Wi2 AP CLI, Ver.5.2, User Manual
Contents
1. 2 Wi AP CLI Reference Guide About this guide Example Description ip qos profile lt name gt A single item enclosed in angle brackets and all formatted in italic indicates a user supplied item Specify the item Do not include the angle brackets In this example a valid QoS profile name is required For example ip qos profile voice wireless interface 1 2 Multiple Items enclosed in parenthesis and separated by vertical bars indicate a mandatory choice Include one of the mandatory items without the parenthesis and without the vertical bar In this example either 1 or 2 must be included For example wireless interface 2 show logging filtered Items enclosed in square brackets are optional You can either include them or not Do not include the brackets In this example you can specify the command in one of two ways show logging show logging filtered 1 1 3 2 Management tool When referring to the management tool interface the Main menu name is presented first followed by a right angle bracket and then the sub menu name as in Network gt Ports Wi AP CLI Reference Guide 3 Chapter 1 Introduction d L4 Lg CLI support in autonomous and controlled modes An AP operates in either controlled mode or autonomous mode Controlled mode Controlled mode is the factory default mode for all APs When in controlled mode an AP establishes a2. sssssseeeeenne eene enne nn rra 62 dot11 automatic transmit power period sse enne nennen 62 MUI CAST rate ai m 62 STAN CISTANGCE cit A E in 63 o oii nalo e EET 63 ue le article A 63 bandwidth maX EE 63 2 8 Virtual APO Eo 64 vitua Du toi aia 64 ACCESS COMO ari LS dan 64 A EE 64 WE Ted e TEE 65 CRIME 65 En TE 65 guest MOS cidcid 65 esee KEY T grass eat 65 nei eidelt key TOMAT EE 66 cundcm E 66 authentication server access controller sssssssseseeeneeeeenneeeen nnne 66 authentication server accounting ue 66 authentication server accounting radius profile seenn mm 67 authentication server radius osisssa aaan iaaa aaa E aa aana aaea E a ana nn nennen nn nenne 67 wpa a EE 67 authentication server accounting radius stationid case sss 67 authentication server accounting radius stationid delimiter sssssssessesrnerrennsnnssresrrnnrnnnnrn 67 Wireless ose ina eon en Reuse ott MARRE NR RENS OREEERESEEQURR M ARN DO Ren UR ONU bk a Keen eA RRR AR YR REENKESKO NERA NEAR 68 MAA A O 68 wireless filters rule INPUT ios init celi tabaco E eee db Cog 68 wireless filters rule output ooomoocccnononiccccnnnnccccnnnoncccnnn cnn cren 68 wireless filters typo i esie cet entero e ette te pue toe ted 69 ETSI IARE 70 Ee m c 70 MACTINE
3. PCR NM Your Open WiMAX Choice SW Version 5 2 June 2008 P N 215031 Legal Rights Legal Rights O Copyright 2008 Alvarion Ltd All rights reserved The material contained herein is proprietary privileged and confidential and owned by Alvarion or its third party licensors No disclosure thereof shall be made to third parties without the express written permission of Alvarion Ltd Alvarion Ltd reserves the right to alter the equipment specifications and descriptions in this publication without prior notice No part of this publication shall be deemed to be part of any contract or warranty unless specifically incorporated by reference into such contract or warranty Trade Names Alvarion BreezeCOM WALKair WALKnet BreezeNET BreezeACCESS BreezeMANAGE BreezeLINK BreezeConfig BreezeMAX AlvariSTAR AlvariCRAFT BreezeLITE MGW eMGW and or other products and or services referenced here in are either registered trademarks trademarks or service marks of Alvarion Ltd All other names are or may be the trademarks of their respective owners Statement of Conditions The information contained in this manual is subject to change without notice Alvarion Ltd shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing performance or use of this manual or equipment supplied with it Warranties and Disclai
4. Web admin KICKOUL scott aislada Pent ebur eat biliar 26 Merl e T 26 world mode dot11 country COQde oerte AAA 26 WED access pollo aia 27 Micleg eer creo EC 27 WED ACCESS WINGIOSS 22 rM ERE 27 web access interface vian 1 oni e cure esos Eb e vd da 27 WED access interface gre cooooconoccccnnnonocnncnnnn nono nn nn 27 web access local mesh ars erat eee 28 ee EE 28 Heri 28 Wee UTC EE 28 config Update automlatio ssas te rere tenent o tette tnra eite ccv ee oet en vb ure bee 28 config pdate operation EE 29 config UPdate MO ee LE 29 config UpdatS due 29 config Update weekday eccentric eyes tuo Cae Cr rae eu deal lr free 29 snmp server trap config change eserse iiaea a a E nennen ennemi a 29 snmp server trap config update seiis ensasini aE RAR a a NEE AAN NARA ER KANAANA 30 logging destination 30 snmp server trap syslog severity sssrinin rainn nannan Naa EA AKAN aaa 30 SOIMPESOIVOT ET 30 snmp server ACCESS pOrt l ec eerie trt ete tenete Pe ete eese TEAR RAEN ASAA 30 ul SNE EE EN ill SEO EE EN hiuzudgetru ee E UM 31 snmp server heartbeat period ete tette ANNANN aaa DRE eR ED 31 snmp Server local eee tie 32 SOIMP SOIVET POT smcarcoiionoinnnciinnninr 32 snmp server Teadonly iia 32 sninp server Teagdwrile diccionario 32 Snmp Server WAP EE 32 snmp server trap
5. Different means older or newer This enables you to return to a previous firmware version if required Configuration settings are preserved during the update unless stated otherwise in the release notes for the firmware However all active connections will be terminated Customers will have to log in again after the Wi AP restarts firmware update start Supported on Wi AP firmware update start Upload the firmware based on a specified URI This URI can be set with the command firmware update uri firmware update time Supported on Wi AP firmware update time lt time gt Sets the time of day the scheduled firmware upgrade will take place Parameters lt time gt Time as hh mm ss For example 15 44 00 Wi AP CLI Reference Guide 41 Chapter 2 CLI Commands firmware update uri Supported on Wi AP firmware update uri lt uri gt Sets the URI where the Wi AP will retrieve new firmware no firmware update uri Clears the firmware URI firmware update weekday Supported on Wi AP firmware update weekday everyday monday tuesday wednesday thursday friday saturday sunday Sets the day when the scheduled firmware upgrade will take place snmp server trap firmware update Supported on Wi AP snmp server trap firmware update Send a trap on firmware update no snmp server trap firmware update Do not send a trap on firmware update access controller restrict location Supported on
6. lt id2 gt LAN interface context interfac thernet port 1 VLAN interface context interface vlan lt id gt lt id2 gt Wireless context interface wireless lt number gt Local mesh context local mesh profile lt name gt VLAN interface context interface vlan lt number gt GRE interface context interface gre lt name gt Virtual AP context virtual ap lt name gt Syslog destination context logging destination lt name gt RADIUS context radius server profile lt name gt IP QOS context ip qos profile name Wi AP CLI Reference Guide 9 Chapter 2 CLI Commands Chapter 2 CLI Commands 2 1 View Context Context path View This is the root of the command tree arping Supported on Wi AP arping AbDfhqUV c lt count gt w lt deadline gt s lt source gt I interface destination Pings a destination on a device interface using ARP packets curl Supported on Wi AP curl parameter lt url gt Use the curl command to get send files to from the Wi AP Parameters A lt string gt b lt name string gt c lt file gt C offset d data data data ascii data data binary data data epsv data D file gd file file E cert passwd cert type type key key key type type pass pass engine eng cacert lt file gt capath lt dir gt Specifies append to target file when u
7. 32 Wi AP CLI Reference Guide Config Context snmp server trap community Supported on Wi AP snmp server trap community lt str gt Sets the password required by the remote host that will receive the trap no snmp server trap community Deletes the password required by the remote host that will receive the trap snmp server trap destination Supported on Wi AP snmp server trap destination lt host gt lt port number gt Add a new trap destination no snmp server trap destination lt host gt lt port gt Deletes the specified trap destination Parameters lt host gt Sets the IP address or domain name of the host that the Wi AP will send traps to lt port number gt SNMP port number Range 1 65535 By default port 162 is used snmp server trap heartbeat Supported on Wi AP snmp server trap heartbeat Enables sending of heartbeat traps at regular intervals no snmp server trap heartbeat Disables sending of heartbeat traps at regular intervals snmp server trap link state Supported on Wi AP snmp server trap link state Send a trap when the link state changes on any interface no snmp server trap link state Do not send this trap snmp server trap snmp authentication Supported on Wi AP snmp server trap snmp authentication Send a trap each time an SNMP request fails to supply the correct community name Wi AP CLI Reference Guide 33 Chapter 2 CLI Commands snmp server version
8. 802 1X client software The Wi AP supports 802 1x client software that uses EAP TLS EAP TTLS EAP SIM and PEAP wep Enables the use of dynamic WEP keys for all 802 1X sessions Dynamic key rotation occurs on key 1 which is the broadcast key Key O is the pairwise key It is automatically generated by the Wi AP static wep Support client stations using static WEP keys wpa This option enables support for wireless users with WPA client software psk Enables support for a preshared key radius The Wi AP obtains the MPPE key from the RADIUS server This is a dynamic key that changes each time the user logs in and is authenticated The MPPE key is used to generate the TKIP keys that encrypt the wireless data stream vl v2 Specify which version of WPA to use None will use both versions mixed mode Wi AP CLI Reference Guide 77 Chapter 2 CLI Commands KA VLAN interface Context Context path View gt Enable gt Config gt Port 2 interface gt VLAN interface View gt Enable gt Config gt Port 1 interface gt VLAN interface View gt Enable gt Config gt Local mesh gt VLAN interface This context provides commands for configuring Virtual LANs VLANs In this context VLANs can be added or edited For example to create a new VLAN interface named hongkong on the LAN port with VLAN id 88 do the following CLI config interface lan CLI if lan interface vlan 88 CLI if vlan vlan name hongkong
9. AP CLI Reference Guide Config Context Parameters lt code gt An ISO3166 three letter country code web access port 1 Supported on Wi AP web access port 1 Enables access to the management tool via Port 2 no web access port 1 Blocks access to the management tool via Port 2 web access port 2 Supported on Wi AP web access port 2 Enables access to the management tool via Port 1 no web access port 2 Blocks access to the management tool via Port 1 web access wireless Supported on Wi AP web access wireless Enables access to the management tool via the wireless port no web access wireless Blocks access to the management tool via the wireless port web access interface vlan Supported on Wi AP web access interface vlan lt name gt Enables access to the management tool via the specified VLAN no web access interface vlan lt name gt Removes access to the management tool for the specified VLAN web access interface gre Supported on Wi AP web access interface gre lt name gt Enables access to the management tool via the specified GRE tunnel no web access interface gre lt name gt Disables access to the management tool via the specified GRE tunnel Wi AP CLI Reference Guide 27 Chapter 2 CLI Commands web access local mesh Supported on Wi AP web access local mesh lt name gt Enables access to the management tool via the specified local mesh no web access local
10. Note The actual transmit power used may less than the value specified The Wi AP determines the power to used based on the settings you made for regulatory domain wireless mode and operating frequency antenna bidirectionnal Supported on Wi AP antenna bidirectionnal diversity main auxiliary Sets the antenna to transmit and receive on Select diversity to transmit and receive on both antennas Parameters diversity In this mode both antennas are used to transmit and receive The Wi AP supports both transmit and receive diversity main Transmit and receive on the main antenna only aux Transmit and receive on the aux antenna only autochannel skip Supported on Wi AP autochannel skip lt chan gt Adds the specified channel to the list of channels that are not allowed to be selected by the Auto Channel algorithm no autochannel skip lt chan gt Removes the specified channel to the list of channels that are not allowed to be selected by the Auto Channel algorithm beacon interval Supported on Wi AP beacon interval lt value gt Sets the beacon interval Parameters lt value gt Beacon interval value in the range 20 and 500 time units TU 1 TU 1024us dot11 automatic frequency Supported on Wi AP dot11 automatic frequency Enable this option to have the Wi AP automatically determine the best operating frequency Wi AP CLI Reference Guide 61 Chapter 2 CLI Commands no dotll auto
11. Supported on Wi AP snmp server version 1 2c Sets the SNMP version snmp server access interface vlan Supported on Wi AP snmp server access interface vlan lt name gt Enables access to SNMP via the specified VLAN no snmp server access interface vlan lt name gt Disables access to SNMP via the specified VLAN Parameters lt name gt Specifies the name of the VLAN snmp server access local mesh Supported on Wi AP snmp server access local mesh lt profile gt Enables access to SNMP via the specified local mesh no snmp server access local mesh lt profile gt Enables access to SNMP via the specified local mesh snmp server access interface gre Supported on Wi AP snmp server access interface gre lt name gt Enables access to SNMP via the specified GRE tunnel no snmp server access interface gre lt name gt Removes access to SNMP via the specified GRE tunnel snmp server access wireless Supported on Wi AP snmp server access wireless Enables SNMP access on the wireless port no snmp server access wireless Blocks SNMP access on the wireless port snmp server access port 2 Supported on MWi AP snmp server access port 2 Enables SNMP access on the upstream port 34 Wi AP CLI Reference Guide Config Context no snmp server access port 2 Blocks SNMP access on the upstream port soap Server Supported on Wi AP soap server Enables the SOAP server no soap server Disables th
12. lt key number gt Sets the key the Wi AP will use to encrypt transmitted data All four keys are used to decrypt received data Parameters lt key number gt Transmit key number Range 1 4 authentication server access controller Supported on Wi AP authentication server access controller Use the access controller to authenticate 802 1x or WPA logins authentication server accounting Supported on Wi AP authentication server accounting Enables RADIUS accounting for this VAP VSC no authentication server accounting Disables RADIUS accounting for this VAP VSC 66 Wi AP CLI Reference Guide Virtual AP Context authentication server accounting radius profile Supported on Wi AP authentication server accounting radius profile lt name gt Sets RADIUS accounting to use the specified RADIUS profile no authentication server accounting radius profile Removes accounting support for 802 1x authentication server radius Supported on Wi AP authentication server radius lt name gt Sets the RADIUS profile to use for 802 1x or WPA authentication wpa psk Supported on Wi AP wpa psk lt key gt Sets the WPA preshared key no wpa psk Deletes the WPA preshared key Parameters password Specify a key that is between 8 and 64 ASCII characters in length It is recommended that the preshared key be at least 20 characters long and be a mix of letters and numbers Description The Wi AP uses the key you
