Cisco 3650 - Manual

Configuring Authentication for Access Points (GUI) 49 Configuring the Switch for Authentication (CLI) 50 Configuration Examples for Configuring Authentication for Access Points 51 Displaying the Authentication Settings for Access Points: Examples 51 C H A P T E R 8 Converting Autonomous Access Point...

Debugging WGB Issues (CLI) 66 Configuration Examples for Configuring Workgroup Bridges 68 WGB Configuration: Example 68 C H A P T E R 1 0 Configuring Probe Request Forwarding 69 Finding Feature Information 69 Information About Configuring Probe Request Forwarding 69 How to Configure Probe Request Fo...

How to Configure TCP MSS 86 Configuring TCP MSS (CLI) 86 Configuring TCP MSS (GUI) 86 Performing a Link Test (CLI) 87 Configuration Examples for Configuring Link Latency 88 Running a Link Test: Example 88 Displaying Link Latency Information: Example 88 Displaying TCP MSS Settings: Example 89 C H A P...

Preface • Document Conventions, page ix • Related Documentation, page xi • Obtaining Documentation and Submitting a Service Request, page xi Document Conventions This document uses the following conventions: Description Convention Both the ^ symbol and Ctrl represent the Control (Ctrl) key on a keyb...

Related Documentation Before installing or upgrading the switch, refer to the switch release notes. Note • Error Message Decoder, located at: https://www.cisco.com/cgi-bin/Support/Errordecoder/index.cgi Obtaining Documentation and Submitting a Service Request For information on obtaining documentati...

C H A P T E R 1 Using the Command-Line Interface • Information About Using the Command-Line Interface, page 1 • How to Use the CLI to Configure Features, page 6 Information About Using the Command-Line Interface Command Modes The Cisco IOS user interface is divided into many different modes. The com...

Table 1: Command Mode Summary About This Mode Exit Method Prompt Access Method Mode Use this mode to • Changeterminalsettings. • Perform basictests. • Display systeminformation. Enter logout or quit . Switch> Begin a sessionusing Telnet, SSH,or console. User EXEC Use this mode toverify commandsth...

About This Mode Exit Method Prompt Access Method Mode To exit toglobalconfigurationmode, enter exit . To return toprivilegedEXEC mode,press Ctrl-Z or enter end . Use this mode toconfigure parametersfor the terminal line. To exit toglobalconfigurationmode, enter exit . To return toprivilegedEXEC mode...

DETAILED STEPS Purpose Command or Action Obtains a brief description of the help system in anycommand mode. help Example: Switch# help Step 1 Obtains a list of commands that begin with a particularcharacter string. abbreviated-command-entry ? Example: Switch# di? dir disable disconnect Step 2 Comple...

No and Default Forms of Commands Almost every configuration command also has a no form. In general, use the no form to disable a feature or function or reverse the action of a command. For example, the no shutdown interface configuration command reverses the shutdown of an interface. Use the command...

notification to registered applications whenever the configuration changes. You can choose to have thenotifications sent to the syslog. Only CLI or HTTP changes are logged. Note How to Use the CLI to Configure Features Configuring the Command History The software provides a history or record of comm...

SUMMARY STEPS 1. Ctrl-P or use the up arrow key 2. Ctrl-N or use the down arrow key 3. show history DETAILED STEPS Purpose Command or Action Recalls commands in the history buffer, beginning with the most recent command.Repeat the key sequence to recall successively older commands. Ctrl-P or use the...

SUMMARY STEPS 1. terminal editing 2. terminal no editing DETAILED STEPS Purpose Command or Action Reenables the enhanced editing mode for the current terminalsession in privileged EXEC mode. terminal editing Example: Switch# terminal editing Step 1 Disables the enhanced editing mode for the current ...

Erases the character to the left of the cursor. Delete or Backspace key Deletes the character at the cursor. Ctrl-D Deletes all characters from the cursor to the end ofthe command line. Ctrl-K Deletes all characters from the cursor to the beginningof the command line. Ctrl-U or Ctrl-X Deletes the wo...

The arrow keys function only on ANSI-compatible terminals such as VT100s. Note The following example shows how to wrap a command line that extends beyond a single line on the screen. SUMMARY STEPS 1. access-list 2. Ctrl-A 3. Return key DETAILED STEPS Purpose Command or Action Displays the global con...

