Quick Start Guide
Page 2
... in compliance with the plastic guides on solidly when a link to be ) with all technical disciplines becomes available for further assistance and support. The light flashes when traffic is complete. 4. If a non-power device is on , the user is encouraged to try to the...Motorola approved power supply output rated at : 1-800-722-6234, inside North America +1-631-738-5200, in a standard rack. The power supply shall be obtained from the wireless switch (KTMTDP-WS-2000-WW or KT-MTG-WS-2000-WW). Push the switch into place on how to return product, go to any Layer 2/3 network device...
... in compliance with the plastic guides on solidly when a link to be ) with all technical disciplines becomes available for further assistance and support. The light flashes when traffic is complete. 4. If a non-power device is on , the user is encouraged to try to the...Motorola approved power supply output rated at : 1-800-722-6234, inside North America +1-631-738-5200, in a standard rack. The power supply shall be obtained from the wireless switch (KTMTDP-WS-2000-WW or KT-MTG-WS-2000-WW). Push the switch into place on how to return product, go to any Layer 2/3 network device...
Reference Guide
Page 4
TOC-2 WS2000 Wireless Switch System Reference Guide 3.2.1 The DHCP Configuration 3-4 3.2.2 Advanced DHCP Settings 3-5 3.3 Configuring Subnet Access 3-6 3.3.1 The Access Overview Table 3-7 3.3.2 The ...Ethernet (PPPoE) Communication 4-3 4.2 Configuring the WS 2000 Firewall 4-5 4.2.1 Disabling the Firewall 4-5 4.2.2 Setting the NAT Timeout 4-5 4.2.3 Configurable Firewall Filters 4-6 4.3 Configuring Network Address Translation (NAT 4-8 4.4 Configuring Static Routes 4-10 4.4.1 Configuring the Default Gateway Interface 4-10 4.4.2 Creating User Defined Routes 4-11 4.4.3 Setting the RIP ...
TOC-2 WS2000 Wireless Switch System Reference Guide 3.2.1 The DHCP Configuration 3-4 3.2.2 Advanced DHCP Settings 3-5 3.3 Configuring Subnet Access 3-6 3.3.1 The Access Overview Table 3-7 3.3.2 The ...Ethernet (PPPoE) Communication 4-3 4.2 Configuring the WS 2000 Firewall 4-5 4.2.1 Disabling the Firewall 4-5 4.2.2 Setting the NAT Timeout 4-5 4.2.3 Configurable Firewall Filters 4-6 4.3 Configuring Network Address Translation (NAT 4-8 4.4 Configuring Static Routes 4-10 4.4.1 Configuring the Default Gateway Interface 4-10 4.4.2 Creating User Defined Routes 4-11 4.4.3 Setting the RIP ...
Reference Guide
Page 6
...-4 WS2000 Wireless Switch System Reference Guide 6.2.1 Configuring the RADIUS Server 6-5 6.2.2 Configuring Lightweight Directory Access Protocol (LDAP) Authentication 6-7 6.2.3 Setting Up a Proxy RADIUS Server 6-8 6.2.4 Managing the Local User Database 6-9 6.2.5 Adding New Guest Users Quickly 6-11 6.2.6 Setting the User Access Policy 6-12 6.3 Managing Digital Certificates 6-13 6.3.1 Importing CA Certificates 6-13 6.3.2 Creating Self Certificates 6-15 Chapter 7: Switch Administration 7.1 Overview of Administration Support 7-2 7.2 Restarting the WS...
...-4 WS2000 Wireless Switch System Reference Guide 6.2.1 Configuring the RADIUS Server 6-5 6.2.2 Configuring Lightweight Directory Access Protocol (LDAP) Authentication 6-7 6.2.3 Setting Up a Proxy RADIUS Server 6-8 6.2.4 Managing the Local User Database 6-9 6.2.5 Adding New Guest Users Quickly 6-11 6.2.6 Setting the User Access Policy 6-12 6.3 Managing Digital Certificates 6-13 6.3.1 Importing CA Certificates 6-13 6.3.2 Creating Self Certificates 6-15 Chapter 7: Switch Administration 7.1 Overview of Administration Support 7-2 7.2 Restarting the WS...
