Feedback
Table Of Contents
Cisco Wireless LAN Controller
Command ReferenceSHOW ADVANCED 802.11A COMMANDS
show advanced 802.11a receiver
SHOW ADVANCED 802.11B COMMANDS
show advanced 802.11b receiver
show advanced send-disassoc-on-handoff
show certificate compatibility
show radius rfc3576 statistics
config 802.11a antenna extAntGain
config 802.11a antenna diversity
config 802.11a antenna selection
config 802.11b antenna diversity
config 802.11b antenna extAntGain
config 802.11b antenna selection
config 802.11h powerconstraint
CONFIG ADVANCED 802.11A COMMANDS
config advanced 802.11a channel foreign
config advanced 802.11a channel load
config advanced 802.11a channel noise
config advanced 802.11a channel update
config advanced 802.11a factory
config advanced 802.11a group-mode
config advanced 802.11a logging channel
config advanced 802.11a logging coverage
config advanced 802.11a logging foreign
config advanced 802.11a logging load
config advanced 802.11a logging noise
config advanced 802.11a logging performance
config advanced 802.11a logging txpower
config advanced 802.11a monitor channel-list
config advanced 802.11a monitor coverage
config advanced 802.11a monitor load
config advanced 802.11a monitor mode
config advanced 802.11a monitor noise
config advanced 802.11a monitor signal
config advanced 802.11a profile clients
config advanced 802.11a profile coverage
config advanced 802.11a profile customize
config advanced 802.11a profile exception
config advanced 802.11a profile foreign
config advanced 802.11a profile level
config advanced 802.11a profile noise
config advanced 802.11a profile throughput
config advanced 802.11a profile utilization
config advanced 802.11a receiver
config advanced 802.11a txpower-update
CONFIG ADVANCED 802.11B COMMANDS
config advanced 802.11b 7920VSIEConfig
config advanced 802.11b channel foreign
config advanced 802.11b channel load
config advanced 802.11b channel noise
config advanced 802.11b channel update
config advanced 802.11b factory
config advanced 802.11b group-mode
config advanced 802.11b logging channel
config advanced 802.11b logging coverage
config advanced 802.11b logging foreign
config advanced 802.11b logging load
config advanced 802.11b logging noise
config advanced 802.11b logging performance
config advanced 802.11b logging txpower
config advanced 802.11b monitor channel-list
config advanced 802.11b monitor coverage
config advanced 802.11b monitor load
config advanced 802.11b monitor mode
config advanced 802.11b monitor noise
config advanced 802.11b monitor signal
config advanced 802.11b profile clients
config advanced 802.11b profile coverage
config advanced 802.11b profile customize
config advanced 802.11b profile exception
config advanced 802.11b profile foreign
config advanced 802.11b profile level
config advanced 802.11b profile noise
config advanced 802.11b profile throughput
config advanced 802.11b profile utilization
config advanced 802.11b receiver
config advanced 802.11b txpower-update
config advanced client-handoff
CONFIG ADVANCED TIMERS COMMANDS
config advanced timers ap-discovery-timeout
config advanced timers ap-heartbeat-timeout
config advanced timers auth-timeout
config advanced timers eap-timeout
config advanced timers eap-identity-request-delay
config ap crash-file clear-all
config ap crash-file get-crash-file
config ap crash-file get-radio-core-dump
config custom-web ext-webauth-mode
config custom-web ext-webauth-url
config custom-web ext-webserver
config location interface-mapping
config macfilter mac-delimiter
config macfilter radius-compat
config mobility statistics reset
config network allow-old-bridge-aps
config network bridging-shared-secret
config network fast-ssid-change
config network mgmt-via-wireless
config network rf-network-name
config port multicast appliance
config radius acct ipsec authentication
config radius acct ipsec disable
config radius acct ipsec enable
config radius acct ipsec encryption
config radius acct retransmit-timeout
config radius auth ipsec authentication
config radius auth ipsec disable
config radius auth ipsec enable
config radius auth ipsec encryption
config radius auth retransmit-timeout
config radius backward compatibility
config radius callStationIdType
CONFIG SNMP COMMUNITY COMMANDS
config snmp community accessmode
CONFIG SNMP TRAPRECEIVER COMMANDS
config snmp trapreceiver create
config snmp trapreceiver delete
CONFIG SPANNINGTREE PORT COMMANDS
config spanningtree port pathcost
config spanningtree port priority
CONFIG SPANNINGTREE SWITCH COMMANDS
config spanningtree switch bridgepriority
config spanningtree switch forwarddelay
config spanningtree switch hellotime
config spanningtree switch maxage
config spanningtree switch mode
config switchconfig flowcontrol
config trapflags 802.11-Security
config trapflags authentication
CONFIG WIRELESS LAN SECURITY COMMANDS
config wlan security ipsec disable
config wlan security ipsec enable
config wlan security ipsec authentication
config wlan security ipsec encryption
config wlan security ipsec config
config wlan security ipsec ike authentication
config wlan security ipsec ike dh-group
config wlan security ipsec ike lifetime
config wlan security ipsec ike phase1
config wlan security ipsec ike contivity
config wlan security static-wep-key authentication
config wlan security static-wep-key disable
config wlan security static-wep-key enable
config wlan security static-wep-key encryption
config wlan security web-passthrough acl
config wlan security web-passthrough disable
config wlan security web-passthrough email-input
config wlan security web-passthrough enable
config wlan security wpa1 disable
config wlan security wpa1 enable
config wlan security wpa1 pre-shared-key
config wlan security wpa2 disable
config wlan security wpa2 enable
config wlan security wpa2 pre-shared-key
config wlan security wpa2 tkip
config wlan security wpa2 wpa-compat
Clearing Configurations, Logfiles, and Other Actions
Uploading and Downloading Files and Configurations
transfer download certpassword
transfer download tftpPktTimeout
transfer download tftpMaxRetries
Cisco Wireless LAN Controller
Command Reference
The Cisco Wireless LAN Solution command line interface (CLI) enables operators to connect an ASCII console to the Cisco Wireless LAN Controller and configure the controller and its associated access points.
This document covers the commands available in the Cisco CLI release 4.0 on all the controllers listed in the Compatibility Matrix in Appendix A. This compatibility matrix allows the user to determine what commands operate on any individual controller. The controllers currently covered include:
•
WiSM
•
•
This chapter contains the following sections:
•
•
Using the ? command
To display all of the commands in your current level of the command tree, or to display more information about a particular command, use the ? command.
?
command name ?
When you enter a command information request, put a space between command name and ?.
Examples
The following command shows you all the commands and levels available from the root level.
> ?clear Clear selected configuration elements.config Configure switch options and settings.debug Manages system debug options.help Helplinktest Perform a link test to a specified MAC address.logout Exit this session. Any unsaved changes are lost.ping Send ICMP echo packets to a specified IP address.reset Reset options.save Save switch configurations.show Display switch options and settings.transfer Transfer a file to or from the switch.The following command shows you that datatype is the only entry at the transfer download level:
> transfer download d?datatypeThe following command shows you the permissible entries for the transfer download datatype command:
> transfer download datatype ?config Download Configuration File.code Download an executable image to the system.image Download a web page logo to the system.signature Download a signature file to the system.webadmincert Download a certificate for web administration to the system.webauthcert Download a web certificate for web portal to the system.Using the Help Command
To look up keyboard commands, use the help command at the root level.
help
Examples
> helpHELP:Special keys:DEL, BS... delete previous characterCtrl-A .... go to beginning of lineCtrl-E .... go to end of lineCtrl-F .... go forward one characterCtrl-B .... go backward one characterCtrl-D .... delete current characterCtrl-U, X. delete to beginning of lineCtrl-K .... delete to end of lineCtrl-W .... delete previous wordCtrl-T .... transpose previous characterCtrl-P .... go to previous line in history bufferCtrl-N .... go to next line in history bufferCtrl-Z .... return to root command promptTab, <SPACE> command-line completionExit .... go to next lower command prompt? .... list choicesViewing Configurations
To view Cisco Wireless LAN controller options and settings, use the show commands.
show 802.11a
To display basic 802.11a options and settings, use the show 802.11a command.
show 802.11a
Syntax Description
Defaults
None.
Examples
> show 802.11a802.11a Network................................. Enabled802.11a Low Band......................... Enabled802.11a Mid Band......................... Enabled802.11a High Band........................ Enabled802.11a Operational Rates802.11a 6M Rate............................ Mandatory802.11a 9M Rate............................ Supported802.11a 12M Rate........................... Mandatory802.11a 18M Rate........................... Supported802.11a 24M Rate........................... Mandatory802.11a 36M Rate........................... Supported802.11a 48M Rate........................... Supported802.11a 54M Rate........................... SupportedBeacon Interval................................. 100CF Pollable mandatory........................... DisabledCF Poll Request mandatory....................... DisabledCFP Period...................................... 4CFP Maximum Duration............................ 100Default Channel................................. 36Default Tx Power Level.......................... 1DTPC Status..................................... EnabledDTIM Period..................................... 10Fragmentation Threshold......................... 2346Long Retry Limit................................ 4Maximum Rx Life Time............................ 512Max Tx MSDU Life Time........................... 512Medium Occupancy Limit.......................... 100Pico-Cell Status................................ DisabledRTS Threshold................................... 2347Short Retry Limit............................... 7TI Threshold.................................... -50Related Commands
show 802.11b, show advanced 802.11a channel, show advanced 802.11a group, show advanced 802.11a logging, show advanced 802.11a monitor, show advanced 802.11a power, show advanced 802.11a profile, show advanced 802.11a summary
show 802.11b
To display basic 802.11b/g options and settings, use the show 802.11b command.
show 802.11b
Syntax Description
Defaults
None.
Examples
> show 802.11b802.11b Network.................................. Enabled11gSupport....................................... Enabled802.11b/g Operational Rates802.11b/g 1M Rate............................ Mandatory802.11b/g 2M Rate............................ Mandatory802.11b/g 5.5M Rate.......................... Mandatory802.11b/g 11M Rate........................... Mandatory802.11g 6M Rate.............................. Supported802.11g 9M Rate.............................. Supported802.11g 12M Rate............................. Supported802.11g 18M Rate............................. Supported802.11g 24M Rate............................. Supported802.11g 36M Rate............................. Supported802.11g 48M Rate............................. Supported802.11g 54M Rate............................. SupportedBeacon Interval.................................. 100CF Pollable mode................................. DisabledCF Poll Request mandatory........................ DisabledCFP Period....................................... 4CFP Maximum Duration............................. 60Default Channel.................................. 1Default Tx Power Level........................... 1DTPC Status..................................... EnabledCall Admission Limit ........................... 105G711 CU Quantum ................................. 15DTIM Period...................................... 1ED Threshold..................................... -50Fragmentation Threshold.......................... 2346Long Retry Limit................................. 4Maximum Rx Life Time............................. 512Max Tx MSDU Life Time............................ 512Medium Occupancy Limit........................... 100PBCC mandatory................................... DisabledPico-Cell Status................................. DisabledRTS Threshold.................................... 2347Short Preamble mandatory......................... EnabledShort Retry Limit................................ 7Related Commands
show 802.11a, show advanced 802.11b channel, show advanced 802.11b group, show advanced 802.11b logging, show advanced 802.11b monitor, show advanced 802.11b txpower, show advanced 802.11b profile, show advanced 802.11b summary
show 802.11h
To display basic 802.11h options and settings, use the show 802.11h command.
show 802.11h
Syntax Description
Defaults
None.
Examples
> show 802.11h802.11h ......................................... powerconstraint : 0802.11h ......................................... channelswitch : Disable802.11h ......................................... channelswitch mode : 0Related Commands
show 802.11a, show 802.11b, config 802.11h
show acl
To display the access control lists (ACLs) that are configured on the controller, use the show acl command.
show acl {summary | detailed acl_name}
Syntax Description
Defaults
None.
Examples
> show acl summaryACL Name Applied-------------------------------- -------Pubs Only YesMannina YesRelated Commands
config interface acl
show acl cpu
To display the access control lists (ACLs) configured on the central processing unit (CPU), use the show acl cpu command.
show acl cpu
Syntax Description
Command Default
None
Examples
> show acl cpuCPU Acl Name................................Wireless Traffic............................ DisabledWired Traffic............................... DisabledApplied to NPU.............................. NoRelated Commands
config acl cpu
SHOW ADVANCED 802.11A COMMANDS
Use the SHOW ADVANCED 802.11a commands to display advanced 802.11a configuration parameters.
Show advanced 802.11a channel
To display the automatic channel assignment configuration and statistics, use the show advanced 802.11a channel command.
show advanced 802.11a channel
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11a
802.11a network.
channel
Channel status.
Defaults
None.
Examples
> show advanced 802.11a channelAutomatic Channel AssignmentChannel Assignment Mode........................ AUTOChannel Update Interval........................ 600 secondsChannel Update Contribution.................... SNI.Channel Assignment Leader...................... xx:xx:xx:xx:xx:xxLast Run....................................... 374 seconds agoChannel Energy LevelsMinimum...................................... -84 dBmAverage...................................... -84 dBmMaximum...................................... -84 dBmChannel Dwell TimesMinimum...................................... 0 days, 19 h 07 m 57 sAverage...................................... 0 days, 19 h 08 m 29 sMaximum...................................... 0 days, 19 h 09 m 11 sRelated Commands
config 802.11a channel
show advanced 802.11a group
To display the advanced 802.11a Cisco radio RF grouping, use the show advanced 802.11a group command.
show advanced 802.11a group
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11a
802.11a network.
group
RF grouping values.
Defaults
None.
Examples
> show advanced 802.11a groupRadio RF Grouping802.11a Group Mode................................... AUTO802.11a Group Update Interval........................ 600 seconds802.11a Group Leader................................. xx:xx:xx:xx:xx:xx802.11a Group Member............................... xx:xx:xx:xx:xx:xx802.11a Last Run..................................... 133 seconds agoRelated Commands
config advanced 802.11a group-mode
show advanced 802.11a logging
To display advanced 802.11a RF event and performance logging, use the show advanced 802.11a logging command.
show advanced 802.11a logging
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11a
802.11a network.
logging
RF event and performance logging.
Defaults
None.
Examples
> show advanced 802.11a loggingRF Event and Performance LoggingChannel Update Logging......................... OffCoverage Profile Logging....................... OffForeign Profile Logging........................ OffLoad Profile Logging........................... OffNoise Profile Logging.......................... OffPerformance Profile Logging.................... OffTxPower Update Logging......................... OffRelated Commands
config advanced 802.11a logging channel, config advanced 802.11a logging coverage, config advanced 802.11a logging foreign, config advanced 802.11a logging load, config advanced 802.11a logging noise, config advanced 802.11a logging performance, config advanced 802.11a logging power
show advanced 802.11a monitor
To display the advanced 802.11a default Cisco radio monitoring, use the show advanced 802.11a monitor command.
show advanced 802.11a monitor
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11a
802.11a network.
monitor
Cisco radio monitoring values.
Defaults
None.
Examples
> show advanced 802.11a monitorDefault 802.11a AP monitoring802.11a Monitor Mode........................... enable802.11a Monitor Channels....................... Country channels802.11a AP Coverage Interval................... 180 seconds802.11a AP Load Interval....................... 60 seconds802.11a AP Noise Interval...................... 180 seconds802.11a AP Signal Strength Interval............ 60 secondsRelated Commands
config advanced 802.11a monitor coverage, config advanced 802.11a monitor load, config advanced 802.11a monitor noise, config advanced 802.11a monitor signal
show advanced 802.11a profile
To display the advanced 802.11a Cisco 1000 series lightweight access point performance profiles, use the show advanced 802.11a profile command.
show advanced 802.11a profile {global | Cisco_AP}
Syntax Description
Defaults
None.
Examples
> show advanced 802.11a profile globalDefault 802.11a AP performance profiles802.11a Global Interference threshold.............. 10%802.11a Global noise threshold..................... -70 dBm802.11a Global RF utilization threshold............ 80%802.11a Global throughput threshold................ 1000000 bps802.11a Global clients threshold................... 12 clients802.11a Global coverage threshold.................. 12 dB802.11a Global coverage exception level............ 80%802.11a Global client minimum exception lev........ 3 clients> show advanced 802.11a profile AP1Cisco 1000 series lightweight access point performance profile not customizedThis response indicates that the performance profile for this Cisco 1000 series lightweight access point is using the global defaults and has not been individually configured.
Related Commands
config advanced 802.11b profile clients, config advanced 802.11b profile coverage, config advanced 802.11b profile customize, config advanced 802.11b profile exception, config advanced 802.11b profile foreign, config advanced 802.11b profile level, config advanced 802.11b profile noise, config advanced 802.11b profile throughput, config advanced 802.11b profile utilization
show advanced 802.11a receiver
To display the configuration and statistics of the 802.11a receiver, use the show advanced 802.11a receiver command.
show advanced 802.11a receiver
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11a
802.11a network.
receiver
Receiver.
Defaults
None.
Examples
> show advanced 802.11a receiver802.11a Advanced Receiver SettingsRxStart : Signal Threshold........................... 15RxStart : Signal Lamp Threshold...................... 5RxStart : Preamble Power Threshold................... 2RxReStart : Signal Jump Status......................... EnabledRxReStart : Signal Jump Threshold...................... 10TxStomp : Low RSSI Status.............................. EnabledTxStomp : Low RSSI Threshold........................... 30TxStomp : Wrong BSSID Status........................... EnabledTxStomp : Wrong BSSID Data Only Status................. EnabledRxAbort : Raw Power Drop Status........................ DisabledRxAbort : Raw Power Drop Threshold..................... 10RxAbort : Low RSSI Status.............................. DisabledRxAbort : Low RSSI Threshold........................... 0RxAbort : Wrong BSSID Status........................... DisabledRxAbort : Wrong BSSID Data Only Status................. DisabledRelated Commands
config advanced 802.11a monitor coverage, config advanced 802.11a monitor load, config advanced 802.11a monitor noise, config advanced 802.11a monitor signal
show advanced 802.11a summary
To display the advanced 802.11a Cisco 1000 series lightweight access point name, channel, and transmit level summary, use the show advanced 802.11a summary command.
show advanced 802.11a summary
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11a
802.11a network.
summary
Cisco 1000 series lightweight access point name, channel, and transmit level summary.
Defaults
None.
Examples
> show advanced 802.11a summaryAP Name Channel TxPower Level-------------------------------- ----------- -------------AP03 36* 1*AP02 52 5*AP01 64 5
Note
Related Commands
show advanced 802.11b summary
show advanced 802.11a txpower
To view the advanced 802.11a automatic transmit power assignment, use the show advanced 802.11a txpower command.
show advanced 802.11a txpower
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11a
802.11a network.
txpower
Transmit power.
Defaults
None.
Examples
> show advanced 802.11a txpowerAutomatic Transmit Power AssignmentTransmit Power Assignment Mode.................. AUTOTransmit Power Update Interval.................. 600 secondsTransmit Power Threshold........................ -65 dBmTransmit Power Neighbor Count................... 3 APsTransmit Power Update Contribution.............. SN.Transmit Power Assignment Leader................ xx:xx:xx:xx:xx:xxLast Run........................................ 384 seconds agoRelated Commands
config advanced 802.11a txpower-update, config 802.11a txPower
SHOW ADVANCED 802.11B COMMANDS
Use the SHOW ADVANCED 802.11b commands show advanced 802.11b parameters.
show advanced 802.11b channel
To display the automatic channel assignment status and statistics, use the show advanced 802.11b channel command.
show advanced 802.11b channel
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11b
802.11b/g network.
channel
Channel status.
Defaults
None.
Examples
> show advanced 802.11b channelAutomatic Channel AssignmentChannel Assignment Mode........................ OFFChannel Update Interval........................ 600 secondsChannel Update Contribution.................... SNI.Channel Assignment Leader...................... xx:xx:xx:xx:xx:xxLast Run....................................... 157 seconds agoChannel Energy LevelsMinimum...................................... unknownAverage...................................... unknownMaximum...................................... unknownChannel Dwell TimesMinimum...................................... unknownAverage...................................... unknownMaximum...................................... unknownRelated Commands
config 802.11b channel
show advanced 802.11b group
To display the advanced 802.11b/g Cisco radio RF grouping, use the show advanced 802.11b group command.
show advanced 802.11b group
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11b
802.11b/g network.
group
RF grouping values.
Defaults
None.
Examples
> show advanced 802.11b groupRadio RF Grouping802.11b Group Mode.............................. AUTO802.11b Group Update Interval................... 600 seconds802.11b Group Leader............................ xx:xx:xx:xx:xx:xx802.11b Group Member.......................... xx:xx:xx:xx:xx:xx802.11b Last Run................................ 511 seconds agoRelated Commands
config advanced 802.11b group-mode
show advanced 802.11b logging
To display advanced 802.11b/g RF event and performance logging, use the show advanced 802.11b logging command.
show advanced 802.11b logging
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11b
802.11b network.
logging
RF event and performance logging.
Defaults
None.
Examples
> show advanced 802.11b loggingRF Event and Performance LoggingChannel Update Logging........................... OffCoverage Profile Logging......................... OffForeign Profile Logging.......................... OffLoad Profile Logging............................. OffNoise Profile Logging............................ OffPerformance Profile Logging...................... OffTransmit Power Update Logging.................... OffRelated Commands
config advanced 802.11b logging channel, config advanced 802.11b logging coverage, config advanced 802.11b logging foreign, config advanced 802.11b logging load, config advanced 802.11b logging noise, config advanced 802.11b logging performance, config advanced 802.11b logging power
show advanced 802.11b monitor
To display the advanced 802.11b/g default Cisco radio monitoring, use the show advanced 802.11b monitor command.
show advanced 802.11b monitor
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11b
802.11b/g network.
monitor
Cisco radio monitoring values.
Defaults
None.
Examples
> show advanced 802.11b monitorDefault 802.11b AP monitoring802.11b Monitor Mode......................... enable802.11b Monitor Channels..................... Country channels802.11b AP Coverage Interval................. 180 seconds802.11b AP Load Interval..................... 60 seconds802.11b AP Noise Interval.................... 180 seconds802.11b AP Signal Strength Interval.......... 60 secondsRelated Commands
config advanced 802.11b monitor coverage, config advanced 802.11b monitor load, config advanced 802.11b monitor noise, config advanced 802.11b monitor signal
show advanced 802.11b profile
To display the advanced 802.11b/g Cisco radio performance profiles, use the show advanced 802.11b profile command.
show advanced 802.11b profile {global | Cisco_AP}
Syntax Description
Defaults
None.
Examples
> show advanced 802.11b profile globalDefault 802.11b AP performance profiles802.11b Global Interference threshold.............. 10%802.11b Global noise threshold..................... -70 dBm802.11b Global RF utilization threshold............ 80%802.11b Global throughput threshold................ 1000000 bps802.11b Global clients threshold................... 12 clients802.11b Global coverage threshold.................. 12 dB802.11b Global coverage exception level............ 80%802.11b Global client minimum exception lev........ 3 clients> show advanced 802.11b profile AP1Cisco 1000 series lightweight access point performance profile not customizedThis response indicates that the performance profile for this Cisco 1000 series lightweight access point is using the global defaults and has not been individually configured.
Related Commands
config advanced 802.11b profile clients, config advanced 802.11b profile coverage, config advanced 802.11b profile customize, config advanced 802.11b profile exception, config advanced 802.11b profile foreign, config advanced 802.11b profile level, config advanced 802.11b profile noise, config advanced 802.11b profile throughput, config advanced 802.11b profile utilization
show advanced 802.11b receiver
To display the advanced 802.11b/g default Cisco radio receiver parameters, use the show advanced 802.11b receiver command.
show advanced 802.11b receiver
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11b
802.11b/g network.
receiver
Cisco radio receiver values.
Defaults
None.
Examples
> show advanced 802.11b receiverDefault 802.11b Receiver SettingsRxStart : Signal Threshold............... 15RxStart : Signal Jump Threshold.......... 5RxStart : Preamble Power Threshold....... 2RxRestart : Signal Jump Status............. EnabledRxRestart : Signal Jump Threshold.......... 10TxStomp : Low RSS Status. .............. DisabledTxStomp : Low RSSI Threshold............. 37TxStomp : Wrong BSSID Status............. DisabledTxStomp : Wrong BSSID Data Only Status... DisabledRxAbort : Raw Power Drop Status.......... DisabledRxAbort : Raw Power Drop Threshold....... 0RxAbort : Low RSSI Status................ EnabledRxAbort : Low RSSI Threshold............. 0RxAbort : Wrong BSSID Status............. DisabledRxAbort : Wrong BSSID Data Only Status... DisabledRelated Commands
config advanced 802.11b monitor coverage, config advanced 802.11b monitor load, config advanced 802.11b monitor noise, config advanced 802.11b monitor signal
show advanced 802.11b summary
To display the advanced 802.11b/g Cisco 1000 series lightweight access point name, channel, and transmit level summary, use the show advanced 802.11b summary command.
show advanced 802.11b summary
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11b
802.11b/g network.
summary
Cisco 1000 series lightweight access point name, channel, and transmit level summary.
Defaults
None.
Examples
> show advanced 802.11b summaryAP name Channel Txpower Level------------------- ---------- ------------AP1 11* 1*AP2 10* 4AP3 6* 2
Note
Related Commands
show advanced 802.11a summary
show advanced 802.11b txpower
To view the advanced 802.11b/g automatic transmit power assignment, use the show advanced 802.11b txpower command.
show advanced 802.11b txpower
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
802.11b
802.11b/g network.
txpower
Transmit power.
Defaults
None.
Examples
> show advanced 802.11b txpowerAutomatic Transmit Power AssignmentTransmit Power Assignment Mode................. AUTOTransmit Power Update Interval................. 600 secondsTransmit Power Threshold....................... -65 dBmTransmit Power Neighbor Count.................. 3 APsTransmit Power Update Contribution............. SNI.Transmit Power Assignment Leader............... xx:xx:xx:xx:xx:xxLast Run....................................... 427 seconds agoRelated Commands
config 802.11b txPower
show advanced client-handoff
To display the number of automatic client handoffs after retries, use the show advanced client-handoff command.
show advanced client-handoff
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
client-handoff
Advanced client handoff count.
Defaults
None.
Examples
> show advanced client-handoffClient auto handoff after retries................ 130Related Commands
config advanced timers auth-timeout, config advanced timers rogue-ap
show advanced eap
To displayadvanced Extensible Authentication Potocol settings, use the show advanced eap command.
show advanced eap
Syntax Description
Defaults
None.
Examples
> show advanced eapEAP-Identity-Request Timeout (seconds)........... 1EAP-Identity-Request Max Retries................. 20EAP Key-Index for Dynamic WEP.................... 0EAP-Request Timeout (seconds).................... 1EAP-Request Max Retries.......................... 2Related Commands
(tbd)
show advanced max-1x-sessions
To display the maximum number of simultaneous 802.1x sessions allowed per access point, use the show advanced max-1x-sessions command.
show advanced max-1x-sessions
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
max-1x-sessions
Maximum number of simultaneous 802.1x sessions allowed per access point.
Defaults
None.
Examples
> show advanced max-1x-sessionsMax 802.1x session per AP at a given time........ 0Related Commands
(tbd)
show advanced probe-limit
To display the number of probes sent to the WLAN controller per access point per client and the probe interval in milliseconds, use the show advanced probe-limit command.
show advanced probe-limit
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
probe-limit
Number of probes sent to the WLAN controller per access point per client and the probe interval in milliseconds.
Defaults
None.
Examples
> show advanced probe-limitProbes sent to switch per AP slot per client .... 2Probe interval in msec........................... 500Related Commands
(tbd)
show advanced rate
To display whether control path rate limiting is enabled or disabled, use the show advanced rate command.
show advanced rate
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
rate
Control path rate limiting enabled or disabled.
Defaults
None.
Examples
> show advanced rateControl Path Rate Limiting....................... DisabledRelated Commands
(tbd)
show advanced send-disassoc-on-handoff
To display whether the WLAN controller disassociates clients after a handoff, use the show advanced send-disassoc-on-handoff command.
show advanced send-disassoc-on-handoff
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
send-disassoc-on-handoff
WLAN controller disassociates clients after a handoff enabled or disabled.
Defaults
None.
Examples
> show advanced send-disassoc-on-handoffSend Disassociate on Handoff..................... DisabledRelated Commands
(tbd)
show advanced statistics
To display whether or not the Cisco Wireless LAN controller port statistics are enabled or disabled, use the show advanced statistics command.
show advanced statistics
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
statistics
Show Cisco Wireless LAN controller port statistics state.
Defaults
None.
Examples
> show advanced statisticsSwitch port statistics........................... EnabledRelated Commands
config advanced timers auth-timeout, config advanced timers rogue-ap
show advanced timers
To display the advanced mobility anchor, authentication response, and rogue access point entry timers, use the show advanced timers command.
show advanced timers
Syntax Description
Defaults
Shown below in examples.
Examples
> show advanced timersAuthentication Response Timeout (seconds)...... 10Rogue Entry Timeout (seconds).................. 1200AP Heart Beat Timeout (seconds)................ 30AP Discovery Timeout (seconds)................. 10EAP Request Timeout (seconds).................. 8 (only when EAP is enabled)Related Commands
config advanced timers auth-timeout, config advanced timers rogue-ap
SHOW AP COMMANDS
Use the SHOW AP commands to show access point parameters.
show ap auto-rf
To display the auto-rf settings for a Cisco 1000 series lightweight access point, use the show ap auto-rf command.
show ap auto-rf {802.11a | 802.11b} Cisco_AP
Syntax Description
show
Display configurations.
ap auto-rf
Cisco radio.
{802.11a | 802.11b}
802.11a or 802.11b/g setting.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> show ap auto-rf 802.11a AP1Number Of Slots.................................. 2Rad Name......................................... AP03MAC Address...................................... 00:0b:85:01:18:b7Radio Type..................................... RADIO_TYPE_80211aNoise InformationNoise Profile................................ PASSEDChannel 36................................... -88 dBmChannel 40................................... -86 dBmChannel 44................................... -87 dBmChannel 48................................... -85 dBmChannel 52................................... -84 dBmChannel 56................................... -83 dBmChannel 60................................... -84 dBmChannel 64................................... -85 dBmInterference InformationInterference Profile......................... PASSEDChannel 36................................... -66 dBm @ 1% busyChannel 40................................... -128 dBm @ 0% busyChannel 44................................... -128 dBm @ 0% busyChannel 48................................... -128 dBm @ 0% busyChannel 52................................... -128 dBm @ 0% busyChannel 56................................... -73 dBm @ 1% busyChannel 60................................... -55 dBm @ 1% busyChannel 64................................... -69 dBm @ 1% busyLoad InformationLoad Profile................................. PASSEDReceive Utilization.......................... 0%Transmit Utilization......................... 0%Channel Utilization.......................... 1%Attached Clients............................. 1 clientsCoverage InformationCoverage Profile............................. PASSEDFailed Clients............................... 0 clientsClient Signal StrengthsRSSI -100 dBm................................ 0 clientsRSSI -92 dBm................................ 0 clientsRSSI -84 dBm................................ 0 clientsRSSI -76 dBm................................ 0 clientsRSSI -68 dBm................................ 0 clientsRSSI -60 dBm................................ 0 clientsRSSI -52 dBm................................ 0 clientsClient Signal To Noise RatiosSNR 0 dBm................................. 0 clientsSNR 5 dBm................................. 0 clientsSNR 10 dBm................................. 0 clientsSNR 15 dBm................................. 0 clientsSNR 20 dBm................................. 0 clientsSNR 25 dBm................................. 0 clientsSNR 30 dBm................................. 0 clientsSNR 35 dBm................................. 0 clientsSNR 40 dBm................................. 0 clientsSNR 45 dBm................................. 0 clientsNearby RADsRAD 00:0b:85:01:05:08 slot 0................. -46 dBm on 10.1.30.170RAD 00:0b:85:01:12:65 slot 0................. -24 dBm on 10.1.30.170Channel Assignment InformationCurrent Channel Average Energy............... -86 dBmPrevious Channel Average Energy.............. -75 dBmChannel Change Count......................... 109Last Channel Change Time..................... Wed Sep 29 12:53e:34 2004Recommended Best Channel..................... 44RF Parameter RecommendationsPower Level.................................. 1RTS/CTS Threshold............................ 2347Fragmentation Threshold...................... 2346Antenna Pattern.............................. 0Related Commands
config 802.11a antenna, config 802.11b antenna, config cell
show ap bmode
To display the backhaul mode for a Cisco 1030 or 1500 Series lightweight access point deployed in bridging or mesh mode, use the show ap bhmode command.
show ap bhmode Cisco_AP
Syntax Description
Defaults
None.
Examples
> show ap bhmode AP02Related Commands
config ap stats-timer
show ap bhrate
To display the backhaul rate for a Cisco 1030 or 1500 Series lightweight access point deployed in bridging or mesh mode, use the show ap bhrate command.
show ap bhrate Cisco_AP
Syntax Description
Defaults
None.
Examples
> show ap bhrate AP02Related Commands
config ap stats-timer
show ap config
To display the detailed configuration for an 802.11b/g Cisco 1000 series lightweight access point, use the show ap config command.
show ap config {802.11a | 802.11b | general} Cisco_AP
Syntax Description
show
Display configurations.
ap config
Cisco radio.
802.11a
802.11a settings.
