, select one of the following: • Yes—Use this setting if you are not adding an encrypted VLAN. • No—Use this setting if you are adding an encrypted VLAN. WEP Keys 1 through 4 Enter the encryption keys used: 40 bit or 128 bit hexadecimal digits. Size For each WEP key, select one of the following: Not set, 40 bit, or 128 bit.
Chapter 3 Configuring Devices Using the Templates Step 3 To delete a group from the VLANs to Add list, select the name, then click Delete. Step 4 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.
Chapter 3 Configuring Devices Using the Templates Procedure Step 1 Select Association > Quality of Service. The Association: Quality of Service dialog box appears. Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Step 2 Click see details to see which versions this option is valid for.
Chapter 3 Configuring Devices Using the Templates Table 3-8 Quality of Service Settings (continued) Field Description Background From the CWmin and CWmax lists, select the minimum and maximum contention window values for each traffic category. (spare) Best Effort (default) Excellent Effort Controlled Load Interactive Video Interactive Voice Network Control Step 4 Select one of the following in the left pane: • Preview to see your changes before you apply them.
Chapter 3 Configuring Devices Using the Templates Step 3 Using this option you can: • Add a new Service Set—See Adding a New Service Set, page 3-39. • Delete an exiting Service Set from a device—See Deleting an Existing Service Set, page 3-42. Adding a New Service Set Procedure Step 1 To add a new Service set, enter the following: Table 3-9 New Service Set Settings Field Description Service Set ID (1-24) Enter an identification number for your SSID.
Chapter 3 Configuring Devices Using the Templates Table 3-9 New Service Set Settings (continued) Field Description Open From the list, select one of the following: Shared Network-EAP • Yes—Allows any device, regardless of its WEP keys, to authenticate and attempt to associate. This is the recommended setting. • No—Does not allow any device, regardless of its WEP keys, to authenticate and attempt to associate.
Chapter 3 Configuring Devices Using the Templates Table 3-9 New Service Set Settings (continued) Field Description Shared From the list, select one of the following: • Yes—Use this option if you use shared and EAP authentication to block client devices that are not using EAP from authenticating through the access point. • No—Use this option if you do not use shared and EAP authentication.
Chapter 3 Configuring Devices Using the Templates Deleting an Existing Service Set Procedure Step 1 Enter the Service Set number in the Service Set ID text box, then click Add to add it to the Service Sets to Delete list. Step 2 To delete an identification number from the list, select it, then click Delete. Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template.
Chapter 3 Configuring Devices Using the Templates Table 3-10 Advanced Association Settings Field Description Alert Severity Level From the list select one of the following: • systemFatal—Indicates an event that prevents operation of the port or device. • protocolFatal—Indicates an event that prevents operation of the port or device • portFatal—Indicates an event that prevents operation of the port or device • systemAlert—Indicates that you need to take action to correct the condition.
Chapter 3 Configuring Devices Using the Templates Table 3-10 Advanced Association Settings (continued) Field Max Bytes Stored Per Alert Packet Description • systemWarning—Indicates that an error or failure may have occurred. • protocolWarning—Indicates that an error or failure may have occurred. • portWarning—Indicates that an error or failure may have occurred. • externalWarning—Indicates that an error or failure may have occurred.
Chapter 3 Configuring Devices Using the Templates Table 3-10 Advanced Association Settings (continued) Field Description Enable Extended Stats in MIB From the list, select one of the following: • Enable—Use this setting to enable the storage of detailed statistics in the device’s memory. • Disable—Use this setting to disable the storage of detailed statistics in the device’s memory.
Chapter 3 Configuring Devices Using the Templates Table 3-10 Advanced Association Settings (continued) Field Description Unknown Class Timeout Enter the number of seconds the access point continues to track an inactive device depending on its class. Multicast Addresses Timeout Infrastructure Hosts Timeout Client Stations Timeout A setting of zero tells the access point to track a device indefinitely no matter how long it is inactive.
Chapter 3 Configuring Devices Using the Templates Configuring Port Assignments When you assign specific ports, your network topology remains constant even when devices reboot. Procedure Step 1 Select Association > Port Assignments. The Association: Port Assignments dialog box appears. Step 2 To define port assignments, enter the following: Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Configuring DSCP to CoS This option is use to statically map Differentiated Services Code-Point (DSCP) values to corresponding Class of Service (CoS) values. Procedure Step 1 Select Association > DSCP to CoS. The Association: DSCP to CoS Conversion dialog box appears. Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Configuring the Ethernet Port Use this option to configure the device’s Ethernet port. Procedure Step 1 Select Ethernet. The menu expands and the Ethernet dialog box displays in the right pane. Step 2 Select one of the following from the Ethernet menu: Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Step 2 Enter the following information to identify the port: Table 3-12 Ethernet Port Settings Field Description Primary Port? From the list, select one of the following: Adopt Primary Port Identity? Step 3 • Ethernet—Sets the Ethernet port for all access points other than AP1200’s as the primary port. • Ethernet AP 1200—Sets the Ethernet port for AP1200 access points as the primary port.
Chapter 3 Configuring Devices Using the Templates Note Changing this setting may cause the access point to reboot. Procedure Step 1 Select Ethernet > Filters. The Ethernet: Filters dialog box displays in the right pane. Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Setting Up Hardware This option allows you to select the hardware settings used by the access point’s Ethernet port.
Chapter 3 Configuring Devices Using the Templates Step 3 Complete the following: Table 3-14 Ethernet Hardware Settings Field Description Loss of Backbone Connectivity # of Secs (1-1000) Enter the number of seconds the system must detect loss of backbone connectivity (i.e. loss of Ethernet link and no active trunk available on any of the radios) before taking the specified by Loss of Backbone Connectivity Action.
Chapter 3 Configuring Devices Using the Templates Procedure Step 1 Select Ethernet > Advanced. The Ethernet: Advanced dialog box displays in the right pane. Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Table 3-15 Ethernet Advanced Settings (continued) Field Description Maximum Multicast Packets/Second Use this setting to control the number of multicast packets that can pass through the Ethernet port each second. If you enter 0, the access point passes an unlimited number of multicast packets. If you enter a number other than 0, the device passes only that number of multicast packets per second.
Chapter 3 Configuring Devices Using the Templates Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Configuring the 11b Radio Use this option to configure the device’s 11b radio. Procedure Step 1 Select 11b Radio.
Chapter 3 Configuring Devices Using the Templates Note Changing this setting may cause the access point to reboot. Procedure Step 1 Select 11b Radio > Identification. The 11b Radio: Identification dialog box displays in the right pane. Step 2 Enter the following information to identify the port: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Table 3-16 11b Radio Identification Settings Field Description Primary Port? From the list, select one of the following: Adopt Primary Port Identity? Step 3 Note If the primary port was set using Ethernet > Identification, the selected value is displayed. • Ethernet—Sets the Ethernet port for all access points other than AP1200’s as the primary port. • Ethernet AP 1200—Sets the Ethernet port for AP1200 access points as the primary port.
Chapter 3 Configuring Devices Using the Templates Setting Up 11b Radio Filters Note Changing this setting may cause the access point to reboot. Procedure Step 1 Select 11b Radio > Filters. The 11b Radio Filters dialog box displays in the right pane. Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Table 3-17 11b Radio Filters Settings (continued) Field Description IP Port Step 3 Receive Enter the ID of a defined IP port protocol filter, or select one of the filters you created using Association > IP Port Filters. Transmit Enter the ID of a defined IP port protocol filter, or select one of the filters you created using Association > IP Port Filters.
Chapter 3 Configuring Devices Using the Templates Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Table 3-18 11b Radio Hardware Settings Field Description Service SetID (SSID) Enter a unique identifier client devices use to associate with the access point. It can be any alphanumeric, case-sensitive string, from 2 to 32 characters long.
Chapter 3 Configuring Devices Using the Templates Table 3-18 11b Radio Hardware Settings (continued) Field Description Enable “World Mode” multi-domain operation? From the list, select one of the following: • yes—Allows the access point to add channel carrier set information to its beacon. Client devices with world-mode enabled receive the carrier set information and adjust their settings automatically. • no—Does not allow the access point to add channel carrier set information to its beacon.
Chapter 3 Configuring Devices Using the Templates Table 3-18 11b Radio Hardware Settings (continued) Field Description Fragmentation Threshold (256-2338) Enter a setting to determine the size at which packets are fragmented (sent as several pieces instead of as one block). Use a low setting in areas where communication is poor or where there is a great deal of radio interference.
Chapter 3 Configuring Devices Using the Templates Table 3-18 11b Radio Hardware Settings (continued) Field Description Data Beacon Rate (DTIM) Enter the amount of time, always a multiple of the beacon period, to determine how often the beacon contains a delivery traffic indication message (DTIM). The DTIM tells power-save client devices that a packet is waiting for them.
Chapter 3 Configuring Devices Using the Templates Table 3-18 11b Radio Hardware Settings (continued) Field Description Receive Antenna From the list, select one of the following: Transmit Antenna • Right—Use this setting if your access point has removable antennas and you install a high-gain antenna on the access point's right connector. (When you look at the access point's back panel, the right antenna is on the right.) Use this setting for both receive and transmit.
Chapter 3 Configuring Devices Using the Templates Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Defining the 11b Radio Advanced Settings Use this option to define the settings and operational status of the Ethernet port.
Chapter 3 Configuring Devices Using the Templates Table 3-19 11b Radio Advance Settings Field Description Status From the list, select one of the following: Packet Forwarding • up— Enables the Radio port for normal operation. • down—Disables the device’s Radio port. From the list, select one of the following: • enabled—Allows normal operation. • disabled—Prevents data from moving between the Ethernet and the radio, which is useful in troubleshooting.
Chapter 3 Configuring Devices Using the Templates Table 3-19 11b Radio Advance Settings (continued) Field Description Maximum Number of Associations Enter the maximum number of wireless networking devices that are allowed to associate to the access point. If you enter 0 it means that the maximum possible number of associations is allowed. Click see details to see which versions this setting is valid for.
Chapter 3 Configuring Devices Using the Templates Table 3-19 11b Radio Advance Settings (continued) Field Description Ethernet encapsulation transform From the list, select one of the following: Enhanced MIC verification for WEP • 802.1H—Provides optimum performance for Cisco Aironet wireless products. • RFC1042—Ensures interoperability with non-Cisco Aironet wireless equipment. From the list, select one of the following: • None—Does not enable MIC.
Chapter 3 Configuring Devices Using the Templates Table 3-19 11b Radio Advance Settings (continued) Field Description Broadcast WEP Key rotation interval (sec) Enter a rotation interval in seconds. • If you enter 900, for example, the access point sends a new broadcast WEP key to all associated client devices every 15 minutes. • If you enter 0, you disable broadcast WEP key rotation. Click see details to see which versions this setting is valid for.
Chapter 3 Configuring Devices Using the Templates Table 3-19 11b Radio Advance Settings (continued) Field Description Radio Modulation From the list, select one of the following: Radio Preamble Step 3 • Standard—This setting is the modulation type specified in IEEE 802.11, the wireless standard published by the Institute of Electrical and Electronics Engineers (IEEE) Standards Association. • MOK—This modulation was used before the IEEE finished the high-speed 802.
Chapter 3 Configuring Devices Using the Templates The access point uses this setting to scan for the radio channel that is least busy and selects that channel for use. Procedure Step 1 Select 11b Radio > Searched Channels. The 11b Radio: Searched Channels dialog box displays in the right pane. Step 2 Click see details to see which versions this option is valid for.
Chapter 3 Configuring Devices Using the Templates Configuring the 11a Radio Use this option to configure the device’s 11a radio. Procedure Step 1 Select 11a Radio. The menu expands and the 11a Radio dialog box displays in the right pane. Step 2 Click see details to see which versions this option is valid for. Step 3 Select one of the following from the Radio menu: Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Procedure Step 1 Select 11a Radio > Identification. The 11a Radio: Identification dialog box displays in the right pane. Step 2 Click see details to see which versions this option is valid for. Step 3 Enter the following information to identify the port: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Step 4 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Setting Up 11a Radio Filters Note Changing this setting may cause the access point to reboot.
Chapter 3 Configuring Devices Using the Templates Table 3-22 11a Radio Filters Settings (continued) Field Description IP Protocol Receive Enter the ID of a defined IP protocol filter, or select one of the filters you created using Association > IP Protocol Filters. Transmit Enter the ID of a defined IP protocol filter, or select one of the filters you created using Association > IP Protocol Filters.
Chapter 3 Configuring Devices Using the Templates Step 3 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Table 3-23 11a Radio Hardware Settings Field Description Service SetID (SSID) Enter a unique identifier client devices use to associate with the access point. It can be any alphanumeric, case-sensitive string, from 2 to 32 characters long.
Chapter 3 Configuring Devices Using the Templates Table 3-23 11a Radio Hardware Settings (continued) Field Description Data Rates (Mb/sec) 6.0 9.0 12.0 From the list, select one of the following for each of the four rates in megabits per second: • basic—Allows transmission at this rate for all packets, both unicast and multicast. At least one data rate must be set to basic. • yes—Allows transmission at this rate for unicast packets only. • no—Does not allow transmission at this rate. 18.0 24.
Chapter 3 Configuring Devices Using the Templates Table 3-23 11a Radio Hardware Settings (continued) Field Description Maximum RTS Retries (1-128) Enter the maximum number of times the access point issues an RTS before stopping the attempt to send the packet through the radio. Max. Data Retires (1-128) Enter the maximum number of attempts the access point makes to send a packet before giving up and dropping the packet.
Chapter 3 Configuring Devices Using the Templates Table 3-23 11a Radio Hardware Settings (continued) Field Description Receive Antenna From the list, select one of the following: Transmit Antenna • Right—Use this setting if your access point has removable antennas and you install a high-gain antenna on the access point's right connector. (When you look at the access point's back panel, the right antenna is on the right.) Use this setting for both receive and transmit.
Chapter 3 Configuring Devices Using the Templates Step 4 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Defining the 11a Radio Advanced Settings Use this option to define the settings and operational status of the Ethernet port.
Chapter 3 Configuring Devices Using the Templates Step 3 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Table 3-24 11a Radio Advanced Settings Field Description Status From the list, select one of the following: Packet Forwarding • up—Enables the Radio port for normal operation. • down—Disables the device’s Radio port.
Chapter 3 Configuring Devices Using the Templates Table 3-24 11a Radio Advanced Settings (continued) Field Description Radio Cell Role From the list, enter one of the following: Maximum Number of Associations • Client/Non-Root—use this setting for diagnostics or site surveys, such as when you need to test and access point by having it communicate with another access point or bridge without accepting associations from client devices.
Chapter 3 Configuring Devices Using the Templates Table 3-24 11a Radio Advanced Settings (continued) Field Description Classify Workgroup Bridges as network infrastructure From the list, select one of the following: Ethernet encapsulation transform Enhanced MIC verification for WEP • yes—Use this setting to limit the number of workgroup bridges that can associate to the access point to 20 or less. • no—Use this setting to allow more than 20 workgroup bridges to associate to the access point.
Chapter 3 Configuring Devices Using the Templates Table 3-24 11a Radio Advanced Settings (continued) Field Description Broadcast WEP Key rotation interval (sec) Enter a rotation interval in seconds. • If you enter 900, for example, the access point sends a new broadcast WEP key to all associated client devices every 15 minutes. • If you enter 0, you disable broadcast WEP key rotation.
Chapter 3 Configuring Devices Using the Templates Table 3-24 11a Radio Advanced Settings (continued) Field Description Network-EAP From the list, select one of the following: • Yes—Allows EAP-enabled client devices to authenticate through the access point. • No—Does not allow EAP-enabled client devices to authenticate through the access point.
Chapter 3 Configuring Devices Using the Templates Table 3-24 11a Radio Advanced Settings (continued) Field Description Default Unicast Address Filter Open From the list, select one of the following: Shared • Allowed—The access point forwards all traffic except packets sent to the MAC addresses set as disallowed with the Address Filters.
Chapter 3 Configuring Devices Using the Templates Defining the 11a Radio Searched Channels Settings Use this option to limit the channels that the access point scans when Search for less-congested radio channel is enabled. The access point uses this setting to scan for the radio channel that is least busy and selects that channel for use. Procedure Step 1 Select 11a Radio > Searched Channels. The 11a Radio: Searched Channels dialog box displays in the right pane.
Chapter 3 Configuring Devices Using the Templates Step 4 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.
Chapter 3 Configuring Devices Using the Templates Step 3 Complete the following: Table 3-26 11a Radio Data Encryption Settings Field Description Data Encryption by Stations From the list, select the encryption type: • No Encryption—Requires clients to communicate with the Access Point without any data encryption. This setting is not recommended. • Optional—Allows clients to communicate with the Access Point either with or without data encryption.
Chapter 3 Configuring Devices Using the Templates Table 3-26 11a Radio Data Encryption Settings (continued) Field Description Shared Key From the list, select one of the following: • Yes—Tells the access point to send a plain-text, shared key query to any device attempting to associate with the access point. This query can leave the access point open to a known-text attack from intruders. This is not as secure as the Open setting.
Chapter 3 Configuring Devices Using the Templates Step 4 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.)Another template category to configure more options. (See Template Categories, page 3-2.) Defining the Security Settings Use this option to configure the device’s security settings. Procedure Step 1 Select Security.
Chapter 3 Configuring Devices Using the Templates Step 2 Complete the following: Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Note Table 3-27 Local Admin Access Settings Step 3 Field Description Local Admin Authentication Select Enable to enable local admin authentication, or Disable to disable it. Allow read-only browsing without login Select Yes to allow it, or No to disallow it.