SUMMARY STEPS 1. { show | more } command | { begin | include | exclude } regular-expression DETAILED STEPS Purpose Command or Action Searches and filters the output. { show | more } command | { begin | include | exclude } regular-expression Step 1 Expressions are case sensitive. For example, if you ...

C H A P T E R 2 Using the Web Graphical User Interface • Prerequisites for Using the Web GUI, page 13 • Information About Using The Web GUI, page 13 • Connecting the Console Port of the Switch , page 15 • Logging On to the Web GUI, page 15 • Enabling Web and Secure Web Modes , page 15 • Configuring ...

Connecting the Console Port of the Switch Before You Begin Before you can configure the switch for basic operations, you need to connect it to a PC that uses a VT-100terminal emulation program (such as HyperTerminal, ProComm, Minicom, or Tip). Step 1 Connect one end of a null-modem serial cable to t...

Step 3 To enable secure web mode, which allows users to access the switch GUI using “ https://ip-address, ” choose Enabled from the HTTPS Access drop-down list. Otherwise, choose Disabled. Secure web mode (HTTPS) is a secure connection. Step 4 Choose to track the device in the IP Device Tracking che...

C H A P T E R 3 Configuring the Switch for Access PointDiscovery • Finding Feature Information, page 19 • Prerequisites for Configuring the Switch for Access Point Discovery, page 19 • Restrictions for Configuring the Switch for Access Point Discovery, page 20 • Information About Configuring the Swi...

◦ Layer 3 CAPWAP discovery — You can enable this feature on different subnets from the access point. This feature uses IP addresses and UDP packets rather the MAC addresses used by Layer2 discovery. ◦ Locally stored switch IP address discovery — If the access point was previously associated to a swi...

• To provide an upgrade path from Cisco products that use LWAPP to next-generation Cisco productsthat use CAPWAP • To manage RFID readers and similar devices • To enable switchs to interoperate with third-party access points in the future Viewing Access Point Join Information Join statistics for an ...

• The access point gets disconnected from the switch, and you configured the syslog server IP addressfrom the access point CLI by using the capwap ap log-server syslog_server_IP_address command. This command works only if the access point is not connected to any switch. • The access point gets disco...

Purpose Command or Action Displays the syslog server settings for a specific accesspoint. show ap name Cisco_AP config general Example: Switch# show ap name AP03 config general Step 2 Monitoring Access Point Join Information (CLI) The procedure to perform this task using the switch GUI is not curren...

Configuration Examples for Configuring the Switch for AccessPoint Discovery Displaying the MAC Addresses of all Access Points: Example This example shows how to display MAC addresses of all the access points that are joined to the switch: Switch# show ap join stats summary Number of APs................

Purpose Command or Action Displays a summary of all active DTLS connections. show wireless dtls connections Step 5 Example: Switch# show wireless dtls connections If you experience any problems with DTLS data encryption, enterthe debug dtls ap { all | event | trace } command to debug all DTLS messag...

The All APs page is displayed. Step 2 Click the AP name.The AP > Edit page is displayed. Step 3 Click the Advanced tab. The CAPWAP MTU field shows the CAPWAP maximum retransmission unit information. Configuration Examples for Configuring Access PointRetransmission Interval and Retry Count Viewing...

How to Configure wIPS on Access Points Configuring wIPS on an Access Point (CLI) SUMMARY STEPS 1. ap name Cisco_AP mode local 2. ap name Cisco_AP dot11 5ghz shutdown 3. ap name Cisco_AP dot11 24ghz shutdown 4. ap name Cisco_AP mode monitor submode wips 5. ap name Cisco_AP monitor-mode wips-optimized...

Purpose Command or Action The access point scans each channel for 250 milliseconds. It derivesthe list of channels to be scanned from the monitor configuration.You can choose the following options: Example: Switch# ap name AP01 monitor-mode wips-optimized • All — All channels supported by the access...

• Monitor Step 4 From the AP Sub Mode drop-down list, choose WIPS . Step 5 Click Apply . Step 6 Click Save Configuration . Monitoring wIPS Information The procedure to perform this task using the switch GUI is not currently available. Note SUMMARY STEPS 1. show ap name Cisco_AP config general 2. sho...