802.11b
802.11b/g settings.
general
General settings.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> show ap config 802.11a AP02Cisco AP Identifier.............................. 0Cisco AP Name.................................... AP02AP Regulatory Domain............................. UnconfiguredSwitch Port Number .............................. 1MAC Address...................................... 00:0b:85:18:b6:50IP Address Configuration......................... DHCPIP Address....................................... 1.100.49.240IP NetMask....................................... 255.255.255.0Gateway IP Addr.................................. 1.100.49.1Cisco AP Location................................ default-locationCisco AP Group Name.............................. default-groupPrimary Cisco Switch............................. Cisco_32:ab:63Secondary Cisco Switch...........................Tertiary Cisco Switch............................Administrative State ............................ ADMIN_ENABLEDOperation State ................................. REGISTEREDMirroring Mode .................................. DisabledAP Mode ......................................... LocalRemote AP Debug ................................. DisabledS/W Version .................................... 3.1.61.0Boot Version ................................... 1.2.59.6Stats Re--More-- or (q)uitporting Period .................................. 180LED State........................................ EnabledILP Pre Standard Switch.......................... DisabledILP Power Injector............................... DisabledNumber Of Slots.................................. 2AP Model......................................... AS-1200AP Serial Number................................. 044110223AAP Certificate Type.............................. Manufacture InstalledAttributes for Slot 0Radio Type................................... RADIO_TYPE_80211aAdministrative State ........................ ADMIN_ENABLEDOperation State ............................. UPWLAN Override................................ DisabledCellId ...................................... 0Station ConfigurationConfiguration ............................. AUTOMATICNumber Of WLANs ........................... 1Medium Occupancy Limit .................... 100CFP Period ................................ 4CFP MaxDuration ........................... 60BSSID ..................................... 00:0b:85:18:b6:50Operation Rate Set6000 Kilo Bits........................... MANDATORY9000 Kilo Bits........................... SUPPORTED12000 Kilo Bits.......................... MANDATORY18000 Kilo Bits.......................... SUPPORTED24000 Kilo Bits.......................... MANDATORY36000 Kilo Bits.......................... SUPPORTED48000 Kilo Bits.......................... SUPPORTED54000 Kilo Bits.......................... SUPPORTEDBeacon Period ............................. 100DTIM Period ............................... 1Fragmentation Threshold ................... 2346Multi Domain Capability Implemented ....... TRUEMulti Domain Capability Enabled ........... TRUECountry String ............................ USMulti Domain CapabilityConfiguration ............................. AUTOMATICFirst Chan Num ............................ 36Number Of Channels ........................ 4MAC Operation ParametersConfiguration ............................. AUTOMATICRTS Threshold ............................. 2347Short Retry Limit ......................... 7Long Retry Limit .......................... 4Fragmentation Threshold ................... 2346Maximum Tx MSDU Life Time ................. 512Maximum Rx Life Time ...................... 512Tx PowerNum Of Supported Power Levels ............. 5Tx Power Level 1 .......................... 18 dBmTx Power Level 2 .......................... 15 dBmTx Power Level 3........................... 12 dBmTx Power Level 4 .......................... 9 dBmTx Power Level 5 .......................... 6 dBmTx Power Configuration .................... CUSTOMIZEDCurrent Tx Power Level..................... 5Phy OFDM parametersConfiguration ............................. AUTOMATICCurrent Channel ........................... 36TI Threshold .............................. -50Antenna Type............................... INTERNAL_ANTENNAInternal Antenna Gain (in .5 dBm units).... 11AntennaMode................................ ANTENNA_OMNIPerformance Profile ParametersConfiguration ............................. AUTOMATICInterference threshold..................... 10%Noise threshold............................ -70 dBmRF utilization threshold................... 80%Data-rate threshold........................ 1000000 bpsClient threshold........................... 12 clientsCoverage SNR threshold..................... 16 dBCoverage exception level................... 25%Client minimum exception level............. 3 clientsRogue Containment InformationContainment Count............................ 0> show ap config 802.11b AP02Cisco AP Identifier.............................. 0Cisco AP Name.................................... AP02AP Regulatory Domain............................. UnconfiguredSwitch Port Number .............................. 1MAC Address...................................... 00:0b:85:18:b6:50IP Address Configuration......................... DHCPIP Address....................................... 1.100.49.240IP NetMask....................................... 255.255.255.0Gateway IP Addr.................................. 1.100.49.1Cisco AP Location................................ default-locationCisco AP Group Name.............................. default-groupPrimary Cisco Switch............................. Cisco_32:ab:63Secondary Cisco Switch...........................Tertiary Cisco Switch............................Administrative State ............................ ADMIN_ENABLEDOperation State ................................. REGISTEREDMirroring Mode .................................. DisabledAP Mode ......................................... LocalRemote AP Debug ................................. DisabledS/W Version .................................... 3.1.61.0Boot Version ................................... 1.2.59.6Stats Reporting Period .......................... 180LED State........................................ EnabledILP Pre Standard Switch.......................... DisabledILP Power Injector............................... DisabledNumber Of Slots.................................. 2AP Model......................................... AS-1200AP Serial Number................................. 044110223AAP Certificate Type.............................. Manufacture InstalledAttributes for Slot 1Radio Type................................... RADIO_TYPE_80211gAdministrative State ........................ ADMIN_ENABLEDOperation State ............................. UPWLAN Override ............................... DisabledCellId ...................................... 0Station ConfigurationConfiguration ............................. AUTOMATICNumber Of WLANs ........................... 1Medium Occupancy Limit .................... 100CFP Period ................................ 4CFP MaxDuration ........................... 60BSSID ..................................... 00:0b:85:18:b6:50Operation Rate Set1000 Kilo Bits........................... MANDATORY2000 Kilo Bits........................... MANDATORY5500 Kilo Bits........................... MANDATORY11000 Kilo Bits.......................... MANDATORY6000 Kilo Bits........................... SUPPORTED9000 Kilo Bits........................... SUPPORTED12000 Kilo Bits.......................... SUPPORTED18000 Kilo Bits.......................... SUPPORTED24000 Kilo Bits.......................... SUPPORTED36000 Kilo Bits.......................... SUPPORTED48000 Kilo Bits.......................... SUPPORTED54000 Kilo Bits.......................... SUPPORTEDBeacon Period ............................. 100DTIM Period ............................... 1Fragmentation Threshold ................... 2346Multi Domain Capability Implemented ....... TRUEMulti Domain Capability Enabled ........... TRUECountry String ............................ USMulti Domain CapabilityConfiguration ............................. AUTOMATICFirst Chan Num ............................ 1Number Of Channels ........................ 11MAC Operation ParametersConfiguration ............................. AUTOMATICRTS Threshold ............................. 2347Short Retry Limit ......................... 7Long Retry Limit .......................... 4Fragmentation Threshold ................... 2346Maximum Tx MSDU Life Time ................. 512Maximum Rx Life Time....................... 512Tx PowerNum Of Supported Power Levels.............. 5Tx Power Level 1 .......................... 17 dBmTx Power Level 2........................... 14 dBmTx Power Level 3........................... 11 dBmTx Power Level 4........................... 8 dBmTx Power Level 5........................... 5 dBmTx Power Configuration..................... CUSTOMIZEDCurrent Tx Power Level..................... 5Phy OFDM parametersConfiguration.............................. CUSTOMIZEDCurrent Channel............................ 1TI Threshold............................... -50Antenna Type............................... INTERNAL_ANTENNAInternal Antenna Gain (in5 dBm units)...... 11Diversity.................................. DIVERSITY_ENABLEDPerformance Profile ParametersConfiguration.............................. AUTOMATICInterference threshold..................... 10%Noise threshold............................ -70 dBmRF utilization threshold................... 80%Data-rate threshold........................ 1000000 bpsClient threshold........................... 12 clientsCoverage SNR threshold..................... 12 dBCoverage exception level................... 25%Client minimum exception level............. 3 clientsRogue Containment InformationContainment Count............................ 0> show ap config general AP02Cisco AP Identifier.............................. 0Cisco AP Name.................................... AP02AP Regulatory Domain............................. UnconfiguredSwitch Port Number............................... 1MAC Address...................................... xx:xx:xx:xx:xx:xxIP Address Configuration......................... DHCPIP Address....................................... 1.100.49.240IP NetMask....................................... 255.255.255.0Gateway IP Addr.................................. 1.100.49.1Cisco AP Location................................ default-locationCisco AP Group Name.............................. default-groupPrimary Cisco Switch............................. Cisco_32:ab:63Secondary Cisco Switch...........................Tertiary Cisco Switch............................Administrative State............................. ADMIN_ENABLEDOperation State.................................. REGISTEREDMirroring Mode................................... DisabledAP Mode.......................................... LocalRemote AP Debug.................................. DisabledS/W Version..................................... 3.1.61.0Boot Version.................................... 1.2.59.6porting Period................................... 180LED State........................................ EnabledILP Pre Standard Switch.......................... DisabledILP Power Injector............................... DisabledNumber Of Slots.................................. 2AP Model......................................... AS-1200AP Serial Number................................. 044110223AAP Certificate Type.............................. Manufacture InstalledRelated Commands
config 802.11a antenna, config 802.11b antenna, config cell
show ap core-dump
To display the memory core dump setting for a Cisco 1000 series lightweight access point, use the show ap core-dump command.
show ap core-dump Cisco_AP
Syntax Description
show
Display configurations.
ap
Cisco radio.
core-dump
Display the memory core dump setting for an access point.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> show ap core-dump AP02Related Commands
config ap stats-timer
show ap crash-file
To display the list of both crash and radio core dump files generated by Cisco 1000 series lightweight access points, use the show ap crash-file command.
show ap crash-file
Syntax Description
show
Display configurations.
ap
Cisco radio.
crash-file
Display the list of both crash and radio core dump files generated by access points. The generated information includes size and memory usage.
Defaults
None.
Examples
> show ap crash-fileRelated Commands
config ap stats-timer
show ap stats
To display the statistics for a Cisco 1000 series lightweight access point, use the show ap stats command.
show ap stats {802.11a | 802.11b} Cisco_AP
Syntax Description
show
Display configurations.
ap stats
Cisco radio.
802.11a
802.11a statistics.
802.11b
802.11b/g statistics.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> show ap stats 802.11b AP02Number Of Slots.................................. 2AP Name.......................................... AP02MAC Address...................................... 00:0b:85:18:b6:50Radio Type..................................... RADIO_TYPE_80211aStats InformationNumber of Users.............................. 0TxFragmentCount.............................. 1679MulticastTxFrameCnt.......................... 1260FailedCount.................................. 15892RetryCount................................... 331MultipleRetryCount........................... 0FrameDuplicateCount.......................... 0RtsSuccessCount.............................. 0RtsFailureCount.............................. 0AckFailureCount.............................. 80212RxFragmentCount.............................. 248671MulticastRxFrameCnt.......................... 0FcsErrorCount................................ 105968TxFrameCount................................. 1679WepUndecryptableCount........................ 0Related Commands
config ap stats-timer
show ap summary
To display a summary of all Cisco 1000 series lightweight access points attached to the Cisco Wireless LAN controller, use the show ap summary command. A list containing each Cisco 1000 series lightweight access point name, number of slots, manufacturer, MAC address, location and Cisco Wireless LAN controller port number is displayed.
show ap summary
Syntax Description
show
Display configurations.
ap
All Cisco 1000 series lightweight access points.
summary
Summary of all Cisco 1000 series lightweight access points.
Defaults
None.
Examples
> show ap summaryAP Name Slots AP Model EnetMAC Location Port------------------ ----- ------------------- ----------------- ---------------- ----- AP01 2 AIR-AP1210 xx:xx:xx:xx:xx:xx default location 12AP02 2 AIR-AP1210 xx:xx:xx:xx:xx:xx default location 11Related Commands
show advanced 802.11a summary, show advanced 802.11b summary, show certificate summary, show client summary, show mobility summary, show radius summary, show rogue-ap summary, show wlan summary
show ap wlan
To display whether or not a Cisco Wireless LAN controller radio is in wireless LAN override mode (as described in the related product guide), use the show ap wlan command.
show ap wlan {802.11a | 802.11b} Cisco_AP
Syntax Description
Defaults
None.
Examples
> show ap wlan 802.11a AP01Cisco AP is not in override mode.Related Commands
show advanced 802.11a summary, show advanced 802.11b summary, show certificate summary, show client summary, show mobility summary, show radius summary, show rogue-ap summary, show wlan summary
show arp switch
To display the Cisco Wireless LAN controller MAC addresses, IP Addresses, and port types, use the show arp switch command.
show arp switch
Syntax Description
show
Display configurations.
arp
arp MAC addresses, IP Addresses, and port types.
switch
Cisco Wireless LAN controller parameters.
Defaults
None.
Examples
> show arp switchMAC Address IP Address Port VLAN Type------------------- ---------------- ------------ ---- -------------------xx:xx:xx:xx:xx:xx xxx.xxx.xxx.xxx service port 1xx:xx:xx:xx:xx:xx xxx.xxx.xxx.xxx service portxx:xx:xx:xx:xx:xx xxx.xxx.xxx.xxx service portRelated Commands
debug arp
show auth-list
To display the access point authorization list, use the show auth-list command.
show auth-list
Syntax Description
Defaults
None.
Examples
> show auth-listAuthorize APs against AAA...................... disabledAllow APs with Self-signed Certificate (SSC)... disabledMac Addr Cert Type Key Hash----------------------- ---------- ------------------------------------------xx:xx:xx:xx:xx:xx MICRelated Commands
config auth-list
show boot
Each Cisco Wireless LAN controller retains one primary and one backup operating system software load in non-volatile RAM. This allows operators to have the Cisco Wireless LAN controllers boot off the primary load (default), or revert to the backup load when desired. To display the primary and backup software build numbers with an indication of which is active, use the show boot command.
show boot
Syntax Description
Defaults
None.
Examples
> show bootPrimary Boot Image............................... 3.2.13.0 (active)Backup Boot Image................................ 3.2.15.0Related Commands
config exclusionlist add, config exclusionlist delete, config exclusionlist description, show client
SHOW CERTIFICATE COMMANDS
Use the SHOW CERTIFICATE commands to display certificate settings.
show certificate compatibility
To display whether or not certificates are verified as compatible in the Cisco Wireless LAN controller, use the show certificate compatibility command.
show certificate compatibility
Syntax Description
show
Display configurations.
certificate
All certificates.
compatibility
Compatibility of certificates.
Defaults
None.
Examples
> show certificate compatibilityCertificate compatibility mode:................ offRelated Commands
show certificate summary
show certificate summary
To display a summary of all certificates active in the Cisco Wireless LAN controller, use the show certificate summary command.
show certificate summary
Syntax Description
Defaults
None.
Examples
> show certificate summaryWeb Administration Certificate................. Locally GeneratedWeb Authentication Certificate................. Locally GeneratedCertificate compatibility mode:................ offRelated Commands
show certificate compatibility
SHOW CLIENT COMMANDS
Use the SHOW CLIENT commands to display client settings.
show client ap
To display the clients on a Cisco 1000 series lightweight access point, use the show client ap command.
Note
show client ap {802.11a | 802.11b} Cisco_AP
Syntax Description
show
Display configurations.
client ap
Cisco radio.
802.11a
802.11a clients.
802.11b
802.11b/g clients.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> show client ap 802.11b AP1MAC Address AP Id Status WLAN Id Authenticated----------------- ------ ------------- --------- -------------xx:xx:xx:xx:xx:xx 1 Associated 1 NoRelated Commands
show client detail, show client summary, show client username, show exclusionlist
show client detail
To display detailed information for a client on a Cisco 1000 series lightweight access point, use the show client detail command.
Note
show client detail MAC
Syntax Description
show
Display configurations.
client
802.11a or 802.11b/g client.
detail
Connectivity information.
MAC
MAC address of the specific client.
Defaults
None.
Examples
> show client detail 00:0c:41:07:33:a6Client MAC Address............................... xx:xx:xx:xx:xx:xxClient Username.................................. N/AAP MAC Address................................... xx:xx:xx:xx:xx:xxClient State..................................... AssociatedWireless LAN Id.................................. 1IP Address....................................... UnknownAssociation Id................................... 1Authentication Algorithm......................... Shared KeyReason Code...................................... 0Status Code...................................... 0Session Timeout.................................. 0Mirroring........................................ DisabledQoS Level........................................ GoldDiff Serv Code Point (DSPC)...................... disabled802.1P Priority Tag.............................. disabledMobility State................................... LocalMobility Move Count.............................. 0Security Policy Completed........................ NoPolicy Manager State............................. DHCP_REQDPolicy Manager Rule Created...................... NoNPU Fast Notified................................ YesPolicy Type...................................... N/AEncryption Cipher................................ WEP (104 bits)EAP Type......................................... UnknownInterface........................................ managementVLAN............................................. 0Client Capabilities:CF Pollable................................ Not implementedCF Poll Request............................ Not implementedShort Preamble............................. Not implementedPBCC....................................... Not implementedChannel Agility............................ Not implementedListen Interval............................ 0Client Statistics:Number of Bytes Received................... 0Number of Bytes Sent....................... 0Number of Packets Received................. 0Number of Packets Sent..................... 0Number of Policy Errors.................... 0Radio Signal Strength Indicator............ UnavailableSignal to Noise Ratio...................... UnavailableNearby AP Statistics:AP03(slot 0) 24643 seconds ago............. -11 dBmRelated Commands
show client ap, show client summary, show client username, show exclusionlist
show client summary
To display a summary of clients associated with a Cisco 1000 series lightweight access point, use the show client summary command.
Note
show client summary
Syntax Description
Defaults
None.
Examples
> show client summaryNumber of Clients................................ 24MAC Address AP Name Status WLAN Auth Protocol Port----------------- ----------------- ------------- ---- ---- -------- ----xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11a 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11a 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11b 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11a 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11b 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11b 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11b 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11b 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11b 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11a 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11a 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11b 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11a 1xx:xx:xx:xx:xx:xx AP02 Probing N/A No 802.11a 1Related Commands
show client ap, show client detail, show client username, show exclusionlist
show client username
To display client data by username, use the show client username command.
show client username username
Syntax Description
show
Display configurations.
client
Display client data.
username
Cisco radio.
username
Client's username.
Defaults
None.
Examples
> show client username IT_007MAC Address AP ID Status WLAN Id Authenticated----------------- ------ ------------- --------- -------------xx:xx:xx:xx:xx:xx 1 Associated 1 NoRelated Commands
show client ap, show client detail, show client summary
show country
The Cisco Wireless LAN controller must be configured to comply with the target country's permitted 802.11a and/or 802.11b frequency bands. To display a list of supported countries and their permitted frequency bands, use the show country command. This command also shows you the current country setting for the Cisco Wireless LAN controller.
Note
show country
Syntax Description
Defaults
None.
Examples
> show countryRelated Commands
show sysinfo
show cpu
To display current WLAN Controller CPU usage information, use the show cpu command.
show cpu
Syntax Description
Defaults
None.
Examples
> show cpuCurrent CPU load: 2.50%Related Commands
show sysinfo
show custom-web
To display web authentication customization information, use the show custom-web command.
show custom-web
Syntax Description
Defaults
None.
Examples
> show custom-webRadius Authentication Method..................... PAPCisco Logo....................................... EnabledCustomLogo....................................... NoneCustom Title..................................... NoneCustom Message................................... NoneCustom Redirect URL.............................. NoneExternal web authentication Mode................. DisabledExternal web authentication URL.................. NoneRelated Commands
config custom-web
show database summary
To display the local database configuration, use the show database command.
show database summary
Syntax Description
Defaults
None.
Examples
> show database summaryCurrent Max database entries.......................... 512Max database entries on next reboot................... 512Related Commands
show sysinfo
show debug
Use the show debug command, to determine if MAC address and other flag debugging is enabled or disabled.
show debug
Syntax Description
Defaults
disabled.
Examples
> show debugMAC debugging............................... disabledDebug Flags Enabled:arp error enabled.bcast error enabled.Related Commands
debug mac
show dhcp
Use the show dhcp command, to display the internal DHCP server configuration.
show dhcp {leases | summary | scope}
Syntax Description
Defaults
None.
Examples
> show dhcp leasesNo leases allocated.> show dhcp summaryScope Name Enabled Address Range003 No 0.0.0.0 -> 0.0.0.0> show dhcp 003Enabled....................................... NoLease Time.................................... 0Pool Start.................................... 0.0.0.0Pool End...................................... 0.0.0.0Network....................................... 0.0.0.0Netmask....................................... 0.0.0.0Default Routers............................... 0.0.0.0 0.0.0.0 0.0.0.0DNS Domain....................................DNS........................................... 0.0.0.0 0.0.0.0 0.0.0.0Netbios Name Servers.......................... 0.0.0.0 0.0.0.0 0.0.0.0Related Commands
config dhcp
show dhcp proxy
Use the show dhcp proxy command to display the status of DHCP proxy handling.
show dhcp proxy
Syntax Description
Defaults
None.
Examples
> show dhcp proxyDHCP Proxy Behaviour: enabledRelated Commands
config dhcp proxy
show eventlog
Use the show eventlog command, to display the event log.
show eventlog
Syntax Description
Defaults
None.
Examples
> show eventlogTimeFile Line TaskID Code d h m sEVENT> bootos.c 788 125CEBCC AAAAAAAA 0 0 0 6EVENT> bootos.c 788 125CEBCC AAAAAAAA 0 0 0 6EVENT> bootos.c 788 125C597C AAAAAAAA 0 0 0 6EVENT> bootos.c 788 125C597C AAAAAAAA 0 0 0 6EVENT> bootos.c 788 125C597C AAAAAAAA 0 0 0 6EVENT> bootos.c 788 125C597C AAAAAAAA 0 0 0 6EVENT> bootos.c 788 125C597C AAAAAAAA 0 0 0 6EVENT> bootos.c 788 125C597C AAAAAAAA 0 0 0 6EVENT> bootos.c 788 1216C36C AAAAAAAA 0 0 0 6EVENT> bootos.c 788 1216C36C AAAAAAAA 0 0 0 6EVENT> bootos.c 788 1216C36C AAAAAAAA 0 0 0 6EVENT> bootos.c 788 1216C36C AAAAAAAA 0 0 0 11Related Commands
show msglog
show exclusionlist
To display a summary of all clients on the manual exclusion list (blacklisted) from associating with this Cisco Wireless LAN controller, use the show exclusionlist command. A list containing each manually Excluded MAC address is displayed.
show exclusionlist
Syntax Description
Defaults
None.
Examples
> show exclusionlistMAC Address Description----------------------- --------------------------------xx:xx:xx:xx:xx:xx Disallowed ClientRelated Commands
config exclusionlist add, config exclusionlist delete, config exclusionlist description, show client
show ike
Use the show ike command to display active IKE SAs.
show ike {brief | IP_or_MAC_address}
Syntax Description
show
Command action.
ike
Display active IKE SAs.
brief
List of all active IKE SAs.
IP_or_MAC_address
IP or MAC address of active IKE SA.
Defaults
None.
Examples
> show ikeRelated Commands
None
show interface
Use the show interface command to display details of the system interfaces.
show interface {summary | detailed interface_name}
Syntax Description
show interface
Command action
summary
Display a summary of the local interfaces.
detailed
Display detailed interface information.
interface_name
Identifies interface name for detailed display
Defaults
None.
Examples
> show interface summaryInterface Name Vlan Id IP Address Type Ap Mgr-------------------------------- -------- --------------- ------- ------ap-manager 149 xxx.xxx.xxx.xxx Static Yesmanagement 149 xxx.xxx.xxx.xxx Static Noservice-port N/A xxx.xxx.xxx.xxx Static Novirtual N/A xxx.xxx.xxx.xxx Static No> show interface detailed managementInterface Name................................... managementMAC Address...................................... 00:0b:85:32:ab:60IP Address....................................... 1.100.49.30IP Netmask....................................... 255.255.255.0IP Gateway....................................... 1.100.49.1VLAN............................................. 149Active Physical Port............................. 1Primary Physical Port............................ 1Backup Physical Port............................. UnconfiguredPrimary DHCP Server.............................. 1.100.2.15Secondary DHCP Server............................ UnconfiguredACL.............................................. UnconfiguredAP Manager....................................... No
Note
Related Commands
config interface
show inventory
To display a physical inventory of the Cisco Wireless LAN controller, use the show inventory command.
show inventory
Syntax Description
Defaults
None.
Examples
> show inventorySwitch Description............................... Cisco ControllerMachine Model.................................... WLC4404-100Serial Number.................................... FLS0923003BBurned-in MAC Address............................ 00:0B:85:32:AB:60Crypto Accelerator 1............................. AbsentCrypto Accelerator 2............................. AbsentPower Supply 1................................... AbsentPower Supply 2................................... Present, OK
Note
Related Commands
show sysinfo
show ipsec
Use the show ipsec command to display active IPSec SAs.
show ipsec {brief | IP_or_MAC_address}
Syntax Description
show
Command action.
ipsec
Display active IPSec SAs
{brief |
IP_or_MAC_address}Enter brief to display active IPSec SAs.
Enter the IP address of MAC address of an IPSec SA.
Defaults
None.
Examples
> show ipsec briefRelated Commands
None
show known ap
To display known Cisco 1000 series lightweight access point information, use the show known ap command.
show known ap {summary | detailed MAC}
Syntax Description
Defaults
None.
Examples
> show known ap summaryMAC Address State # APs # Clients Last Heard----------- ----------- ----- -------- -----------------Related Commands
config ap
show l2tp
To display L2TP sessions, use the show l2tp command.
show l2tp {summary | ip_address}
Syntax Description
show l2tp
Display configurations.
summary
Displays all L2TP sessions.
ip_address
Displays an L2TP session.
Defaults
None.
Examples
> show l2tp summaryLAC_IPaddr LTid LSid RTid RSid ATid ASid State---------- ---- ---- ---- ---- ---- ---- -----Related Commands
None
show load-balancing
To display the status of the load-balancing feature, use the show load-balancing command.
show load-balancing
Syntax Description
Defaults
None.
Examples
> show load-balancingAggressive Load Balancing...................... EnabledAggressive Load Balancing Window............... 0 clientsRelated Commands
config load-balancing
show location summary
To display information about defined locations, use the show location summary command.
show location summary
Syntax Description
show location
Display command for locations.
summary
Display all location information defined in the system.
Defaults
None.
Examples
> show location summaryStatus...................................................... disabledRelated Commands
config location
show loginsession
To display the existing sessions, use the show loginsession command.
show loginsession
Syntax Description
Defaults
None.
Examples
> show loginsessionID User Name Connection From Idle Time Session Time-- --------------- --------------- ------------ ------------00 admin EIA-232 00:00:00 00:19:04Related Commands
config loginsession close
show macfilter
To display the MAC filter parameters, use the show macfilter command. The MAC delimiter (none, colon, or hyphen) for MAC addresses sent to RADIUS servers is displayed. The MAC filter table lists the clients that are always allowed to associate with a wireless LAN.
show macfilter {summary | detail MAC}
Syntax Description
show
Display configurations.
macfilter
Filter details.
summary
Display a summary of all MAC filter entries.
detail MAC
Detailed display of a MAC filter entry.
Defaults
None.
Examples
> show macfilter detail xx:xx:xx:xx:xx:xxMAC Address...................................... xx:xx:xx:xx:xx:xxWLAN Identifier.................................. AnyInterface Name................................... managementDescription...................................... RAP> show macfilter summaryMAC Filter RADIUS Compatibility mode............. Cisco ACSMAC Filter Delimiter............................. NoneLocal Mac Filter TableMAC Address WLAN Id Description----------------------- -------------- --------------------------------xx:xx:xx:xx:xx:xx Any RAPxx:xx:xx:xx:xx:xx Any PAP2 (2nd hop)xx:xx:xx:xx:xx:xx Any PAP1 (1st hop)Related Commands
config macfilter mac-delimiter, config macfilter add, config macfilter delete, config macfilter description, config macfilter ip-address, config macfilter wlan-id, show macfilter.
SHOW MESH COMMANDS
Use the SHOW MESH commands to display mesh settings.
show mesh linkrate
To display the mesh link rate for Cisco 1000 series lightweight access points, use the show mesh linkrate command.
show mesh linkrate <from Cisco_AP> <to Cisco_AP name|MAC address>
Syntax Description
Defaults
None.
Examples
> show mesh linkrateRelated Commands
None.
show mesh neigh
To display the mesh neighbors for a Cisco 1000 series lightweight access point, use the show mesh neigh command.
show mesh neigh Cisco_AP
Syntax Description
show
Display configurations.
mesh
Mesh configuration.
neigh
Show Cisco 1000 series lightweight access point neighborhood list.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> show mesh neighRelated Commands
None.
show mesh path
To display the mesh configuration for a Cisco 1000 series lightweight access point, use the show mesh path command.
show mesh path Cisco_AP
Syntax Description
show
Display configurations.
mesh
Mesh configuration.
path
Show Cisco 1000 series lightweight access point path.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> show mesh pathRelated Commands
None.
show mesh stats
To display the mesh statistics for a Cisco 1000 series lightweight access point, use the show mesh stats command.
show mesh stats Cisco_AP
Syntax Description
show
Display configurations.
mesh
Mesh configuration.
stats
Show Cisco 1000 series lightweight access point statistics.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> show mesh statsRelated Commands
None.
show mesh summary
To display the mesh configuration for a Cisco 1000 series lightweight access pointr, use the show mesh summary command.
show mesh summary Cisco_AP
Syntax Description
show
Display configurations.
summary
Show summary neighbor information for an access point.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> show mesh summaryRelated Commands
None.
show mgmtuser
To display the local management user accounts on the Cisco Wireless LAN controller, use the show mgmtuser command.
show mgmtuser
Syntax Description
Defaults
None.
Examples
> show mgmtuserUser Name Permissions Description----------------------- ------------ --------------------------------admin read-writeRelated Commands
config mgmtuser add, config mgmtuser delete, config mgmtuser password
SHOW MOBILITY COMMANDS
Use the SHOW MOBILITY commands to display mobility settings.
show mobility anchor
To display the wireless LAN anchor list for the Cisco Wireless LAN controller mobility groups, use the show mobility anchor command.
show mobility anchor
Syntax Description
show
Display configurations.
mobility
Mobility group.
anchor
Display the mobility wireless LAN anchor list.
Defaults
None.
Examples
> show mobility anchorMobility Anchor Export ListWLAN ID IP AddressRelated Commands
config mobility group discovery, config mobility group member
show mobility statistics
To display the statistics information for the Cisco Wireless LAN controller mobility groups, use the show mobility statistics command.
show mobility statistics
Syntax Description
show
Display configurations.
mobility
Mobility group.
statistics
Displays statistics for the mobility manager.
Defaults
None.
Examples
> show mobility statisticsGlobal Mobility StatisticsRx Errors..................................... 0Tx Errors..................................... 0Responses Retransmitted....................... 0Handoff Requests Received..................... 0Handoff End Requests Received................. 0State Transitions Disallowed.................. 0Resource Unavailable.......................... 0Mobility Initiator StatisticsHandoff Requests Sent......................... 0Handoff Replies Received...................... 0Handoff as Local Received..................... 2Handoff as Foreign Received................... 0Handoff Denys Received........................ 0Anchor Request Sent........................... 0Anchor Deny Received.......................... 0Anchor Grant Received......................... 0Anchor Transfer Received...................... 0Mobility Responder StatisticsHandoff Requests Ignored...................... 0Ping Pong Handoff Requests Dropped............ 0Handoff Requests Dropped...................... 0Handoff Requests Denied....................... 0Client Handoff as Local....................... 0Client Handoff as Foreign ................... 0Client Handoff Inter Group ................... 0Anchor Requests Received...................... 0Anchor Requests Denied........................ 0Anchor Requests Granted....................... 0Anchor Transferred............................ 0Related Commands
config mobility group discovery, config mobility group member
show mobility summary
To display the summary information for the Cisco Wireless LAN controller mobility groups, use the show mobility summary command.
show mobility summary
Syntax Description
show
Display configurations.
mobility
Mobility group.
summary
Display a summary of the mobility manager.
Defaults
None.
Examples
> show mobility summaryMobility Protocol Port........................... 16666Mobility Security Mode........................... DisabledDefault Mobility Domain.......................... mikemeshMobility Group members configured................ 1Switches configured in the Mobility GroupMAC Address IP Address Group Namexx:xx:xx:xx:xx:xx xxx.xxx.xxx.xxx <local>
Note
Related Commands
config mobility group discovery, config mobility group member
show msglog
To display the message logs written to the Cisco Wireless LAN controller database, use the show msglog command. If there are more that 15 entries you are prompted to display the messages shown in the example.
show msglog
Syntax Description
Defaults
None.
Examples
> show msglogMessage Log Severity Level..................... ERRORThu Aug 4 14:30:08 2005 [ERROR] spam_lrad.c 1540: AP 00:0b:85:18:b6:50 associated. Last AP failure was due to Link FailureThu Aug 4 14:30:08 2005 [ERROR] spam_lrad.c 13840: Updating IP info for AP 00:0b:85:18:b6:50 -- static 0, 1.100.49.240/255.255.255.0, gtw 1.100.49.1Thu Aug 4 14:29:32 2005 [ERROR] dhcpd.c 78: dhcp server: binding to 0.0.0.0Thu Aug 4 14:29:32 2005 [ERROR] rrmgroup.c 733: Airewave Director: 802.11a switch group resetThu Aug 4 14:29:32 2005 [ERROR] rrmgroup.c 733: Airewave Director: 802.11bg switch group resetThu Aug 4 14:29:22 2005 [ERROR] sim.c 2841: Unable to get link state for primary port 0 of interface ap-managerThu Aug 4 14:29:22 2005 [ERROR] dtl_l2_dot1q.c 767: Unable to get USPThu Aug 4 14:29:22 2005 Previous message occurred 2 timesThu Aug 4 14:29:14 2005 [CRITICAL] osapi_sem.c 794: Error! osapiMutexTake called with NULL pointer: osapi_bsntime.c:927Thu Aug 4 14:29:14 2005 [CRITICAL] osapi_sem.c 794: Error! osapiMutexTake called with NULL pointer: osapi_bsntime.c:919Thu Aug 4 14:29:14 2005 [CRITICAL] hwutils.c 1861: Security Module not foundThu Aug 4 14:29:13 2005 [CRITICAL] bootos.c 791: Starting code...Related Commands
show eventlog
show nac statistics
To display detailed Network Access Control (NAC) information about a Cisco Wireless LAN controller, use the show nac statistics command.
show nac statistics
Syntax Description
Defaults
None.
Examples
> show nac statisticsServer Index....................................................... 1Server Address..................................................... xxx.xxx.xxx.xxxNumber of requests sent............................................ 0Number of retransmissions.......................................... 0Number of requests received........................................ 0Number of malformed requests received.............................. 0Number of bad auth requests received............................... 0Number of pending requests......................................... 0Number of timed out requests....................................... 0Number of misc dropped request received............................ 0Number of requests sent............................................ 0Related Commands
show nac acl, show nac summary.
show nac summary
To display NAC summary information for a Cisco Wireless LAN controller, use the show nac summary command.
show nac summary
Syntax Description
Defaults
None.
Examples
> show nac summaryNAC ACL Name ...............................................Index Server Address Port State----- ---------------------------------------- ---- -----1 xxx.xxx.xxx.xxx 13336 EnabledRelated Commands
show nac acl, show nac statistics.
show netuser
To display local network user accounts, use the show netuser command.
show netuser
Syntax Description
Defaults
None.
Examples
> show netuserUser Name WLAN Id Description----------------------- -------------- --------------------------------krebbis 1 all krebbisRelated Commands
config netuser add, config netuser delete, config netuser password, config netuser wlan-id
show network
To display the network configuration of the Cisco Wireless LAN controller, use the show network command.
show network
Syntax Description
Defaults
None.
Examples
> show networkRF-Network Name............................. mikemeshWeb Mode.................................... DisableSecure Web Mode............................. EnableSecure Shell (ssh).......................... EnableTelnet...................................... DisableEthernet Multicast Mode..................... DisableUser Idle Timeout........................... 300 secondsARP Idle Timeout............................ 300 secondsARP Unicast Mode............................ DisabledCisco AP Default Master..................... DisableMgmt Via Wireless Interface................. DisableBridge AP Zero Config....................... EnableBridge Shared Secret........................ adminAllow Old Bridging Aps To Authenticate...... EnableOver The Air Provisioning of AP's........... EnableMobile Peer to Peer Blocking................ DisableApple Talk................................ DisableAP Fallback............................... EnableWeb Auth Redirect Ports................... 80Fast SSID Change.......................... DisabledRelated Commands
config network arptimeout, config network bcast-ssid, config network dsport, config network master-base, config network mgmt-via-wireless, config network params, config network rf-mobility-domain, config network secureweb, config network secweb-passwd, config network ssh, config network telnet, config network usertimeout, config network vlan, config network webmode
show pmk-cache
To display information about the PMK cache, use the show port command.
show pmk-cache {all | MAC}
Syntax Description
show
Display configurations.
pmk-cache
PMK cache.
all
Display information about all entries in the PMK cache.
MAC
Display information about a single entry in the PMK cache.
Defaults
None.
Examples
> show pmk-cache xx:xx:xx:xx:xx:xx> show pmk-cache allPMK CacheEntryStation Lifetime VLAN Override IP Override----------------- -------- -------------------- ---------------Related Commands
config pmk-cache delete
show port
To display the Cisco Wireless LAN controller port settings on an individual or global basis, use the show port command.
show port {port | summary}
Syntax Description
show
Display configurations.
port
Cisco Wireless LAN controller port.
{port | summary}
Individual port or all ports.
Defaults
None.
