Owner's manual
Table Of Contents
- About This Document
- Introduction
- Common Commands
- In this chapter
- Common commands
- show
- autoinstall
- banner
- commands
- crypto
- environment
- history
- interfaces
- ip
- ldap
- licenses
- logging
- mac
- mac-address-table
- management
- mobility
- ntp
- port-channel
- power
- privilege
- radius
- redundancy dynamic-ap-load-balance
- redundancy group
- redundancy history
- redundancy members
- rtls
- smtp-notification
- snmp
- snmp-server
- spanning-tree
- static-channel-group
- terminal
- timezone
- traffic-shape
- users
- version
- wireless
- (config-wireless) Executable Mode
- wlan-acl
- access-list
- aclstats
- alarm-log
- boot
- clock
- debugging
- dhcp
- file
- ftp
- password-encryption
- running-config
- securitymgr
- sessions
- startup-config
- upgrade-status
- mac-name
- firewall
- role
- virtual-IP
- wwan
- aap-wlan-acl
- aap-wlan-acl-stats
- protocol-list
- service-list
- User Exec Commands
- Privileged Exec Commands
- Global Configuration Commands
- In this chapter
- Global Configuration commands
- aaa
- access-list
- autoinstall
- banner
- boot
- bridge
- country-code
- crypto
- do
- end
- errdisable
- ftp
- hostname
- interface
- ip
- license
- line
- local
- logging
- mac
- mac-address-table
- mac-name
- management
- ntp
- prompt
- radius-server
- ratelimit
- redundancy
- role
- rtls
- service
- smtp-notification
- snmp-server
- spanning-tree
- timezone
- traffic-shape
- username
- vpn
- wireless
- wlan-acl
- network-element-id
- firewall
- virtual-ip
- wwan
- aap-wlan-acl
- arp
- power
- aap-ipfilter-list
- whitelist
- Crypto-isakmp Instance
- Crypto-group Instance
- Crypto-peer Instance
- Crypto-ipsec Instance
- Crypto-map Instance
- Crypto-trustpoint Instance
- Interface Instance
- Spanning tree-mst Instance
- Extended ACL Instance
- Standard ACL Instance
- Extended MAC ACL Instance
- DHCP Server Instance
- DHCP Class Instance
- Radius Server Instance
- Wireless Instance
- In this chapter
- Wireless configuration commands
- aap
- admission-control
- adopt-unconf-radio
- adoption-pref-id
- ap
- ap-containment
- ap-detection
- ap-image
- ap-ip
- ap-standby-attempts-threshold
- ap-timeout
- ap-udp-port
- auto-select-channels
- broadcast-tx-speed
- client
- clrscr
- cluster-master-support
- convert-ap
- country-code
- debug
- dhcp-one-portal-forward
- dhcp-sniff-state
- dot11-shared-key-auth
- end
- exit
- fix-broadcast-dhcp-rsp
- help
- hotspot
- load-balance
- mac-auth-local
- manual-wlan-mapping
- wireless-client
- mobility
- multicast-packet-limit
- multicast-throttle-watermark
- nas-id
- nas-port-id
- no
- proxy-arp
- qos-mapping
- radio
- rate-limit
- secure-wispe-default-secret
- self-heal
- sensor
- service
- show
- smart-rf
- smart-scan-channels
- wlan
- wlan-bw-allocation
- dot11k
- wips
- non-preferred-ap-attempts-threshold
- test
- RTLS Instance
- ESPI Instance
- RFID Instance
- SOLE Instance
- Smart RF Instance
- Role Instance
- AAP IP Filtering
Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide 685
53-1001931-01
Wireless configuration commands
20
authentication-type
[eap|hotspot|kerberos|
mac-auth|none]
Sets the authentication type for this WLAN.
• eap – EAP authentication (802.1X).
• hotspot – Web based authentication.
• kerberos – Kerberos authentication (encryption will change
to WEP128 if its not already wep128/keyguard).
• mac-auth – MAC authentication (RADIUS lookup of MAC
address).
• none – No authentication is used.
wlan <1-256>
aap-ipfilter-rules [in|out]
{<1-20>|AAP_IPF_RULE}
Configures AAP IP Filter rules
• in - In direction
• out - Out direction
• <1-20> - A single index
• <AAP_IPF_RULE> - A list (for example: 1.3.7) or a range
(for example 3-7) of indices
client-bridge-backhaul
enable
Enables the client bridge backhaul capability on this wlan.
deny-static-client Drop packets from static clients
description <description> Sets the description for this WLAN. Use to identify the selected
WLAN.
dot11i [handshake | key|
key-rotation |
key-rotation-interval|
opp-pmk-caching |
phrase|pmk-caching |
preauthentication |
second-key|
tkip-cntrmeas-hold-time|
wpa2-tkip]
Modifies tkip/ccmp (802.11i) related parameters.
• handshake timeout <100-5000> retransmit <1-10> – Sets
a handshake for the timeout and retransmission intervals.
• timeout <100-5000> – Sets the timeout (in
milliseconds) between retries.
• retransmit <1-10> – Sets the number of retransmission
attempts.
• key [0 <secret-key>|2 <secret-key>|<secret-key>] –
Configure the key (PMK).
• 0 <secret-key>– Password is specified unencrypted.
• 2 <secret-key>– Password is encrypted with
password-encryption secret.
• <secret-key> – The 256bit (64 hex characters) long key.
• key-rotation enable – Controls the periodic update of
broadcast keys for associated wireless clients.
• key-rotation-interval <30-86400> – Configures the
broadcast key rotation interval in seconds.
• opp-pmk-caching – Enables the opportunistic use of cached
pairwise master keys (fast roaming with
eap/802.1X).
• phrase [0 <secret-key>|2 <secret-key>|<secret-key>] –
Configures the passphrase.
• 0 <secret-key> – Password is specified unencrypted.
• 2 <secret-key> – Password is encrypted with
password-encryption secret.
• <secret-key> – Set a passphrase between 8 and 63
characters.
• pmk-caching – Enables the use of cached pairwise master
keys (fast roaming with eap/802.1X).
• preauthentication – Enables support for 802.11i
pre-authentication.