13. 1X and WPA Wi AP CLI Reference Guide 49 Chapter 2 CLI Commands add wireless ip qos profile Supported on Wi AP add wireless ip qos profile lt name gt Adds the specified profile to the list of IP QoS profiles in effect for the wireless links lt profile name gt Name of an existing IP QoS profile delete wireless ip qos profile all Supported on Wi AP delete wireless ip qos profile all Clears the list of IP QoS profiles currently in effect for the wireless links delete wireless ip qos profile Supported on Wi AP delete wireless ip qos profile lt name gt Removes the specified profile from the list of IP QoS profiles in effect for the wireless links lt profile name gt Name of an existing IP QoS profile currently in the profile list for the wireless links wireless link qos Supported on Wi AP wireless link qos disabled 802 1p wme very high high normal low tos diffsrv Sets the wireless link QoS policy sensor discovery mode Supported on Wi AP sensor discovery mode id ip Sets the method the Wi AP will use to communicate with the RF Manager Server Parameters id Connect using the Server ID of the RF Manager Server ip Connect using the IP address or hostname of the RF Manager Server Description For these methods to work the following must be true The Wi AP must be able to reach the RF Manager Server via a network connected to port 1 or
14. Enables dynamic assignment of DNS servers no ip name server dynamic Disables dynamic DNS assignment ip name server switch on servfail Supported on Wi AP ip name server switch on servfail Switch to next server when server failure is received no ip name server switch on servfail Do not switch to next server when server failure is received 44 Wi AP CLI Reference Guide Config Context ip name server switch over Supported on Wi AP ip name server switch over Switch over to primary when active no ip name server switch over Do not switch over to primary when active snmp server trap unauthorized ap Supported on Wi AP snmp server trap unauthorized ap Send a trap when a rogue access point is detected no snmp server trap unauthorized ap Do not send this trap snmp server trap unauthorized ap interval Supported on Wi AP snmp server trap unauthorized ap interval lt number gt If set to O then traps are only sent when a rogue access point is detected If set to O the entire list of rogue access points is sent each time the interval expires wireless scan Supported on Wi AP wireless scan Enables wireless neighborhood scanning no wireless scan Disables wireless neighborhood scanning wireless scan period Supported on Wi AP wireless scan period lt seconds gt Specifies the interval between wireless neighborhood scans Parameters lt seconds gt Scanning interval Range 10 600 seco
15. Wi AP show logging filtered Displays the system log top Supported on Wi AP top Displays all running processes Wi AP CLI Reference Guide 15 Chapter 2 CLI Commands Press q to exit top traceroute Supported on Wi AP traceroute n r v m lt max_tt1 gt p lt port gt q lt nqueries gt s lt src_addr gt t lt tos gt w lt wait gt lt host gt lt data size gt Show the hosts that are traversed to reach the specified IP address 16 Wi AP CLI Reference Guide Enable Context Za Enable Context Context path View gt Enable This context provides access to various utilities reboot device Supported on Wi AP reboot device Restarts the system show certificate Supported on Wi AP show certificate Display current certificates show certificate binding Supported on Wi AP show certificate binding Display how the certificates are used ping Supported on Wi AP ping host c lt count gt s lt length gt q Determines if the specified remote IP address is active Parameters c host The IP address or DNS name of the host to ping c count Number of pings s length Length of the ping datagram q Quiet mode No output arping Supported on Wi AP arping AbDfhqUV c lt count gt w lt deadline gt s lt source gt I interface destination Pings a destination on a
16. Wi AP access controller restrict location gateway mac mac address Identifies the access controller the Wi AP will communicate with Parameters gateway Use the default gateway as the service controller mac Use the specified MAC address as the gateway mac address MAC address Specify 6 pairs of hexadecimal numbers separated by colons with the values a to f in lowercase For example 00 03 52 0a 0f 01 service sensor Supported on Wi AP service sensor Enables the service sensor The service sensor polls a target device at present intervals If the device does not respond the radio is shut off no service sensor Disables the service sensor 42 Wi AP CLI Reference Guide Config Context service sensor Supported on Wi AP service sensor gateway address lt ip address gt Sets the target device the service sensor will poll This can be the default gateway or a specific IP address no service sensor Disables the service sensor Parameters gateway The service sensor will poll the default gateway address The service sensor will poll another device lt ip address gt IP address of the other device For example 192 168 10 10 service sensor poll Supported on Wi AP service sensor poll lt seconds gt Sets the poll frequency Parameters lt seconds gt Poll frequency Range 1 3600 seconds service sensor retry Supported on Wi AP service sensor retry lt retries gt Spec
17. credentials for SSH connections are the same as those defined under Administrator authentication By default both username and password are set to admin NOTE Y SSH logins always use the local administrator username and password even if Administrator authentication is set to use an external RADIUS server Wi AP CLI Reference Guide SSH client support 1 4 SSH client support The following SSH clients have been tested with the CLI Others may work as well B OpenSSH B Tectia B SecureCRT E Putty Wi AP CLI Reference Guide 7 Chapter 1 Introduction 1 5 Entering strings When entering a value that contains spaces you must enclose it in quotation marks For example if the command syntax is ssid lt name gt you must specify one of the following ssid ANameWithNoSpaces ssid A name with spaces 8 Wi AP CLI Reference Guide Context Hierarchy 1 6 Context Hierarchy CLI commands are grouped into functional contexts The following table shows the context hierarchy and the command used to switch from the parent context Context hierarchy Command to switch from parent context View context This is the first context Enable context enable Config context config WAN IP interface context interface ip Internet interface context interfac thernet port 2 VLAN interface context interface vlan lt id gt
18. gt Removes the specified VLAN interface Wi AP CLI Reference Guide 81 Chapter 2 CLI Commands Parameters lt id gt VLAN ID Range 1 4094 accept forced links Supported on Wi AP accept forced links May accept master orders for selection no accept forced links ignore master orders for selection allowed downtime Supported on Wi AP allowed downtime lt number gt Set the allowed downtime for a connection or a link to a peer dynamic local mesh Supported on Wi AP dynamic local mesh Use dynamic local mesh no dynamic local mesh Use static local mesh dynamic mode Supported on Wi AP dynamic mode master alt master slave Selects the dynamic operation mode initial discovery time Supported on Wi AP initial discovery time lt number gt Slave Set the group s initial discovery time in seconds mesh id Supported on Wi AP mesh id lt id gt Set the local mesh group id 82 Wi AP CLI Reference Guide Local Mesh Context minimum snr Supported on Wi AP minimum snr lt number gt Slave Set the group s minimum SNR preserve master link Supported on Wi AP preserve master link Preserve master link across reboots no preserve master link Do not preserve master link across reboots promiscuous mode Supported on Wi AP promiscuous mode Slave Accept any group no promiscuous mode Slave Use only the slave s group promiscuous mode startup dela
19. mesh lt name gt Disables access to the management tool via the specified local mesh clock Supported on Wi AP clock lt time gt lt date gt Sets the system time and date Parameters lt time gt Time as hh mm ss For example 15 44 00 lt date gt Date as dd Month yyyy For example 17 Oct 2004 ntp server Supported on Wi AP ntp server lt index gt lt host gt Adds a network time server Parameters lt index gt Index of the time server in the list Up to 20 time servers are supported Time servers are checked in the order that they appear in the list lt host gt DNS name or IP address of the time server ntp server failure trap Supported on Wi AP ntp server failure trap Send a trap each time a time server synchronization failed no ntp server failure trap Do not send a trap each time a time server synchronization failed config update automatic Supported on Wi AP config update automatic Enables scheduled configuration restore or backup no config update automatic Disables scheduled configuration restore or backup 28 Wi AP CLI Reference Guide Config Context The Wi AP can automatically download the configuration file from a local or remote URL restore It is also possible to upload the current configuration to a given URL backup Theses operations can be done at preset times config update operation Supported on Wi AP config update operation restore backup Sets the
20. resolve it via DNS Aithat is an entry must be created on the network DNS server that points to the IP address of the RF Manager Server config version Supported on Wi AP config version lt string gt Sets a string to identify the user configuration version Wi AP CLI Reference Guide 51 Chapter 2 CLI Commands 2 4 Port 2 Interface Context Context path View gt Enable gt Config gt Port 2 interface This context provides commands for configuring Port 2 duplex Supported on Wi AP duplex auto half full Sets the duplex mode on Port 2 Parameters auto Lets the Wi AP automatically set duplex mode based on the type of equipment it is connected to half Forces the port to operate in half duplex mode full Forces the port to operate in full duplex mode end Supported on Wi AP end Switches to parent context speed Supported on Wi AP speed auto 10 100 Sets the speed of Port 2 Parameters auto Lets the Wi AP automatically set port speed based on the type of equipment it is connected to 100 Forces the port to operate at 100 mbps 10 Forces the port to operate at 10 mbps vian Supported on Wi AP vlan lt id gt Sets the default VLAN ID Range 1 4094 All outgoing traffic that does not have a VLAN already assigned to it is sent on this VLAN no vlan Deletes the default VLAN ID Wi AP CLI Reference Guide Port 2 Interface Context vlan compatibility
21. rrr lid reas 52 Mania T 52 vlan compatibility mode EE 53 vlan management Mer EE 53 Interface Vian sarta iio les 53 2 5 Port 1 Interface E E 54 equum wes Ween at 54 Ce T 54 A 54 Mu 54 Vian Compatibility MOUS coccion 55 vlan managementTiler vicio mc ti cierras pena 55 Merdace van m E 55 2 6 WAN IP Interface Opfer aet ue tiende nia OR eu a 56 pppoe client Usei e e 56 ip address EE 56 P AUI OSS reniir 56 ip address dhep client Id cocino e Ra 57 le EE 57 Neie e ee Lu GEET 57 di A E 57 esce 57 pppoe BU To Tu ra rz i o D 58 2 7 Wireless CON 59 IMM ea ed PL 59 Wi AP CLI Reference Guide xiii Contents lee Een rta aan ido ds 59 Ami P 59 eii eT T 60 f on NN 60 Elte EE 60 antenna bidirectionnal ooooconnnicnccccncconnnnncnnccnnnnnnnoncnnconnnnncnnncnnnnnn aaa nc nn nn nn nan da aaa aaa aaia 61 autochannel SRP EE 61 DEACON Intervalo aiaia aa aiaa aa aaa aa Ea aaa Aaa Aaaa Eaa REN 61 dotl1 automatic TOQUENCY escritas 61 dot11 automatic frequency period ooococccccnonnccccccnnnnccncnnnononann canon non cnn nn rra EA nr 62 dotti automatic frequency time occinnnncccnnononcccnnnncnannnnnn cnn rencia 62 dot11 automatic transmit DOWer
22. to write output to lt file gt instead of stdout Specifies to write output to a file named as the remote file Specifies to perform non HTTP services through a HTTP proxy Specifies to use PORT with address instead of PASV when ftping FTP only Wi2 AP CLI Reference Guide Chapter 2 CLI Commands Q omd r range stderr lt file gt t OPT val file trac trace ascii lt file gt T file url URL ur user pass U user pass w format x lt host port gt random file file X command z time Z lt num gt enable Supported on Wi AP enable When used as the first parameter disables curlrc Specifies to send QUOTE command to FTP before file transfer FTP only Specifies to retrieve a byte range from a HTTP 1 1 or FTP server Sets the remote file s time on the local output Specifies silent mode Don t output anything Specifies show error With s make curl show errors when they occur Specifies where to redirect stderr means stdout Sets the telnet option Dumps a network debug trace to the given file Specifies trace but without the hex output Specifies to transfer upload file to remote site Specifies another way to specify URL to work with Specifies user and password to use Overrides n and netrc optional Specifies proxy authentication Makes the operation more talkative Outputs version num
23. type of operation that will take place at the preset time config update time Supported on Wi AP config update time lt time gt Sets the time of day when the scheduled configuration operation backup or restore will take place Parameters lt time gt Time as hh mm ss For example 15 44 00 config update uri Supported on Wi AP config update uri lt uri gt Sets the URI where the Wi AP will download or upload the configuration file no config update uri Clears the configuration file URI config update weekday Supported on Wi AP config update weekday everyday monday tuesday wednesday thursday friday saturday sunday Sets the day when the scheduled configuration operation backup or restore will take place snmp server trap config change Supported on Wi AP snmp server trap config change Send a trap whenever the configuration is changed no snmp server trap config change Do not send this trap Wi AP CLI Reference Guide 29 Chapter 2 CLI Commands snmp server trap config update Supported on Wi AP snmp server trap config update Send a trap whenever the firmware is updated no snmp server trap config update Do not send this trap logging destination Supported on Wi AP logging destination lt name gt Creates a new remote destination for syslog no logging destination lt name gt Deletes the specified syslog destination Parameters lt name gt Name of s
24. vlan id Assigns a VLAN ID to this VAP VSC no vlan Deletes the VLAN ID for this VAP VSC Parameters id VLAN ID Range 1 4094 guest mode Supported on Wi AP guest mode Enables broadcast of the wireless network name SSID no guest mode Disables broadcast of the wireless network name SSID encryption key 1 Supported on Wi AP630 encryption key lt key gt lt value gt Sets WEP key 1 no encryption key lt key gt Deletes WEP key 1 Parameters lt key gt WEP key number Range 1 4 Keys 2 to 4 are only supported on the first WLAN profile Wi AP CLI Reference Guide 65 Chapter 2 CLI Commands lt value gt Key value The number of characters you specify for a key determines the level of encryption the Wi AP will provide For 40 bit encryption specify 5 ASCII characters or 10 HEX digits For 128 bit encryption specify 13 ASCII characters or 26 HEX digits encryption key format Supported on Wi AP encryption key format hex ascii Specify the WEP key format Parameters hex Hex keys should only include the following digits 0 9 a f A F ascil ASCII keys are much weaker than carefully chosen hex keys You can include ASCII characters between 32 and 126 inclusive in the key However note that not all client stations support non alphanumeric characters such as spaces punctuation or special symbols in the key transmit key Supported on Wi AP transmit key