Examples
> show port 1STP Admin Physical Physical Link Link McastPr Type Stat Mode Mode Status Status Trap Appliance POE-- ------- ---- ------- ---------- ---------- ------ ------- --------- -------1 Normal Disa Enable Auto 1000 Full Down Enable Enable N/A
Note
> show port summarySTP Admin Physical Physical Link Link McastPr Type Stat Mode Mode Status Status Trap Appliance POE-- ------- ---- ------- ---------- ---------- ------ ------- --------- -------1 Normal Forw Enable Auto 1000 Full Up Enable Enable N/A2 Normal Disa Enable Auto 1000 Full Down Enable Enable N/A3 Normal Disa Enable Auto 1000 Full Down Enable Enable N/A4 Normal Disa Enable Auto 1000 Full Down Enable Enable N/A
Note
config ap port, config network dsport, config mirror port, config port adminmode, config port linktrap, config port power
show qos queue_length all
To display quality of service (QoS) information (queue length), use the show qos command.
show qos queue_length all
Syntax Description
show
Display configurations.
qos
Quality of Service information.
queue_length all
Display queue lengths.
Defaults
None.
Examples
> show qos queue_length allPlatinum queue length.......................... 255Gold queue length.............................. 255Silver queue length............................ 150Bronze queue length............................ 100Related Commands
config qos
SHOW RADIUS COMMANDS
Use the SHOW RADIUS commands to display RADIUS settings.
show radius acct statistics
To display the RADIUS accounting server statistics for the Cisco Wireless LAN controller, use the show radius acct statistics command.
show radius acct statistics
Syntax Description
show
Display configurations.
radius acct
RADIUS accounting server.
statistics
Displays RADIUS accounting server statistics.
Defaults
None.
Examples
> show radius acct statisticsAccounting Servers:Server Index..................................... 1Server Address................................... 10.1.17.10Msg Round Trip Time.............................. 0 (1/100 second)First Requests................................... 0Retry Requests................................... 0Accounting Responses............................. 0Malformed Msgs................................... 0Bad Authenticator Msgs........................... 0Pending Requests................................. 0Timeout Requests................................. 0Unknowntype Msgs................................. 0Other Drops...................................... 0Related Commands
show radius auth statistics, show radius summary
show radius auth statistics
To display the RADIUS authentication server statistics for the Cisco Wireless LAN controller, use the show radius auth statistics command.
show radius auth statistics
Syntax Description
show
Display configurations.
radius auth
RADIUS authentication server.
statistics
Display RADIUS authentication server statistics.
Defaults
None.
Examples
> show radius auth statisticsAuthentication Servers:Server Index..................................... 1Server Address................................... 1.1.1.1Msg Round Trip Time.............................. 0 (1/100 second)First Requests................................... 0Retry Requests................................... 0Accept Responses................................. 0Reject Responses................................. 0Challenge Responses.............................. 0Malformed Msgs................................... 0Bad Authenticator Msgs........................... 0Pending Requests................................. 0Timeout Requests................................. 0Unknowntype Msgs................................. 0Other Drops...................................... 0Related Commands
show radius acct statistics, show radius summary
show radius rfc3576 statistics
To display the RADIUS rfc3576 server statistics for the Cisco Wireless LAN controller, use the show radius rfc3576 statistics command.
RFC 3576, an extension to the RADIUS protocol, allows dynamic changes to a user session. This includes support for disconnecting users and changing authorizations applicable to a user session; that is, it provides support for Disconnect and Change-of-Authorization (CoA) messages. Disconnect messages cause a user session to be terminated immediately, whereas CoA messages modify session authorization attributes such as data filters.
show radius rfc3576 statistics
Syntax Description
show
Display configurations.
radius rfc3576
RADIUS RFC3576 server.
statistics
Display RADIUS RFC-3576 server statistics.
Defaults
None.
Examples
> show radius rfc3576 statisticsRFC-3576 Servers:Server Index..................................... 1Server Address................................... 10.1.17.10Msg Round Trip Time.............................. 0 (1/100 second)First Requests................................... 0Retry Requests................................... 0Accounting Responses............................. 0Malformed Msgs................................... 0Bad Authenticator Msgs........................... 0Pending Requests................................. 0Timeout Requests................................. 0Unknown type Msgs................................. 0Other Drops...................................... 0Related Commands
show radius auth statistics, show radius summary, show radius rfc3576
show radius summary
To display the RADIUS authentication and accounting server summary, use the show radius summary command.
show radius summary
Syntax Description
Defaults
None.
Examples
> show radius summaryVendor Id Backward Compatibility................. DisabledCredentials Caching.............................. DisabledCall Station Id Type............................. IP AddressAdministrative Authentication via RADIUS......... EnabledAuthentication ServersIndex Type Server Address Port State Tout RFC-3576 IPSec - AuthMode/Phase1/Group/Lifetime/Auth/Encr----- ---- ---------------- ------ -------- ---- -------- ------------------------------------------------Accounting ServersIndex Type Server Address Port State Tout RFC-3576 IPSec - AuthMode/Phase1/Group/Lifetime/Auth/Encr----- ---- ---------------- ------ -------- ---- -------- ------------------------------------------------Related Commands
show radius auth statistics, show radius acct statistics
SHOW RFID COMMANDS
Use the SHOW RFID commands to display rfid settings.
show rfid config
To display Radio Frequency Identification (RFID) tag tracking information, use the show rfid config command.
show rfid config
Syntax Description
show
Display configurations.
rfid
Network configuration.
config
Configuration options for RFID tag tracking.
Defaults
None.
Examples
> show rfid configRFID Tag data Collection.................... EnabledRRID Tag Auto-Timeout....................... EnableRFID Client data Collection................. DisabledRFID data timeout........................... 1200 secondsRelated Commands
config rfid, show rfid summary, show rfid detail.
show rfid detail
To display detailed information about an RFID tag, use the show rfid detail command.
show rfid detail MAC
Syntax Description
show
Display configurations.
rfid
Network configuration.
detail
Detailed information for one RFID tag.
MAC
Show tag details for this MAC address.
Defaults
None.
Examples
> show rfid detail xx:xx:xx:xx:xx:xxRelated Commands
config rfid, show rfid config, show rfid summary.
show rfid summary
To display summary information about all known RFID tag tracking tags, use the show rfid summary command.
show rfid summary
Syntax Description
show
Display configurations.
rfid
Network configuration.
summary
Summary information for all known RFID tags.
Defaults
None.
Examples
> show rfid summaryRFID ID TYPE Closest AP RSSI Time Since Last Heard-------------- ------ ------------- ------ ---------------------Related Commands
config rfid, show rfid config, show rfid detail.
SHOW ROGUE ADHOC COMMANDS
Use the ROGUE ADHOC commands rogue adhoc settings.
show rogue adhoc detailed
To show details of an ad-hoc rogue access point detected by the Cisco Wireless LAN controller, use the show rogue adhoc client detailed command.
show rogue adhoc detailed MAC
Syntax Description
show
Display configurations.
rogue adhoc
Ad-hoc rogue.
detailed
Display detailed information.
MAC
Ad-hoc rogue MAC address.
Defaults
None.
Examples
> show rogue adhoc detailed 00:40:96:90:d1:6aAdhoc Rogue MAC Address........................ 00:40:96:90:d1:6aState.......................................... AlertFirst Time Adhoc Rogue was Reported............ Sat Aug 9 15:48:50 2003Last Time Adhoc Rogue was Reported............. Sat Aug 9 21:16:50 2003Reported ByAP 1MAC Address............................ 00:0b:85:01:88:b0Name................................... AP1Radio Type............................. 802.11bSSID................................... ChichenChannel................................ 6RSSI................................... -60 dBmSNR.................................... 40 dBRelated Commands
show rogue adhoc summary
show rogue adhoc summary
To display a summary of the ad-hoc rogue access points detected by the Cisco Wireless LAN controller, use the show rogue adhoc summary command.
show rogue adhoc summary
Syntax Description
show
Display configurations.
rogue adhoc
Ad-hoc rogue access point.
summary
Displays a list of all Adhoc Rogues.
Defaults
None.
Examples
> show rogue adhoc summaryClient MAC Address Adhoc BSSID State # APs Last Heard------------------ ----- ----- ----- --- -------xx:xx:xx:xx:xx:xx Alert 1 Sat Aug 9 21:12:50 2004xx:xx:xx:xx:xx:xx Alert 1 Aug 9 21:12:50 2003xx:xx:xx:xx:xx:xx Alert 1 Sat Aug 9 21:10:50 2003Related Commands
show rogue adhoc detailed
SHOW ROGUE AP COMMANDS
Use the ROGUE AP commands to display rogue access point settings.
show rogue ap clients
To show details of a rogue access point clients detected by the Cisco Wireless LAN controller, use the show rogue ap clients command.
show rogue ap clients MAC
Syntax Description
show
Display configurations.
rogue ap
Rogue access point.
clients
Summary information.
MAC
Rogue access point MAC address.
Defaults
None.
Examples
> show rogue ap clients xx:xx:xx:xx:xx:xxRelated Commands
show rogue ap summary
show rogue ap detailed
To show details of a rogue access point detected by the Cisco Wireless LAN controller, use the show rogue-ap detailed command.
show rogue ap detailed MAC
Syntax Description
show
Display configurations.
rogue ap
Rogue access point.
detailed
Display detailed information.
MAC
Rogue access point MAC address.
Defaults
None.
Examples
> show rogue ap detailed xx:xx:xx:xx:xx:xxRogue BSSID...................................... xx:xx:xx:xx:xx:xxIs Rogue on Wired Network........................ No (Unknown if WEP is enabled)State............................................ AlertFirst Time Rogue was Reported.................... Thu Aug 4 16:03:08 2005Last Time Rogue was Reported..................... Thu Aug 4 19:06:08 2005Reported ByAP 1MAC Address.............................. xx:xx:xx:xx:xx:xxName..................................... AP02Radio Type............................... 802.11aSSID..................................... vwentChannel.................................. 60RSSI..................................... -80 dBmSNR...................................... 8 dBEncryption............................... DisabledShortPreamble............................ DisabledWPA Support.............................. DisabledLast reported by this AP................. Thu Aug 4 19:06:08 2005Related Commands
show rogue ap summary, show rogue ap clients
show rogue ap summary
To display a summary of the rogue access points detected by the Cisco Wireless LAN controller, use the show rogue-ap summary command.
show rogue ap summary
Syntax Description
show
Display configurations.
rogue ap
Rogue access point.
summary
Display a list of all rogue access points.
Defaults
None.
Examples
> show rogue ap summaryRogue Location Discovery Protocol................ DisabledRLDP Auto-Contain................................ DisabledMAC Address State # APs # Clients Last Heard----------------- ------------------ ----- --------- -----------------------xx:xx:xx:xx:xx:xx Alert 1 0 Thu Aug 4 18:57:11 2005xx:xx:xx:xx:xx:xx Alert 1 0 Thu Aug 4 19:00:11 2005xx:xx:xx:xx:xx:xx Alert 1 0 Thu Aug 4 18:57:11 2005xx:xx:xx:xx:xx:xx Alert 1 0 Thu Aug 4 18:57:11 2005Related Commands
show rogue ap detailed, show rogue ap clients
SHOW ROGUE CLIENT COMMANDS
Use the following ROGUE CLIENT commands to display the rogue client settings.
show rogue client detailed
To show details of a rogue client detected by a Cisco Wireless LAN controller, use the show rogue client detailed command.
show rogue client detailed MAC
Syntax Description
show
Display configurations.
rogue client
Rogue client.
detailed
Provide detailed information for a rogue client.
MAC
Rogue client MAC address.
Defaults
None.
Examples
> show rogue client detailed xx:xx:xx:xx:xx:xxRogue BSSID...................................... xx:xx:xx:xx:xx:xxState............................................ AlertFirst Time Rogue was Reported.................... Thu Aug 4 18:51:08 2005Last Time Rogue was Reported..................... Thu Aug 4 19:00:08 2005Rogue Client IP address.......................... 192.168.1.117Reported ByAP 1MAC Address.............................. xx:xx:xx:xx:xx:xxName..................................... AP02Radio Type............................... 802.11aRSSI..................................... -1 dBmSNR...................................... -1 dBChannel.................................. 56Last reported by this AP................. Thu Aug 4 19:00:08 2005Related Commands
show rogue client summary
show rogue client summary
To display a summary of the rogue clients detected by the Cisco Wireless LAN controller, use the show rogue client summary command.
show rogue client summary
Syntax Description
show
Display configurations.
rogue client
Rogue client.
summary
Display a list of all rogue clients.
Defaults
None.
Examples
> show rogue client summaryMAC Address State # APs Last Heard----------------- ------------------ ----- -----------------------xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:00:08 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:00:08 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:00:08 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:00:08 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:00:08 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:00:08 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:09:11 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:03:11 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:03:11 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:09:11 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 18:57:08 2005xx:xx:xx:xx:xx:xx Alert 1 Thu Aug 4 19:12:08 2005Related Commands
show rogue client detailed
show route summary
To show the routes assigned to the Cisco Wireless LAN controller service port, use the show route summary command.
show route summary
Syntax Description
Defaults
None.
Examples
> show route summaryNumber of Routes............................... 1Destination Network Genmask Gateway------------------- ------------------- -------------------xxx.xxx.xxx.xxx 255.255.255.0 xxx.xxx.xxx.xxxRelated Commands
config route
show rules
To show the active internal firewall rules, use the show rules command.
show rules
Syntax Description
Defaults
None.
Examples
> show rules--------------------------------------------------------Rule ID.............: 3Ref count...........: 0Precedence..........: 99999999Flags...............: 00000001 ( PASS )Source IP range:(Local stack)Destination IP range:(Local stack)--------------------------------------------------------Rule ID.............: 25Ref count...........: 0Precedence..........: 99999999Flags...............: 00000001 ( PASS )Service InfoService name........: GDBProtocol............: 6Source port low.....: 0Source port high....: 0Dest port low.......: 1000Dest port high......: 1000Source IP range:IP High............: 0.0.0.0Interface..........: ANYDestination IP range:(Local stack)--------------------------------------------------------...Related Commands
None.
show run-config
To show a comprehensive view of the current Cisco Wireless LAN controller configuration, use the show run-config command.
show run-config
Syntax Description
Defaults
None.
Examples
> show run-configPress Enter to continue...System InventorySwitch Description............................... Cisco ControllerMachine Model....................................Serial Number.................................... FLS0923003BBurned-in MAC Address............................ xx:xx:xx:xx:xx:xxCrypto Accelerator 1............................. AbsentCrypto Accelerator 2............................. AbsentPower Supply 1................................... AbsentPower Supply 2................................... Present, OKPress Enter to continue Or <Ctl Z> to abort...
Note
Related Commands
config route
show serial
To show the serial (console) port configuration, use the show serial command.
show serial
Syntax Description
Defaults
9600, 8, off, 1, none.
Examples
> show serialSerial Port Login Timeout (minutes)......... 45Baud Rate................................... 9600Character Size.............................. 8Flow Control:............................... DisableStop Bits................................... 1Parity Type:................................ noneRelated Commands
config serial baudrate, config serial timeout
show sessions
To show the console port login timeout and maximum number of simultaneous Command Line Interface (CLI) sessions, use the show sessions command.
show sessions
Syntax Description
Defaults
5 minutes, 5 sessions.
Examples
> show sessionsCLI Login Timeout (minutes)............ 0Maximum Number of CLI Sessions......... 5The response indicates that the CLI sessions never time out and that the Cisco Wireless LAN controller can host up to five simultaneous CLI sessions.
Related Commands
config sessions maxsessions, config sessions timeout
show snmpcommunity
To display SNMP community entries, use the show snmpcommunity command.
show snmpcommunity
Syntax Description
Defaults
None.
Examples
> show snmpcommunitySNMP Community Name Client IP Address Client IP Mask Access Mode Status------------------- ----------------- ----------------- ----------- --------public 0.0.0.0 0.0.0.0 Read Only Enable********** 0.0.0.0 0.0.0.0 Read/Write EnableRelated Commands
config snmp version, config snmp community mode, config snmp community accessmode, config snmp community create, config snmp community delete, config snmp community ipaddr
show snmptrap
To show the Cisco Wireless LAN controller SNMP trap receivers and their status, use the show snmptrap command.
show snmptrap
Syntax Description
Defaults
None.
Examples
> show snmptrapSNMP Trap Receiver Name IP Address Status------------------------ ----------------- --------xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx EnableRelated Commands
config snmp version, config snmp trapreceiver
show snmpv3user
To show the SNMP version 3 configuration, use the show snmpv3user command.
show snmpv3user
Syntax Description
Defaults
None.
Examples
> show snmpv3userSNMP v3 User Name AccessMode Authentication Encryption-------------------- ----------- -------------- ----------default Read/Write HMAC-MD5 CBC-DESRelated Commands
config snmp version, config snmp v3user
show snmpversion
To show the SNMP version status, use the show snmpversion command.
show snmpversion
Syntax Description
Defaults
Enable.
Examples
> show snmpversionSNMP v1 Mode.................................. DisableSNMP v2c Mode.................................. EnableSNMP v3 Mode.................................. EnableRelated Commands
config snmp version
show spanningtree port
To show the Cisco Wireless LAN controller spanning tree port configuration, use the show spanningtree port command.
When the a Cisco 4400 Series wireless LAN controller is configured for port redundancy, spanning tree protocol must be disabled for all ports on the Cisco 4400 series wireless LAN controller. Spanning tree protocol can remain enabled on the switch connected to the Cisco 4400 series wireless LAN controller.
show spanningtree port port
Syntax Description
Note
Defaults
800C, Disabled, 802.1D, 128, 100, Auto.
Examples
> show spanningtree port 3STP Port ID................................. 800CSTP Port State.............................. DisabledSTP Port Administrative Mode................ 802.1DSTP Port Priority........................... 128STP Port Path Cost.......................... 100STP Port Path Cost Mode..................... AutoRelated Commands
config spanningtree port
show spanningtree switch
To show the Cisco Wireless LAN controller network (DS port) spanning tree configuration, use the show spanningtree switch command.
show spanningtree switch
Syntax Description
show
Display configurations.
spanningtree
Spanning tree.
switch
Display spanning tree values on a per switch basis.
Note
Defaults
None.
Examples
> show spanningtree switchSTP Specification...................... IEEE 802.1DSTP Base MAC Address................... 00:0B:85:02:0D:20Spanning Tree Algorithm................ DisableSTP Bridge Priority.................... 32768STP Bridge Max. Age (seconds).......... 20STP Bridge Hello Time (seconds)........ 2STP Bridge Forward Delay (seconds)..... 15Related Commands
config spanningtree switch bridgepriority, config spanningtree switch forwarddelay, config spanningtree switch hellotime, config spanningtree switch maxage, config spanningtree switch mode
SHOW STATS COMMANDS
Use the SHOW STATS commands to display controller statistics.
show stats port
To show physical port receive and transmit statistics, use the show stats port command.
show stats port {detailed port | summary port}
Syntax Description
Defaults
None.
Examples
> show stats port summary 1Packets Received Without Error................. 399958Packets Received With Error.................... 0Broadcast Packets Received..................... 8350Packets Transmitted Without Error.............. 106060Transmit Packets Errors........................ 0Collisions Frames.............................. 0Time Since Counters Last Cleared............... 2 day 11 hr 16 min 23 sec> show stats port detailed 1PACKETS RECEIVED (OCTETS)Total Bytes...................................... 26779988164 byte pkts :91828165-127 byte pkts :354016 128-255 byte pkts :1283092256-511 byte pkts :8406 512-1023 byte pkts :30061024-1518 byte pkts :1184 1519-1530 byte pkts :0> 1530 byte pkts :2PACKETS RECEIVED SUCCESSFULLYTotal............................................ 2567987Unicast Pkts :2547844 Multicast Pkts:0 Broadcast Pkts:20143PACKETS RECEIVED WITH MAC ERRORSTotal............................................ 0Jabbers :0 Undersize :0 Alignment :0FCS Errors:0 Overruns :0RECEIVED PACKETS NOT FORWARDEDTotal............................................ 0Local Traffic Frames:0 RX Pause Frames :0Unacceptable Frames :0 VLAN Membership :0VLAN Viable Discards:0 MulticastTree Viable:0ReserveAddr Discards:0CFI Discards :0 Upstream Threshold :0PACKETS TRANSMITTED (OCTETS)Total Bytes...................................... 35383164 byte pkts :0 65-127 byte pkts :0128-255 byte pkts :0 256-511 byte pkts :0512-1023 byte pkts :0 1024-1518 byte pkts :21519-1530 byte pkts :0 Max Info :1522PACKETS TRANSMITTED SUCCESSFULLYTotal............................................ 5875Unicast Pkts :5868 Multicast Pkts:0 Broadcast Pkts:7TRANSMIT ERRORSTotal Errors..................................... 0FCS Error :0 TX Oversized :0 Underrun Error:0TRANSMIT DISCARDSTotal Discards................................... 0Single Coll Frames :0 Multiple Coll Frames:0Excessive Coll Frame:0 Port Membership :0VLAN Viable Discards:0PROTOCOL STATISTICSBPDUs Received :6 BPDUs Transmitted :0802.3x RX PauseFrame:0Time Since Counters Last Cleared............... 2 day 0 hr 39 min 59 secRelated Commands
config port adminmode
show stats switch
To show the network (DS port) receive and transmit statistics, use the show stats switch command.
show stats switch {detailed | summary}
Syntax Description
show
Display configurations.
stats
Statistics.
switch
Cisco Wireless LAN controller.
detailed
Display detailed switch statistics.
summary
Display switch summary statistics.
Defaults
None.
Examples
> show stats switch summaryPackets Received Without Error................. 136410Broadcast Packets Received..................... 18805Packets Received With Error.................... 0Packets Transmitted Without Error.............. 78002Broadcast Packets Transmitted.................. 3340Transmit Packet Errors......................... 2Address Entries Currently In Use............... 26VLAN Entries Currently In Use.................. 1Time Since Counters Last Cleared............... 2 day 11 hr 22 min 17 sec> show stats switch detailedRECEIVEOctets........................................... 19351718Total Pkts....................................... 183468Unicast Pkts..................................... 180230Multicast Pkts................................... 3219Broadcast Pkts................................... 19Pkts Discarded................................... 0TRANSMITOctets........................................... 354251Total Pkts....................................... 5882Unicast Pkts..................................... 5875Multicast Pkts................................... 0Broadcast Pkts................................... 7Pkts Discarded................................... 0ADDRESS ENTRIESMost Ever Used................................... 1Currently In Use................................. 1VLAN ENTRIESMaximum.......................................... 128Most Ever Used................................... 1Static In Use.................................... 1Dynamic In Use................................... 0VLANs Deleted.................................... 0Time Since Ctrs Last Cleared..................... 2 day 0 hr 43 min 22 secRelated Commands
config network dsport
show switchconfig
To display parameters that apply to the Cisco Wireless LAN controller use the show switchconfig command.
show switchconfig
Syntax Description
show
Display configurations.
switchconfig
Display parameters that apply to the Cisco Wireless LAN controller.
Defaults
None.
Examples
> show switchconfig802.3x Flow Control Mode......................... DisableCurrent LWAPP Transport Mode..................... Layer 3LWAPP Transport Mode after next switch reboot.... Layer 3Related Commands
config switchconfig flowcontrol, config switchconfig mode
show sysinfo
To show high-level Cisco Wireless LAN controller information, use the show sysinfo command.
show sysinfo
Syntax Description
Defaults
None.
Examples
> show sysinfoManufacturer's Name.......................... <company name>Product Name.................................Product Version.............................. 1.2.48.0RTOS Version................................. 1.2.48.0Bootloader Version........................... 1.1.11.0System Name.................................. IT2003System Location.............................. Andrew 1System Contact............................... Wireless_administratorSystem ObjectID.............................. 1.3.6.1.4.1.14179IP Address................................... 172.168.2.36System Up Time............................... 2 days 11 hrs 30 mins 1 secsConfigured Country........................... United StatesOperating Environment........................ Commercial (0 to 40 C)Internal Temp Alarm Limits................... 0 to 65 CInternal Temperature......................... +38 CState of 802.11b Network..................... EnabledState of 802.11a Network..................... EnabledNumber of WLANs.............................. 23rd Party Access Point Support............... DisabledNumber of Active Clients..................... 1xxxxxxxxxxxxxxxxxRelated Commands
config ap, config country, config sysname, config wlan
show syslog
To show the Cisco Wireless LAN controller SNMP trap logging status or target IP Address, use the show syslog command.
show syslog
Syntax Description
Defaults
None.
Examples
> show syslogSyslog destination............................. disabled> show syslogSyslog destination............................. xxx.xxx.xxx.xxxRelated Commands
config syslog
show tech-support
To show Cisco Wireless LAN controller variables frequently requested by Cisco Technical Assistance Center (TAC), use the show tech-support command.
show tech-support
Syntax Description
Defaults
None.
Examples
> show tech-supportCurrent CPU Load................................. 0%System BuffersMax Free Buffers.............................. 4608Free Buffers.................................. 4604Buffers In Use................................ 4Web Server ResourcesDescriptors Allocated......................... 152Descriptors Used.............................. 3Segments Allocated............................ 152Segments Used................................. 3System ResourcesUptime........................................ 747040 SecsTotal Ram..................................... 127552 KbytesFree Ram...................................... 19540 KbytesShared Ram.................................... 0 KbytesBuffer Ram.................................... 460 KbytesRelated Commands
None.
show time
To show the Cisco Wireless LAN controller time and date, use the show time command.
show time
Syntax Description
Defaults
None.
Examples
> show timeTime............................................. Thu Aug 4 19:51:49 2005Timezone delta................................... 0:0Daylight savings................................. disabledNTP ServersNTP Polling Interval......................... 86400Index NTP Server------- --------------------------------Related Commands
config time
show trapflags
To show the Cisco Wireless LAN controller SNMP trap flags, use the show trapflags command.
show trapflags
Syntax Description
Defaults
None.
Examples
> show trapflagsAuthentication Flag............................ EnableLink Up/Down Flag.............................. EnableMultiple Users Flag............................ EnableSpanning Tree Flag............................. EnableClient Related Traps802.11 Disassociation......................... Disable802.11 Deauthenticate......................... Disable802.11 Authenticate Failure................... Disable802.11 Association Failure.................... DisableExcluded...................................... Disable802.11 Security related trapsWEP Decrypt Error............................. EnableCisco APRegister...................................... EnableInterfaceUp................................... EnableAuto-RF ProfilesLoad.......................................... EnableNoise......................................... EnableInterference.................................. EnableCoverage...................................... EnableAuto-RF Thresholdstx-power...................................... Enablechannel....................................... Enableantenna....................................... EnableAAAauth.......................................... Enableservers....................................... Enablerogueap........................................ Enablewps............................................ Enableconfigsave..................................... EnableIP Securityesp-auth...................................... Enableesp-replay.................................... EnableinvalidSPI.................................... Enableike-neg....................................... Enablesuite-neg..................................... Enableinvalid-cookie................................ EnableRelated Commands
config trapflags authentication, config trapflags linkmode, config trapflags multiusers, config trapflags stpmode, config trapflags client, config trapflags ap, config trapflags rrm-profile, config trapflags rrm-params, config trapflags aaa, config trapflags rogueap, config trapflags configsave, config trapflags ipsec, show traplog
show traplog
To show the Cisco Wireless LAN controller SNMP trap log, use the show traplog command.
show traplog
Syntax Description
Defaults
None.
Examples
> show traplogNumber of Traps Since Last Reset........... 2447Number of Traps Since Log Last Displayed... 2447Log System Time Trap--- ------------------------ -------------------------------------------------0 Thu Aug 4 19:54:14 2005 Rogue AP : 00:0b:85:52:62:fe detected on Base Radio MAC : 00:0b:85:18:b6:50 Interface no:1(802.11b/g) with RSSI: -78 and SNR: 101 Thu Aug 4 19:54:14 2005 Rogue AP : 00:0b:85:52:19:d8 detected on Base Radio MAC : 00:0b:85:18:b6:50 Interface no:1(802.11b/g) with RSSI: -72 and SNR: 162 Thu Aug 4 19:54:14 2005 Rogue AP : 00:0b:85:26:a1:8d detected on Base Radio MAC : 00:0b:85:18:b6:50 Interface no:1(802.11b/g) with RSSI: -82 and SNR: 63 Thu Aug 4 19:54:14 2005 Rogue AP : 00:0b:85:14:b3:4f detected on Base Radio MAC : 00:0b:85:18:b6:50 Interface no:1(802.11b/g) with RSSI: -56 and SNR: 30Would you like to display more entries? (y/n)Related Commands
show trapflags
show watchlist
To display the client watchlist, use the show watchlist command.
show watchlist
Syntax Description
Defaults
None.
Examples
> show watchlistclient watchlist state is disabledRelated Commands
config watchlist delete, config watchlist enable, config watchlist disable, config watchlist add
show wlan
To show wireless LAN configuration information, use the show wlan command.
show wlan {mobility anchor wlan_id | summary | wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> show wlan 1WLAN Identifier.................................. 1Network Name (SSID).............................. opensslStatus........................................... DisabledMAC Filtering.................................... DisabledBroadcast SSID................................... EnabledAAA Policy Override.............................. DisabledNetwork Access Control........................... DisabledNumber of Active Clients......................... 0Exclusionlist Timeout............................ 60 secondsSession Timeout.................................. 1800 secondsInterface........................................ managementDHCP Server...................................... DefaultQuality of Service............................... Silver (best effort)WMM.............................................. Disabled802.11e.......................................... DisabledDot11-Phone Mode (7920).......................... DisabledWired Protocol................................... NoneIPv6 Support..................................... DisabledRadio Policy..................................... AllSecurity802.11 Authentication:........................ Open SystemStatic WEP Keys............................... Disabled802.1X........................................ EnabledEncryption:..................................... 104-bit WEPWi-Fi Protected Access (WPA1)................. DisabledWi-Fi Protected Access v2 (WPA2).............. DisabledIP Security Passthru.......................... DisabledWeb Based Authentication...................... DisabledWeb-Passthrough............................... DisabledAuto Anchor................................... Disabled> show wlan summaryNumber of WLANs.................................. 1WLAN ID WLAN Name Status------- ---------------------- ---------1 m4404 EnabledRelated Commands
config wlan blacklist, config wlan create, config wlan delete, config wlan dhcp_server, config wlan disable, config wlan enable, config wlan mac-filtering, config wlan qos, config wlan radio, config wlan security 802.1X, config wlan security 802.1X encryption, config wlan security cranite, config wlan security ipsec, config wlan security ipsec authentication, config wlan security ipsec encryption, config wlan security ipsec ike authentication, config wlan security ipsec ike DH-Group, config wlan security ipsec ike lifetime, config wlan security ipsec ike phase1, config wlan security passthru, config wlan security static-wep-key, config wlan security static-wep-key encryption, config wlan security web, config wlan security web passthru, config wlan security wpa, config wlan security wpa encryption, config wlan timeout
show wps
To display the Wireless Protection System configuration on the Cisco Wireless LAN controller, use the show wps command.
show wps {ap-authentication summary | signature summary | summary}
Syntax Description
Defaults
None.
Examples
> show wps ap-authentication summaryAP neighbor authentication is <disabled>.Authentication alarm threshold is 1.RF-Network Name: <B1>> show wps signature summaryPrecedence....................................... 1Signature Name................................... Bcast deauthType............................................. StandardFrameType........................................ managementState............................................ enabledAction........................................... reportFrequency........................................ 30 pkts/secInterval......................................... 1 secQuiet Time....................................... 300 secDescription...................................... Broadcast Deauthentication FramePatterns:0:0x00c0:0x03ff4:0x01:0x01Precedence....................................... 2Signature Name................................... NULL probe resp 1Type............................................. StandardFrameType........................................ managementState............................................ enabledAction........................................... reportFrequency........................................ 1 pkts/secInterval......................................... 1 secQuiet Time....................................... 300 secDescription...................................... NULL Probe Response - Zero length SSID elementPatterns:0:0x0050:0x03ff36:0x0000:0xffff> show wps summaryClient Exclusion PolicyExcessive 802.11-association failures.......... EnabledExcessive 802.11-authentication failures....... EnabledExcessive 802.1x-authentication................ EnabledNetwork access control failure................. EnabledIP-theft....................................... EnabledExcessive Web authentication failure........... EnabledTrusted AP PolicyMis-configured AP Action....................... Alarm OnlyEnforced encryption policy................... noneEnforced preamble policy..................... noneEnforced radio type policy................... noneValidate SSID................................ DisabledAlert if Trusted AP is missing................. DisabledTrusted AP timeout............................. 120Untrusted AP PolicyRogue Location Discovery Protocol.............. DisabledRLDP Action.................................. Alarm OnlyRogue APsAutomatically contain rogues advertising .... Alarm OnlyDetect Ad-Hoc Networks....................... Alarm OnlyRogue ClientsValidate rogue clients against AAA........... DisabledDetect trusted clients on rogue APs.......... Alarm OnlyRogue AP timeout............................... 1200Signature PolicySignature Processing........................... EnabledRelated Commands
config watchlist delete, config watchlist enable, config watchlist disable, config watchlist add
Setting Configurations
Use the config commands to configure Cisco Wireless LAN controller options and settings.
CONFIG 802.11A COMMANDS
Use the CONFIG 802.11a commands to configure 802.11a settings.
config 802.11a antenna extAntGain
To configure the 802.11a external antenna gain, use the config 802.11a antenna extAntGain command.
Use the config 802.11a disable command to disable the 802.11a Cisco radio before using the config 802.11a antenna command. After configuring the external antenna gain, use the config 802.11a enable command to enable the 802.11a Cisco radio.
config 802.11a antenna extAntGain antenna_gain Cisco_AP
Syntax Description
Defaults
None.
Examples
To set AP1 to use the 802.11a internal antennas:
> config 802.11a antenna extAntGain 1 AP02Related Commands
config 802.11a disable, config 802.11a enable, config 802.11a diversity, config 802.11a antenna mode, config 802.11a selection.
config 802.11a antenna diversity
To configure the diversity option for 802.11a antennas, use the config 802.11a antenna diversity command.
config 802.11a antenna diversity {enable | sideA | sideB} Cisco_AP
Syntax Description
Defaults
None.
Examples
To enable diversity for AP01:
> config 802.11a antenna diversity enable AP01To enable diversity for AP01 using an external antenna connected to the Cisco lightweight access point Left port (sideA).
> config 802.11a antenna diversity sideA AP01Related Commands
show ap config 802.11a, config 802.11a disable, config 802.11a enable, config 802.11a extAntGain, config 802.11a antenna mode, config 802.11a selection.
config 802.11a antenna mode
To configure the Cisco 1000 series lightweight access point to use one internal antenna for an 802.11a sectorized 180-degree coverage pattern, or both internal antennas for an 802.11a 360-degree omnidirectional pattern, use the config 802.11a antenna mode command.
config 802.11a antenna mode {omni | sectorA | sectorB} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config 802.11a antenna mode omni AP01Related Commands
show ap config 802.11a, config 802.11a disable, config 802.11a enable, config 802.11a diversity, config 802.11a antenna extAntGain, config 802.11a selection
config 802.11a antenna selection
To configure the 802.11a antenna selection (internal or external), use the config 802.11a antenna selection command.
config 802.11a antenna selection {internal | external} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config 802.11a antenna selection internal AP02Related Commands
show ap config 802.11a, config 802.11a disable, config 802.11a enable, config 802.11a extAntGain, config 802.11a diversity, config 802.11a antenna mode.
config 802.11a beaconperiod
In Cisco wireless LAN solution 802.11a networks, all Cisco 1000 series lightweight access point wireless LANs broadcast a beacon at regular intervals. This beacon notifies clients that 802.11a service is available, and allows the clients to synchronize with the Cisco 1000 series lightweight access point. To change the 802.11a beacon period for the whole 802.11a network, use the config 802.11a beaconperiod command.