Chapter 3 Configuring Devices Using the Templates Step 2 Click Add to add the users to the Users to Add list. Step 3 To delete a user from the list, select the name, then click Delete. Step 4 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.
Chapter 3 Configuring Devices Using the Templates Procedure Step 1 Select Security > Local AP/Client Security. The Security: Local AP/Client Security dialog box appears: Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Table 3-28 Local AP /Client Security Settings (continued) Field Description Shared Key From the list, select one of the following: Network-EAP • Yes—Tells the access point to send a plain-text, shared key query to any device attempting to associate with the access point. This query can leave the access point open to a known-text attack from intruders. This is not as secure as the Open setting.
Chapter 3 Configuring Devices Using the Templates Table 3-28 Local AP /Client Security Settings (continued) Field Description Transmit Key Click to indicate this is the key you want to use to transmit packets. Only one key can be selected at a time. Encryption Key Enter the type of encryption key used: Key Size Step 3 • For 40-bit WEP keys, enter as 10 hexadecimal digits (0-9, a-f, or A-F). • For 128-bit WEP keys, enter as 26 hexadecimal digits (0-9, a-f, or A-F).
Chapter 3 Configuring Devices Using the Templates Procedure Step 1 Select Security > Server-Based Security. The Security: Server-Based dialog box appears: Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Table 3-29 Server-Based Security Settings Field Description 802.1X Protocol Version (For EAP Authentication) Note This setting may cause the device to reboot. From the list, select one of the following: • Draft 7—No radio firmware versions compliant with Draft 7 have LEAP capability, so you should not need to select this setting.
Chapter 3 Configuring Devices Using the Templates Table 3-29 Server-Based Security Settings (continued) Field Description Server Type Enter the type of server. Click * (asterisk) for information on which version this setting is valid Port Enter the port number your server uses for authentication. Shared Secret Enter the shared secret used by your server. It must match the shared secret on the RADIUS server.
Chapter 3 Configuring Devices Using the Templates Table 3-29 Server-Based Security Settings (continued) Field Description MAC Auth From the list, select one of the following: • Yes—Use this server for MAC-based authentication. This allows only client devices with specified MAC addresses to associate and pass data through the access point. Client devices with MAC addresses not in a list of allowed MAC addresses are not allowed to associate with the access point.
Chapter 3 Configuring Devices Using the Templates Configuring Services Use this option to configure various system features and support services on the device. Procedure Step 1 Select Services. The menu expands and the Services dialog box displays in the right pane. Step 2 Select one of the following from the Services menu: • Start-Up—See Configuring Start-Up Settings, page 3-103. • Console/Telnet—See Configuring Console/Telnet Settings, page 3-107.
Chapter 3 Configuring Devices Using the Templates Configuring Start-Up Settings Use this option to configure the access point for your network's BOOTP or DHCP servers for automatic assignment of IP addresses. Procedure Step 1 Select Services > Start-Up. The Services: Start-Up dialog box appears. Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Table 3-30 Start-Up Settings (continued) Field Description Read “.ini” file from file server? From the list, select one of the following: • always—Use this setting for the access point to always load configuration settings from an.ini file on the server. • never—Use this setting for the access point to never load configuration settings from an.ini file on the server.
Chapter 3 Configuring Devices Using the Templates Table 3-30 Start-Up Settings (continued) Field Description DHCP Client Identifier Type From the list, select one of the following: • Ethernet (10Mb) • Experimental Ethernet (3Mb) • Amateur Radio AX.25 • Proteon ProNET Token Ring • Chaos • IEEE 802 Networks • ARCNET • Hyperchannel • Lanstar • AutoNet Short Address • LocalTalk • LocalNet • Other-Non Hardware Click see details to see which versions this setting is valid for.
Chapter 3 Configuring Devices Using the Templates Table 3-30 Start-Up Settings (continued) Field Description DHCP Client Identifier Value Use this setting to include a unique identifier in the access point’s DHCP request packet. • If you select Other-Non Hardware from the DHCP Client Identifier Type list, you can enter up to 255 alphanumeric characters.
Chapter 3 Configuring Devices Using the Templates Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Configuring Console/Telnet Settings Use this option to configure the access point to work with a terminal emulator or through Telnet.
Chapter 3 Configuring Devices Using the Templates Table 3-31 Console/Telnet Settings Field Description Baud Rate Enter a rate from 110 to 115,200, expressed in bits per second. The rate you enter is dependent on the capability of the computer you use to open the access point management system. Parity From the list, select one of the following: • None—Use this setting to use no parity bit. • Even—Use this setting to make the total number of bits even.
Chapter 3 Configuring Devices Using the Templates Table 3-31 Console/Telnet Settings (continued) Step 3 Field Description Columns (64-132) Enter a number to define the width of the terminal emulator display within the range of 64 characters to 132 characters. Lines (16-50) Enter a number to define the height of the terminal emulator display within the range of 16 characters to 50 characters.
Chapter 3 Configuring Devices Using the Templates Step 2 Complete the following: Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Note Table 3-32 Hot Standby Settings Step 3 Field Description Hot Standby Mode From the list, select one of the following: • Enable—Use this setting to allow hot standby mode. • Disable—Use this setting to disable hot standby mode.
Chapter 3 Configuring Devices Using the Templates Configuring Routing Settings Use this option to configure the access point to communicate with the IP network routing system. Procedure Step 1 Select Services > Routing. The Services: Routing dialog box appears. Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Step 5 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Configuring CDP Settings Use this option to enable, disable, or adjust the access point's CDP settings.
Chapter 3 Configuring Devices Using the Templates Table 3-34 CDP Settings (continued) Field Description Packet Hold Time Enter the number of seconds other CDP-enabled devices should consider the access point’s CDP information valid. Packet Sent Every Enter the number of seconds between each CDP packet the access point sends. This value should always be less than the packet hold time. Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them.
Chapter 3 Configuring Devices Using the Templates Table 3-35 DNS Settings Step 3 Field Description Domain Name System (DNS) From the list, select one of the following: • Enable—Use this option if your network DNS. • Disable—Use this option if you network does not use DNS. Default Domain Enter the name of your network’s IP domain. Your entry might look like this: mycompany.com Domain Name Servers Enter the IP addresses of up to three domain name servers on your network.
Chapter 3 Configuring Devices Using the Templates Step 2 Complete the following: Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Note Table 3-36 FTP Settings Field Description File Transfer Protocol (FTP) From the list select one of the following: • TFTP • FTP Default File Server Enter the IP address or DNS name of the file server where the access point should look for FTP files.
Chapter 3 Configuring Devices Using the Templates Configuring HTTP Settings Use this option to configure HTTP settings for the access point. Procedure Step 1 Select Services > HTTP The Services: HTTP dialog box appears. Step 2 Complete the following: Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Configuring SNMP Settings Use this option to configure settings for notifications to be sent to an SNMP server. Procedure Step 1 Select Services > SNMP. The Services: SNMP dialog box appears. Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Step 3 Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template. (See Finishing the Template, page 3-132.) • Another template category to configure more options. (See Template Categories, page 3-2.) Configuring SNTP Settings Use this option to configure time server settings. Procedure Step 1 Select Services > SNTP.
Chapter 3 Configuring Devices Using the Templates Table 3-39 SNTP Settings (continued) Step 3 Field Description GMT Offset (hr.) From the list, select the time zone in which the access point operates. Use Daylight Savings Time From the list, select one of the following: • Enable—Use this setting to have the access point automatically adjust to Daylight Savings Time. • Disable—Use this setting to not have the access point automatically adjust to Daylight Savings Time.
Chapter 3 Configuring Devices Using the Templates Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Table 3-40 Accounting Settings Field Description Enable accounting From the list, select one of the following: Enable delaying to report STOP • enable—Use this setting to turn on accounting for your wireless network.
Chapter 3 Configuring Devices Using the Templates Table 3-40 Accounting Settings (continued) Field Description Server Type Select RADIUS from the list. (Additional types may be added in future software releases.) Port Enter the communication port setting used by the access point and the server. The default setting, 1813, is the correct setting for Cisco Aironet access points and Cisco secure ACS. Shared Secret Enter the shared secret used by your server.
Chapter 3 Configuring Devices Using the Templates Table 3-40 Accounting Settings (continued) Field Description Enable Update From the list, select one of the following: • enable—Use this setting to allow accounting update messages for wireless clients.
Chapter 3 Configuring Devices Using the Templates Table 3-40 Accounting Settings (continued) Field Description EAP Auth. From the list, select one of the following: • Yes—Use this server for EAP authentication. In this type of authentication, the access point relays authentication messages between the server and the authenticating client device. • Non-EAP Auth. Step 3 No—Do not use this server for EAP authentication.
Chapter 3 Configuring Devices Using the Templates Configuring Events This option enables to you to customize the display of access point events (alerts, warnings, and normal activity). Procedure Step 1 Select Events. The menu expands and the Events dialog box displays in the right pane. Step 2 Select one of the following from the Events menu: Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point.
Chapter 3 Configuring Devices Using the Templates Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Template windows up until that point. Table 3-41 Event Handling Settings Field Description System Fatal From the list, select one of the following: Protocol Fatal • Count—Use this option to tally the total events occurring in this category without any form of notification or display.
Chapter 3 Configuring Devices Using the Templates Table 3-41 Event Handling Settings (continued) Field Description Handle Alerts as Severity Level From the list, select one of the following: • systemFatal—Indicates an event that prevents operation of the device as a whole. • protocolFatal—Indicates an event that prevents operation of a specific communications protocol in use, such as HTTP or IP. • portFatal—Indicates an event that prevents operation of the Ethernet or radio network interface.
Chapter 3 Configuring Devices Using the Templates Table 3-41 Event Handling Settings (continued) Field Description • systemWarning—Indicates that an error or failure may have occurred on the device as a whole. • protocolWarning—Indicates that an error or failure may have occurred on a specific communications protocol in use, such as HTTP or IP. • portWarning—Indicates that an error or failure may have occurred on an Ethernet or radio network interface.
Chapter 3 Configuring Devices Using the Templates Table 3-41 Event Handling Settings (continued) Field Description Maximum Number of Bytes Stored per Alert Packet Enter the maximum number of bytes the access point stores for each Station Alert packet when packet tracing is enabled. (0- 2312) If you use 0, the access point does not store bytes for Station Alert packets; it only logs the event. Note Changing this setting may cause the access point to reboot.
Chapter 3 Configuring Devices Using the Templates Configuring Event Notification Use this option to enable and configure notification of fatal, alert, warning, and information events to destinations external to the access point, such as an SNMP server or a Syslog system. Procedure Step 1 Select Events > Event Notification. The Events: Event Notification dialog box appears.
Chapter 3 Configuring Devices Using the Templates Table 3-42 Events > Event Notification Settings (continued) Step 3 Field Description Syslog Destination Address Enter the IP address or the host name of the server running Syslog. Syslog Facility Number Enter the Syslog Facility number for the notifications. Select one of the following in the left pane: • Preview to see your changes before you apply them. (See Previewing the Template, page 3-131.) • Finish to save the template.
Chapter 3 Configuring Devices Using the Templates Step 2 Complete the following: You must enter the exact syntax for the setting to work properly. Note Step 3 Field Key Description Value Enter a valid MIB value. Enter a valid MIB key. Click Add to add the custom value to the list. Note If the custom value you enter is the same as an existing one in the Template Menu, the custom value will override the value in the menu.
Chapter 3 Configuring Devices Using the Templates Finishing the Template Procedure Step 1 Click Finish in the left pane to complete creating a template. The Finish dialog box appears in the right pane. Note Step 2 Click Validate if you want to check the template configuration. A window displays a message indicating for which devices and versions the configuration template you just created is valid. Note Step 3 It is recommended that you always validate the template before saving it.
Chapter 3 Configuring Devices Using the Templates Step 2 Enter a unique name. (See Naming Guidelines, page A-1 for details.) Step 3 Click Create New. The window refreshes with Template Creation menu in the left pane and the Template Name dialog box in the right pane. Step 4 Select the choices in the left pane to create a configuration template. For a description, see Template Choices, page 3-2.
Chapter 3 Configuring Devices Using the Templates Editing a Template Use this option to edit a configuration template. Note Your login determines whether you can use this option. Procedure Step 1 Select Configure > Templates. The Templates dialog box appears. Step 2 Select the template you want to edit from the Existing Templates box, then click Edit. The window refreshes with Template Creation menu in the left pane and the Template Name dialog box in the right pane.
Chapter 3 Configuring Devices Using the Templates Step 2 Select the template you want to delete from the Existing Templates box, then click Delete. A window appears asking if you want to delete the template. Note Step 3 You cannot delete a template if it used in a scheduled job. Click OK to delete it. Importing a Template Use this option to import a configuration to the WLSE, either from a file or from a device. You can import files from devices that are not managed by the WLSE.
Chapter 3 Configuring Devices Using the Templates Field Non-IP-Identity Description Select this option if you do not want to download identity parameters, such as IP address, from the access point. Some parameters are ignored using this type of import. The downloaded configuration parameters are not a full representation of the access point's configuration but an optimal representation. Full Select this option to import a full configuration from the access point.
Chapter 3 Configuring Devices Managing Configuration Jobs Note Any configuration options in the imported file, which cannot be configured using the WLSE, will appear in Custom Values. It is recommended that you delete the custom values. Exporting a Template Use this option to export a configuration template to your local drive. Note Your login determines whether you can use this option. Procedure Step 1 Select Configure > Templates. The Templates dialog box appears.
Chapter 3 Configuring Devices Managing Configuration Jobs – Deleting a Job, page 3-148 – Copying a Job, page 3-148 – Viewing Job Run Details, page 3-149 Related Topic Using the Templates, page 3-1. Job Choices When you create or edit a configuration job, the following choices appear in the left pane of the Jobs window: Note Caution All these steps, except Schedule Job, must be completed but do not have to be done in order. You schedule a job later. 1. Job Name—See Naming the Job, page 3-138. 2.
Chapter 3 Configuring Devices Managing Configuration Jobs Clicking Clear removes all the current entries in the window and any entries you have made in other Job windows up until that point. Note Table 3-43 Job Name Field Description Job Name Enter a name for the job. See Naming Guidelines, page A-1. Description Enter a description of the job. See Naming Guidelines, page A-1. Protocol Step 3 Select the type of protocol used: HTTP or SNMP.
Chapter 3 Configuring Devices Managing Configuration Jobs Step 3 From the Available Devices list, select folders or individual devices, then click Add. The devices appear in the Selected Devices list box. Note If you select a folder, the template will be applied to all of the devices in that folder. If a device is subsequently added to the folder, the template is applied to that device. Step 4 To remove devices, select them from the Devices in Group list, then click Remove.
Chapter 3 Configuring Devices Managing Configuration Jobs Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Job windows up until that point. Table 3-44 Select Template Field Description Configuration Template From the list, select the template which you want to apply to the devices. Details Name Displays the name of the selected template.
Chapter 3 Configuring Devices Managing Configuration Jobs Scheduling a Job Procedure Step 1 Click Schedule Job. The Schedule Job dialog box appears. Step 2 Complete the following: Note Clicking Clear removes all the current entries in the window and any entries you have made in other Job windows up until that point. Table 3-45 Schedule Job Field Description Run Now Click to run the job. Note This option ignores any dates you have entered in Start Date and Start Time.
Chapter 3 Configuring Devices Managing Configuration Jobs Finishing the Job Procedure Step 1 Click Finish in the left pane to complete creating a job. The Finish dialog box appears in the right pane. Step 2 If you want email notification of job completion, use the Email settings section: Field Description On completion, email to Enter a comma-separated list of email addresses to be notified when the job completes.
Chapter 3 Configuring Devices Managing Configuration Jobs Step 4 Click Save to create the job. The screen refreshes and – The job name appears in the Scheduled Jobs list. – A confirmation window appears with the job summary. Creating a Configuration Job Note Your login determines whether you can use this option. Procedure Step 1 Select Configure > Jobs. The Jobs window appears. Step 2 Enter a name for the job. See Naming Guidelines, page A-1. Step 3 Click Create Job.
Chapter 3 Configuring Devices Managing Configuration Jobs Note • Deleting a Job, page 3-148 • Copying a Job, page 3-148 • Viewing Job Run Details, page 3-149 Your login determines whether you can use this option. Related Topic Using the Templates, page 3-1 Viewing the Job Procedure Step 1 Select the status of the job you want to view from the Job State list. Step 2 Select the type of job you want to view from the Job Type list. Step 3 Click Apply.
Chapter 3 Configuring Devices Managing Configuration Jobs • Running You can stop a running job by clicking Stop Job. Tip Field Description Job Name The job name. Recurring Whether the job recurs. Job Start Time The time the job started. Percent Complete The percent of the job that has completed running. Next Schedule The next time the job is scheduled to run. • All Field Description Job Name The job name. Recurring Whether the job recurs. Job State The state of the job.
Chapter 3 Configuring Devices Managing Configuration Jobs Step 5 You can do the following: Note If the option is not available for the job type, the buttons are grayed. a. Filter the job—See Filtering a Job, page 3-147. b. Edit the job—See Editing a Job, page 3-148. c. Delete the job—See Deleting a Job, page 3-148, d. Copy a job—See Copying a Job, page 3-148. e. View the run details—See Viewing Job Run Details, page 3-149. f. Refresh the screen—Click Refresh.
Chapter 3 Configuring Devices Managing Configuration Jobs Editing a Job Use this option to edit jobs from the displayed list of jobs. Procedure Step 1 Select the job from the list which you would like to edit. Step 2 Click Edit Job. The Job Name dialog box appears. Step 3 Select the choices in the Template Menu to create a configuration template. For a description, see Job Choices, page 3-138. Deleting a Job Use this option to delete jobs from the displayed list of jobs.
