hit counter script
HP ProCurve 530 NA (J8986A) Management And Configuration Manual
  1. Manuals
  2. Brands
  3. HP Manuals
  4. Wireless Access Point
  5. ProCurve 530 NA (J8986A)
  6. Management and configuration manual

HP ProCurve 530 NA (J8986A) Management And Configuration Manual

Hide thumbs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
Table of Contents

Advertisement

Quick Links

ProCurve Wireless Access Point 530
www.procurve.com
Management and
Configuration Guide

Advertisement

Table of Contents
loading

Related Manuals for HP ProCurve 530 NA (J8986A)

Summary of Contents for HP ProCurve 530 NA (J8986A)

  • Page 1 Management and Configuration Guide ProCurve Wireless Access Point 530 www.procurve.com...
  • Page 3 ProCurve Wireless Access Point 530 Management and Configuration Guide...
  • Page 4 Publication Number The only warranties for HP products and services are set forth in the express warranty statements accompanying 5991-2193 such products and services. Nothing herein should be December 2008 construed as constituting an additional warranty.

  • Page 5: Table Of Contents

    Contents 1 Getting Started Overview ............1-3 Conventions .
  • Page 6 Password Security ......... . . 3-6 Logging In .
  • Page 7 Changing the Management Password ......4-24 If You Lose the Password ....... . 4-26 Rebooting or Resetting the Access Point .
  • Page 8 CLI: Enabling & Disabling SNMPv3 ......5-39 Web: Managing SNMPv3 Users ....... 5-40 CLI: Managing SNMPv3 Users .
  • Page 9 CLI: Setting the Radio Working Mode ......6-11 Configuring the Radio Channel and Other Basic Settings ..6-12 Web: Configuring Basic Radio Settings .
  • Page 10 Encryption ..........7-8 Wired Equivalent Privacy (WEP) .
  • Page 11 Guidelines for AP Authentication ......7-53 Web: Configuring AP Authentication ......7-54 CLI: Configuring AP Authentication .
  • Page 12 CLI: Configuring QoS Parameters ......8-8 sFlow ............8-12 Flow Sampling by the sFlow Agent .
  • Page 13 show ........... . . 9-14 terminal .
  • Page 14 snmpv3 enable ..........9-46 snmpv3 user-name .
  • Page 15 MAC Lockout ..........9-75 lockout-mac .
  • Page 16 ssid ........... . . 9-102 description .
  • Page 17 wpa-allowed | wpa2-allowed ....... . 9-131 wpa-pre-shared-key ........9-132 wpa-cipher-tkip .
  • Page 18 enable (wds) ..........9-158 wds-ssid .
  • Page 19 Overview ........... . . B-3 System Management .
  • Page 20 Airport Case 2 – With RF Group Name ......C-5 Settings ..........C-5 Decisions: AP #1 .

  • Page 21: Getting Started

    Getting Started...
  • Page 22 Getting Started Contents Overview ............1-3 Conventions .

  • Page 23: Overview

    Getting Started Overview Overview This Management and Configuration Guide is intended to support the following access points: ■ ProCurve Wireless Access Point 530 NA (J8986A) ProCurve Wireless Access Point 530 WW (J8987A) ■ This guide describes how to use the command line interface (CLI) and Web browser interface to configure, manage, and monitor access point operation.

  • Page 24: Command Prompts

    Getting Started Overview Command Prompts In the default configuration, your access point displays the following CLI prompt: ProCurve Access Point 530# Screen Examples Figures containing examples of screen text and command output look like this: ProCurve Access Point 530# show version Image Software Version WA.02.00.0412 Boot Software Version...

  • Page 25: Getting Documentation From The Web

    Getting Started Overview To view and download a copy of the latest release notes for your access point, “Getting Documentation from the Web” on page 1-5. Getting Documentation from the Web Go to the ProCurve Networking Web site at http://www.procurve.com/manuals Click on the name of the product for which you want documentation.

  • Page 26: Need Just A Quick Start

    If you just want to give the access point an IP address so that it can commu- nicate on your network, HP recommends that you use the CLI to quickly configure IP addressing. To do so, do one of the following: Log in to the CLI interface using the default username and password (“admin and admin”).

  • Page 27: To Set Up And Install The Access Point In Your Network

    Getting Started Need Just a Quick Start? To Set Up and Install the Access Point in Your Network I m p o r t a n t ! Use the Installation and Getting Started Guide shipped with your access point for the following: ■...
  • Page 28 Getting Started Need Just a Quick Start? — This page is intentionally unused. —...

  • Page 29: Selecting A Management Interface

    Selecting a Management Interface...

  • Page 30: Contents

    Selecting a Management Interface Contents Contents Overview ............2-3 Understanding Management Interfaces .

  • Page 31: Overview

    Selecting a Management Interface Overview Overview This chapter describes the following: Access Point management interfaces ■ ■ Advantages of using each interface type...

  • Page 32: Understanding Management Interfaces

    Selecting a Management Interface Understanding Management Interfaces Understanding Management Interfaces The Access Point 530 management interfaces enable you to reconfigure the access point and to monitor its status and performance. Interface types include: ■ CLI—a command line interface offering the full set of access point commands through the VT-100/ANSI console built into the access point.

  • Page 33: Advantages Of Using The Cli

    Selecting a Management Interface Advantages of Using the CLI Advantages of Using the CLI Manager Exec Level ProCurve Access Point 530# Global Configuration Level ProCurve Access Point 530(config)# Interface Configuration Levels ProCurve Access Point Context-specific configurations, such as (ethernet, wds1, radio1, 530(<interface>)# radio1-wlan1).

  • Page 34: Advantages Of Using The Procurve Access Point 530 Browser Interface

    Selecting a Management Interface Advantages of Using the ProCurve Access Point 530 Browser Interface Advantages of Using the ProCurve Access Point 530 Browser Interface Figure 2-2. Example of the ProCurve Access Point 530 Browser Interface ■ Easy access to the access point from anywhere on the network. ■...

  • Page 35: Using The Command Line Interface (Cli)

    Using the Command Line Interface (CLI)

  • Page 36: Contents

    Using the Command Line Interface (CLI) Contents Contents Overview ............3-3 Accessing the CLI .

  • Page 37: Overview

    Using the Command Line Interface (CLI) Overview Overview The Command Line Interface (CLI) is a text-based command interface for configuring and monitoring the access point. The CLI gives you access to the access point’s full set of commands while providing the same password protection that is used in the Web browser interface.

  • Page 38: Accessing The Cli

    Direct Console Access To connect a console directly to the access point, use a null-modem cable or an HP serial cable, part number 5184-1894 (shipped with many HP ProCurve switches) Connect the serial cable between a VT-100 terminal or a PC terminal emulator and the access point’s Console port.

  • Page 39: Telnet Access

    Using the Command Line Interface (CLI) Accessing the CLI [Enter] When correctly connected to the access point, press to initiate the console session. For more information on connecting to the access point’s Console port, refer to the Installation and Getting Started Guide. N o t e The default Static IP address is 192.168.1.10.

  • Page 40: Using The Cli

    CLI command modes. C a u t i o n HP strongly recommends that you configure a Manager password. If a Manager password is not configured, the access point is not password- protected, and anyone having in-band or out-of-band access to the access point may be able to compromise access point and network security.

  • Page 41: Logging In

    Using the Command Line Interface (CLI) Using the CLI Logging In When you log onto the access point CLI, you will be prompted to enter an account user name (the default is admin). After entry of the user name, you will be prompted for the password. The default password is admin.

  • Page 42: Command Levels

    Using the Command Line Interface (CLI) Using the CLI Command Levels 1. Manager Exec Level 2. Global Configuration Level 3. Context Configuration Level Interface & WDS Levels Radio Level: WLAN Sub Configuration Figure 3-2. Access Sequence for Command Levels Configuration commands on the Access Point 530 are grouped into three levels: Manager Exec Level Manager Exec level allows you to examine the current configuration, perform...

  • Page 43: Context-Specific Configuration Levels

    Using the Command Line Interface (CLI) Using the CLI Context-Specific Configuration Levels The Context Configuration level gives access to specific groups of commands depending on whether you are configuring the Ethernet interface, a WDS interface, a Radio, or a WLAN. Additionally, all the commands available at the lower Manager Exec and Global Configuration levels are available.

  • Page 44: Moving Between Command Levels

    Using the Command Line Interface (CLI) Using the CLI Moving Between Command Levels Table 3-2. Moving Between Command Levels Change in Levels Example of Prompt, Command, and Result Manager Exec ProCurve Acess Point 530# config ProCurve Acess Point 530(config)# Global configuration Global Configuration ProCurve Acess Point 530(config)# interface to a...

  • Page 45: Options For Getting Help In The Cli

    Using the Command Line Interface (CLI) Using the CLI Options for Getting Help in the CLI At any command level in the AP530 CLI you can: ■ Display all commands available at that level Display the completion of a command you have started to type ■...
  • Page 46 Using the Command Line Interface (CLI) Using the CLI Typing ? at the Global Configuration level produces this listing: ProCurve Access Point 530(config)# ? ap-authentication Configure username/password this access point uses to au thenticate to the network. buttons Enable/disable the ability to clear the password(s) and/ or configuration(s) via the buttons on this device.

  • Page 47: Completing The Current Command

    Using the Command Line Interface (CLI) Using the CLI Typing ? at the Context Configuration level produces similar results, depending on the context. If - - MORE - - appears below the help list, then there are more commands to be displayed.

  • Page 48: Displaying Available Command Options

    Using the Command Line Interface (CLI) Using the CLI Displaying Available Command Options You can display a reminder of the options available for the current command by entering "?" or the [Tab] key in place of the next option. For example, to see the command options for configuring SNMP: ProCurve Access Point 530(config)# snmp-server ? community...

  • Page 49: Cli Control And Editing

    Using the Command Line Interface (CLI) CLI Control and Editing CLI Control and Editing Keystrokes Function [Ctrl] [A] Jumps to the first character of the command line. [Ctrl] [B] or [<] Moves the cursor back (to the left) one character. [Ctrl] [C] Terminates a task if one is running and displays the command line.
  • Page 50 Using the Command Line Interface (CLI) CLI Control and Editing — This page is intentionally unused. — 3-16...

  • Page 51: Using The Procurve Web Browser Interface

    Using the ProCurve Web Browser Interface...

  • Page 52: Contents

    Using the ProCurve Web Browser Interface Contents Contents Overview ............4-3 Starting a Web Browser Interface Session with the Access Point .

  • Page 53: Overview

    Using the ProCurve Web Browser Interface Overview Overview The Access Point 530 Web browser interface lets you easily access the access point from a browser-based PC on your network. This chapter covers the following: Starting a Web browser interface session ■...

  • Page 54: Starting A Web Browser Interface Session With The Access Point

    Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Access Point Starting a Web Browser Interface Session with the Access Point You can start a Web browser session using a standalone Web browser on a network connection from a PC in the following ways: •...
  • Page 55 Using the ProCurve Web Browser Interface Starting a Web Browser Interface Session with the Access Point N o t e Access point management can be limited to access from the Ethernet inter- “Setting Up Filter Control” on page 5-55. face. For more on this feature, see Type the IP address (or DNS name) of the access point in the browser Location .

  • Page 56: Description Of The Web Interface

    Using the ProCurve Web Browser Interface Description of the Web Interface Description of the Web Interface Subjects covered in this section include: The Home Page ■ ■ The Support Page ■ Online Help The Home Page The home page is the entry point for the Web browser interface. The following figure identifies the various parts of the screen.