Reference Guide
Page 24
...manage rogue Access Ports • Management of communications QoS 1.4.3 Gateway Services Gateway services provide interconnectivity between mobile units (MUs) on the Wireless LAN (WLAN) and the wired network. 1-6 WS2000 Wireless Switch System Reference Guide 1.4 Software Overview The WS 2000 Wireless Switch ...WS 2000 Wireless Switch communicates with Access Ports by sending a synchronized electronic "heartbeat" at regular intervals • Track MUs when they roam from one location to a wired network, and includes the following : • System management through a Web-based Graphical User...
...manage rogue Access Ports • Management of communications QoS 1.4.3 Gateway Services Gateway services provide interconnectivity between mobile units (MUs) on the Wireless LAN (WLAN) and the wired network. 1-6 WS2000 Wireless Switch System Reference Guide 1.4 Software Overview The WS 2000 Wireless Switch ...WS 2000 Wireless Switch communicates with Access Ports by sending a synchronized electronic "heartbeat" at regular intervals • Track MUs when they roam from one location to a wired network, and includes the following : • System management through a Web-based Graphical User...
Reference Guide
Page 42
....1.200.24:24576. 3-6 WS2000 Wireless Switch System Reference Guide 7. This is reserved for available IP addresses. The DHCP server grants an IP address for example, in active use . Only port 24576 is supported. 13.Option 43 is used to specify the IP address of specified devices provides corresponding static IP addresses for users, mobile units, and...
....1.200.24:24576. 3-6 WS2000 Wireless Switch System Reference Guide 7. This is reserved for available IP addresses. The DHCP server grants an IP address for example, in active use . Only port 24576 is supported. 13.Option 43 is used to specify the IP address of specified devices provides corresponding static IP addresses for users, mobile units, and...
Reference Guide
Page 74
...the selected authentication algorithm, provide a 32-character hexadecimal key. The setting for the WS 2000 end of the Certificate Authority. 5. MD5 SHA1 Enables the Message Digest 5...data (either the qualified domain name or the user name) in the IKE Authentication Passphrase field. 4-20 WS2000 Wireless Switch System Reference Guide 3. Select the Operation Mode for communication and ... the IKE Encryption Algorithm menu to use public key encryption. 4. See Managing Digital Certificates to the aggressive exchange. Select the desired authentication methods from the...
...the selected authentication algorithm, provide a 32-character hexadecimal key. The setting for the WS 2000 end of the Certificate Authority. 5. MD5 SHA1 Enables the Message Digest 5...data (either the qualified domain name or the user name) in the IKE Authentication Passphrase field. 4-20 WS2000 Wireless Switch System Reference Guide 3. Select the Operation Mode for communication and ... the IKE Encryption Algorithm menu to use public key encryption. 4. See Managing Digital Certificates to the aggressive exchange. Select the desired authentication methods from the...
Reference Guide
Page 90
...ports 1645 and 1646. 5-8 WS2000 Wireless Switch System Reference Guide The authentication method sets a challenge-response procedure for validating user credentials such as a failover server if the switch cannot successfully contact the primary server. 4. The WS 2000 Wireless Switch provides two methods for specific ...1646 or 1813 is required to display a sub-screen for authenticating users: 802.1x EAP and Kerberos. EAP supports multiple authentication measures. The ISP or a network administrator can confirm the appropriate primary and secondary port numbers. Providing ...
...ports 1645 and 1646. 5-8 WS2000 Wireless Switch System Reference Guide The authentication method sets a challenge-response procedure for validating user credentials such as a failover server if the switch cannot successfully contact the primary server. 4. The WS 2000 Wireless Switch provides two methods for specific ...1646 or 1813 is required to display a sub-screen for authenticating users: 802.1x EAP and Kerberos. EAP supports multiple authentication measures. The ISP or a network administrator can confirm the appropriate primary and secondary port numbers. Providing ...
Reference Guide
Page 92
... across an insecure network connection. NTP is encrypted with the switch. The WS 2000 Wireless Switch provides four methods for the Kerberos configuration. WPA-TKIP offers the highest level of security among the encryption methods available with the user's password. After...Network Time Protocol (NTP) Server. 10.Click Ok when done. 5.3.4 Setting the Encryption Method Encryption applies a specific algorithm to data to display a sub-screen for authentication settings. 3. Click the Kerberos Configuration button to alter its original form. 5-10 WS2000 Wireless Switch System Reference Guide...