Before you change the beacon period using the config 802.11a beaconperiod command, make sure that you have disabled the 802.11a network using the config 802.11a disable command. When you are done changing the beacon period, remember to enable the 802.11a network using the config 802.11a enable command.
config 802.11a beaconperiod time_units
Syntax Description
config
Configure parameters.
802.11a
802.11a network parameters.
beaconperiod
Send a beacon every 20 to 1000 milliseconds.
time_units
Beacon interval in time units (TU). One TU is 1024 micro seconds.
Defaults
None.
Examples
To configure an 802.11a network for a beacon period of 120 time units:
> config 802.11a beaconperiod 120Related Commands
show 802.11a, config 802.11b beaconperiod, config 802.11a disable, config 802.11a enable
config 802.11a channel
To configure an 802.11a network for automatic or manual channel selection, use the config 802.11a channel command.
When configuring 802.11a channels for a single Cisco 1000 series lightweight access point, use the config 802.11a disable command to disable the 802.11a network. Then use the config 802.11a channel command to set automatic channel selection by Radio Resource Management (RRM) or manually set the channel for the 802.11a Cisco radio. Then enable the 802.11a network using the config 802.11a enable command.
config 802.11a channel {global {auto | once | off} | Cisco_AP {global | channel}}
Syntax Description
Defaults
None.
Examples
To have RRM automatically configure all 802.11a channels based on availability and interference:
> config 802.11a channel global autoTo have RRM automatically reconfigure all 802.11a channels one time based on availability and interference:
> config 802.11a channel global onceTo turn 802.11a RRM automatic configuration off:
> config 802.11a channel global offTo configure all 802.11a channels in AP01:
> config 802.11a channel AP01 globalTo configure 802.11a channel 36 in AP01 as the default channel:
> config 802.11a channel AP01 36Related Commands
show 802.11a, config 802.11a disable, config 802.11a enable, config 802.11b channel
config 802.11a disable
To disable 802.11a transmission for the whole network or for an individual Cisco radio, use the config 802.11a disable command. This command can be used any time the CLI interface is active.
Note
config 802.11a disable {network | Cisco_AP}
Syntax Description
Defaults
Transmission is enabled for the entire network by default.
Examples
To disable the whole 802.11a network:
> config 802.11a disable networkTo disable AP01 802.11a transmissions:
> config 802.11a disable AP01Related Commands
show sysinfo, show 802.11a, config 802.11a enable, config 802.11b disable, config 802.11b enable, config 802.11a beaconperiod
config 802.11a dtim
In 802.11 networks, the Cisco 1000 series lightweight access point wireless LANs broadcast a beacon at regular intervals, which coincides with the DTIM (Delivery Traffic Indication Map). After the DTIM, if the Cisco 1000 series lightweight access point has any frames buffered for broadcast or multicast, it transmits the buffered frames. This protocol allows power-saving clients to wake up at the appropriate time if they are expecting broadcast or multicast data.
Normally, the DTIM value is set to 1 (transmit broadcast and multicast after every beacon) or 2 (transmit after every other beacon). For instance, if the beaconperiod is 100 ms, and the DTIM value is set to 1, the Cisco 1000 series lightweight access point transmits buffered broadcast and multicast frames 10 times a second; if the beaconperiod is 100 ms, and the DTIM value is set to 2, the Cisco 1000 series lightweight access point transmits buffered broadcast and multicast frames five times a second; either of these settings may be suitable for applications, including VoIP, that expect frequent broadcast and multicast frames.
However, the DTIM value can be set as high as 255 (transmit broadcast and multicast after every 255th beacon), if all 802.11a clients have power save enabled. Because the clients only have to listen when the DTIM time is reached, they can be set to listen for broadcasts and multicasts less frequently, resulting in longer battery life. For instance, if the beaconperiod is 100 ms, and the DTIM value is set to 100, the Cisco 1000 series lightweight access point transmits buffered broadcast and multicast frames once every 10 seconds, allowing the power saving clients to sleep longer between periods when they have to wake up and listen for broadcasts and multicasts, resulting in longer battery life.
Many applications cannot tolerate a long time between broadcast and multicast messages, resulting in poor protocol and application performance. A low DTIM value is indicated for 802.11a networks that support such clients.
To change the DTIM value for the whole 802.11a network, use the config 802.11a dtim command.
config 802.11a dtim period
Syntax Description
config
Configure parameters.
802.11a
802.11a network parameters.
dtim
Delivery Traffic Indication Map.
period
DTIM value in number of beaconperiods.
Defaults
1 (every beaconperiod)
Examples
To configure the 802.11a network to transmit multicast and broadcast messages every other DTIM, or beaconperiod:
> config 802.11a dtim 2Related Commands
show 802.11a, config 802.11a beaconperiod, config 802.11b dtim, config 802.11a disable, config 802.11a enable
config 802.11a dtpc
To configure the 802.11a DTPC setting, use the config 802.11a dtpc command.
config 802.11a dtpc {enable | disable}
Syntax Description
Defaults
Enabled by default.
Examples
> config 802.11a dtpc disableRelated Commands
show 802.11a, config 802.11a beaconperiod, config 802.11a dtim, config 802.11a disable, config 802.11a enable
config 802.11a enable
Enable 802.11a transmissions for the whole network or for an individual Cisco 1000 series lightweight access point using the config 802.11a enable command. You must use this command to enable the network after configuring other 802.11a parameters.
Note that this command only enables the Cisco wireless LAN solution 802.11a network. To disable the 802.11a, 802.11b and/or 802.11g networks for an individual wireless LAN, use the config wlan radio command.
This command can be used any time the CLI interface is active.
config 802.11a enable {network | Cisco_AP}
Syntax Description
Defaults
Network = enabled.
Examples
To enable the whole 802.11a network:
> config 802.11a enable networkTo enable AP1 802.11a transmissions:
> config 802.11a enable AP1Related Commands
show sysinfo, show 802.11a, config wlan radio, config 802.11a disable, config 802.11b disable, config 802.11b enable, config 802.11b 11gSupport enable, config 802.11b 11gSupport disable
config 802.11a fragmentation
To configure the 802.11a fragmentation threshold, use the config 802.11a fragmentation command.
This command can only be used when the network is not in operation.
config 802.11a fragmentation threshold
Syntax Description
config
Configure parameters.
802.11a
802.11a network parameters.
fragmentation
Fragmentation threshold.
threshold
Fragmentation threshold value.
Defaults
None.
Examples
> config 802.11a fragmentation 6500Related Commands
config 802.11b fragmentation, show 802.11b, show ap auto-rtf
config 802.11a pico-cell
To enable or disable the 802.11a pico-cell extensions, use the config 802.11a pico-cell command.
This command can only be used when the network is not operational.
config 802.11a pico-cell {enable | disable}
Syntax Description
config
Configure parameters.
802.11a
802.11a network parameters.
pico-cell
Pico cell extensions.
{enable | disable}
Enable or disable.
Defaults
None.
Examples
> config 802.11a pico-cell enableRelated Commands
config 802.11b pico-cell, config 802.11a, show 802.11a
config 802.11a rate
To set 802.11a mandatory and supported operational rates, use the config 802.11a rate command.
The data rates set here are negotiated between the client and the Cisco Wireless LAN controller. If the data rate is set to Mandatory, the client must support it in order to use the network. If a data rate is set as Supported by the Cisco Wireless LAN controller, any associated client that also supports that rate may communicate with the Cisco 1000 series IEEE 802.11a/b/g lightweight access point using that rate. But it is not required that a client be able to use all the rates marked Supported in order to associate.
config 802.11a rate {disabled | mandatory | supported} rate
Syntax Description
Defaults
None.
Examples
To set 802.11a transmission at a mandatory rate at 12 Mbps:
> config 802.11a rate mandatory 12Related Commands
show ap config 802.11a, config 802.11b rate
config 802.11a txPower
To configure the 802.11a Tx (transmit) power level, use the config 802.11a txPower command.
config 802.11a txPower {global {auto | once | power_level} | Cisco_AP {global | power_level}}
Syntax Description
Defaults
Global, Auto.
Examples
To have RRM automatically set the transmit power for all 802.11a Cisco radios at periodic intervals:
> config 802.11a txPower global autoTo set transmit power for all 802.11a Cisco radios to power level 5:
> config 802.11a txPower global 5To set transmit power for 802.11a AP1 to global:
> config 802.11a txPower AP1 globalTo set transmit power for 802.11a AP1 to power level 2:
> config 802.11a txPower AP1 2Related Commands
show ap config 802.11a, config 802.11b txPower, config country
CONFIG 802.11B COMMANDS
Use the CONFIG 802.11b commands to configure 802.11b settings.
config 802.11b 11gSupport
After enabling the Cisco wireless LAN solution 802.11b network using the config 802.11b enable command, enable or disable the Cisco wireless LAN solution 802.11g network using the config 802.11b 11gSupport command. Note that you must use this command to enable the network after configuring other 802.11b parameters.
Note that this command only enables the Cisco wireless LAN solution 802.11g network after the Cisco wireless LAN solution 802.11b network is enabled using the config 802.11b enable command. To disable the 802.11a, 802.11b and/or 802.11g networks for an individual wireless LAN, use the config wlan radio command.
This command can be used any time the CLI interface is active.
config 802.11b 11gSupport {enable | disable}
Syntax Description
config
Configure parameters.
802.11b
802.11b network parameters.
11gSupport
Support for the 802.11g network.
{enable | disable}
Enable or disable 802.11g.
Defaults
Enabled.
Examples
> config 802.11b 11gSupport enableChanging the 11gSupport will cause all the APs to reboot when you enable 802.11b network.Are you sure you want to continue? (y/n) n11gSupport not changed!Related Commands
show sysinfo, show 802.11b, config 802.11b enable, config wlan radio, config 802.11b disable, config 802.11a disable, config 802.11a enable
config 802.11b antenna diversity
To configure the diversity option for 802.11b antennas, use the config 802.11b antenna diversity command.
config 802.11b antenna diversity {enable | sideA | sideB} Cisco_AP
Syntax Description
Defaults
None.
Examples
To enable diversity for AP01:
> config 802.11b antenna diversity enable AP01To enable diversity for AP01 using an external antenna connected to the Cisco lightweight access point Left port (sideA):
> config 802.11b antenna diversity sideA AP01Related Commands
show ap config 802.11b, config 802.11b disable, config 802.11b enable, config 802.11b extAntGain, config 802.11b selection.
config 802.11b antenna extAntGain
To configure the 802.11b/g external antenna gain, use the config 802.11b antenna extAntGain command.
Use the config 802.11b disable command to disable the 802.11b/g Cisco radio before using the config 802.11b antenna extAntGain command. After configuring the external antenna gain, use the config 802.11b enable command to enable the 802.11a Cisco radio.
config 802.11b antenna extAntGain antenna_gain Cisco_AP
Syntax Description
Defaults
None.
Examples
To set AP1 to use the 802.11b internal antennas:
> config 802.11b antenna extAntGain 1 AP02Related Commands
config 802.11b disable, config 802.11b enable, config 802.11b diversity, config 802.11b selection.
config 802.11b antenna selection
To configure the 802.11b/g antenna selection (internal or external), use the config 802.11b antenna selection command.
config 802.11b antenna selection {internal | external} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config 802.11b antenna selection internal AP02Related Commands
show ap config 802.11b, config 802.11b disable, config 802.11b enable, config 802.11b extAntGain, config 802.11b diversity.
config 802.11b beaconperiod
In Cisco wireless LAN solution 802.11b/g networks, all Cisco 1000 series lightweight access point wireless LANs broadcast a beacon at regular intervals. This beacon notifies clients that 802.11b/g service is available, and allows the clients to synchronize with the Cisco 1000 series lightweight access point. To change the 802.11b/g beacon period for the whole 802.11b/g network, use the config 802.11b beaconperiod command.
Before you change the beacon period using the config 802.11b beaconperiod command, make sure that you have disabled the 802.11b/g network using the config 802.11b disable command. When you are done changing the beacon period, remember to enable the 802.11b/g network using the config 802.11b enable command.
config 802.11b beaconperiod time_units
Syntax Description
Defaults
100
Examples
To configure an 802.11b/g network for a beacon period of 180 time units:
> config 802.11b beaconperiod 180Related Commands
show 802.11a, config 802.11a beaconperiod, config 802.11b disable, config 802.11b enable
config 802.11b channel
To configure the 802.11b/g network for automatic or manual channel selection, use the config 802.11b channel command.
When configuring 802.11b/g channels for a single Cisco 1000 series lightweight access point, use the config 802.11b disable command to disable the 802.11b/g network. Then use the config 802.11b channel command to set automatic channel selection by RRM or manually set the channel for the 802.11b/g Cisco radio. Then enable the 802.11b/g network using the config 802.11b enable command.
config 802.11b channel {global {auto | once | off}} | {Cisco_AP {global | channel}}
Syntax Description
Defaults
None.
Examples
To have RRM automatically configure all 802.11b/g channels based on availability and interference:
> config 802.11b channel global autoTo have RRM automatically reconfigure all 802.11b/g channels one time based on availability and interference:
> config 802.11b channel global onceTo turn 802.11b/g RRM automatic configuration off:
> config 802.11b channel global offTo have AP1 use the global (whole network) settings.
> config 802.11b channel AP1 globalTo have AP1 start and continue using channel 11.
> config 802.11b channel AP1 channel 11Only channels 1, 6 and 11 are nonoverlapping.
Related Commands
show 802.11b, config 802.11b disable, config 802.11b enable, config 802.11a channel
config 802.11b disable
Disable or enable 802.11b/g transmissions for the whole network or for an individual Cisco radio using the config 802.11b disable command.
Note that you must use this command to disable the network before using other config 802.11b commands.
This command can be used any time the CLI interface is active.
config 802.11b disable {network | Cisco_AP}
Syntax Description
Defaults
Enabled.
Examples
To disable the whole 802.11b/g network:
> config 802.11b disable networkTo disable AP01 802.11b/g transmissions:
> config 802.11b disable AP01Related Commands
show sysinfo, show 802.11b, config 802.11a disable, config 802.11a enable, config 802.11b enable, config 802.11b beaconperiod
config 802.11b dtim
In 802.11 networks, the Cisco 1000 series lightweight access point wireless LANs broadcast a beacon at regular intervals, which coincide with the DTIM. After the DTIM, if the Cisco 1000 series lightweight access point has any frames buffered for broadcast or multicast, it transmits the buffered frames. This protocol allows power-saving clients to wake up at the appropriate time if they are expecting broadcast or multicast data.
Normally, the DTIM value is set to 1 (transmit broadcast and multicast after every beacon) or 2 (transmit after every other beacon). For instance, if the 802.11b/g beaconperiod is 100 ms, and the DTIM value is set to 1, the Cisco 1000 series lightweight access point transmits buffered broadcast and multicast frames 10 times a second; if the beaconperiod is 100 ms, and the DTIM value is set to 2, the Cisco 1000 series lightweight access point transmits buffered broadcast and multicast frames five times a second; either of these settings may be suitable for applications, including VoIP, that expect frequent broadcast and multicast frames.
However, the DTIM value can be set as high as 255 (transmit broadcast and multicast after every 255th beacon), if all 802.11a clients have power save enabled. Because the clients only have to listen when the DTIM time is reached, they can be set to listen for broadcasts and multicasts less frequently, resulting in longer battery life. For instance, if the 802.11b/g beaconperiod is 100 ms, and the DTIM value is set to 100, the Cisco 1000 series lightweight access point transmits buffered broadcast and multicast frames once every 10 seconds, allowing the power saving clients to sleep longer between periods when they have to wake up and listen for broadcasts and multicasts, resulting in longer battery life.
Note that many applications cannot tolerate a long time between broadcast and multicast messages, resulting in poor protocol and application performance. A low DTIM value is indicated for 802.11b/g networks that support such clients.
To change the DTIM value for the whole 802.11b/g network, use the config 802.11b dtim command.
Before you change the 802.11b/g DTIM value using the config 802.11b dtim command, make sure that you have disabled the 802.11b/g network using the config 802.11b disable command. When you are done changing the DTIM value, remember to enable the 802.11b/g network using the config 802.11b enable command.
config 802.11b dtim period
Syntax Description
config
Configure parameters.
802.11b
802.11b/g network parameters.
dtim
Delivery Traffic Indication Map.
period
DTIM period in number of beaconperiods.
Defaults
1 (every beaconperiod)
Examples
To configure the 802.11b/g network to transmit multicast and broadcast messages every DTIM, or beaconperiod:
> config 802.11b dtim 1Related Commands
show 802.11b, config 802.11b beaconperiod, config 802.11a dtim, config 802.11b disable, config 802.11b enable
config 802.11b dtpc
To configure the 802.11b DTPC setting, use the config 802.11b dtpc command.
config 802.11b dtpc {enable | disable}
Syntax Description
Defaults
Enabled by default.
Examples
> config 802.11b dtpc disableRelated Commands
show 802.11b, config 802.11b beaconperiod, config 802.11b dtim, config 802.11b disable, config 802.11b enable
config 802.11b enable
Note that you must use this command to enable the network after configuring other 802.11b parameters.
Note that this command only enables the Cisco wireless LAN solution 802.11b network. To enable the Cisco wireless LAN solution 802.11g network, you MUST have the 802.11b network enabled, and then use the config 802.11b 11gSupport enable command. To disable the 802.11a, 802.11b and/or 802.11g networks for an individual wireless LAN, use the config wlan radio command.
This command can be used any time the CLI interface is active. Note that you must reboot the Cisco Wireless LAN controller to implement this command.
config 802.11b enable {network | Cisco_AP}
Syntax Description
Defaults
Enabled.
Examples
To enable the whole 802.11b network and provide support for the 802.11g network:
> config 802.11b enable networkTo enable AP1 802.11b transmissions and support AP1 802.11g transmissions:
> config 802.11b enable AP1Related Commands
show sysinfo, show 802.11b, config 802.11b 11gSupport, config wlan radio, config 802.11b disable, config 802.11a disable, config 802.11a enable
config 802.11b fragmentation
To configure the 802.11b/g fragmentation threshold, use the config 802.11b fragmentation command.
This command can only be used when the network is not operational.
config 802.11b fragmentation threshold
Syntax Description
config
Configure parameters.
802.11b
802.11b network parameters.
fragmentation
Fragmentation threshold.
threshold
Fragmentation threshold value.
Defaults
None.
Examples
> config 802.11b fragmentation 6500Related Commands
config 802.11a fragmentation, show 802.11a, show auto-rft
config 802.11b pico-cell
To enable or disable the 802.11b/g pico-cell extensions, use the config 802.11b pico-cell command. This command can only be used when the network is not operational.
config 802.11b pico-cell {enable | disable}
Syntax Description
config
Configure parameters.
802.11b
802.11b network parameters.
pico-cell
Pico cell extensions.
{enable | disable}
Enable or disable.
Defaults
(None.)
Examples
> config 802.11b pico-cell enableRelated Commands
config 802.11a pico-cell, show 802.11b
config 802.11b preamble
Use this command to change the 802.11b preamble as defined in subclause 18.2.2.2 to long (slower, but more reliable) or short (faster, but less reliable). This command can be used any time the CLI interface is active.
This parameter must be set to long to optimize this Cisco Wireless LAN controller for some clients, including SpectraLink NetLink telephones.
Note
config 802.11b preamble {long | short}
Syntax Description
config
Configure parameters.
802.11b
802.11b network parameters.
preamble
As defined in subclause 18.2.2.2.
{long | short}
Long or short 802.11b preamble.
Defaults
Short.
Examples
> config 802.11b preamble short>(reset system with save)> show 802.11bShort Preamble mandatory......................... Enabled> config 802.11b preamble long>(reset system with save)> show 802.11bShort Preamble mandatory......................... DisabledRelated Commands
show 802.11b
config 802.11b rate
To configure 802.11b/g mandatory and supported operational rates, use the config 802.11b rate command.
config 802.11b rate {disabled | mandatory | supported} rate
The data rates set here are negotiated between the client and the Cisco Wireless LAN controller. If the data rate is set to Mandatory, the client must support it in order to use the network. If a data rate is set as Supported by the Cisco Wireless LAN controller, any associated client that also supports that rate may communicate with the Cisco 1000 series IEEE 802.11a/b/g lightweight access point using that rate. But it is not required that a client be able to use all the rates marked Supported in order to associate.
Syntax Description
Defaults
None.
Examples
To set 802.11b/g transmission at a mandatory rate at 5.5 Mbps:
> config 802.11b rate mandatory 5.5Related Commands
show ap config 802.11b, config 802.11a rate
config 802.11b txPower
To configure the 802.11b/g Tx (Transmit) Power Level, use the config 802.11b txPower command.
config 802.11b txPower {global {auto | once | power_level} | Cisco_AP {global | power_level}}
Syntax Description
Defaults
Global, Auto.
Examples
To have RRM automatically set the transmit power for all 802.11b/g Cisco radios at periodic intervals:
> config 802.11a txPower global autoTo have RRM automatically reset the transmit power for all 802.11b/g Cisco radios one time:
> config 802.11b txPower global onceTo set transmit power for all 802.11b/g Cisco radios to power level 5:
> config 802.11b txPower global 5To set transmit power for 802.11b/g AP1 to global:
> config 802.11b txPower AP1 globalTo set transmit power for 802.11b/g AP1 to power level 2:
> config 802.11b txPower AP1 2Related Commands
show ap config 802.11b, config 802.11a txPower, config country
CONFIG 802.11h COMMANDS
Use the CONFIG 802.11h commands to configure 802.11h settings.
config 802.11h channelswitch
To configure 802.11h channel switch announcement, use the config 802.11h channelswitch command.
config 802.11h channelswitch {enable mode value | disable}
Syntax Description
Defaults
None.
Examples
> config 802.11h channelswitch disableRelated Commands
show 802.11h
config 802.11h powerconstraint
To configure 802.11h power constraint value, use the config 802.11h powerconstraint command.
config 802.11h powerconstraint value
Syntax Description
config
Configure parameters.
802.11b
802.11h network parameters.
value
802.11h power constraint value.
Defaults
None.
Examples
> config 802.11h powerconstraint 5Related Commands
show 802.11h
config 802.11h setchannel
To configure a new channel using 802.11h channel announcement, use the config 802.11h setchannel command.
config 802.11h setchannel Cisco_AP
Syntax Description
config
Configure parameters.
802.11b
802.11h network parameters.
Cisco_AP
Cisco 1000 series IEEE 802.11a/b/g lightweight access point name.
Defaults
None.
Examples
> config 802.11h setchannel ap02Related Commands
show 802.11h
config acl apply
To apply the Access Control List (ACL) to the data path, use the config acl apply command.
config acl apply rule_name
Note
Syntax Description
config acl
Command action.
apply
Applies the ACL (name with up to 32 alphanumeric characters) to the data path.
rule_name
ACL name up to 32 alphanumeric characters.
Defaults
None.
Examples
> config acl apply acl01Related Commands
show acl
config acl create
To create a new ACL, use the config acl create command.
config acl create rule_name
Note
Syntax Description
config acl
Command action.
create
Create a new ACL.
rule_name
ACL name up to 32 alphanumeric characters.
Defaults
None.
Examples
> config acl create acl01Related Commands
show acl
config acl cpu
To create a new ACL rule that restricts the traffic reaching the CPU, use the config acl cpu command. This allows you to control the type of packets reaching the CPU.
config acl cpu rule_name {wired} {wireless} {both}
Syntax Description
Defaults
None.
Examples
The following example shows how to create an ACL named acl101 on the CPU and apply it to wired traffic.
> config acl cpu acl01 wiredRelated Commands
None.
config acl delete
To delete an ACL, use the config acl delete command.
config acl delete rule_name
Note
Syntax Description
config acl
Command action.
delete
Delete an ACL.
rule_name
ACL name up to 32 alphanumeric characters.
Defaults
None.
Examples
> config acl delete acl01Related Commands
show acl
config acl rule
To configure ACL rules, use the config acl rule command.
config acl rule {
action rule_name rule_index {permit | deny} |
add rule_name rule_index |
change index rule_name old_index new_index |
delete rule_name rule_index |
destination address rule_name rule_index ip_address netmask |
destination port range rule_name rule_index start_port end_port |
direction rule_name rule_index {in | out | any} |
dscp rule_name rule_index dscp |
protocol rule_name rule_index protocol |
source address rule_name rule_index ip_address netmask |
source port range rule_name rule_index start_port end_port |
swap index rule_name index_1 index_2}
Note
Syntax Description
Defaults
None.
Examples
> config acl rule action lab1 4 permitRelated Commands
show acl
CONFIG ADVANCED 802.11A COMMANDS
Use the ADVANCED 802.11a commands to configure advanced 802.11a settings.
config advanced 802.11a channel foreign
To have RRM consider or ignore foreign 802.11a interference avoidance in making channel selection updates for all 802.11a Cisco 1000 series lightweight access points, use the config advanced 802.11a channel foreign command.
config advanced 802.11a channel foreign {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
To have RRM consider foreign 802.11a interference when making channel selection updates for all 802.11a Cisco 1000 series lightweight access points:
> config advanced 802.11a channel foreign enableRelated Commands
show advanced 802.11a channel, config advanced 802.11b channel foreign
config advanced 802.11a channel load
To have RRM consider or ignore traffic load in making channel selection updates for all 802.11a Cisco 1000 series lightweight access points, use the config advanced 802.11a channel load command.
config advanced 802.11a channel load {enable | disable}
Syntax Description
Defaults
Disabled.
Examples
To have RRM consider traffic load when making channel selection updates for all 802.11a Cisco 1000 series lightweight access points:
> config advanced 802.11a channel load enableRelated Commands
show advanced 802.11a channel, config advanced 802.11b channel load
config advanced 802.11a channel noise
To have RRM consider or ignore non-802.11a noise in making channel selection updates for all 802.11a Cisco 1000 series lightweight access points, use the config advanced 802.11a channel noise command.
config advanced 802.11a channel noise {enable | disable}
Syntax Description
Defaults
Disabled.
Examples
To have RRM consider non-802.11a noise when making channel selection updates for all 802.11a Cisco 1000 series lightweight access points:
> config advanced 802.11a channel noise enableRelated Commands
show advanced 802.11a channel, config advanced 802.11b channel noise
config advanced 802.11a channel update
To have RRM initiate a channel selection update for all 802.11a Cisco 1000 series lightweight access points, use the config advanced 802.11a channel update command.
config advanced 802.11a channel update
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
channel update
Have RRM update the channel selections.
Defaults
None.
Examples
> config advanced 802.11a channel updateRelated Commands
show advanced 802.11a channel, config advanced 802.11b channel update
config advanced 802.11a factory
To reset 802.11a advanced settings back to the factory defaults, use the config advanced 802.11a factory command.
config advanced 802.11a factory
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
factory
Return all 802.11a advanced settings to their factory defaults.
Defaults
None.
Examples
> config advanced 802.11a factoryRelated Commands
show advanced 802.11a channel
config advanced 802.11a group-mode
To set the 802.11a automatic RF group selection mode on or off, use the config advanced 802.11a group-mode command.
config advanced 802.11a group-mode {auto | off}
Syntax Description
Defaults
Auto.
Examples
To turn the 802.11a automatic RF group selection mode on:
> config advanced 802.11a group-mode autoTo turn the 802.11a automatic RF group selection mode off:
> config advanced 802.11a group-mode offRelated Commands
show advanced 802.11a group, config advanced 802.11b group-mode
config advanced 802.11a logging channel
To turn the channel change logging mode on or off, use the config advanced 802.11a logging channel command.
config advanced 802.11a logging channel {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
logging channel
Log channel changes.
{on | off}
Enable or disable 802.11a channel logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11a logging channel onRelated Commands
show advanced 802.11a logging, config advanced 802.11b logging channel
config advanced 802.11a logging coverage
To turn the coverage profile logging mode on or off, use the config advanced 802.11a logging coverage command.
config advanced 802.11a logging coverage {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
logging coverage
Log coverage changes.
{on | off}
Enable or disable 802.11a coverage profile violation logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11a logging coverage onRelated Commands
show advanced 802.11a logging, config advanced 802.11b logging coverage
config advanced 802.11a logging foreign
To turn the foreign interference profile logging mode on or off, use the config advanced 802.11a logging foreign command.
config advanced 802.11a logging foreign {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
logging foreign
Log foreign changes.
{on | off}
Enable or disable 802.11a foreign interference profile violation logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11a logging foreign onRelated Commands
show advanced 802.11a logging, config advanced 802.11b logging foreign
config advanced 802.11a logging load
To turn the 802.11a load profile logging mode on or off, use the config advanced 802.11a logging load command.
config advanced 802.11a logging load {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
logging load
Log load changes.
{on | off}
Enable or disable 802.11a load profile violation logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11a logging load onRelated Commands
show advanced 802.11a logging, config advanced 802.11b logging load
config advanced 802.11a logging noise
To turn the 802.11a noise profile logging mode on or off, use the config advanced 802.11a logging noise command.
config advanced 802.11a logging noise {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
logging noise
Log noise changes.
{on | off}
Enable or disable 802.11a noise profile violation logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11a logging noise onRelated Commands
show advanced 802.11a logging, config advanced 802.11b logging noise
config advanced 802.11a logging performance
To turn the 802.11a performance profile logging mode on or off, use the config advanced 802.11a logging performance command.
config advanced 802.11a logging performance {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
logging performance
Log performance changes.
{on | off}
Enable or disable 802.11a performance profile violation logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11a logging performance onRelated Commands
show advanced 802.11a logging, config advanced 802.11b logging performance
config advanced 802.11a logging txpower
To turn the 802.11a transmit power change logging mode on or off, use the config advanced 802.11a logging txpower command.
config advanced 802.11a logging txpower {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
logging txpower
Log power changes.
{on | off}
Enable or disable 802.11a transmit power change logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11a logging txpower offRelated Commands
show advanced 802.11a logging, config advanced 802.11b logging power
config advanced 802.11a monitor channel-list
To set the 802.11a noise, interference, and rogue monitoring channel list, use the config advanced 802.11a monitor channel-list command.
config advanced 802.11a monitor channel-list {all | country | dca}
Syntax Description
Defaults
country.
Examples
> config advanced 802.11a monitor channel-list countryRelated Commands
show advanced 802.11a monitor coverage
config advanced 802.11a monitor coverage
To set the coverage measurement interval between 60 and 3600 seconds, use the config advanced 802.11a monitor coverage command.
config advanced 802.11a monitor coverage seconds
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
monitor coverage
Monitor coverage interval.
seconds
Coverage measurement interval between 60 and 3600 seconds.
Defaults
180 seconds.
Examples
To set the coverage measurement interval to 60 seconds:
> config advanced 802.11a monitor coverage 60Related Commands
show advanced 802.11a monitor, config advanced 802.11b monitor coverage
config advanced 802.11a monitor load
To set the load measurement interval between 60 and 3600 seconds, use the config advanced 802.11a monitor load command.
config advanced 802.11a monitor load seconds
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
monitor load
Monitor load interval.
seconds
Load measurement interval between 60 and 3600 seconds.
Defaults
60 seconds.
Examples
To set the load measurement interval to 60 seconds:
> config advanced 802.11a monitor load 60Related Commands
show advanced 802.11a monitor, config advanced 802.11b monitor load
config advanced 802.11a monitor mode
To enable or disable 802.11a access point monitoring, use the config advanced 802.11a monitor mode command.
config advanced 802.11a monitor mode {enable | disable}
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
monitor mode
Monitor mode.
{enable | disable}
Enable or disable 802.11a access point monitoring.
Defaults
Enabled.
Examples
> config advanced 802.11a monitor mode enableRelated Commands
show advanced 802.11a monitor, config advanced 802.11b monitor mode
config advanced 802.11a monitor noise
To set the 802.11a noise measurement interval between 60 and 3600 seconds, use the config advanced 802.11a monitor noise command.
config advanced 802.11a monitor noise seconds
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
monitor noise
Monitor noise interval.
seconds
Noise measurement interval between 60 and 3600 seconds.
Defaults
180 seconds.
Examples
To set the noise measurement interval to 120 seconds:
> config advanced 802.11a monitor noise 120Related Commands
show advanced 802.11a monitor, config advanced 802.11b monitor noise
config advanced 802.11a monitor signal
To set the signal measurement interval between 60 and 3600 seconds, use the config advanced 802.11a monitor signal command.
config advanced 802.11a monitor signal seconds
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
monitor signal
Monitor signal interval.
seconds
Signal measurement interval between 60 and 3600 seconds.
Defaults
60 seconds.
Examples
To set the signal measurement interval to 120 seconds:
> config advanced 802.11a monitor signal 120Related Commands
show advanced 802.11a monitor, config advanced 802.11b monitor signal
config advanced 802.11a profile clients
To set the Cisco 1000 series IEEE 802.11a/b/g lightweight access point clients threshold between 1 and 75 clients, use the config advanced 802.11a profile clients command.
config advanced 802.11a profile clients {global | Cisco_AP} clients
Syntax Description
Defaults
12 clients.
Examples
To set all Cisco 1000 series lightweight access point clients thresholds to 25 clients:
> config advanced 802.11a profile clients global 25Global client count profile set.To set the AP1 clients threshold to 75 clients:
> config advanced 802.11a profile clients AP1 75Global client count profile set.Related Commands
show advanced 802.11a profile, config advanced 802.11b profile clients
config advanced 802.11a profile coverage
To set the Cisco 1000 series lightweight access point coverage threshold between 3 and 50 dB, use the config advanced 802.11a profile coverage command.
config advanced 802.11a profile coverage {global | Cisco_AP} dBm
Syntax Description
Defaults
12 dB.
Examples
To set all Cisco 1000 series lightweight access point coverage thresholds to 30 dB:
> config advanced 802.11a profile coverage global 30To set AP1 coverage thresholds to 50 dB:
> config advanced 802.11a profile coverage AP1 50Related Commands
show advanced 802.11a profile, config advanced 802.11b profile coverage
config advanced 802.11a profile customize
To turn customizing on or off for an 802.11a Cisco 1000 series lightweight access point performance profile, use the config advanced 802.11a profile customize command.
config advanced 802.11a profile customize Cisco_AP {on | off}
Syntax Description
Defaults
Off.
Examples
To turn performance profile customization on for 802.11a Cisco 1000 series lightweight access point AP1:
> config advanced 802.11a profile customize AP1 onRelated Commands
show advanced 802.11a profile, config advanced 802.11b profile customize
config advanced 802.11a profile exception
To set the Cisco 1000 series lightweight access point coverage exception level between 0 and 100 percent, use the config advanced 802.11a profile exception command.
config advanced 802.11a profile exception {global | Cisco_AP} percent
Syntax Description
Defaults
25 percent.
Examples
To set all Cisco 1000 series lightweight access point coverage exception levels to 0 percent:
> config advanced 802.11a profile exception global 0To set the AP1 coverage exception level to 100 percent:
> config advanced 802.11a profile exception AP1 100Related Commands
show advanced 802.11a profile, config advanced 802.11b profile exception
config advanced 802.11a profile foreign
To set the foreign 802.11a transmitter interference threshold between 0 and 100 percent, use the config advanced 802.11a profile foreign command.
config advanced 802.11a profile foreign {global | Cisco_AP} percent
Syntax Description
Defaults
10.