  • Page 57: Support Window

    Using the ProCurve Web Browser Interface Description of the Web Interface Support Window Clicking on the Support option in the upper-right corner of any of the Web browser interface screens displays a pop-up window displaying links to online support options. The support page provides key information regarding your access point, including links to white papers, software updates, and more.

  • Page 58: Using The Help In The Browser Interface

    Using the ProCurve Web Browser Interface Description of the Web Interface Using the Help in the Browser Interface Clicking on the Help option in the upper-right corner of any of the Web browser interface screens displays a pop-up window displaying details about the page you are viewing.

  • Page 59: Web Interface Screens

    Using the ProCurve Web Browser Interface Web Interface Screens Web Interface Screens The four menu sashes at the left side of the Web interface contain the four main screen groups: Device Information ■ ■ Network Setup Management ■ Special Features. ■...

  • Page 60: Device Information Group

    Using the ProCurve Web Browser Interface Web Interface Screens Device Information Group The Device Information sash is the first logical group available on the Web- interface menu. This sash provides access to the following screens: • Device Information (Access Point 530 Home Page) •...

  • Page 61: Device Information Summary

    Using the ProCurve Web Browser Interface Web Interface Screens Device Information Summary The Device Information summary screen is primarily informational, but also serves as the configuration screen for basic system information (as described “Web: Setting the System Name, Location, and Contact” on page 5-15).

  • Page 62: Wireless Stations Screen

    Using the ProCurve Web Browser Interface Web Interface Screens Wireless Stations Screen Accessed through the Wireless Stations option on the Device Information sash, the Wireless Stations screen displays radio and network station status details. Figure 4-7. The Wireless Stations Screen The Wireless Stations screen displays client stations associated with a partic- ular access point.
  • Page 63 Using the ProCurve Web Browser Interface Web Interface Screens when the access point is using "wpa-psk" security on the WLAN. If the WLAN is set to “static-wep” or “no-security”, this parameter displays “n/ a” as it does not apply. ■ Received Packets: Indicates total packets received by this access point.

  • Page 64: Ap/Lan Statistics Screen

    Using the ProCurve Web Browser Interface Web Interface Screens AP/LAN Statistics Screen Accessed through the AP/LAN Statistics option on the Device Information sash, the AP/LAN Statistics screen displays transmit/receive details. Figure 4-8. The AP/LAN Statistics Screen The AP/LAN Statistics screen displays the following information: ■...

  • Page 65: Wireless Statistics Screen

    Using the ProCurve Web Browser Interface Web Interface Screens Wireless Statistics Screen Accessed through the Wireless Statistics option on the Device Information sash, the Wireless Statistics screen displays transmit/receive details. Figure 4-9. The Wireless Statistics Screen The Wireless Statistics screen displays dual radio information: ■...
  • Page 66 Using the ProCurve Web Browser Interface Web Interface Screens Receive Total Packets: Indicates total packets received over the radio ■ or WDS link. ■ Transmit Total Bytes: Indicates total bytes sent over the radio or WDS link. Receive Total Bytes: Indicates total bytes received over the radio or ■...

  • Page 67: Event Log Screen

    Using the ProCurve Web Browser Interface Web Interface Screens Event Log Screen Accessed through the Wireless Statistics option on the Device Information sash, the Wireless Statistics screen displays transmit/receive details. Figure 4-10. The Event Log Screen The Event Log tab displays the following information: ■...

  • Page 68: Network Setup Group

    Using the ProCurve Web Browser Interface Web Interface Screens Network Setup Group The Network Setup sash is the second logical group available on the Web- interface menu. Once accessed, it defaults to the Network Setup screen. This group provides access to the following screens: •...

  • Page 69: Network Setup Summary

    Using the ProCurve Web Browser Interface Web Interface Screens Network Setup Summary Accessed through the Network Setup sash, the Network Setup screen displays the Ethernet and radio features within the network setup group. Figure 4-11. The Network Setup Summary Screen The Network Setup screen summarizes: Ethernet: details basic Ethernet parameters.

  • Page 70: Management Group

    Using the ProCurve Web Browser Interface Web Interface Screens Management Group The Management sash is the third logical group available on the Web interface menu. Once accessed, it defaults to the Management screen. This group provides access to the following screens: •...

  • Page 71: Management Summary

    Using the ProCurve Web Browser Interface Web Interface Screens Management Summary Accessed through the Management sash, the Management screen displays a summary of access point management settings. Figure 4-12. The Management Summary Screen The Management screen summarizes: Software Version: Displays the version of the running software. ■...

  • Page 72: Special Features Group

    Using the ProCurve Web Browser Interface Web Interface Screens Special Features Group The Special Features sash is the fourth logical group available on the Web interface menu. Once accessed, it defaults to the Special Features screen. This group provides access to the following screens: •...

  • Page 73: Special Features Summary

    Using the ProCurve Web Browser Interface Web Interface Screens Special Features Summary Accessed through the Special Features sash, the Special Features screen displays a summary of special feature statistics. Figure 4-13. The Special Features Summary Screen The Special Features screen summarizes: QoS: Indicates if Quality of Service packet prioritization (also referred to ■...

  • Page 74: Tasks For Your First Procurve Web Browser Interface Session

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Tasks for Your First ProCurve Web Browser Interface Session The ProCurve AP530 Installation and Getting Started Guide includes instructions for a minimal initial configuration using the CLI on a console attached to the access point.
  • Page 75 Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session N o t e If you want security beyond that achieved with user names and passwords, you can disable access to the either the or the CLI and limit management access to, for example, only the Web browser interface, only the CLI via the “Web: Configuring Access console port, Telnet, or SSH.

  • Page 76: If You Lose The Password

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session The Manager user name and password control access to both the CLI and the Web browser management interfaces for the access point. You are prompted to supply the user name and password every time you try to access the access point through either of these interfaces.
  • Page 77 Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Figure 4-15. Setting SNMP Community Names To Change A Default SNMP Community Name: Click Management > SNMP and select the Settings tab. To activate the SNMP feature on the access point, click SNMPv1/v2c Enabled. To establish a public read-only SNMP community, type a name text string to replace the default community name (public) in the Community Name (RO) field.

  • Page 78: Setting The Radio Mode And Channel

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Setting the Radio Mode and Channel The access point’s radio channel settings are limited by local regulations, which determine the number of channels that are available. You can manually set the access point’s radio channel or allow it to automatically select an unoccupied channel.

  • Page 79: Configuring Tcp/Ip Settings

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session To Set Radio Mode and Channel: Select Radio. Using the Radio drop-down, select the radio (1 or 2) you want to configure. To enable the radio, click the Status On button. Select the Mode (default is IEEE 802.11g).
  • Page 80 Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session To Set IP Parameters i: Select Ethernet. To set a dynamic connection, select DHCP in the Connection Type drop- down. To set a manual connection, select Static IP in the Connection Type drop- down.

  • Page 81: Setting Wlan Ssid And Security Settings

    Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Setting WLAN SSID and Security Settings Wireless stations can read the SSIDs from the access point’s beacon frame. If the “closed system” option is selected when configuring the access point, the SSID is not broadcast in the beacon frame.
  • Page 82 Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Figure 4-18. The WLANs Screen 4-32...
  • Page 83 Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session Figure 4-19. Configuring WLAN Security To Configure WEP Security: Select WLANs. Check the Radio 1 box, and the SSID name and VLAN ID fields populate with defaults.
  • Page 84 Using the ProCurve Web Browser Interface Tasks for Your First ProCurve Web Browser Interface Session [Update] 12. Click to save these Security settings. WEP is the security protocol initially specified in the IEEE 802.11 standard for wireless communications. While WEP provides a margin of security for environments with light network traffic, it is not sufficient for enterprise use where highly-sensitive data is transmitted.

  • Page 85: General System Configuration

    General System Configuration...
  • Page 86 General System Configuration Contents Overview ............5-4 AP Network Configuration Checklist .
  • Page 87 General System Configuration CLI: Setting Logging Parameters ......5-46 Configuring the Time (SNTP) ........5-48 Web: Setting SNTP Parameters .

  • Page 88: Overview

    General System Configuration Overview Overview This Chapter describes how to: Secure your access point ■ Modify system management passwords ■ ■ Set management access controls ■ View and modify access point system information Configure IP, SNMP, SNTP, RADIUS Accounting, and VLAN parameters ■...

  • Page 89: Ap Network Configuration Checklist

    General System Configuration AP Network Configuration Checklist AP Network Configuration Checklist In setting up your Access Point for network installation, this manual covers many of the tasks that should be considered for proper security and manage- ment. Each of these tasks are detailed in their respective sections, however, this summary is provided as an aid for establishing your network.

  • Page 90: Modifying Management Passwords

    (see C a u t i o n HP strongly recommends that you configure a new Manager password and not use the default. If a Manager password is not configured, then the access point is not password-protected, and anyone having in-band or out-of-band access to the access point may be able to compromise access point and network security.
  • Page 91 General System Configuration Modifying Management Passwords Figure 5-1. Creating a Password To Create a Password: Click Management > AP Access and select the Password tab. In the Current Password field, enter the current password. In the New Password field, enter a new password. Note: The password is case sensitive and must be at least 1 character and at most 32 characters long.

  • Page 92: Cli: Setting The Management Password

    General System Configuration Modifying Management Passwords CLI: Setting the Management Password CLI Commands Used in This Section Command Syntax CLI Reference Page password manager <password> 9-21 This example shows how to create a manager password. C a u t i o n If you modify the password through CLI, you also modify the Web password.

  • Page 93: Setting Management Access Controls

    General System Configuration Setting Management Access Controls Setting Management Access Controls To provide more security for the access point, management interfaces that are not required can be disabled. This includes the Web, Telnet, and Secure Shell (SSH), as well as the serial console port and Reset button. N o t e The access point’s serial port and Reset button cannot be disabled at the same time.

  • Page 94: Web: Configuring Access Controls

    General System Configuration Setting Management Access Controls Web: Configuring Access Controls The AP Access screen configures access to management interfaces and button. The Web interface enables you to modify these parameters: CLI Access ■ Serial Interface: Enables or disables management access through the access point’s serial console port.
  • Page 95 General System Configuration Setting Management Access Controls Figure 5-2. Configuring Access Controls To Configure Access Control Settings: Click Management > AP Access and select the Access tab. As required, enable or disable the serial, Telnet, or SSH interfaces. N o t e If using SSH for secure access to the CLI over a network connection, you may want to disable the Telnet server.

  • Page 96: Cli: Configuring Management Controls

    General System Configuration Setting Management Access Controls CLI: Configuring Management Controls CLI Commands Used in This Section Command Syntax CLI Reference Page [no] console 9-23 [no] ssh 9-24 [no] telnet 9-23 show console 9-27 show system 9-27 The following example shows how to enter management configuration con- text and control access to the Access Point device.
  • Page 97 General System Configuration Setting Management Access Controls The following example demonstrates the no ssh command to disable the serial SSH port, and the show ssh command to display the current status. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# no ssh ProCurve Access Point 530(config)# show ssh SSH Status Disabled...
  • Page 98 To display the current status for management access controls, use the show system command. ProCurve Access Point 530# show system Serial Number TW633VV01D System Name HP-AP-200 System Up Time 23 hours 17 mins 11 secs System Location 2FS17 System Country Code Software Version WA.02.00.0412...