Chapter 3 Configuring Devices Managing Configuration Jobs Procedure Step 1 Select the job from the list which you would like to copy. Step 2 Click Copy Job. A dialog box appears. Step 3 Enter a name for the job, then click OK. The screen refreshes and the job is listed. Viewing Job Run Details Use this option to view details about a job, or to undo a job from the displayed list of jobs.
Chapter 3 Configuring Devices Managing Configuration Jobs • To view the job run log, click Job Run Log. A window displays all the details for the selected job number. • To refresh the table, click Refresh. Viewing the Job Run Details Table The Job Runs Details table displays the following information: Field Description Device Name The name of the device. Start Time The time the job started. End Time The time the job ended. Status The status of the job.
Chapter 3 Configuring Devices Automating Configurations • To undo the selected configuration job, click Undo. The Undo feature is not supported for the following: – Custom Values – Security options: Local Admin Authentication under the Local Admin Access; Encryption Key Values under Local AP/Client Security; Shared Secret under Server-Based Security; and Shared Secret under Accounting. – FTP username and password – Previously undone jobs – Routing table configurations (for versions prior to 11.
Chapter 3 Configuring Devices Automating Configurations Before You Begin 1. Create a template for the startup configuration. (See Creating a Startup Configuration Template, page 3-153.) 2. Configure the DHCP server to: a. Return the WLSE’s address. This is done by entering the < IP address in the Boot Server Host Name field (option number 066) on the DHCP server. of the WLSE> b. Return the name of the initial template file in the DHCP reply message.
Chapter 3 Configuring Devices Automating Configurations Step 2 Complete the following: Field Description Startup Templates Lists the startup templates that have been created. Bootfile Name Enter the configuration file name that appears on the DHCP server. This must have an .ini extension. Description Enter a description for the configuration. Configuration Template From the list select the startup template to assign to the configuration file.
Chapter 3 Configuring Devices Automating Configurations Tasks Template Choice Notes 1. Enable Cisco Discovery Protocol (CDP). Select Services > CDP. CDP is required for the WLSE to discover devices on the network. 2. Enable SNMP. Select Services > SNMP. SNMP is required for the WLSE to discover and manage the device. (Optional) Set the location. Setting the location enables proper grouping of devices into the system-defined Location group. For more information, see Managing Groups, page 6-37.
Chapter 3 Configuring Devices Automating Configurations Tip It is recommended that as part of the auto-managed configuration template, you create an HTTP user and password by selecting Security > Local Admin Access. You also enter this user and password on the WLSE by selecting Administration > Discover > Device Credentials > HTTP User/Password.
Chapter 3 Configuring Devices Automating Configurations There following topics are covered in this section: • Assigning a Configuration Template—See Assigning Auto-Managed Configurations, page 3-156 • Emailing the Configuration Job Results—See Using Auto-Managed Options, page 3-157 Assigning Auto-Managed Configurations Procedure Step 1 Select Configure > Auto Update > Auto-Managed Configuration.
Chapter 3 Configuring Devices Automating Configurations Field Description Device Types Note Software Versions Auto-managed templates for AP 350’s are applied to 350 bridges; you cannot assign a different template for bridges based on device type alone. If the bridges are running are different software version than the AP350s, use a different template for bridges and set the appropriate version numbers. 1. Select the checkbox to enable the device types. 2.
Chapter 3 Configuring Devices Automating Configurations Step 2 Select the checkbox to enable email notification. Step 3 Enter the email address for the recipients of the notification. Tip Step 4 If email notification is not working, you may need to configure the mailroute by selecting Administration > Appliance > Configure Mailroute. Click Save.
C H A P T E R 4 Updating Device Firmware From the WLSE, you can update (or downgrade) firmware on Cisco Aironet 1200 series, 340 series, and 350 series access points and on Cisco Aironet 350 series bridges. The Firmware tab allows you to: • Import firmware to the WLSE and manage the firmware stored on the WLSE. • Upload firmware from the WLSE to access points and bridges.
Chapter 4 Updating Device Firmware Managing Firmware Images • Importing images—See Importing Images, page 4-4 • Downloading images to a remote TFTP server—See Using a Remote TFTP Server for Image Upload, page 4-9 Related Topic Managing Firmware Jobs, page 4-9 Viewing Images on the WLSE You can view a list of images stored on the WLSE or view details on selected images. Procedure Step 1 Select Firmware > Images.
Chapter 4 Updating Device Firmware Managing Firmware Images Editing Image Details on the WLSE Procedure Step 1 Select Firmware > Images. The Firmware Images selector appears. Step 2 Expand the folder that contains the image you want to edit, then select the image. The Image Details window opens.
Chapter 4 Updating Device Firmware Managing Firmware Images Deleting Images from the WLSE Procedure Step 1 Select Firmware > Images. The Firmware Images selector appears. Step 2 Expand the folder that contains the image you want to delete, then select the image. The Image Details window opens. Step 3 Click Delete, then click OK. The image is deleted from the list of images in the folder.
Chapter 4 Updating Device Firmware Managing Firmware Images Importing Images from the Client System Desktop to the WLSE Procedure Step 1 Download the desired firmware images to your client system from Cisco.com. You can download firmware images from the following URL: http://www.cisco.com/public/sw-center/sw-wireless.shtml Note Only the combined images from Cisco.com are supported for importing to the WLSE.
Chapter 4 Updating Device Firmware Managing Firmware Images Table 4-2 Desktop Import Window (continued) Field Description File Location Enter the path to the image on the client system or click Browse. Images for Cisco Aironet 350 wireless bridges may be named as images for access points (that is, names begin with AP). To avoid confusion, you can rename these images (see Editing Image Details on the WLSE, page 4-3.
Chapter 4 Updating Device Firmware Managing Firmware Images Importing Images Directly from Cisco.com to the WLSE Procedure Step 1 Select Firmware > Images > Import > From Cisco.com. The Cisco.com Import window is displayed. Complete the following: Table 4-3 Cisco.com Import Window Field Description Cisco.com Username Your Cisco.com username. Cisco.com Password Your Cisco.
Chapter 4 Updating Device Firmware Managing Firmware Images Note Images for Cisco Aironet 350 wireless bridges are listed in the Import window as Cisco Aironet 350 access point images (that is, the names begin with AP). To avoid confusion, you can rename these images after importing them. For more information, see Editing Image Details on the WLSE, page 4-3. Step 5 To add the image to the Selected Images list, click Add. Step 6 Repeat steps 4 and 5 to add more images.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Using a Remote TFTP Server for Image Upload You can download firmware images to a TFTP server and then upload them to access points and bridges. This method of uploading may be quicker than uploading from the WLSE if you have a slow link between the WLSE and the access points and bridges in your network. To download firmware images, go to the following URL: http://www.cisco.com/public/sw-center/sw-wireless.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Related Topic Managing Firmware Images, page 4-1 Job Choices When you create or edit a firmware upload job, the following tasks appear in the left pane of the Jobs window. These tasks must be completed whether you are uploading images from the WLSE or from a remote TFTP server. You can omit scheduling the job and edit the job later to provide a schedule. You can complete tasks 1 through 4 in any order. Caution 1.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Step 2 Complete the following: Table 4-4 Step 3 Job Name Parameters Field Description Job Name Enter a name for the job. For guidelines on naming jobs, see Naming Guidelines, page A-1. Description Enter a description of the job. For guidelines on entering descriptions, see Naming Guidelines, page A-1. Protocol Select the protocol to be used for the job: HTTP or SNMP. From the menu in the left pane, go to the next step, Select Image.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Selecting Devices Procedure Step 1 Click Select Devices. The Select Devices window appears. All managed devices are listed in the Device selector in the middle pane. Note Step 2 Step 3 Clicking Clear removes all the current entries in the window and any entries you have made in other Job windows up until that point. To search for devices: a.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Related Topic Managing Groups, page 6-37 Scheduling the Job When scheduling a firmware job, you can select Run Now to start the job in 2 minutes, or you can schedule the job for a future date and time. Note You can save a job without scheduling it. You can edit the job later to add the scheduling information. Procedure Step 1 Click Schedule Job. The Schedule Job dialog box appears.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Finishing the Job To validate, save, and add the job to the list of scheduled jobs: Procedure Step 1 Click Finish in the left pane to complete job creation. The Finish dialog box appears in the right pane. This dialog consists of an Email settings section, a Remote server settings section, a Warnings section and a Validate and Save section.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Step 3 Remote server settings section If images will be uploaded from a remote TFTP server (instead of being uploaded from the WLSE), complete the Remote server settings section: Table 4-6 Remote TFTP Server Settings for Firmware Jobs Field Description Use remote server Select this checkbox to upload the image from a TFTP server. The remote server must have a tftp server running.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Note b. Click Save to add the job to the list of scheduled jobs. The screen refreshes and the Job Save Summary window appears, showing the following information: Table 4-7 Step 6 If any fields in the Job Validation Summary window are marked Error, the job will fail for those devices unless you correct the error situation. Job Save Summary Window Field Description Name Name of the job. Description Job description, if any.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Job Validation Summary Window Details The Job Validation Summary window shows the following information: Table 4-8 Job Validation Summary Window Field Description Image Selected, Version, and The image name, image version, and device type Device Type that you selected when creating the job. Image version validation Whether the image version is valid. Image known bugs validation Whether there are any major caveats for this image.
Chapter 4 Updating Device Firmware Managing Firmware Jobs – Select the Ignore Warnings checkbox in the Warnings section of the Finish dialog box. By default, warnings are not ignored. • Error—The operation is not permitted. The image will not be applied to devices that have errors associated with them. It is recommended that you eliminate the errors before saving the job. If you save a job with errors, the corresponding devices will be ignored during the job run.
Chapter 4 Updating Device Firmware Managing Firmware Jobs The topics covered in this section are: • Viewing Jobs by Job State, page 4-19 • Filtering Jobs, page 4-21 • Editing a Job, page 4-21 • Deleting a Job, page 4-22 • Viewing Job Run Details, page 4-22 Related Topic Creating a Firmware Job, page 4-18 Viewing Jobs by Job State Procedure Step 1 From the Job State list, select the type of job whose status you want to check. The window refreshes and the jobs are displayed.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Field Description Next Schedule For scheduled jobs, this indicates when the job will run. For completed jobs, this is the time the job ran. Last Run Status The status of the last run. • Running Field Description Job Name The job name. Job Start Time The time the job started. Percent Complete The percent of the job that has completed running. Next Schedule Firmware jobs are not recurring.
Chapter 4 Updating Device Firmware Managing Firmware Jobs • Delete the job—See Deleting a Job, page 4-22. • View job run details—See Viewing Job Run Details, page 4-22. • Refresh the screen—Click Refresh. Filtering Jobs Use this option to display a limited set of jobs, making it easier to search for a particular job by name. Procedure Step 1 Click Filter Job. The Filter Job dialog box appears. Step 2 Enter the name, or part of the name.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Deleting a Job Use this option to delete jobs from the displayed list of jobs. Jobs that are scheduled, unscheduled, completed, or did not start can be deleted. Jobs that are running cannot be deleted. Procedure Step 1 From the list of jobs, select the job that you want to delete. Step 2 Click Delete. Step 3 Click OK in the popup windows. Viewing Job Run Details Use this option to view details about a job.
Chapter 4 Updating Device Firmware Managing Firmware Jobs Step 3 Do any of the following: • To view details for a particular job run, select the job, then click Show Run Details. The Job Run details table appears. For more information on this table, see Job Run Details Table, page 4-23.) • To view the job run log, click Job Run Log. A window displays all the details for the selected job number. • To refresh the table, click Refresh.
Chapter 4 Updating Device Firmware Managing Firmware Jobs User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine 4-24 78-14947-01
C H A P T E R 5 Using Reports The Reports tab displays information about your devices. You can save and email reports. You can also set specific times for emailed reports to be run and sent automatically. The reports available are dependent on the groups of devices and individual devices you choose from the selector in the left pane. Following are the subtabs under Reports: Note Some of the subtabs may not be visible to some users.
Chapter 5 Using Reports Using the Device Center Procedure Step 1 Select Reports > Device Center. The Device Center appears above the device selector in the left pane. Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b. Enter the IP address or name, or use an asterisk (*) as a wildcard to denote numbers and letters, then click Search.
Chapter 5 Using Reports Using the Device Center Viewing the Fault Summary Report The following table is displayed for the device’s fault summary: Table 5-1 Device Fault Summary Column Description Type The fault type. Description A description of the fault. Click to see fault details. See Viewing Fault Details, page 2-5. Severity The fault severity level. State The current state of the fault. Timestamp The time the fault was reported. Click to see fault details.
Chapter 5 Using Reports Using the Device Center Viewing Device History The following table is displayed for the device’s history: Table 5-2 Device History Column Description Timestamp The time the device’s state last changed. For more information, see Time Display, page 1-5. Device Name The name of the device. IP Address The IP address of the device. State The current state of the device.
Chapter 5 Using Reports Using the Device Center Table 5-3 Device Configuration History (continued) Column Description Job Name The name of the configuration job. Job Type The type of configuration job. To sort table data, click on the column heading by which you want to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted.
Chapter 5 Using Reports Displaying Wireless Client Reports To sort table data, click on the column heading by which you want to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted.
Chapter 5 Using Reports Displaying Wireless Client Reports Step 2 From the list, select the method you want to use to search for clients: by MAC address or name. Step 3 Enter the MAC address or name. You can use an asterisk (*) as a wildcard to denote numbers and letters. Note Step 4 The MAC address must be entered in hexadecimal, for example 0070eb37c90. Click Search. A list appears in the left pane.
Chapter 5 Using Reports Displaying Wireless Client Reports Displaying a Client Statistics Report Procedure Step 1 Select Reports > Wireless Clients. The Wireless Clients selector appears in the left pane. Step 2 From the list, select the method you want to use to search for clients: by MAC address or name. Step 3 Enter the MAC address or name. You can use an asterisk (*) as a wildcard to denote numbers and letters. Step 4 Click Search. A list appears in the left pane.
Chapter 5 Using Reports Displaying Wireless Client Reports Table 5-6 Client Statistics Report (continued) Column Description Preferred transmission rate The preferred data transmission rate. Short retries The number of times the RTS (request to send) packet had to be retried. Latest short retries A tally of the number of retries. Long retries The number of times the data packet had to be retried. Latest long retries A tally of the number of retries.
Chapter 5 Using Reports Displaying Wireless Client Reports Step 5 Select the MAC address or name. The right pane refreshes. Step 6 From the Report Name list, select Client Historical Association Report. Step 7 Click View. The Client Historical Association Report displays in the right pane with the following information: Table 5-7 Client Historical Association Report Column Description Associated with The name or IP address of the AP.
Chapter 5 Using Reports Displaying Current Reports Displaying Current Reports This window allows you to view current information about the monitored devices in your network. You can view, export, and email the reports. The frequency with which configuration data is collected from the devices is 15 minutes by default. To change the default setting, see Managing System Parameters, page 6-73. Note Your login determines whether you can use this option.
Chapter 5 Using Reports Displaying Current Reports • EAP Authentication Report—See Displaying an EAP Authentication Report, page 5-30 • AP Ethertype Protocol Filters—See Displaying an AP Ethertype Protocol Filters Report, page 5-32 • AP IP Protocol Filters—See Displaying an AP IP Protocol Filters Report, page 5-33 • AP IP Port Filters—See Displaying an AP IP Port Filters Report, page 5-35 • AP Policy Report—See Displaying an AP Policy Report, page 5-36 • AP QBSS QoS Report—Displaying an AP QBS
Chapter 5 Using Reports Displaying Current Reports Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane. Step 2 From the device selector in the left pane, click to expand the folder for the group reports you want to view. The right pane refreshes. Step 3 From the Report Name list, select Group Report. Step 4 Click View.
Chapter 5 Using Reports Displaying Current Reports Table 5-8 Group Report (continued) Column Description Number of Clients Connected The number of wireless clients connected to the device. Number of Bridges Connected The number of bridges connected to the access point. Number of AP-Repeaters Connected The number of repeaters connected to the access point. Status (Fault) Click to view the Fault Summary. For more information, see Viewing the Fault Summary Report, page 5-3.
Chapter 5 Using Reports Displaying Current Reports Step 2 From the device selector in the left pane, click to expand the folder for the group security reports you want to view. Step 3 From the Report Name list, select Group Security Report. Step 4 Click View. The group report is displayed with the following headings: Table 5-9 Group Security Report Column Description AP Name The name of the device.
Chapter 5 Using Reports Displaying Current Reports Table 5-9 Group Security Report (continued) Column Description Link to EAP Authentication Report Click to view the EAP Authentication report. As Of The time the fault was reported. For more information, see Displaying an EAP Authentication Report, page 5-30. For more information, see Time Display, page 1-5. Step 5 To sort table data, click on the column heading you want to use to sort the data: • A triangle indicates ascending order.
Chapter 5 Using Reports Displaying Current Reports Step 3 Click View. The following report displays the following: Table 5-10 Group SSID Report Column Description SSID The unique identifier the client device uses to associate with the access point. VLAN ID The identification number of the VLAN. VLAN Name The name of the VLAN. AP Name The name of the access point. Click to view the following: AP IP Address • AP Detailed Report—See Displaying a Detailed Report, page 5-26.
Chapter 5 Using Reports Displaying Current Reports Step 4 To sort table data, click on the column heading you want to use to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted. Step 5 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 6 To email the report, click Email Report. (See Emailing a Report, page 5-66.