25. 35km Fine tunes internal timeout settings to account for the distance that wireless links span For normal operation the CNx is optimized for links of less than 1 km This is a global setting that is useful when creating wireless links to remote sites However it also applies to all wireless connection made with the radio not just for wireless links Therefore if you are also using the radio to serve local wireless client stations adjusting this setting may lower the performance for clients with marginal signal strength or when interference is present Essentially it means that if a frame needs to be retransmitted it will take longer before the actual retransmit takes place dot11 mode Supported on Wi AP dot11 mode monitor ap wds ap only wds only sensor Sets the operating mode for the radio bandwidth Supported on Wi AP bandwidth Enables bandwidth control no bandwidth Disables bandwidth control bandwidth max Supported on Wi AP bandwidth max lt rate gt Set the maximum data rate on the wireless port in kbps Parameters lt rate gt Maximum data rate Range 500 54000 kbps Wi AP CLI Reference Guide 63 Chapter 2 CLI Commands 2 8 Virtual AP Context Context path View gt Enable gt Config gt Virtual AP This context provides commands for configuring Virtual AP profiles VAP VSC s By default one profile exists with the name Alvarion Networks This is the default prof
26. AR DEGREE OF POTENTIAL HAZARD ALVARION SPECIFICALLY DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY OF FITNESS FOR HIGH RISK ACTIVITIES b PURCHASER S SOLE REMEDY FOR BREACH OF THE EXPRESS WARRANTIES ABOVE SHALL BE REPLACEMENT OR REFUND OF THE PURCHASE PRICE AS SPECIFIED ABOVE AT ALVARION S OPTION TO THE FULLEST EXTENT ALLOWED BY LAW THE WARRANTIES AND REMEDIES SET FORTH IN THIS AGREEMENT ARE EXCLUSIVE AND IN LIEU OF ALL OTHER Wi AP CLI Reference Guide Legal Rights WARRANTIES OR CONDITIONS EXPRESS OR IMPLIED EITHER IN FACT OR BY OPERATION OF LAW STATUTORY OR OTHERWISE INCLUDING BUT NOT LIMITED TO WARRANTIES TERMS OR CONDITIONS OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE SATISFACTORY QUALITY CORRESPONDENCE WITH DESCRIPTION NON INFRINGEMENT AND ACCURACY OF INFORMATION GENERATED ALL OF WHICH ARE EXPRESSLY DISCLAIMED ALVARION WARRANTIES HEREIN RUN ONLY TO PURCHASER AND ARE NOT EXTENDED TO ANY THIRD PARTIES ALVARION NEITHER ASSUMES NOR AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE SALE INSTALLATION MAINTENANCE OR USE OF ITS PRODUCTS Limitation of Liability a ALVARION SHALL NOT BE LIABLE TO THE PURCHASER OR TO ANY THIRD PARTY FOR ANY LOSS OF PROFITS LOSS OF USE INTERRUPTION OF BUSINESS OR FOR ANY INDIRECT SPECIAL INCIDENTAL PUNITIVE OR CONSEQUENTIAL DAMAGES OF ANY KIND WHETHER ARISING UNDER BREACH OF CONTRACT TORT INCLUDING NEGLIGENCE STRICT LIABILITY OR OT
27. CLI if vlan ip address mode dhcp CLI if vlan no nat CLI if vlan end CLI if lan end Supported on Wi AP end Switches to parent context ip address Supported on Wi AP ip address lt ip address gt lt mask gt Sets a static IP address for the VLAN Parameters lt address gt IP address lt mask gt Subnet mask in CIDR format Specifies the number of bits in the mask ip address mode Supported on Wi AP ip address mode dhcp static none Sets the IP addressing mode for this VLAN interface Parameters dhcp Dynamic host configuration protocol The DHCP server will automatically assign an address to the Wi AP which functions as a DHCP client Wi AP CLI Reference Guide VLAN interface Context static This option enables you to manually assign an IP address to the Wi AP none This VLAN does not have an IP address vlan name Supported on Wi AP vlan name lt name gt Change the name of this VLAN interface Wi AP CLI Reference Guide 79 Chapter 2 CLI Commands 2 10 80 Local Mesh Context Context path View gt Enable gt Config gt Local mesh This context provides commands for configuring local meshes end Supported on Wi AP end Switches to parent context active Supported on Wi AP active Activates the local mesh no active Deactivates the local mesh interface Supported on Wi AP interface radiol radio2 radio3 Select the inte
28. COMMUNMY EE 33 snmp server trap destination ssesssessssessseeeeeenenenn mener nnn nennen nnn nene 33 snmp server trap heartbeat sissien iasan anan RAAEN AEAT AAS KARARAN EREE 33 snmp server trap link state oooonoccccnnonicccnnnnococonnnnnnnncnncnnn nc cnn 33 snmp server trap snmp authentication ooooonnnccccnnnnnncccnnnnnconccnnnnnnonn cnn nn ANNANN NAREN ennt 33 Ice Em 34 snmp server access interface VIAN eese essen nnne nnne nennen 34 snmp server access local mesh oooonnccccccnonicccnnnoncccnnnnnnnnnnrrr nn 34 snmp server access interface gre comnccccnnnnnnoccnonnnnnn cnn nn 34 snmp server access wireless eseeessseeeseseeseeeenee nennen nnne nnne ennt nn ennt nre 34 snmp server ACCESS pOrt 2 sci mea tax ne ane A a 34 RDrielWclp EEUU 35 soap server access interface vlan ooonnncccnnnnicinnnnnnncccnnnnn nc 35 Soap server access porel eessen eaii ds 35 S ISSEN EE ACCESS POR miii dia dad 35 Soap server allow idad 35 soap server http authentication ooomnocccnnnnnicccnnnnnncccnnnnnnn cnn nn 36 soap server http authentication password sssssssseeeeeeee nm ene 36 soap server http authentication username essen nnne 36 SOap SerVer POM EE 36 Wi AP CLI Reference Guide xi Contents xii BEIS EES c 36 soap server ssl with client certificate ssssssssseeeeenen nennen 36 soap server access interface gre cooconncc
29. Client stations that are below this setting will not be able to connect to this SSID Set the Lowest option to have the Wi AP automatically adjust the data rate to its minimum setting based on the wirelessmode being used 74 Wi AP CLI Reference Guide Virtual AP Context add ip qos profile Supported on Wi AP add ip qos profile lt name gt Adds the specified profile to the list of IP QoS profiles in effect for this VAP VSC lt profile name gt Name of an existing IP QoS profile delete ip qos profile all Supported on Wi AP delete ip qos profile all Clears the list of IP QoS profiles currently in effect for this VAP VSC delete ip qos profile Supported on Wi AP delete ip qos profile name Removes the specified profile from the list of IP QoS profiles in effect for this VAP VSC profile name Name of an existing IP QoS profile currently in the profile list for this VAP VSC qos Supported on Wi AP qos 802 1p very high high normal low diffsrv tos default vap0 vapl vap2 vap3 Sets the QoS level for this profile no qos Disables QoS for this profile Four traffic queues are provided based on the WME standard In order of priority these queues are 1 Voice traffic 2 Video traffic 3 Best effort data traffic 4 Background data traffic Each QoS priority mechanism maps traffic to one of the four traffic queues Client stations that do not support the
30. E lo E 79 2 10Local Mesh Goritext n ren tio npn in onte nume caneante canstecaneenanczeteicaaneceneraecsenneene 80 A 80 ACI 80 due iraran N N EATA ANEAN OAR 80 local mesh Name c 80 remote Macari E A E E ida 80 Hg EEIE ii A OE a 81 security MODO EE 81 SeA PS E E dd EN 81 SOCUMILY WEP TL 81 o 81 ncn sura E 81 accept forced lte 82 allowed GOwntiMe EE 82 dynamic local MES A vito ni ic EEE 82 dynamic MOJO eric del 82 InMal CUSCOVENY UME cinc 82 MOSH Moi A E eee Pd a 82 POU EE 83 preserve master link eiecti nd ni e ld da ai 83 lte ee TC 83 promiscuous mode startup delay ceceeecceeeseeneeeeeeeeeneeeeeeeeeeeeeeeeaaeeeeseeeaaeeeeeeeeseneeeseesennaeees 83 Wi AP CLI Reference Guide xv Contents Eidel el e EE 83 2 41RADIUS Comtex Einicio KEY EA CR av SETA NERA RR 84 lu 84 radius server accounting port EEN 84 radius server alternate hosts cccccccssesseececceaneeseeceeceeseeceeceaueeseeseeaeeseceeeeeauaeseeeeeaeenseeseeeeanees 84 radius server authentication method 84 radius server authentication port essssssssseeeeeeeeeeenn nennen nnn enne nnns 85 radi s server deadtlme cc
31. HERWISE AND WHETHER BASED ON THIS AGREEMENT OR OTHERWISE EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES b TO THE EXTENT PERMITTED BY APPLICABLE LAW IN NO EVENT SHALL THE LIABILITY FOR DAMAGES HEREUNDER OF ALVARION OR ITS EMPLOYEES OR AGENTS EXCEED THE PURCHASE PRICE PAID FOR THE PRODUCT BY PURCHASER NOR SHALL THE AGGREGATE LIABILITY FOR DAMAGES TO ALL PARTIES REGARDING ANY PRODUCT EXCEED THE PURCHASE PRICE PAID FOR THAT PRODUCT BY THAT PARTY EXCEPT IN THE CASE OF A BREACH OF A PARTY S CONFIDENTIALITY OBLIGATIONS Disposal of Electronic and Electrical Waste Disposal of Electronic and Electrical Waste Pursuant to the WEEE EU Directive electronic and electrical waste must not be disposed of with unsorted waste Please contact your local recycling authority for disposal of this product Wi AP CLI Reference Guide V Legal Rights Important Notice This user manual is delivered subject to the following conditions and restrictions vi This manual contains proprietary information belonging to Alvarion Ltd Such information is supplied solely for the purpose of assisting properly authorized users of the respective Alvarion products No part of its contents may be used for any other purpose disclosed to any person or firm or reproduced by any means electronic and mechanical without the express prior written permission of Alvarion Ltd The text and graphics are for the purpose of illustration and reference only The spe
32. L NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THAT THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY PURCHASER S OR ANY THIRD PERSON S MISUSE NEGLIGENCE IMPROPER INSTALLATION OR IMPROPER TESTING UNAUTHORIZED ATTEMPTS TO REPAIR OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDED USE OR BY ACCIDENT FIRE LIGHTNING OR OTHER HAZARD Disclaimer a The Software is sold on an AS IS basis Alvarion its affiliates or its licensors MAKE NO WARRANTIES WHATSOEVER WHETHER EXPRESS OR IMPLIED WITH RESPECT TO THE SOFTWARE AND THE ACCOMPANYING DOCUMENTATION ALVARION SPECIFICALLY DISCLAIMS ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT WITH RESPECT TO THE SOFTWARE UNITS OF PRODUCT INCLUDING ALL THE SOFTWARE DELIVERED TO PURCHASER HEREUNDER ARE NOT FAULT TOLERANT AND ARE NOT DESIGNED MANUFACTURED OR INTENDED FOR USE OR RESALE IN APPLICATIONS WHERE THE FAILURE MALFUNCTION OR INACCURACY OF PRODUCTS CARRIES A RISK OF DEATH OR BODILY INJURY OR SEVERE PHYSICAL OR ENVIRONMENTAL DAMAGE HIGH RISK ACTIVITIES HIGH RISK ACTIVITIES MAY INCLUDE BUT ARE NOT LIMITED TO USE AS PART OF ON LINE CONTROL SYSTEMS IN HAZARDOUS ENVIRONMENTS REQUIRING FAIL SAFE PERFORMANCE SUCH AS IN THE OPERATION OF NUCLEAR FACILITIES AIRCRAFT NAVIGATION OR COMMUNICATION SYSTEMS AIR TRAFFIC CONTROL LIFE SUPPORT MACHINES WEAPONS SYSTEMS OR OTHER APPLICATIONS REPRESENTING A SIMIL
33. NS Mode MU M 71 mac authentication accounting aen 71 mac authentication accounting radius profile ssssseenn mmn 71 mandatory authent catio usi cocotte entera etn rente ni ngu npe epa RE Cann n Re Ex 71 mac authentication radius profile ooonoonncccnnnnocccccnanonnnoncnanonnnnno nano n nennen nnnm nnns 71 mac authentication radius stationid case ooonnicccccnnnociciccnanonnnnnonanancnnnonanon eene nens 71 mac authentication radius stationid delimiter A 72 MAC AUTNENTCALION EE 72 xiv Wi AP CLI Reference Guide Contents dot1ix mandatory ETC Le TEE 72 ado Nie UC EE 72 ei cec da 72 erem t 73 leaicq 73 ACUI andes 73 DEACON CALM COUNT pc 73 llegro WEE 73 Tast authieritiCallOr sitiar tia 74 EK MODI EE 74 DEACON transmit POWEN miii aaa 74 data rate MaXIMUM otitis 74 data rate MINIMUM succo eite bet DE ees Co e dicte berto eae ita 74 lesionem er M 75 delete ip qos profile all i ote ad eden cese den te YO Cua REDE oae 75 delete ip qos PROMISE T 75 PPP A o 75 Upstream dif Serv tagging EE 76 WIMIMPAAVEMISING 2 5 E etes A rte tidad 76 location aware GrOUP WE 77 ll EE 77 EHNEN sue once eicere LU IM MI UL MI ME EL eg 77 2 9 VLAN NEnlg Een me nnn 78 jo EE 78 ID ACOPOSS e M vereedeeteiseete 78 I address EE 78 MET
34. QoS mechanism for the profile they are connected to are always assigned to queue 3 Important Traffic delivery is based on strict priority per the WME standard Therefore if excessive traffic is present on queues 1 or 2 it will reduce the flow of traffic on queues 3 and 4 Wi AP CLI Reference Guide 75 Chapter 2 CLI Commands 802 1p Traffic from 802 1p client stations is classified based on the VLAN priority field present within the VLAN header When this mechanism is selected the Wi AP will advertise WME capabilities enabling WME clients to associate and take advantage of them This setting has no effect on legacy clients Note To support 802 1p the wireless profile must have a VLAN assigned to it which means that client station traffic is forwarded onto the LAN port only vap0 to vap3 Allows a specific priority level to be specified for all traffic on a VAP VSC profile This enables client stations without a QoS mechanism to set traffic priority by connecting to the appropriate SSID If you enable this priority mechanism it takes precedence regardless of the priority mechanism supported by associated client stations For example if you set SSID based low priority for a profile all devices that connect to the profile have their traffic set at this priority Mapping to the traffic queues is as follows vapO or very high queue 1 vap1 or high queue 2 vap2 or normal queue 3 vap3 or low queue 4 diffsrv Different
35. US Server PAP MSCHAP V1 and CHAP are less secure protocols Wi AP CLI Reference Guide RADIUS Context radius server authentication port Supported on Wi AP radius server authentication port lt number gt Specifies the port to use for RADIUS authentication By default RADIUS servers use port 1812 Parameters lt number gt Authentication port number Range 1 65535 radius server deadtime Supported on Wi AP radius server deadtime lt seconds gt Sets the retry interval for access and accounting requests that time out If no reply is received within this interval the Wi AP switches between the primary and secondary RADIUS servers if defined If a reply is received after the interval expires it is ignored Parameters lt seconds gt Retry interval Range 2 60 seconds radius server host Supported on Wi AP radius server host lt primary gt lt secondary gt Sets the addresses of the primary and secondary RADIUS servers Parameters lt primary gt IP address of the primary RADIUS server lt secondary gt IP address of the secondary RADIUS server radius server key 2 Supported on Wi AP radius server key lt primary gt lt secondary gt Enter primary and secondary secrets Parameters lt primary gt Shared secret for the primary RADIUS server lt secondary gt Shared secret for the secondary RADIUS server radius server message authenticator Supported on Wi AP radius serve