Examples
To set the Other 802.11a transmitter interference threshold for all Cisco 1000 series lightweight access points to 50 percent:
> config advanced 802.11a profile foreign global 50To set the Other 802.11a transmitter interference threshold for AP1 to 0 percent:
> config advanced 802.11a profile foreign AP1 0Related Commands
show advanced 802.11a profile, config advanced 802.11b profile foreign
config advanced 802.11a profile level
To set the Cisco 1000 series lightweight access point client minimum exception level between 1 and 75 clients, use the config advanced 802.11a profile level command.
config advanced 802.11a profile level {global | Cisco_AP} clients
Syntax Description
Defaults
3 clients.
Examples
To set all Cisco 1000 series lightweight access point client minimum exception levels to 10 clients:
> config advanced 802.11a profile level global 10To set the AP1 client minimum exception level to 25 clients:
> config advanced 802.11a profile level AP1 25Related Commands
show advanced 802.11a profile, config advanced 802.11b profile level
config advanced 802.11a profile noise
To set the 802.11a foreign noise threshold between -127 and 0 dBm, use the config advanced 802.11a profile noise command.
config advanced 802.11a profile noise {global | Cisco_AP} dBm
Syntax Description
Defaults
-70 dBm.
Examples
To set the 802.11a foreign noise threshold for all Cisco 1000 series lightweight access points to -127 dBm:
> config advanced 802.11a profile noise global -127To set the 802.11a foreign noise threshold for AP1 to 0 dBm:
> config advanced 802.11a profile noise AP1 0Related Commands
show advanced 802.11a profile, config advanced 802.11b profile noise
config advanced 802.11a profile throughput
To set the Cisco 1000 series lightweight access point data-rate throughput threshold between 1000 and 10000000 bytes per second, use the config advanced 802.11a profile throughput command.
config advanced 802.11a profile throughput {global | Cisco_AP} value
Syntax Description
Defaults
1,000,000 bytes per second.
Examples
To set all Cisco 1000 series lightweight access point data-rate thresholds to 1000 bytes per second:
> config advanced 802.11a profile data-rate global 1000To set the AP1 data-rate threshold to 10000000 bytes per second:
> config advanced 802.11a profile data-rate AP1 10000000Related Commands
show advanced 802.11a profile, config advanced 802.11b profile data-rate
config advanced 802.11a profile utilization
To set the RF utilization threshold between 0 and 100 percent, use the config advanced 802.11a profile utilization command. OS generates a trap when this threshold is exceeded.
config advanced 802.11a profile utilization {global | Cisco_AP} percent
Syntax Description
Defaults
80 percent.
Examples
To set the RF utilization threshold for all Cisco 1000 series lightweight access points to 0 percent:
> config advanced 802.11a profile utilization global 0To set the RF utilization threshold for AP1 to 100 percent:
> config advanced 802.11a profile utilization AP1 100Related Commands
show advanced 802.11a profile, config advanced 802.11b profile utilization
config advanced 802.11a receiver
To set the advanced receiver configuration, use the config advanced 802.11a receiver command.
config advanced 802.11a receiver {default | rxstart jumpThreshold value}
Syntax Description
Defaults
None.
Examples
To prevent changes to receiver parameters while network is enabled:
> config advanced802.11a receiver defaultRelated Commands
config advanced 802.11b receiver
config advanced 802.11a txpower-update
To initiate updates of the 802.11a transmit power for every Cisco 1000 series lightweight access point, use the config advanced 802.11a txpower-update command.
config advanced 802.11a txpower-update
Syntax Description
config
Configure parameters.
advanced 802.11a
Advanced 802.11a parameters.
txpower-update
Update transmission power
Defaults
None.
Examples
> config advanced 802.11a txpower-updateRelated Commands
config advance 802.11b txpower-update
CONFIG ADVANCED 802.11B COMMANDS
Use the ADVANCED 802.11b commands to configure advanced 802.11b settings.
config advanced 802.11b 7920VSIEConfig
To configure the 7920 VISE parameters, use the config advanced 802.11b 7920VSIEConfig command.
config advanced 802.11b 7920VSIEConfig {call-admission-limit limit |
G711-CU-Quantum quantum}Syntax Description
Defaults
None.
Examples
> config advanced 802.11b 7920VSIEConfig call-admission-limit 4Related Commands
None.
config advanced 802.11b channel foreign
To have RRM consider or ignore foreign 802.11b/g interference in making channel selection updates for all 802.11b/g Cisco 1000 series lightweight access points, use the config advanced 802.11b channel foreign command.
config advanced 802.11b channel foreign {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
To have RRM consider foreign 802.11b/g interference when making channel selection updates for all 802.11b/g Cisco 1000 series lightweight access points:
> config advanced 802.11b channel foreign enableRelated Commands
show advanced 802.11b channel, config advanced 802.11a channel foreign
config advanced 802.11b channel load
To have RRM consider or ignore traffic load in making channel selection updates for all 802.11b/g Cisco 1000 series lightweight access points, use the config advanced 802.11b channel load command.
config advanced 802.11b channel load {enable | disable}
Syntax Description
Defaults
Disabled.
Examples
To have RRM consider traffic load when making channel selection updates for all 802.11b/g Cisco 1000 series lightweight access points:
> config advanced 802.11b channel load enableRelated Commands
show advanced 802.11b channel, config advanced 802.11a channel load
config advanced 802.11b channel noise
To have RRM consider or ignore non-802.11b/g noise in making channel selection updates for all 802.11b/g Cisco 1000 series lightweight access points, use the config advanced 802.11b channel noise command.
config advanced 802.11b channel noise {enable | disable}
Syntax Description
Defaults
Disabled.
Examples
To have RRM consider non-802.11b/g noise when making channel selection updates for all 802.11b/g Cisco 1000 series lightweight access points:
> config advanced 802.11b channel noise enableRelated Commands
show advanced 802.11b channel, config advanced 802.11a channel noise
config advanced 802.11b channel update
To have RRM initiate a channel selection update for all 802.11b/g Cisco 1000 series lightweight access points, use the config advanced 802.11b channel update command.
config advanced 802.11b channel update
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
channel update
Update the channel selections.
Defaults
None.
Examples
> config advanced 802.11b channel updateRelated Commands
show advanced 802.11b channel, config advanced 802.11a channel update
config advanced 802.11b factory
To reset 802.11b/g advanced settings back to the factory defaults, use the config advanced 802.11b factory command.
config advanced 802.11b factory
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
factory
Return all 802.11b/g advanced settings to their factory defaults.
Defaults
None.
Examples
To reset all 802.11b/g advanced settings back to the factory defaults:
> config advanced 802.11b factoryRelated Commands
show advanced 802.11b channel
config advanced 802.11b group-mode
To set the 802.11b/g RF group selection mode on or off, use the config advanced 802.11b group-mode command.
config advanced 802.11b group-mode {auto | off}
Syntax Description
Defaults
Auto.
Usage Guidelines
Use to enable or disable 802.11b/g automatic RF group selection mode.
Examples
To set the 802.11b/g RF group selection mode to automatic:
> config advanced 802.11b group-mode autoTo disable the 802.11b/g RF group selection mode:
> config advanced 802.11b group-mode offRelated Commands
show advanced 802.11b group, config advanced 802.11a group-mode
config advanced 802.11b logging channel
To turn the 802.11b/g channel change logging mode on or off, use the config advanced 802.11b logging channel command.
config advanced 802.11b logging channel {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
logging channel
Log channel changes.
{on | off}
Enable or disable 802.11b channel logging.
Defaults
Disabled.
Examples
> config advanced 802.11b logging channel onRelated Commands
show advanced 802.11b logging, config advanced 802.11a logging channel
config advanced 802.11b logging coverage
To turn the 802.11b/g coverage profile logging mode on or off, use the config advanced 802.11b logging coverage command.
config advanced 802.11b logging coverage {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
logging coverage
Log coverage changes.
{on | off}
Enable or disable 802.11b coverage profile violation logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11b logging coverage onRelated Commands
show advanced 802.11b logging, config advanced 802.11a logging coverage
config advanced 802.11b logging foreign
To turn the 802.11b/g foreign interference profile logging mode on or off, use the config advanced 802.11b logging foreign command.
config advanced 802.11b logging foreign {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
logging foreign
Log foreign changes.
{on | off}
Enable or disable foreign interference profile logging mode.
Defaults
Off (disabled).
Examples
> config advanced 802.11b logging foreign onRelated Commands
show advanced 802.11b logging, config advanced 802.11a logging foreign
config advanced 802.11b logging load
To turn the 802.11b/g load profile logging mode on or off, use the config advanced 802.11b logging load command.
config advanced 802.11b logging load {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
logging load
Log load changes.
{on | off}
Enable or disable 802.11b load profile violation logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11b logging load onRelated Commands
show advanced 802.11b logging, config advanced 802.11a logging load
config advanced 802.11b logging noise
To turn the 802.11b/g noise profile logging mode on or off, use the config advanced 802.11b logging noise command.
config advanced 802.11b logging noise {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
logging noise
Log noise changes.
{on | off}
Enable or disable 802.11b noise profile violation logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11b logging noise onRelated Commands
show advanced 802.11b logging, config advanced 802.11a logging noise
config advanced 802.11b logging performance
To turn the 802.11b/g performance profile logging mode on or off, use the config advanced 802.11b logging performance command.
config advanced 802.11b logging performance {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
logging performance
Log performance changes.
{on | off}
Enable or disable 802.11b performance profile violation logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11b logging performance onRelated Commands
show advanced 802.11b logging, config advanced 802.11a logging performance
config advanced 802.11b logging txpower
To turn the 802.11b/g transmit power change logging mode on or off, use the config advanced 802.11b logging txpower command.
config advanced 802.11b logging txpower {on | off}
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
logging txpower
Log power changes.
{on | off}
Enable or disable 802.11b transmit power change logging.
Defaults
Off (disabled).
Examples
> config advanced 802.11b logging txpower offRelated Commands
show advanced 802.11b logging, config advanced 802.11a logging power
config advanced 802.11b monitor channel-list
To set the 802.11b/g noise/interference/rogue monitoring channel list coverage, use the config advanced 802.11b monitor channel-list command.
config advanced 802.11b monitor channel-list {all | country | dca}
Syntax Description
Defaults
country.
Examples
> config advanced 802.11b monitor channel-list countryRelated Commands
show advanced 802.11b monitor, config advanced 802.11a monitor coverage
config advanced 802.11b monitor coverage
To set the 802.11b/g coverage measurement interval between 60 and 3600 seconds, use the config advanced 802.11b monitor coverage command.
config advanced 802.11b monitor coverage seconds
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
monitor coverage
Monitor coverage interval.
seconds
Coverage measurement interval between 60 and 3600 seconds.
Defaults
180 seconds.
Examples
To set the coverage measurement interval to 60 seconds:
> config advanced 802.11b monitor coverage 60Related Commands
show advanced 802.11b monitor, config advanced 802.11a monitor coverage
config advanced 802.11b monitor load
To set the 802.11b/g load measurement interval between 60 and 3600 seconds, use the config advanced 802.11b monitor load command.
config advanced 802.11b monitor load seconds
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
monitor load
Monitor load interval.
seconds
Load measurement interval between 60 and 3600 seconds.
Defaults
60 seconds.
Examples
To set the load measurement interval to 60 seconds:
> config advanced 802.11b monitor load 60Related Commands
show advanced 802.11b monitor, config advanced 802.11a monitor load
config advanced 802.11b monitor mode
To enable or disable the 802.11b monitor mode, use the config advanced 802.11b monitor mode command.
config advanced 802.11b monitor mode {enable | disable}
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b parameters.
monitor mode
Monitor mode.
{enable | disable}
Enable or disable 802.11b access point monitoring.
Defaults
Enabled.
Examples
> config advanced 802.11b monitor mode enableRelated Commands
show advanced 802.11b monitor, config advanced 802.11a monitor mode
config advanced 802.11b monitor noise
To set the 802.11b/g noise measurement interval between 60 and 3600 seconds, use the config advanced 802.11b monitor noise command.
config advanced 802.11b monitor noise seconds
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
monitor noise
Monitor noise interval.
seconds
Noise measurement interval between 60 and 3600 seconds.
Defaults
180 seconds.
Examples
To set the noise measurement interval to 120 seconds:
> config advanced 802.11b monitor noise 120Related Commands
show advanced 802.11b monitor, config advanced 802.11a monitor noise
config advanced 802.11b monitor signal
To set the 802.11b/g signal measurement interval between 60 and 3600 seconds, use the config advanced 802.11b monitor signal command.
config advanced 802.11b monitor signal seconds
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b/g parameters.
monitor signal
Monitor signal interval.
seconds
Signal measurement interval between 60 and 3600 seconds.
Defaults
60 seconds.
Examples
To set the signal measurement interval to 120 seconds:
> config advanced 802.11b monitor signal 120Related Commands
show advanced 802.11b monitor, config advanced 802.11a monitor signal
config advanced 802.11b profile clients
To set the number of 802.11b/g Cisco 1000 series lightweight access point clients threshold between 1 and 75 clients, use the config advanced 802.11b profile clients command.
config advanced 802.11b profile clients {global | Cisco_AP} clients
Syntax Description
Defaults
12 clients
Examples
To set the Cisco 1000 series lightweight access point clients threshold for all Cisco radios to 25:
> config advanced 802.11b profile clients global 25To set the Cisco 1000 series lightweight access point clients threshold for AP1 to 75:
> config advanced 802.11b profile clients AP1 75Related Commands
config advanced 802.11a profile clients
config advanced 802.11b profile coverage
To set the 802.11b/g Cisco 1000 series lightweight access point coverage threshold between 3 and 50 dB, use the config advanced 802.11b profile coverage command.
config advanced 802.11b profile coverage {global | Cisco_AP} dBm
Syntax Description
Defaults
12 dB
Examples
To set the Cisco 1000 series lightweight access point coverage threshold for all Cisco 1000 series lightweight access points to 30 dB:
> config advanced 802.11b profile coverage global 30To set the Cisco 1000 series lightweight access point coverage threshold for AP1 to 50 dB:
> config advanced 802.11b profile coverage AP1 50Related Commands
config advanced 802.11a profile coverage
config advanced 802.11b profile customize
To turn customization on or off for an 802.11b/g Cisco 1000 series lightweight access point performance profile, use the config advanced 802.11b profile customize command.
config advanced 802.11b profile customize Cisco_AP {on | off}
Syntax Description
Defaults
Off
Examples
To turn customization on for the AP1 performance profile:
> config advanced 802.11b profile customize onRelated Commands
config advanced 802.11a profile customize
config advanced 802.11b profile exception
To set the 802.11b/g Cisco 1000 series lightweight access point coverage exception level between 0 and 100 percent, use the config advanced 802.11b profile exception command.
config advanced 802.11b profile exception {global | Cisco_AP} percent
Syntax Description
Defaults
25%
Examples
To set the Cisco 1000 series lightweight access point coverage exception level for all Cisco 1000 series lightweight access points to 0 percent:
> config advanced 802.11b profile exception global 0To set the Cisco 1000 series lightweight access point coverage exception level for AP1 to 100 percent:
> config advanced 802.11b profile exception AP1 100Related Commands
config advanced 802.11a profile exception
config advanced 802.11b profile foreign
To set the foreign 802.11b/g transmitter interference threshold between 0 and 100 percent, use the config advanced 802.11b profile foreign command.
config advanced 802.11b profile foreign {global | Cisco_AP} percent
Syntax Description
Defaults
10.
Examples
To set the foreign 802.11b/g transmitter interference threshold for the whole 802.11b/g network to 50 percent:
> config advanced 802.11b profile foreign global 50To set the foreign 802.11b/g transmitter interference threshold for AP1 to 0 percent:
> config advanced 802.11b profile foreign AP1 0Related Commands
config advanced 802.11b profile foreign
config advanced 802.11b profile level
To set the 802.11b/g Cisco 1000 series lightweight access point client minimum exception level between 1 and 75 clients, use the config advanced 802.11b profile level command.
config advanced 802.11b profile level {global | Cisco_AP} clients
Syntax Description
Defaults
3 clients
Examples
To set the Cisco 1000 series lightweight access point client minimum exception level for all Cisco radios to 75 clients:
> config advanced 802.11b profile level global 75To set the Cisco 1000 series lightweight access point client minimum exception level for AP1 to 25 clients:
> config advanced 802.11b profile level AP1 25Related Commands
config advanced 802.11a profile level
config advanced 802.11b profile noise
To set the 802.11b/g foreign noise threshold between -127 and 0 dBm, use the config advanced 802.11b profile noise command.
config advanced 802.11b profile noise {global | Cisco_AP} dBm
Syntax Description
Defaults
-70 dB
Examples
To set the 802.11b/g foreign noise threshold for the whole 802.11b/g network to -90 dBm:
> config advanced 802.11b profile noise global -90To set the 802.11b/g foreign noise threshold for AP1 to -30 dBm:
> config advanced 802.11b profile noise AP1 -30Related Commands
config advanced 802.11a profile noise
config advanced 802.11b profile throughput
To set the 802.11b/g Cisco 1000 series lightweight access point throughput threshold between 1000 and 10000000 bytes per second, use the config advanced 802.11b profile throughput command.
config advanced 802.11b profile throughput {global | Cisco_AP} rate
Syntax Description
Defaults
1,000,000 bps
Examples
To set the Cisco 1000 series lightweight access point throughput threshold for all Cisco radios to 1000 bytes per second:
> config advanced 802.11b profile throughput global 1000To set the Cisco 1000 series lightweight access point throughput threshold for AP1 to 10000000 bytes per second:
> config advanced 802.11b profile throughput AP1 10000000Related Commands
config advanced 802.11a profile throughput
config advanced 802.11b profile utilization
To set the 802.11b/g RF utilization threshold between 0 and 100 percent, use the config advanced 802.11b profile utilization command.
config advanced 802.11b profile utilization {global | Cisco_AP} percent
Syntax Description
Defaults
80%
Examples
To set the RF utilization threshold for the whole 802.11b/g network to 100 percent:
> config advanced 802.11b profile utilization global 100To set the RF utilization threshold for the AP1 to 50 percent:
> config advanced 802.11b profile utilization AP1 50Related Commands
config advanced 802.11a profile utilization
config advanced 802.11b receiver
To set the advanced receiver configuration, use the config advanced 802.11b receiver command.
config advanced 802.11b receiver {default | rxstart}
Syntax Description
Defaults
None.
Examples
Cannot change receiver params while network is enabled:
> config advanced 802.11b receiver defaultRelated Commands
config advanced 802.11a receiver
config advanced 802.11b txpower-update
To initiate updates of the 802.11b transmit power for every Cisco 1000 series lightweight access point, use the config advanced 802.11b txpower-update command.
config advanced 802.11b txpower-update
Syntax Description
config
Configure parameters.
advanced 802.11b
Advanced 802.11b parameters.
txpower-update
Update transmission power
Defaults
None.
Examples
> config advanced 802.11b txpower-updateRelated Commands
config advance 802.11a txpower-update
config advanced client-handoff
To set the client handoff to occur after a selected number of 802.11 data packet excessive retries, use the config advanced client-handoff command.
config advanced client-handoff num_of_retries
Syntax Description
config
Configure parameters.
advanced
Advanced parameters.
client-handoff
Client handoff.
num_of_retries
Number of excessive retries before client handoff (from 0 to 255).
Defaults
0 excessive retries (disabled).
Examples
To set the client handoff to 100 excessive retries:
> config advanced client-handoff 100Related Commands
show advanced client-handoff
config advanced statistics
To enable or disable Cisco Wireless LAN controller port statistics collection, use the config advanced statistics command.
config advanced statistics {enable | disable}
Syntax Description
config
Configure parameters.
advanced
Advanced parameters.
statistics
Statistics.
{enable | disable}
Enable or disable switch port statistics.
Defaults
Enabled.
Examples
To disable statistics:
> config advanced statistics disableRelated Commands
show advanced statistics, show stats port, show stats switch
CONFIG ADVANCED TIMERS COMMANDS
User the advanced timers commands to configure advanced 802.11a settings.
config advanced timers ap-discovery-timeout
The Cisco 1000 series lightweight access point discovery time-out is how often a Cisco Wireless LAN controller attempts to discover unconnected Cisco 1000 series lightweight access points. To configure the Cisco 1000 series lightweight access point discovery time-out, use the config advanced timers ap-discovery-timeout command.
config advanced timers ap-discovery-timeout seconds
Syntax Description
Defaults
10 seconds.
Examples
> config advanced timers ap-discovery-timeout 20Related Commands
show advanced timers
config advanced timers ap-heartbeat-timeout
The Cisco 1000 series lightweight access point heartbeat timeout controls how often the Cisco 1000 series lightweight access point sends a heartbeat keep-alive signal to the Cisco Wireless LAN controller. To configure the Cisco 1000 series lightweight access point heartbeat timeout, use the config advanced timers ap-heartbeat-timeout command.
config advanced timers ap-heartbeat-timeout seconds
Syntax Description
Defaults
30 seconds.
Examples
> config advanced timers ap-heartbeat-timeout 20Related Commands
show advanced timers
config advanced timers auth-timeout
To configure the authentication timeout, use the config advanced timers auth-timeout command.
config advanced timers auth-timeout seconds
Syntax Description
config
Configure parameters.
advanced
Advanced parameters.
timers
Network timers.
auth-timeout
Authentication response timeout.
seconds
Timeout value in seconds between 5 and 600.
Defaults
10 seconds.
Examples
> config advanced timers auth-timeout 20Related Commands
show advanced timers
config advanced timers eap-timeout
To configure the EAP expiration timeout, use the config advanced timers eap-timeout command.
config advanced timers eap-timeout seconds
Syntax Description
config
Configure parameters.
advanced
Advanced parameters.
timers
Network timers.
eap-timeout
EAP timeout.
seconds
Timeout value in seconds between 8 and 120.
Defaults
(None.)
Examples
> config advanced timers eap-timeout 10Related Commands
show advanced timers
config advanced timers eap-identity-request-delay
To configure the advanced EAP identity request delay in seconds, use the config advanced timers eap-identity-request-delay command.
config advanced timers eap-identity-request-delay seconds
Syntax Description
show
Display configurations.
advanced
Advanced parameters.
timers eap-identity-request-delay
Advanced system timers.
seconds
Number of seconds between 0 and 10.
Defaults
None.
Examples
> show advanced timers eap-identity-request-delay 8Related Commands
config advanced timers auth-timeout, config advanced timers rogue-ap, show advanced timers
CONFIG AP COMMANDS
Use the following CONFIG AP commands.
config ap add
To add a Foreign Access Point, use the config ap add command.
config ap add MAC port {enable | disable} IP_address
Syntax Description
Defaults
None.
Examples
> config ap add 12:12:12:12:12:12 2033 enable 192.12.12.1Related Commands
config ap
config ap bhmode
To configure the Cisco Bridge Backhaul Mode, use the config ap bhmode command.
config ap bhmode {11a | 11b | 11g} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap bhmode 11g AP02Changing the AP's backhaul mode will cause the AP to reboot.Are you sure you want to continue? (y/n)Related Commands
config ap
config ap bhrate
To configure the Cisco Bridge Backhaul Tx Rate, use the config ap bhrate command.
config ap bhrate rate Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap bhrate 54000 AP01Related Commands
config ap
config ap bridgegroupname
To set or delete bridgegroupname on a Cisco 1000 Series lightweight access point, use the config ap bridgegroupname command.
Note
config ap bridgegroupname {set groupname | delete} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap bridgegroupname delete AP02Changing the AP's bridgegroupname may strand the bridge AP. Please continue with caution.Changing the AP's bridgegroupname will also cause the AP to reboot.Are you sure you want to continue? (y/n)Related Commands
config ap
config ap bridging
To enable or disable Ethernet-to-Ethernet bridging on a Cisco 1000 Series lightweight access point, use the config ap bridging command.
config ap bridging {enable | disable} Cisco_AP
Syntax Description
Defaults
None.
Examples
>Related Commands
config ap
config ap core-dump
To configure a Cisco 1000 Series lightweight access point's memory core dump, use the config ap core-dump command.
config ap core-dump {enable IP_address filename {compress | uncompress} | disable}
{Cisco_AP | all}Syntax Description
Defaults
None.
Examples
> config ap core-dump enable 192.1.1.1 log compress AP02Related Commands
config ap
config ap crash-file clear-all
To delete all crash and radio core dump files, use the config ap crash-file clear-all command.
config ap crash-file clear-all
Syntax Description
config
Display configurations.
ap
Advanced parameters.
crash-file clear-all
Delete all crash and radio core dump files.
Defaults
None.
Examples
> config ap crash-file clear-allRelated Commands
config ap
config ap crash-file delete
To delete a single crash or radio core dump file, use the config ap crash-file delete command.
config ap crash-file delete filename
Syntax Description
config
Display configurations.
ap
Advanced parameters.
crash-file delete
Delete a single crash or radio core dump file.
filename
Name of the file to delete.
Defaults
None.
Examples
> config ap crash-file delete crash-file-1Related Commands
config ap
config ap crash-file get-crash-file
To collect the latest crash data for a Cisco 1000 series lightweight access point, use the config ap crash-file get-crash-file command. Use the transfer upload datatype command to transfer the collected data to the Cisco Wireless LAN controller.
config ap crash-file get-crash-file Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap crash-file get-crash-file AP3config ap crash-file get-radio-core-dump
To get a Cisco 1000 Series lightweight access point's radio core dump, use the config ap crash-file get-radio-core-dump command.
config ap crash-file get-radio-core-dump Slot_ID Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap crash-file get-radio-core-dump 0 AP02Related Commands
config ap
config ap delete
To delete a Foreign Access Point, use the config ap delete command.
config ap delete MAC
Syntax Description
config
Display configurations.
ap
Advanced parameters.
delete
Delete a Foreign Access Point.
MAC
Foreign Access Point MAC address.
Defaults
None.
Examples
> config ap delete 12:12:12:12:12:12Related Commands
config ap
config ap disable
To disable a Cisco 1000 series lightweight access point, use the config ap disable command.
config ap disable Cisco_AP
Syntax Description
config
Configure parameters.
ap
Cisco 1000 series lightweight access point.
disable
Disable command.
Cisco_AP
Name of the Cisco 1000 series lightweight access point.
Defaults
None.
Examples
> config ap disable AP1Related Commands
config ap enable
config ap enable
To enable a Cisco 1000 series lightweight access point, use the config ap enable command.
config ap enable Cisco_AP
Syntax Description
config
Configure parameters.
ap
Cisco 1000 series lightweight access point.
enable
Enable command.
Cisco_AP
Name of the Cisco 1000 series lightweight access point.
Defaults
None.
Examples
> config ap enable AP1Related Commands
config ap disable
config ap group-name
To specify a descriptive group name for a Cisco 1000 series lightweight access point, use the config ap group-name command. The Cisco 1000 series lightweight access point must be disabled before changing this parameter.
config ap group-name groupname Cisco_AP
Syntax Description
config
Configure parameters.
ap
Cisco 1000 series lightweight access point.
groupname
Descriptive group name.
Cisco_AP
Name of the Cisco 1000 series lightweight access point.
Defaults
None.
Examples
> config ap group-name superusers AP01Related Commands
show ap summary
config ap led-state
To enable or disable the LED-State for an access point, use the config ap led-state command.
config ap led-state {enable | disable} {Cisco_AP | all}
Syntax Description
Defaults
None.
Examples
> config ap led-state enable AP02Related Commands
config ap
config ap location
To modify the descriptive location of a Cisco 1000 series lightweight access point, use the config ap location command. The Cisco 1000 series lightweight access point must be disabled before changing this parameter.
config ap location location Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap location "Building 1" AP1Related Commands
show ap summary
config ap mode
Cisco Wireless LAN controllers communicate with Cisco 1000 series lightweight access points in one of three modes: local (normal), reap (remote office, must connect to a Cisco 1030 remote edge lightweight access point), or monitor (listen-only). To change a Cisco Wireless LAN controller communication option for an individual Cisco 1000 series lightweight access point, use the config ap mode command.
Note that the bridge mode can be set only on Cisco 1030 remote edge lightweight access points.
config ap mode {local | reap | monitor | rogue | sniffer | bridge} Cisco_AP
Syntax Description
Defaults
Local.
Examples
Sets the Cisco Wireless LAN controller to communicate with AP01 in local (normal) mode:
> config ap mode local AP01Sets the Cisco Wireless LAN controller to communicate with Cisco 1030 remote edge lightweight access point AP91 in remote office mode:
> config ap mode reap AP91Sets the Cisco Wireless LAN controller to communicate with AP02 in monitor (listen-only) mode:
> config ap mode monitor AP02Sets the AP91 in rogue access point detector mode:
> config ap mode rogue AP91Sets the AP02 in wireless sniffer mode. It will capture and forward all the packets from the clients on that channel to a remote machine that runs AiroPeek (A packet analyzer for IEEE 802.11 wireless LANs). It will include information on timestamp, signal strength, packet size and so on.
> config ap mode sniffer AP02Sets the AP91 in bridge mode:
> config ap mode bridge AP91
Note
Related Commands
show ap config
config ap name
To modify the name of a Cisco 1000 series lightweight access point, use the config ap name command.
config ap name new_name old_name
Syntax Description
Defaults
None.
Examples
> config ap name AP1 AP2Related Commands
show ap config
config ap port
To configure the port for a Foreign Access Point., use the config ap port command.
config ap port MAC port
Syntax Description
Defaults
None.
Examples
> config ap port 12:12:12:12:12:12 20Related Commands
config ap
config ap power injector
To configure the power injector state for an access point, use the config ap power injector command.
config ap power injector {enable | disable} {Cisco_AP | all} {installed | override | switch_MAC}
Syntax Description
Defaults
None.
Examples
> config ap power injector enable ap02 installed
Related Commands
config ap
config ap power pre-standard
To enable or disables the Inline Power Cisco Pre-Standard switch state for an access point, use the config ap power pre-standard command.
config ap power pre-standard {enable | disable} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap power pre-standard enable AP02Related Commands
config ap
config ap primary-base
To set the Cisco 1000 series lightweight access point primary Cisco Wireless LAN controller, use the config ap primary-base command. The Cisco 1000 series lightweight access point associates with this Cisco Wireless LAN controller for all network operation and in the event of a hardware reset.
config ap primary-base controller_name Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap primary-base SW_1 AP2Related Commands
show sysinfo, config sysname, config ap secondary-base, config ap tertiary-base
config ap remote-debug
To enable or disable remote debugging of a Cisco 1000 series lightweight access point or to remotely execute a command on a Cisco 1000 series lightweight access point, use the config ap remote-debug command.
config ap remote-debug {enable | disable | exc-command cmd} Cisco_AP
Syntax Description
Defaults
Disabled.
Examples
To enable remote debugging on AP01:
> config ap remote-debug enable AP01To disable remote debugging on AP02:
> config ap remote-debug disable AP02To execute Cisco TAC-provided commands on AP03:
> config ap remote-debug exc-command (command) AP03Related Commands
show sysinfo, config sysname
config ap reporting-period
To reset a Cisco 1000 series lightweight access point, use the config ap reset command.
config ap reporting-period period
Syntax Description
config
Configure parameters.
ap
Cisco 1000 series lightweight access point.
reporting-period
Reporting-period command.
period
Time period in seconds between 10 and 120.
Defaults
None.
Examples
> config ap reporting-period 120Related Commands
show ap config 802.11a, show ap config 802.11ab
config ap reset
To reset a Cisco 1000 series lightweight access point, use the config ap reset command.
config ap reset Cisco_AP
Syntax Description
config
Configure parameters.
ap
Cisco 1000 series lightweight access point.
reset
Reset command.
Cisco_AP
Cisco 1000 series lightweight access point name.
Defaults
None.
Examples
> config ap reset AP2Related Commands
show ap config
config ap role
To configure a Cisco Bridge role of operation, use the config ap role command.
config ap role {rooftop | poletop | auto} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap role auto AP02Changing the AP's role will cause the AP to reboot.Are you sure you want to continue? (y/n)Related Commands
config ap
config ap rst-button
To configure the Reset button for an access point, use the config ap rst-button command.
config ap rst-button {enable | disable} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap rst-button enable AP03Related Commands
config ap
config ap secondary-base
To set the Cisco 1000 series lightweight access point secondary Cisco Wireless LAN controller, use the config ap secondary-base command. The Cisco 1000 series lightweight access point associates with this Cisco Wireless LAN controller for all network operation and in the event of a hardware reset.
config ap secondary-base controller_name Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap secondary-base SW_1 AP2Related Commands
show sysinfo, config sysname, config ap primary-base, config ap tertiary-base
config ap sniff 802.11a
To enable or disable sniffing on a Cisco 1000 series lightweight access point radio, use the config ap sniff 802.11a command.
When the sniffer feature is enabled on a Cisco 1000 series lightweight access point, it starts sniffing the signal on the given channel. It captures and forwards all the packets to the remote computer that runs airopeek, a packet analyzer for IEEE 802.11 wireless LANs. It includes information on timestamp, signal strength, packet size and so on.
Before a Cisco 1000 series lightweight access point can act as a sniffer, a remote computer that runs Airopeek must be set up so that it can receive packets sent by the Cisco 1000 series lightweight access point. After the Airopeek installation, copy the following .dll files to the location where airopeek is installed.
•
•
config ap sniff 802.11a {enable channel ip_address | disable} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap sniff 80211a enable 23 11.22.44.55 AP01Related Commands
show ap config, config ap sniff 802.11b
config ap sniff 802.11b
To enable or disable sniffing on a Cisco 1000 series lightweight access point radio, use the config ap sniff 802.11b command.
When the sniffer feature is enabled on a Cisco 1000 series lightweight access point, it starts sniffing the signal on the given channel. It captures and forwards all the packets to the remote computer that runs airopeek (a packet analyzer for IEEE 802.11 wireless LANs). It includes information on timestamp, signal strength, packet size and so on.
Before a Cisco 1000 series lightweight access point can act as a sniffer, a remote computer that runs Airopeek must be set up so that it can receive packets sent by the Cisco 1000 series lightweight access point. After the Airopeek installation, copy the following .dll files to the location where airopeek is installed.
•
•
config ap sniff 802.11b {enable channel ip_address | disable} Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap sniff 80211b enable 23 11.22.44.55 AP01Related Commands
show ap config, config ap sniff 802.11a
config ap static-ip
To configure Cisco 1000 Series lightweight access point static IP address settings, use the config ap static-ip command.
config ap static-ip {enable Cisco_AP ip_address net_mask gateway | disable Cisco_AP}
Syntax Description
Defaults
None.
Examples
> config ap static-ip enable AP2 1.1.1.1 255.255.255.0 10.1.1.1Related Commands
show sysinfo, config sysname, config ap secondary-base, config ap primary-base
config ap stats-timer
Use this command to set the time in seconds that the Cisco 1000 series lightweight access point sends its DOT11 statistics to the Cisco Wireless LAN controller. A value of 0 (zero) means the Cisco 1000 series lightweight access point will not send any DOT11 statistics. The acceptable range for the timer is from 0 to 65535 seconds, and the Cisco 1000 series lightweight access point must be disabled to set this value.
config ap stats-timer period Cisco_AP
Syntax Description
Defaults
0 (disabled).
Examples
> config ap stats-timer 600 AP2Related Commands
config ap disable
config ap tertiary-base
To set the Cisco 1000 series lightweight access point tertiary Cisco Wireless LAN controller, use the config ap tertiary-base command. The Cisco 1000 series lightweight access point associates with this Cisco Wireless LAN controller for all network operation and in the event of a hardware reset.
config ap tertiary-base controller_name Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap tertiary-base SW_1 AP2Related Commands
show sysinfo, config sysname, config ap secondary-base, config ap primary-base
config ap tftp-downgrade
To initiate access point image downgrade from a TFTP server, use the config ap tftp-downgrade command.
config ap tftp-downgrade IP_address filename Cisco_AP
Syntax Description
Defaults
None.