Chapter 5 Using Reports Displaying Current Reports Table 5-11 Group VLAN Report (continued) Column Description AP Name The name of the access point. Click to view the following: AP IP Address • AP Detailed Report—See Displaying a Detailed Report, page 5-26. • Fault Summary—See Viewing the Fault Summary Report, page 5-3. • EAP Authentication Report—See Displaying an EAP Authentication Report, page 5-30. The IP address of the access point.
Chapter 5 Using Reports Displaying Current Reports Step 5 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 6 To email the report, click Email Report. (See Emailing a Report, page 5-66.) Displaying a Per VLAN Client Report Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane. From the device selector in the left pane, click the group folder for which you want to see a report. The right pane refreshes.
Chapter 5 Using Reports Displaying Current Reports Table 5-12 Per VLAN Client Report (continued) Column Description Client Type The type of client. As Of The time the access point’s state last changed. For more information, see Time Display, page 1-5. Step 4 To sort table data, click on the column heading you want to use to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted.
Chapter 5 Using Reports Displaying Current Reports Step 3 Click View. The following report displays the following: Table 5-13 Group Policy Report Column Description AP Name The name of the access point. Click to view the following: AP IP Address • AP Detailed Report—See Displaying a Detailed Report, page 5-26. • Fault Summary—See Viewing the Fault Summary Report, page 5-3. • EAP Authentication Report—See Displaying an EAP Authentication Report, page 5-30. The IP address of the access point.
Chapter 5 Using Reports Displaying Current Reports Table 5-13 Group Policy Report (continued) Column Description IP Protocol Filter Id (Out) The identification number of the (transmit) IP protocol filter Click to view the AP IP Protocol Filters Report—See Displaying an AP IP Protocol Filters Report, page 5-33. IP Port Filter Id (In) The identification number of the (receive) IP port filter. Click to view the AP IP Port Filters Report—See Displaying an AP IP Port Filters Report, page 5-35.
Chapter 5 Using Reports Displaying Current Reports Displaying an AP Summary Report Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane. Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b.
Chapter 5 Using Reports Displaying Current Reports Table 5-14 AP Summary Report (continued) Column Description IP Address The device’s IP address. Click to open up a browser window to the AP Summary Status. Software Version The version of software running on the device. Number of Clients connected The number of wireless clients connected to the device. Number of Bridges Connected The number of wireless bridges connected to the device.
Chapter 5 Using Reports Displaying Current Reports Displaying a Detailed Report Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane. Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b.
Chapter 5 Using Reports Displaying Current Reports Table 5-15 Detailed Report (continued) Column Description IP Address The device’s IP address. Click to open up a browser window to the AP Summary Status. Software Version The device’s software version. Number of Clients Connected The number of wireless clients connected to the device. Number of Bridges Connected The number of bridges connected to the device. Number of AP-Repeaters Connected The number of AP repeaters connected to the device.
Chapter 5 Using Reports Displaying Current Reports Table 5-15 Detailed Report (continued) Column Description Ethernet Port Status The operational status of the Ethernet port. Radio Port Status The operational status of the radio port. Transmit Power (mW) The access point’s transmission power setting in milliwatts. Switch IP (to which this AP is attached) The IP address of the switch to which this access point is attached.
Chapter 5 Using Reports Displaying Current Reports Displaying a Current Client Association Report Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane. Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b.
Chapter 5 Using Reports Displaying Current Reports Step 5 Click View. The group report is displayed with the following headings: Table 5-16 Current Client Association Report Column Description Name The name of the client associated with the access point. IP Address The IP address of the wireless client. MAC Address The wireless client’s MAC address. Device Type The wireless client device type. As Of The time the device was last seen by the system.
Chapter 5 Using Reports Displaying Current Reports Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b. Enter the IP address or name, or use an asterisk (*) as a wildcard to denote numbers and letters, then click Search. The requested device appears in the Search Results folder.
Chapter 5 Using Reports Displaying Current Reports Step 6 To sort table data, click on the column heading you want to use to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted. Step 7 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 8 To email the report, click Email Report. (See Emailing a Report, page 5-66.
Chapter 5 Using Reports Displaying Current Reports Step 5 Click View. The report is displayed with the following headings: Table 5-18 AP Ethertype Protocol Filters Report Column Description Filter Set Id The identification number of the filter set. Filter Set Name The name of the filter set. Default Disposition The type of disposition configured: Forward (to forward protocol traffic, or Block (to block protocol traffic). Filter Special Case The special case configuration.
Chapter 5 Using Reports Displaying Current Reports Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane. Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b. Enter the IP address or name, or use an asterisk (*) as a wildcard to denote numbers and letters, then click Search.
Chapter 5 Using Reports Displaying Current Reports Step 6 To sort table data, click on the column heading you want to use to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted. Step 7 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 8 To email the report, click Email Report. (See Emailing a Report, page 5-66.
Chapter 5 Using Reports Displaying Current Reports Step 5 Click View. The report is displayed with the following headings: Table 5-20 AP IP Port Filters Report Column Description Filter Set Id The identification number of the filter set. Filter Set Name The name of the filter set. Default Disposition The type of disposition configured: Forward (to forward protocol traffic, or Block (to block protocol traffic). Filter Special Case The special case configuration.
Chapter 5 Using Reports Displaying Current Reports Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane. Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b. Enter the IP address or name, or use an asterisk (*) as a wildcard to denote numbers and letters, then click Search.
Chapter 5 Using Reports Displaying Current Reports Table 5-21 AP Policy Report (continued) Column Description IP Protocol Filter (Out) The identification number of the (transmit) IP protocol filter. Click to see the AP IP Protocol Filters Report—See Displaying an AP IP Protocol Filters Report, page 5-33. IP Port Filter Id (In) IP Port Filter Id (Out) As Of The identification number of the (receive) IP port filter.
Chapter 5 Using Reports Displaying Current Reports Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane. Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b. Enter the IP address or name, or use an asterisk (*) as a wildcard to denote numbers and letters, then click Search.
Chapter 5 Using Reports Displaying Current Reports Step 7 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 8 To email the report, click Email Report. (See Emailing a Report, page 5-66.) Displaying an AP SSID Report This device report displays all the configured SSIDs (both primary and auxiliary) and their corresponding properties. Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane.
Chapter 5 Using Reports Displaying Current Reports Table 5-23 AP SSID Report (continued) Column Description Number of Clients The number of wireless clients connected to the device. Connected Priority The priority configuration based on the traffic type. Default Policy Group The number of the default policy group (which contains access parameters). Click to view the AP Policy Report—See Displaying an AP Policy Report, page 5-36. As Of The time the access point’s state last changed.
Chapter 5 Using Reports Displaying Current Reports Step 6 To sort table data, click on the column heading you want to use to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted. Step 7 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 8 To email the report, click Email Report. (See Emailing a Report, page 5-66.
Chapter 5 Using Reports Displaying Current Reports Step 5 Click View. The report is displayed with the following headings: Table 5-24 AP VLAN Report Column Description VLAN ID The identification number of the VLAN. VLAN Name The name of the VLAN. SSID The unique identifier the client device uses to associate with the access point. Number of Clients The number of wireless clients connected to the device. Connected Priority The priority configuration based on the traffic type.
Chapter 5 Using Reports Displaying Current Reports Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b. Enter the IP address or name, or use an asterisk (*) as a wildcard to denote numbers and letters, then click Search. The requested device appears in the Search Results folder.
Chapter 5 Using Reports Displaying Current Reports Step 7 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 8 To email the report, click Email Report. (See Emailing a Report, page 5-66.) Displaying a Switch Summary Report Procedure Step 1 Select Reports > Current. The window refreshes with a device selector in the left pane. Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a.
Chapter 5 Using Reports Displaying Current Reports Table 5-26 Switch Summary Report (continued) Column Description System Version The software version on the switch. Link to the AP and Bridge Connected Click for details. For more information, see Displaying an AP and Bridge Connected to Switch Report, page 5-46. Step 6 For information on the Fault Summary table, see Viewing the Fault Summary Report, page 5-3 Step 7 To export the report, click Export. (See Exporting a Report, page 5-66.
Chapter 5 Using Reports Displaying Current Reports Step 5 Click View. The report is displayed with the following headings: Table 5-27 AP and Bridge Connected to Switch Report Column Description Device Port The device port. AP Name The name of the access point or bridge connected to the switch. AP IP Address The IP address of the access point or bridge connected to the switch. Status (Fault) The fault status. Click for details.
Chapter 5 Using Reports Displaying Current Reports Step 4 From the Report Name list, select Router Summary Report. Step 5 Click View. The group report is displayed with the following headings: Table 5-28 Router Summary Report Column Description System Name The router name. IP Address The router IP address. System Description A description of the router. Location The location of the router. Product Type The router hardware type. System Version The router version.
Chapter 5 Using Reports Displaying Current Reports Step 4 From the Report Name list, select AP and Bridge Connected to Router Report. Step 5 Click View. The report is displayed with the following headings: Table 5-29 AP and Bridge Connected to Router Report Column Description Device Port The device port. AP Name The name of the access point or bridge connected to the router. AP IP Address The IP address of the access point or bridge connected to the router. Status (Fault) The fault status.
Chapter 5 Using Reports Displaying Trends Step 3 From the device selector in the left pane, click to expand the folder and select the server for which you want a report. The right pane refreshes. Step 4 From the Report Name list, select Summary Report for the server. Step 5 Click View. The report is displayed with the following headings: Table 5-30 Summary Report Column Description Server Name The name of the server. Port The port number used for authentication.
Chapter 5 Using Reports Displaying Trends – Group Performance Report: Ethernet Utilization—See Displaying a Group Performance Report: Ethernet Utilization, page 5-53. – Top N Number of Associations—See Displaying a Top N Number of Associations Report, page 5-54 – Top N Percentage Errors—See Displaying a Top N Percentage Errors, page 5-55 • Individual Access Point and Bridge Reports – AP and Bridge RF Transmission Statistics—See Displaying an AP and Bridge RF Transmission Statistics Report, page 5-56.
Chapter 5 Using Reports Displaying Trends Step 4 From the Start Date and End Date lists, select the start date and end date for the period of time for which you want trending information. Step 5 Click View. The table is displayed: Table 5-31 Group Performance Report: RF Utilization Column Description AP Name The name of the access point. AP IP Address The IP address of the access point. RF Interface The radio frequency interface. As Of The time the access point’s state last changed.
Chapter 5 Using Reports Displaying Trends Step 7 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 8 To email the report, click Email Report. (See Emailing a Report, page 5-66.) Displaying a Group Performance Report: Ethernet Utilization Procedure Step 1 Select Reports > Trends. The window refreshes with a device selector in the left pane. Step 2 From the device selector in the left pane, click the group folder for which you want to see a report.
Chapter 5 Using Reports Displaying Trends Table 5-32 Group Performance Report: Ethernet Utilization (continued) Column Description SSID The unique identifier the client device uses to associate with the access point. Channel Number The channel being used. Step 6 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 7 To email the report, click Email Report. (See Emailing a Report, page 5-66.
Chapter 5 Using Reports Displaying Trends Table 5-33 Top N Number of Associations Step 7 Column Description AP Name The name of the access point. AP IP Address The IP address of the access point. Number of Clients Connected (Avg) The average number of clients connected to the access point. Number of Clients Connected (Min) The minimum number of clients connected to the access point. Number of Clients Connected (Max) The maximum number of clients connected to the access point.
Chapter 5 Using Reports Displaying Trends Step 3 From the Report Name list, select Top N Percentage Errors. Step 4 From the Start Date and End Date lists, select the start date and end date for the period of time for which you want trending information. Step 5 In the N Value text box, enter the top number of errors you want to view. Step 6 Click View. The table is displayed: Table 5-34 Top N Percentage Errors Step 7 Column Description AP Name The name of the access point.
Chapter 5 Using Reports Displaying Trends Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b. Enter the IP address or name, or use an asterisk (*) as a wildcard to denote numbers and letters, then click Search. The requested device appears in the Search Results folder.
Chapter 5 Using Reports Displaying Trends Displaying an AP and Bridge Ethernet Transmission Statistics Report This report displays the transmit and receive rates overlaid in a graph. Procedure Step 1 Select Reports > Trends. The window refreshes with a device selector in the left pane. Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b.
Chapter 5 Using Reports Displaying Trends Table 5-36 AP and Bridge Ethernet Transmission Statistics (continued) Column Description Receive Rate The x-axis displays the time intervals. The y-axis displays the number of packets received per second. Packet Errors The x-axis displays the time intervals. The y-axis displays the number of error packets per number of packets.
Chapter 5 Using Reports Displaying Trends Step 7 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 8 To email the report, click Email Report. (See Emailing a Report, page 5-66.) Displaying an AP and Bridge Performance Graph This report displays the Ethernet utilization and RF utilization overlaid in a graph. Procedure Step 1 Select Reports > Trends. The window refreshes with a device selector in the left pane.
Chapter 5 Using Reports Displaying Trends Step 6 Click View. A graph is displayed: Table 5-37 AP and Bridge Performance Graph Column Description RF Utilization The x-axis displays the time intervals. The y-axis displays the percent of radio frequency utilization. Ethernet Utilization The x-axis displays the time intervals. The y-axis displays the percent of Ethernet utilization. Number of Associations The x-axis displays the time intervals.
Chapter 5 Using Reports Displaying Trends Step 3 From the device selector in the left pane, click to expand the folder you want to view. The right pane refreshes. Step 4 From the Report Name list, select AP and Bridge Performance: Tabular. Step 5 From the Start Date list, select the start date for the graph, and from the For a period of list, select the number of days. Step 6 Click View.
Chapter 5 Using Reports Displaying Trends Step 2 If you want to search for the device, use the dialog box in the left pane above the device selector: a. From the list, select the method you want to use to search for the device: by name or by IP address. b. Enter the IP address or name, or use an asterisk (*) as a wildcard to denote numbers and letters, then click Search. The requested device appears in the Search Results folder.
Chapter 5 Using Reports Displaying Trends Displaying Top N Client Error Rate This report lists the top number of clients in terms of average bit error rate as perceived by the access point for the selected period of time. The minimum and maximum bit error rates for the clients are also displayed. Procedure Step 1 Select Reports > Trends. The window refreshes with a device selector in the left pane.
Chapter 5 Using Reports Displaying Trends Step 7 To sort table data, click on the column heading you want to use to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted. Step 8 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 9 To email the report, click Email Report. (See Emailing a Report, page 5-66.
Chapter 5 Using Reports Exporting a Report Step 6 Click View. The following report displays: Table 5-41 Server Response Time Graph Column Description Server Response Time The x-axis displays the time intervals. The y-axis displays the response time in milliseconds. Step 7 To export the report, click Export. (See Exporting a Report, page 5-66.) Step 8 To email the report, click Email Report. (See Emailing a Report, page 5-66.) Exporting a Report Step 1 Click Export. An Export window appears.
Chapter 5 Using Reports Emailing a Report Step 2 Enter the following: If email notification is not working, you may need to configure the mailroute by selecting Administration > Appliance > Configure Mailroute. Tip Field Description To Enter the email address of the person to whom you want to send the report. An entry in this field is required. Cc Enter email addresses of persons that you want to copy on the email. Subject Enter a subject for the email.
Chapter 5 Using Reports Scheduling Email Jobs Field Description Start Time From the list, select the time you would like to send the email. Repeat Step 6 Step 7 Enable Check if you want to set up a scheduled job that periodically sends email. Every From the list, select the period of time you would like the email sent. Do one of the following: • Click Cancel to cancel the schedule. • Click Finish to complete scheduling. You receive a confirmation message that your email has been scheduled.
Chapter 5 Using Reports Scheduling Email Jobs Field Description Job Name The name of the job. For more information, see Naming Guidelines, page A-1. Step 2 Recurring Indicates whether it is a recurring job. Next Schedule Indicates when the job runs again. To sort table data, click on the column heading you want to use to sort the data: • A triangle indicates ascending order. • An upside-down triangle indicates descending order. • No triangle indicates that the data is not sorted.
Chapter 5 Using Reports Scheduling Email Jobs Email Properties Column Description To The username of the person to whom the report is being emailed. Cc The username of the person to whom the report is being copied. Subject The email subject. Format The format in which the report is being emailed. Body The text entered into the body of the email. Schedule Properties Column Description Email Job Name The name of the email job. Start Date The date the report is emailed.