  • Page 99: Modifying System Information

    General System Configuration Modifying System Information Modifying System Information The access point’s system name can be left at its default setting. However, modifying this parameter can help you to more easily distinguish one device from another in your network. N o t e You should also set the applicable WLANs (BSS/SSID) to identify the wireless “Configuring the Radio”...
  • Page 100 General System Configuration Modifying System Information Figure 5-3. Configuring System Information To Configure System Information: Select Device Information in the navigation bar. Type a name to uniquely identify the access point in the System Name field. Type a location to identify where the access point it located in the Location field.

  • Page 101: Cli: Setting The System Name

    General System Configuration Modifying System Information CLI: Setting the System Name CLI Commands Used in This Section Command Syntax CLI Reference Page hostname <hostname> 9-19 show system-information 9-27 The following example shows using the hostname <hostname> syntax to set the name of the system. N o t e Enter management commands, one per line.
  • Page 102 General System Configuration Modifying System Information ProCurve Access Point 530# show system-information Serial Number TW633VV01D System Name HP-AP-200 System Up Time 23 hours 18 mins 37 secs System Location 2FS17 System Country Code Software Version WA.02.00.0412 Ethernet MAC Address 00:14:C2:A5:6A:B3 IP Address 192.168.15.200...

  • Page 103: Configuring Ethernet Settings

    General System Configuration Configuring Ethernet Settings Configuring Ethernet Settings Configuring the access point with an IP address expands your ability to manage the access point and use its features. A number of access point features depend on IP addressing to operate. N o t e You can use the Web browser interface to access IP addressing only if the access point already has an IP address that is reachable through your network.
  • Page 104 General System Configuration Configuring Ethernet Settings N o t e The access point must be rebooted for the Speed / Duplex change to take effect. ■ Connection Type: Allows selection of a static or DHCP setting. • DHCP: DHCP is the default. The IP address, subnet mask, default gateway, and Domain Name Server (DNS) addresses are dynamically assigned to the access point’s DHCP client by the network DHCP server.
  • Page 105 General System Configuration Configuring Ethernet Settings Figure 5-4. Configuring IP Settings To Enable the DHCP Client i: Select Ethernet. To configure the VLAN (untagged), enter a value in the VLAN field. To set the mode and speed of data transmission, select the Speed / Duplex setting in the drop-down.
  • Page 106 General System Configuration Configuring Ethernet Settings If a management station exists on another network segment, enter the IP address of a gateway in the that can route traffic between these segments in the Default Gateway field. This is a required field. Enter the IP address for the primary and secondary DNS Nameservers to be used for host-name-to-IP-address resolution.

  • Page 107: Cli: Configuring Ip Settings Statically Or Via Dhcp

    General System Configuration Configuring Ethernet Settings CLI: Configuring IP Settings Statically or via DHCP CLI Commands Used in This Section Command Syntax CLI Reference Page interface <interface> 9-90 [no] ip address dhcp <ip> 9-94 [<mask>] <ip>/<bits> <dhcp> ip default-gateway 9-95 dns primary <server_1>...
  • Page 108 ProCurve Access Point 530(config)# To display the current IP settings, use the show ip command as shown in the following example. ProCurve Access Point 530# show ip IP Address Information: System Host Name HP-AP-200 IP Address 192.168.15.200 Subnet Mask 255.255.255.0 Default Gateway 192.168.15.254...

  • Page 109: Configuring Snmp

    General System Configuration Configuring SNMP Configuring SNMP You can use a network management application such as the ProCurve Manager to manage the access point via the Simple Network Management Protocol (SNMP) from a network management station. Simple Network Management Protocol (SNMP) is an industry standard protocol for managing network devices, such as hubs, bridges, and switches.

  • Page 110: Mib Support

    General System Configuration Configuring SNMP MIB Support The Access Point 530 supports the following Management Information Bases (MIBs): Read-Only Support Read-Write Support IEEE802dot11-MIB HP-PROCURVE-WLAN-SMI RFC1155-SMI HP-PROCURVE-WLAN-TC MIB II (RFC 1213) HP-PROCURVE-WLAN-SYSTEM-MIB RFC-1215 HP-PROCURVE-WLAN-AP-MIB HP-PROCURVE-NOTIFY-MIB SNMPv2-SMI (RFC2578) SNMPv2-TC (RFC2579) SNMPv2-CONF (RFC2580)
  • Page 111 General System Configuration Configuring SNMP The Web interface enables you to modify these parameters: ■ SNMPv1/v2c: Enables or disables SNMP version 1 and version 2c management access, and also enables the access point to send SNMP traps (notifications). (The default is Enabled.) Community Name (RO): Defines the SNMP community access string ■...

  • Page 112: Cli: Setting Basic Snmp Parameters

    General System Configuration Configuring SNMP To Enable SNMP and Set Parameters: Click Management > SNMP and select the Settings tab. To activate SNMPv1/v2 features on the access point, click the SNMPv1/v2 Enabled button. To establish a public read-only SNMP community, enter a name text string to replace the default community name (public) in the Community Name (RO) field.
  • Page 113 General System Configuration Configuring SNMP SNMP management on the access point defaults the community settings to “restricted” and “public”. To disable SNMP communities, type the following commands. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# no snmp-server community public restricted ProCurve Access Point 530(config)# no snmp-server community system unrestricted ProCurve Access Point 530(config)#...
  • Page 114 General System Configuration Configuring SNMP The following example shows how to configure the SNMP community strings, the community name (using the server host command), and the following parameters (contact, port, and location). The default port number is 161. N OT E Although you can set this string using the snmp-server host command by itself, we recommend that you define this string using the snmp-server community command prior to using the snmp-server host command.
  • Page 115 General System Configuration Configuring SNMP ProCurve Access Point 530# configure ProCurve Access Point 530(config)# show snmp-server SNMP Server Settings --------------------------------------------------------------------------- SNMP Status Enabled SNMP Port Community (ro) public Community (rw) private Location 2FR19 Contact No SNMP trap destinations are currently configured. hpWlanAdHocNetworkDetected Enabled hpWlanApDetectionUpdate...

  • Page 116: Web: Configuring Snmp V1 And V2C Traps

    General System Configuration Configuring SNMP Web: Configuring SNMP v1 and v2c Traps The SNMP – Traps and SNMP – Trap Hosts screens configure SNMP v1 and v2c trap notifications that can be sent to specified management stations. SNMP Traps The SNMP – Traps screen controls whether specific SNMP notifications are sent: System Traps: pertaining to the system.
  • Page 117 General System Configuration Configuring SNMP • hpWlanClientRequestFailure – The station request failure is sent when a station fails to associate / re-associate / authenticate with the access point. The notification includes the station MAC address and the reason code for the failure. •...
  • Page 118 General System Configuration Configuring SNMP • hpWlanDot1XAuthNotInitiated– This notification is sent when a station did not initiate 802.1X authentication with the RADIUS server. The notification value includes the MAC address of the station that did not initiate 802.1X authentication. • hpWlanDot1XAuthSuccess –...

  • Page 119: Snmp Trap Hosts

    General System Configuration Configuring SNMP Click Management > SNMP and select the Traps tab. Under the Trap Groups, check or uncheck the required traps boxes. Click Update. SNMP Trap Hosts The SNMP – Trap Hosts screen allows configuration of the following SNMP trap parameters: Trap Destination Host (1 to 3): Enables/Disables recipients (up to ■...

  • Page 120: Cli: Configuring Snmp V1 And V2C Traps

    General System Configuration Configuring SNMP Enter the IP address in the Trap Destination IP Address field and enter one of the configured community names in the Community Name field. Select [Update]. CLI: Configuring SNMP v1 and v2c Traps CLI Commands Used in This Section Command Syntax CLI Reference Page [no] snmp-server trap <trap>...
  • Page 121 General System Configuration Configuring SNMP To display the current SNMP settings from the Manager Exec level, use the show snmp-server command, as shown in the following example. ProCurve Access Point 530(config)# show snmp-server SNMP Server Settings --------------------------------------------------------------------------- SNMP Status Enabled SNMP Port Community (ro) public...

  • Page 122: Configuring Snmpv3

    General System Configuration Configuring SNMPv3 Configuring SNMPv3 The access point supports the following SNMPv3 MIBs: Framework ■ ■ Message Processing/Dispatch ■ Community User-Based-Security Model ■ ■ View-Based-Access-Control Model The web browser interface and the CLI can be used to ■ Enable SNMPv3 on the access point, Create SNMPv3 users, ■...

  • Page 123: Cli: Enabling & Disabling Snmpv3

    General System Configuration Configuring SNMPv3 Figure 5-8. The SNMP - Settings Tab To Enable SNMPv3: Click Management > SNMP and select the Settings tab. Click the SNMPv3 Enabled button. Click [Update]. To Disable SNMPv3: Click Management > SNMP and select the Settings tab. Click the SNMPv3 Disabled button.

  • Page 124: Web: Managing Snmpv3 Users

    General System Configuration Configuring SNMPv3 To enable SNMPv3, enter the snmpv3 enable command. ProCurve Access Point 530# config ProCurve Access Point 530(config)# snmpv3 enable ProCurve Access Point 530(config)# To disable SNMPv3, enter the no snmpv3 enable command. ProCurve Access Point 530(config)# no snmpv3 enable ProCurve Access Point 530(config)# Web: Managing SNMPv3 Users The SNMP –...
  • Page 125 General System Configuration Configuring SNMPv3 Figure 5-9. The SNMP SNMPv3 Users Tab To Add an SNMPv3 User: Click Management > SNMP and select the SNMPv3 Users tab. Enter the new username in the Username field. Optionally, select an authentication method from the Authentication Type drop-down.

  • Page 126: Cli: Managing Snmpv3 Users

    General System Configuration Configuring SNMPv3 In the list of SNMPv3 users, click the Edit link next to the username whose settings you want to modify. The fields are now displayed under Edit SNMPv3 User, and are populated with the current settings for the selected user.

  • Page 127: Cli: Displaying Snmpv3 Settings

    General System Configuration Configuring SNMPv3 To create an SNMPv3 user with MD5 authentication, add the auth parameter and password to the definition. ProCurve Access Point 530(config)# snmpv3 user-name tjames auth md5 12345678 ProCurve Access Point 530(config)# To create an SNMPv3 user with MD5 authentication and AES privacy, add the auth md5 and priv aes parameters and their passwords to the definition.

  • Page 128: Enabling System Logging

    General System Configuration Enabling System Logging Enabling System Logging The access point supports a logging process that can control error messages saved to memory or sent to a server. The logged messages serve as a valuable tool for isolating access point and network problems. The following table lists the error message levels from the most severe (Emergency) to least severe (Debug).

  • Page 129: Web: Setting Logging Parameters

    General System Configuration Enabling System Logging Web: Setting Logging Parameters The Event Log – Settings screen configures system logs and server details for the access point. The Web interface enables you to modify these parameters: ■ Primary Syslog Host: Enables the logging of error messages. ■...

  • Page 130: Cli: Setting Logging Parameters

    General System Configuration Enabling System Logging CLI: Setting Logging Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page 9-30 [no] logging <host >[port] 9-31 show debug 9-32 show logging 9-32 The following example shows how to set an IP address for the receiving server using the logging command.
  • Page 131 General System Configuration Enabling System Logging The following example shows the security level of entries. ProCurve Access Point 530# configure ProCurve Access Point 530(config)#show logging Keys: M=eMergency C=Critical W=Warning I=Information A=Alert E=Error N=Notice D=Debug ----- Event Log Listing: Most Recent Events First ---- I 01/10/00 20:39:09 login[12763]: root login on `ttyp0'...

