User Guide
Table Of Contents
- Nortel WLAN Security Switch 2300 Series Configuration Guide
- Contents
- How to get Help
- Introducing the Nortel WLAN 2300 System
- Using the Command-Line Interface
- Configuring AAA for Administrative and Local Access
- Configuring and Managing Ports and VLANs
- Configuring and Managing Ports
- Configuring and Managing VLANs
- Managing the Layer 2 Forwarding Database
- Port and VLAN Configuration Scenario
- Configuring and Managing IP Interfaces and Services
- MTU Support
- Configuring and Managing IP Interfaces
- Configuring the System IP Address
- Configuring and Managing IP Routes
- Managing the Management Services
- Configuring and Managing DNS
- Configuring and Managing Aliases
- Configuring and Managing Time Parameters
- Setting the Time Zone
- Configuring the Summertime Period
- Statically Configuring the System Time and Date
- Displaying the Time and Date
- Configuring and Managing NTP
- Adding an NTP Server
- Removing an NTP Server
- Changing the NTP Update Interval
- Resetting the Update Interval to the Default
- Enabling the NTP Client
- Displaying NTP Information
- Managing the ARP Table
- Pinging Another Device
- Logging In to a Remote Device
- Tracing a Route
- IP Interfaces and Services Configuration Scenario
- Configuring SNMP
- Overview
- Configuring SNMP
- Displaying SNMP Information
- Configuring and Managing Mobility Domain Roaming
- Configuring User Encryption
- Configuring AP access points
- AP Overview
- Configuring AP access points
- Specifying the Country of Operation
- Configuring a Template for Automatic AP Configuration
- Configuring AP Port Parameters
- Configuring AP-WSS Security
- Configuring a Service Profile
- Configuring a Radio Profile
- Configuring Radio-Specific Parameters
- Mapping the Radio Profile to Service Profiles
- Assigning a Radio Profile and Enabling Radios
- Disabling or Reenabling Radios
- Displaying AP Information
- Displaying AP Configuration Information
- Displaying a List of Distributed APs
- Displaying a List of Distributed APs that Are Not Configured
- Displaying Connection Information for Distributed APs
- Displaying Service Profile Information
- Displaying Radio Profile Information
- Displaying AP Status Information
- Displaying AP Statistics Counters
- Configuring RF Auto-Tuning
- Wi-Fi Multimedia
- Configuring and Managing Spanning Tree Protocol
- Configuring and Managing IGMP Snooping
- Configuring and Managing Security ACLs
- About Security Access Control Lists
- Creating and Committing a Security ACL
- Mapping Security ACLs
- Modifying a Security ACL
- Using ACLs to Change CoS
- Enabling Prioritization for Legacy Voice over IP
- Security ACL Configuration Scenario
- Managing Keys and Certificates
- Why Use Keys and Certificates?