C H A P T E R 6 Performing Administrative Tasks The Administration tab allows you to you perform administrative tasks. Note Some of the subtabs may not be visible to some users; what you view under the Administration tab depends on your login.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Using Discovery and Managing Devices When you select Administration > Discover, the following options appear in the left pane: • Managed Devices—View newly discovered devices, change device status, and view device management history—see Managing Devices, page 6-2.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices • Manage/Unmanage—View newly discovered devices, change device management status, or delete devices (see Manage Devices, page 6-3). • Device History—View the management history of each discovered device (see View Device Management History, page 6-5). Manage Devices You can use this option to change a device’s management status or delete a device. Note Your login determines whether you can use this option.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Note Step 4 After you move devices to the managed state, inventory is run for those devices. This ensures that device attributes appear in displays, such as reports and system-defined groups without waiting for the next inventory cycle. For information about running an immediate inventory, see Running Inventories, page 6-24. Note Step 5 You can only manage a total of 525 access points and wireless bridges.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Table 6-1 Step 6 Device Details Pane (continued) Field Description SysObjectId Unique identifier that identifies the device type. Location Where the device is located. IP Address Device IP address. Subnet Subnet in which the device is located. Network Segment The network segment in which the device is located. Contact The person to contact for this device.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Table 6-2 Step 2 Managed Device History Information Field Description Timestamp Date and time when the state change occurred. Device Name The device’s hostname. IP Address The device’s IP address. State The device’s state: • New—Device was discovered but has not been moved to the managed or unmanaged state. • Managed—Device has been moved to the managed state. • Unmanaged—Device is unmanaged.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Specify Community Strings The Wireless LAN Solution Engine uses a device’s read-only community string to discover the device and uses the read/write community string to configure the device. If community strings are not entered correctly, the Wireless LAN Solution Engine cannot communicate with the device. Both read-only and read/write community strings are required.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Table 6-3 Community String Guidelines Variable Description Notes target The IP address of a device or range of devices that use these community strings. If you do not specify a target, the default community strings apply to all devices in the network. read_community A password allowing read-only access to the target devices. You must specify the read community string. Otherwise, the default value of public is used.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Community String Guidelines Use these guidelines when adding or modifying community strings: • You can assign community strings to any of the following: – Complete IP address; for example, 172.20.4.9 – Any wild cards (based on IP addresses); for example: *.*.*.* 172.*.*.* – Address ranges, which can include wild cards; for example: 27.20.[4-55].* 172.[21-30].[44-88].* 172.*.*.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Procedure Step 1 Select Administration > Discover > Device Credentials > HTTP User/Password. Step 2 To add a username and password: Step 3 Step 4 a. Enter the access point IP address or range of IP addresses that will use this username and password. b. Enter the username. c. Enter the password. d. Click Save. The IP address and username are added to the Current Entries textbox. To modify an entry: a.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices • Run Discovery Now—Run a one-time, immediate discovery (see Run Discovery Now, page 6-22) You can also view details on the last 15 discoveries—See Viewing Inventory and Discovery Task History, page 6-27. Related Topics • Overview: Discovery, page 6-11 • Set Up Devices, page 6-12 Overview: Discovery You can set up regularly scheduled discoveries and run one-time discoveries.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Related Topic Importing Devices, page 6-28 Managing Devices, page 6-2 Set Up Devices You must set up devices so the WLSE can discover and manage them.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Table 6-4 Set Up Procedures for Access Points and Bridges (continued) Tasks 2. Enable SNMP. Procedure 1. In the Summary Status page, click Setup. The Cisco Services Setup page appears. 2. Under Services, click SNMP. The SNMP Setup page appears. 3. Select Enabled. 4. Enter a System Name, System Location, and System Contact. 5. Click Apply or OK. 1. In the Summary Status page, click Setup.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Table 6-4 Set Up Procedures for Access Points and Bridges (continued) Tasks Procedure 4. Add an HTTP user with the ability to modify firmware, and enable the User Manager. You can use the same user that you created in Task 3, if the user has firmware privileges. 5. Set up TFTP as the transfer protocol between the WLSE and access points. 1. In the Summary Status page, click Setup. The Cisco Services Setup page appears.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Set Up Routers and Switches Only routers and switches that have properly configured access points or bridges attached to them will be discovered. Note On each router and switch, configure the following: Table 6-5 Set Up Procedures for Routers and Switches Task 1. Enable CDP and verify that access points and bridges are visible from the router or switch. Procedure Notes 1. Enter enable mode. 2.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Table 6-5 Set Up Procedures for Routers and Switches (continued) Task Procedure 3. (Optional) Set On IOS-based devices, enter configuration mode the system name, and use the following commands. contact, and • To set the system name, use the hostname name location command. variables. • To set the system contact, use the snmp contact contact command. • To set the location, use the snmp location location command.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Note You will need the IP address or name of the PC when configuring the WLSE. Step 2 Click User Setup on the left side of the initial page. The User Setup page appears. Step 3 Enter a username for the user the WLSE will use for synthetic transactions and click Add/Edit. Step 4 Enter a password in the first set of Password and Confirm Password textboxes. Click Submit.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Enable Discovery Options You can modify the discovery process by specifying that all discovered devices be automatically managed and enabling reverse DNS lookup so that device names, instead of IP addresses, appear in WLSE displays. Note Your login determines whether you can use this option. Procedure Step 1 Select Administration > Discover > DISCOVER > Discovery Options. The Discovery Options window appears.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Step 4 Click Save. Related Topics Manage Devices, page 6-3 Set Up Discovery Filters You can limit discovery to certain devices by setting up filter rules to include or exclude devices. Filter rules consist of device IP addresses with optional wildcards and ranges. Note Your login determines whether you can use this option. Procedure Step 1 Select Administration > Discover > DISCOVER > Filter Rules.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Table 6-6 Effects of Include and Exclude Rules in Discovery Filters Include Rules Defined? Exclude Rules Defined? Result No No All devices are discovered. No Yes All devices are discovered, but those that match the Exclude Rules are discarded. Yes No Only devices that match the Include Rules are discovered. Yes Yes Only devices that match the include rules are discovered.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices • Note Discover “disconnected” networks; that is, discover devices across links on which CDP is disabled or discover devices outside the firewall. Your login determines whether you can use this option. Procedure Step 1 Select Administration > Discover > DISCOVER > Schedule Discovery. The Discovery - Configuring Seeds dialog box appears.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Note Routers and switches that do not have access points attached to them are used when computing CDP distance. However, such devices will not appear in the discovered devices list. Step 5 If you have not entered community strings that allow the WLSE to access all devices to be discovered, click Enter community strings before running discovery. The SNMP Community dialog box appears.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Step 2 If necessary, add seed devices: Note a. Any seed devices added here are used for this one-time discovery only. Enter the seed device’s IP address or device name in the Add Seed Value text box and click >>. Device names must resolve to your local DNS in order to translate device names to IP addresses during discovery. The requirements for entering device names are: – Blank spaces are not allowed.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices • Viewing Inventory and Discovery Task History, page 6-27 Running Inventories The WLSE automatically runs scheduled inventories (see About Scheduled Inventories, page 6-24), and you can run immediate inventories of all devices or of selected devices.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices To change the scheduled inventory intervals, you can reset the inventory polling parameters. See Managing System Parameters, page 6-73. Immediate Inventory of Selected Devices Use this option to run an immediate inventory of selected devices. Note Your login determines whether you can use this option. Procedure Step 1 Select Administration > Discover > Inventory > Run Inventory Now.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Step 4 Click Run Inventory for Selected Devices. The inventory job starts immediately. Managed devices are polled and information is collected. WLSE displays are updated accordingly. Step 5 The Tasks History window appears. You can expand the Inventory folder to see the results of the inventory collection: • Inventories of selected devices are named InventoryRunNow_number.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices • Click the inventory name. The Run Log appears, showing the start and end times of the inventory and type of data that was collected. Viewing Inventory and Discovery Task History You can view the history of inventories and discoveries by using the Task History option. Details on the last 15 inventories and discoveries are accessible through this option. Note Your login determines whether you can use this option.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Table 6-8 Step 3 Inventory Job Names Name Type of Job Inventory Scheduled and immediate inventories of all devices. ClientInventory Scheduled inventories of client associations to access points. PerformanceInventory Scheduled inventories of performance attributes used in trend reports. InventoryRunNow_number Immediate inventories of selected devices, run by users. To view details about a job, select the job.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Devices not supported by the WLSE are ignored. You can choose to discover some devices and import others. The following information is imported: • IP addresses are accepted, and hostnames are resolved to obtain the IP address. Hostnames that cannot be resolved are ignored. • Read-only and read/write community strings are appended to the end of the Bulk SNMP Settings table (Administration > Discover > Device Credentials).
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Step 4 To verify the discovery, see Viewing Inventory and Discovery Task History, page 6-27. Related Topics • Import Devices from CiscoWorks2000, page 6-30 • Schedule Discovery, page 6-20 • Specifying Device Credentials, page 6-6 • Viewing Inventory and Discovery Task History, page 6-27 Import Devices from CiscoWorks2000 You can import devices directly from CiscoWorks2000 by connecting to a CiscoWorks2000 server.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Step 3 To see the Import Status log, click Status. The CiscoWorks2000 Import Status window appears. To refresh the status display, click Refresh. • If the Last Status button is displayed in place of the Status button, you can review the results of a previous import.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Procedure Step 1 Select Administration > Discover > Export Devices > To CiscoWorks2000. Step 2 Enter the following information: Step 3 • The CiscoWorks2000 server IP address. • The CiscoWorks2000 server port number. You may need to contact the administrator of the CiscoWorks2000 server. • The username and password of any user who has the authority to export and import device credentials on the CiscoWorks2000 server.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Step 5 After you export devices, you can view them in CiscoWorks2000 Resource Manager Essentials (see the Resource Manager Essentials online help for details). Adding, Modifying and Deleting AAA Servers Before adding AAA servers to the WLSE, you must configure the servers to add the WLSE as a client. For information on adding the WLSE as a client on AAA servers, see Set Up AAA Servers, page 6-16.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Step 1 To add a LEAP server: a. Select Administration > Discover > LEAP SERVER > Add Server. The LEAP Server: Add Server dialog box appears. b. Complete the following: Text Box Description Server Name Name or IP address of the AAA server. Server Port Port on the server that is used for authentication; this is always 1645. Username Client username that you entered on the AAA server.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices Manage RADIUS Servers Note Your login determines whether you can use this option. Procedure To add, modify or delete a RADIUS server: Step 1 To add a RADIUS server: a. Select Administration > Discover > RADIUS SERVER > Add Server. The RADIUS Server: Add Server dialog box appears. b. Complete the following: Text Box Description Server Name Name or IP address of the AAA server.
Chapter 6 Performing Administrative Tasks Using Discovery and Managing Devices b. Step 4 From the list, select the server you want to remove, then click Submit. For information on changing the polling interval and response time fault thresholds for RADIUS servers, see Specifying Fault Thresholds, page 2-15. Manage EAP-MD5 Servers Note Your login determines whether you can use this option. Procedure To add, modify or delete a EAP-MD5 server: Step 1 To add an EAP-MD5 server: a.
Chapter 6 Performing Administrative Tasks Managing Groups Step 3 Step 4 b. Select a server from the Server Name list, and enter data as described in Step 1. c. Click Submit. To remove an EAP-MD5 server: a. Select Administration > Discover > EAP-MD5 Server > Remove Server. The RADIUS Server: Remove Server dialog box appears. b. From the list, select the server you want to remove, then click Submit.
Chapter 6 Performing Administrative Tasks Managing Groups The device selector lists all the current groups, both system-defined groups and user-defined groups. The number after a group name or folder shows how many objects are in the group (devices and other groups) or how many groups are in the folder. Every managed device appears in one or more of the system-defined groups, and may also appear in user-defined groups.
Chapter 6 Performing Administrative Tasks Managing Groups User-Defined Groups You can define any number of groups, which can contain subgroups and devices. User-defined groups can contain devices and other groups, so you can set up hierarchies of groups. Related Topics • Creating, Editing, and Deleting Groups, page 6-39 • Managing Device Discovery, page 6-10 • Running Inventories, page 6-24 Creating, Editing, and Deleting Groups You can create groups and edit or delete user-defined groups.
Chapter 6 Performing Administrative Tasks Managing Groups Creating a New Group Procedure Step 1 Select Administration > Group Management. The group selector pane and group window are displayed. Step 2 To create a new group, click Create New. The Create Group dialog appears and the Search dialog appears above the group selector. To search for devices: Step 3 a. From the list in the search dialog, select the method for searching: by device name or IP address. b. Enter the IP address or name.
Chapter 6 Performing Administrative Tasks Managing Groups Step 9 To save the group, click Save. The new group is displayed and added to the end of the group selector list. To cancel the group creation and discard your changes, click Cancel. Copying an Existing Group Use this procedure to create a new group by copying an existing group. You can copy both system groups and user-defined groups. Procedure Step 1 Select Administration > Group Management.
Chapter 6 Performing Administrative Tasks Managing Groups Step 5 To add more devices to the group: a. Select another group. Devices in that group are added to the All Available Devices list in the Create Group dialog. b. Select the group or individual devices from the Available Devices list and click >>. c. To add more devices, repeat Steps a and b. Step 6 To remove devices from the group, select them from the Devices in Group list and click <<. Step 7 To save the group, click Save.
Chapter 6 Performing Administrative Tasks Managing Groups Step 2 b. Enter the IP address or name. You can use asterisks (*) as wildcards. An asterisk denotes any number of characters in a name or an entire octet in an IP address; for example, *AP or 172.*.*.*. c. Click Search. The matching devices appear in the Search Results folder in the device selector. Change the Name or Description by editing the text in the text boxes.
Chapter 6 Performing Administrative Tasks Managing the Appliance Procedure Step 1 Select Administration > Group Management. The device selector appears in the left pane and the Group window appears. Step 2 Select the group from the group selector list. The group is displayed. Step 3 Click Delete.
Chapter 6 Performing Administrative Tasks Managing the Appliance Note • Time/NTP/Name—Set the current time (see Setting the Current Time and Date on the WLSE, page 6-69), specify NTP servers (see Specifying NTP Time Servers, page 6-70), and specify IP name servers (see Specifying Name Servers, page 6-71). • Configure Mailroute—Specify an SMTP server for handling email notifications (see Specifying an SMTP Mail Server, page 6-71).
Chapter 6 Performing Administrative Tasks Managing the Appliance Field Description Size Limit Recommended maximum file size. File Size Utilization % Percentage of the maximum size (500MB) that is being used. Step 2 To see log file details, click the name of the log file. A window appears with log file information. For a description of each file, see Log Files Displayed, page 6-46.
Chapter 6 Performing Administrative Tasks Managing the Appliance Restarting the Wireless LAN Solution Engine This option allows you to restart the WLSE. After the Wireless LAN Solution Engine restarts, discovery and inventory will resume at the next scheduled time. Procedure Step 1 Select Administration > Appliance > Status > Restart. The Restart System screen appears. Step 2 Click OK to restart the Wireless LAN Solution Engine.
Chapter 6 Performing Administrative Tasks Managing the Appliance • Software Updates—Select and install a software update from the repository. You must specify the repository before updating software so the Wireless LAN Solution Engine can locate the software updates (see Installing Software Updates, page 6-52). • Browse Repository—Browse the available complete images and software upgrades on the repository (see Browsing the Repository, page 6-53).
Chapter 6 Performing Administrative Tasks Managing the Appliance Step 2 To view details about an installation, click View Log in the Details field. The install log for the selected installation opens. The information about the latest software installed is displayed. Related Topics • Viewing Software Update History, page 6-54 • Installing Software Updates, page 6-52 • Managing the Software, page 6-47 Defining the Repository The repository warehouses the available software updates for the WLSE.
Chapter 6 Performing Administrative Tasks Managing the Appliance Step 3 Text Box Description Port Number The port number used by the software on the repository. The default port number for the local repository is 9851. Description A description of the repository. This text box is optional; you can enter any description. Click Connect to Repository to verify that the hostname and port number you entered are correct. If the data is incorrect, an error message appears.
Chapter 6 Performing Administrative Tasks Managing the Appliance Step 4 Download the software you want to the repository using the following command: repository add package Creating a Remote Repository A remote repository can serve as the repository for one or more Wireless LAN Solution Engines. The remote repository can be either: Note • A WLSE functioning as the remote repository for other WLSEs. • A Windows NT or Windows 2000 server.
Chapter 6 Performing Administrative Tasks Managing the Appliance Step 6 Enter the hostname or IP address of the appliance. The remote repository is now on the Windows NT or Windows 2000 server. To install software updates from this repository, see Installing Software Updates, page 6-52. Related Topic Creating a Local Repository, page 6-50 Installing Software Updates Note When you update or reinstall software, the WLSE stops and restarts.
Chapter 6 Performing Administrative Tasks Managing the Appliance Step 3 To view details about any of the listed software, click README in the Details field. Step 4 To begin the installation, make a selection from the Compatible Updates table, Compatible Reinstallations table, or Complete Images table. Step 5 To install the selected software, click Install. The Install Software Updates window opens. Step 6 Click Confirm to continue the installation. Click Cancel to cancel the installation.
Chapter 6 Performing Administrative Tasks Managing the Appliance Procedure Step 1 Select Administration > Appliance > Software > Browse Repository. The Browse Repository dialog box appears. Step 2 To view detailed information about a complete image or update, click README in the Complete Images table or Updates table. These tables display the following about all the software available on the repository: Field Description Name Software identifier. Version Version number of the software.
Chapter 6 Performing Administrative Tasks Managing the Appliance Table 6-9 Software Update History Window Field Description Name Software identifier. Version Software version. Summary Summary of the installed software. Install Date The date and time (UTC) the software was installed. Status The status of the installed software. Details The detailed install log for this software. Status The status of the installation: Success—Software was installed with no errors.
Chapter 6 Performing Administrative Tasks Managing the Appliance • Authentication through the local database or through alternative authentication services • Flexible user access to managed devices and Wireless LAN Solution Engine services through configurable roles.
Chapter 6 Performing Administrative Tasks Managing the Appliance After you select and configure a module, all authentication transactions are performed by the authentication service associated with that module. Users log in with the user ID and password associated with the current authentication module. The Wireless LAN Solution Engine determines user roles; therefore, all users must be in the local database of user IDs and passwords.
Chapter 6 Performing Administrative Tasks Managing the Appliance – Primary Server and Secondary Server—IP addresses or device names of the primary and secondary authentication servers. A secondary server is optional. – Shared Secret—Secret key. • MS NT Domain module: – Domain—Name of the Windows domain. – Primary Domain Controller and Backup Domain Controller—Names of the primary and backup Windows domain controllers. A backup domain controller is optional.
Chapter 6 Performing Administrative Tasks Managing the Appliance Step 2 Click View CSR. The encrypted CSR is displayed. Step 3 Copy the encrypted CSR (between the begin and end lines). Send the CSR to a certificate authority (such as Verisign), following the authority’s procedure. Step 4 When you receive the signed certificate: Step 5 a. Copy it into an ASCII file on a client system. b. On the same client, select Administration > Security. c.
