User's Manual
Table Of Contents
- Chapter 1 Introduction
- Chapter 2 Mesh Point CLI and Administrative Access
- Chapter 3 Networking and Radio Configuration
- 3.1 Network Interfaces
- 3.2 Network Bridging
- 3.2.1 Bridging Configuration
- 3.2.2 FastPath Mesh Bridging
- 3.2.3 Fine-tuning FastPath Mesh Network Performance
- 3.2.3.1 Selecting the FastPath Mesh Multicast Transmit Mode
- 3.2.3.2 Setting the FastPath Mesh Packet Interval
- 3.2.3.3 Setting the FastPath Mesh Transmit Control Level
- 3.2.3.4 Setting Multicast Video Clamping Thresholds
- 3.2.3.5 Setting Mesh Routing Reactivity
- 3.2.3.6 Setting Mesh Packet Time To Live
- 3.2.3.7 Viewing Current Mesh Performance Parameters
- 3.2.3.8 Frame Processor Parameters
- 3.2.4 STP Bridging
- 3.3 Global Radio Settings
- 3.4 Individual Radio Settings
- 3.4.1 Radio Band, Short Preamble, Guard Interval
- 3.4.2 Channel Selection
- 3.4.3 Distance, Beacon Interval, Noise Immunity
- 3.4.4 Network Type, Antenna Gain, Tx Power
- 3.4.5 MIMO
- 3.4.6 STBC
- 3.4.7 Channel Lock and Other Channel Selection Features
- 3.4.8 DFS, TDWR, and Channel Exclusion
- 3.4.9 Radio BSS Settings
- 3.4.9.1 BSS Radio, BSS Name and SSID
- 3.4.9.2 WDS Bridging or AP Infrastructure Configuration
- 3.4.9.3 BSS State, SSID Advertising and Drop Probe Requests
- 3.4.9.4 BSS STA Idle Timeout and 802.11g-Only Settings
- 3.4.9.5 BSS Unicast Transmission Rate Settings
- 3.4.9.6 BSS WMM QoS Setting
- 3.4.9.7 BSS Fragmentation and RTS Thresholds
- 3.4.9.8 BSS DTIM Beacon Countdown
- 3.4.9.9 BSS VLANs Settings
- 3.4.9.10 BSS Fortress Security Zone
- 3.4.9.11 FastPath Mesh BSS Cost Offset
- 3.4.9.12 BSS Multicast Settings
- 3.4.9.13 Bridging MTU and Beacon Encryption
- 3.4.9.14 BSS Description
- 3.4.9.15 BSS Wi-Fi Security Configuration
- 3.4.10 Antenna Tracking / Rate Monitoring
- 3.4.11 ES210 Mesh Point STA Settings and Operation
- 3.4.11.1 STA Radio, Name, SSID and SSID Roaming
- 3.4.11.2 STA State
- 3.4.11.3 STA Unicast Transmission Rate Settings
- 3.4.11.4 STA Background Scanning
- 3.4.11.5 STA WMM QoS Setting
- 3.4.11.6 STA Fragmentation and RTS Thresholds
- 3.4.11.7 STA Multicast Rate
- 3.4.11.8 STA Description
- 3.4.11.9 STA Wi-Fi Security Configuration
- 3.4.11.10 Editing or Deleting a STA Interface Connection
- 3.4.11.11 Establishing a STA Interface Connection
- 3.4.11.12 ES210 Station Access Control Lists
- 3.5 Local Area Network Configuration
- 3.6 Time and Location Configuration
- 3.7 GPS and Location Configuration
- 3.8 DHCP and DNS Services
- 3.9 Ethernet Interfaces
- 3.10 Quality of Service
- 3.11 VLANs Implementation
- 3.12 ES210 Mesh Point Serial Port Settings
- 3.13 Mesh Viewer Protocol Settings
- Chapter 4 Network Security, Authentication and Auditing
- 4.1 Fortress Security Settings
- 4.1.1 Operating Mode
- 4.1.2 FIPS Settings
- 4.1.3 MSP Encryption Algorithm
- 4.1.4 Encrypted Data Compression
- 4.1.5 MSP Key Establishment
- 4.1.6 MSP Re-Key Interval
- 4.1.7 Key Beacon Interval
- 4.1.8 Fortress Legacy Devices
- 4.1.9 Encrypted Zone Cleartext Traffic
- 4.1.10 Encrypted Zone Management Settings
- 4.1.11 Authorized Wireless Client Management Settings
- 4.1.12 Turning Mesh Point GUI Access Off and On
- 4.1.13 SSH Access to the Mesh Point CLI
- 4.1.14 Blackout Mode
- 4.1.15 Allow Cached Credentials
- 4.1.16 Fortress Access ID
- 4.2 Digital Certificates
- 4.3 Access Control Entries
- 4.4 Internet Protocol Security
- 4.5 Authentication and Timeouts
- 4.5.1 Authentication Servers
- 4.5.2 Internal Authentication Server