36. am device to send traffic to wireless filters rule input Supported on Wi AP wireless filters rule input lt rule gt Adds a custom filter definition for incoming wireless traffic Use this command to define custom security filters for incomming wireless traffic Filters are specified using standard pcap syntax http www tcpdump org tcpdump_man html with the addition of a few Alvarion specific placeholders These placeholders can be used to refer to specific MAC addresses and are expanded by the Wi AP when the filter is activated Once expanded the filter must respect the pcap syntax The pcap syntax is documented in the tcpdump man page Placeholders a MAC address of the access controller b MAC address of the bridge g Mac address of the default gateway assigned to the Wi AP Yow MAC address of wireless port wireless filters rule output Supported on Wi AP wireless filters rule output lt rule gt Adds a custom filter definition for outgoing wireless traffic 68 Wi AP CLI Reference Guide Virtual AP Context Use this command to define custom security filters for outgoing wireless traffic Filters are specified using standard pcap syntax http www tcpdump org tcpdump_man html with the addition of a few Alvarion specific placeholders These placeholders can be used to refer to specific MAC addresses and are expanded by the Wi AP when the filter is activated Once expanded the filter must res
37. ber then quits Specifies what to output after completion Specifies to use proxy Default port is 1080 Specifies the file to use for reading random data from SSL Specifies the request command to use Specifies the time needed to trig speed limit abort Defaults to 30 Specifies to stop transfer if below speed limit for speed time secs Includes a time condition to the server HTTP only Sets the maximum number of redirections allowed HTTP only Forces usage of HTTP 1 0 HTTP only Forces usage of TLSv1 HTTP only Forces usage of SSLv2 HTTP only Forces usage of SSLv3 HTTP only Switches to the enable context Wi AP CLI Reference Guide View Context nslookup Supported on Wi AP nslookup option authentication lt host to find gt lt server 1 Queries DNS servers for information on hosts or domains ping Supported on Wi AP ping lt host gt c lt count gt s lt length gt q Determines if the specified remote IP address is active Parameters c host The IP address or DNS name of the host to ping c count Number of pings s length Length of the ping datagram q Quiet mode No output ps Supported on Wi AP ps Displays all running processes quit Supported on Wi AP quit Quits the CLI show license Supported on Wi AP show license EULA gpl other Displays license information show logging filtered Supported on
38. ccnnnnnccccnnnnn cnc 37 soap server access wireless sessssesssseseeee essen nennen nennen tnnt nennen innen terns ennt 37 soap server access local mesh srasni naana EAA ASRA 37 snmp server trap low SiT zeit pe sentes tog a 37 snmp server trap low snr Interval eire mitteret e a ded eeu eee eee 37 snmp server trap low snr level sssssessssseesseeeeeneneenneneren nnne nnn nemen nnne eren nnns 38 snmp server trap new association eeseeeeseseseeeeeeeseeeen nennen nnns nemen nnne tetris 38 snmp server trap new association interval ssssssssseeeeeeeenn meme 38 snmp server trap vpn connection sssssssssssseseeneeeenen nennen nennen mmn nnn nennen nnns nennen nn 38 snmp server trap wireless association fail esseesseeneeem eene 38 snmp server trap wireless associatiOn SUCCESS ssssessseeeeee emen 38 snmp server trap wireless authentication fail esen nnne 39 snmp server trap wireless authentication success oooocccccccccccccccoccnonnonnnononncnnnnnncannnnannannnn nn nenne nnn 39 snmp server trap wireless deauthentication fail esee 39 snmp server trap wireless deauthentication SUCCeSS ssssssseneeeeeeeeeeentttrnrn nen nsnrrrnennnnnn nnnm 39 snmp server trap wireless disassociation fail sese 39 snmp server trap wireless disassociatiOn SUCCESS cooococcccccccccnncnnn
39. cifications on which they are based are subject to change without notice The software described in this document is furnished under a license The software may be used or copied only in accordance with the terms of that license Information in this document is subject to change without notice Corporate and individual names and data used in examples herein are fictitious unless otherwise noted Alvarion Ltd reserves the right to alter the equipment specifications and descriptions in this publication without prior notice No part of this publication shall be deemed to be part of any contract or warranty unless specifically incorporated by reference into such contract or warranty The information contained herein is merely descriptive in nature and does not constitute an offer for the sale of the product described herein Any changes or modifications of equipment including opening of the equipment not expressly approved by Alvarion Ltd will void equipment warranty and any repair thereafter shall be charged for It could also void the user s authority to operate the equipment Wi AP CLI Reference Guide bout This Guide This guide describes the Wi AP CLI This guide comprises the following parts W Chapter 1 Introduction on page 1 E Chapter 2 CLI Commands on page 11 Contents Chapter 1 Introduction 1 1 About this UI E 2 NM Gre EE 2 TIO AL terms eto ata aa 2 uw Seiller IER 2 1 2 CLI support
40. control channel with a Wi2 Controller series service controller The service controller manages the AP and provides all configuration settings Discovery of the service controller is automatic if default settings are used on all devices NOTE In controlled mode access to the CLI is possible only before any control channel is established which can occur in the following scenarios Ml Network failures prevent a control channel from being created E After a AP is restarted prior to establishment of the control channel during the brief service controller discovery process When the AP is in controlled mode a reduced number of CLI commands are available The most notable command is switch operational mode which enables you to switch the AP to autonomous mode Also the config context is not available Autonomous mode When in autonomous mode the AP operates as a stand alone unit You can configure and manage the AP using the AP s management tool SNMP CLI or SOAP Autonomous mode supports all CLI commands Wi AP CLI Reference Guide Configuring CLI support 4 3 Configuring CLI support Using the AP s management tool open the page Management gt CLI Use this page to enable disable CLI support via an SSH or serial connection A maximum of three concurrent CLI sessions are supported regardless of the connection type Command Line Interface CLI configuration Secure Shell access Serial port access MV Enable
41. device interface using ARP packets Wi AP CLI Reference Guide 17 Chapter 2 CLI Commands arp Supported on Wi AP arp evn H lt type gt i if lt hostname gt arp v i if d lt hostname gt pub arp v H lt type gt i if s lt hostname gt lt hw_addr gt temp arp v H lt type gt i if s hostname hw addr lt netmask gt lt nm gt pub arp v H lt type gt i if Ds lt hostname gt ifa lt netmask gt lt nm gt lt pub gt Displays and modifies the Internet to Ethernet address translation tables used by the address resolution protocol end Supported on Wi AP end Switches to parent context quit Supported on Wi AP quit Exit the enable context rcapture Supported on Wi AP recapture lt a gt lt b gt lt c gt lt d gt lt e gt lt f gt lt g gt lt h gt Sends port capture to an FTP server Refer to Linux documentation for a complete description of this command and its options show arp Supported on Wi AP show arp Show the ARP table show bridge Supported on Wi AP show bridge Show bridge information show bridge forwarding Supported on Wi AP show bridge forwarding Show bridge forwarding information Wi AP CLI Reference Guide Enable Context show dns cache Supported on Wi AP show dns cache lt serial gt Show DNS cache entries Specify a serial number to display detailed in
42. e SOAP server soap server access interface vlan Supported on Wi AP soap server access interface vlan lt name gt Enables access to SOAP via this VLAN no soap server access interface vlan lt name gt Disables access to SOAP via this VLAN soap Server access port 1 Supported on Wi AP soap server access port 1 Enables SOAP access on the downstream port no soap Sserver access port 1 Blocks SOAP access on the downstream port soap Server access port 2 Supported on Wi AP soap server access port 2 Enables SOAP access on the upstream port no Soap server access port 2 Blocks SOAP access on the upstream port soap server allow Supported on Wi AP Soap server allow ip address gt lt mask gt Adds a host to the list of IP address from which access to the SOAP interface is permitted no soap server allow ip address gt lt mask gt Removes a host from the list of IP address from which access to the SOAP interface is permitted Wi AP CLI Reference Guide 35 Chapter 2 CLI Commands Parameters lt address gt IP address lt mask gt Subnet mask in CIDR format Specifies the number of bits in the mask soap server http authentication Supported on Wi AP soap server http authentication Enable the SOAP server HTTP authentication no soap server http authentication Disable the SOAP server HTTP authentication soap server http authentication password Supported on Wi AP soap server htt
43. eeeeeeeeeeeeeeaaeeeeeeeaaaeeeeeeeeeseeeneeneeneeees 20 SHOW local Mesh data 20 Show Wireless neighborhood 2 etait ceres oerte CE tyi belle 20 show wireless TOQUE Pin EOM 20 SHOW client OG MEE 20 COMO cR 20 SHOW All CONMNG rc 20 2 3 Config Conta cosmetica 21 i e C 21 COMMIMNGATS IDINGING EE 21 certificate TEVOCATION siii di ii rr 21 mI 21 Tactoly SCUINGS evt bl ea bli 21 Interface ei iaa 21 Eelere EE 22 eei EE 22 show certificate binding ccce tenebre et LC a Cei en quie D b 22 SRON CONI e CE 22 USCINAIMG PPM ii o A Aaaa Aaaa KEAT A aAA EE ER 22 O pm EE 22 Merac WEISS gies 22 local mesh te UE 23 nizigizte Ne cem mc 23 virtual dpto 23 admin authentication local fallback A 23 admin authentication radius s e sisssscsto i aana aE enne enne nennen nennen innen a 23 Clock Vern cre lied 24 ele Tee 24 Je DUD POT esise aa O 24 lena een de 24 MIP elt ele 25 MO SCI acota adn dai AD note anne nas ae aaa ee 25 snmp server trap certificate expired oooocconncccccnonnnccccnnnnn cnc crac 25 snmp server trap certificate expires S0O0N sese eene rennen nennen 25 snmp server trap web Talll 2 ida dali eat 25 snmp server trap web login esias srat arkni aaa cnn nan cnn rr 26 snmp server trap Web lOgQuUt isdans cree Cerere te rue ein 26 Wi AP CLI Reference Guide Contents
44. er on the bridges The root will be the bridge with the lowest bridge ID The Bridge priority has a valid range of O to OxFFFF The default value is the middle value 0x8000 Wi AP CLI Reference Guide 47 Chapter 2 CLI Commands bridge protocol ieee Supported on Wi AP bridge protocol ieee Enable the bridge spanning tree protocol to prevent undesirable loops from occurring in the network that may result in decreased throughput no bridge protocol ieee Disable the bridge spanning tree protocol bridge protocol ieee vian Supported on Wi AP bridge protocol ieee vlan Enable the bridge spanning tree protocol for VLANs no bridge protocol ieee vlan Disable the bridge spanning tree protocol for VLANs ip route gateway Supported on Wi AP ip route gateway lt destination gt lt mask gt lt gateway gt lt metric gt Adds a static route no ip route gateway lt destination gt lt mask gt lt gateway gt lt metric gt Removes the specified static route Parameters lt destination gt Traffic addressed to this IP address will be routed lt mask gt Indicates the number of bits in the destination address that is checked for a match lt gateway gt Indicates the IP address of the gateway the Wi AP will forward routed traffic to The gateway address must be on the same subnet as one of the available interfaces Internet port or LAN port lt metrix gt Indicates the priority of a route If two routes ex
45. erver trap syslog matches Send a trap when syslog messages matches a specified regular expression no snmp server trap syslog matches Do not send this trap snmp server trap syslog matches regex Supported on Wi AP snmp server trap syslog matches regex lt regex gt Sets the regular expression used to match the systlog messages snmp server trap syslog severity level Supported on Wi AP snmp server trap syslog severity level debug info notice warning error critical alert emergency Set the severity level of syslog messages that will trigger a trap 40 Wi AP CLI Reference Guide Config Context snmp server trap network trace Supported on Wi AP snmp server trap network trace Send a trap when a network trace is started or stopped no snmp server trap network trace Do not send this trap firmware update automatic Supported on Wi AP firmware update automatic Enables scheduled firmware upgrades no firmware update automatic Disables scheduled firmware upgrade The Wi AP can automatically retrieve and install firmware from a local or remote URL at preset times By placing Wi AP firmware on a web or ftp server you can automate the update process for multiple units When the update process is triggered the Wi AP retrieves the first 2K of the firmware file to determine if it is different from the active version If different the entire firmware file is then downloaded and installed
46. fied Virtual AP profile Parameters name Name of an existing or new VAP vertual network profile admin authentication local fallback Supported on Wi AP admin authentication local fallback Allow administrators to login via the local account if the RADIUS server is unreachable no admin authentication local fallback Do not allow administrators to login via the local account if the RADIUS server is unreachable admin authentication radius Supported on Wi AP admin authentication radius lt name gt Sets the RADIUS profile to use for authentication of administrator logins Wi AP CLI Reference Guide 23 Chapter 2 CLI Commands no admin authentication radius Sets the authentication of administrator logins to occur using the specified RADIUS profile Parameters lt name gt RADIUS profile name clock summer time Supported on Wi AP clock summer time Enables support for daylight savings time no clock summer time Disables support for daylight savings time clock timezone Supported on Wi AP clock timezone gmtdiff Sets the time zone the Wi AP is operating in Parameters lt gmtdiff gt Offset from GMT as follows HOUR MIN For example Eastern Standard time is 5 00 ip http port Supported on Wi AP ip http port lt number gt Sets the port number to use for HTTP access to the Wi AP Parameters lt number gt Port number Range 1 65535 Description HTTP connections
47. formation show interfaces Supported on Wi AP show interfaces Show networking interfaces show ip route Supported on Wi AP show ip route Show all IP routes show system info Supported on Wi AP show system info Show basic system information factory reset Supported on Wi AP factory reset Resets the unit to factory default settings switch operational mode Supported on Wi AP switch operational mode Switches the unit s operational mode show dot11 associations Supported on Wi AP show dot11 associations Show all current wireless associations Wi AP CLI Reference Guide 19 Chapter 2 CLI Commands show dot11 statistics client traffic Supported on Wi AP show dot11 statistics client traffic Show current client matrix statistics show local mesh Supported on Wi AP show local mesh Show current local mesh interfaces show wireless neighborhood Supported on Wi AP show wireless neighborhood Show all access points detected nearby show wireless rogue ap Supported on Wi AP show wireless rogue ap Show all rogue access points detected nearby show client log Supported on Wi AP show client log lt macaddr gt Display client station log Enter the MAC address to display more details for a specific client station config Supported on Wi AP config Switches to the config context show all config Supported on Wi AP show all config Print all configuration