Chapter 6 Performing Administrative Tasks Managing the Appliance Procedure Step 1 Select Administration > Appliance > Security > SSH and Telnet. The SSH and Telnet control panel appears. Step 2 To change the type of SSH used, select the desired SSH version from Select Protocol, then click Change Protocol. Step 3 To enable or disable Telnet, make a selection from Telnet, then click Configure. Changes takes place immediately.
Chapter 6 Performing Administrative Tasks Managing the Appliance Related Topic Overview: Security, page 6-55 Backing Up and Restoring Data Backing up the WLSE saves its configuration data in case you need to restore the data. When you select Administration > Appliance > Backup and Restore, the following options appear: • Configure—Set the backup location (see Specifying the Backup Location, page 6-61).
Chapter 6 Performing Administrative Tasks Managing the Appliance • Do not include the drive specifier (for example c:\) in the path specification. • The path is relative to the ftproot. Step 7 Click Save. Step 8 To verify that the backup location is reachable and is running an FTP server: a. Select Administration > Appliance > Backup and Restore > Backup. b. Click Test. c. Click OK.
Chapter 6 Performing Administrative Tasks Managing the Appliance • Select UNIX under Directory Listing Style. • Select Write under FTP Site Directory. Backing Up Data Data backed up includes Wireless LAN Solution Engine role and user information, discovery configuration information, and other configuration information. The following procedure includes a verification step; it is recommended that you always verify that the backup succeeded. Note You should perform a backup every time you add a user.
Chapter 6 Performing Administrative Tasks Managing the Appliance Related Topic Restoring Data, page 6-64 Restoring Data Procedure Step 1 Select Administration > Appliance > Backup and Restore > Restore. Step 2 From the Available Images list, select a backup image. Images are listed by Wireless LAN Solution Engine hostname and date and time of backup. Step 3 Click Restore. The Restore Backup window opens. Step 4 Click OK.
Chapter 6 Performing Administrative Tasks Managing the Appliance Viewing and Creating a Status Report The WLSE information and status report shows general WLSE status, log files, package information, database status, process status, web server information, Java class information, and log files. Note Status reports show UTC time. Procedure Step 1 Select Administration > Appliance > Diagnostics > WLSE Info. The WLSE Information and Status Report dialog box appears.
Chapter 6 Performing Administrative Tasks Managing the Appliance Procedure Step 1 Select Administration > Appliance > Diagnostics > Self Test. The WLSE Self-Test Report dialog box appears. Step 2 To display a report, click its name. If there are no reports listed, you must create a new report by clicking Create. Step 3 To display the new report, click its name. If the report is not displayed, click Refresh. Step 4 To delete a report, select the report check box, then click Delete.
Chapter 6 Performing Administrative Tasks Managing the Appliance Column Description RC Return code. “0” represents normal program operation. Any other number typically represents an error. Refer to the error log. Signo Signal number. “0” represents normal program operation. Any other number is the last signal delivered to the program before it terminated. Start Time Time (UTC) and date the process was started. Stop Time Time (UTC) and date the process was stopped.
Chapter 6 Performing Administrative Tasks Managing the Appliance • To see a complete report of all processes running on the WLSE, click Complete Report. Processes Displayed The Process Status table displays the status of the following major WLSE-specific processes: Process Name Description WLSEjobvm The job virtual machine. WLSEFaults The fault manager. WebServer The Web Server. Tomcat The Java servlet engine. ExcepReporter The process that forwards traps.
Chapter 6 Performing Administrative Tasks Managing the Appliance System Log The system log, which describes the status of the processes running in the system, displays the following: Field Description Timestamp The date and time the message is logged. Process The process that logged the message. Type The message type, such as INFO, WARNING, CRITICAL. Information The process status as known by the Daemon Manager.
Chapter 6 Performing Administrative Tasks Managing the Appliance To set the UTC time, use the following CLI command: clock {set hh:mm:ss month day year} For more information on this command see the User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine—From the online help, click View PDF. Note Your login determines whether you can use this option. Procedure Step 1 Select Administration > Appliance > TIME/NTP/NAME.
Chapter 6 Performing Administrative Tasks Managing the Appliance Specifying Name Servers You can specify the addresses of up to three name servers for name and address resolution. Note Your login determines whether you can use this option. Procedure Step 1 Select Administration > Appliance > TIME/NTP/NAME. Step 2 To remove a name server, select it from the Current Servers list and click Remove.
Chapter 6 Performing Administrative Tasks Managing the Appliance Using Connectivity Tools The options in the Connectivity Tools window allow you to perform connectivity tests and find information about devices. Note Your login determines whether you can use this option. Procedure Step 1 Select Administration > Appliance > Connectivity Tools. The Network Connectivity and Security Test dialog box appears. Step 2 Enter a device name or IP address in the Device text box.
Chapter 6 Performing Administrative Tasks Managing System Parameters Managing System Parameters The System Parameters window allows you to set certain global parameters. For example, to change the interval at which the Wireless Clients reports will be updated, change the value of the Wireless Client Poll Interval parameter. Note Your login determines whether you can use this option. Procedure Step 1 Select Administration > System Parameters.
Chapter 6 Performing Administrative Tasks Managing System Parameters Table 6-10 System Parameters (continued) Parameter Description Aggregation Interval Interval at which the performance data (from Inventory Performance Attributes Polling Interval) is aggregated. This is the data shown in Report Trends. Note For reports it is necessary to compute some attributes over longer periods (average, percentages, changes). This interval determines how often these computations are performed.
Chapter 6 Performing Administrative Tasks Administering Users Note To reset parameters to previous values, click Reset before saving. A confirmation dialog appears. To return to the System Parameters window, click Back. Administering Users The User Admin options allow you to manage user roles and logins: • Manage Roles—Add, modify, and delete roles (see Managing Roles, page 6-75). • Manage Users—Add, modify, and delete user accounts (see Managing Users, page 6-77).
Chapter 6 Performing Administrative Tasks Administering Users • Help desk—Monitoring authority only. You can create other roles, which can be modified or deleted. Note Your login determines whether you can use this option. Procedure Step 1 Step 2 To access the role management window, select Administration > User Admin > Manage Roles. Role names are displayed in the center pane. To view the subtabs to which the role has access, select the role. • The admin user can view all existing roles.
Chapter 6 Performing Administrative Tasks Administering Users Managing Users Use this option to: • Add Users, page 6-77 • Modify Users, page 6-78 • Delete Users, page 6-80 Add Users Note Your login determines whether you can use this option. Procedure Step 1 Step 2 Select Administration > User Admin > Manage Users. The Add/Modify/Delete dialog appears. The Users list displays the current users. • The admin user can view and modify all existing users.
Chapter 6 Performing Administrative Tasks Administering Users Step 3 Field Information to Enter CLI Access Select the user’s access to the WLSE CLI: None, Level 0, or Level 15. By default, Level 15 is selected for System Administrator, and None is selected for other users. Users with privilege level 15 can use all commands, and users with privilege level 0 can use a subset. Roles Select one or more roles for the user. To add a role, select it from the pulldown list.
Chapter 6 Performing Administrative Tasks Administering Users Step 2 Step 3 Select the user from the Users list and make the desired changes: Field Information to Enter User Name Enter the user’s name. User Password Enter a new password for new user. Confirm Password Reenter the new password. Email Enter or change the user’s email address. CLI Access Change the user’s access to the WLSE CLI: None, Level 0, or Level 15.
Chapter 6 Performing Administrative Tasks Modifying Your Profile Delete Users Note Your login determines whether you can use this option. Procedure Step 1 Select Administration > User Admin > Manage Users. The Manage Users dialog appears. Step 2 Select the username from the Users list, then click Delete. A confirmation dialog appears. After you click OK, the user is deleted. Modifying Your Profile Use the My Profile tab to change your password.
Chapter 6 Performing Administrative Tasks Linking to a CiscoWorks2000 Server Linking to a CiscoWorks2000 Server You can link to a CiscoWorks2000 server and display the server’s desktop in the right pane or in a separate window. Note This feature is available to all users. Procedure Step 1 Select Administration > Links. The Add Links window and list of links appear. Step 2 To connect to a CiscoWorks2000 server, click a link in the left pane. The server desktop will appear. Step 3 To add a link: d.
Chapter 6 Performing Administrative Tasks Linking to a CiscoWorks2000 Server User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine 6-82 78-14947-01
C H A P T E R 7 Frequently Asked Questions Q. What ports and protocols does the WLSE use? A. For discovery and fault monitoring, the WLSE primarily uses SNMP (UDP port 161). For applying configuration changes, the WLSE uses SNMP, HTTP (TCP port 80 or as configured), and TFTP (UDP port 69). Q. How do configuration files get transferred to access points? A. Even though access points support both TFTP and FTP, the WLSE uses only TFTP to upload and download configuration files. Q.
Chapter 7 Frequently Asked Questions User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine 7-2 78-14947-01
C H A P T E R 8 Troubleshooting This section provides suggestions for troubleshooting the Wireless LAN Solution Engine components. If the suggestions do not resolve the error, check the release notes for a possible work around, or contact the Cisco TAC or your customer support.
Chapter 8 Troubleshooting Faults Table 8-1 Troubleshooting Hints for Faults Feature Symptom Probable Cause Faults > The Display Fault view is There are no faults to Display Faults blank. report based on the filtering criteria you entered. The Description column in the Display Faults table shows, "SNMP query received authentication error response." Faults > Notification Settings The user created for community strings does not have Admin, Ident, Firmware, and SNMP privileges.
Chapter 8 Troubleshooting Configure Table 8-2 Troubleshooting Hints for Configure Feature Symptom Probable Cause Possible Solution Configure > Templates The access point is inaccessible through the HTTP port set through template configuration job. The HTTP port setting does not take effect until the access point is cold restarted. Cold restart the access point. Template configuration job fails every time. The access point is not set Make sure the WLSE is up properly.
Chapter 8 Table 8-2 Feature Troubleshooting Troubleshooting Hints for Configure (continued) Symptom Probable Cause Possible Solution Your job includes the following Security options, which are not supported by the Undo function: • Local Admin Authentication under the Local Admin Access • Encryption Key Values under Local AP/Client Security • Shared Secret under Server-Based Security. • Shared Secret under Accounting. Your job includes the FTP username and password.
Chapter 8 Table 8-2 Troubleshooting Troubleshooting Hints for Configure (continued) Feature Symptom Probable Cause Possible Solution Configure > Jobs An HTTP job does not run or fails. The credentials are not set Make sure the credentials on properly. the WLSE are the same as the credentials on the access point or bridge using Administration > Discover > Device Credentials. Make sure the credentials on the access point or bridge have firmware rights. The TFTP server is not set up correctly.
Chapter 8 Table 8-2 Troubleshooting Troubleshooting Hints for Configure (continued) Feature Symptom Probable Cause Possible Solution Configure > Jobs The job failed. There are multiple reasons a job may have failed. Make sure all the bootstrapping steps have been performed correctly on the access point. Check the jobvm.log by selecting Administration > Appliance > Status > View Log File to further identify and report the problem.
Chapter 8 Table 8-2 Troubleshooting Troubleshooting Hints for Configure (continued) Feature Symptom Probable Cause Possible Solution Configure > Jobs The job is reported The SNMP timeout to the device is too short. as failed, but the configuration was applied successfully to the devices. Select Administration > Discover > Device Credentials > SNMP Communities and increase the SNMP timeout. The job completed with errors.
Chapter 8 Troubleshooting Firmware Table 8-3 Troubleshooting Hints for Firmware Feature Symptom Probable Cause Firmware > Jobs There is a time discrepancy in scheduled jobs. The time was not set correctly on the WLSE. Possible Solution 1. Reset the WLSE time to Universal Coordinated Time (UTC) using CLI commands as follows: a. Enter services stop to stop services. a. Enter the clock command to reset the time. a. Enter services start to restart the services. 2.
Chapter 8 Table 8-3 Troubleshooting Troubleshooting Hints for Firmware Feature Symptom Probable Cause Firmware > Jobs (continued) An SNMP job fails The read community string does not have sufficient permissions. Possible Solution To allow SNMP reads, the access point mut have a user with at least SNMP and FIRMWARE permissions, and the read community defined on the WLSE must be equivalent to a user on the access point with SNMP and FIRMWARE permissions.
Chapter 8 Table 8-4 Troubleshooting Troubleshooting Hints for Reports (continued) Feature Symptom Probable Cause Possible Solution Reports > Scheduled Email Jobs Email fails to arrive at its destination. The SMTP server is not configured properly. Configure the SMTP server by selecting Administration > Appliance > Configure Mailroute. There is a time discrepancy in the scheduled email jobs. The time is not set correctly on the WLSE. 1.
Chapter 8 Table 8-4 Troubleshooting Troubleshooting Hints for Reports (continued) Feature Symptom Probable Cause Possible Solution The SNMP user may not Open a browser window to the have the correct rights access point, and select Setup > assigned. Security > User Information. Reports > Current The report for > Summary access points is Reports > Current empty.
Chapter 8 Table 8-5 Troubleshooting Troubleshooting Hints for the Discover Subtab (continued) Feature Symptom Probable Cause Administration > Discover > DISCOVER There is a time discrepancy in the scheduled discovery jobs. The local or system time is not set correctly on the WLSE. Possible Solution 1. Reset the WLSE system time (UTC) using CLI commands as follows: a. Enter services stop to stop services. a. Enter the clock command to reset the time. a.
Chapter 8 Table 8-5 Troubleshooting Troubleshooting Hints for the Discover Subtab (continued) Feature Symptom Probable Cause Possible Solution Administration > Discover > DISCOVER Devices are not discovered. The device is not specified as a seed or the CDP distance is not high enough to reach the device. Specify the device as a seed or increase the CDP distance so that devices are discovered in Administration > Discover > Schedule Discovery or Run Discovery Now.
Chapter 8 Troubleshooting The following table lists troubleshooting hints for Administration > Appliance. Table 8-6 Troubleshooting Hints for the Appliance Subtab Feature Symptom Probable Cause Possible Solution Administration > Appliance > Security > Authentication Modules Users cannot log in after failure of the alternative authentication source. The WLSE falls back to the Local authentication module. Users can log in using their local passwords.
A P P E N D I X A Naming Guidelines • Names and Descriptions—allowable characters for names and descriptions (see Name and Description Allowable Characters, page A-1). • Roles and Users—rules to follow when creating new roles and users (see Roles and User Rules, page A-2).
Appendix A Naming Guidelines Character Description Example full stop (period) . solidus (forward slash) / colon : semicolon ; less-than and greater-than signs <> equals = question mark ? low line (underscore) _ left and right square bracket [] reverse solidus (backward slash) \ left and right curly bracket {} vertical line | tilde ~ dollar sign $ Roles and User Rules Type User Name User Password Role Rules • No more than 32 characters. • Case-sensitive.
A P P E N D I X B Command Reference This appendix summarizes the Wireless LAN Solution Engine’s command line interface (CLI) commands. When you make a configuration change using these commands, the system configuration is updated immediately.
Appendix B Command Reference Using the CLI Using the CLI You can use the CLI by: • Attaching a console to the WLSE • Accessing the WLSE using Telnet CLI Conventions The command-line interface (CLI) uses the following conventions: • The key combination ^c or Ctrl-c means hold down the Ctrl key while you press the c key. • A string is defined as a non-quoted set of characters.
Appendix B Command Reference Command History Feature • If you enter a valid command but omit required options, the system displays Incomplete command . • If you enter a valid command but provide invalid options or parameters, the system displays Invalid input. In addition, some commands have command-specific error messages that notify you that a command is valid, but that it cannot run correctly. Command History Feature The CLI provides a command history feature.
Appendix B Command Reference Command Summary Command Summary Table B-1 summarizes all commands available on the WLSE. Refer to the full description of commands that you are not familiar with before using them. Table B-1 Command Summary Command Privilege Level Summary Description Location of Full Description auth 15 Enables secure remote authentication. “auth” section on page B-17 backup 15 Backs up the WLSE.
Appendix B Command Reference Command Summary Table B-1 Command Summary (continued) Command Privilege Level Summary Description install list 15 Lists software updates and images currently available on a configured repository. “install list” section on page B-28 install update 15 Installs software updates and images from a configured repository. “install update” section on page B-29 interface 15 Configures an Ethernet interface.
Appendix B Command Reference Command Summary Table B-1 Command Summary (continued) Command Privilege Level Summary Description reinitdb 15 Reinitializes the database. repository 15 Configures the Wireless LAN Solution “repository” section on Engine to be a repository server. page B-40 repository add 15 Transfers software updates and images “repository add” section on page B-41 from a remote server to the Wireless LAN Solution Engine’s local repository.
Appendix B Command Reference Command Summary Table B-1 Command Summary (continued) Command Privilege Level Summary Description Location of Full Description show cdp neighbor 15 Displays the WLSE’s nearest neighbor “show cdp neighbor” section on the network., on page B-52 show cdp run 15 Displays the Cisco Discovery Protocol “show cdp run” section on (CDP) configuration. page B-52 show clock 0 Displays the system date and time in Coordinated Universal Time (UTC).
Appendix B Command Reference Command Summary Table B-1 Command Summary (continued) Command Privilege Level Summary Description show ipchains 15 Displays the IP chains for the selected interface. “show ipchains” section on page B-60 show hosts 15 Displays the Wireless LAN Solution Engine’s host file. “show hosts” section on page B-61 show maillog 15 Displays the Wireless LAN Solution Engine’s mail log.