... across an insecure network connection. NTP is encrypted with the switch. The WS 2000 Wireless Switch provides four methods for the Kerberos configuration. WPA-TKIP offers the highest level of security among the encryption methods available with the user's password. After...Network Time Protocol (NTP) Server. 10.Click Ok when done. 5.3.4 Setting the Encryption Method Encryption applies a specific algorithm to data to display a sub-screen for authentication settings. 3. Click the Kerberos Configuration button to alter its original form. 5-10 WS2000 Wireless Switch System Reference Guide...
Reference Guide
Page 128
... name for the WS 2000 Wireless Switch. The switch administrator can be accessed from System Configuration -> System Settings --> WS2000 Access menu item on an enabled subnet or over the WAN can also change any settings within the WS 2000 Network Management System. 6-2 WS2000 Wireless Switch System Reference Guide 6.1 Configuring Administrator Access The WS 2000 Network Management System allows users to log in to the WS2000 switch from different...
... name for the WS 2000 Wireless Switch. The switch administrator can be accessed from System Configuration -> System Settings --> WS2000 Access menu item on an enabled subnet or over the WAN can also change any settings within the WS 2000 Network Management System. 6-2 WS2000 Wireless Switch System Reference Guide 6.1 Configuring Administrator Access The WS 2000 Network Management System allows users to log in to the WS2000 switch from different...
Reference Guide
Page 130
...8226; The LDAP screen allows the administrator to change the switch administrator's password. 1. Select Admin or Manager from either an HTTP or HTTPs connection. The sub- NOTE: 6.2 Configuring User Authentication The WS 2000 Wireless Switch provides an integrated RADIUS server as well as set up ...focus will never be timed out. 6.1.6 Changing the Administrator Password Click the Change Admin/Manager Password button (In the bottom right of inactive minutes allowed in both fields, and click the Update Password Now button. 6-4 WS2000 Wireless Switch System Reference Guide 3.
...8226; The LDAP screen allows the administrator to change the switch administrator's password. 1. Select Admin or Manager from either an HTTP or HTTPs connection. The sub- NOTE: 6.2 Configuring User Authentication The WS 2000 Wireless Switch provides an integrated RADIUS server as well as set up ...focus will never be timed out. 6.1.6 Changing the Administrator Password Click the Change Admin/Manager Password button (In the bottom right of inactive minutes allowed in both fields, and click the Update Password Now button. 6-4 WS2000 Wireless Switch System Reference Guide 3.
Reference Guide
Page 134
... servers are made. RADIUS Server IP Enter the IP address of the users to be sent to the specified proxy server. 6-8 WS2000 Wireless Switch System Reference Guide Group Member Attribute Specify the Group Member Attribute to be acting as a... proxy server. Enter a value between 5 and 10 in the following are the additional settings that will cause the switch to time out on a request to your changes. 6.2.3 Setting Up a Proxy RADIUS Server The WS 2000 Wireless Switch...
... servers are made. RADIUS Server IP Enter the IP address of the users to be sent to the specified proxy server. 6-8 WS2000 Wireless Switch System Reference Guide Group Member Attribute Specify the Group Member Attribute to be acting as a... proxy server. Enter a value between 5 and 10 in the following are the additional settings that will cause the switch to time out on a request to your changes. 6.2.3 Setting Up a Proxy RADIUS Server The WS 2000 Wireless Switch...
Reference Guide
Page 162
... SNMP v1/v2c community definitions and SNMP v3 user definitions associated with the traps themselves. SNMP v3 provides greatly enhanced security protocols. 7-20 WS2000 Wireless Switch System Reference Guide 7.9 Configuring SNMP The Simple Network Management Protocol (SNMP) facilitates the exchange of management information between network devices. SNMP v1 and v2c provide a strong network management system, but their security is relatively weak. The...
... SNMP v1/v2c community definitions and SNMP v3 user definitions associated with the traps themselves. SNMP v3 provides greatly enhanced security protocols. 7-20 WS2000 Wireless Switch System Reference Guide 7.9 Configuring SNMP The Simple Network Management Protocol (SNMP) facilitates the exchange of management information between network devices. SNMP v1 and v2c provide a strong network management system, but their security is relatively weak. The...
Reference Guide
Page 242
.... The following links show the tasks that Leo will configure the WS 2000 as a DHCP server giving out internal-use-only IP addresses and use network address translation (NAT) in any way that WS 2000 and use the VPN as a user authentication method and a data encryption method. If two groups of...Because each WLAN can be broken with several hours. See the retail case study for a field office with the same key. 12-30 WS2000 Wireless Switch System Reference Guide 12.16 Field Office Use Case 12.16.1 A Field Office Example 12.16.1.1 Background Leo is connected to the Internet and to corporate ...