48. h profile Enables access to the management tool via the specified local mesh no soap server access local mesh profile Disables access to the management tool via the specified local mesh snmp server trap low snr Supported on Wi AP snmp server trap low snr Send a trap when the average signal to noise ratio on a VAP virtual network exceeds a specified level no snmp server trap low snr Do not send this trap snmp server trap low snr interval Supported on Wi AP snmp server trap low snr interval number Sets the interval at which the average SNR level is checked for each VAP virtual network Wi AP CLI Reference Guide 37 Chapter 2 CLI Commands snmp server trap low snr level Supported on Wi AP snmp server trap low snr level lt number gt Sets the SNR level that will trigger a trap snmp server trap new association Supported on Wi AP snmp server trap new association Send trap on when a new wireless client station associates with any VAP VSC no snmp server trap new association Do not send this trap snmp server trap new association interval Supported on Wi AP snmp server trap new association interval lt number gt Interval in minutes between notifications snmp server trap vpn connection Supported on Wi AP snmp server trap vpn connection Send a trap when a customer establishes a VPN connection with the Wi AP no snmp server trap vpn connection Do not send this
49. he management tool SNMP traffic interface vlan Supported on Wi AP interface vlan lt id gt lt id2 gt Switches to the specified VLAN interface or create a new VLAN interface with the specified ID no interface vlan lt id gt lt id2 gt Deletes the specified VLAN interface Parameters lt id gt VLAN ID Range 1 4094 lt id2 gt VLAN ID When specified is the last value in a range Wi AP CLI Reference Guide 55 Chapter 2 CLI Commands 2 6 56 WAN IP Interface Context Context path View gt Enable gt Config gt WAN IP interface This context provides commands for configuring various IP networking related settings pppoe client user Supported on Wi AP pppoe client user lt username gt lt password gt Sets the PPPoE username and password no pppoe client user Deletes the PPPoE username Parameters lt username gt The username assigned to you by your ISP The Wi AP will use this username to log on to your ISP when establishing a PPPoE connection lt password gt The password assigned to you by your ISP The Wi AP will use this username to log on to your ISP when establishing a PPPoE connection ip address mode Supported on Wi AP ip address mode dhcp pppoe static Sets the IP addressing mode for Port 2 Parameters dhcp Dynamic host configuration protocol The DHCP server will automatically assign an address to the Wi AP which functions as a DHCP c
50. ial services is a method for defining IP traffic priority on a per hop basis The Differential Service bits are defined in RFC2474 and are composed of the six most significant bits of the IP TOS field These bits define the class selector code points which the CN320 maps to the appropriate traffic queue default setting tos The IP TOS type of service field can be used to mark prioritization or special handling for IP packets upstream diffserv tagging Supported on Wi AP upstream diffserv tagging Enables upstream diffserv tagging no upstream diffserv tagging Disables upstream diffserv tagging wmm advertising Supported on Wi AP wmm advertising Enables WMM information element advertising no wmm advertising Disables WMM information element advertising 76 Wi AP CLI Reference Guide Virtual AP Context location aware group Supported on Wi AP location aware group lt name gt Sets the specified group name for the access point no location aware group Deletes the specified group name for the access point end Supported on Wi AP end Switches to parent context security Supported on Wi AP security none wep 802 1x wep static wep wpa psk radius vl v2 Sets the current wireless security policy Parameters none No wireless security wep This option enables support for wireless users with WEP client software 802 1x This option enables support for wireless users with
51. ify how many retries the service sensor will attempt when polling the target device When the retry limit is reached the radio on the Wi AP is turned off Parameters lt retires gt Number of retries Range O 100 service sensor timeout Supported on Wi AP service sensor timeout lt seconds gt Sets how long the service sensor will wait for a response to a poll before timing out Parameters lt seconds gt Length of timeout Range 1 5 seconds Wi AP CLI Reference Guide 43 Chapter 2 CLI Commands ip name server Supported on Wi AP ip name server lt primary gt lt secondary gt Sets the primary and secondary DNS servers overriding dynamically assigned ones Parameters lt primary gt IP address of the primary DNS server lt secondary gt IP address of the secondary DNS server ip name server cache Supported on Wi AP ip name server cache Enables the DNS cache no ip name server cache Disables the DNS cache Once a host name has been successfully resolved to an IP address by a remote DNS server it is stored in the cache This speeds up network performance as the remote DNS server now does not have to be queried for subsequent requests for this host The entry stays in the cache until an error occurs when connecting to the remote host the time to live TTL of the DNS request expires the Wi AP is restarted ip name server dynamic Supported on Wi AP ip name server dynamic
52. ile and cannot be deleted The following example shows how to add a new VAP VSC with egress mapped to an existing VLAN named hongkong CLI config virtual ap newap CLI virtual ap access control CLI virtual ap egress any vlan hongkong CLI virtual ap ssid name newap CLI virtual ap ingress ssid CLI virtual ap bandwidth high CLI virtual ap end CLI config virtual ap name Supported on Wi AP virtual ap name lt name gt Change the VAP VSC name access controller Supported on Wi AP access controller Use the services of an access controller for authentication and control of client sessions no access controller Do not use the services of an access controller for authentication and control of client sessions ingress interface Supported on Wi AP ingress interface wireless wireless lt name gt Sets the specified interface as the ingress interface traffic will be accepted on no ingress interface wireless wireless lt name gt Removes the specified interface as an ingress interface Wi AP CLI Reference Guide Virtual AP Context max association Supported on Wi AP max association stations Sets the maximum number of clients stations that can associate with this VAP VSC stations Number of client stations Range 1 255 ssid name Supported on Wi AP Ssid name name Specifies the WLAN name SSID for the profile vlan Supported on Wi AP
53. in autonomous and controlled modes esses 4 1 2 1 COMTO ALO EE 4 kr dee 4 1 3 Configuring CLI support eeeeee ra rere eere 5 ll 7 1 GT 8 Uis glocuinoo dp E 9 Chapter 2 CLI Commands PLU VANS O IUE 12 ep f a cm 12 ou AQ di teows ed eege eege eegene Sege egene Sue Sage eg 12 ll EE 14 aio e 15 ll A E 15 EI elen 15 e m H RH 15 SNOW To 4 E ET 15 show logging filtered omo a ene Le roo 15 el EE 15 tracert I a A A a ee 16 2 2 Enable COMeXt SEN 17 FEDOOU ASVICO RTL 17 PP O yg al ddantab shedvaadisnvdabeteaanvast 17 show certificate binding 2mm Rd eee 17 DINO M 17 Contents c m 18 jr EC 18 OUE acetic 18 ell 18 C Ei m laters 18 Show bridge EE 18 show bridge forwardirig reor dali reed 18 SNOW CMS cacho samep EE 19 Ve Wi 19 oor EET 19 Show SYLEN Lut diia sde 19 Tacto Mi E 19 Switch operational mode cce ccrte E eene Dente ee Cc ee ee Ce eie bed en 19 SHOW dori ASSOCIAUONS mm 19 show dot11 statistics client traffic 2 0 eect eeeeeee ee eeeeeeeeee
54. ine j lt cert passwd gt Specifies to create the necessary local directory hierarchy Specifies to convert LF to CRLF in upload Specifies to fail silently no output at all on errors HTTP only Specifies HTTP POST data HTTP only Specifies to disable URL sequences and ranges using and Specifies to send the d data with a HTTP GET HTTP only Displays this help text Specifies the custom header to pass to the server HTTP only Specifies to include the HTTP header in the output HTTP only Specifies to fetch document info only Specifies to ignore session cookies read from file HTTP only interface interface Specifies the interface to use krb4 level limit rate rate L m lt seconds gt M n netrc optional N o lt file gt P lt address gt Specifies to enable krb4 with specified security level FTP only Specifies to disallow curl to connect to SSL sites without certificates HTTP only Specifies which config file to read Specifies to list only names of an FTP directory FTP only Specifies the speed limit for transfers Specifies Follow Location hints HTTP only Specifies the maximum time allowed for the transfer Specifies to display huge help text Specifies to read netrc for user name and password Specifies to use either netrc or URL overrides n Optional parameter that disables the buffering of the output stream Specifies
55. ist for a destination address then the Wi AP chooses the one with the lower metric dot1x reauth Supported on Wi AP dotix reauth Enable this option to force 802 1X client stations to reauthenticate no dotlx reauth Disables 802 1X reauthentication 48 Wi AP CLI Reference Guide Config Context dot1x reauth period Supported on Wi AP dot1x reauth period 15m 30m lh 2h 4h 8h 12h Sets the 802 1X reauthentication interval Client stations must reauthenticate when this interval expires dot1x reauth terminate Supported on Wi AP dotlx reauth terminate Enable this option to allow client stations to remain connected during re authentication Client traffic is blocked only when re authentication fails no dotlx reauth terminate Disabled this option to block client traffic during re authentication and only activate traffic again if authentication succeeds dot1x supplicant timeout Supported on Wi AP 802 1x supplicant time out lt seconds gt Sets the 802 1X supplicant time out Parameters lt seconds gt time out in seconds dynamic key Supported on Wi AP dynamic key Enables dynamic key support for 802 1X and WPA no dynamic key Disables dynamic key support for 802 1X and WPA dynamic key interval Supported on Wi AP dynamic key interval 5m 10m 15m 30m 1h 2h 4h 8h 12h Specifies how often in minutes or hours that the group broadcast key is changed for 802
56. ity Supported on Wi AP priority low medium high very high gt Sets the priority for this IP QoS profile Parameters priority Available priorities are low medium high and very high profile name Supported on Wi AP profile name name Changes the name of the IP QoS profile protocol Supported on Wi AP protocol number Specifies the protocol ID use for this IP QoS profile Parameters number Protocol number Range O 255 Wi AP CLI Reference Guide 87 Chapter 2 CLI Commands start po rt Supported on Wi AP start port lt number gt Specifies the start port to use for this IP QoS profile Parameters lt number gt Start port number Range O 65535 88 Wi AP CLI Reference Guide GRE Interface Context 2 13 GRE Interface Context Context path View Enable Config GRE interface Details of the GRE interface end force Supported on Wi AP end force Quits the GRE context gre name Supported on Wi AP gre name name Renames the current GRE interface ip address Supported on Wi AP ip address ip address gt lt mask gt Set the local tunnel IP address and mask peer ip address Supported on Wi AP peer ip address ip address Sets the GRE peer IP address remote ip address Supported on Wi AP remote ip address ip address Sets the remote tunnel IP address Wi AP CLI Reference Guide 89 I Chapter 2 CLI C
57. led modes on page 4 Configuring CLI support on page 5 SSH client support on page 7 Entering strings on page 8 Context Hierarchy on page 9 Chapter 1 Introduction Ll About this guide This guide explains how to work with the Command Line Interface CLI on Alvarion MultiService Access Points points operating in autonomous mode 1 1 1 Products covered This guide covers these access points E Wi AP 1 1 2 Important terms The following terms are used in this guide Term Description AP MAP These terms are used interchangeably to to refer to any Alvarion MultiService Access Point as defined in Products Covered above service controller These terms are used interchangeably to refer to any MSC Alvarion MultiService Controller Wi AP These product name references also include the R versions local mesh Previously referred to as WDS Some older commands refer to wireless links whereas newer commands use the local mesh terminology and they also provide dynamic functionality Virtual MAPmap VAP In this document the terms Virtual MAPmap and VAP are used in place of VSC Virtual Service Community 1 1 3 Typographical conventions 1 1 3 1 Command syntax Command syntax is formatted in a monospaced font as follows Example Description use access list Command name Specify it as shown
58. lient pppoe Point to point protocol over Ethernet The PPPoE server will automatically assign an IP address to the Wi AP You need to supply a username and password so the Wi AP can log on static This option enables you to manually assign an IP address to the Wi AP ip address Supported on Wi AP ip address lt ip address gt lt mask gt Sets a static IP address for the port Parameters lt address gt IP address Wi AP CLI Reference Guide WAN IP Interface Context lt mask gt Subnet mask in CIDR format Specifies the number of bits in the mask ip address dhcp client id Supported on Wi AP ip address dhcp client id lt id gt Specifies an ID to identify the Wi AP to a DHCP server This parameter is not required by all ISPs no ip address dhcp client id Deletes the specified DHCP client id end Supported on Wi AP end Switches to parent context pppoe auto reconnect Supported on Wi AP pppoe auto reconnect The Wi AP will automatically attempt to reconnect if the connection is lost no pppoe auto reconnect The Wi AP will not automatically attempt to reconnect if the connection is lost pppoe mru Supported on Wi AP pppoe mru lt bytes gt Specifies the maximum receive unit Changes to this parameter should only be made according to the recommendations of your ISP Incorrectly setting this parameter can reduce the throughput of your Internet connection Parameter
59. m will help to reduce the amount of crosstalk between the wireless stations to better support roaming clients By reducing the receiver sensitivity client stations will be more likely to connect with the nearest access point dot11 Supported on Wi AP dot11 mode frequency Sets the wireless mode and the frequency the Wi AP will operate at Parameters mode Sets the transmission speed and frequency band The available options are determined by the wireless card installed in the Wi AP and may include b Selects 802 11b providing 11 Mbps in the 2 4 GHz frequency band g Selects 802 11g providing 54 Mbps in the 2 4 GHz frequency band bg Selects 802 11b 802 11g providing 11 and 54 Mbps in the 2 4 GHz frequency band frequency Sets the operating frequency by specifying a number in GHz or by specifying a channel number The frequencies that are available are determined by the radio installed in the Wi AP and the regulations that apply in your country For optimum performance when operating in 802 11b or 802 11g modes choose a frequency that differs from other wireless access points operating in neighboring cells by at least 25 MHz transmit power Supported on Wi AP transmit power DB max Sets the maximum transmission power of the wireless radio 60 Wi AP CLI Reference Guide Wireless Context Parameters lt db gt Power is specified in steps of 1dBm The maximum setting is 18 dBm