Examples
> config ap tftp-downgrade 192.1.1.1 img1 AP02Related Commands
config ap
config ap wlan
To enable or disable wireless LAN override for a Cisco 1000 series lightweight access point radio, and to add or delete wireless LANs to or from a Cisco 1000 series lightweight access point radio, as described in the related product guide, use the config ap wlan command.
config ap wlan {add | delete | enable | disable} {802.11a | 802.11b} wlan_id Cisco_AP
Syntax Description
Defaults
None.
Examples
To enable wireless LAN override on the AP03 802.11a radio:
> config ap wlan enable 802.11a AP03To add wireless LAN ID 1 on the AP03 802.11a radio:
> config ap wlan add 802.11a 1 AP03To delete wireless LAN ID 1 from the AP03 802.11a radio:
> config ap wlan delete 802.11a AP03To disable wireless LAN override on the AP03 802.11a radio:
> config ap wlandisable 802.11a AP03Related Commands
show ap wlan
config ap username
To configure a username and password for access points that are in deployed in remote places, use the config ap username command.
config ap username {name} {password}
Syntax Description
Defaults
None.
Examples
> config ap username test testconfig auth-list add
To create an authorized access point entry, use the config auth-list add command.
config auth-list add {mic | ssc} AP_MAC [AP_key]
Syntax Description
Defaults
None.
Examples
> config auth-list add mic 00:0b:85:02:0d:20Related Commands
config auth-list delete, config auth-list ap-policy.
config auth-list ap-policy
To configure an access point authorization policy, use the config auth-list ap-policy command.
config auth-list ap-policy {authorize-ap {enable | disable} | ssc {enable | disable}}
Syntax Description
Defaults
None.
Examples
> config auth-list ap-policy authorize-ap enable> config auth-list ap-policy ssc disableRelated Commands
config auth-list add, config auth-list delete.
config auth-list delete
To delete an access point entry, use the config auth-list delete command.
config auth-list delete AP_MAC
Syntax Description
config auth-list
Command action.
delete
Delete an access point entry.
AP_MAC
MAC address of a Cisco 1000 Series lightweight access point.
Defaults
None.
Examples
> config auth-list delete 00:0b:85:02:0d:20Related Commands
config auth-list add, config auth-list ap-policy.
config boot
Each Cisco Wireless LAN controller can boot off the primary, last-loaded OS image or boot off the backup, earlier-loaded OS image. To change a Cisco Wireless LAN controller boot option, use the config boot command.
config boot {primary | backup}
Syntax Description
config boot
Configure boot option.
{primary | backup}
Set the primary image or backup image as active.
Defaults
primary
Examples
> config boot primary> config boot backupRelated Commands
show boot
config certificate
To configures SSL certificates, use the config certificate command.
config certificate {generate {webadmin | webauth} | compatibility {on | off}}
Syntax Description
Defaults
None.
Examples
> config certificate generate webadminCreating a certificate may take some time. Do you wish to continue? (y/n)> config certificate compatibilityRelated Commands
show certificate summary, show certificate compatibility
config client deauthenticate
To disconnect a client, use the config client deauthenticate command.
config client deauthenticate MAC
Syntax Description
config
Configure parameters.
client
Network client.
deauthenticate
Deauthenticate command.
MAC
Client MAC address.
Defaults
None.
Examples
> config client deauthenticate 11:11:11:11:11:11Related Commands
show client summary, show client detail
config country
To configure the controller's country code, use the config country command. Use the show country command to display a list of supported countries.
config country country_code
Note
Syntax Description
config
Configure parameters.
country
Set this Cisco Wireless LAN controller to comply with selected country's regulations.
country_code
A two-letter or three-letter country code.
Defaults
us (country code of the United States of America).
Examples
> config country DERelated Commands
show country
config custom-web ext-webauth-mode
To configure external URL web-based client authorization for the custom-web authentication page, use the config custom-web ext-webauth-mode command.
config custom-web ext-webauth-mode {enable | disable}
Syntax Description
config custom-web
Command action.
ext-webauth-mode {enable | disable}
Enable or disable external URL web-based client authorization.
Defaults
None.
Examples
> config custom-web ext-webauth-mode enableRelated Commands
config custom-web redirectUrl, config custom-web weblogo, config custom-web webmessage, config custom-web webtitle, config custom-web ext-webauth-url, show custom-web
config custom-web ext-webauth-url
To configure the complete external web authentication URL for the custom-web authentication page, use the config custom-web ext-webauth-url command.
config custom-web ext-webauth-url URL
Syntax Description
config custom-web
Command action.
ext-webauth-url URL
Set the complete external web authentication URL used for web-based client authorization.
Defaults
None.
Examples
> config custom-web ext-webauth-url http://www.AuthorizationURL.com/Related Commands
config custom-web redirectUrl, config custom-web weblogo, config custom-web webmessage, config custom-web webtitle, config custom-web ext-webauth-mode, show custom-web
config custom-web ext-webserver
To configure an external web server, use the config custom-web ext-webserver command.
config custom-web ext-webserver {add index IP_address | delete index}
Syntax Description
Defaults
None.
Examples
> config custom-web ext-webserver add 2 192.23.32.19Related Commands
config custom-web redirectUrl, config custom-web weblogo, config custom-web webmessage, config custom-web webtitle, config custom-web ext-webauth-mode, config custom-web ext-webauth-url, show custom-web
config custom-web redirectUrl
To configure the redirect URL for the custom-web authentication page, use the config custom-web redirectUrl command.
config custom-web redirectUrl URL
Syntax Description
Defaults
None.
Examples
> config custom-web redirectUrl abc.comRelated Commands
config custom-web weblogo, config custom-web webmessage, config custom-web webtitle, config custom-web ext-webauth-mode, config custom-web ext-webauth-url, show custom-web
config custom-web weblogo
To configure the web authentication logo for the custom-web authentication page, use the config custom-web weblogo command.
config custom-web weblogo {enable | disable}
Syntax Description
config custom-web
Command action.
weblogo {enable | disable}
Enable or disable the web authentication logo.
Defaults
None.
Examples
> config custom-web weblogo enableRelated Commands
config custom-web redirectUrl, config custom-web webmessage, config custom-web webtitle, config custom-web ext-webauth-mode, config custom-web ext-webauth-url, show custom-web
config custom-web webmessage
To configure the custom web authentication message text for the custom-web authentication page, use the config custom-web webmessage command.
config custom-web webmessage message
Syntax Description
config custom-web
Command action.
webmessage message
Set custom message text for web authentication.
Defaults
None.
Examples
> config custom-web webmessage ThisistheplaceRelated Commands
config custom-web redirectUrl, config custom-web weblogo, config custom-web webtitle, config custom-web ext-webauth-mode, config custom-web ext-webauth-url, show custom-web
config custom-web webtitle
To configure the web authentication title text for the custom-web authentication page, use the config custom-web webtitle command.
config custom-web webtitle title
Syntax Description
Defaults
None.
Examples
> config custom-web webtitle HelpdeskRelated Commands
config custom-web redirectUrl, config custom-web weblogo, config custom-web webmessage, config custom-web ext-webauth-mode, config custom-web ext-webauth-url, show custom-web
config database size
To configure the local database, use the config database command. Use the show database command to display local database configuration.
config database size count
Syntax Description
Defaults
None.
Examples
Configures the dhcp lease for scope 003.
> config database size 1024Related Commands
show database
config dhcp
To configure the internal DHCP, use the config dhcp command. Use the show dhcp command to display the internal DHCP configuration.
config dhcp {address-pool scope start end | create-scope scope |
default-router scope router_1 [router_2] [router_3] | delete-scope scope | disable scope |
dns-servers scope dns1 [dns2] [dns3] | domain scope domain |
enable scope | lease scope lease_duration |
netbios-name-server scope wins1 [wins2] [wins3] |
network scope network netmask}Syntax Description
Defaults
None.
Examples
Configures the DHCP lease for the scope 003.
> config dhcp lease 003Related Commands
show dhcp
config dhcp proxy
To specify the level at which DHCP packets are modified, use the config dhcp proxy command. Use the show dhcp proxy command to display the status of DHCP proxy handling.
config dhcp proxy {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
> config dhcp proxy disableRelated Commands
show dhcp proxy
config exclusionlist
To create or delete an exclusion list entry, use the config exclusionlist command.
config exclusionlist {add MAC [description] | delete MAC | description MAC [description]}
Syntax Description
Defaults
None.
Examples
> config exclusionlist add xx:xx:xx:xx:xx:xx lab> config exclusionlist delete xx:xx:xx:xx:xx:xx labRelated Commands
show exclusionlist
CONFIG INTERFACE COMMANDS
Use the CONFIG INTERFACE commands to configure interface commands.
config interface acl
To configure an interface's Access Control List, use the config interface acl command.
config interface acl {ap-manager | management | interface_name} {ACL | none}
Note
Syntax Description
Defaults
None.
Examples
> config interface acl management noneRelated Commands
show interface
config interface address
To configure an interface's address information, use the config interface address command.
config interface address {ap-manager IP_address netmask gateway |
management IP_address netmask gateway | service-port IP_address netmask |
virtual IP_address | interface-name IP_address netmask gateway}Syntax Description
Defaults
None.
Examples
> config interface address ap-manager 172.168.2.3 255.255.0.0 172.168.2.1Related Commands
show interface
config interface ap-manager
To enable or disable access point manager features on a dynamic interface, use the config interface ap-manager command.
config interface ap-manager interface_name {enable | disable}
Syntax Description
Defaults
None.
Examples
> config interface ap-manager myinterface disableRelated Commands
show interface
config interface create
To add a new dynamic interface, use the config interface create command.
config interface create interface_name vlan-id
Syntax Description
config interface
Command action
create
Create a new dynamic interface.
interface_name
Interface's name.
vlan-id
VLAN identifier.
Defaults
None.
Examples
> config interface create lab2 6Related Commands
show interface
config interface delete
To delete a dynamic interface, use the config interface delete command.
config interface delete interface-name
Syntax Description
config interface
Command action.
delete
Delete the specified dynamic interface.
interface-name
Interface's name.
Defaults
None.
Examples
> config interface delete VLAN501Related Commands
show interface
config interface dhcp
To configure DHCP options on an interface, use the config interface dhcp command.
config interface dhcp {ap-manager server1 [server2] |
management server1 [server2] | service-port {enable | disable} |
interface-name server1 [server2]}Syntax Description
Defaults
None.
Examples
> config interface dhcp service-port DHCP02Related Commands
show interface
config interface hostname
To configure the DNS host name of the virtual gateway interface, use the config interface hostname command.
config interface hostname virtual DNS_host
Syntax Description
Defaults
None.
Examples
> config interface hostname virtual DNS_HostRelated Commands
show interface
config interface port
To assign an interface to a physical port, use the config interface port command.
config interface port {ap-manager | management | interface_name} port1 [port2]
Syntax Description
Defaults
None.
Examples
> config interface port management 3Related Commands
show interface
config interface vlan
To configure an interface's VLAN identifier, use the config interface vlan command.
config interface vlan {ap-manager | management | interface-name} vlan
Syntax Description
Defaults
None.
Examples
> config interface vlan management 01Request failed - Active WLAN using interface. Disable WLAN first.Related Commands
show interface
config known ap
To configure a known Cisco 1000 series lightweight access point, use the config known ap command.
config known ap {add | alert | delete} MAC
Syntax Description
Defaults
None.
Examples
> config known ap add ac:10:02:72:2f:bf 12Related Commands
config ap
config load-balancing
To change the state of the load-balancing feature, use the config load-balancing command.
config load-balancing {status {enable | disable} | window clients}
Syntax Description
Defaults
Enabled
Examples
> config load-balancing enableRelated Commands
show load-balancing
config location add
To create a new Cisco 1000 series lightweight access point location, use the config location add command.
config location add location [description]
Syntax Description
config
Configure parameters.
location
Cisco 1000 series lightweight access point location.
add
Add a location.
location
Location name.
[description]
(Optional) Location description.
Defaults
None.
Examples
> config location add warehouseRelated Commands
show location, config location enable, config location disable, config location delete, config location description, config interlace-mapping
config location delete
To delete an existing Cisco 1000 series lightweight access point location, use the config location delete command.
config location delete location
Syntax Description
config
Configure parameters.
location
Cisco 1000 series lightweight access point location.
delete
Delete a location.
location
Location name.
Defaults
None.
Examples
> config location delete warehouseRelated Commands
show location, config location add, config location enable, config location disable, config location description, config interlace-mapping
config location description
To specify a description of a Cisco 1000 series lightweight access point location, use the config location description command.
config location description location_name description
Syntax Description
config
Configure parameters.
location
Cisco 1000 series lightweight access point location.
description
Description of a location.
location_name
Location name.
description
Location description.
Defaults
None.
Examples
> config location description warehouse bld02Related Commands
show location, config location add, config location delete, config location enable, config location disable, config interlace-mapping
config location disable
To enable or disable Cisco 1000 series lightweight access point location-based overrides, use the config location disable command.
config location disable
Syntax Description
config
Configure parameters.
location
Cisco 1000 series lightweight access point location.
disable
Disable location-based overrides.
Defaults
None.
Examples
> config location disableRelated Commands
show location, config location add, config location delete, config location description, config interlace-mapping, config location enable
config location enable
To enable or disable Cisco 1000 series lightweight access point location-based overrides, use the config location enable command.
config location enable
Syntax Description
config
Configure parameters.
location
Cisco 1000 series lightweight access point location.
enable
Enable location-based overrides.
Defaults
None.
Examples
> config location enableRelated Commands
show location, config location add, config location delete, config location description, config interlace-mapping, config location disable
config location interface-mapping
To add or delete a new Cisco 1000 series lightweight access point location/wireless LAN/interface mapping, use the config location interface-mapping command.
config location interface-mapping {add location_name wlan_id interface_name |
delete location_name wlan_id}Syntax Description
Defaults
None.
Examples
> config location interface-mapping add warehouse 13Related Commands
show location, config location add, config location delete, config location description, config location
config loginsession close
To manage user connections to the switch, use the config loginsession close command.
config loginsession close {session_id | all}
Syntax Description
config
Configure parameters.
loginsession close
Close specified telnet sessions/
{session_id | all}
Enter the ID of the session to close.
Enter all to close all telnet sessions.
Defaults
None.
Examples
> config location interface-mapping add warehouse 13Related Commands
show location, config location add, config location delete, config location description, config location
CONFIG MACFILTER COMMANDS
Use the CONFIG MACFILTER commands to configure macfilter settings.
config macfilter add
To create a MAC filter entry on the Cisco Wireless LAN controller, use the config mac filter add command. Use this command to add a client locally to a wireless LAN on the Cisco Wireless LAN controller. This filter bypasses the RADIUS authentication process.
config macfilter add MAC wlan_id interface_name description
Syntax Description
Defaults
None.
Examples
> config macfilter add xx:xx:xx:xx:xx:xx 1 lab02 "labconnect"Related Commands
config macfilter ip-address, show macfilter
config macfilter delete
Use to remove a local client from the Cisco Wireless LAN controller, use the config macfilter delete command.
config macfilter delete MAC
Syntax Description
config
Configure parameters.
macfilter
Local MAC address filter.
delete
Delete a client.
MAC
Client MAC address.
Defaults
None.
Examples
> config macfilter delete 11:11:11:11:11:11Deleted user 111111111111Related Commands
show macfilter
config macfilter description
Use to add a description to a MAC filter, use the config macfilter description command.
config macfilter description MAC [description]
Syntax Description
Defaults
None.
Examples
> config macfilter description 11:11:11:11:11:11 "MAC Filter 01"Related Commands
show macfilter
config macfilter ip-address
To assign an IP address to an existing MAC filter entry, if one was not assigned using the config macfilter add command, use the following command:
config macfilter ip-address MAC_address IP address
Syntax Description
MAC_address
Client MAC address.
IP address
Specifies the IP address for a specific MAC address in the local MAC filter database.
Defaults
None.
Examples
> config macfilter ip-address 00:E0:77:31:A3:55 10.92.125.51Related Commands
config macfilter add, show macfilter
config macfilter interface
Use to create a MAC filter client interface, use the config macfilter interface command.
config macfilter interface MAC interface
Syntax Description
config
Configure parameters.
macfilter
Local MAC address filter.
interface
Create interface.
MAC
Client MAC address.
interface
Interface's name. A value of zero is equivalent to no name.
Defaults
None.
Examples
> config macfilter interface 11:11:11:11:11:11 Lab01Related Commands
show macfilter
config macfilter mac-delimiter
To set the MAC delimiter (colon, hyphen, none, and single-hyphen) for MAC addresses sent to RADIUS servers, use the config macfilter mac-delimiter command.
config macfilter mac-delimiter {none | colon | hyphen | single-hyphen}
Syntax Description
Defaults
None.
Examples
To have OS send MAC address to RADIUS servers in the form aa:bb:cc:dd:ee:ff:
> config macfilter mac-delimiter colonTo have OS send MAC address to RADIUS servers in the form aa-bb-cc-dd-ee-ff:
> config macfilter mac-delimiter hyphenTo have OS send MAC address to RADIUS servers in the form aabbccddeeff:
> config macfilter mac-delimiter noneRelated Commands
show macfilter
config macfilter radius-compat
Use to configure the Cisco Wireless LAN controller for compatibility with selected RADIUS servers.
config macfilter radius-compat {cisco | free | other}
Syntax Description
Defaults
Other.
Examples
> config macfilter radius-compat otherRelated Commands
show macfilter
config macfilter wlan-id
To modify a wireless LAN ID for a MAC filter, use the config macfilter wlan-id command.
config macfilter wlan-id MAC wlan_id
Syntax Description
Defaults
None.
Examples
> config macfilter wlanid 11:11:11:11:11:11 2Related Commands
show macfilter, show wlan
CONFIG MGMTUSER COMMANDS
Use the CONFIG MGMTUSER commands to configure mgmtuser settings.
config mgmtuser add
To add a local management user to the Cisco Wireless LAN controller, use the config mgmtuser add command.
config mgmtuser add username password {read-write | read-only} [description]
Syntax Description
Defaults
None.
Examples
> config mgmtuser add admin admin read-write "Main account"Related Commands
show mgmtuser
config mgmtuser delete
To delete a management user from the Cisco Wireless LAN controller, use the config mgmtuser delete command.
config mgmtuser delete username
Syntax Description
config
Configure parameters.
mgmtuser
Management user account.
delete
Delete a management user account.
username
Account username up to 24 alphanumeric characters.
Defaults
None.
Examples
> config mgmtuser delete adminDeleted user adminRelated Commands
show mgmtuser
config mgmtuser description
To add a description to an existing management user login to the Cisco Wireless LAN controller, use the config mgmtuser delete command.
config mgmtuser description username description
Syntax Description
Defaults
None.
Examples
> config mgmtuser description admin "master-user"Related Commands
show mgmtuser
config mgmtuser password
To change a management user password, use the config mgmtuser password command.
config mgmtuser password username password
Syntax Description
Defaults
None.
Examples
> config mgmtuser password admin 5rTfmRelated Commands
show mgmtuser
CONFIG MOBILITY COMMANDS
Use the CONFIG MOBILITY commands to configure mobility settings.
config mobility group anchor
To configures the mobility wireless LAN anchor list, use the config mobility group anchor command.
config mobility group anchor {add | delete} wlan_id IP_address
Syntax Description
Defaults
None.
Examples
> config mobility group anchor add 2 192.12.1.5Related Commands
show mobility, config mobility group domain, config mobility group member
config mobility group domain
To configure the mobility domain name, use the config mobility group domain command.
config mobility group domain domain_name
Syntax Description
config
Configure parameters.
mobility group
Mobility group member.
domain
Enable or disable mobility group feature.
domain_name
Domain name. Up to 31 characters; case sensitive.
Defaults
None.
Examples
> config mobility group domain lab1Related Commands
show mobility, config mobility group anchor, config mobility group member
config mobility group member
To add or delete users from the mobility group member list, use the config mobility group member command.
config mobility group member {add MAC IP_address [group_name] | delete MAC}
Syntax Description
Defaults
None.
Examples
> config mobility group member add 11:11:11:11:11:11 192.12.1.2Related Commands
show mobility, config mobility group anchor, config mobility group domain
config mobility secure-mode
To configure the secure mode for mobility messages between Cisco Wireless LAN controllers/appliances, use the config mobility secure-mode command.
config mobility secure-mode {enable | disable}
Syntax Description
config
Configure parameters.
mobility
Mobility group member.
secure-mode
Configure the secure mode for mobility messages.
{enable | disable}
Enable or disable mobility group message security.
Defaults
None.
Examples
> config mobility secure-mode enableRelated Commands
show mobility summary
config mobility statistics reset
To reset the mobility statistics, use the config mobility statistics command.
config mobility statistics reset
Syntax Description
config
Configure parameters.
mobility
Mobility group.
statistics reset
Reset mobility group statistics.
Defaults
None.
Examples
> config mobility statistics resetRelated Commands
show mobility statistics
CONFIG MSGLOG LEVEL COMMANDS
Use the CCONFIG MSGLOG commands to configure msglog level settings.
config msglog level critical
To reset the message log so that it collects and displays only critical (highest-level) messages, use the config msglog level critical command.
Note
config msglog level critical
Syntax Description
config
Configure parameters.
msglog level
Configure msglog severity levels.
critical
Collect and display critical messages.
Defaults
Config msglog level error.
Examples
> config msglog level critical> show msglogMessage Log Severity Level...................... CRITICAL(messages)Related Commands
show msglog
config msglog level error
To reset the message log so that it collects and displays both critical (highest-level) and error (second-highest) messages, use the config msglog level error command.
config msglog level error
Syntax Description
config
Configure parameters.
msglog level
Configure msglog severity levels.
error
Collect and display critical and non-critical error messages.
Defaults
Config msglog level error.
Examples
> config msglog level error> show msglogMessage Log Severity Level...................... ERROR(messages)Related Commands
show msglog
config msglog level security
To reset the message log so that it collects and displays critical (highest-level), error (second-highest), and security (third-highest) messages, use the config msglog level security command.
config msglog level security
Syntax Description
config
Configure parameters.
msglog level
Configure msglog severity levels.
security
Collect and display critical, non-critical, and authentication- or security-related errors.
Defaults
Config msglog level error.
Examples
> config msglog level security> show msglogMessage Log Severity Level...................... SECURITY(messages)Related Commands
show msglog
config msglog level verbose
To reset the message log so that it collects and displays all messages, use the config msglog level verbose command.
config msglog level verbose
Syntax Description
config
Configure parameters.
msglog level
Configure msglog severity levels.
verbose
Collect and display all messages.
Defaults
Config msglog level error.
Examples
> config msglog level verbose> show msglogMessage Log Severity Level...................... VERBOSE(messages)Related Commands
show msglog
config msglog level warning
To reset the message log so that it collects and displays critical (highest-level), error (second-highest), security (third-highest), and warning (fourth-highest) messages, use the config msglog level warning command.
config msglog level warning
Syntax Description
Defaults
Config msglog level error.
Examples
> config msglog level warning> show msglogMessage Log Severity Level...................... WARNING(messages)Related Commands
show msglog
config nac acl
To configure the NAC ACL name for a Cisco Wireless LAN controller, use the config nac acl command.
config nac acl {none | acl-name}
Note
Syntax Description
config
Configure.
nac acl
Network Access Control acl.
{none | acl-name}
•
•
Defaults
None.
Examples
> config nac acl noneRelated Commands
show nac, config nac add, config nac delete, config nac disable, config nac enable, show nac summary, show nac statistics
config nac add
To add a NAC server index for a Cisco Wireless LAN controller, use the config nac add command.
config nac add index IP_address port secret
Syntax Description
config
Configure.
nac
Network Access Control.
add
Command action.
index
NAC server index number.
IP_address
NAC server IP address.
port
NAC server UDP port number.
secret
NAC server secret.
Defaults
None.
Examples
> config nac add noneRelated Commands
show nac, config nac acl, config nac delete, config nac disable, config nac enable, show nac summary, show nac statistics
config nac delete
To delete a NAC server for a Cisco Wireless LAN controller, use the config nac delete command.
show nac delete index
Syntax Description
Defaults
None.
Examples
> config nac delete 23Related Commands
show nac, config nac acl, config nac add, config nac disable, config nac enable, show nac summary, show nac statistics
config nac disable
To disable a NAC server for a Cisco Wireless LAN controller, use the config nac disable command.
show nac disable index
Syntax Description
config
Configure.
nac
Network Access Control.
disable
Disable a NAC server.
index
Index number for NAC server.
Defaults
None.
Examples
> config nac disable 1Related Commands
show nac, config nac acl, config nac add, config nac delete, show nac summary, show nac statistics, config nac enable
config nac enable
To enable a NAC server for a Cisco Wireless LAN controller, use the config nac disable command.
show nac enable index
Syntax Description
config
Configure.
nac
Network Access Control.
enable
Enable a NAC server.
index
Index number for NAC server.
Defaults
None.
Examples
> config nac disable 1Related Commands
show nac, config nac acl, config nac add, config nac delete, show nac summary, show nac statistics, config nac disable
CONFIG NETUSER COMMANDS
Use the CONFIG NETUSER commands to configure netuser settings.
config netuser add
To add a user to the local network, use the config netuser add command.
config netuser add username password wlan_id [description]
Syntax Description
Defaults
None.
Examples
> config netuser add able1 able1 1Related Commands
show netuser
config netuser delete
To delete an existing user from the local network, use the config netuser delete command.
config netuser delete username
Syntax Description
config
Configure parameters.
netuser
Local network user.
delete
Delete a user.
username
Network username. Up to 24 alphanumeric characters.
Defaults
None.
Examples
> config netuser delete able1Deleted user able1Related Commands
show netuser
config netuser description
To add a description to an existing net user, use the config netuser description command.
config netuser description username description
Syntax Description
Defaults
None.
Examples
> config netuser description able1 "HQ1 Contact"Related Commands
show netuser
config netuser maxUserLogin
To configure the maximum number of login sessions allowed for a network user, use the config netuser maxUserLogin command.
config netuser maxUserLogin count
Syntax Description
Defaults
0 (unlimited).
Examples
> config netuser maxUserLogin 8Related Commands
show netuser
config netuser password
To change a local network user password, use the config netuser password command.
config netuser password username password
Syntax Description
Defaults
None.
Examples
> config netuser password aire1 aire2Related Commands
show netuser
config netuser wlan-id
To configure a wireless LAN ID for a network user, use the config netuser wlan-id command.
config netuser wlan-id username wlan_id
Syntax Description
Defaults
None.
Examples
> config netuser wlan-id aire1 2Related Commands
show netuser, show wlan summary
CONFIG NETWORK COMMANDS
Use the CONFIG NETWORK commands to configure network settings.
config network allow-old-bridge-aps
To configure an old bridge access point's ability to associate with a switch, use the config network allow-old-bridge-aps command.
config network allow-old-bridge-aps {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
> config network allow-old-bridge-aps enableRelated Commands
show network
config network ap-fallback
To configure Cisco 1000 Series lightweight access point fallback, use the config network ap-fallback command.
config network ap-fallback {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
> config network ap-fallback enableRelated Commands
show network
config network apple-talk
To configure AppleTalk bridging, use the config network apple-talk command.
config network apple-talk {enable | disable}
Syntax Description
config
Configure parameters.
network
Cisco Wireless LAN controller network parameter.
apple-talk
Configure AppleTalk bridging.
{enable | disable}
Enable or disable AppleTalk bridging.
Defaults
None.
Examples
> config network apple-talk enableRelated Commands
show network
config network arptimeout
To set the ARP entry timeout value, use the config network arptimeout command.
config network arptimeout seconds
Syntax Description
Defaults
300
Examples
> config network arptimeout 240Related Commands
show network
config network arpunicast
To set the ARP proxy ARP mode, use the config network arpunicast command.
config network arpunicast {enable | disable}
Syntax Description
Defaults
None.
Examples
> config network arpunicast enableRelated Commands
show network
config network bridging-shared-secret
To configure the bridging shared secret, use the config network bridging-shared-secret command. This command creates a secret that encrypts backhaul user data for the mesh access points that connect to the switch.
Note
config network bridging-shared-secret shared_secret
Syntax Description
Defaults
Enabled.
Examples
> config network bridging-shared-secret shhh2Related Commands
show network
config network fast-ssid-change
To enable or disable fast SSID (Service Set Identifier) changing for mobile stations, use the config network fast-ssid-change command.
SSID is a code attached to all packets on a wireless network to identify each packet as part of that network.
Each client is connected to a particular wireless LAN (through a Cisco 1000 series lightweight access point) identified by the SSID. If the client moves out of reach of the connected Cisco 1000 series lightweight access point, the client has to reconnect to the Cisco Wireless LAN controller using a different Cisco 1000 series lightweight access point. This procedure consumes some time as the Dynamic Host Configuration Protocol (DHCP) Server has to assign an IP Address to the client.
When the Fast SSID option is enabled, the Cisco Wireless LAN controller uses the existing IP Address of the client even if the client is on a different wireless LAN.
config network fast-ssid-change {enable | disable}
Syntax Description
Defaults
None.
Examples
> config network fast-ssid-change enableRelated Commands
show network
config network master-base
To enable or disable the Cisco Wireless LAN controller as an access point default master, use the config network master-base command. This setting is only used upon network installation and should be disabled after the initial network configuration.
Note
config network master-base {enable | disable}
Syntax Description
Defaults
None.
Examples
> config network master-base enableRelated Commands
None
config network mgmt-via-wireless
To enable Cisco Wireless LAN controller management from an associated wireless client, use the config network mgmt-via-wireless command.
Note
config network mgmt-via-wireless {enable | disable}
Syntax Description
Defaults
Disabled.
Examples
> config network mgmt-via-wireless enableRelated Commands
show network
config network multicast
To enable or disable the Cisco Wireless LAN controller multicast support, use the config network multicast command.
config network multicast {enable | disable}
Syntax Description
config
Configure parameters.
network
Network parameters.
multicast
Configure multicast support.
{enable | disable}
Enable or disable the Cisco Wireless LAN controller multicast support.
Defaults
Disabled.
Examples
> config network multicast enableRelated Commands
show network
config network otap-mode
To enable or disable over-the-air provisioning (OTAP) of Cisco 1000 series lightweight access points, use the config network otap-mode command.
config network otap-mode {enable | disable}
Syntax Description
config
Configure parameters.
network
Network parameters.
otap-mode
Configure OTAP provisioning.
{enable | disable}
Enable or disable OTAP provisioning.
Defaults
Enabled.
Examples
> config network otap-mode disableRelated Commands
show network
config network peer-blocking
To configure the peer-to-peer blocking feature, use the config network peer-blocking command.
config network peer-blocking {enable | disable}
Syntax Description
Defaults
Disabled.
Examples
> config network peer-blocking enableRelated Commands
show network
config network rf-network-name
To set the RF-Network name, use the config network rf-network-name command.
config network rf-network-name name
Syntax Description
config
Configure parameters.
network
Cisco Wireless LAN controller network parameter.
rf-network-name
Set the RF-network name.
name
RF-Network name. Up to 19 characters.
Defaults
None.
Examples
> config network rf-network-name travelersRelated Commands
show network
config network secureweb
To change the state of the secure web (https = http + SSL) interface, use the config network secureweb command.
config network secureweb {enable | disable}
Syntax Description
config
Configure parameters.
network
Network parameters.
secureweb
Configure the secure web interface.
{enable | disable}
Enable or disable the secure web interface.
Defaults
Enabled.
Examples
> config network secureweb enableYou must reboot for the change to take effect.Related Commands
show network
config network ssh
To allow or disallow new ssh sessions, use the config network ssh command.
config network ssh {enable | disable}
Syntax Description
config
Configure parameters.
network
Network parameters.
ssh
Secure Shell sessions
{enable | disable}
Allow or disallow new ssh sessions.
Defaults
Enabled.
Examples
> config network ssh enableRelated Commands
show network
config network telnet
To allow or disallow new telnet sessions, use the config network telnet command.
config network telnet {enable | disable}
Syntax Description
config
Configure parameters.
network
Network parameters.
telnet
Configure new telnet sessions.
{enable | disable}
Allow or disallow new telnet sessions.
Defaults
Disabled.
Examples
> config network telnet enableRelated Commands
show network
config network usertimeout
To change the timeout for idle client sessions, use the config network usertimeout command. Use this command to set the idle client session duration on the Cisco Wireless LAN controller. The minimum duration is 10 seconds.
config network usertimeout seconds
Syntax Description
config
Configure parameters.
network
Network parameters.
usertimeout
Configure idle session timeout.
seconds
Timeout duration in seconds. Minimum value is 10. Default value is 300.
Defaults
300
Examples
> config network usertimeout 1200Related Commands
show network
config network web-auth-port
To configure an additional port to be redirected for web authentication, use the config network web-auth-port command.
config network web-auth-port port
Syntax Description
config
Configure parameters.
network
Network parameters.
web-auth-port
Configure an additional port to be redirected for web authentication.
port
Port number.
Defaults
None.
Examples
> config network web-auth-port 1200Related Commands
show network
config network webmode
To enable or disable the web interface, use the config network webmode command.
config network webmode {enable | disable}
Syntax Description
config
Configure parameters.
network
Network parameters.
webmode
Configure web user interface access.
{enable | disable}
Enable or disable the web interface.
Defaults
Enabled.
Examples
> config network webmode disableRelated Commands
show network
config network zero-config
To configure bridge access point ZeroConfig support, use the config network zero-config command.
config network zero-config {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
> config network zero-config enableRelated Commands
show network
config pmk-cache delete
To delete an entry in the PMK cache from all Cisco Wireless LAN controllers in the mobility group, use the config pmk-cache delete command.
config pmk-cache delete {all | MAC}
Syntax Description
Defaults
None.
Examples
> config pmk-cache delete allRelated Commands
show pmk-cache
CONFIG PORT COMMANDS
Use the CONFIG PORT commands to configure port settings.
config port adminmode
To configure the administration mode of a single port or all Cisco Wireless LAN controller ports, use the config port adminmode command.
config port adminmode {all | port} {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
To disable port 8:
> config port adminmode 8 disableTo enable all ports:
> config port adminmode all enableRelated Commands
show port
config port autoneg
To configure 10/100BASE-T Ethernet ports for physical port autonegotiation, use the config port autoneg command.
Note
config port autoneg {all | port} {enable | disable}
Syntax Description
Defaults
All Ports = autonegotiation enabled.
Examples
To turn on physical port autonegotiation for all front-panel Ethernet ports:
> config port autoneg all enableTo disable physical port autonegotiation for front-panel Ethernet port 19:
> config port autoneg 19 disableRelated Commands
show port, config port physicalmode
config port linktrap
To change up/down trap settings for link status alert for a single port or all Cisco Wireless LAN controller ports, use the config port linktrap command.
config port linktrap {all | port} {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
To disable port 8 traps:
> config port linktrap 8 disableTo enable all port traps:
> config port linktrap all enableRelated Commands
show port
config port multicast appliance
To change the multicast appliance service for a single port or all Cisco Wireless LAN controller ports, use the config port multicast appliance command.
config port multicast appliance port {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
To enable appliance service for port 3:
> config port multicast appliance 3 enableRelated Commands
show port
config port physicalmode
To set any or all front-panel 10/100BASE-T Ethernet ports for dedicated 10 Mbps or 100 Mbps, Half or Full Duplex operation, use the config port physicalmode command.