  • Page 132: Configuring The Time (Sntp)

    General System Configuration Configuring the Time (SNTP) Configuring the Time (SNTP) Simple Network Time Protocol (SNTP) allows the access point to set its internal clock based on periodic updates from a time server (SNTP or NTP). Maintaining an accurate time on the access point enables the system log to record meaningful dates and times for event entries.
  • Page 133 General System Configuration Configuring the Time (SNTP) Figure 5-11. Configuring SNTP Settings To Set SNTP Parameters: Select Special Features > Time. For SNTP, click Enabled. For the SNTP Server, enter the IP address or the hostname in the SNTP Server field. Select the appropriate time zone for the SNTP server from the Time Zone drop-down.

  • Page 134: Cli: Setting Sntp Parameters

    General System Configuration Configuring the Time (SNTP) CLI: Setting SNTP Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page sntp <server> <time-zone> 9-34 [no] sntp 9-34 show sntp 9-35 The following example shows how to enable SNTP and configure a server IP address by using the sntp <server>...

  • Page 135: Configuring Radius Accounting

    General System Configuration Configuring RADIUS Accounting Configuring RADIUS Accounting Remote Authentication Dial-in User Service (RADIUS) Accounting is an extension to the RADIUS authentication protocol that uses a central server to log user activity on the network. A RADIUS Accounting server runs software that receives user-session information from the access point.

  • Page 136: Web: Setting Radius Accounting Server Parameters

    General System Configuration Configuring RADIUS Accounting Web: Setting RADIUS Accounting Server Parameters The Accounting Servers screen in the WLAN Configuration – Security pop-up window sets the primary and secondary server parameters for the RADIUS Accounting server. This configures the RADIUS Accounting servers to which the access point RADIUS server transmits user-session information.
  • Page 137 General System Configuration Configuring RADIUS Accounting Figure 5-12. Configuring RADIUS Accounting Servers To Set RADIUS Accounting Server Parameters: Click WLANs. Click the [Edit] button for the WLAN (BSS/SSID) interface you want to modify. A pop-up window with Security settings opens. Select the Accounting Servers tab.

  • Page 138: Cli: Enabling Radius Accounting Parameters

    General System Configuration Configuring RADIUS Accounting CLI: Enabling RADIUS Accounting Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page [no] radius-accounting <primary | secondary> <ip 9-65 <ip> | port <port> | key <key>> The following example shows how to enable RADIUS Accounting and set the ip address, port number, and the secret key on the access point.

  • Page 139: Setting Up Filter Control

    General System Configuration Setting Up Filter Control Setting Up Filter Control You can prevent communications between wireless stations associated to the access point, only allowing traffic between stations and the wired network. You can also prevent any wireless client from performing any access point configuration through any of its management interfaces, including Web, Telnet, or SNMP access.

  • Page 140: Cli: Setting Traffic Filters

    General System Configuration Setting Up Filter Control CLI: Setting Traffic Filters CLI Commands Used in This Section Command Syntax CLI Reference Page [no] inter-station-blocking 9-88 [no] wireless-mgmt-block 9-88 show filters 9-89 The following example shows how to block communications between wire- less stations.

  • Page 141: Configuring Vlan Support

    General System Configuration Configuring VLAN Support Configuring VLAN Support A Virtual Local Area Network (VLAN) is a location independent broadcast domain. A VLAN is like the standard definition of a LAN without the physical constraints. These VLAN domains are a collection of workstations that are part of the same logical, working community but not likely part of the same physical community.

  • Page 142: Web: Setting A Management Vlan

    General System Configuration Configuring VLAN Support Management VLAN. A management VLAN can be configured for secure management access to the access point. The management VLAN is for managing the access point through remote management tools, such as the Web interface, SSH, Telnet, or SNMP. The access point only accepts management traffic that is tagged with the specified management VLAN ID.

  • Page 143: Web: Changing The Untagged Vlan Id

    General System Configuration Configuring VLAN Support Figure 5-14. Setting A Management VLAN To Set A Management VLAN: Click Ethernet. Enter a valid number between 1 and 4094 in the Management VLAN field. Select [Update]. Web: Changing the Untagged VLAN ID The Network Setup –...
  • Page 144 General System Configuration Configuring VLAN Support Figure 5-15. Changing Untagged VLAN ID To Set Untagged VLAN ID: Click Ethernet. Enter a valid number between 1 and 4094 in the Untagged VLAN field. Select [Update]. 5-60...

  • Page 145: Cli: Enabling Vlan Support

    General System Configuration Configuring VLAN Support CLI: Enabling VLAN Support CLI Commands Used in This Section Command Syntax CLI Reference Page vlan 9-145 [no] untagged-vlan <vid> 9-146 management-vlan <vid> 9-146 show wlans 9-117 The following example shows how to establish a management VLAN ID. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# interface ethernet ProCurve Access Point 530(ethernet)# management-vlan 9...
  • Page 146 General System Configuration Configuring VLAN Support The following example displays the management VLAN ID. The static or dynamic VLAN state is configured per WLAN and can be validated using the show wlans command. ProCurve Access Point 530# show wlans All WLANs on Radio 1: WLAN BSSID VLAN...

  • Page 147: Managing Group Configuration

    General System Configuration Managing Group Configuration Managing Group Configuration The Group Configuration feature enables an administrator to configure and manage groups of up to twelve AP 530 access points using the management interface of only one of the devices. Group Configuration can be configured using the web-browser interface, the CLI, or through SNMP.

  • Page 148: Guidelines For Deploying Group Configuration

    General System Configuration Managing Group Configuration “Configuring RADIUS Client Authentication” The local RADIUS user database (see ■ on page 7-32) “Probe Table” on page 8-35) ■ All Probe Table settings (see “Setting Up Filter Control” on page 5-55) All Filters settings (see ■...

  • Page 149: Security And Integrity Recommendations

    General System Configuration Managing Group Configuration Complete synchronization may take up to one minute to propagate, depending on the size of the group and on network latency. When a member leaves the group, the “oldest” of the remaining members becomes the “reference”. When a member returns to the group, its “age” is reset to zero.
  • Page 150 General System Configuration Managing Group Configuration The current members of the selected group are listed in the Members list. N o t e The IP addresses of the other members of the group appear as links. To jump to the configuration interface of another member, click on its link. When a group is being formed, there may be a delay of up to 2 seconds before all members are listed.

  • Page 151: Cli: Enabling Group Configuration

    General System Configuration Managing Group Configuration CLI: Enabling Group Configuration CLI Commands Used in This Section Command Syntax CLI Reference Page [no] group-config 9-61 group-config name 9-62 group-config member-id 9-62 show group-config 9-63 The following example shows how to add the current access point to a group. ProCurve Access Point 530# configuration ProCurve Access Point 530(config)# group-config name HBldg22 ProCurve Access Point 530(config)# group-config member-id...
  • Page 152 General System Configuration Managing Group Configuration — This page is intentionally unused. — 5-68...

  • Page 153: Wireless Interface Configuration

    Wireless Interface Configuration Contents Overview ............6-3 Setting the Country Code .
  • Page 154 Wireless Interface Configuration Managing Multiple WLAN (BSS/SSID) Interfaces ....6-36 Web: Configuring SSID Interfaces ......6-37 CLI: Naming an SSID Interface .

  • Page 155: Overview

    Wireless Interface Configuration Overview Overview The Access Point 530 supports up to 16 service set identifier (SSID) interfaces. Most radio parameters apply globally to all configured SSID interfaces. For each SSID interface, different security settings, VLAN assignments, and other parameters can be applied. This chapter describes how to: Set the access point country code ■...

  • Page 156: Setting The Country Code

    Wireless Interface Configuration Setting the Country Code Setting the Country Code This section details the process of setting the country code in both the Access Point 530 WW unit (J8987A), which has no preset country code, and the Access Point 530 NA unit (J8986A), which has the country code preset to the U.S. The country code is an identifier defined for a nation by ISO.
  • Page 157 The following example shows how to use the show system-information command to return the access point’s current values, including the country code. ProCurve Access Point 530(config)# show system-information Serial Number TW633VV01D System Name HP-AP-200 System Up Time 13 mins 17 secs System Location 2FS17 System Country Code Software Version WA.02.00.0412...

  • Page 158: Configuring The Radio

    Wireless Interface Configuration Configuring the Radio Configuring the Radio Radio settings directly control the behavior of the radio device in the access point. The access point allows modification of various radio parameters, such as enabling the radio, radio working mode, radio broadcasting channel, and transmit power level.

  • Page 159: Configuring The Radio Working Mode

    Wireless Interface Configuration Configuring the Radio Summary Point Parameters Because they are in different parts of the spectrum, the channels within 802.11b and 802.11a these modes do not interfere with one another. channels. 802.11g and 802.11a channels. Each radio that is used, no matter what the mode, must be set to a unique All modes (802.11a, 802.11b, channel to avoid interference with other radios in the same area.
  • Page 160 Wireless Interface Configuration Configuring the Radio Getting to know 802.11a. The IEEE 802.11a provides specifications for wireless ATM systems. It is also used in wireless hubs. Networks using 802.11a operate at radio frequencies between 5.725 GHz and 5.850 GHz. The specifi- cation uses a modulation scheme known as orthogonal frequency division multiplexing (OFDM), which is especially well suited for use in office settings.

  • Page 161: Web: Setting The Radio Working Mode

    Wireless Interface Configuration Configuring the Radio Working in its mixed “b/g” mode, the access point experiences reduced data throughput, even if there are no 802.11b stations active in the network. To achieve a higher throughput, you can set the access point to operate in 802.11g mode, which ignores all 802.11b stations in the service area.
  • Page 162 Wireless Interface Configuration Configuring the Radio • IEEE 802.11a: Stations communicate in a data transfer range between 6 to 54 Mbps. This standard operates in the 5 GHz U-NII band using orthogonal frequency division multiplexing (OFDM). (Radio 2 only.) ■ [Update]: Updates the radio parameters.

  • Page 163: Cli: Setting The Radio Working Mode

    Wireless Interface Configuration Configuring the Radio CLI: Setting the Radio Working Mode CLI Commands Used in This Section Command Syntax CLI Reference Page radio <radio_name> 9-101 mode<mode> 9-104 show radios <radio>* 9-116 *Use the parameter <radio> to display detailed information about the specified radio. The following example shows how to enable the radio context level on a specific radio and set the working mode for the access point to 802.11g-only mode.

  • Page 164: Configuring The Radio Channel And Other Basic Settings

    Wireless Interface Configuration Configuring the Radio Configuring the Radio Channel and Other Basic Settings The access point uses the configured radio channel to communicate with “Radio Configuration Summary Table” on page 6-6, wireless stations. As indicated in the the access point’s channel settings and radio mode have a configuration relationship to enhance the performance of the access point.
  • Page 165 Wireless Interface Configuration Configuring the Radio N o t e When the radio is configured for auto channel selection, any radio mode changes result in a five- to ten-second delay as the optimum radio channel is determined and selected. ■ Maximum Stations: The maximum number of stations allowed to access the applicable radio at any one time.