Purpose Command or Action Clears the wIPS statistics on the switch. clear wireless wips statistics Example: Switch# clear wireless wips statistics Step 5 Configuration Examples for Configuring wIPS on Access Points Displaying the Monitor Configuration Channel Set: Example This example shows how to d...

C H A P T E R 7 Configuring Authentication for Access Points • Finding Feature Information, page 43 • Prerequisites for Configuring Authentication for Access Points, page 43 • Restrictions for Configuring Authentication for Access Points, page 44 • Information about Configuring Authentication for Ac...

Cisco_AP mgmtuser username Cisco password Cisco command. Entering the command does not clear the static IP address of the access point. Once the access point rejoins a switch, it adopts the default Cisco/Cisco username and password. • You can configure global authentication settings for all access p...

Configuring Global Credentials for Access Points (GUI) Step 1 Choose Configuration > Wireless > Access Points > Global AP Configuration . The Global Configuration page is displayed. Step 2 In the Login Credentials area, enter the following parameters: • User Name • Password • Confirm Passwo...

Configuring Authentication for Access Points (CLI) SUMMARY STEPS 1. enable 2. configure terminal 3. ap dot1x username user_name_value password 0 password_value 4. end 5. ap name Cisco_AP dot1x-user username username_value password password_value 6. configure terminal 7. no ap dot1x username user_nam...

Purpose Command or Action Example: Switch# show ap name AP02 configgeneral If this access point is configured for global authentication, the APDot1x User Mode text boxes shows “ Automatic. ” If the global authentication settings have been overwritten for this access point,the AP Dot1x User Mode text...

Configuring the Switch for Authentication (CLI) The procedure to perform this task using the switch GUI is not currently available. Note SUMMARY STEPS 1. enable 2. configure terminal 3. dot1x system-auth-control 4. aaa new-model 5. aaa authentication dot1x default group radius 6. radius-server host ...

Purpose Command or Action Sets a clear text encryption key for the RADIUSauthentication server. radius-server host host_ip_adress acct-port port_numberauth-port port_number key 0 unencryptied_server_key Example: Switch(config)# radius-server host 10.1.1.1 acct-port 1813 auth-port 6225 key 0 encryptk...

The switch IP address that you obtain from the DHCP server should be a unicast IP address. Do notconfigure the switch IP address as a multicast address when configuring DHCP option 43. Note How Converted Access Points Send Crash Information to the Switch When a converted access point unexpectedly re...

How to Convert a Lightweight Access Point Back to anAutonomous Access Point Converting a Lightweight Access Point Back to an Autonomous Access Point(CLI) SUMMARY STEPS 1. enable 2. ap name Cisco_AP tftp-downgrade tftp_server_ip_address tftp_server_image_filename DETAILED STEPS Purpose Command or Act...

• Authorize MIC APs against AAA • AP with Manufacturing Installed Certificate Step 3 Click Apply . Step 4 Click Save Configuration . Disabling the Reset Button on Converted Access Points (CLI) You can enable or disable the Reset button on access points that are converted to lightweight mode. The Res...

Purpose Command or Action Returns to privileged EXEC mode. Alternatively, you can alsopress Ctrl-Z to exit global configuration mode. end Example: Switch(config)# end Step 4 Enables the Reset button on the converted access point that youspecify. ap name Cisco_AP reset-button Example: Switch# ap name...

How to Configure a Static IP Address on an Access Point Configuring a Static IP Address on an Access Point (CLI) SUMMARY STEPS 1. enable 2. ap name Cisco_AP static-ip ip-address static_ap_address netmask static_ip_netmask gatewaystatic_ip_gateway 3. enable 4. configure terminal 5. ap static-ip name-...

Purpose Command or Action Enters privileged EXEC mode. enable Example: Switch# enable Step 3 Enters global configuration mode. configure terminal Example: Switch# configure terminal Step 4 Configures a DNS server so that a specific access point or all accesspoints can discover the switch using DNS r...

Displaying Access Point Crash File Information: Example This example shows how to display access point crash file information. Using this command, you can verifywhether the file is downloaded to the switch: Switch# show ap crash-file Local Core Files:lrad_AP1130.rdump0 (156) The number in parenthese...