- About Keys and Certificates
- Creating Keys and Certificates
- Choosing the Appropriate Certificate Installation Method for Your Network
- Creating Public-Private Key Pairs
- Generating Self-Signed Certificates
- Installing a Key Pair and Certificate from a PKCS #12 Object File
- Creating a CSR and Installing a Certificate from a PKCS #7 Object File
- Installing a CA’s Own Certificate
- Displaying Certificate and Key Information
- Key and Certificate Configuration Scenarios
- Configuring AAA for Network Users
- About AAA for Network Users
- AAA Tools for Network Users
- Configuring 802.1X Authentication
- Configuring Authentication and Authorization by MAC Address
- Configuring Web-based AAA
- Configuring Last-Resort Access
- Configuring AAA for Users of Third-Party APs
- Assigning Authorization Attributes
- Overriding or Adding Attributes Locally with a Location Policy
- Configuring Accounting for Wireless Network Users
- Displaying the AAA Configuration
- Avoiding AAA Problems in Configuration Order
- Configuring a Mobility Profile
- Network User Configuration Scenarios
- Configuring Communication with RADIUS
- Managing 802.1X on the WSS Switch
- Managing Sessions
- Managing System Files
- Rogue Detection and Countermeasures
- About Rogues and RF Detection
- Summary of Rogue Detection Features
- Configuring Rogue Detection Lists
- Enabling Countermeasures
- Disabling or Reenabling Active Scan
- Enabling AP Signatures
- Disabling or Reenabling Logging of Rogues
- Enabling Rogue and Countermeasures Notifications
- IDS and DoS Alerts
- Displaying RF Detection Information
- Appendix A: Troubleshooting a WS Switch
- Fixing Common WSS Setup Problems
- Recovering the System Password
- Configuring and Managing the System Log
- Running Traces
- Using Show Commands
- Remotely Monitoring Traffic
- Capturing System Information for Technical Support
- Appendix B: Supported RADIUS Attributes
- Appendix C: Mobility Domain Traffic Ports
- Appendix D: DHCP Server
- Glossary
- Index
- Command Index
7
Nortel WLAN Security Switch 2300 Series Configuration Guide
If Licensee is a European Union resident, Licensee acknowledges that information necessary to achieve interoperability of
the Software with other programs is available upon request.
(c) Licensee may make a single copy of the Standalone Software and Documentation solely for its back-up purposes;
provided that any such copy is the exclusive property of Nortel and its suppliers and includes all copyright and other intel-
lectual property right notices that appear on the original.
(d) Nortel may provide updates, corrections, enhancements, modifications or bug fixes for the Licensed Materials
(“Updates”) to Licensee. Any such Update shall be deemed part of the Licensed Materials and subject to the license and all
other terms and conditions hereunder.
(e) Nortel shall have the right to inspect and audit Licensee’s use, deployment, and exploitation of the Licensed Ma-
terials for compliance with the terms and conditions of this Agreement.
(f) Licensee shall have the right to transfer the Embedded Software as embedded in Equipment in connection with
a transfer of all of Licensee’s right, title and interest in such Equipment to a third party; provided, that, Licensee transfers
the Embedded Software and any copies thereof subject to the terms and conditions of this Agreement and such third party
agrees in writing to be bound by all the terms and conditions of this Agreement.
(g) Notwithstanding anything to the contrary herein, certain portions of the Software are licensed under and Licens-
ee's use of such portions are only subject to the GNU General Public License version 2. If Licensee or any third party sends
a request in writing to Nortel at 110 Nortech Parkway, San Jose CA 95134, ATTN: Contracts Administration, Nortel will pro-
vide a complete machine-readable copy of the source code of such portions for a nominal cost to cover Nortel's cost in phys-
ically providing such code.
2. Ownership. Nortel or its suppliers own and shall retain all right, title and interest (including without limitation all in-
tellectual property rights), in and to the Licensed Materials and any Update, whether or not made by Nortel. Licensee ac-
knowledges that the licenses granted under this Agreement do not provide Licensee with title to or ownership of the Licensed
Materials, but only a right of limited use under the terms and conditions of this Agreement. Except as expressly set forth in
Section 1, Nortel reserves all rights and grants Licensee no licenses of any kind hereunder. All information or feedback pro-
vided by Licensee to Nortel with respect to the Software or Equipment shall be Nortel’s property and deemed confidential
information of Nortel.