  • Page 166: Web: Configuring Advanced Radio Settings

    Wireless Interface Configuration Configuring the Radio Web: Configuring Advanced Radio Settings The Radio – Advanced Settings pop-up window, shown in Figure 6-3, enables you to configure a number of advanced settings for the access point’s radio operation: ■ Broadcast/Multicast Rate Limiting: Enables the rate limiting on the radio to transmit multicast and broadcast traffic.
  • Page 167 Wireless Interface Configuration Configuring the Radio Short: Sets the slot time to 9 microseconds. A short slot time can • increase data throughput on the access point, but its use requires that all stations can support a short slot time (that is, 802.11g-compliant stations must support a short slot time).

  • Page 168: Configuring Advanced Radio Settings

    Wireless Interface Configuration Configuring the Radio Configuring Advanced Radio Settings Figure 6-3. Configuring Advanced Radio Settings To Modify Advanced Radio Settings: Click Network Setup > Radio. Click Status On to enable the radio. Click the Edit button for Advanced Settings. A pop-up window for Advanced Settings opens (see Figure 6-3).

  • Page 169: Configuring B + G Mode

    Wireless Interface Configuration Configuring the Radio Select the Preamble and Slot Times by clicking their respective Long or Short buttons. To configure the communication periods and packet size transmissions, enter values within the appropriate range for the Fragmentation Threshold and RTS Threshold fields. Enter the desired value for Beacon Interval.
  • Page 170 Wireless Interface Configuration Configuring the Radio Figure 6-5. Configuring B + G Modes [Advanced Radio Settings] To Configure B + G Modes: The setting, shown in Figure 6-5, allows both b stations and g stations to associate with the AP. Select Network Setup >...

  • Page 171: Configuring G- Only Mode

    Wireless Interface Configuration Configuring the Radio Configuring G- Only Mode Figure 6-6. Configuring Wi-Fi G-Only Mode To Configure Wi-Fi G-Only Mode: This setting, shown in Figure 6-6, allows g-only stations to associate with the AP. This is Wi-Fi standard-based g-only mode. Select Network Setup >...

  • Page 172: Configuring Pure G Mode

    Wireless Interface Configuration Configuring the Radio Configuring Pure G Mode Figure 6-7. Configuring Pure G Mode To Configure Pure G Mode: The setting, shown in Figure 6-7, allows only g stations to associate with the access point, but should be used only if no legacy 802.11b clients or access points are within range of the 530 access point.

  • Page 173: Cli: Configuring Radio Settings

    Wireless Interface Configuration Configuring the Radio Deselect rate set values (11, 5.5, 2, and 1) and select rate set values (24, 12, and 6) using the Basic options. [Update] Select to set the advanced radio parameters. CLI: Configuring Radio Settings CLI Commands Used in This Section Command Syntax CLI Reference Page...
  • Page 174 Wireless Interface Configuration Configuring the Radio The following example uses the show radio <radio> command to display this access point’s radio parameter details. ProCurve Access Point 530# show radio 1 Description Radio 1 - 802.11g Base MAC 00:14:C2:A7:11:A0 Status Enabled Mode 802.11g Channel-Policy...

  • Page 175: Modifying Antenna Settings

    Wireless Interface Configuration Modifying Antenna Settings Modifying Antenna Settings When using an external antenna with the access point, you must configure the radio for the type of external antenna that is attached: either Diversity or Single. Also, the access point’s transmit power must be limited to conform to local regulations.
  • Page 176 Wireless Interface Configuration Modifying Antenna Settings Figure 6-8. Setting Transmit Power Reduction To Modify the Transmit Power Reduction: Select Network Setup > Radio. Use the Tx Power Reduction drop-down to select a dBm value. [Update] Select to set the radio transmit power reduction. 6-24...

  • Page 177: Web: Setting The Antenna Type And Antenna Mode

    Wireless Interface Configuration Modifying Antenna Settings Web: Setting the Antenna Type and Antenna Mode The Radio – Advanced Settings pop-up window, shown in Figure 6-9, enables you to configure the following settings for adjusting the transmit power limits: ■ Antenna Type: The type of radio antenna utilized by this access point. (The default is Internal.) Antenna Mode: The mode of radio antenna utilized by this access point.
  • Page 178 Wireless Interface Configuration Modifying Antenna Settings [Update] Select to set the antenna parameters. 6-26...

  • Page 179: Cli: Setting The Transmit Power Reduction And Antenna Parameters

    Wireless Interface Configuration Modifying Antenna Settings CLI: Setting the Transmit Power Reduction and Antenna Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page tx-power-reduction <value> 9-114 antenna <external | internal> 9-105 antenna mode <diversity | single> 9-105 show radio 9-116 The following example shows how to set the transmit power reduction value,...
  • Page 180 Wireless Interface Configuration Modifying Antenna Settings You can use the show radio command to display the current radio settings from the wireless interface configuration level. ProCurve Access Point 530# show radio 1 Description Radio 1 - 802.11g Base MAC 00:14:C2:A7:11:A0 Status Enabled Mode...

  • Page 181: Adaptive Tx Power Control

    Wireless Interface Configuration Adaptive Tx Power Control Adaptive Tx Power Control This section describes how to configure the Access Point 530’s Adaptive Tx Power Control (ATPC) feature. Several strategies for configuring Adaptive Tx Appendix C, “Adaptive Tx Power Control Use Cases”.

  • Page 182: Scope Of Neighboring Aps

    Wireless Interface Configuration Adaptive Tx Power Control Scope of Neighboring APs ATPC may be applied broadly to all neighboring APs or more selectively to specific APs by configuring either RF Group Name or Avoid Neighbor APs. These parameters are mutually exclusive: Enabling one disables the other. ■...

  • Page 183: Power Reduction Limit

    Wireless Interface Configuration Adaptive Tx Power Control This mode is recommended for low density deployments where coverage holes may be of concern. The data transmit power attenuation is calculated to put transmissions into the noise floor of the nearest same-channel AP, then reduced if needed to reach the farthest associated client station at a target RSSI.

  • Page 184: Web: Configuring Adaptive Tx Power Control

    Wireless Interface Configuration Adaptive Tx Power Control Since ATPC can only reduce transmit power (not amplify it), optimal place- ment of access points will provide full coverage at a transmit power level somewhat below the maximum. Furthermore, if the deployment needs to be able to remediate conditions such as the failure or down-time of individual access points, the density should be such that ATPC can compensate for a missing unit by lessening power reduc- tion, thus allowing transmit power to increase towards its maximum.
  • Page 185 Wireless Interface Configuration Adaptive Tx Power Control Figure 6-10. Setting Adaptive Transmit Power Control Parameters To Configure Adaptive Transmit Power Control: Select Network Setup > Radio. Click Status On to enable the radio. Select IEEE 802.11g Mode. Click the Edit button for Advanced Settings. A pop-up window for Advanced Settings opens (see Figure 6-7).

  • Page 186: Cli: Configuring Adaptive Tx Power Control

    Wireless Interface Configuration Adaptive Tx Power Control CLI: Configuring Adaptive Tx Power Control CLI Commands Used in This Section Command Syntax CLI Reference Page 9-140 [no] atpc 9-141 [no] atpc avoid-other-aps 9-141 <name> [no] atpc rf-group-name 9-142 atpc adapt < ap | ap+clients > 9-143 <max-reduction>...
  • Page 187 Wireless Interface Configuration Adaptive Tx Power Control “Airport Case 2 – With The following example refers to the use case described in RF Group Name” on page C-5. To configure AP #1 in this use case, enter the following commands: ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# atpc adapt ap ProCurve Access Point 530(radio1)# atpc max-reduction 18...

  • Page 188: Managing Multiple Wlan (Bss/Ssid) Interfaces

    Wireless Interface Configuration Managing Multiple WLAN (BSS/SSID) Interfaces Managing Multiple WLAN (BSS/SSID) Interfaces A wireless local area network (WLAN) is a local area network (LAN) that users access through a wireless connection. The IEEE 802.11-1999 standards specify WLAN technologies. The WLAN uses high-frequency radio waves rather than wires to communicate between nodes.

  • Page 189: Web: Configuring Ssid Interfaces

    Wireless Interface Configuration Managing Multiple WLAN (BSS/SSID) Interfaces The following figure shows the configuration scenario to follow when managing VLANs and SSID interfaces. Figure 6-11. Configuring VLANs and SSID Interfaces Web: Configuring SSID Interfaces The WLANs tab, shown in Figure 6-11, enables you to configure SSIDs, VLANS, and closed system settings.
  • Page 190 Wireless Interface Configuration Managing Multiple WLAN (BSS/SSID) Interfaces N o t e If you are connected as a wireless client to the same AP that you are admin- istering, resetting the SSID will cause you to lose connectivity to the AP. You will need to reconnect to the new SSID after you save this new setting.
  • Page 191 Wireless Interface Configuration Managing Multiple WLAN (BSS/SSID) Interfaces To prohibit WLAN (BSS/SSID) interface broadcasting, check the Closed- System box. To assign a VLAN ID per WlAN (BSS/SSSID), enter a VLAN ID in the VLAN field. [Edit] To establish security, click button and configure Security tab param- eters.

  • Page 192: Cli: Naming An Ssid Interface

    Wireless Interface Configuration Managing Multiple WLAN (BSS/SSID) Interfaces CLI: Naming an SSID Interface CLI Commands Used in This Section Command Syntax CLI Reference Page 9-102 ssid <SSID> 9-117 show wlans [<name>] all The following example shows how to name a SSID interface “donna” within the “wlan1”...

  • Page 193: Cli: Modifying Wlan (Bss/Ssid) Interface Settings

    Wireless Interface Configuration Managing Multiple WLAN (BSS/SSID) Interfaces CLI: Modifying WLAN (BSS/SSID) Interface Settings CLI Commands Used in This Section Command Syntax CLI Reference Page ssid <SSID> 9-102 description <description> 9-102 disable | enable 9-102 vlan <vid> 9-102 closed-system 9-102 show wlan <index >...
  • Page 194 Wireless Interface Configuration Managing Multiple WLAN (BSS/SSID) Interfaces To display WLAN interface settings, use the show wlan command, as shown in the following example. ProCurve Access Point 530(radio1)# show wlan All WLANs on Radio 1: WLAN BSSID VLAN Security Status ------------------------------------------------------------------------------ PR3_WLAN 00:14:C2:A7:11:A0...

  • Page 195: Wireless Security Configuration

    Wireless Security Configuration...
  • Page 196 Wireless Security Configuration Contents Overview ............7-5 Wireless Security Overview .
  • Page 197 Wireless Security Configuration Access Control List and RADIUS Server ..... . . 7-43 MAC Lockout and Client/Station Deauthentication ....7-44 Web: Configuring Access Control List .
  • Page 198 Wireless Security Configuration CLI: Configuring Web-Auth on a WLAN ......7-70 Prerequisites ......... . . 7-70 Web: Customizing the Login, Welcome, and Failed Screens .

  • Page 199: Overview

    Wireless Security Configuration Overview Overview This chapter describes how to: Configure wireless security ■ Configure encryption ■ ■ Configure key management ■ Configure MAC and 802.1X authentication Configure MAC Lockout and Client/Station Deauthentication ■ ■ Configure AP Authentication ■ Configure Web Authentication...

  • Page 200: Wireless Security Overview

    Wireless Security Configuration Wireless Security Overview Wireless Security Overview The access point is configured by default as an “open system,” with no security. This means that the access point broadcasts a beacon frame advertising each configured WLAN. If a wireless client has a configured WLAN of “any”, it can read the SSID from the beacon and use it to allow immediate connection to the access point.