60. made to this port are met with a warning and the browser is redirected to the secure web server port By default this parameter is set to port 80 ip https port Supported on Wi AP ip https port lt number gt Sets the port number used for HTTPS access to the Wi AP Parameters lt number gt Port number Range 1 65535 24 Wi AP CLI Reference Guide Config Context ntp protocol Supported on Wi AP ntp protocol ntp sntp Sets the network time protocol to use ntp server Supported on Wi AP ntp server Enable this option to have the Wi AP periodically contact a network time server to update its internal clock no ntp server Disables the use of a network time server snmp server trap certificate expired Supported on Wi AP snmp server trap certificate expired Send a trap when the SSL certificate has expired A trap is sent every 12 hours no snmp server trap certificate expired Do not send a trap when the SSL certificate has expired snmp server trap certificate expires soon Supported on Wi AP snmp server trap certificate expires soon Send a trap when the SSL certificate is about to expire A trap is sent every 12 hours starting 15 days before the certificate expires no snmp server trap certificate expires soon Do not send a trap when the SSL certificate is about to expire snmp server trap web fail Supported on Wi AP snmp server trap web fail Send a trap each time an adminis
61. mal numbers separated by colons with the values a to fin lowercase For example 00 03 52 0a 0f 01 Description This feature enables you to control access to the Wi AP based on the MAC address of client stations You can either block access or allow access depending on your requirements When both this option and the MAC based authentication options are enabled the following applies if a customer A s MAC address does not appear in the MAC filtering list then MAC based authentication takes place for that customer 70 Wi AP CLI Reference Guide Virtual AP Context mac filters mode Supported on Wi AP mac filters mode allow block Either allow or block access to the wireless network for client stations whose addresses appear in the MAC filter list mac authentication accounting Supported on Wi AP mac authentication accounting Enables RADIUS accounting for this VAP VSC no mac authentication accounting Disables RADIUS accounting for this VAP VSC mac authentication accounting radius profile Supported on Wi AP mac authentication accounting radius profile lt name gt Sets RADIUS accounting to use the specified RADIUS profile no mac authentication accounting radius profile Disables accounting support for MAC authentication mandatory authentication Supported on Wi AP mandatory authentication MAC based authentication is mandatory no mandatory authentication MAC based authentication is not mandat
62. matic frequency Disable automatic frequency selection dot11 automatic frequency period Supported on Wi AP dot11 automatic frequency period disabled lh 2h 4h 8h 12h 24h Specify how often the frequency setting is re evaluted when automatic frequency selection is enabled dot11 automatic frequency time Supported on Wi AP dot11 automatic frequency time lt time gt Specify when the channel should be re evaluated dot11 automatic transmit power Supported on Wi AP dot11 automatic transmit power Enables automatic transmit power selection no dotll automatic transmit power Disables automatic transmit power selection dot11 automatic transmit power period Supported on Wi AP dot11 automatic transmit power period lh 2h 4h 8h 12h 24h Sets the interval at which the transmit power setting is re evaluated when automatic power selection is enabled multicast rate Supported on Wi AP multicast rate 1 2 5 5 6 9 11 12 18 24 36 48 54 Sets the transmit rate for multicast traffic This is a fixed rate which means that if a station is too far away to receive traffic at this rate then the multicast will not be seen by the station By rasing the multicast rate you can increase overall throughput significantly 62 Wi AP CLI Reference Guide Wireless Context station distance Supported on Wi AP station distance Okm 5km 10km 15km 20km 25km 30km
63. mers All Alvarion Ltd Alvarion products purchased from Alvarion or through any of Alvarion s authorized resellers are subject to the following warranty and product liability terms and conditions Exclusive Warranty a Alvarion warrants that the Product hardware it supplies and the tangible media on which any software is installed under normal use and conditions will be free from significant defects in materials and workmanship for a period of fourteen 14 months from the date of shipment of a given Product to Purchaser the Warranty Period Alvarion will at its sole option and as Purchaser s sole remedy repair or replace any defective Product in accordance with Alvarion standard R amp R procedure b With respect to the Firmware Alvarion warrants the correct functionality according to the attached documentation for a period of fourteen 14 month from Wi AP CLI Reference Guide iii Legal Rights invoice date the Warranty Period During the Warranty Period Alvarion may release to its Customers firmware updates which include additional performance improvements and or bug fixes upon availability the Warranty Bug fixes temporary patches and or workarounds may be supplied as Firmware updates Additional hardware if required to install or use Firmware updates must be purchased by the Customer Alvarion will be obligated to support solely the two 2 most recent Software major releases ALVARION SHAL
64. mode Supported on Wi AP vlan compatibility mode When this option is enabled the Wi AP sends all management traffic AND all untagged traffic on both the default VLAN and untagged no vlan compatibility mode Disable VLAN and untagged compatibility mode vlan management filter Supported on Wi AP vlan management filter Restricts the default VLAN to carry management traffic only no vlan management filter Does not restrict the default VLAN to carry management traffic only Management traffic includes all traffic that is exchanged by the Wi AP and the access controller all communications with RADIUS servers HTTPS sessions to the management tool SNMP traffic interface vlan Supported on Wi AP interface vlan lt id gt lt id2 gt Switches to the specified VLAN interface or create a new VLAN interface with the specified ID no interface vlan lt id gt lt id2 gt Deletes the specified VLAN Parameters lt id gt VLAN ID Range 1 4094 lt id2 gt VLAN ID When specified this is the last value in a range Wi AP CLI Reference Guide 53 Chapter 2 CLI Commands 2 9 Port 1 Interface Context Context path View gt Enable gt Config gt Port 1 interface This context provides commands for configuring Port 1 duplex Supported on Wi AP duplex auto half full Sets the duplex mode on Port 1 Parameters auto Lets the Wi AP automatically set duplex mode based on
65. nds wireless scan url Supported on Wi AP wireless scan url lt location gt Sets the URL of the file that contains a list of all authorized access points Wi AP CLI Reference Guide 45 Chapter 2 CLI Commands no wireless scan url Deletes the URL of the file that contains a list of all authorized access points Each entry in the file is composed of two items MAC address and SSID Each entry should appear on a new line For example 00 03 52 07 f5 11 AP_1 00 03 52 07 f5 23 AP_2 00 03 52 07 f5 12 AP_3 XML file format is also supported access controller shared secret Supported on Wi AP access controller shared secret lt secret gt Sets the shared secret used to communicate with the service controller no access controller shared secret Sets the shared secret used to communicate with the access controller The service controller will only accept authentication location aware information from Alvarion satellites that have a matching shared secret to its own radius server profile Supported on Wi AP radius server profile lt name gt Creates a new RADIUS profile or switches to the RADIUS context with the specified profile name no radius server profile lt name gt Deletes the specified RADIUS profile ip qos profile Supported on Wi AP ip qos profile lt name gt Creates a new IP QoS profile or switches to the IP QoS context with the specified profile name no ip qos profile l
66. nonanononnnnncnnncnnncnnnnnnnnncnnccnnnnnn 40 snmp server trap wireless reassociation fail sss enne 40 snmp server trap wireless reassociation SUCCESS ssesssseeeeeeeem enn 40 snmp server trap syslog matches sse eene enne nere entren nnns 40 snmp server trap syslog matches regex ssssssssseeee eene nennen nnne nnns 40 snmp server trap syslog severity level sss 40 snmp server trap networkc tlacoe iuc de tenete we eue i RR RR rn PER 41 firmware update automatic eesse nrc oai eaa nan nennen E ANANA nennen nnns 41 iimware update Sii AAE EASA Ee crue ERARAS 41 firmware update TMG AE ER a RES Re PUR EE SEESEN ERR aliena 41 firmware updalte Url ccce rore Lu tte rete t Cm ccu ae E uuu E e nt El 42 firmware update weekday 4 seeeessisesesssesseeeeeeee nennen nennen nennen tenenti nennen nennen 42 snmp server trap firmware update 42 access controller restrict location ssssssessseeneeeeenen mene nnm nnne 42 SOIVICO SONSON c 42 SOTVICO SOMSON e I EE 43 Services ensor Poll eC 43 SOTVICO SONSON TOY ici 43 BEIER sensor UI luisa rte 43 IMAN EE 44 el Ee 44 ip name server dynamic aena a 44 ip name server switch on servfail sssrinin aa AAAA 44 ip name server Switch over EEN 45 snmp server trap unauthorized ap cooonooccccnnnnocccnnnnnnonnncnnnnno nn nn ENNA KARAKANA nn nn 45 snmp server trap unau
67. ommands 2 14 90 Syslog Destination Context Context path View gt Enable gt Config gt Syslog destination This context provides commands for configuring Syslog destinations active Supported on Wi AP active Enables logging to the current destination no active Disables logging to the current destination logging facility Supported on Wi AP logging facility local0 locall local2 local3 local local5 local6 local Sets the facility that is used when logging messages to a syslog server Parameters lt facility gt Available facilities are localO local7 logging host Supported on Wi AP logging host tcp udp lt addr gt lt number gt Sets the remote address the connection protocol and port of current syslog remote destination logging prefix Supported on Wi AP logging prefix lt string gt Sets the prefix that will be prepended to all syslog messages no logging prefix Removes the prefix that is prepended to all syslog messages name Supported on Wi AP name lt name gt Renames the current syslog destination Wi AP CLI Reference Guide Syslog Destination Context end Supported on Wi AP end Switches to parent context level Supported on Wi AP level Enables filtering of the log file by severity level no level Disables filtering of the log file by severity level level Supported on Wi AP level lower highe
68. ory mac authentication radius profile Supported on Wi AP mac authentication radius profile lt radiusname gt Specifies the name of the RADIUS profile to use for MAC based authentication no mac authentication radius profile Do not use a RADIUS profile mac authentication radius stationid case Supported on Wi AP mac authentication radius stationid case uppercase lowercase Specifies the case applied to the station delimiter if it is a letter Wi AP CLI Reference Guide 71 Chapter 2 CLI Commands mac authentication radius stationid delimiter Supported on Wi AP mac authentication radius stationid delimiter null colon dash dot space comma under Specifies the one character delimiter that will be used to format both the calling station ID and the called station ID attributes in RADIUS packets mac authentication Supported on Wi AP mac authentication Enables support for MAC based authentication no mac authentication Disable support for MAC based authentication dot1x mandatory authentication Supported on Wi AP dot1x mandatory authentication Authentication is mandatory no dotlx mandatory authentication Authentication is not mandatory add ip filter Supported on Wi AP add ip filter ip address gt lt mask gt Adds an IP filter to the list of destination addresses that traffic will be accepted for All other traffic will be blocked If the list is empty then all wi
69. p authentication password Set the SOAP server HTTP authentication password soap server http authentication username Supported on Wi AP soap server http authentication username Set the SOAP server HTTP authentication username soap server port Supported on Wi AP soap server port lt port number gt Sets the port the Wi AP will use to respond to SOAP requests Parameters lt port number gt SOAP port number Range 1 65535 soap server ssl Supported on Wi AP soap server ssl SSL enabled for SOAP server no Soap server ssl SSL disabled for SOAP server soap server ssl with client certificate Supported on Wi AP soap server ssl with client certificate Enable the use of client certificate with SSL for SOAP server 36 Wi AP CLI Reference Guide Config Context no soap server ssl with client certificate Disable the use of client certificate with SSL for SOAP server soap Server access interface gre Supported on Wi AP soap server access interface gre lt name gt Enables access to SOAP via the specified GRE tunnel no soap server access interface gre lt name gt Removes access to SOAP via the specified GRE tunnel soap server access wireless Supported on Wi AP Soap server access wireless Enables SOAP access on the wireless port no Soap server access wireless Blocks SOAP access on the wireless port soap server access local mesh Supported on Wi AP Soap server access local mes
70. pect the pcap syntax The pcap syntax is documented in the tcpdump man page Placeholders a MAC address of the access controller b MAC address of the bridge g Mac address of the default gateway assigned to the Wi AP w MAC address of wireless port wireless filters type Supported on Wi AP wireless filters type mac gateway rules Sets the type of wireless security filter to use Parameters mac Traffic is forwarded to an upstream device with a specifiec MAC address Wireless security filters use the default definitions gateway Traffic is forwarded to the default gateway assigned to the Wi AP Wireless security filters use the default definitions custom Lets you define custom security filters and address for the upstream device Description TheWi AP features an intelligent bridge which can apply security filters to safeguard the flow of wireless traffic The filters limit both incoming and outgoing traffic as defined below and force the Wi AP to exchange traffic with a specific upstream device If the Wi AP is configured to use the services of a Alvarion access controller then the default security filters are automatically enabled and all traffic is sent to the access controller Default filters for incoming wireless traffic Applies to traffic sent from wireless client stations to the CNx Accepted Any IP traffic addressed to the access controller PPPOE traffic The PPPoe server must be the
71. ploading FTP only Specifies the User Agent to send to server HTTP only Specifies the cookie string or file to read cookies from HTTP only Specifies to use ASCII text transfer Specifies to write all cookies to this file after operation HTTP only Specifies the absolute resume offset Specifies HTTP POST data HTTP only Specifies HTTP POST ASCII data HTTP only Specifies HTTP POST binary data HTTP only Prevents curl from using EPSV FTP only Specifies to write the headers to this file Specifies EGD socket path for random data SSL only Specifies a certificate file and password HTTPS only Specifies the certificate file type HTTPS only Specifies the private key file HTTPS only Specifies the private key file type HTTPS only Specifies the passphrase for the private key HTTPS only Specifies the crypto engine to use HTTPS only Specifies the CA certificate to verify peer against SSL only Specifies the CA directory to verify peer against SSL only Wi AP CLI Reference Guide View Context ciphers lt list gt compressed compressed Specifies the SSL ciphers to use SSL only Specifies to request a compressed response using deflate Specifies to request a compressed response using deflate connect timeout sec Specifies the maximum time allowed for connection create dirs crlf f F lt name content gt G lt name content gt H l
