Wireless/Redundant Edge Services xl Module Management and Configuration Guide WS.02.xx and greater
Table Of Contents
- ProCurve Wireless Edge Services xl Module and ProCurve Redundant Wireless Services xl Module
- Title Page
- Copyright and Disclaimer Notices
- Table of Contents
- 1. Introduction
- Contents
- ProCurve Wireless Edge Services xl Module
- Wireless Networks and WLANs
- The Interface Between the Wireless and Wired Networks
- Layer 2 and Layer 3 Operation
- Determining the Layer 3 Services Your Wireless Edge Services xl Module Should Provide
- IP Routing
- DHCP Services
- Security Features
- Traffic Management and QoS
- Management Capabilities and sFlow
- RP Licensing
- Radio Ports
- Redundancy Groups
- Layer 2 and Layer 3 Roaming Between RPs and Modules
- 2. Configuring the ProCurve Wireless Edge Services xl Module
- Contents
- Management Interfaces
- Radio Port Adoption
- System Maintenance
- Software Images
- Configuration Files
- Viewing Configuration Files
- Transferring, or Copying, Files
- Transferring Configuration Files from an FTP or TFTP Server to the Wireless Edge Services xl Module
- Transferring Configuration Files from the Wireless Edge Services xl Module to Another Destination
- Managing the Directory Structure and Browsing for Files
- Deleting a Configuration File
- Returning the Startup-Config File to Factory Default Settings
- Update Server
- Password Encryption
- SNMP Traps and Error Reporting
- Radio Port Licenses
- Setting System Information-Name, Time, and Country Code
- Enabling Secure Network Time Protocol (NTP)
- Digital Certificates
- 3. Radio Port Configuration
- 4. Wireless Local Area Networks (WLANs)
- Contents
- Overview
- Configuration Options: Normal Versus Advanced Mode
- Configuring a WLAN
- VLAN Assignment
- Traffic Management (QoS)
- 5. Web Authentication for Mobile Users
- 6. IP Services-IP Settings, DHCP, and DNS
- 7. Access Control Lists (ACLs)
- 8. Configuring Network Address Translation (NAT)
- 9. Fast Layer 2 Roaming and Layer 3 Mobility
- 10. Redundancy Groups
- Contents
- High Availability for Wireless Services
- Configuring a Redundancy Group
- Configuring Redundancy Group Settings
- Adding Members to the Redundancy Group
- Enabling Redundancy
- Viewing Information about the Redundancy Group
- Viewing Information about the Other Members of the Redundancy Group
- Setting up Adoption Preference IDs to Control RP Adoption
- Reverting RPs Adopted by a Standby Member to the Active Member
- 11. RADIUS Server
- Contents
- Overview
- RADIUS Authentication
- Configuring the Internal RADIUS Server
- Choosing the Authentication Type for 802.1X/EAP
- Specifying the RADIUS Server’s Digital Certificate
- Choosing the Source for User Credentials
- Configuring the Local RADIUS Database
- Using LDAP for the Data Source
- Specifying a Domain Proxy RADIUS Server
- Specifying Global RADIUS Settings
- Adding RADIUS Clients
- Starting and Stopping the RADIUS Server
- Enabling Authentication to the Internal Server on a WLAN
- Configuring the Internal RADIUS Server
- RADIUS Accounting
- 12. Configuring Tunnels with Generic Routing Encapsulation
- 13. Wireless Network Management
- Contents
- Overview
- Monitoring the Wireless Network
- AP Detection
- Configuring Station Intrusion Detection
- Logging and Alarms
- MAC Filters (Local MAC Authentication)
- Network Self Healing
- 14. sFlow Agent
- Appendix A - ProCurve Wireless Services xl Module Command Line Reference
- Contents
- Overview
- Manager Commands
- Global Commands
- Interface Commands
- Wireless Commands
- Show Commands
- Show Commands (All Contexts)
- show alarm-log
- show commands
- show crypto
- show debug
- show file
- show flash
- show history
- show hostname
- show interfaces
- show ip
- show licenses
- show logging
- show management
- show password-encryption
- show redundancy-group
- show redundancy-history
- show redundancy-member
- show running-config
- show snmp
- show sntp
- show startup-config
- show terminal
- show time
- show timezone
- show upd-server
- show upgrade-status
- show version
- show vlans
- Show Commands (Wireless)
- show wireless ap-detection-config
- show wireless approved-aps
- show wireless channel-power
- show wireless config
- show wireless ids
- show wireless mac-auth-local entries
- show wireless phrase-to-key
- show wireless radio-config
- show wireless radio-statistics
- show wireless radio-status
- show wireless regulatory
- show wireless rp-images
- show wireless rp-status
- show wireless rp-unadopted
- show wireless self-heal-config
- show wireless station
- show wireless station-statistics
- show wireless unapproved-aps
- show wireless web-auth-config
- show wireless wireless-module-statistics
- show wireless wlan-config
- show wireless wlan-statistics
- Support Commands
- Support Commands (All Contexts)
- Support Commands (Wireless)
- Index
- Back Cover
A-73
ProCurve Wireless Services xl Module Command Line Reference
Wireless Commands
– dot11i - Configures IEEE 802.11i (TKIP/AES) parameters.
+key - Configures the key (PMK).
-0 - Password is specified UNENCRYPTED.
++WORD - The 256 bit (64 hex characters) long key.
-2 - Password is encrypted with password-encryption secret.
++WORD - The 256 bit (64 hex characters) long key.
-WORD - The 256 bit (64 hex characters) long key.
+key-rotation - Controls the periodic update of the broadcast keys of
all associated stations.
-enable - Enables key rotation.
+key-rotation-interval - Configures the broadcast key rotation interval.
-<60-86400> - The key rotation interval in seconds.
+oo-pmk-caching - Enables the opportunistic use of cached pairwise
master keys (fast roaming with eap/802.1X).
+phrase - Configures the passphrase.
- 0 - Password is specified UNENCRYPTED.
++LINE - A passphrase between 8 and 63 characters long.
- 2 - Password is encrypted with password-encryption secret.
++LINE - A passphrase between 8 and 63 characters long.
- LINE - A passphrase between 8 and 63 characters long.
+pmk-caching - Enables the use of cached pairwise master keys (fast
roaming with eap/802.1X.
– enable - Enables specified wireless LAN(s).
– encryption-type - Enables specified wireless LAN(s).
+aes - AES Counter Mode CBC-MAC Protocol (CCMP).
+none - No encryption.
+tkip - Temporal Key Integrity Protocol (TKIP).
+tkip-aes - Enables both TKIP and AES on this WLAN.
+wep128 - Wired Equivalence Privacy (WEP) with 128 bit keys.
+wep64 - Wired Equivalence Privacy (WEP) with 64 bit keys.
Note A configuration where two WLANs are mapped to the same VLAN, and one of them
is configured with no encryption and the other with WEP, is insecure. It can lead to
a compromise of the WEP key.