  • Page 201: 802.1X User Authentication

    Wireless Security Configuration Wireless Security Overview address as the MAC authentication password. To avoid this compatibility issue, use the “radius” CLI command to configure the “mac-auth-password” for the AP 530 to be consistent with the Access Point 520 shared-secret “MAC Address Authentication” on password.

  • Page 202: Encryption

    Wireless Security Configuration Wireless Security Overview connections. The AP 530 supports port-access authentication through the AP “Configuring 802.1X AP Authentication” on page 7-53 Authentication feature. See more information. Encryption The AP 530 supports three types of encryption: Wired Equivalent Privacy (WEP): Key lengths of 64 bits and 128 bits are ■...

  • Page 203: Counter Mode/Cbc-Mac Protocol (Ccmp)

    Wireless Security Configuration Wireless Security Overview Counter Mode/CBC-MAC Protocol (CCMP) CCMP is an encryption method for IEEE 802.11i that uses the Advanced Encryption Standard (AES) combined with Cipher Block Chaining Counter mode (CBC-CTR) and Cipher Block Chaining Message Authentication Code (CBC-MAC) for encryption and message integrity.

  • Page 204: Static Wired Equivalent Privacy (Wep)

    Wireless Security Configuration Wireless Security Overview network VPN server. If this mode is used, it may be desirable to prevent advertising availability of the network to other stations by configuring the WLAN for closed-system operation. C a u t i o n Use the No Security mode on a sensitive internal network only for initial setup, testing, or problem solving, or where VPN connections are mandated to provide end-to-end security for the otherwise insecure wireless connection.

  • Page 205: Tkip With 802.1X

    Wireless Security Configuration Wireless Security Overview TKIP with 802.1X The TKIP with 802.1X security profile uses TKIP as the encryption cipher and 802.1X as the authentication mechanism. In this way, each station uses a unique master key to derive the encryption between the access point and the station.

  • Page 206: Other Security Features

    Wireless Security Configuration Wireless Security Overview Other Security Features In addition to the wireless security features described in the preceding section, the Access Point 530 has a user-based security feature called Identity Driven Management (IDM). “Identity Driven Management” on page 8-36.
  • Page 207 Wireless Security Configuration Wireless Security Overview When you have decided which security mechanisms to implement in your network, refer to Table 7-2 and Table 7-3 for a summary of the access point configuration procedures. For more details on security configurations that are possible using the CLI, “CLI: Configuring Security Settings”...
  • Page 208 Wireless Security Configuration Wireless Security Overview Configuring Encryption in the ProCurve Wireless Access Point 530 Encryption Methods and WLAN Interface Level Commands Additional Notes Process Requirements WPA-802.1X security <wpa-802.1X> WPA supported • When both TKIP and station required. CCMP authentication 1.
  • Page 209 Wireless Security Configuration Wireless Security Overview Summary of MAC Authentication Configuration Table 7-3. Configuring MAC Authentication in the HP ProCurve Wireless Access Point 530 Local MAC MAC Authentication Table RADIUS Comments Authentication Authentication Authentication MAC Address Permission Mode MAC Table...

  • Page 210: Establishing Security

    Wireless Security Configuration Establishing Security Establishing Security The security options are available from the WLANs tab (shown in Figure 7-1) and provide wireless security configuration for the WLAN. Figure 7-1. Security Access Via the WLANs Screen Basic parameters required for a security option configuration are provided in the WLANs –...
  • Page 211 Wireless Security Configuration Establishing Security You should give special consideration to the security option for WLAN 1 if you are configuring one or more Wireless Distribution System (WDS) links on the AP 530. The security option configured for WLAN 1 also establishes the security option that is used with WDS links (1–6).

  • Page 212: Web: Setting Security Options

    Wireless Security Configuration Establishing Security Web: Setting Security Options The Security tab provides these options: ■ No Security: The access point is configured as an open system with no user authentication or data encryption. This is the default setting. Static WEP: Use static IEEE 802.11 Wired Equivalent Privacy (WEP) ■...
  • Page 213 Wireless Security Configuration Establishing Security WPA-PSK: Uses a preshared key (instead of using IEEE 802.1X and EAP ■ as is used in the WPA-802.1X security mode). The PSK is used for an initial check of credentials only. A WPA-supported station is required. If a mix of stations is used, with some supporting WPA2 and others supporting the original WPA, configure for both (set both wpa/wpa2 allowed).
  • Page 214 Wireless Security Configuration Establishing Security N o t e Stations that are not configured to use WPA-PSK cannot associate with an access point. ■ WPA-802.1X: IEEE 802.11i-2004 includes AES, CCMP, and TKIP mecha- nisms. The standard specifies security enhancements in encryption, authentication, and key management, and provides support for roaming.
  • Page 215 Wireless Security Configuration Establishing Security Figure 7-2. Configuring Static WEP To Configure Static WEP Shared Keys: Select WLANs. Click [Edit] after the selected WLAN. The WLAN Configuration Security pop-up window opens, displaying the Security tab. Select Static WEP from the Security Mode drop-down. To allow system authentication, select Shared from the Authentication option.
  • Page 216 Wireless Security Configuration Establishing Security Figure 7-3. Configuring WPA-PSK To Configure WPA-PSK: Select WLANs. Click [Edit] after the selected WLAN. The WLAN Configuration Security pop-up window opens, displaying the Security tab. Select WPA-PSK from the Security Mode drop-down. Select WPA, WPA2, or Both for WPA support, as required. Select Enable pre-authentication if you selected WPA2 or Both for the WPA version.
  • Page 217 Wireless Security Configuration Establishing Security Figure 7-4. Configuring WPA-802.1X To Configure WPA-802.1X: Select WLANs. Click [Edit] after the selected WLAN. The WLAN Configuration Security pop-up window opens, displaying the Security tab. Select WPA-802.1X from the Security Mode drop-down. Select WPA, WPA2, or Both for WPA support, as required. Select Enable pre-authentication if you selected WPA2 or Both for the WPA version.

  • Page 218: Manual Configuration Using The Cli

    Wireless Security Configuration Manual Configuration Using the CLI Manual Configuration Using the CLI The following sections show examples of how to use the CLI to view and configure access point security settings. N OT E : Security settings using the CLI can only be made for WLANs in the context of Radio 1.
  • Page 219 Wireless Security Configuration Manual Configuration Using the CLI Using the CLI to Configure No Security. The following example shows how to configure an WLAN interface to have no security set. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)#security no-security ProCurve Access Point 530(radio1-wlan1)#...
  • Page 220 Wireless Security Configuration Manual Configuration Using the CLI Using the CLI to View the Current WLAN (BSS/SSID) Configuration. The following example shows how to view the current configuration settings. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# show wlan 1 WLAN #1 on Radio 1...
  • Page 221 Wireless Security Configuration Manual Configuration Using the CLI Using the CLI to Configure Static WEP Shared Keys. The following example shows how to configure an SSID interface to use static WEP keys for authentication and encryption. These commands enable security and estab- lish the transfer key index (set to 4).
  • Page 222 Wireless Security Configuration Manual Configuration Using the CLI ProCurve Access Point 530(radio1-wlan1)#wep-key-1 abcde ProCurve Access Point 530(radio1-wlan1)#wep-key-2 fghi ProCurve Access Point 530(radio1-wlan1)#wep-key-3 klmn ProCurve Access Point 530(radio1-wlan1)#wep-key-4 pqrs ProCurve Access Point 530(radio1-wlan)# The following commands set the security to a shared-key authentication protocol.
  • Page 223 Wireless Security Configuration Manual Configuration Using the CLI ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)#security dynamic-wep radius primary ip ProCurve Access Point 530(radio1-wlan1)# 192.168.1.52 radius primary ProCurve Access Point 530(radio1-wlan1)# port 161 radius primary key...
  • Page 224 Wireless Security Configuration Manual Configuration Using the CLI The following example shows how to set to set the security key value using the wpa-pre-shared-key command. N o t e Supported stations must be WPA-enabled and configured with the same personal key. The personal key must be a string of 8 to 63 characters.
  • Page 225 Wireless Security Configuration Manual Configuration Using the CLI The following commands configure the built-in authentication server and authentications to the best security combination using the WPA Enterprise mode and the AES protocol. N o t e Supported authentication servers are the built-in authentication server on the access point or an external RADIUS server.

  • Page 226: Configuring Radius Client Authentication

    Wireless Security Configuration Configuring RADIUS Client Authentication Configuring RADIUS Client Authentication Remote Authentication Dial-in User Service (RADIUS) is an authentication protocol that controls access to RADIUS-aware devices on the network. An authentication server contains a database of credentials for each user who requires access to the network.

  • Page 227: Web: Setting Radius Server Parameters

    Wireless Security Configuration Configuring RADIUS Client Authentication To use dynamic VLAN, the access point must be using a security configuration that enables 802.1X authentication and must have a RADIUS server configured page 7-41). Wireless stations must also support 802.1X station software to (see be assigned to a specific VLAN.
  • Page 228 Wireless Security Configuration Configuring RADIUS Client Authentication Secondary Server Setup: Configures a secondary RADIUS server to ■ provide a backup in case the primary server fails. The access point uses the secondary server if the primary server fails or becomes inaccessible. Once the access point switches over to the secondary server, it periodically attempts to establish communication again with the primary server.

  • Page 229: Cli: Setting Radius Server Parameters

    Wireless Security Configuration Configuring RADIUS Client Authentication Enter the maximum number of retransmission attempts to be made in the Retransmit Attempts field. Select Internal Server to establish the internal server parameters as the RADIUS server. If selected, proceed to step 8. If not selected, continue to steps 4–8.

  • Page 230: Web: Establishing Local Radius Accounts

    Wireless Security Configuration Configuring RADIUS Client Authentication The following example shows how to configure RADIUS primary or secondary parameters for this WLAN. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# radius primary key open ProCurve Access Point 530(radio1-wlan1)# radius primary ip 192.168.1.53...

  • Page 231: Adding New Radius Accounts

    Wireless Security Configuration Configuring RADIUS Client Authentication Figure 7-6. Configuring an Existing Account To Modify an Existing Local RADIUS Account: Select Special Features > Local Radius tab. Select the account to modify. Do one of the following: • To enable the account, select Enable. •...
  • Page 232 Wireless Security Configuration Configuring RADIUS Client Authentication • Password: Provides a string with a minimum of 1 character and a maximum of 32 characters. Do not use special characters or spaces. • Confirm Password: Repeats the same string with a minimum of 1 character and a maximum of 32 characters.

  • Page 233: Managing The Radius User Database

    Wireless Security Configuration Configuring RADIUS Client Authentication Select [Add Account] to set the user account. Managing the RADIUS User Database The User Database tab shown in Figure 7-8 enables you to create a backup file. Once you have created user accounts for use with Local RADIUS, you can save the account information to a Backup file, which can then be used to Restore the Local RADIUS user accounts if needed.
  • Page 234 Wireless Security Configuration Configuring RADIUS Client Authentication Click Save to complete the process. The backup file will be placed in the specified folder. To Restore the Local RADIUS User Accounts From a User Database Backup: Select Special Features > Local Radius to display the Local RADIUS screen and user account information.

  • Page 235: Cli: Setting Local Radius Server Parameters

    Wireless Security Configuration Configuring RADIUS Client Authentication CLI: Setting Local RADIUS Server Parameters CLI Commands Used in This Section Command Syntax CLI Reference Page [no] radius-local <username> [Disabled] 9-69 [password <password>] [realname <realname>] vlan <id> 9-145 show radius-local 9-70 The following example shows how to configure local RADIUS server param- eters, including adding a new user, disabling an existing user, or removing the user from the local database.
  • Page 236 Wireless Security Configuration Configuring RADIUS Client Authentication The following example first sets the radius-local username to “chris” and subsequently sets the password for the chris user account to “chrisopen”. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radius-local chris realname csmith ProCurve Access Point 530(config)# radius-local chris password chrisopen...