72. port 2 For example you should be able to ping the RF Manager Server A s IP address from the Wi AP Wi AP CLI Reference Guide Config Context If there are any firewalls between the Wi AP and the RF Manager Server then TCP and UDP ports 3851 must be open bi directionally If using the hostname option an entry must be created on the network DNS server that points to the IP address of the RF Manager Server If using the Server ID option support for multicast traffic must be enabled on all routers and switches connected between the Wi AP and the RF Manager Server sensor network detector Supported on Wi AP sensor network detector Enable the Network Detector no sensor network detector Disable the Network Detector sensor server id Supported on Wi AP sensor server id id Sets the server ID of the the RF Manager Server to connect to Parameters ID Specify the Server ID of the RF Manager Server to connect to Set the Server ID to O to have the Wi AP send a discovery request to all active Alvarion InCharge RF Manager Servers The Wi AP will connect to the first server that responds to the discovery request sensor server name Supported on Wi AP sensor server nam lt name gt Sets the IP address or hostname of the the RF Manager Server to connect to Parameters Name Specify the IP address of the the RF Manager Server or its hostname If a hostname is specified the Wi AP must be able to
73. r debug info notice warning error critical alert emergency Defines the severity of messages that will be logged no level Disables filtering of the log file by severity level Parameters debug Debug level messages info Informational messages notice Normal but significant condition warning Warning conditions error Error conditions critical Critical conditions alert Action must be taken immediately emergency System is unusable matches Supported on Wi AP matches any all filters All three log file filters message process and level are combined to filter the log according to this setting message Supported on Wi AP message Enables filtering of the log file message field Wi AP CLI Reference Guide 91 Chapter 2 CLI Commands 92 no message Disables filtering of the log file message field message Supported on Wi AP message matches notmatches lt regex gt Use this filter to include log messages Use a regular expression to define the match criteria for the log file message field process Supported on Wi AP process Enables filtering of the log file by process name no process Disables filtering of the log file by process name process Supported on Wi AP process matches notmatches lt string gt Use this filter to include log messages according to their process name Wi AP CLI Reference Guide
74. r message authenticator Include the message authenticator attribute in RADIUS packets no radius server message authenticator Do not include the message authenticator attribute in RADIUS packets Wi AP CLI Reference Guide 85 Chapter 2 CLI Commands 86 radius server name Supported on Wi AP radius server name lt name gt Changes the name of the RADIUS profile radius server nasid Supported on Wi AP radius server nasid lt id gt Sets the network access server ID you want to use for the Wi AP By default the serial number of the Wi AP is used The Wi AP includes the NAS ID attribute in all packets that it sends to the RADIUS server radius server timeout Supported on Wi AP radius server timeout Activates RADIUS timeout no radius server timeout Disables RADIUS timeout radius server timeout Supported on Wi AP radius server timeout lt number gt Sets the total timeout for RADIUS requests no radius server timeout Disables RADIUS timeout Wi AP CLI Reference Guide IP_QOS Context 2 12 IP QOS Context Context path View gt Enable gt Config gt IP_QOS This context provides commands for configuring IP QoS profiles end Supported on Wi AP end Returns to a previous context end port Supported on Wi AP end port lt number gt Specifies the end port to use for this IP QoS profile Parameters lt number gt End port number Range O 65535 prior
75. reless to wired LAN traffic is permitted Where address IP address lt mask gt Subnet mask in CIDR format Specifies the number of bits in the mask delete ip filter Supported on Wi AP delete ip filter lt ip address gt lt mask gt Deletes the specified address from the IP filter list If the list is empty then all wireless to wired LAN traffic is permitted Where lt address gt IP address 72 Wi AP CLI Reference Guide Virtual AP Context lt mask gt Subnet mask in CIDR format Specifies the number of bits in the mask delete ip filter all Supported on Wi AP delete ip filter all Deletes all addresses from the IP filter list ip filters Supported on Wi AP ip filters Activates the IP filter which enables you to block wireless to wired LAN traffic on this profile based on its destination address no ip filters Disables the IP filter for this profile active Supported on Wi AP active Enable this VAP virtual network no active Disable this VAP virtual network beacon dtim count Supported on Wi AP beacon dtim count lt number gt Defines the DTIM period in the beacon Client stations use the DTIM to wake up from low power mode to receive multicast traffic The Wi AP transmits a beacon every 100 ms The DTIM counts down with each beacon that is sent therefore if the DTIM is set to 5 then client stations in low power mode will wake up every 500 ms 5 second
76. rface to which this local mesh link applies no interface radiol radio2 radio3 Select the interface to remove for this local mesh link local mesh name Supported on Wi AP local mesh name lt name gt Renames the current local mesh link remote mac Supported on Wi AP remote mac lt address gt Sets the MAC address of the remote access point no remote mac Deletes the MAC address of the remote access point Parameters lt address gt MAC address Specify 6 pairs of hexadecimal numbers separated by colons with the values a to f in lowercase For example 00 03 52 0a 0f 01 Wi2 AP CLI Reference Guide Local Mesh Context security Supported on Wi AP security Enables wireless security no security Disables wireless security security mode Supported on Wi AP security mode wep tkip ccmp Set the security mode security psk Supported on Wi AP security psk lt secret gt Sets the PSK secret no security psk Clears the PSK secret security wep Supported on Wi AP security wep lt key gt Sets the WEP key no security wep Deletes the WEP key speed Supported on Wi AP speed auto 1 2 5 5 6 9 11 12 18 24 36 48 54 Sets the speed of the wireless link in Mbps interface vlan Supported on Wi AP interface vlan lt id gt Switches to the specified VLAN interface or create a new VLAN interface with the specified Id no interface vlan lt number
77. rted on Wi AP snmp server contact lt email gt Specifies contact information no snmp server contact Deletes contact information Parameters lt email gt Email address snmp server heartbeat period Supported on Wi AP snmp server heartbeat period lt seconds gt Sets the interval between sending heartbeat traps Parameters lt seconds gt Heartbeat interval in seconds Wi AP CLI Reference Guide 31 Chapter 2 CLI Commands snmp server location Supported on Wi AP snmp server location lt name gt Specifies the location where the Wi AP is installed no snmp server location Deletes location information Parameters lt name gt Location where the Wi AP is installed snmp server port Supported on Wi AP snmp server port lt port number gt Sets the port the Wi AP will use to respond to SNMP requests Parameters lt port number gt SNMP port number Range 1 65535 snmp server readonly Supported on Wi AP snmp server readonly lt community gt Sets the read only community string no snmp server readonly Deletes the read only community string snmp server readwrite Supported on Wi AP snmp server readwrite lt community gt Sets the read write community string no snmp server readwrite Deletes the read write community string snmp server trap Supported on Wi AP snmp server trap Enables support for SNMP traps no snmp server trap Disables support for SNMP traps
78. s lt bytes gt Maximum size in bytes of a PPPoE packet when receiving Range 500 1500 bytes pppoe mtu Supported on Wi AP pppoe mtu lt bytes gt Specifies the maximum transmit unit Wi AP CLI Reference Guide 57 Chapter 2 CLI Commands 58 Changes to this parameter should only be made according to the recommendations of your ISP Incorrectly setting this parameter can reduce the throughput of your Internet connection Parameters lt bytes gt Maximum size in bytes of a PPPoE packet when transmitting Range 500 1500 bytes pppoe unnumbered Supported on Wi AP pppoe unnumbered Enable unnumbered mode no pppoe unnumbered Disable unnumbered mode This feature is useful when the Wi AP is connected to the Internet and NAT is not being used Instead of assigning two IP addresses to the Wi AP one to the Internet port and one to the LAN port both ports can share a single IP address This is especially useful when a limited number of IP addresses are available to you Wi AP CLI Reference Guide Wireless Context 2 7 Wireless Context Context path View gt Enable gt Config gt Wireless This context provides commands for configuring the wireless network end Supported on Wi AP end Switches to parent context radio active Supported on Wi AP radio active Enables the radio no radio active Disables the radio rts threshold Supported on Wi AP rts threshold lt val
79. sesocick ener en gege AEN ed EE ee Cu Nar Re ER SEN ANO eege dee T rEFEEE 85 Ee WEE ln e EE 85 zeli ay RE 85 radius server message authenticator ooooooccocccocccccccccononononononcnnncnnnnnnnnnnnnnnnn non eere nennen nennen 85 radi s server NAME cis 86 radius server nasid inside a ea e Fo ERE ERR dO DR 86 radi ssServer TIMEOUT i eiie ribns ri er a ario 86 radius servef timeoOLIt 12 ceret aae Pace va ad cid 86 APA QOS COMME e 87 o EA 87 egeo eo 87 lee H 87 profile Name mE 87 e 0 1810 IPR 87 rca ln NEES EE EES a aa endtenmendencaeee 88 2 13GRE Interface ConteXtiuicioninniinn air 89 le tel re EEN 89 USEING ota EET 89 lorc 89 peer ID address c m 89 remote IP address AN 89 2 149 yslog Destination Conta 90 Cen penca doin aorta cid 90 logging facility voii dio 90 JOGGING NOSE REEL 90 JOGGING E EE 90 aLl ctet E 90 nm 91 A EE 91 E WEE 91 rues datada 91 MESSAGE iii ir iii 91 MESSAJO peut 92 lee 92 e EE 92 xvi Wi AP CLI Reference Guide Chapter 1 Introduction In This Chapter About this guide on page 2 CLI support in autonomous and control
80. specify to generate the TKIP keys that encrypt the wireless data stream Since this is a static key it is not as secure as using dynamically generated keys authentication server accounting radius stationid case Supported on Wi AP authentication server accounting radius stationid case uppercase lowercase Specifies the case applied to the station delimiter if it is a letter authentication server accounting radius stationid delimiter Supported on Wi AP authentication server accounting radius stationid delimiter null colon dash dot space comma under Specifies the one character delimiter that will be used to format both the calling station ID and the called station ID attributes in RADIUS packets Wi AP CLI Reference Guide 67 Chapter 2 CLI Commands wireless filters Supported on Wi AP wireless filters Enables the wireless security filters which only allow traffic to flow between the Wi AP and a specific upstream device such as a Alvarion service controller no wireless filters Do not limit traffic flow between the Wi AP and an upstream device This prevents wireless customers from accessing resources on the backbone LAN that interconnects the Wi AP and the upstream device wireless filters mac Supported on Wi AP wireless filters mac lt mac gt Sets the MAC address of the upstream device to send traffic to no wireless filters mac lt mac gt Deletes the MAC address of the upstre
81. t name gt Deletes the specified IP QoS profile 46 Wi AP CLI Reference Guide Config Context dot11 igmp snooping helper Supported on Wi AP dot11 igmp snooping helper Enables IGMP snooping helpers which ensure that the Wi AP correctly delivers multicast packets to roaming client stations that are part of a multicast group no dotll igmp snooping helper Disable IGMP snooping helpers discovery protocol Supported on Wi AP discovery protocol Enables broadcast of Alvarion device information for interoperability with CDP enabled networking hardware no discovery protocol Disable broadcast of Alvarion device information discovery protocol device id Supported on Wi AP discovery protocol device id lt name gt Overwrite the device id field of information packets the Wi AP serial number is not used no discovery protocol device id Do not overwrite the device id field of information packets use the Wi AP serial number bridge priority Supported on Wi AP bridge priority lt number gt Sets the bridge priority for the spanning tree The spanning tree uses the bridge ID to elect the root bridge and the designated bridges The bridge ID is built with the MAC address of the bridge and the bridge priority The first 2 most significant bytes are the bridge priority and the next 6 bytes are the MAC address To control which bridge will become the root bridge you can configure the bridge priority paramet
82. te binding Supported on Wi AP show certificate binding Display how the certificates are used show config Supported on Wi AP show config factory Generates a list of CLI commands that can be used to define the currently loaded configuration username Supported on Wi AP username lt user gt lt password gt Changes the current administrator username and password Parameters lt user gt New administrator username lt password gt New administrator password interface ip Supported on Wi AP interface ip Switches to the specified IP interface context interface wireless Supported on Wi AP interface wireless lt interface number gt Switches to the specified wireless interface context 22 Wi AP CLI Reference Guide Config Context local mesh profile Supported on Wi AP local mesh profile lt name gt Switches to the specified local mesh link context Parameters lt name gt Number of the local mesh link to configure interface gre Supported on Wi AP interface gre lt name gt Switches to the specified GRE interface or creates a new GRE interface with the specified name no interface gre lt name gt Deletes the specified GRE interface virtual ap Supported on Wi AP virtual ap lt name gt Creates a new VAP virtual network profile or switches to the existing VAP virtual network context with the specified name no virtual ap lt name gt Deletes the speci
83. that applies to this device This is equivalent to config gt show config 20 Wi AP CLI Reference Guide Config Context 2 3 Config Context Context path View gt Enable gt Config This is the root context for all configuration commands certificate Supported on Wi AP certificate authority local lt uri gt lt certname gt lt password gt Add a new certificate to the store using the friendly name certificate binding Supported on Wi AP certificate binding web management html auth soap eap lt certname gt Assign a certificate to a service no certificate binding web management html auth soap eap lt certname gt Unassign a certificate from a service certificate revocation Supported on Wi AP certificate revocation lt uri gt lt certname gt Add a Certificate Revocation List to an existing authority certificate end Supported on Wi AP end Switches to parent context factory settings Supported on Wi AP factory settings Resets the system configuration to factory default settings interface ethernet Supported on Wi AP interfac thernet port 1 port 2 Switches to the specified Ethernet interface context Wi2 AP CLI Reference Guide 21 Chapter 2 CLI Commands reboot device Supported on Wi AP reboot device Restarts the system show certificate Supported on Wi AP show certificate Display current certificates show certifica
