Summary of the content on the page No. 1 
                    
                        Part No. 320657-A
September 2005
4655 Great America Parkway
Santa Clara, CA 95054
Nortel WLAN Security Switch 2300 
Series Configuration Guide
Release 4.0
*320657-A*                                                                                                                                                                                                                                                                                                                                               
                    
                    Summary of the content on the page No. 2 
                    
                        2 Copyright © Nortel Networks Limited 2005. All rights reserved. The information in this document is subject to change without notice. The statements, configurations, technical data, and  recommendations in this document are believed to be accurate and reliable, but are presented without express or implied  warranty. Users must take full responsibility for their applications of any products specified in this document. The  information in this document is proprietary to Nortel Networks. Trademark
                    
                    Summary of the content on the page No. 3 
                    
                        3 USA requirements only Federal Communications Commission (FCC) Compliance Notice: Radio Frequency Notice Note: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to  Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when  the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency  energy. If it is not installed and use
                    
                    Summary of the content on the page No. 4 
                    
                        4 OR CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS OR SAVINGS), WHETHER IN CONTRACT,  TORT OR OTHERWISE (INCLUDING NEGLIGENCE) ARISING OUT OF YOUR USE OF THE SOFTWARE,  EVEN IF Nortel NETWORKS, ITS AGENTS OR SUPPLIERS HAVE BEEN ADVISED OF THEIR POSSIBILITY.  The forgoing limitations of remedies also apply to any developer and/or supplier of the Software. Such developer and/or  supplier is an intended beneficiary of this Section. Some jurisdictions do not allow these limitations or exclusions and
                    
                    Summary of the content on the page No. 5 
                    
                        5 Limited Warranty Nortel standard warranty for hardware is one (1) year. Nortel warrants software materials to be defect free for  90 Days from time of purchase. Nortel requires purchasing the software subscription if a customer would like  to receive new WLAN—Wireless Security Switch (23x0), Nortel WLAN — Management System software.  This limited warranty extends only to you the original purchaser of the Product. Exclusive Remedy Your sole remedy under the limited warranty described above is, 
                    
                    Summary of the content on the page No. 6 
                    
                        6 MATERIALS OR ANY PART THEREOF WILL MEET END CUSTOMER'S REQUIREMENTS OR BE  UNINTERRUPTED, OR ERROR-FREE, OR THAT ANY ERRORS IN THE PRODUCT WILL BE  CORRECTED. SOME STATES/JURISDICTIONS DO NOT ALLOW THE EXCLUSION OF IMPLIED  WARRANTIES SO THE ABOVE EXCLUSIONS MAY NOT APPLY TO END CUSTOMER. THIS  LIMITED WARRANTY GIVES END CUSTOMER SPECIFIC LEGAL RIGHTS. END CUSTOMER MAY  ALSO HAVE OTHER RIGHTS, WHICH VARY FROM STATE/JURISDICTION TO STATE/ JURISDICTION. TO THE MAXIMUM EXTENT PERMITTED BY APPLICA
                    
                    Summary of the content on the page No. 7 
                    
                        7 If Licensee is a European Union resident, Licensee acknowledges that information necessary to achieve interoperability of  the Software with other programs is available upon request. (c) Licensee may make a single copy of the Standalone Software and Documentation solely for its back-up purposes;  provided that any such copy is the exclusive property of Nortel and its suppliers and includes all copyright and other intel- lectual property right notices that appear on the original. (d) Nortel may
                    
                    Summary of the content on the page No. 8 
                    
                        8 7. Government Restricted Rights. As defined in FAR section 2.101, DFAR section 252.227-7014(a)(1) and DFAR section  252.227-7014(a)(5) or otherwise, the Software provided in connection with this Agreement are “commercial items,” “com- mercial computer software” and/or “commercial computer software documentation.” Consistent with DFAR section  227.7202, FAR section 12.212 and other sections, any use, modification, reproduction, release, performance, display, dis- closure or distribution thereof
                    
                    Summary of the content on the page No. 9 
                    
                        9 o Damien Miller o Kevin Steves o Daniel Kouril o Per Allansson THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT  NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DIS- CLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEAPLARY,  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVIC- ES; LOSS OF USE, DA
                    
                    Summary of the content on the page No. 10 
                    
                        10 FCC Statements for WLAN—Security Switches (23xx) This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to  Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful  interference when the equipment is operated in a commercial environment. This equipment generates, uses,  and can radiate radio frequency energy and, if not installed and used in accordance with the instruction  manual, may cause harmfu
                    
                    Summary of the content on the page No. 11 
                    
                        11 Deployment Statement This product is certified for indoor deployment only. Do not install or use this product outdoors. Industry Canada Required User Information for WLAN—Access Points  (2330) This device has been designed to operate with antennae having maximum gains of 7.8 dBi (2.4 GHz) and  7.4 dBi (5 GHz). Antennae having higher gains is strictly prohibited per regulations of Industry Canada. The required antenna  impedance is 50 ohms. To reduce potential radio interference to other users
                    
                    Summary of the content on the page No. 12 
                    
                        12 320657-A                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         
                    
                    Summary of the content on the page No. 13 
                    
                        13 Contents How to get Help 29 Introducing the Nortel WLAN 2300 System 31 Nortel WLAN 2300 System  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Documentation  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32 Safety and Advisory Notices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Text and Syntax Conventions  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 
                    
                    Summary of the content on the page No. 14 
                    
                        14 Contents Setting the WSS Switch Enable Password . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 Authenticating at the Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Customizing AAA with “Wildcards” and Groups  . . . . . . . . . . . . . . . . . . . . . . . 61 Setting User Passwords  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62 Adding and Clearing Local Users for Administrative Access  . . . . . . . . . . . .
                    
                    Summary of the content on the page No. 15 
                    
                        Contents 15 Configuring the Aging Timeout Period  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 Port and VLAN Configuration Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 Configuring and Managing IP Interfaces and Services 107 MTU Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Configuring and Managing IP Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 Ad
                    
                    Summary of the content on the page No. 16 
                    
                        16 Contents Configuring and Managing NTP  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 Adding an NTP Server  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 Removing an NTP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 Changing the NTP Update Interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144 Resetting the Update Interval to the Default . . . . . . . . . . . . . .
                    
                    Summary of the content on the page No. 17 
                    
                        Contents 17 Configuring and Managing Mobility Domain Roaming 175 About the Mobility Domain Feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 Configuring a Mobility Domain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 Configuring the Seed  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 Configuring Member WSSs on the Seed  . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 Configurin
                    
                    Summary of the content on the page No. 18 
                    
                        18 Contents Configuring Encryption for MAC Clients  . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217 Configuring AP access points 221 AP Overview  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221 Country of Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223 Directly Connected APs and Distributed APs . . . . . . . . . . . . . . . . . . . . . . . . 224 Service Profiles . . . . . .
                    
                    Summary of the content on the page No. 19 
                    
                        Contents 19 Channel and Power Tuning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 RF Auto-Tuning Parameters  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 Changing RF Auto-Tuning Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296 Changing Channel Tuning Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297 Changing Power Tuning Settings  . . . . . . . . . . . . . . . . . . . 
                    
                    Summary of the content on the page No. 20 
                    
                        20 Contents Clearing STP Statistics  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332 Spanning Tree Configuration Scenario  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332 Configuring and Managing IGMP Snooping 335 Disabling or Reenabling IGMP Snooping  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335 Disabling or Reenabling Proxy Reporting  . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335 Enabling the Pseudo-