Note that you must disable autonegotiation using the config port autoneg command before manually configuring any port's physical mode. Also note that the config port autoneg command overrides settings made using the config port physicalmode command.
config port physicalmode {all | port} {100h | 100f | 10h | 10f}
Syntax Description
Defaults
All Ports are set to auto negotiate.
Examples
To set all ports to 100 Mbps/Full Duplex operation:
> config port physicalmode all 100fTo set port 20 to 100 Mbps/Half Duplex operation:
> config port physicalmode 20 100hTo set port 21 to 10 Mbps/Full Duplex operation:
> config port physicalmode 21 10fTo set port 22 to 10 Mbps/Half Duplex operation:
> config port physicalmode 22 10hRelated Commands
config port autoneg, show port
config port power
To configure a Cisco Wireless LAN controller's port's power over ethernet, use the config port power command.
config port power {all | port} {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
To enable all ports' power:
> config port power all enableRelated Commands
show port
config prompt
To change the CLI system prompt, use the config prompt command.
config prompt prompt
Because the system prompt is a user-defined variable, it is omitted from the rest of this documentation.
Syntax Description
config
Configure parameters.
prompt
Change the CLI system prompt.
prompt
New CLI system prompt enclosed in double quotes. Up to 31 alphanumeric characters; case sensitive.
Defaults
The system prompt is configured using the startup wizard.
Examples
> config prompt "Cisco 4400"(Cisco 4400)>Related Commands
None.
config qos queue_length
To configure the Quality of Service parameter, use the config qos command.
config qos queue_length {bronze | silver | gold | platinum} length
Syntax Description
config qos
Command action.
queue_length
Configure QoS queue length.
{bronze | silver | gold | platinum}
Enter one of the four supported queue names.
length
Queue length (10 to 255).
Defaults
None.
Examples
> config qos queue_length gold 12Related Commands
show qos queue_length all
CONFIG RADIUS ACCT COMMANDS
Use the CONFIG RADIUS ACCT commands to configure RADIUS account server settings.
config radius acct add
To configure a RADIUS accounting server for the Cisco Wireless LAN controller, use the config radius acct add command.
config radius acct add index ip_address port {ascii | hex} secret
Syntax Description
Defaults
When added the port number defaults to 1813 and state is enabled.
Examples
To configure a priority 1 RADIUS server at 10.10.10.10 using port 1813 with a login password of admin:
> config radius acct add 1 10.10.10.10 1813 ascii adminRelated Commands
show radius acct statistics
config radius acct delete
To delete a RADIUS accounting server for the Cisco Wireless LAN controller, use the config radius acct delete command.
config radius acct delete index
Syntax Description
config
Configure parameters.
radius acct
RADIUS accounting server.
delete
Delete a RADIUS server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius acct delete 1Related Commands
show radius acct statistics
config radius acct disable
To disable a RADIUS accounting server for the Cisco Wireless LAN controller, use the config radius acct disable command.
config radius acct disable index
Syntax Description
config
Configure parameters.
radius acct
RADIUS accounting server.
disable
Disable a RADIUS server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius acct disable 1Related Commands
show radius acct statistics
config radius acct enable
To enable a RADIUS accounting server for the Cisco Wireless LAN controller, use the config radius acct enable command.
config radius acct enable index
Syntax Description
config
Configure parameters.
radius acct
RADIUS accounting server.
enable
Enable a RADIUS server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius acct enable 1Related Commands
show radius acct statistics
config radius acct network
To configure a default RADIUS server for network users, use the config radius acct network command.
config radius acct network index {enable | disable}
Syntax Description
Defaults
None.
Examples
> config radius acct network 1 enableRelated Commands
show radius acct statistics
config radius acct ipsec authentication
To configure IPSec authentication for the Cisco Wireless LAN controller, use the config radius acct ipsec authentication command.
config radius acct ipsec authentication {hmac-md5 | hmac-sha1} index
Syntax Description
Defaults
None.
Examples
> config radius acct ipsec authentication hmac-md5 1Related Commands
show radius acct statistics
config radius acct ipsec disable
To disable IPSec support for an accounting server for the Cisco Wireless LAN controller, use the config radius acct ipsec disable command.
config radius acct ipsec disable index
Syntax Description
config
Configure parameters.
radius acct
RADIUS accounting server.
ipsec disable
Disable IPSec support for an accounting server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius acct ipsec disable 1Related Commands
show radius acct statistics
config radius acct ipsec enable
To enable IPSec support for an accounting server for the Cisco Wireless LAN controller, use the config radius acct ipsec enable command.
config radius acct ipsec enable index
Syntax Description
config
Configure parameters.
radius acct
RADIUS accounting server.
ipsec enable
Enable IPSec support for an accounting server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius acct ipsec enable 1Related Commands
show radius acct statistics
config radius acct ipsec encryption
To configure IPSec encryption for an accounting server for the Cisco Wireless LAN controller, use the config radius acct ipsec encryption command.
config radius acct ipsec encryption {3des | aes | des}
Syntax Description
Defaults
None.
Examples
> config radius acct ipsec encryption 3des 3Related Commands
show radius acct statistics
config radius acct ipsec ike
To configure Internet Key Exchange (IKE) for the Cisco Wireless LAN controller, use the config radius acct ipsec command.
config radius acct ipsec ike {dh-group {group-1 | group-2 | group-5} |
lifetime seconds | phase1 {aggressive | main}} indexSyntax Description
Defaults
None.
Examples
> config radius acct ipsec ike lifetime 23 1Related Commands
show radius acct statistics
config radius acct retransmit-timeout
To change the default transmission timeout for a RADIUS accounting server for the Cisco Wireless LAN controller, use the config radius acct retransmit-timeout command.
config radius acct retransmit-timeout index timeout
Syntax Description
Defaults
None.
Examples
> config radius acct retransmit-timeout 5Related Commands
show radius acct statistics
CONFIG RADIUS AUTH COMMANDS
Use the CONFIG RADIUS AUTH commands to configure RADIUS authentication server settings.
config radius auth add
To configure a RADIUS authentication server for the Cisco Wireless LAN controller, use the config radius auth add command.
config radius auth add index ip_address port {ascii | hex} secret
Syntax Description
Defaults
When added the port number defaults to 1812 and state is enabled.
Examples
To configure a priority 1 RADIUS server at 10.10.10.10 using port 1812 with a login password of admin:
> config radius auth add 1 10.10.10.10 1812 ascii adminRelated Commands
show radius auth statistics
config radius auth delete
To delete a RADIUS authentication server for the Cisco Wireless LAN controller, use the config radius auth delete command.
config radius auth delete index
Syntax Description
config
Configure parameters.
radius auth
RADIUS authentication server.
delete
Delete a RADIUS server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius auth delete 1Related Commands
show radius auth statistics
config radius auth disable
To disable a RADIUS authentication server for the Cisco Wireless LAN controller, use the config radius auth disable command.
config radius auth disable index
Syntax Description
config
Configure parameters.
radius auth
RADIUS authentication server.
disable
Disable a RADIUS server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius auth disable 1Related Commands
show radius auth statistics
config radius auth enable
To enable a RADIUS authentication server for the Cisco Wireless LAN controller, use the config radius auth enable command.
config radius auth enable index
Syntax Description
config
Configure parameters.
radius auth
RADIUS authentication server.
enable
Enable a RADIUS server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius auth enable 1Related Commands
show radius auth statistics
config radius auth ipsec authentication
To configure IPSec support for an authentication server for the Cisco Wireless LAN controller, use the config radius auth ipsec authentication command.
config radius auth ipsec authentication {hmac-md5 | hmac-sha1} index
Syntax Description
Defaults
None.
Examples
> config radius auth ipsec authentication hmac-md5 1Related Commands
show radius acct statistics
config radius auth ipsec disable
To disable IPSec support for an authentication server for the Cisco Wireless LAN controller, use the config radius auth ipsec disable command.
config radius auth ipsec disable index
Syntax Description
config
Configure parameters.
radius auth
RADIUS authentication server.
ipsec disable
Disable IPSec support for an authentication server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius auth ipsec disable 1Related Commands
show radius acct statistics
config radius auth ipsec enable
To configure IPSec support for an authentication server for the Cisco Wireless LAN controller, use the config radius auth ipsec enable command.
config radius auth ipsec enable index
Syntax Description
config
Configure parameters.
radius auth
RADIUS authentication server.
ipsec enable
Enable IPSec support for an authentication server.
index
RADIUS server index.
Defaults
None.
Examples
> config radius auth ipsec enable 1Related Commands
show radius acct statistics
config radius auth ipsec encryption
To configure IPSec support for an authentication server for the Cisco Wireless LAN controller, use the config radius auth ipsec command.
config radius auth ipsec encryption {3des | aes | des} index
Syntax Description
Defaults
None.
Examples
> config radius acct ipsec encryption 3des 3Related Commands
show radius acct statistics
config radius auth ipsec ike
To configure IKE for the Cisco Wireless LAN controller, use the config radius auth ipsec ike command.
config radius auth ipsec ike {dh-group {group-1 | group-2 | group-5} |
lifetime seconds | phase1 {aggressive | main}} indexSyntax Description
Defaults
None.
Examples
> config radius auth ipsec ike lifetime 23 1Related Commands
show radius acct statistics
config radius auth management
To configure a default RADIUS server for management users, use the config radius auth management command.
config radius auth management index {enable | disable}
Syntax Description
Defaults
None.
Examples
> config radius auth management 1 enableRelated Commands
show radius acct statistics, config radius acct network
config radius auth network
To configure a default RADIUS server for network users, use the config radius auth network command.
config radius auth network index {enable | disable}
Syntax Description
Defaults
None.
Examples
> config radius auth network 1 enableRelated Commands
show radius acct statistics, config radius acct network
config radius auth retransmit-timeout
To change the default transmission timeout for a RADIUS authentication server for the Cisco Wireless LAN controller, use the config radius auth retransmit-timeout command.
config radius auth retransmit-timeout index timeout
Syntax Description
Defaults
None.
Examples
> config radius auth retransmit-timeout 5Related Commands
show radius auth statistics
config radius auth rfc3576
To configure RADIUS rfc3576 support for the authentication server for the Cisco Wireless LAN controller, use the config radius auth rfc3576 command.
RFC 3576, an extension to the RADIUS protocol, allows dynamic changes to a user session. This includes support for disconnecting users and changing authorizations applicable to a user session, that is, provide support for disconnect and CoA messages. Disconnect messages cause a user session to be terminated immediately, whereas CoA messages modify session authorization attributes such as data filters.
config radius auth rfc3576 {enable | disable} index
Syntax Description
Defaults
None.
Examples
> config radius auth rfc3576 enable 2Related Commands
show radius auth statistics, show radius summary, show radius rfc3576
config radius backward compatibility
To configure RADIUS backward compatibility for the Cisco Wireless LAN controller, use the config radius backward command.
config radius backward compatibility {enable | disable}
Syntax Description
Defaults
Enabled.
Examples
> config radius backward compatibility disableRelated Commands
show radius summary
config radius callStationIdType
To configure callStationIdType information sent in radius messages for the Cisco Wireless LAN controller, use the config radius callStationIdType command. This command uses the selected calling station ID for communications with RADIUS servers and other applications.
config radius callStationIdType {ipAddr | macAddr | ap-macAddr}
Syntax Description
Defaults
Enabled.
Examples
> config radius callStationIdType ipAddr> config radius callStationIdType macAddr> config radius callStationIdType ap-macAddrRelated Commands
show radius summary
config rfid auto-timeout
To configure the automatic timeout of RFID tags, use the config rfid auto-timeout command.
config rfid auto-timeout {enable | disable}
Syntax Description
config
Configure parameters.
rfid auto-timeout
Configure automatic timeout of RFID tags.
{enable | disable}
Enable or disable automatic timeout.
Defaults
None.
Examples
> config rfid auto-timeout enableRelated Commands
show rfid summary, config rfid status, config rfid timeout.
config rfid status
To configure RFID tag data collection, use the config rfid status command.
config rfid status {enable | disable}
Syntax Description
config
Configure parameters.
rfid status
Configure RFID tag data collection.
{enable | disable}
Enable or disable RFID tag tracking.
Defaults
None.
Examples
> config rfid status enableRelated Commands
show rfid summary, config rfid auto-timeout, config rfid timeout.
config rfid timeout
To configure the static RFID tag data timeout, use the config rfid timeout command.
config rfid timeout seconds
Syntax Description
show
Display configurations.
rfid timeout
Configure the static RFID tag data timeout.
seconds
Timeout in seconds (from 60 to 7200).
Defaults
None.
Examples
> config rfid timeout 60Related Commands
show rfid summary, config rfid statistics
config rogue adhoc
To configure the status of an ad-hoc rogue access point (IBSS), use the config rogue adhoc command.
config rogue adhoc {acknowledged MAC | alert MAC | contain MAC num_of_APs}
Syntax Description
Defaults
None.
Examples
> config rogue adhoc acknowledge 11:11:11:11:11:11Related Commands
show rogue adhoc summary, show rogue adhoc detailed, config adhoc rogue
config rogue ap
To configure the status of a rogue access point, use the config rogue ap command.
config rogue ap {acknowledged MAC | alert MAC | known MAC | contain MAC num_of_APs}
Syntax Description
Defaults
None.
Examples
> config rogue ap acknowledge 11:11:11:11:11:11Related Commands
show rogue ap summary, show rogue ap detailed
config rogue client
To configure rogue clients, use the config rogue client command.
config rogue client {alert MAC | contain MAC num_of_APs}
Syntax Description
Defaults
None.
Examples
> config rogue client acknowledge 11:11:11:11:11:11 5Related Commands
show rogue client summary, show rogue client detailed, config rogue client
config route add
To configure a network route from the Service Port to a dedicated workstation IP address range, use the config route add command.
config route add ip_address netmask gateway
Syntax Description
config
Configure parameters.
route
Network route.
add
Add a route.
ip_address
Network IP Address.
netmask
The subnet mask for the network.
gateway
IP Address of the gateway for the route network.
Defaults
None.
Examples
> config route add 10.1.1.0 255.255.255.0 10.1.1.1Related Commands
show route summary, config route delete
config route delete
To remove a network route from the Service Port, use the config route delete command.
config route delete ip_address
Syntax Description
config
Configure parameters.
route
Network route.
delete
Delete a route.
ip_address
Network IP Address.
Defaults
None.
Examples
> config route delete 10.1.1.0Related Commands
show route all, config route add
CONFIG SERIAL COMMANDS
Use the CONFIG SERIAL commands to configure serial port settings.
config serial baudrate
To set the serial port baud rate, use the config serial baudrate command.
config serial baudrate {1200 | 2400 | 4800 | 9600 | 19200 | 38400 | 57600}
Syntax Description
config
Configure parameters.
serial baudrate
Configure serial port baud rate.
{1200 | 2400 | 4800 | 9600 | 19200 | 38400 | 57600}
Enter one of the supported connection speeds.
Defaults
9600.
Examples
> config serial baudrate 9600Related Commands
config serial timeout
config serial timeout
To set the timeout of a serial port session, use the config serial timeout command.
Use this command to set the timeout for a serial connection to the front of the Cisco Wireless LAN controller from 0 to 160 minutes where 0 is no timeout.
config serial timeout minutes
Syntax Description
config
Configure parameters.
serial
Serial connection settings.
timeout
Configure timeout of a serial port session.
minutes
Timeout in minutes from 0 to 160. A value of 0 indicates no timeout.
Defaults
0 (no timeout).
Examples
> config serial timeout 10Related Commands
config serial timeout
CONFIG SESSIONS COMMANDS
Use the CONFIG SESSIONS commands to configure CLI session settings.
config sessions maxsessions
To configure the number of telnet CLI sessions allowed by the Cisco Wireless LAN controller, use the config sessions maxsessions command. Up to five sessions are possible while a setting of zero prohibits any telnet CLI sessions.
config sessions maxsessions session_num
Syntax Description
config
Configure parameters.
sessions
Telnet CLI session parameters.
maxsessions
Configure the number of allowed CLI sessions.
session_num
Number of sessions from 0 to 5.
Defaults
5.
Examples
> config sessions maxsessions 2Related Commands
show sessions
config sessions timeout
To configure the inactivity timeout for telnet CLI sessions, use the config sessions timeout command.
config sessions timeout timeout
Syntax Description
Defaults
5.
Examples
> config sessions timeout 20Related Commands
show sessions
CONFIG SNMP COMMUNITY COMMANDS
Use the CONFIG SNMP COMMUNITY commands to configure SNMP community settings.
config snmp community accessmode
To modify the access mode (Read only or Read/Write) of an SNMP community, use the config snmp community accessmode command.
config snmp community accessmode {ro | rw} name
Syntax Description
Defaults
Two communities are provided by default with the following parameters:
SNMP Community Name Client IP Address Client IP Mask Access Mode Status------------------- ----------------- ---------------- ----------- ------public 0.0.0.0 0.0.0.0 Read Only Enableprivate 0.0.0.0 0.0.0.0 Read/Write EnableExamples
> config snmp community accessmode rw privateRelated Commands
show snmp community, config snmp community mode, config snmp community create, config snmp community delete, config snmp community ipaddr
config snmp community create
To create a new SNMP community, use the config snmp community create command. Use this command to create a new community with the following default configuration:
config snmp community create name
Syntax Description
config
Configure parameters.
snmp
SNMP parameters.
community
SNMP community parameters.
create
Create a new community.
name
SNMP community name. Up to 16 characters.
Defaults
None.
Examples
> config snmp community create test> show snmpcommunitySNMP Community Name Client IP Address Client IP Mask Access Mode Status------------------- ----------------- ----------------- ----------- --------public 0.0.0.0 0.0.0.0 Read Only Enable********** 0.0.0.0 0.0.0.0 Read/Write Enabletest 0.0.0.0 0.0.0.0 Read Only DisableRelated Commands
show snmp community, config snmp community mode, config snmp community accessmode, config snmp community delete, config snmp community ipaddr
config snmp community delete
To delete an SNMP community, use the config snmp community delete command.
config snmp community delete name
Syntax Description
config
Configure parameters.
snmp
SNMP parameters.
community
SNMP community parameters.
delete
Delete an SNMP community.
name
SNMP community name.
Defaults
None.
Examples
> config snmp community delete testRelated Commands
show snmp community, config snmp community mode, config snmp community accessmode, config snmp community create, config snmp community ipaddr
config snmp community ipaddr
To configure the IP Address of an SNMP community, use the config snmp community ipaddr command.
config snmp community ipaddr ip_address ip_mask name
Syntax Description
Defaults
None.
Examples
> config snmp community ipaddr 10.10.10.10.2 255.255.255.0 publicRelated Commands
show snmp community, config snmp community mode, config snmp community accessmode, config snmp community create, config snmp community delete, config snmp community ipaddr
config snmp community mode
To enable or disable an SNMP community, use the config snmp community mode command.
config snmp community mode {enable | disable} name
Syntax Description
config snmp community
Configure SNMP community parameters.
mode
Configure an SNMP community
{enable | disable}
Enable or disable the community.
name
SNMP community name.
Defaults
None.
Examples
> config snmp community mode disable publicRelated Commands
show snmp community, config snmp community accessmode, config snmp community create, config snmp community delete, config snmp community ipaddr
config snmp syscontact
To set the SNMP system contact name, use the config snmp syscontact command.
config snmp syscontact contact
Syntax Description
config
Configure parameters.
snmp
SNMP parameters.
syscontact
Set the SNMP system contact name.
contact
SNMP system contact name. Up to 31 alphanumeric characters.
Defaults
None.
Examples
> config snmp syscontact Cisco WLAN Solution_administratorRelated Commands
show snmpcommunity
config snmp syslocation
To configure the SNMP system location name, use the config snmp syslocation command.
config snmp syslocation location
Syntax Description
config
Configure parameters.
snmp
SNMP parameters.
syslocation
configure the SNMP system location name.
location
SNMP system location name. Up to 31 alphanumeric characters.
Defaults
None.
Examples
> config snmp syslocation Building_2aRelated Commands
show snmpcommunity
CONFIG SNMP TRAPRECEIVER COMMANDS
Use the CONFIG SMP TRAPRECEIVER commands to configure SNMP trapreceiver settings.
config snmp trapreceiver create
To add server to receive a SNMP traps, use the config snmp trapreceiver create command. The IP Address must be valid for the command to add the new server.
config snmp trapreceiver create name ip_address
Syntax Description
Defaults
None.
Examples
> config snmp trapreceiver create test 10.1.1.1Related Commands
show snmp trap
config snmp trapreceiver delete
To delete a server from the trap receiver list, use the config snmp trapreceiver delete command.
config snmp trapreceiver delete name
Syntax Description
config
Configure parameters.
snmp
SNMP parameters.
trapreceiver
Server to receive traps.
delete
Delete an SNMP trap receiver.
name
SNMP community name. Up to 16 characters.
Defaults
None.
Examples
> config snmp trapreceiver delete testRelated Commands
show snmp trap
config snmp trapreceiver mode
To send or disable sending traps to a selected server, use the config snmp trapreceiver mode command. This enables or disables the Cisco Wireless LAN controller from sending the traps to the selected server.
config snmp trapreceiver mode {enable | disable} name
Syntax Description
Defaults
None.
Examples
> config snmp trapreceiver mode disable server1Related Commands
show snmp trap
CONFIG SNMP V3USER COMMANDS
Use the CONFIG SNMP V3USER commands to configure SNMP version 3 settings.
config snmp v3user create
To create a version 3 SNMP user, use the config snmp v3user create command.
config snmp v3user create username {ro | rw} {none | hmacmd5 | hmacsha} {none | des} [auth_key] [encrypt_key]
Syntax Description
Defaults
SNMP v3 User Name AccessMode Authentication Encryption
-------------------- ----------- -------------- ----------default Read/Write HMAC-MD5 CBC-DESExamples
To add an SNMP username test with read-only privileges and no encryption or authentication:
> config snmp v3user create test ro none noneRelated Commands
show snmp v3user
config snmp v3user delete
To delete a version 3 SNMP user, use the config snmp v3user delete command.
config snmp v3user delete username
Syntax Description
config
Configure parameters.
snmp
SNMP parameters.
v3user
Version 3 SNMP.
delete
Delete a v3 user.
username
Username to delete.
Defaults
SNMP v3 User Name AccessMode Authentication Encryption
-------------------- ----------- -------------- ----------default Read/Write HMAC-MD5 CBC-DESExamples
This will remove an SNMP user named test.
> config snmp v3user delete testRelated Commands
show snmp v3user
config snmp version
To enable or disable selected SNMP versions, use the config snmp version command.
config snmp version {v1 | v2 | v3} {enable | disable}
Syntax Description
config
Configure parameters.
snmp
SNMP parameters.
version
Configure SNMP version.
{v1 | v2 | v3}
Enter an SNMP version to enable or disable.
{enable | disable}
Enable or disable specified version
Defaults
All versions enabled
Examples
> config sessions timeout 20Related Commands
show snmpversion
CONFIG SPANNINGTREE PORT COMMANDS
Use the CONFIG SPANNINGTREE PORT commands to configure spanningtree port settings.
config spanningtree port mode
To turn fast or 802.1D Spanning Tree Protocol on or off for one or all Cisco Wireless LAN controller ports, use the config spanningtree port mode command.
Note
Note that you must disable Cisco Wireless LAN controller STP using the config spanningtree switch mode command, select STP mode for all Ethernet ports using this command, and then enable Cisco Wireless LAN controller STP using the config spanningtree switch mode command. This procedure allows the Cisco Wireless LAN controller to most efficiently set up STP, detect logical network loops, place redundant ports on standby, and build a network with the most efficient pathways.
config spanningtree port mode {off | 802.1d | fast} {port | all}
Syntax Description
Defaults
Port STP = off.
Examples
To disable STP for all Ethernet ports:
> config spanningtree port mode off allTo turn on STP 802.1D mode for Ethernet port 24:
> config spanningtree port mode 802.1d 24To turn on fast STP mode for Ethernet port 2:
> config spanningtree port mode fast 2Related Commands
show spanningtree port, config spanningtree switch mode, config spanningtree port pathcost, config spanningtree port priority
config spanningtree port pathcost
To set the STP path cost for an Ethernet port, use the config spanningtree port pathcost command.
Note
config spanningtree port pathcost {cost | auto} {port | all}
Syntax Description
Defaults
auto.
Examples
To have the STP algorithm automatically assign a path cost for all ports:
> config spanningtree port pathcost auto allTo have the STP algorithm use a port cost of 200 for port 22:
> config spanningtree port pathcost 200 22Related Commands
show spanningtree port, config spanningtree port mode, config spanningtree port priority
config spanningtree port priority
To configure the STP port priority, use the config spanningtree port priority command.
Note
config spanningtree port priority priority_num port
Syntax Description
Defaults
STP Priority = 128.
Examples
To set Ethernet port 2 to STP priority 100:
> config spanningtree port priority 100 2Related Commands
show spanningtree port, config spanningtree switch mode, config spanningtree port mode, config spanningtree port pathcost
CONFIG SPANNINGTREE SWITCH COMMANDS
Use the CONFIG SPANNINGTREE SWITCH commands to configure spanningtree switch settings.
config spanningtree switch bridgepriority
To set the bridge ID, use the config spanningtree switch bridgepriority command. The value of the writable portion of the Bridge ID, that is, the first two octets of the (8 octet long) Bridge ID. The other (last) 6 octets of the Bridge ID are given by the value of Bridge MAC Address. The value may be specified as a number between 0 and 65535.
Note
config spanningtree switch bridgepriority priority_num
Syntax Description
Defaults
The factory default is 32768.
Examples
> config spanningtree switch bridgepriority 40230Related Commands
show spanningtree switch, config spanningtree switch forwarddelay, config spanningtree switch hellotime, config spanningtree switch maxage, config spanningtree switch mode
config spanningtree switch forwarddelay
To set the bridge timeout, use the config spanningtree switch forwarddelay command.
The value that all bridges use for ForwardDelay when this bridge is acting as the root. Note that 802.1D-1990 specifies that the range for this parameter is related to the value of Stp Bridge Maximum Age. The granularity of this timer is specified by 802.1D-1990 to be 1 second. An agent may return a badValue error if a set is attempted to a value which is not a whole number of seconds. The Factory default is 15. Valid values are 4 through 30 seconds.
config spanningtree switch forwarddelay seconds
Syntax Description
Defaults
The factory default is 15.
Examples
> config spanningtree switch forwarddelay 20Related Commands
show spanningtree switch, config spanningtree switch bridgepriority, config spanningtree switch hellotime, config spanningtree switch maxage, config spanningtree switch mode
config spanningtree switch hellotime
To set the hello time, use the config spanningtree switch hellotime command.
This is the value all bridges use for HelloTime when this bridge is acting as the root. The granularity of this timer is specified by 802.1D- 1990 to be 1 second. Valid values are 1 through 10 seconds.
config spanningtree switch hellotime seconds
Syntax Description
Defaults
The factory default is 15.
Examples
> config spanningtree switch hellotime 4Related Commands
show spanningtree switch, spanningtree switch bridgepriority, config spanningtree switch forwarddelay, config spanningtree switch maxage, config spanningtree switch mode
config spanningtree switch maxage
To set the maximum age, use the config spanningtree switch maxage command.
This is the value all bridges use for MaxAge when this bridge is acting as the root. Note that 802.1D-1990 specifies that the range for this parameter is related to the value of Stp Bridge Hello Time. The granularity of this timer is specified by 802.1D-1990 to be 1 second. Valid values are 6 through 40 seconds.
config spanningtree switch maxage seconds
Syntax Description
Defaults
The factory default is 20.
Examples
> config spanningtree switch maxage 30Related Commands
show spanningtree switch, config spanningtree switch bridgepriority, config spanningtree switch forwarddelay, config spanningtree switch hellotime, config spanningtree switch mode
config spanningtree switch mode
To turn the Cisco Wireless LAN controller Spanning Tree Protocol on or off, use the config spanningtree switch mode command.
Note that you must disable the Cisco Wireless LAN controller STP using this command, select STP mode for all Ethernet ports using the config spanningtree port mode command, and then enable the Cisco Wireless LAN controller STP using this command. This procedure allows the Cisco Wireless LAN controller to most efficiently set up STP, detect logical network loops, place redundant ports on standby, and build a network with the most efficient pathways.
config spanningtree switch mode {enable | disable}
Syntax Description
Defaults
STP = Disabled.
Examples
To support STP on all Cisco Wireless LAN controller Ports:
> config spanningtree switch mode enableRelated Commands
show spanningtree switch, config spanningtree switch bridgepriority, config spanningtree switch forwarddelay, config spanningtree switch hellotime, config spanningtree switch maxage, config spanningtree port mode
CONFIG SWITCHCONFIG COMMANDS
Use the CONFIG SWITCHCONFIG commands to configure switch settings.
config switchconfig flowcontrol
To enable or disable 802.3x flow control, use the config switchconfig flowcontrol command.
config switchconfig flowcontrol {enable | disable}
Syntax Description
config
Configure parameters.
switchconfig
Cisco Wireless LAN controller parameters.
flowcontrol
Configure flow control.
{enable | disable}
Enable or disable 802.3x flow control.
Defaults
Disabled
Examples
> config switchconfig flowcontrol enableRelated Commands
show switchconfig
config switchconfig mode
To configure LWAPP transport mode for Layer 2 or Layer 3, use the config switchconfig flowcontrol command.
config switchconfig mode {L2 | L3}
Note
Syntax Description
Defaults
L3
Examples
> config switchconfig mode L3Related Commands
show switchconfig
config syslog
To send or disable sending system logs, use the config syslog command.
config syslog {ip_address | disable}
Syntax Description
config
Configure parameters.
syslog
Configure system logs.
{ip_address | disable}
•
•
Defaults
Disable
Examples
> config syslog 10.1.1.1Sending logs to 10.1.1.1> config syslog disableSyslog disabled.Related Commands
show syslog
config sysname
To set the Cisco Wireless LAN controller system name, use the config sysname command.
config sysname name
Syntax Description
config
Configure parameters.
sysname
Configures the system name.
name
System name. Up to 31 alphanumeric characters.
Defaults
None.
Examples
> config sysname Ent_01Related Commands
show sysinfo
config time manual
To set the system time, use the config time manual command.
config time manual MM/DD/YY HH:MM:SS
Syntax Description
config
Command action.
time
Configures system time or servers.
manual
Configures the system time.
MM/DD/YY
Enter date.
HH:MM:SS
Enter time.
Defaults
None.
Examples
> config time manual 02/11/2003 15:29:00Related Commands
show time
config time ntp
To set the Network Time Protocol, use the config time ntp command.
config time ntp {interval seconds | server index ip_address}
Syntax Description
Defaults
None.
Examples
> config time ntp interval 7000Related Commands
show time
config time timezone
To configures the system's timezone, use the config time timezone command.
config time timezone {enable | disable} delta_hours [delta_mins]
Syntax Description
Defaults
None.
Examples
> config time timezone enable 2 0Related Commands
show time
CONFIG TRAPFLAGS COMMANDS
Use the CONFIG TRAPFLAGS commands to configure trapflags settings.
config trapflags 802.11-Security
To enable or disable sending 802.11 Security related traps, use the config trapflags 802.11-Security command.
config trapflags 802.11-Security wepDecryptError {enable | disable}
Syntax Description
Defaults
Enabled
Examples
> config trapflags 802.11-Security wepDecryptError disableRelated Commands
show trapflags
config trapflags aaa
To enable or disable the sending of AAA server related traps, use the config trapflags aaa command.
config trapflags aaa {auth | servers} {enable | disable}
Syntax Description
Defaults
Enabled
Examples
> config trapflags aaa auth disableRelated Commands
show trapflags
config trapflags ap
To enable or disable the sending of Cisco 1000 series lightweight access point related traps, use the config trapflags ap command.
config trapflags ap {register | interfaceUp} {enable | disable}
Syntax Description
Defaults
Enabled
Examples
> config trapflags ap register disableRelated Commands
show trapflags
config trapflags authentication
To enable or disable sending traps on invalid SNMP access, use the config trapflags authentication command.
config trapflags authentication {enable | disable}
Syntax Description
config
Configure parameters.
trapflags
Trap parameters.
authentication
Configure trap sending on invalid SNMP access.
{enable | disable}
Enable or disable sending traps on invalid SNMP access.
Defaults
Enabled
Examples
> config trapflags authentication disableRelated Commands
show trapflags
config trapflags client
To enable or disable the sending of client related DOT11 traps, use the config trapflags client command.
config trapflags client {802.11-disassocate | 802.11-deauthenticate | 802.11-authfail | 802.11-assocfail | excluded} {enable | disable}
Syntax Description
Defaults
Disabled
Examples
> config trapflags client 802.11-disassociate disableRelated Commands
show trapflags
config trapflags configsave
To enable or disable the sending of configuration saved traps, use the config trapflags configsave command.
config trapflags configsave {enable | disable}
Syntax Description
config
Configure parameters.
trapflags
Trap parameters.
configsave
Configure the sending of configuration saved traps.
{enable | disable}
Enable or disable the sending of configuration saved traps.
Defaults
Enabled
Examples
> config trapflags configsave disableRelated Commands
show trapflags
config trapflags ipsec
To enable or disable the sending of IPSec traps, use the config trapflags ipsec command.
config trapflags ipsec {esp-auth | esp-reply | invalidSPI | ike-neg | suite-neg | invalid-cookie} {enable | disable}
Syntax Description
Defaults
Enabled
Examples
> config trapflags ipsec esp-auth disableRelated Commands
show trapflags
config trapflags linkmode
To enable or disable Cisco Wireless LAN controller level Link up/down trap flags, use the config trapflags linkmode command.
config trapflags linkmode {enable | disable}
Syntax Description
Defaults
Enabled
Examples
> config trapflags linkmode disableRelated Commands
show trapflags
config trapflags multiusers
To enable or disable the sending of traps when multiple logins active, use the config trapflags multiusers command.
config trapflags multiusers {enable | disable}
Syntax Description
Defaults
Enabled
Examples
> config trapflags multiusers disableRelated Commands
show trapflags
config trapflags rogueap
To enable or disable sending rogue access point detection traps, use the config trapflags rogueap command.
config trapflags rogueap {enable | disable}
Syntax Description
Defaults
Enabled
Examples
> config trapflags rogueap disableRelated Commands
show trapflags
config trapflags rrm-params
To enable or disable the sending of RRM profile related traps, use the config trapflags rrm-params command.
config trapflags rrm-params {tx-power | channel | antenna} {enable | disable}
Syntax Description
Defaults
Enabled
Examples
> config trapflags rrm-params tx-power disableRelated Commands
show trapflags
config trapflags rrm-profile
To enable or disable the sending of RRM profile related traps, use the config trapflags rrm-profile command.
config trapflags rrm-profile {load | noise | interference | coverage} {enable | disable}
Syntax Description
Defaults
Enabled
Examples
> config trapflags rrm-profile load disableRelated Commands
show trapflags
config trapflags stpmode
To enable or disable the sending of spanning tree traps, use the config trapflags stpmode command.
config trapflags stpmode {enable | disable}
Syntax Description
config
Configure parameters.
trapflags
Trap parameters.
stpmode
Configure spanning tree trap sending.
{enable | disable}
Enable or disable the sending of spanning tree traps.