3. Confidentiality. Licensee agrees that the Licensed Materials contain confidential information, including trade secrets,
know-how, and information pertaining to the technical structure or performance of the Software, that is the exclusive prop-
erty of Nortel as between Licensee and Nortel. In addition, Nortel’s confidential information includes any confidential or trade
secret information related to the Licensed Materials. During the period this Agreement is in effect and at all times thereafter,
Licensee shall maintain Nortel’s confidential information in confidence and use the same degree of care, but in no event less
than reasonable care, to avoid disclosure of Nortel’s confidential information as it uses with respect to its own confidential
and proprietary information of similar type and importance. Licensee agrees to only disclose Nortel’s confidential information
to its directors, officers and employees who have a bona fide need to know solely to exercise Licensee’s rights under this
Agreement and to only use Nortel’s confidential information incidentally in the customary operation of the Software and
Equipment. Licensee shall not sell, license, sublicense, publish, display, distribute, disclose or otherwise make available
Nortel’s confidential information to any third party nor use such information except as authorized by this Agreement. Lic-
ensee agrees to immediately notify Nortel of the unauthorized disclosure or use of the Licensed Materials and to assist Nortel
in remedying such unauthorized use or disclosure. It is further understood and agreed that any breach of this Section 3 or
Section 1(b) is a material breach of this Agreement and any such breach would cause irreparable harm to Nortel and its
suppliers, entitling Nortel or its suppliers to injunctive relief in addition to all other remedies available at law.
4. Limited Warranty & Disclaimer. Any limited warranty for the Licensed Materials and Nortel’s sole and exclusivity lia-
bility thereunder is as set forth in Nortel’s standard warranty documentation. In addition, any limited warranty for the Soft-
ware does not apply to any component of the Software but only to the Software as a whole. EXCEPT FOR ANY EXPRESS
LIMITED WARRANTIES FROM Nortel IN SUCH DOCUMENTATION, THE LICENSED MATERIALS ARE PROVIDED “AS IS”, AND
Nortel AND ITS SUPPLIERS MAKE NO WARRANTY, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, WITH RESPECT TO LI-
CENSED MATERIALS OR ANY PART THEREOF, INCLUDING WITHOUT LIMITATION ANY IMPLIED WARRANTY OF TITLE, MER-
CHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, NONINFRINGEMENT, OR THOSE ARISING FROM COURSE OF
PERFORMANCE, D EA LING, USAGE OR TR A DE. Nortel’S SUPPL IERS MAKE NO D I RECT WARRANTY O F ANY KIND TO LICE NSEE
FOR THE LICENSED MATERIALS. NEITHER Nortel NOR ANY OF ITS SUPPLIERS WARRANT THAT THE LICENSED MATERIALS
OR ANY PART THEREOF WILL MEET LICENSEE’S REQUIREMENTS OR BE UNINTERRUPTED, OR ERROR-FREE, OR THAT ANY
ERRORS IN THE LICENSED MATERIALS WILL BE CORRECTED. SOME STATES/JURISDICTIONS DO NOT ALLOW THE EXCLU-
SION OF IMPLIED WARRANTIES SO THE ABOVE EXCLUSIONS MAY NOT APPLY TO LICENSEE. THIS LIMITED WARRANTY
GIVES LICENSEE SPECIFIC LEGAL RIGHTS. LICENSEE MAY ALSO HAVE OTHER RIGHTS, WHICH VARY FROM STATE/JURIS-
DICTION TO STATE/JURISDICTION.
5. Term and Termination. This Agreement is effective until terminated. License may terminate this Agreement at any
time by destroying all copies of the Software. This Agreement and all licenses granted hereunder will terminate immediately
without notice from Nortel if Licensee fails to comply with any provision of this Agreement. Upon any termination, Licensee
must destroy all copies of the Licensed Materials. Sections 1(b), 2, 3, 4(b), 5, 6, 7, 8, 9 and 10 shall survive any termination
of this Agreement.
6. Export. The Software is specifically subject to U.S. Export Administration Regulations. Licensee agrees to strictly com-
ply with all export, re-export and import restrictions and regulations of the Department of Commerce or other agency or
authority of the United States or other applicable countries, and not to transfer, or authorize the transfer of, directly or in-
directly, the Software or any direct product thereof to a prohibited country or otherwise in violation of any such restrictions
or regulations. Licensee’s failure to comply with this Section is a material breach of this Agreement. Licensee acknowledges
that Licensee is not a national of Cuba, Iran, Iraq, Libya, North Korea, Sudan or Syria or a party listed in the U.S. Table of
Denial Orders or U.S. Treasury Department List of Specially Designated Nationals.