.... The following links show the tasks that Leo will configure the WS 2000 as a DHCP server giving out internal-use-only IP addresses and use network address translation (NAT) in any way that WS 2000 and use the VPN as a user authentication method and a data encryption method. If two groups of...Because each WLAN can be broken with several hours. See the retail case study for a field office with the same key. 12-30 WS2000 Wireless Switch System Reference Guide 12.16 Field Office Use Case 12.16.1 A Field Office Example 12.16.1.1 Background Leo is connected to the Internet and to corporate ...
Reference Guide
Page 260
...rotation to both ends of the communication. If Leo was not using 802.1X EAP user authentication, that Key Settings section is grayed out for broadcast communication is changed. 12-48 WS2000 Wireless Switch System Reference Guide q Leo clicks the Ok button to be entered here, in the Key Settings ...section. However, with 802.1x EAP, the RADIUS server supplies the initial key, so that initial key would need to set the frequency with which the key for Leo. By default, the WS...
...rotation to both ends of the communication. If Leo was not using 802.1X EAP user authentication, that Key Settings section is grayed out for broadcast communication is changed. 12-48 WS2000 Wireless Switch System Reference Guide q Leo clicks the Ok button to be entered here, in the Key Settings ...section. However, with 802.1x EAP, the RADIUS server supplies the initial key, so that initial key would need to set the frequency with which the key for Leo. By default, the WS...
Reference Guide
Page 272
... marketing WLAN, and the third This specifies how the network packets will be encrypted between the two WS 2000 switches to confirm this WS 2000 must match the outbound key on the other WS 2000. Finally, the Inbound and Outbound SPI fields in...WS 2000 so that it will match the Outbound ESP Encryption Key on the other . The inbound Security Parameter Index (SPI) for data encryption over the wireless link. Leo selects Secure Hash Algorithm 1 or SHA1 as the method and enters inbound and outbound 40 character authentication keys. 12-60 WS2000 Wireless Switch System Reference Guide...
... marketing WLAN, and the third This specifies how the network packets will be encrypted between the two WS 2000 switches to confirm this WS 2000 must match the outbound key on the other WS 2000. Finally, the Inbound and Outbound SPI fields in...WS 2000 so that it will match the Outbound ESP Encryption Key on the other . The inbound Security Parameter Index (SPI) for data encryption over the wireless link. Leo selects Secure Hash Algorithm 1 or SHA1 as the method and enters inbound and outbound 40 character authentication keys. 12-60 WS2000 Wireless Switch System Reference Guide...
Reference Guide
Page 540
... cfgpath primary/ secondary Sets the FTP/TFTP server IP address (a.b.c.d). Sets the configuration file name (up to the WS 2000 Wireless Switch. Sets the active partition on board flash or the compact flash card attached to 31 characters) Example: FTP Set...manager logins. Sets the firmware filename (up to 39 characters). Sets the firmware boot device to 39 characters). Sets the FTP user name (up to either the on the compact flash card. Sets the FTP password (up to 39 characters). partition import- 13-266 WS2000 Wireless Switch System Reference Guide WS2000...
... cfgpath primary/ secondary Sets the FTP/TFTP server IP address (a.b.c.d). Sets the configuration file name (up to the WS 2000 Wireless Switch. Sets the active partition on board flash or the compact flash card attached to 31 characters) Example: FTP Set...manager logins. Sets the firmware filename (up to 39 characters). Sets the firmware boot device to 39 characters). Sets the FTP user name (up to either the on the compact flash card. Sets the FTP password (up to 39 characters). partition import- 13-266 WS2000 Wireless Switch System Reference Guide WS2000...
Reference Guide
Page 630
The items available under this command are shown below. quit Quits the CLI. .. add Adds an administrative user delete Removes an administrative user restart Restarts the WS 2000 Wireless Switch set Sets WS 2000 system parameters. 13-356 WS2000 Wireless Switch System Reference Guide 13.71 System WS2000 Commands WS2000>admin(system)> ws2000) Description: Displays the WS 2000 submenu. Goes to the parent menu. / Goes to system flash. show Shows WS 2000 system parameter settings. save Saves the configuration to the root menu.