84. the CLI on SSH M Enable the CLI on serial port use hardware flow control Serial port speed 115200 Figure 1 1 Command Line Interface CLI Configuration The CLI supports SSH on the standard TCP port 22 Connectivity and login credentials for SSH connections use the same settings as defined for management tool administrators on the Management gt Management tool page ol Wi AP CLI Reference Guide Chapter 1 Introduction Management tool configuration Administrator authentication Authenticate via Local account Username admin Current password New password Confirm new password Login control If an administrator is logged in then a new administrator login Terminates the current administrator session C Is blocked until the current administrator logs out Web server Secure web server port 443 Web server port go Security Access to the management tool is enabled for the addresses and interfaces that are specified below Allowed addresses Active interfaces v Wireless port Iv Port 1 VLAN GRE Mesh Select from the list IP address Mask gt Remove Add M Auto Refresh Interval ls seconds Iv web inactivity logout Timeout 10 minutes Figure 1 2 Management Tool Configuration E SSH connections to the CLI can be made on any active interface Support for each interface must be explicitly enabled under Security B The login
85. the type of equipment it is connected to half Forces the port to operate in half duplex mode full Forces the port to operate in full duplex mode end Supported on Wi AP end Switches to parent context speed Supported on Wi AP speed auto 10 100 Sets the speed of Port 1 Parameters auto Lets the Wi AP automatically set port speed based on the type of equipment it is connected to 100 Forces the port to operate at 100 mbps 10 Forces the port to operate at 10 mbps vlan Supported on Wi AP vlan lt id gt Sets the default VLAN ID Range 1 4094 All outgoing traffic that does not have a VLAN already assigned to it is sent on this VLAN no vlan Deletes the default VLAN ID Wi2 AP CLI Reference Guide Port 1 Interface Context vlan compatibility mode Supported on Wi AP vlan compatibility mode When this option is enabled the Wi AP sends all management traffic AND all untagged traffic on both the default VLAN and untagged no vlan compatibility mode Disable VLAN and untagged compatibility mode vlan management filter Supported on Wi AP vlan management filter Restricts the default VLAN to carry management traffic only no vlan management filter Does not restrict the default VLAN to carry management traffic only Management traffic includes all traffic that is exchanged by the Wi AP and the access controller all communications with RADIUS servers HTTPS sessions to t
86. thorized ap interval oe eee eee eeeeee eee eeeeeee nan nrrrc cnn rr cnn enn 45 Wireless CM Ec 45 wireless scan Penod rica root 45 WIFEIESS SCAN AUN PE 45 access controller shared secret oooonocccccnnoniccconnnonoccnnnnnnnc cnn nnn nn cerro crecen 46 radius server PLOTS iii Dr etu eg ue ett due EE onu e Ev du t ue edd td 46 lee leet 46 dot11 igmp snooping helper EE 47 discovery tere EE 47 Wi AP CLI Reference Guide Contents discovery protocol device id EE 47 elle Te ne mM 47 elle EH PrOtOCOlIOSS Montt 48 bridge protocol ieee vlan oo ooococononcccconnonncccnncnnnnoconononnnncnnnnnnnnccn O nennen ntn nnne nne 48 Jeneeti Xoru T 48 LOTT XIU m t 48 dotix reautl DONO Ro UTE 49 elek e lu 49 lee Wieler ul ae Lu EE 49 ek Luet iaa id 49 dynamic key interval nissan 49 add wireless ip qos profile ooooonnncccccnonanoccconnonaccnnnnnnnc cnn ncn nn cnn 50 delete wireless ip qos profile all ooonnoonicidinndnnnncnnnnnnnoconncccnnnconcnn nene 50 delete wireless ip qos profile 22 2 ceeeeccceeeeeeseeceeeeeeeeeeeeeeeseeeeeeeesaaeeeeeeessaeeeseessenaeeeeensneaeeeennaaes 50 wireless link GOS Lm 50 sensor discovery le EE 50 Sensor network detector ederet testetur ates Poesia eae E Cau e ER eene 51 Sensor Server Id e m 51 s nsor server NAME prisnit anaa enana iaaa iaaa a ai En EE EEEE ANANE SNA Aaa aAA 51 enean ERUIT 51 2 4 Port 2 Interface Conte aii 52 elec 52 QING E 52 SPO eer rene
87. to receive multicast traffic public forwarding Supported on Wi AP public forwarding any 802 1x none Enables support for traffic exchange between wireless client stations Wi AP CLI Reference Guide 73 Chapter 2 CLI Commands fast authentication Supported on Wi AP fast authentication Enables WPA2 opportunistic key caching no fast authentication Disables WPA2 opportunistic key caching layer3 mobility Supported on Wi AP layer3 mobility Enables Layer 3 mobility no layer3 mobility Disables Layer 3 mobility beacon transmit power Supported on Wi AP beacon transmit power Advertise the current transmit power setting in the beacon no beacon transmit power Do not advertise the current transmit power setting in the beacon data rate maximum Supported on Wi AP data rate maximum 1 2 5 5 6 9 11 12 18 24 36 48 54 highest Sets the maximum transmission rate that clients stations must respect in order to connect with this SSID Clients stations that attempt to associate at a higher data rate will be refused Select the Highest option to have the Wi AP automatically adjust the data rate to its maximum setting based on the wirelessmode being used data rate minimum Supported on Wi AP data rate minimum lowest 1 2 5 5 6 9 11 12 18 24 36 48 54 Sets the minimum transmission rate that clients stations must meet in order to connect with this SSID
88. trap snmp server trap wireless association fail Supported on Wi AP snmp server trap wireless association fail Send a trap when a wireless client station fails to associate with the Wi AP no snmp server trap wireless association fail Do not send this trap snmp server trap wireless association success Supported on Wi AP snmp server trap wireless association success Send a trap when a wireless client station successfully associates with the Wi AP no snmp server trap wireless association success Do not send this trap 38 Wi AP CLI Reference Guide Config Context snmp server trap wireless authentication fail Supported on Wi AP snmp server trap wireless authentication fail Send a trap when a wireless client station fails to authenticate no snmp server trap wireless authentication fail Do not send this trap snmp server trap wireless authentication success Supported on Wi AP snmp server trap wireless authentication success Send a trap when a wireless client station is successfully associated no snmp server trap wireless authentication success Do not send this trap snmp server trap wireless deauthentication fail Supported on Wi AP snmp server trap wireless deauthentication fail Send a trap when a wireless client station fails to deauthenticate from the Wi AP no snmp server trap wireless deauthentication fail Do not send this trap snmp server trap wireless deauthentication s
89. trator login is refused no snmp server trap web fail Do not send a trap each time an administrator login is refused Wi AP CLI Reference Guide 25 Chapter 2 CLI Commands snmp server trap web login Supported on Wi AP snmp server trap web login Send a trap each time an administrator login is accepted no snmp server trap web login Do not send a trap each time an administrator login is accepted snmp server trap web logout Supported on Wi AP snmp server trap web logout Send a trap each time an administrator logs out no snmp server trap web logout Do not send a trap each time an administrator logs out web admin kickout Supported on Wi AP web admin kickout Enables a new administrator login to terminate an existing administrator session no web admin kickout Stops a new administrator from logging in until an existing administrator logs out web allow Supported on Wi AP web allow ip address gt lt mask gt Adds an address to the list of hosts that can access the management tool no web allow ip address gt lt mask gt Removes the specified address from the list of hosts that can access the management tool Parameters address IP address lt mask gt Subnet mask in CIDR format Specifies the number of bits in the mask world mode dot11 country code Supported on Wi AP world mode dot11 country code lt code gt Specifies the country the Wi AP is operating in 26 Wi
90. uccess Supported on Wi AP snmp server trap wireless deauthentication success Send a trap when a wireless client station deauthenticates from the Wi AP no snmp server trap wireless deauthentication success Do not send this trap snmp server trap wireless disassociation fail Supported on Wi AP snmp server trap wireless disassociation fail Send a trap when a wireless client station fails to disassociate from the Wi AP no snmp server trap wireless disassociation fail Do not send this trap Wi AP CLI Reference Guide 39 Chapter 2 CLI Commands snmp server trap wireless disassociation success Supported on Wi AP snmp server trap wireless disassociation success Send a trap when a wireless client station disassociates from the Wi AP no snmp server trap wireless disassociation success Do not send this trap snmp server trap wireless reassociation fail Supported on Wi AP snmp server trap wireless reassociation fail Send a trap when a wireless client station fails to reassociate with the Wi AP no snmp server trap wireless reassociation fail Do not send this trap snmp server trap wireless reassociation success Supported on Wi AP snmp server trap wireless reassociation success Send a trap when a wireless client station reassociates with the Wi AP no snmp server trap wireless reassociation success Do not send this trap snmp server trap syslog matches Supported on Wi AP snmp s
91. ue gt Sets the RTS threshold no rts threshold Deletes the RTS threshold value Parameters lt value gt Threshold value in the range 128 and 1540 Description Use this parameter to control collisions on the link that can reduce throughput If the Status Wireless page on the management tool shows increasing values for Tx multiple retry frames or Tx single retry frames you should adjust this value until the errors clear up Start with a value of 1024 and then decrease to 512 until errors are reduced or eliminated Using a small value for RTS threshold can affect throughput If a packet is larger than the threshold the Wi AP will hold it and issue a request to send RTS message to the client station Only when the client station replies with a clear to send CTS message will the Wi AP send the packet Packets smaller than the threshold are transmitted without this handshake Wi AP CLI Reference Guide 59 Chapter 2 CLI Commands distance Supported on Wi AP distance small medium large Sets the distance between access points Use this parameter to adjust the receiver sensitivity of the Wi AP This parameter should only be changed if you have more than one wireless access point installed in your location you are experiencing throughput problems In all other cases use the default setting of Large If you have installed multiple Wi APs reducing the receiver sensitivity of the Wi AP from its maximu
92. upstream device IP broadcast packets except NetBIOS Certain address management protocols ARP DHCP regardless of their source address Any traffic addressed to the CNx including 802 1x Blocked Wi AP CLI Reference Guide 69 Chapter 2 CLI Commands All other traffic is blocked This includes NetBIOS traffic regardless of its source destination address TTPS traffic not addressed to the CNx or upstream device is also blocked which means wireless client stations cannot access the management tool on other Alvarion products Default filters for outgoing wireless traffic Applies to traffic sent from the CNx to wireless client stations Accepted Any IP traffic coming from the upstream device except NetBIOS packets PPPOE traffic from the upstream device IP broadcast packets except NetBIOS ARP and DHCP Offer and ACK packets Any traffic coming from the CNx itself including 802 1x Blocked All other traffic is blocked This includes NetBIOS traffic regardless of its source destination address mac filters local Supported on Wi AP mac filters local Enables the MAC filter list no mac filters local Disables the MAC filter list mac filters Supported on Wi AP mac filters lt address gt Adds an address to the MAC filter list no mac filters lt address gt Remove the specified address from the MAC filter list Parameters lt address gt MAC address Specify 6 pairs of hexadeci
93. y Supported on Wi AP promiscuous mode startup delay number Set delay in seconds before promiscuous mode starts if enabled snr cost per hop Supported on Wi AP snr cost per hop number Slave Set the group s SNR cost per hop Wi AP CLI Reference Guide 83 Chapter 2 CLI Commands Zl 84 RADIUS Context Context path View gt Enable gt Config gt RADIUS This context provides commands for configuring RADIUS profiles end Supported on Wi AP end Switches to parent context radius server accounting port Supported on Wi AP radius server accounting port lt number gt Specifies the port to use for RADIUS accounting Parameters lt number gt Accounting port number Range 1 65535 radius server alternate hosts Supported on Wi AP radius server alternate hosts Try last answering RADIUS host first no radius server alternate hosts Try primary RADIUS host first radius server authentication method Supported on Wi AP radius server authentication method mschap chap mschapv2 pap eap md5 Sets the authentication method to use when communicating with the RADIUS server For 802 1x users the authentication method is always determined by the 802 1x client software and is not controlled by this setting If traffic between the Wi AP and the RADIUS server is not protected by a VPN it is recommended that you use either EAP MD5 or MSCHAP V2 if supported by your RADI
94. yslog destination Use the name local to edit your local log file settings Any other name will edit create a remote log destination snmp server trap syslog severity Supported on Wi AP snmp server trap syslog severity Set the severity level of syslog messages that will trigger a trap no snmp server trap syslog severity Do not send this trap snmp server Supported on Wi AP snmp server Enables the SNMP agent no snmp server Disables the SNMP agent snmp server access port 1 Supported on Wi AP snmp server access port 1 Enables SNMP access on the downstream port no snmp server access port 1 Blocks SNMP access on the downstream port 30 Wi AP CLI Reference Guide Config Context snmp server allow Supported on Wi AP snmp server allow lt ip address gt lt mask gt Adds a host to the list of IP address from which access to the SNMP interface is permitted no snmp server allow lt ip address gt lt mask gt Removes a host from the list of IP address from which access to the SNMP interface is permitted Parameters lt address gt IP address lt mask gt Subnet mask in CIDR format Specifies the number of bits in the mask snmp server chassis id Supported on Wi AP snmp server chassis id lt name gt Specifies a name to identify the Wi AP By default this is set to the serial number of the Wi AP no snmp server chassis id Deletes the system name snmp server contact Suppo
Download Pdf Manuals
Related Search