Monitoring the Status of Workgroup Bridges The procedure to perform this task using the switch GUI is not currently available. Note SUMMARY STEPS 1. enable 2. show wireless wgb summary 3. show wireless wgb mac-address wgb_mac_address detail DETAILED STEPS Purpose Command or Action Enters privileged ...

Purpose Command or Action Enables dot11/state debugging. Debug an IP assignmentissue when static IP is used. debug dot11 state Example: Switch# debug dot11 state Step 8 Configuration Examples for Configuring Workgroup Bridges WGB Configuration: Example This example shows how to configure a WGB acces...

DETAILED STEPS Purpose Command or Action Enters global configuration mode. configure terminal Example: Switch# configure terminal Step 1 Enables or disables the filtering of probe requests forwarded from an accesspoint to the switch. wireless probe filter Example: Switch(config)# wireless probefilte...

C H A P T E R 11 Optimizing RFID Tracking • Finding Feature Information, page 71 • Optimizing RFID Tracking on Access Points, page 71 • How to Optimize RFID Tracking on Access Points, page 71 • Configuration Examples for Optimizing RFID Tracking, page 72 Finding Feature Information Optimizing RFID T...

DETAILED STEPS Purpose Command or Action Specifies the monitor submode for the access point as none. ap name Cisco_AP mode monitor submode none Step 1 Example: Switch# ap name 3602a mode monitor submode none A warning message indicates that changing the accesspoint's mode will cause the access point...

Information About Configuring Country Codes Controllers and access points are designed for use in many countries with varying regulatory requirements.The radios within the access points are assigned to a specific regulatory domain at the factory (such as -E forEurope), but the country code enables y...

Purpose Command or Action Assigns an access point to a specific country. Ensure that the country code that you choose iscompatible with the regulatory domain of at least oneof the access point ’ s radios. Note If you enabled the networks and disabled some accesspoints and then enter the ap country c...

Information About Configuring Link Latency You can configure link latency on the switch to measure the link between an access point and the switch. Youcan use this feature with all access points that are joined to the switch where the link can be a slow or unreliableWAN connection. TCP MSS If the cl...

The controller shows this metric regardless of direction: • Link test request/reply round-trip time (minimum, maximum, and average) The controller software supports CCX versions 1 through 5. CCX support is enabled automatically for everyWLAN on the controller and cannot be disabled. The controller s...

How to Configure TCP MSS Configuring TCP MSS (CLI) SUMMARY STEPS 1. configure terminal 2. ap tcp-adjust-mss size size_value 3. reload 4. show ap tcp-adjust-mss DETAILED STEPS Purpose Command or Action Enters global configuration mode. configure terminal Example: Switch# configure terminal Step 1 Ena...

Purpose Command or Action Returns to privileged EXEC mode. Alternatively,you can also press Ctrl-Z to exit global configuration mode. end Example: Switch(config)# end Step 5 Configuration Examples for Configuring Link Latency Running a Link Test: Example This example shows how to run a link test: Sw...

Secondary Cisco Controller Name : Secondary Cisco Controller IP Address : Not Configured Tertiary Cisco Controller Name : Tertiary Cisco Controller IP Address : Not Configured Administrative State : Enabled Operation State : Registered AP Mode : Local AP Submode : Not Configured Remote AP Debug : Di...

C H A P T E R 14 Configuring Power over Ethernet • Finding Feature Information, page 91 • Information About Configuring Power over Ethernet, page 91 • How to Configure Power over Ethernet, page 91 • Configuration Examples for Configuring Power over Ethernet, page 93 Finding Feature Information Infor...

Unselect the Pre-standard 802.3af Switches check box if power is being provided by a power injector. This is the default value. Note Step 5 Select the Power Injector State check box. Select this check box if the attached switch does not support IPM and a power injector is being used. If the attached...

I N D E X 802.1X authentication for access points 44 described 44 A Access Point Authentication 44 Access Point Communication Protocols 20 access point core dumps, uploading 55 using the GUI 55 Access Point Retransmission Interval 31 Access Point Retry Count 31 access points 20, 21, 63 priming 20 su...