Appendix B Command Reference Command Description Conventions Table B-1 Command Summary (continued) Command Privilege Level Summary Description shutdown 15 Shuts down the system in preparation for powering it off. “shutdown” section on page B-70 snmp-server 15 Configures an snmp agent. “snmp-server” section on page B-71 ssh 15 Connects to an external host using SSH “ssh” section on page B-71 ssh-version 15 Enables Secure Shell (SSH) 1, SSH 2, or both SSH 1 and SSH 2.
Appendix B Command Reference Privilege Level 0 Commands • Italics indicate arguments for which you supply values. Privilege Level 0 Commands This section describes the privilege level 0 commands. exit To log out of the system, use the exit command. exit Syntax Description This command has no arguments or keywords. Example The following command logs you out of the system: exit ping To send ICMP echo_request packets for diagnosing basic network connectivity, use the ping command.
Appendix B Command Reference Privilege Level 0 Commands s Sets the size of each echo packet. packetsize The size of each echo packet, in bytes. The default is 56. hostname Host name of system to ping. ip-address IP address of system to ping. n Disables reverse DNS lookup. Usage Guidelines To use this command with the hostname argument, DNS must be configured on the system. To force the time-out of a nonresponsive host or to eliminate a loop cycle, press Ctrl-c.
Appendix B Command Reference Privilege Level 0 Commands Usage Guidelines Use the show clock command to display the system date and time. For more information about the system time, see the section “Setting System Date and Time” in the Installation and Configuration Guide for the Cisco 1105 Wireless LAN Solution Engine.
Appendix B Command Reference Privilege Level 0 Commands show interfaces To display information about the system network interface, use the show interfaces command. show interfaces Syntax Description This command has no arguments or keywords. Example This command displays information about system network interfaces: show interfaces eth0 Link encap:Ethernet HWaddr 00:02:B3:35:FD:CC inet addr:209.165.200.224 Bcast:209.165.201.0 Mask:255.255.255.
Appendix B Command Reference Privilege Level 0 Commands Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.
Appendix B Command Reference Privilege Level 0 Commands Example This command displays the current software on the system: show version Copyright (c) 1999-2000 by Cisco Systems, Inc. Build Version (166) Mon Jun 11 16:56:23 PDT 2001 Uptime: 4 days 20 hours 6 mins Linux/UID32 version 2.2.16-13bipsec.uid32 (gcc version egcs1 traceroute To display the network route to a specified host and identify faulty gateways, use the traceroute command.
Appendix B Command Reference Privilege Level 0 Commands Usage Guidelines Use the traceroute command to trace the network route to a specified host and identify faulty gateways. The command displays a list of the hosts that receive probe packets as they travel to the destination host, in the order that the receiving hosts receive the packets. Asterisks (*) appear as the list entry for hosts that do not respond to probing correctly.
Appendix B Command Reference Privilege Level 15 Commands Privilege Level 15 Commands This section describes the privilege level 15 commands. Only users with privilege level 15 can run these commands. auth Use the auth command to enable secure remote authentication. auth {cli | http} {local | tacacs secret server1 [server2] | radius secret server1 [server2] | nt domain pdc [bdc]} Syntax Description cli Enables authentication using the Command Line Interface (CLI).
Appendix B Command Reference Privilege Level 15 Commands Example This command enables secure remote authentication from a remote server, using TACACS. auth http tacacs tr5e43 209.165.200.224 backup Use the backup command to back upthe WLSE. backup [test] Syntax Description test Tests the configured backup hostname, username, password, and directory. Usage Guidelines To back up the WLSE, use the backup command. To configure the backup location, use the backupconfig command.
Appendix B Command Reference Privilege Level 15 Commands backupconfig Use the backupconfig command to set the configuration for all backup and restore operations. To clear the backup and restore configuration information, use the no backupconfig command. backupconfig {hostname} {username} {password} [directory] no backupconfig Syntax Description hostname Host name or IP address of the host system. username Username of host system. password Password of the host system.
Appendix B Command Reference Privilege Level 15 Commands show backupconfig cdp Use the cdp command to configure the Cisco Discovery Protocol cdp {run [port] | timer seconds | holdtime seconds} no cdp {run [port] | timer | holdtime} Syntax Description run start cdp timer set cdp packets retransmission time. holdtime set cdp packet info hold time. port Ethernet port on which CDP will be enabled. Acceptable values are eth0-15.
Appendix B Command Reference Privilege Level 15 Commands cdp timer 10 This command sets the cdp packet’s retransmission to its default time. no cdp timer clock To set the system date and time, use the clock command. See the Usage Guidelines before using this command. clock {set hh:mm:ss month day year} Syntax Description set Sets the system clock. hh:mm:ss Current time (for example, 13:32:00). month Current month.
Appendix B Command Reference Privilege Level 15 Commands To set the date and time, use the set option. If you configure the system to use Network Time Protocol (NTP), you do not need to set the system clock manually using the clock command.When setting the clock, enter the current time in Coordinated Universal Time (UTC). For more information about the system time, refer to “Setting System Date and Time” in the Installation and Configuration Guide for the Cisco 1105 Wireless LAN Solution Engine.
Appendix B Command Reference Privilege Level 15 Commands /dev/sda8 /dev/sda6 /dev/sda13 /dev/sda9 /dev/sda10 /dev/sda5 601M 1001M 9.7G 601M 591M 2.9G 32M 136M 32M 32M 212M 450M 569M 865M 9.7G 569M 350M 2.5G 5% 14% 0% 5% 38% 15% /home /opt /tftpboot /tmp /usr /var erase config To erase the configuration in flash memory and reload the software, use the erase config command. erase config Syntax Description This command has no arguments or keywords.
Appendix B Command Reference Privilege Level 15 Commands Do you want to continue?[no]:yes firewall To implement port filtering on the WLSE, use the firewall command. firewall eth <0-5> [public | private] | [icmp telnet ssh snmp https 1741] Syntax Description eth <0-5> Port to be configured. Acceptable values are eth0-5. public Denies access via ICMP, Telnet, SNMP, and the HTTP 1741 port. private Denies no access. icmp Denies Internet Control Message Protocol (ICMP) ping messages.
Appendix B Command Reference Privilege Level 15 Commands • Ethernet 1 port is connected to an internal LAN or VLAN, and is configured to be accessible via any of the supported protocols by entering the following command: firewall eth1 private An on-site user has full access to the WLSE, but an external user can only access it using a secure connection. gethostbyname Use the gethostbyname command to display the IP address of a known domain name.
Appendix B Command Reference Privilege Level 15 Commands Example The following example changes the hostname to sandbox: hostname sandbox import To import host files, or to map IP addresses to hostnames, use the import command: import {host hostname ipaddress} | {hosts ftp-host username password path} no import {host hostname ipaddress} | {hosts} Syntax Description host Maps one IP address to a hostname. hostname Hostname to map IP address to. hosts Imports host files from ftp accessible host.
Appendix B Command Reference Privilege Level 15 Commands no import host hostname ipaddress To remove an imported host file, use the no version of the import command as follows: no import hosts Example This command imports host files from the ftp accessible server ftpserver_1. Ftpserver_1 has the username admin, the password pass, and the path /ftpserver_1/hosts.
Appendix B Command Reference Privilege Level 15 Commands Example The following command configures the Wireless LAN Solution Engine to use http://209.165.200.22, with port 9851, as a repository: install configure URL http://209.165.200.224:9851 Related Commands install update install list install list To list software updates and images currently available on the configured repository, use the install list command.
Appendix B Command Reference Privilege Level 15 Commands Example Enter the following command to display a list of all available software updates and images on a configured repository: install list all Name Version Requires EX-1.02 1.02 HSE-1.0 EX-1.1aR 1.1aR HSE-1.1 EX-1.1a 1.1a HSE-1.1 EX-1.0a 1.0a HSE-1.0 EX-1.0aR 1.0aR HSE-1.0 EX-1.0-ROB 1.0 HSE-1.0 EX-1.0 1.0 HSE-1.0 Type UPDATE UPDATE UPDATE UPDATE UPDATE COMPLETE COMPLETE Summary Hosting Hosting Hosting Hosting Hosting Hosting Hosting Solution...
Appendix B Command Reference Privilege Level 15 Commands Related Commands install configure install list interface To configure an Ethernet interface, use the interface command. interface eth<0-5> {[up | down] | ipaddress netmask [default-gateway address] [up | down]} Syntax Description eth<0-5> Name of the interface port to be configured. Acceptable values are eth0-5. up Enables the interface (the default).
Appendix B Command Reference Privilege Level 15 Commands Usage Guidelines Use the interface command to configure an Ethernet interface. If you change the IP address or hostname, follow these steps to ensure that applications using the system can connect to it correctly: Step 1 Stop and restart management services by entering: # services stop # services start Step 2 Verify that management applications that use the system can still connect to it.
Appendix B Command Reference Privilege Level 15 Commands Usage Guidelines Use this command to define a default domain name. A default domain name allows the system to resolve any unqualified host names. Any IP hostname that does not contain a domain name will have the configured domain name appended to it. If you are using a DNS server, this appended name is resolved by the DNS server, and then added to the host table. Example This command defines the default domain name cisco.com: ip domain-name cisco.
Appendix B Command Reference Privilege Level 15 Commands If you attempt to configure a fourth name server, the following error message appears: # Name-server table is full. The system must have a functional DNS server configured to function correctly. If it does not, in most cases it will not correctly process requests from management applications that use it.
Appendix B Command Reference Privilege Level 15 Commands ex1_06042001_170640: ex1_06052001_124543: ex1_06052001_155148: ex1_06202001_145704: Hostname: Hostname: Hostname: Hostname: ex1 ex1 ex1 ex1 Date: Date: Date: Date: 06042001 06052001 06052001 06202001 time: time: time: time: 1700 1243 1558 1454 Related Commands backup backupconfig restore show backupconfig mail To debug and test email settings, use the mail command.
Appendix B Command Reference Privilege Level 15 Commands Note You must end the mail message with a period (.) on a line by itself. mailcntrl clear To delete the maillog, sendqueue, or userqueue, use the mailcntrl clear command. mailcntrl clear {log | sendqueue | userqueue} Syntax Description log Clears the WLSE’s email log. sendqueue Clears the WLSE’s sendqueue. userqueue Clears the WLSE’s userqueue. Example The following command clears the WLSE’s email log.
Appendix B Command Reference Privilege Level 15 Commands userqueuesize Size of the userqueue. Example The following command displays the size of the WLSE’s email log. mailcntrl list logsize Mail log files total size: 4.0k Related Commands mailcntrl clear mailroute To forward email to a specified SMTP server, use the mailroute command to specify the server. If no server is specified, the WLSE will use DNS to resolve the correct email server in your local domain.
Appendix B Command Reference Privilege Level 15 Commands Syntax Description dns-name Device name of a host on the network. ip-address IP address of a host on the network. Example The following command translates the device name hostname to its IP address: nslookup hostname Server: dns.ex1.com Address: 209.165.200.224 Name: ex1.com Address: 209.165.201.0 ntp server To configure the Network Time Protocol (NTP) and allow the system clock to be synchronized by a time server, use the ntp server command.
Appendix B Command Reference Privilege Level 15 Commands # 19 Jan 00:43:48 ntpdate[1437]: step time server 209.165.200.224 offset 999.257304 • If no NTP server with the name or IP address you specified exists, a message similar to the following appears: # 19 Jan 00:43:40 ntpdate[1431]: no server suitable for synchronization found In this case, remove the NTP server by using the no form of the command, then configure a valid NTP server.
Appendix B Command Reference Privilege Level 15 Commands This command configures the system to stop using the NTP server: no ntp server 209.165.201.0 Related Commands clock reload To reboot the system, use the reload command. reload Syntax Description This command has no arguments or keywords. Usage Guidelines Use the reload command to reboot the system. You are prompted to verify the reload. Enter yes to confirm or no to cancel the reload.
Appendix B Command Reference Privilege Level 15 Commands reinitdb To reinitialize the database, use the reinitdb command. reinitdb Syntax Description This command has no arguments or keywords. Usage Guidelines The reinitdb command reinitializes the database. This erases all information contained within the database. Example This command reinitializes the database: reinitdb repository To configure the Wireless LAN Solution Engine to be a repository server, use the repository command.
Appendix B Command Reference Privilege Level 15 Commands Usage Guidelines The repository command allows the Wireless LAN Solution Engine to be a repository both for itself and for external systems. A repository is a remote or local server from where a system can receive software updates and images. The repository command only configures the Wireless LAN Solution Engine to be a repository.
Appendix B Command Reference Privilege Level 15 Commands Usage Guidelines The repository add command transfers software updates and images from a remote server to the Wireless LAN Solution Engine’s local repository. You will be prompted to enter a username and password if they are needed to access the remote server. Example To transfer the update EX_2.0 from an update server to the local repository, enter the following command: repository add ex_2.
Appendix B Command Reference Privilege Level 15 Commands Usage Guidelines The repository delete command deletes software updates and images on the Wireless LAN Solution Engine’s local repository. A repository is a remote or local server from where a system can receive software updates and images. Example The following command deletes the update EX_2.0 from the local repository: repository delete EX_2.
Appendix B Command Reference Privilege Level 15 Commands Example To list the software updates and images available on the configured local repository, with details and one page at a time, enter the following command: repository list local detail page Related Commands repository repository add repository delete repository server repository server To start, stop, or view the status of the Wireless LAN Solution Engine’s local repository, use the repository server command.
Appendix B Command Reference Privilege Level 15 Commands Related Commands repository repository add repository delete repository list restore Use the restore command to restore a backed up configuration of the WLSE. restore restore name Syntax Description restore name Name of backup to be used to restore the WLSE. Usage Guidelines To restore a configuration, use the restore command.
Appendix B Command Reference Privilege Level 15 Commands route To add a route through a gateway device, use the route command. To delete a route, use the no version of the command. route {network address} netmask {network netmask} gateway {gateway address} no route {network address} netmask {network netmask} Syntax Description netmask Sets value of the network netmask. gateway Sets the IP address of the router or gateway. network address IP address of the network.
Appendix B Command Reference Privilege Level 15 Commands Syntax Description status Displays the management services status. start Starts the management services. stop Stops the management services. Usage Guidelines Use this command to start, stop, or view status of the management services running on the system. Management services are the software installed on the system by network management applications.
Appendix B Command Reference Privilege Level 15 Commands Related Commands show process show anilog To display the Wireless LAN Solution Engine’s ANI log, use the show anilog command. show anilog [page] | include MatchString1 [MatchString2] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.
Appendix B Command Reference Privilege Level 15 Commands 2001/12/20 17:43:39 HSEStatusPoll ani MESSAGE DBConnection: Created new Database connection [hashCode = 396959623] 2001/12/20 19:43:39 HSEStatusPoll ani MESSAGE DBConnection: Created new Database --More-- show auth-cli To display the type of authentication used for secure CLI access, use the show auth-cli command. show auth-cli Syntax Description This command has no arguments or keywords.
Appendix B Command Reference Privilege Level 15 Commands Example This command and response shows that the WLSE’s local authentication is being used for the CLI: show auth-http local show backupconfig The show backupconfig command displays the current backup and restore configuration. show backupconfig Syntax Description This command has no arguments or keywords. Usage Guidelines To display the current backup and restore configuration, use the show backupconfig command.
Appendix B Command Reference Privilege Level 15 Commands show bootlog To display the messages logged during the last system boot, use the show bootlog command. show bootlog [page] Syntax Description page Displays command output one screen at a time. Press the return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt. Example This command displays the messages logged during the last system boot: show bootlog page Linux/UID32 version 2.2.16-13bipsec.
Appendix B Command Reference Privilege Level 15 Commands Related Commands reload clock show cdp neighbor To display the WLSE’s nearest neighbor on the network, use the show cdp neighbor command. show cdp neighbor Syntax Description This command has no arguments or keywords. Example This command shows the nearest neighbor on the network. show cdp neighbor cdp neighbor device: Switch device type: cisco WS-C2924-XL port: FastEthernet0/12 address: 209.165.201.
Appendix B Command Reference Privilege Level 15 Commands Example This command displays the CDP configuration: show cdp run CDP protocol is enabled ... broadcasting interval is every 60 seconds. time-to-live of cdp packets is 180 seconds. CDP is enabled on port eth0. show collectorlog To display the Wireless LAN Solution Engine’s collector log, use the show collectorlog command.
Appendix B Command Reference Privilege Level 15 Commands n=15, max=48, maxIdleSecs=0 2001/12/20 13:43:29 main HSECollector MESSAGE ServletServiceModule: Moxie Servle t Engine is ready to receive requests 2001/12/20 13:43:30 PeriodicSchedulerRun:FaultCleanup HSECollector MESSAGE Colle ctorDBUtils: DB.TableCleanupCommand=[VACUUM ] 2001/12/20 13:43:30 PeriodicSchedulerRun:FaultCleanup HSECollector MESSAGE Colle ctorDBUtils: DB.
Appendix B Command Reference Privilege Level 15 Commands show daemonslog To display the Wireless LAN Solution Engine’s daemons log, use the show daemonslog command. show daemonslog [page] | include matchstring1 [matchstring2] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.
Appendix B Command Reference Privilege Level 15 Commands NMSROOT=/opt/CSCOets export NMSROOT fi cd $NMSROOT --More-- show dmgtdlog To display the Wireless LAN Solution Engine’s daemon manager log, use the show dmgtdlog command. show dmgtdlog [page] | include matchstring1 [matchstring2] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.
Appendix B Command Reference Privilege Level 15 Commands show webaccesslog To display the Wireless LAN Solution Engine’s Web access log, use the show webaccesslog command. show webaccesslog [page] | include matchstring1 [matchstring2] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.