  • Page 237: Configuring Mac Address Authentication

    Wireless Security Configuration Configuring MAC Address Authentication Configuring MAC Address Authentication MAC address authentication functions enable the access point to control which devices can associate with it. You can: ■ Configure the access point to authenticate client MAC addresses against a local Access Control List stored locally on the access point or stored remotely on a RADIUS server, Specify station MAC addresses in the local Access Control List as allowed...

  • Page 238: Mac Lockout And Client/Station Deauthentication

    Wireless Security Configuration Configuring MAC Address Authentication Consider the following guidelines: ■ Use MAC address authentication for a small network with a limited number of users. You can manually configure MAC addresses on the access point itself without the need to set up a RADIUS server. The access point supports up to 200 MAC addresses in its filtering table, but managing a large number of MAC addresses across more than one access point quickly becomes very cumbersome.

  • Page 239: Web: Configuring Access Control List

    Wireless Security Configuration Configuring MAC Address Authentication Web: Configuring Access Control List The Local MAC Authentication tab shown in Figure 7-9 enables you to create and maintain access control lists (ACLs) that can be directly applied to each WLAN for access control. You can modify these parameters: ■...

  • Page 240: Web: Configuring Mac Address Authentication

    Wireless Security Configuration Configuring MAC Address Authentication To Add a MAC Address to an Access Control List: Select the ACL from the ACL List drop-down. Enter the MAC address in the MAC Entry field. Click [Add] to add the new address to the ACL address list. To Remove a MAC Address from an Access Control List: Select the ACL from the ACL List drop-down.

  • Page 241: Cli: Configuring Mac Address Authentication

    Wireless Security Configuration Configuring MAC Address Authentication Figure 7-10. Configuring Built-In MAC Authentication To Configure Built-In MAC Authentication: Select WLANs. Click [Edit] after the selected WLAN. The WLAN Configuration Security pop-up window opens. Select the Mac Authentication tab. To enable local or remote MAC authentication, select Enabled and choose Local or Remote.
  • Page 242 Wireless Security Configuration Configuring MAC Address Authentication Configuring Local MAC Authentication Lists. The following example shows how to create a list of MAC addresses for authentication. N OT E The address format is a 48-bit MAC address format, displayed as a string of 12 hexadecimal digits separated by periods.
  • Page 243 Wireless Security Configuration Configuring MAC Address Authentication Verifying that the list was set on the WLAN. The following example shows how to view the newly created list using the show wlan command. ProCurve Access Point 530(radio1-wlan1)# show wlan 1 WLAN #1 on Radio 1 Description insecure Status...

  • Page 244: Web: Configuring Mac Lockout

    Wireless Security Configuration Configuring MAC Address Authentication Web: Configuring MAC Lockout The MAC Lockout tab shown in Figure 7-11 enables you to add devices with selected MAC addresses to a MAC Lockout list. The MAC Lockout list applies to all WLANs on all radios in the Access Point 530. You can modify these parameters: ■...

  • Page 245: Cli: Configuring Mac Lockout

    Wireless Security Configuration Configuring MAC Address Authentication CLI: Configuring MAC Lockout CLI Commands Used in This Section Command Syntax CLI Reference Page [no] lockout-mac <mac_address> 9-75 show lockout-mac 9-76 lockout-mac clear <mac_address> | all 9-76 Locking out a device from the access point. The following example shows how to add a device’s MAC address to the MAC Lockout list.

  • Page 246: Cli: Configuring Client/Station Deauthentication

    Wireless Security Configuration Configuring MAC Address Authentication Clearing the MAC Lockout list. The following example shows how to remove all MAC addresses from the current MAC Lockout list. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# lockout-mac clear all 2 MAC addresses removed from lockout list ProCurve Access Point 530(config)# show lockout-mac No MAC addresses in lockout list.

  • Page 247: Configuring 802.1X Ap Authentication

    Wireless Security Configuration Configuring 802.1X AP Authentication Configuring 802.1X AP Authentication The AP Authentication feature enables the AP 530 to authenticate itself to a standard RADIUS server using its own username and password, just as a client or station would. The Access Point 530 AP Authentication feature supports 802.1X port-access authentication when connecting to switches that support this feature.

  • Page 248: Web: Configuring Ap Authentication

    Wireless Security Configuration Configuring 802.1X AP Authentication If radios are shut down on an already-authenticated access point, you will only be able to reconfigure the access point using a wired ethernet connection or the console port. C a u t i o n When a VLAN with tagged management is used together with AP authentica- tion on the Access Point 530, do not configure the switch authenticator with an "auth-vid"...

  • Page 249: Cli: Configuring Ap Authentication

    Wireless Security Configuration Configuring 802.1X AP Authentication Enable AP Authentication on the access point by selecting the [Enabled] button. Select the EAP Type from the drop-down (either MD5 or PEAP). Enter the “user” name of the access point. Enter the password of the access point “user”. Select [Update] to update the AP Authentication settings.
  • Page 250 Wireless Security Configuration Configuring 802.1X AP Authentication Displaying the current AP Authentication status. Use the show system- information command to check the current AP Authentication status of the access point. ProCurve Access Point 530(config)# show ap-authentication AP Authentication Settings for the Access Point: Status: Enabled EAP Type: peap...

  • Page 251: Web Authentication For Mobile Users

    Wireless Security Configuration Web Authentication for Mobile Users Web Authentication for Mobile Users With the ProCurve Access Point 530, you can permit mobile users to authen- ticate to your network by entering their login credentials on a Web page. Web authentication (Web-Auth) credentials are verified through a RADIUS server.

  • Page 252: Url Intercept

    Wireless Security Configuration Web Authentication for Mobile Users URL Intercept After the user station associates with the WLAN successfully and receives an IP address, it enters the Web-Auth state. In this state, the user station is associated to the access point using one of the temporary IP addresses in the pool, but is not yet authenticated to the network.
  • Page 253 Wireless Security Configuration Web Authentication for Mobile Users Figure 7-14. Web-Auth Successful Authentication At this point, the user’s station enters the Authenticated state, the station receives a more permanent IP address from the network’s DHCP server, and the user can access the network resources to which he or she has rights. Failed Authentication.

  • Page 254: Redirecting To The Destination Url

    Wireless Security Configuration Web Authentication for Mobile Users Redirecting to the Destination URL After successful authentication, a timer counts down until the connection to the network is established. Then the user is redirected to the Redirect URL specified on the WLAN – Web Authentication screen. Web-Auth Security User Credentials The feature may be configured to offer authentication:...

  • Page 255: The Web-Auth Address Pool

    Wireless Security Configuration Web Authentication for Mobile Users The Web-Auth Address Pool When a client using dynamic IP addressing first associates with the access point, the AP-530 assigns the client a temporary IP address from a pool of temporary addresses that is shared by all Web-Auth WLANs. The addresses are served by a limited-function address server used only for initializing Web- Auth connections.

  • Page 256: Default Text Values For Authentication Screens

    Wireless Security Configuration Web Authentication for Mobile Users Title Text Header Text Descr. Text Footer Text Figure 7-16. Web-Auth Failed Authentication Default Text Values for Authentication Screens The default values for each of the three customizable authentication screens varies, depending on whether Web-Auth access is granted to: Only registered users ■...

  • Page 257: Welcome Screen Default Values

    Wireless Security Configuration Web Authentication for Mobile Users Welcome Screen Default Values Table 7-6. Welcome Screen Default Values Registered User Only Guest User Only Registered & Guest User Title Text Authentication Success Success Authentication Success Header Text Authentication Success Success Authentication Success Footer Text You now have access to the network You now have access to the network You now have access to the network...

  • Page 258: Configuration Summary

    Wireless Security Configuration Web Authentication for Mobile Users When using Web-Auth, users must disable any proxy server for their web ■ browser. N o t e After successfully authenticating using Web-Auth, the user may experience “Page Not Found” (timeout) errors when attempting to re-access the Web- Auth home page.

  • Page 259: Cli: Configuring The Global Address Pool

    Wireless Security Configuration Web Authentication for Mobile Users Lease Time: Specifies the lease, in seconds, granted to Web-Auth tempo- ■ rary addresses. ■ [Update]: Updates the Web-Auth address pool configuration. Figure 7-17. Configuring the Global Address Pool To Configure the global Address Pool: Select Web Authentication >...

  • Page 260: Web: Configuring Global Guest Account Settings

    Wireless Security Configuration Web Authentication for Mobile Users Configuring the global Address Pool on the access point. The follow- ing example configures a range of temporary IP addresses with 60 second leases. ProCurve Access Point 530(config)# web-auth starting-ip-address 192.168.0.1 255.255.240.0 ProCurve Access Point 530(config)# web-auth lease-time 60 show web-auth ProCurve Access Point 530(config)#...

  • Page 261: Cli: Configuring Global Guest Account Settings

    Wireless Security Configuration Web Authentication for Mobile Users Enter the password to be assigned to all Guest users in the Password field. Click [Update]. N o t e The username and password used for the global Guest user account must also be registered on the selected Web-Auth RADIUS server before Guest users can be authenticated using Web-Auth.

  • Page 262: Web: Configuring Web-Auth On A Wlan

    Wireless Security Configuration Web Authentication for Mobile Users Web: Configuring Web-Auth on a WLAN Prerequisites ■ Before enabling Web Authentication on a WLAN, the temporary address “Web: Configuring the Global Address pool must be configured, as described in Pool” on page 7-64.
  • Page 263 Wireless Security Configuration Web Authentication for Mobile Users Figure 7-19. Configuring Web Authentication on a WLAN To Configure Web Authentication: Select WLANs. Click [Edit] after the selected WLAN. The WLAN Configuration Security pop-up window opens. Select the Web Authentication tab. Click Web Authentication Enabled.

  • Page 264: Cli: Configuring Web-Auth On A Wlan

    Wireless Security Configuration Web Authentication for Mobile Users Click [Update]. CLI: Configuring Web-Auth on a WLAN Prerequisites Before enabling Web Authentication on a WLAN, the temporary address ■ “CLI: Configuring the Global Address Pool” pool must be configured, as described in on page 7-65.
  • Page 265 Wireless Security Configuration Web Authentication for Mobile Users Enabling Web-Auth on the access point. The following example enables Web-Authentication on WLAN 1, with Guest access and Registered User access enabled. ProCurve Access Point 530(radio1-wlan1)# web-auth guest-login ProCurve Access Point 530(radio1-wlan1)# web-auth username-login ProCurve Access Point 530(radio1-wlan1)# web-auth retry-limit 3 ProCurve Access Point 530(radio1-wlan1)# web-auth redirect-url www.procurve.com show wlan 1...

  • Page 266: Web: Customizing The Login, Welcome, And Failed Screens

    Wireless Security Configuration Web Authentication for Mobile Users Web: Customizing the Login, Welcome, and Failed Screens The Web Authentication – WLAN Web Authentication screen, through the Login, Welcome, and Failed tabs, shown in Figure 7-20 allows customization of the text on the three primary screens that are displayed during the Web Authentication process.
  • Page 267 Wireless Security Configuration Web Authentication for Mobile Users Figure 7-20. Configuring Guest Account Credentials To customize the text on the Web-Auth Login screen: Select WLANs. Click [Edit] after the selected WLAN. The WLAN Configuration Security pop-up window opens. Select the Web Authentication tab. Select the Login sub-tab.