- 4.5.2.1 Basic Internal Authentication Server Settings
- 4.5.2.2 Certificate Authority Settings
- 4.5.2.3 Global User and Device Authentication Settings
- 4.5.2.4 Local 802.1X Authentication Settings
- 4.5.2.5 OCSP Authentication Server Settings
- 4.5.2.6 OCSP Cache Settings and Management
- 4.5.2.7 Internal Authentication Server Access Control Lists
- 4.5.3 User Authentication
- 4.5.4 Client Device Authentication
- 4.5.5 Session Idle Timeouts
- 4.6 ACLs and Cleartext Devices
- 4.7 Remote Audit Logging
- 4.8 Wireless Schedules
- 4.1 Fortress Security Settings
- Chapter 5 System Options, Maintenance and Licensing
- Chapter 6 System and Network Monitoring
- Index
- Glossary
Fortress ES-Series CLI Guide: Networking and Radio Configuration
91
View the current configuration of the Mesh Point’s Ethernet
interfaces (followed by status information and statistics not
shown in this example) with
show interface. The output for
this command varies based on the number and type of
interfaces on the Mesh Point (refer to Table 1.1 on page 3):
# show interface
[CONFIGURED INFO]
Switching UCost Enable Traffic
Name Mode VlanId Mode Duplex Speed 8021x Zone MeshIf Offset MeshEncap QoS Class
--------- ------- ------ --------- ------ ----- ----- --------- ------ ------ --------- ------ -------
Ethernet1 enabled 1 access auto auto N encrypted access 0 N N low
Ethernet2 enabled 1 access auto auto N clear access 0 N N low
[STATUS INFO]
Name Link Duplex Speed Collisions
--------- ---- ------ ----- ----------
Ethernet1 down half 10 0
Ethernet2 up full 100 0
[STATISTIC INFO]
Name Type State InBytes InPackets InErrTotal OutBytes OutPackets OutErrTotal
--------- ------- -------------- ---------- --------- ---------- ---------- ---------- -----------
Ethernet1 wired disabled 0 0 0 0 0 0
Ethernet2 wired forwarding_all 70804 1079 40 32816 587 0
The Name of the interface cannot be changed, and correlates to
the hardware port. Refer to Table 3.9 to find the appropriate
port name. Use it (with the
-name switch) to identify the
interface you want to configure with
set interface:
# set interface -name <
InterfaceName>
Mode[enabled] (enabled|disabled to set administrative mode):
Zone[clear] (clear|encrypted):
MeshIf[access] (core|access(default) to make interface Mesh Net or not (e.g. Access)):
UCostOffset[100] (user-defined offset used in computing interface cost [0..4294967295], default is 0)
MeshEncap[N] (Y|N to enable|disable Mesh encapsulation on Mesh core interface):
VlanId[1] (Vlan ID for untagged PDUs [1..4094]):
SwitchingMode[access] (trunk|access to set switching mode):
AllowAll[Y] (Y|N to allow all VLANs in trunk interface):
Table (list of active VLAN IDs when allow all is disabled):
8021x[N] (Y|N to enable or disable IEEE 802.1X port authentication):
RadiusRetryInterval[0] (maximum interval in seconds before primary RADIUS server is tried again):
ReauthInterval[3600] (EAPOL reauthentication interval in seconds):
PSE[disable] (enable|disable to enable or disable PoE PSE):
AutoNegotiation[N] (Y|N for auto negotiation):
EnableQoS[N] (Y|N to enforce traffic class priority, override 802.1p):
TrafficClass[low] (low|medium|high|critical to set traffic class priority):
DuplexMode (half|full):
SpeedValue (10|100 to set speed when autoNegotiation is off):
Mode enables/disables the port itself. Ports are enabled by
default).
Zone places the port in the Mesh Point’s
clear
or
encrypted
zone. Refer to Table 3.9 for the default clear/encrypted values
for each port.