The items available under this command are shown below. quit Quits the CLI. .. add Adds an administrative user delete Removes an administrative user restart Restarts the WS 2000 Wireless Switch set Sets WS 2000 system parameters. 13-356 WS2000 Wireless Switch System Reference Guide 13.71 System WS2000 Commands WS2000>admin(system)> ws2000) Description: Displays the WS 2000 submenu. Goes to the parent menu. / Goes to system flash. show Shows WS 2000 system parameter settings. save Saves the configuration to the root menu.
Reference Guide
Page 636
Example: admin(system.ws2000)>show all of the WS 2000 system information. 13-362 WS2000 Wireless Switch System Reference Guide WS2000>admin(system.ws2000)> show all Shows all system name system location admin email address system uptime WS2000 firmware version country code applet... user name airbeam access password : Atlanta1 : Atlanta Field Office : [email protected] : 0 days 4 hours 33 minutes : 1.5.0.0-200b : us : enable : disable : enable : disable : enable : disable : enable : enable : disable : airbeam : ******** admin(system.ws2000)> Syntax: show Description: Shows WS ...
Example: admin(system.ws2000)>show all of the WS 2000 system information. 13-362 WS2000 Wireless Switch System Reference Guide WS2000>admin(system.ws2000)> show all Shows all system name system location admin email address system uptime WS2000 firmware version country code applet... user name airbeam access password : Atlanta1 : Atlanta Field Office : [email protected] : 0 days 4 hours 33 minutes : 1.5.0.0-200b : us : enable : disable : enable : disable : enable : disable : enable : enable : disable : airbeam : ******** admin(system.ws2000)> Syntax: show Description: Shows WS ...
Reference Guide
Page 672
Index-2 WS 2000 Wireless Switch System Reference Guide RIP 4-12 setting method 2-10 setting up for AP 300 5-29 user, configuring 6-4 WAN methods 2-8, 4-4 WLANs 5-7 authorization levels 7-21 automatic key exchange description 4-15 setting...description 3-11 DHCP advanced settings 3-5 configuration 3-4 description 2-6 firmware upload options 7-9 setting up server 7-10 Diffie-Hellman groups 4-21 digital certificates, managing 6-13 dimensions 1-4 Domain Name Service (DNS) protocol 3-8 downloads, updated firmware 7-7 DTIM period 5-22, 5-23, 5-27 Dynamic Host Configuration Protocol...
Index-2 WS 2000 Wireless Switch System Reference Guide RIP 4-12 setting method 2-10 setting up for AP 300 5-29 user, configuring 6-4 WAN methods 2-8, 4-4 WLANs 5-7 authorization levels 7-21 automatic key exchange description 4-15 setting...description 3-11 DHCP advanced settings 3-5 configuration 3-4 description 2-6 firmware upload options 7-9 setting up server 7-10 Diffie-Hellman groups 4-21 digital certificates, managing 6-13 dimensions 1-4 Domain Name Service (DNS) protocol 3-8 downloads, updated firmware 7-7 DTIM period 5-22, 5-23, 5-27 Dynamic Host Configuration Protocol...
Reference Guide
Page 674
... 2-3 settings 7-22 placement, radio 5-20 Point-to Many 4-8 configuring 4-8, 12-13 forward vs. Index-4 WS 2000 Wireless Switch System Reference Guide M MAC addresses description 5-17 start and end range 5-5 MAIL command 4-25 manual key exchange configuring 4-15 ... setting up 12-41 Network Address Translation, see NAT network traps 7-25 NTP server, specifying 7-27 O operating system services 1-6 P PAP authentication 2-8, 4-4 passwords AirBEAM 6-3 changing for 8-5 LDAP settings 6-7 local user database 6-9 proxy configuration 6-8 shared secret 5-9 user access policy 6-12, ...
... 2-3 settings 7-22 placement, radio 5-20 Point-to Many 4-8 configuring 4-8, 12-13 forward vs. Index-4 WS 2000 Wireless Switch System Reference Guide M MAC addresses description 5-17 start and end range 5-5 MAIL command 4-25 manual key exchange configuring 4-15 ... setting up 12-41 Network Address Translation, see NAT network traps 7-25 NTP server, specifying 7-27 O operating system services 1-6 P PAP authentication 2-8, 4-4 passwords AirBEAM 6-3 changing for 8-5 LDAP settings 6-7 local user database 6-9 proxy configuration 6-8 shared secret 5-9 user access policy 6-12, ...