Defaults
Enabled
Examples
> config trapflags stpmode disableRelated Commands
show trapflags
config trapflags wps
To enable or disable wireless protection system (WPS) trap sending, use the config trapflags wps command.
config trapflags wps {enable | disable}
Syntax Description
config
Configure parameters.
trapflags
Trap parameters.
wps
Configure WPS trap sending.
{enable | disable}
Enable or disable WPS trap sending.
Defaults
Enabled
Examples
> config trapflags wps disableRelated Commands
show trapflags
CONFIG WATCHLIST COMMANDS
Use the CONFIG WATCHLIST commands to configure watchlist settings.
config watchlist add
To add a watchlist entry for a wireless LAN, use the config watchlist add command.
config watchlist add {mac MAC | username username}
Syntax Description
Defaults
None.
Examples
> config watchlist add mac a5:6b:ac:10:01:6bRelated Commands
config watchlist delete, config watchlist enable, config watchlist disable, show watchlist
config watchlist delete
To delete a watchlist entry for a wireless LAN, use the config watchlist delete command.
config watchlist delete {mac MAC | username username}
Syntax Description
Defaults
None.
Examples
> config watchlist delete mac a5:6b:ac:10:01:6bRelated Commands
config watchlist add, config watchlist enable, config watchlist disable, show watchlist
config watchlist disable
To disable the client watchlist, use the config watchlist disable command.
config watchlist disable
Syntax Description
config
Command action.
watchlist
Configure the client watchlist.
disable
Disable the client watchlist.
Defaults
None.
Examples
> config watchlist disableRelated Commands
config watchlist add, config watchlist delete, show watchlist
config watchlist enable
To enable a watchlist entry for a wireless LAN, use the config watchlist enable command.
config watchlist enable
Syntax Description
config watchlist
Command action.
watchlist
Configure the client watchlist.
enable
Enable the client watchlist.
Defaults
None.
Examples
> config watchlist enableRelated Commands
config watchlist add, config watchlist delete, show watchlist
CONFIG WIRELESS LAN COMMANDS
Use the CONFIG WLAN commands to configure wireless LAN command settings.
config wlan 7920-support
To configure support for phones, use the config wlan 7920-support command.
config wlan 7920-support {ap-cac-limit | client-cac-limit} {enable | disable} wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan 7920-support ap-cac-limit enable 8Related Commands
show wlan
config wlan 802.11e
To configure 802.11e support on a wireless LAN, use the config wlan 802.11e command.
802.11e provides Quality of Service (QoS) support for LAN applications, which are critical for delay sensitive applications such as Voice over Wireless IP (VoWIP).
802.11e enhances the 802.11 Media Access Control layer (MAC layer) with a coordinated time division multiple access (TDMA) construct, and adds error-correcting mechanisms for delay sensitive applications such as voice and video. The 802.11e specification provides seamless interoperability and is especially well suited for use in networks that include multimedia capability.
config wlan 802.11e {allow | disable | require} wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan 802.11e allow 1Related Commands
show trapflags
config wlan aaa-override
To configure user policy override via AAA on a wireless LAN, use the config wlan aaa-override command.
When AAA override is enabled, and a client has conflicting AAA and Cisco Wireless LAN controller wireless LAN authentication parameters, client authentication is performed by the AAA server. As part of this authentication, the operating system will move clients from the default Cisco wireless LAN solution wireless LAN VLAN to a VLAN returned by the AAA server and predefined in the Cisco Wireless LAN controller interface configuration (only when configured for MAC filtering, 802.1X, and/or WPA operation). In all cases, the operating system will also use QoS and ACL provided by the AAA server, as long as they are predefined in the Cisco Wireless LAN controller interface configuration. (This VLAN switching by AAA override is also referred to as Identity Networking.)
For instance, if the Corporate wireless LAN primarily uses a management interface assigned to VLAN 2, and if AAA override returns a redirect to VLAN 100, the Operating System redirects all client transmissions to VLAN 100, regardless of the physical port to which VLAN 100 is assigned.
When AAA override is disabled, all client authentication defaults to the Cisco Wireless LAN controller authentication parameter settings, and authentication is only performed by the AAA server if the Cisco Wireless LAN controller wireless LAN do not contain any client-specific authentication parameters.
The AAA override values may come from a RADIUS server, for example.
config wlan aaa-override {enable | disable} {wlan_id | foreignAp}
Syntax Description
Defaults
Disabled.
Examples
> config wlan aaa-override enable 1Related Commands
show wlan
config wlan broadcast-ssid
To configure an SSID broadcast on a wireless LAN, use the config wlan broadcast-ssid command.
config wlan broadcast-ssid {enable | disable} wlan_id
Syntax Description
Defaults
Disabled.
Examples
> config wlan broadcast-ssid enable 1Related Commands
show wlan
config wlan create
To create a wireless LAN, use the config wlan create command.
config wlan create {wlan_id wlan_name | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan create 1 SSID01Related Commands
show trapflags
config wlan delete
To delete a wireless LAN, use the config wlan delete command.
config wlan delete {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan delete 16Related Commands
show wlan, show wlan summary
config wlan dhcp_server
To configure the internal DHCP server for a wireless LAN, use the config wlan dhcp_server command.
config wlan dhcp_server {wlan_id | foreignAp} ip_address [required]
Syntax Description
Defaults
None.
Examples
> config wlan dhcp_server 16 10.10.2.1Related Commands
show wlan
config wlan disable
To disable a wireless LAN, use the config wlan disable command.
config wlan disable {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan disable 16Related Commands
show wlan
config wlan enable
To enable a wireless LAN, use the config wlan enable command.
config wlan enable {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan enable 16Related Commands
show wlan
config wlan exclusionlist
To configure exclusion list (blacklist) timeout for a wireless LAN, use the config wlan exclusionlist command.
Set the timeout in seconds for an automatically disabled client. Client machines are disabled by MAC address. A timeout setting of 0 indicates that the client is permanently disabled and that administrative control is required to remove the client from the automatic disable.
config wlan exclusionlist {wlan_id | foreignAp} {enabled | disabled | seconds}
Syntax Description
Defaults
Not enabled
Examples
> config wlan exclusionlist 1 3> config wlan exclusionlist 1 disabledRelated Commands
show exclusionlist
config wlan interface
To associate a wireless LAN with an existing interface, use the config wlan interface command.
config wlan interface {wlan_id | foreignAp} interface-name
Syntax Description
Defaults
None.
Examples
> config wlan interface 16 VLAN901Related Commands
show wlan
config wlan IPv6Support
To configure IPv6 support on a wireless LAN, use the config wlan IPv6Support command.
config wlan IPv6support {enable | disable} wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan IPv6support enable 6Related Commands
show wlan
config wlan mac-filtering
To change the state of MAC filtering on a wireless LAN, use the config wlan mac-filtering command.
config wlan mac-filtering {enable | disable} {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan mac-filtering enable 1Related Commands
show wlan
config wlan mobility
To change the state of MAC filtering on a wireless LAN, use the config wlan mobility anchor command.
config wlan mobility anchor {add | delete} wlan_id ip_address
Syntax Description
Defaults
None.
Examples
> config wlan mobility anchor delete 1 192.12.1.3Related Commands
show wlan
config wlan qos
To change the quality of service for a wireless LAN, use the config wlan qos command.
config wlan qos {wlan_id | foreignAp} {bronze | silver | gold | platinum}
Syntax Description
Defaults
None.
Examples
To set the highest level of service on wireless LAN 1, use the following command:
> config wlan qos 1 goldRelated Commands
show wlan
config wlan radio
To set the Cisco radio policy on a wireless LAN, use the config wlan radio command.
config wlan radio wlan_id {all | 802.11a | 802.11bg | 802.11g | 802.11ag}
Syntax Description
Defaults
None.
Examples
> config wlan radio 1 allRelated Commands
config 802.11a enable, config 802.11a disable, config 802.11b enable, config 802.11b disable, config 802.11b 11gSupport enable, config 802.11b 11gSupport disable, show wlan
config wlan radius_server
To configure a wireless LAN's radius servers, use the config wlan radius_server command.
config wlan radius_server {auth | acct} {add wlan_id server_id | delete wlan_id {all | server_id}}
Syntax Description
Defaults
None.
Examples
> config wlan radius_server auth add 1 1> config wlan radius_server auth delete 1 1> config wlan radius_server auth delete 1 allRelated Commands
config 802.11a enable, config 802.11a disable, config 802.11b enable, config 802.11b disable, config 802.11b 11gSupport enable, config 802.11b 11gSupport disable, show wlan
CONFIG WIRELESS LAN SECURITY COMMANDS
Use the CONFIG WLAN SECURITY commands to configure wireless LAN security settings.
config wlan security 802.1X
To change the state of 802.1X security on the wireless LAN Cisco radios, use the config wlan security 802.1X command.
Use to change the encryption level of 802.1X security on the wireless LAN Cisco radios to:
•
•
•
config wlan security 802.1X {enable {wlan_id | foreignAp} | disable {wlan_id | foreignAp} |
encryption {wlan_id | foreignAp} {40 | 104 | 128}}Syntax Description
Defaults
None.
Examples
> config wlan security 802.1X enable 16Related Commands
show wlan
config wlan security cranite
To change the state of the Cranite passthrough, use the config wlan security cranite command.
config wlan security cranite {enable | disable} {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security cranite enable 16Related Commands
show wlan
config wlan security fortress
To change the state of the Fortress passthrough, use the config wlan security fortress command.
config wlan security fortress {enable | disable} {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security fortress enable 16Related Commands
show wlan
config wlan security ipsec disable
To disable IPSec security, use the config wlan security ipsec disable command.
config wlan security ipsec disable {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security IPSec disable 16Related Commands
show wlan
config wlan security ipsec enable
To enable IPSec security, use the config wlan security ipsec enable command.
config wlan security ipsec enable {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security IPSec enable 16Related Commands
show wlan
config wlan security ipsec authentication
To modify the IPSec security authentication protocol used on the wireless LAN, use the config wlan security ipsec authentication command.
config wlan security ipsec authentication {hmac-md5 | hmac-sha-1} {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security ipsec authentication hmac-sha-1 1Related Commands
show wlan
config wlan security ipsec encryption
To modify the IPSec security encryption protocol used on the wireless LAN, use the config wlan security ipsec encryption command.
config wlan security ipsec encryption {3des | aes | des} {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security ipsec encryption aes 1Related Commands
show wlan
config wlan security ipsec config
To configure the propriety IKE CFG-Mode parameters used on the wireless LAN, use the config wlan security ipsec config command.
IKE is used as a method of distributing the session keys (encryption and authentication), as well as providing a way for the VPN endpoints to agree on how the data should be protected. IKE keeps track of connections by assigning a bundle of Security Associations (SAs), to each connection.
config wlan security ipsec config qotd ip_address {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security ipsec config qotd 44.55.66.77 1Related Commands
show wlan
config wlan security ipsec ike authentication
To modify the IPSec ike authentication protocol used on the wireless LAN, use the config wlan security ipsec ike authentication command.
config wlan security ipsec ike authentication {certificates {wlan_id | foreignAp} | pre-share-key {wlan_id | foreignAp} key | xauth-psk {wlan_id | foreignAp} key}
Syntax Description
Defaults
None.
Examples
> config wlan security ipsec ike authentication certificates 16Related Commands
show wlan
config wlan security ipsec ike dh-group
To modify the IPSec IKE Diffie Hellman group used on the wireless LAN, use the config wlan security ipsec ike authentication command.
config wlan security ipsec ike dh-group {wlan_id | foreignAp} {group-1 | group-2 | group-5}
Syntax Description
Defaults
None.
Examples
> config wlan security ipsec ike dh-group 1 group-1Related Commands
show wlan
config wlan security ipsec ike lifetime
To modify the IPSec IKE lifetime used on the wireless LAN, use the config wlan security ipsec ike lifetime command.
config wlan security ipsec ike lifetime {wlan_id | foreignAp} seconds
Syntax Description
Defaults
None.
Examples
> config wlan security ipsec ike lifetime 1 1900Related Commands
show wlan
config wlan security ipsec ike phase1
To modify IPSec IKE Phase 1 used on the wireless LAN, use the config wlan security ipsec ike phase1 command.
config wlan security ipsec ike phase1 {aggressive | main} {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security ipsec ike phase1 aggressive 16Related Commands
show wlan
config wlan security ipsec ike contivity
To modify Nortel's Contivity VPN client support on the wireless LAN, use the config wlan security ipsec ike contivity command.
config wlan security ipsec ike contivity {enable | disable} {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security ipsec ike contivity enable 14Related Commands
show wlan
config wlan security passthru
To modify the IPSec pass-through used on the wireless LAN, use the config wlan security ipsec ike passthru command.
config wlan security passthru {enable | disable} {wlan_id | foreignAp} [ip_address]
Syntax Description
Defaults
None.
Examples
> config wlan security ipsec enable 3 192.12.1.1Related Commands
show wlan
config wlan security static-wep-key authentication
To configure static WEP key 802.11 authentication on a wireless LAN, use the config wlan security static-wep-key authentication command.
config wlan security static-wep-key authentication {shared-key | open} wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan security static-wep-key authentication shared-key 1> config wlan security static-wep-key authentication open 1Related Commands
show wlan
config wlan security static-wep-key disable
To disable the use of static WEP keys, use the config wlan security static-wep-key disable command.
config wlan security static-wep-key disable wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan security static-wep-key disable 1Related Commands
config wlan security wpa encryption
config wlan security static-wep-key enable
To enable the use of static WEP keys, use the config wlan security static-wep-key enable command.
config wlan security static-wep-key enable wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan security static-wep-key enable 1Related Commands
config wlan security wpa encryption
config wlan security static-wep-key encryption
To configure the static WEP keys and indexes, use the config wlan security static-wep-key encryption command. Make sure to disable 802.1X before using this command.
Note
config wlan security static-wep-key encryption wlan_id {40 | 104 | 128} {hex | ascii} key key-index
Syntax Description
Defaults
None.
Examples
> config wlan security wpa encryption 1 40 hex 0201702001 2Related Commands
show wlan
config wlan security web-auth
To change the status of Web authentication used on the wireless LAN, use the config wlan security web command.
config wlan security web-auth {acl | enable | disable} {wlan_id | foreignAp} [{acl_name | none}]
Syntax Description
Defaults
None.
Examples
> config wlan security web-auth acl 1 ACL03> config wlan security web-auth enable 1> config wlan security web-auth disable 1Related Commands
show wlan
config wlan security web-passthrough acl
To add an ACL to the wireless LAN definition, use the config wlan security web acl command.
config wlan security web-passthrough acl {wlan_id | foreignAp} {acl_name | none}
Syntax Description
Defaults
None.
Examples
> config wlan security web-passthrough acl 1 ACL03Related Commands
show wlan
config wlan security web-passthrough disable
To disable web captive portal with no authentication required on a wireless LAN, use the config wlan security web-passthrough disable command.
config wlan security web-passthrough disable {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security web-passthrough disable 1Related Commands
show wlan
config wlan security web-passthrough email-input
To configure web captive portal using an email address, use the config wlan security web-passthrough email-input command.
config wlan security web-passthrough email-input {enable | disable} {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security web-passthrough email-input enable 1Related Commands
show wlan
config wlan security web-passthrough enable
To enable web captive portal with no authentication required on the wireless LAN, use the config wlan security web-passthrough enable command.
config wlan security web-passthrough enable {wlan_id | foreignAp}
Syntax Description
Defaults
None.
Examples
> config wlan security web-passthrough enable 1Related Commands
show wlan
config wlan security wpa1 disable
To disable WPA1, use the config wlan security wpa1 disable command.
config wlan security wpa1 disable wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan security wpa1 disable 1Related Commands
show wlan
config wlan security wpa1 enable
To enable WPA1, use the config wlan security wpa1 enable command.
config wlan security wpa1 enable wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan security wpa1 enable 1Related Commands
show wlan
config wlan security wpa1 pre-shared-key
To configure the WPA pre-shared key mode, use the config wlan security wpa1 pre-shared-key command.
config wlan security wpa1 pre-shared-key {enable wlan_id key | disable wlan_id}
Syntax Description
Defaults
None.
Examples
> config wlan security wpa1 pre-shared-key enable 1 r45Related Commands
show wlan
config wlan security wpa2 disable
To disable WPA2, use the config wlan security wpa2 disable command.
config wlan security wpa2 disable wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan security wpa2 disable 1Related Commands
show wlan
config wlan security wpa2 enable
To enable WPA2, use the config wlan security wpa2 enable command.
config wlan security wpa2 enable wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan security wpa2 enable 1Related Commands
show wlan
config wlan security wpa2 pre-shared-key
To configure the WPA pre-shared key mode, use the config wlan security wpa2 pre-shared-key command.
config wlan security wpa2 pre-shared-key {enable wlan_id key | disable wlan_id}
Syntax Description
Defaults
None.
Examples
> config wlan security wpa2 pre-shared-key disable 2Related Commands
show wlan
config wlan security wpa2 tkip
To change the status of WPA authentication, use the config wlan security wpa2 tkip command.
config wlan security wpa2 tkip {enable | disable} wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan security wpa2 tkip enable 1Related Commands
show wlan
config wlan security wpa2 wpa-compat
To change the status of WPA authentication, use the config wlan security wpa2 wpa-compat command.
config wlan security wpa2 wpa-compat {enable | disable} wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan security wpa2 wpa-compat enable 1Related Commands
show wlan
config wlan timeout
To change the timeout of wireless LAN clients, use the config wlan timeout command.
config wlan timeout {wlan_id | foreignAp} seconds
Syntax Description
None.
Examples
> config wlan timeout 1 6000Related Commands
show wlan
config wlan wmm
To configure WMM (WME), use the config wlan wmm command.
config wlan wmm {allow | disable | require} wlan_id
Syntax Description
Defaults
None.
Examples
> config wlan wmm allow 1Related Commands
show trapflags
Saving Configurations
Use the SAVE CONFIG command before you log out of the command line interface to save all previous configuration changes.
•
save config
To save Cisco Wireless LAN controller configurations, use the save config command.
save config
Syntax Description
Defaults
None.
Examples
> save configAre you sure you want to save? (y/n) yConfiguration Saved!Related Commands
show sysinfo
Clearing Configurations, Logfiles, and Other Actions
To clear existing configurations, log files, and other functions, use the clear commands.
clear ap-config
To restore a Cisco 1000 series lightweight access point configuration database to its factory default, use the clear ap-config command.
clear ap-config Cisco_AP
Syntax Description
Defaults
None.
Usage Guidelines
Entering this command does not clear the static IP address of the access point.
Examples
> clear ap-config aire1Related Commands
clear transfer, clear download filename, clear download mode, clear download path, clear download serverip, clear download start, clear upload datatype, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear arp
To clear the ARP table to a Cisco 1000 series lightweight access point its factory default, use the clear arp command.
clear arp
Syntax Description
Defaults
None.
Examples
> clear arpAre you sure you want to clear the ARP cache? (y/n)Related Commands
clear transfer, clear download filename, clear download mode, clear download path, clear download serverip, clear download start, clear upload datatype, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear config
To reset configuration data to factory defaults, use the clear config command.
clear config
Syntax Description
Defaults
None.
Examples
> clear configAre you sure you want to clear the configuration? (y/n)nConfiguration not cleared!Related Commands
clear transfer, clear download filename, clear download mode, clear download path, clear download serverip, clear download start, clear upload datatype, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear stats mobility
To clear mobility manager statistics, use the clear stats mobility command.
clear stats mobility
Syntax Description
clear
Clear selected configuration elements.
stats
Clear statistics counters.
mobility
Clear mobility manager statistics
Defaults
None.
Examples
> clear stats mobilityMobility stats cleared.Related Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download serverip, clear download start, clear upload datatype, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start, clear stats port
clear stats port
To clear statistics counters for a specific port, use the clear stats port command.
clear stats port port
Syntax Description
clear
Clear selected configuration elements.
stats
Clear statistics counters.
port
Clear statistics counters for a specific port.
port
Physical interface port number.
Defaults
None.
Examples
> clear stats port 9Related Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download serverip, clear download start, clear upload datatype, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear stats switch
To clear all switch statistics counters on a Cisco Wireless LAN controller, use the clear stats switch command.
clear stats switch
Syntax Description
clear
Clear selected configuration elements.
stats
Clear statistics counters.
switch
Clear all switch statistics counters.
Defaults
None.
Examples
> clear stats switchRelated Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download path, clear download start, clear upload datatype, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear redirect-url
To clear the custom web authentication redirect URL on the Cisco Wireless LAN controller, use the clear redirect-url command.
clear redirect-url
Syntax Description
clear
Clear selected configuration elements.
redirect-url
Clear the custom web authentication redirect URL.
Defaults
None.
Examples
> clear redirect-urlURL cleared.Related Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download path, clear download start, clear upload datatype, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear transfer
To clear the transfer information, use the clear transfer command.
clear transfer
Syntax Description
Defaults
None.
Examples
> clear transferAre you sure you want to clear the transfer information? (y/n) yTransfer Information Cleared.Related Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download path, clear download serverip, clear upload datatype, clear download filename, clear download mode, clear download path, clear download serverip, clear download start
clear traplog
To clear the trap log, use the clear traplog command.
clear traplog
Syntax Description
Defaults
None.
Examples
> clear traplogAre you sure you want to clear the trap log? (y/n) yTrap Log Cleared.Related Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download path, clear download serverip, clear download start, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear webimage
To clear the custom web authentication image, use the clear webimage command.
clear webimage
Syntax Description
Defaults
None.
Examples
> clear webimageRelated Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download path, clear download serverip, clear download start, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear webmessage
To clear the custom web authentication message, use the clear webmessage command.
clear webmessage
Syntax Description
clear
Clear selected configuration elements.
webmessage
Clear the custom web authentication message.
Defaults
None.
Examples
> clear webmessageMessage cleared.Related Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download path, clear download serverip, clear download start, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear webtitle
To clear the custom web authentication title, use the clear webtitle command.
clear webtitle
Syntax Description
Defaults
None.
Examples
> clear webtitleTitle cleared.Related Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download path, clear download serverip, clear download start, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
clear ext-webauth-url
To clear the external web authentication URL, use the clear ext-webauth-url command.
clear ext-webauth-url
Syntax Description
clear
Clear selected configuration elements.
ext-webauth-url
Clear the external web authentication URL.
Defaults
None.
Examples
> clear ext-webauth-urlURL cleared.Related Commands
clear transfer, clear download datatype, clear download filename, clear download mode, clear download path, clear download serverip, clear download start, clear upload filename, clear upload mode, clear upload path, clear upload serverip, clear upload start
Uploading and Downloading Files and Configurations
To transfer files to or from the Cisco Wireless LAN controller, use the transfer commands.
transfer download certpassword
To set a certificate's private key password, use the transfer download certpassword command.
transfer download certpassword [password]
Syntax Description
Defaults
None.
Examples
> transfer download certpasswordClearing passwordRelated Commands
clear transfer, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start, transfer upload datatype, transfer upload filename, transfer upload mode, transfer upload path, transfer upload serverip, transfer upload start
transfer download datatype
To set the download file type, use the transfer download datatype command.
transfer download datatype {config | code | image | signature | webadmincert | webauthcert}
Syntax Description
Defaults
None.
Examples
> transfer datatype codeRelated Commands
clear transfer, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start, transfer upload datatype, transfer upload filename, transfer upload mode, transfer upload path, transfer upload serverip, transfer upload start, transfer download datatype image, transfer download start
transfer download filename
To download a specific file, use the transfer download filename command.
transfer download filename filename
Syntax Description
transfer
Transfer a file to or from the switch.
download
Transfer a file to the switch.
filename
Set the TFTP filename.
filename
File name up to 16 alphanumeric characters.
Defaults
None.
Examples
> transfer download filename build603Related Commands
clear transfer, transfer download datatype, transfer download mode, transfer download path, transfer download serverip, transfer download start, transfer upload datatype, transfer upload filename, transfer upload mode, transfer upload path, transfer upload serverip, transfer upload start
transfer download mode
To set transfer mode, use the transfer download mode command.
transfer download mode tftp
Syntax Description
transfer
Transfer a file to or from the switch.
download
Transfer a file to the switch.
mode
Set transfer mode.
tftp
Set the transfer mode to tftp.
Defaults
None.
Examples
> transfer download mode tftpRelated Commands
clear transfer, transfer download datatype, transfer download filename, transfer download path, transfer download serverip, transfer download start, transfer upload datatype, transfer upload filename, transfer upload mode, transfer upload path, transfer upload serverip, transfer upload start
transfer download path
To set a specific TFTP path, use the transfer download path command.
transfer download path path
Syntax Description
transfer
Transfer a file to or from the switch.
download
Transfer a file to the switch.
path
Set TFTP Path.
path
Directory path.
Defaults
None.
Examples
> transfer download path c:\install\version2Related Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download serverip, transfer download start, transfer upload datatype, transfer upload filename, transfer upload mode, transfer upload path, transfer upload serverip, transfer upload start
transfer download serverip
To configure the IP address of the TFTP server from which to download information, use the transfer download serverip command.
transfer download serverip ip_address
Syntax Description
transfer
Transfer a file to or from the switch.
download
Transfer a file to the switch.
serverip
Enter IP address of the server.
ip_address
Server IP address.
Defaults
None.
Examples
> transfer download serverip 175.34.56.78Related Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download start, transfer upload datatype, transfer upload filename, transfer upload mode, transfer upload path, transfer upload serverip, transfer upload start
transfer download start
To initiate a download, use the transfer download start command.
transfer download start
Syntax Description
transfer
Transfer a file to or from the switch.
download
Transfer a file to the switch.
start
Initiate a download.
Defaults
None.
Examples
> transfer download startMode........................................... TFTPData Type...................................... CodeTFTP Server IP................................. 172.16.16.78TFTP Packet Timeout............................ 6TFTP Max Retries............................... 10TFTP Path...................................... c:\find\off/TFTP Filename.................................. wps_2_0_75_0.aesThis may take some time.Are you sure you want to start? (y/n) nTransfer CancelledRelated Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer upload datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start
transfer download tftpPktTimeout
To specify the TFTP packet timeout, use the transfer download tftpPktTimeout command.
transfer download tftpPktTimeout timeout
Syntax Description
transfer
Transfer a file to or from the switch.
download
Transfer a file to the switch.
tftpPktTimeout
Enter the tftp packet timeout.
timeout
Timeout in seconds between 1 and 254.
Defaults
None.
Examples
> transfer download tftpPktTimeout 55Related Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer upload datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start
transfer download tftpMaxRetries
To specify the number of allowed TFTP packet retries, use the transfer download tftpMaxRetries command.
transfer download tftpMaxRetries retries
Syntax Description
Defaults
None.
Examples
> transfer download tftpMaxRetries 55Related Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer upload datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start
transfer encrypt
To configure encryption for config file transfers, use the transfer encrypt command.
transfer encrypt {enable | disable | set-key key}
Syntax Description
Defaults
None.
Examples
> transfer encrypt enableRelated Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer upload datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start
transfer upload datatype
To set the upload file type, use the transfer upload datatype command.
transfer upload datatype {config | crashfile | errorlog | radio-core-dump | signature | systemtrace | traplog}
Syntax Description
Defaults:
None.
Examples
> transfer upload datatype errorlogRelated Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start, transfer upload filename, transfer upload mode, transfer upload path, transfer upload serverip, transfer upload start
transfer upload filename
To upload a specific file, use the transfer upload filename command.
transfer upload filename filename
Syntax Description
transfer
Transfer a file to or from the switch.
upload
Transfer a file from the switch.
filename
Set the TFTP filename.
filename
File name up to 16 alphanumeric characters.
Defaults
None.
Examples
> transfer upload filename build603Related Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start, transfer upload datatype, transfer upload mode, transfer upload path, transfer upload serverip, transfer upload start
transfer upload mode
To configure the transfer mode, use the transfer upload mode command.
transfer upload mode tftp
Syntax Description
transfer
Transfer a file to or from the switch.
upload
Transfer a file from the switch.
mode
Set transfer mode.
tftp
Set the transfer mode to TFTP.
Defaults
None.
Examples
> transfer upload mode tftpRelated Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start, transfer upload datatype, transfer upload filename, transfer upload path, transfer upload serverip, transfer upload start
transfer upload path
To set a specific upload path, use the transfer upload path command.
transfer upload path path
Syntax Description
transfer
Transfer a file to or from the switch.
upload
Transfer a file from the switch.
path
Set TFTP Path.
path
Directory path.
Defaults
None.
Examples
> transfer upload path c:\install\version2Related Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start, transfer upload datatype, transfer upload filename, transfer upload mode, transfer upload serverip, transfer upload start
transfer upload serverip
To configure the IP address of the TFTP server to upload files to, use the transfer upload serverip command.
transfer upload serverip ip_address
Syntax Description
transfer
Transfer a file to or from the switch.
upload
Transfer a file from the switch.
serverip
Enter IP address of the server.
ip_address
Server IP address.
Defaults
None.
Examples
> transfer upload serverip 175.34.56.78Related Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start, transfer upload datatype, transfer upload filename, transfer upload mode, transfer upload path, transfer upload start
transfer upload start
To initiate an upload, use the transfer upload start command.
transfer upload start
Syntax Description
transfer
Transfer a file to or from the switch.
upload
Transfer a file from the switch.
start
Initiate upload.
Defaults
None.
Examples
> transfer upload startMode........................................... TFTPTFTP Server IP................................. 172.16.16.78TFTP Path...................................... c:\find\off/TFTP Filename.................................. wps_2_0_75_0.aesData Type...................................... CodeAre you sure you want to start? (y/n) nTransfer CancelledRelated Commands
clear transfer, transfer download datatype, transfer download filename, transfer download mode, transfer download path, transfer download serverip, transfer download start, transfer upload datatype, transfer upload filename, transfer upload mode, transfer upload path, transfer upload serverip
Troubleshooting
Use the DEBUG commands to manage system debugging.
Caution
debug aaa
To configure AAA debug options, use the debug aaa command.
debug aaa {all | detail | events | packet} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug aaa packet enable> debug aaa packet disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug crypto, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug airewave-director
To configure the Airewave Director Software debug options, use the debug airwave-director command.
debug airwave-director {all | channel | detail | error | group | manager | message | packet | power | profile | radar | rf-change} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug airewave-director profile enable> debug airewave-director profile disableRelated Commands
debug aaa, debug arp, debug bcast, debug crypto, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug arp
To configure ARP debug options, use the debug arp command.
debug arp {all | detail | events | message} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug arp error enable> debug arp error disableRelated Commands
debug aaa, debug airewave-director, debug bcast, debug crypto, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug bcast
To configure debug of broadcast options, use the debug bcast command.
debug bcast {all | detail | events | packet} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug bcast message enable> debug bcast message disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug crypto, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug crypto
To configure hardware cryptographic debug options, use the debug crypto command.
debug crypto {all | sessions | trace | warning} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug dhcp message enable> debug dhcp message disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug dhcp
To configure DHCP debug options, use the debug dhcp command.
debug dhcp {message | packet} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug dhcp message enable> debug dhcp message disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug crypto, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug disable-all
To disable all debug messages, use the debug disable-all command.
debug disable-all
Syntax Description
Defaults
Disabled by default.
Examples
> debug disable-allRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug crypto, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug dot11
To configure dot11 events debug options, use the debug dot11 command.
debug dot11 {all | load-balancing | management | mobile | rfid | rldp | rogue | state} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug dot11 state enable> debug dot11 state disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug crypto, debug dhcp, debug disable-all, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug dot1x
To configure dot1x debug options, use the debug dot1x command.
debug dot1x {aaa | all | events | packet | states} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug dot1x state enable> debug dot1x state disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug crypto, debug dhcp, debug disable-all, debug dot11, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug l2age
To configure debug of Layer 2 Ago timeout messages, use the debug l2age command.
debug l2age {enable | disable}
Syntax Description
debug
Debug parameters.
l2age
Layer 2 Ago Timeout Messages.
{enable | disable}
•
•
Defaults
None.
Examples
> debug l2age enable> debug l2age disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug crypto, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug lwapp
To configure LWAPP debug options, use the debug lwapp command. This is a helpful command to debug when an AP does not join a controller.
debug lwapp {detail | error | events | packet} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug lwapp packet enable> debug lwapp packet disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug crypto, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug mac
To configure MAC debugging, use the debug mac command.
debug mac {disable | addr MAC}
Syntax Description
debug
Debug parameters.
mac
MAC address parameters.
disable
Enter disable to disable MAC debugging.
addr
Enter addr to configure the MAC address.
MAC
MAC address.
Defaults
None.
Examples
> debug mac addr 00.oc.41.07.33.a6> debug mac disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug crypto, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug mobility
To configure the Mobility debug options, use the debug mobility command.
debug mobility {directory | handoff} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug mobility directory enable> debug mobility directory disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wps
debug nac
To configure debug of Network Access Control (NAC), use the debug nac command.
debug nac {events | packet} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug nac events enable> debug nac events disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wpsdebug ntp
To configure debug of debug of Network Time Protocol (NTP), use the debug ntpp command.
debug ntp {detail | low | packet} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug ntp packet enable> debug ntp packet disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug pem, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wpsdebug pem
To configure the access policy manager debug options, use the debug pem command.
debug pem {events | state} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug pem state enable> debug pem state disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pm, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wpsdebug pm
To configure debug of security policy manager module, use the debug pm command.
debug pm all disable
debug pm {config | hwcrypto | ikemsg | init | list | message | pki | rng | rules | sa-export | sa-import | ssh-l2tp | ssh-appgw | ssh-engine | ssh-int | ssh-pmgr | ssh-ppp | ssh-tcp} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug pm ssh-pmgr enable> debug pm ssh-pmgr disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug poe, debug rbcp, debug snmp, debug transfer, debug wcp, debug wpsdebug poe
To configure debug of Power over ethernet debug options, use the debug poe command.
debug poe {detail | error | message} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug poe message enable> debug poe message disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug rbcp, debug snmp, debug transfer, debug wcp, debug wpsdebug rbcp
To configure Router Blade Control (RBCP) debug options, use the debug rbcp command.
debug rbcp {all | detail | errors | packet} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug rbcp packet enable> debug rbcp packet disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug snmp, debug transfer, debug wcp, debug wps
debug snmp
To configure SNMP debug options, use the debug snmp command.
debug snmp {agent | all | mib | trap} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug snmp trap enable> debug snmp trap disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe, debug rbcp, debug transfer, debug wcp, debug wps
debug transfer
To configure transfer debug options, use the debug transfer command.
debug transfer {all | tftp | trace} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug transfer trace enable> debug transfer trace disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe , debug rbcp, debug snmp, debug wcp, debug wps
debug wcp
To configure wcp debug options, use the debug wcp command.
debug wcp {events | packet} {enable | disable}
Syntax Description
Defaults
None.
Examples
> debug wcp packet enable> debug wcp packet disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe , debug rbcp, debug snmp, debug transfer, debug wps
debug wps
To configure wps debug options, use the debug wps command.
config wps sig {enable | disable}
Syntax Description
debug
debug parameters.
wps
WPS parameters.
sig
Signature parameters.
{enable | disable}
•
•
Defaults
None.
Examples
> debug wps sig enable> debug wps sig disableRelated Commands
debug aaa, debug airewave-director, debug arp, debug bcast, debug dhcp, debug disable-all, debug dot11, debug dot1x, debug l2age, debug lwapp, debug mac, debug mobility, debug nac, debug ntp, debug pem, debug pm, debug poe , debug rbcp, debug snmp, debug transfer, debug wcp