Appendix B Command Reference Privilege Level 15 Commands show weberrorlog To display the Wireless LAN Solution Engine’s Web error log, use the show weberrorlog command. show weberrorlog [page] | include matchstring1 [matchstring2] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.
Appendix B Command Reference Privilege Level 15 Commands show websslaccesslog To display the Wireless LAN Solution Engine’s Web SSL log, use the show websslaccesslog command. show websslaccesslog [page] | include matchstring1 [matchstring2] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.
Appendix B Command Reference Privilege Level 15 Commands Example This command displays the imported host file show import ftpserver_1 show install logs To display the software updates and images available on the configured repository, use the show install logs command.
Appendix B Command Reference Privilege Level 15 Commands Syntax Description eth<0-5> Name of the interface port to be configured. Acceptable values are eth0-5. Example The following command displays the IP chains for the ethernet 0 interface: show ipchains eth0 Chain ineth0 (1 references): target prot opt source ports ACCEPT tcp -y--l- anywhere ACCEPT tcp ------ anywhere ACCEPT tcp ------ anywhere ACCEPT tcp -y--l- anywhere destination ex.help ex.help ex.help ex.
Appendix B Command Reference Privilege Level 15 Commands show maillog To display the Wireless LAN Solution Engine’s mail log, use the show maillog command. show maillog [page] | include matchstring1 [matchstring2] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt.
Appendix B Command Reference Privilege Level 15 Commands Syntax Description page Displays command output one screen at a time.
Appendix B Command Reference Privilege Level 15 Commands page Displays command output one screen at a time. Example This command displays the status of the configured repository: show repository status Repository Source: 171.69.212.146:9851 repository is running. show route To display the routes currently configured, use the show route command. show route Syntax Description This command has no arguments or keywords.
Appendix B Command Reference Privilege Level 15 Commands Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt. include Filters the command output to display only the records that contain the specified string of characters. matchstring1 String of characters to search for in the command output.
Appendix B Command Reference Privilege Level 15 Commands show snmp-server To display the Wireless LAN Solution Engine’s SNMP configuration, use the show snmp-server command. show snmp-server Syntax Description This command has no arguments or keywords.
Appendix B Command Reference Privilege Level 15 Commands show syslog To display syslog information, use the show syslog command. show syslog [page] [include matchstring1 [matchstring2]] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt. include Filters the command output to display only the records that contain the specified string of characters.
Appendix B Command Reference Privilege Level 15 Commands show tech To display information necessary for Cisco’s Technical Assistance Center to assist you, use the show tech command. show tech [page] Syntax Description page Displays command output one screen at a time. Press the Return key to display the next output screen. Press Ctrl-c to exit paged output and return to the command prompt. Example This command displays system information necessary for Cisco’s Technical Assistance Center to assist you.
Appendix B Command Reference Privilege Level 15 Commands Syntax Description This command has no arguments or keywords. Example The following command shows if Telnet is enabled or disabled: show telnetenable telnet enable for: ALL show tomcatlog To display the Wireless LAN Solution Engine’s Tomcat log, use the show tomcatlog command. show tomcatlog [page] | include matchstring1 [matchstring2] Syntax Description page Displays command output one screen at a time.
Appendix B Command Reference Privilege Level 15 Commands java.lang.NullPointerException at java.io.Reader.(Reader.java:68) at java.io.InputStreamReader.(InputStreamReader.java:96) --More-- shutdown To shut down the system in preparation for powering it off, use the shutdown command. shutdown Syntax Description This command has no arguments or keywords. Usage Guidelines Use this command to shut down the WLSE in preparation for powering it off.
Appendix B Command Reference Privilege Level 15 Commands snmp-server To configure a simple network management protocol (SNMP) agent, use the snmp-server command. snmp-server {community community-name [RO|RW] | location sysLocation-info | contact sysContact-info} no snmp-server {community community-name | location | contact} Syntax Description community sets the community strings that permit access to the SNMP. community-name the community name string. RO read only. RW read / write.
Appendix B Command Reference Privilege Level 15 Commands Syntax Description options Standard SSH options. For a list of these options, enter the ssh command without any arguments. host Name or IP address of host to which to connect. command Command for the external host to execute. Example Enter the following command to connect to an external host using SSH: ssh 209.165.200.224 ssh-version Use the ssh-version command to enable Secure Shell (SSH) 1, SSH 2, or both SSH 1 and SSH 2.
Appendix B Command Reference Privilege Level 15 Commands Syntax Description hostname Hostname of the external device. ip-address IP address of the external device. portnumber portnumber of the external device. Example Enter the following command to telnet to port 9851 of a system with the IP address 209.165.200.224: telnet 209.165.200.224 9851 telnetenable To configure Telnet access, use the telnetenable command.
Appendix B Command Reference Privilege Level 15 Commands Usage Guidelines To enable Telnet access to the system for all IP source addresses, use the telnetenable enable command alone. To enable specific IP addresses, use the telnetenable enable command followed by the IP addresses. Example This command enables Telnet for all IP source addresses: telnetenable enable username To create a new user account or change an account’s properties, use the username command.
Appendix B Command Reference Maintenance Image Commands Usage Guidelines Use the username command to change the properties of a user account. To assign a user CLI privilege level 15, use the username command. You cannot assign CLI privilege level 15 through the Web interface. Use the no form of the command to remove a user account. The default privilege level is 0 if you do not provide the privilege option.
Appendix B Command Reference Maintenance Image Commands fsck To check and repair the filesystem, use the fsck command. fsck Syntax Description This command has no arguments or keywords. Usage Guidelines Use the fsck command to check and repair the filesystem. The command might prompt you for confirmation before making certain repairs. Example The following command checks and repairs the filesystem: fsck reload This command is identical to the level 15 reload command.
G L O S S A RY A AAA Authentication, Authorization, and Accounting. The WLSE monitors LEAP, EAP-MD5 and RADIUS AAA services provided by AAA servers running CiscoSecure ACS Server software. See also EAP-MD5 server, LEAP server, and RADIUS. access point Access points are wireless LAN transceivers that serve as the center point of a standalone wireless network or as the connection point between wireless and wired networks.
Glossary C CDP Cisco Discovery Protocol. Media- and protocol-independent device-discovery protocol that runs on all Cisco-manufactured equipment, including routers, access servers, bridges, and switches. Using Cisco Discovery Protocol, a device can advertise its existence to other devices and receive information about other devices on the same LAN or on the remote side of a WAN. Runs on all media that support SNAP, including LANs, Frame Relay, and ATM media.
Glossary DNS Domain Name System. An Internet service that translates domain names into IP addresses. Domain names are a clear way of representing an Internet address. The Internet, however, is actually based on IP addresses. For example, the URL http //www.website.com might actually point to the IP address http //123.456.789.0.
Glossary I ICMP Internet Control Message Protocol. Network layer Internet protocol that reports errors and provides other information relevant to IP packet processing. L LEAP server Light EAP server, which combines centralized two-way authentication with dynamically generated wireless equivalent privacy keys or WEP keys. See also AAA and WEP keys. M MIC Media Interface Connector. FDDI de facto standard connector. MOK A type of modulation used before the IEEE finished high-speed 802.
Glossary P ping A common method for troubleshooting the accessibility of devices. A ping tests an ICMP echo message and its reply. Because ping is the simplest test for a device, it is the first to be used. If ping fails, try using traceroute. Run ping to view the packets transmitted, packets received, percentage of packet loss, and round-trip time in milliseconds. PSPF Publicly Secure Packet Forwarding.
Glossary S seed A CDP-enabled device used as a starting point for discovery. For example, by adding a seed device (or set of seed devices), the neighbors of the seed device are discovered using CDP. SMTP Simple Mail Transfer Protocol. Internet protocol providing e-mail services. SNMP Simple Network Management Protocol. Network management protocol used almost exclusively in TCP/IP networks.
Glossary T TACACS+ Terminal Access Controller Access Control System Plus. Proprietary Cisco enhancement to Terminal Access Controller Access Control System (TACACS). Provides additional support for authentication, authorization, and accounting. TCP Transmission Control Protocol. Connection-oriented transport layer protocol that provides reliable full-duplex data transmission. TCP is part of the TCP/IP protocol stack. TFTP Trivial File Transfer Protocol.
Glossary V VLAN Virtual LAN. Group of devices on one or more LANs that are configured (using management software) so that they can communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible. VLAN ID Virtual Local Area Network identification used by the standard 802.1Q. Being on 12 bits, it allows the identification of 4096 VLANs.
I N D EX Numerics AP and bridge connected to switch report, displaying 5-46 11a radio, configuring 3-73 configuring 3-1 current client association report, displaying 5-29 advanced 3-81 data encryption 3-89 definition GL-1 filters 3-75 detailed report, displaying 5-26 hardware 3-76 Ethernet transmission statistics, displaying 5-58 identification 3-73 searched channels 3-88 Ethertype protocol filters report, displaying 5-32 11b radio, configuring 3-56 advanced 3-66 faults, displaying 2-2 filter
Index performance graph, displaying 5-60 performance table, displaying 5-61 AP Ethertype protocol filters report, displaying 5-32 per VLAN client (group) report, displaying 5-20 AP IP port filters report, displaying 5-35 per VLAN client (individual) report, displaying 5-43 AP policy report, displaying 5-36 policy report, displaying 5-36 policy settings 2-7 QBSS QoS report, displaying 5-38 RF transmission statistics, displaying 5-56 setting up 6-12 SSID report, displaying 5-40 summary report, displayi
Index troubleshooting 8-14 Ethernet transmission statistics 5-58 auto-managed configuration 3-154 firmware, updating 4-1 assigning 3-156 group performance report options for email 3-157 Ethernet utilization, displaying 5-53 Auto-Manage devices 6-18 RF utilization, displaying 5-51 automatic configurations, creating 3-151 group policy report, displaying 5-21 group report, displaying 5-12 group security report, displaying 5-14 B group SSID report, displaying 5-16 backing up and restoring WLSE co
Index losing data by clicking between subtabs 3-138, 4-10 reload command B-39 shutdown command, failure to run B-70 significance of xiv CDP (Cisco Discovery Protocol) configuring B-20, B-52 definition GL-2 neighbors, displaying B-52 template 3-112 use in discovery 6-11 using B-2 CLI commands conventions B-2 use of quotes B-2 client current association report, displaying 5-29 detail report, displaying 5-6 historical association report, displaying 5-9 inventory of associations 6-24 per VLAN (group) report,
Index show clock B-11 route B-46 show domain-name B-12 services B-46 show interfaces B-13 show auth-cli B-49 show process B-13 show auth-http B-49 show version B-14 show backupconfig B-50 traceroute B-15 show bootlog B-51 Privilege Level 15 commands B-17 show cdp-neighbor B-52 auth B-17 show cdp-run B-52 backup B-18 show config B-54 backupconfig B-19 show import B-59 cdp B-20 show route B-64 clock B-21 show ssh-version B-66 erase config B-23 show syslog B-67 firewall B-24 show te
Index displaying B-54 current client association 5-29 restoring 6-61, B-45 detailed 5-26 configuration history, viewing device’s 5-1 EAP authentication 5-30 configuring devices group 5-12 configuration jobs 3-137 group policy report 5-21 devices, setting up for discovery 6-12 group security 5-14 firmware, updating 4-1 group SSID 5-16 templates, using 3-1 group VLAN 5-18 troubleshooting 8-3 per VLAN (group) client report 5-20 connectivity, testing 6-72 per VLAN client (individual) report
Index synchronizing to a time server 6-70, B-37 deleting from CiscoWorks2000 6-30 from file 6-29 devices 6-3 limitation on number of wireless devices 6-4 groups 6-43 management history 6-5 users 6-80, B-74 managing 6-2 detailed report, displaying 5-26 newly discovered 6-3 device center 5-1 setting up 6-12 Device Credentials option 6-6 unmanaged 6-3 Device History option 6-5 device names diagnostics, WLSE processes, viewing 6-68 displaying 6-18 self-test 6-65 translating to IP addresses B-
Index seed devices 6-20 definition GL-3 troubleshooting 8-13 setting up 6-16 disk summary report, displaying 5-49 checking and repairing B-76 usage, viewing B-22 DNS email automatic configuration results 3-157 faults 2-23 configuring 3-113 forwarding B-36 definition GL-3 logs and queues B-35, B-62 name servers, specifying 6-71, B-32 mail server, specifying 6-71 reverse lookup 1-5 notification settings 2-23 effect on device name display 6-18 report 5-66 specifying 6-18 scheduling 5-68 do
Index exporting firewall command B-24 firmware devices 6-31 reports 5-66 history, viewing device’s 5-1 templates 3-137 updating 4-1 express template, using 3-3 fsck command B-76 FTP, configuring 3-114 F fault history truncation interval, setting 6-73 faults G gateway, specifying B-30 displaying 2-1 gethostbyname command B-25 emailing 2-23 getting started with WLSE 1-1 exception, definition of GL-3 group performance report faults log (WLSE), displaying 6-46 Ethernet utilization 5-53 notifi
Index SSID report, displaying 5-16 changing system hostname B-25 system-defined 6-37 translating to IP addresses B-36 top number of associations report, displaying 5-54 hostname command B-25 top percentage errors report, displaying 5-55 HTTP hot standby, configuring 3-109 VLAN report, displaying 5-18 definition GL-3 GUI setting on access points 6-12 About button 1-4 template 3-116 buttons 1-4 username and password for access points, specifying 6-9 device name display 1-5 display of sysName
Index of selected devices 6-25 viewing status 3-144 performance attributes polling interval, setting 6-73 jobs, email 5-68 jobs, firmware performance inventory 6-24 creating 4-10, 4-18 polling interval, setting 6-73 deleting 4-22 resetting the polling interval 6-73 editing 4-10, 4-21 scheduled 6-24 filtering 4-21 IP addresses job run details 4-22 displaying 6-18, B-25 managing 4-9 in UI, display of 1-5 naming guidelines A-1 mapping to hostnames B-26 troubleshooting 8-8 translating to ho
Index splash screen, adding a message 6-69 mailroute command B-36 to WLSE 1-7 mail server, specifying 6-71 troubleshooting 8-14 maintenance image, CLI commands for B-75 logging out Manage/Unmanage option 6-2 CLI command for B-10 Managed Devices option 6-2 from the WLSE 1-6 Manage Roles option 6-75 logs, displaying Manage Users option 6-77 bootlog B-51 collector log B-53 daemon manager log 6-45, B-56 N daemons log 6-45, B-55 name servers, specifying 6-71, B-32 email logs B-62 naming guide
Index filtering, configuring B-24 P processes, displaying 6-66, B-13, B-62 parameters, system 6-73 profiles, managing 2-7 passwords assigning 2-10 changing your password 6-80 copying 2-8 EAP-MD5 server 6-36 creating 2-8 HTTP 6-9 deleting 2-10 LEAP server 6-33 editing 2-9 RADIUS server 6-35 renaming 2-9 WLSE users 6-77 viewing devices for 2-11 performance inventory 6-24 Q parameters for data collection 6-73 performance graph, displaying for access points and bridges 5-60 quality of serv
Index filters 3-59 browsing 6-53 hardware 3-60 creating identification 3-56 local 6-50, B-40 searched channels 3-71 remote 6-51, B-27 RADIUS definition GL-5 authentication module 6-57 listing images and updates B-28, B-43 definition GL-5 local RADIUS server deleting software from B-42 adding 6-35 status B-44 EAP authentication report, displaying 5-30 transferring software to B-41 setting response time 2-7 setting up 6-16 summary report, displaying 5-49 reader comment form, submitting el
Index routes definition GL-6 server adding B-46 response time graph, displaying 5-65 displaying B-15, B-64 routing, configuring 3-111 security, configuring 3-97 Run Discovery Now option 6-22 setting response time 2-7 summary report, displaying 5-49 services, configuring S accounting 3-119 CDP 3-112 scheduling configuration jobs 3-138 console/Telnet 3-107 discovery 6-20 DNS 3-113 email 5-68 FTP 3-114 firmware jobs 4-18 hot standby 3-109 HTTP 3-116 security routing 3-111 authentication en
Index show config command B-54 software, on devices show domain-name command B-12 firmware, managing 4-1 show import command B-59 groups for 6-37 show interfaces command B-13 software, on WLSE show process command B-13 browsing the repository 6-53 show route command B-64 deleting images from local repository B-42 show ssh-version command B-66 installation log, displaying 6-46, B-60 show syslog command B-67 listing images B-43 show tech command B-68 local repository, creating 6-50, B-27, B-
Index SSID sysName, display of 6-18 system definition GL-6 configuration report, displaying 5-40 system-defined groups for 6-37 displaying B-54 SSL erasing B-23 certificate, obtaining 6-58 gateway, specifying B-30 definition GL-6 hostname, changing B-25 log, displaying 6-46, B-59 interfaces, configuring B-30 managing 6-58 rebooting 6-47, B-39 startup configuration shutdown B-70 assigning 3-151 SNMP, configuration B-71 creating a template for 3-153 SNMP configuration B-66 start-up sett
Index Technical Assistance Center (see TAC) xvii browser time, setting 6-69 technical support xvi display on WLSE 1-5 through Cisco.
Index group performance report, Ethernet utilization 5-53 creating 6-77, B-74 group performance report, RF utilization 5-51 last 10 logged in users.
Index W Web access log, displaying 6-46, B-57 Web error log, displaying 6-46, B-58 Web SSL log, displaying B-59 WEP keys, definition GL-8 wireless client polling, setting 6-73 wireless client reports, displaying 5-6 client detail 5-6 client historical association 5-9 client statistics 5-8 World Wide Web contacting TAC via xviii obtaining Cisco documentation via xv User Guide for the CiscoWorks 1105 Wireless LAN Solution Engine IN-20 78-14947-01