  • Page 268: Cli: Customizing The Login, Welcome, And Failed Screens

    Wireless Security Configuration Web Authentication for Mobile Users Follow the same procedure for the Welcome sub-tab and the Failed sub-tab, if desired. N o t e If any of the fields is not explicitly customized, then the default value of the field is used.
  • Page 269 Wireless Security Configuration Web Authentication for Mobile Users Customizing the text on the Web-Auth Login screen. The following example customizes the text fields on the Login screen. The same fields may be customized on the Welcome screen and the Failed screen as well, using their respective commands.
  • Page 270 Wireless Security Configuration Web Authentication for Mobile Users — This page is intentionally unused. — 7-76...

  • Page 271: Special Features

    Special Features...
  • Page 272 Special Features Contents Overview ............8-3 QoS Commands .

  • Page 273: Overview

    Special Features Overview Overview The Access Point 530 provides the Web interface and CLI methods for config- uring special features such as QoS, upgrading software, WDS, AP detection, and STP. This chapter describes how to: ■ Configure QoS parameters Maintain configuration and upgrade files ■...

  • Page 274: Qos Commands

    Special Features QoS Commands QoS Commands QoS describes a range of technologies for controlling traffic on shared network connections. The IEEE 802.11e - 2005 standard defines a QoS stan- dard for transmission quality and availability of service on wireless networks. QoS is designed to provide better network service by minimizing network congestion;...

  • Page 275: Web: Configuring Qos Parameters

    Special Features QoS Commands Web: Configuring QoS Parameters Figure 8-1. Initial QoS Screen The QoS screen, shown in Figure 8-1, enables you to modify the following QoS parameters: Wi-Fi Multimedia (WMM): Enables/disables QoS prioritization and ■ coordination of wireless medium access. The QoS settings on the Access Point 530 control downstream traffic flowing from the access point to the client station (AP EDCA parameters) and the upstream traffic flowing from the station to the access point (station EDCA parameters).
  • Page 276 Special Features QoS Commands Figure 8-2. QoS Advanced Settings Screen The WMM Settings pop-up window, shown in Figure 8-2, enables you to modify the following queue QoS parameters: AP Enhanced Distributed Channel Access (EDCA) Parameters: ■ Affect traffic flowing from the access point to the client station. •...
  • Page 277 Special Features QoS Commands for the “cwMin” are 1, 3, 7, 15, 31, 63, 127, 255, 511, and 1024. The value for “cwMin” must be lower than the value for “cwMax”. (The default per queue: 3, 7, 15, 15.) • cwMax: Specifies the Maximum Contention Window QoS parameter.

  • Page 278: Cli: Configuring Qos Parameters

    Special Features QoS Commands for the “cwMax” are 1, 3, 7, 15, 31, 63, 127, 255, 511, and 1024. The value for “cwMax” must be higher than the value for “cwMin”. (The default per queue: 7, 15, 1023, 1023.) • TXOP Limit: Specifies the Transmission Opportunity QoS parameter.
  • Page 279 Special Features QoS Commands ProCurve Access Point 530(radio1)#qos ap-params voice aifs ProCurve Access Point 530(radio1)# This example sets the quality of service cwMin and cwMax contention window parameters on the AP EDCA medium-priority queue. ProCurve Access Point 530(radio1)#qos ap-params video cwmin ProCurve Access Point 530(radio1)#qos ap-params video cwmax ProCurve Access Point 530(radio1)# This example sets the quality of service Burst parameter on the AP EDCA...
  • Page 280 Special Features QoS Commands This example sets the quality of service AIFS wait time parameter to 10 seconds on the Station EDCA high priority queue. ProCurve Access Point 530(radio1)#qos sta-params voice aifs ProCurve Access Point 530(radio1)# This example sets the quality of service cwMin and cwMax contention window parameters on the Standard EDCA high-priority queue.
  • Page 281 Special Features QoS Commands This example uses the show qos commands to display QoS details on the access point. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# show qos ap-params ------------------------------------------------------------ Transmission Queue QoS Settings for the Access Point: Radio 1 Adaptive Inter- Contention...

  • Page 282: Sflow

    Special Features sFlow sFlow The Access Point 530 contains an sFlow agent. The sFlow agent samples traffic flow, treating the traffic that arrives on each of the radios or on the ethernet interface as a separate flow. The sFlow agent forwards traffic information to one or more sFlow collectors. The agent can create three separate instances for each flow, and forward the information for each instance to a different sFlow collector.

  • Page 283: Counter Polling By The Sflow Agent

    Special Features sFlow sFlow datagrams are compact and do not require a large amount of network bandwidth. The sampled packets are approximately 7 percent of the original packet size, and several samples can fit in a single datagram. Extra space at the end of the datagram is filled with the counters reported by polled radios “Counter Polling by the sFlow Agent”...
  • Page 284 Special Features sFlow The sFlow collector reserves the instance by writing its owner string into that instance on the sFlow receiver table. The sFlow collector, or receiver, also configures a receiver timeout value for itself. The agent counts down the receiver timeout, and when the timeout falls low, the sFlow receiver renews the reservation.

  • Page 285: Wireless Distribution System (Wds) And Spanning Tree Protocol (Stp)

    Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) The Access Point 530 includes Wireless Distribution System (WDS) support allowing wireless connectivity between access points instead of a wired Ethernet connection.
  • Page 286 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) At least one Access Point 530 must be connected to the network by means of a wired Ethernet connection. This Access Point 530 can then provide wireless WDS links for up to six other Access Point 530 units. In this configuration, the connected Access Point 530 (the one with the Ethernet connection) serves as a central access point to pass traffic to and from the other remote access points.
  • Page 287 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) The Access Point 530 can be used as a wireless bridge to connect two different wired subnetworks together. For example, you can connect wired networks in two buildings across the street from one another by attaching an Access Point 530 to each separate network and configuring with a WDS link between them.
  • Page 288 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) You can also configure the Access Point 530 to use WDS links in a multiple- hop configuration, as shown in Figure 8-5. In this configuration, the intermediate access point serves as a “repeater,” to bridge wireless traffic between an access point with an Ethernet connection and a more remote access point on the other side.

  • Page 289: Web: Configuring Wds Parameters

    Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) STP is supported with WDS to manage loops that might be formed in the network through configuration of multiple WDS links. Enabling STP is recom- mended whenever you configure WDS links, unless you are assured that network loops cannot occur in your WDS configuration.
  • Page 290 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) – Key Type: Establishes the type of the key as either ASCII or Hex. – Characters Required: Automatically populated based on the key length and key type. – WEP Key: Configures the WEP key for security. WDS WPA Security (see Figure 8-8) –...
  • Page 291 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) Figure 8-7. Configuring WDS Link Parameters with WEP Security To Configure WDS Link Parameters with WEP Security: Select Special Features > WDS. To enable a WDS link, choose Enabled for the specific link option. To set the radio to establish the WDS link, use the Radio drop-down.
  • Page 292 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) Figure 8-8. Configuring WDS Link Parameters with WPA Security To Configure WDS Link Parameters with WPA Security: Select Special Features > WDS. To enable a WDS link, click the Enabled button for the specific link. To set the radio to establish the WDS link, use the Radio drop-down.

  • Page 293: Cli: Configuring Wds Links

    Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) CLI: Configuring WDS Links CLI Commands Used in This Section Command CLI Reference Page enable 9-158 radio-used <1 |2 > 9-159 remote-mac <mac> 9-160 wds-ssid <ssid> (required when using WPA over WDS) 9-159 wep-key-ascii 9-162...
  • Page 294 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) Using the CLI to Create a Radio Link. This example sets the radio used with this WDS link. ProCurve Access Point 530(wds1)#radio-used 1 Using the CLI to Set Remote MAC. This example sets the remote MAC address associated with this WDS link.
  • Page 295 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) ProCurve Access Point 530(wds1)#show wds #Radio Local MAC Remote MAC Status Security ----------------------------------------------------------------------------- 00:14:C2:A4:14:BO 00:0D:9D:C6:98:7E Enabled no-security 00:14:C2:A4:14:AO 00:11:33:C6:88:EE Disabled no-security not assigned yet not set Disabled no-security not assigned yet not set Disabled no-security...

  • Page 296: Web: Configuring Stp Parameters

    Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) Web: Configuring STP Parameters The WDS screen in the Web browser interface (see Figure 8-9) provides global configuration for the Spanning Tree Protocol (STP). To modify additional “CLI: Establishing STP Settings” on page 8-27.

  • Page 297: Cli: Establishing Stp Settings

    Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) CLI: Establishing STP Settings CLI Commands Used in This Section Command CLI Reference Page [no] stp [hello-time <value>] [forward-delay <value>] [priority 9-164 <value>] show interface ethernet 9-97 N OT E This STP configuration is available only through the CLI and not through the Web browser interface.
  • Page 298 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) Using the CLI to View WDS Parameters. These examples use the show interface ethernet command and the show wds x command to check the status of the STP state and configured parameters. ProCurve Access Point 530#show interface ethernet Ethernet interface: --------------------...
  • Page 299 Special Features Wireless Distribution System (WDS) and Spanning Tree Protocol (STP) N o t e Spanning Tree Protocol (STP) has detected a loop and the WDS 1 interface is being blocked by STP, as shown in the following example. ProCurve Access Point 530(wds1)#show wds 1 WDS #1 Description Wireless Distribution System - Link 1 Status...

  • Page 300: Ap Detection Commands

    Special Features AP Detection Commands AP Detection Commands You can configure the access point to periodically scan all radio channels and find other access points within range. Alternatively, the access point can scan continuously in a dedicated mode with no stations supported. A database of nearby access points is maintained where detected access points can be identified.
  • Page 301 Special Features AP Detection Commands The Settings tab, shown in Figure 8-11, enables you to modify the following parameters: ■ AP Detection Radio 1/Radio 2: Enables/disables ability per radio for the access point to scan radio channels to discover other access points. (The default is Disable.) Scan Interval: Sets the minimum amount of time that the access point ■...
  • Page 302 Special Features AP Detection Commands Figure 8-11. AP Detection - Settings Tab To Enable AP Detection Parameters: Select Special Features > AP Detection and click the Settings tab. To enable scanning, select Enable from the AP Detection drop-down for the radio you are configuring.

  • Page 303: Cli: Configuring Ap Detection

    Special Features AP Detection Commands CLI: Configuring AP Detection CLI Commands Used in This Section Command CLI Reference Page [no] ap-detection [dedicated] 9-136 ap-detection duration <value> 9-137 ap-detection interval <value> 9-138 ap-detection expire-time <value> 9-137 ap-detection max-entries <value> 9-138 show detected-ap 9-139 Using the CLI to Enable Dedicated Neighboring AP Detection.
  • Page 304 Special Features AP Detection Commands ProCurve Access Point 530(radio1)#ap-detection expire-time ProCurve Access Point 530(radio1)#ap-detection max-entries Using the CLI to View the AP Scan Results. This example displays the current AP detection results. ProCurve Access Point 530(radio1)#show detected-ap Neighboring APs: BSSID SSID Chan Type...

  • Page 305: Probe Table

    Special Features Probe Table Probe Table The Access Point 530 supports the Rogue AP Detection feature in ProCurve Mobility Manager by making available, via SNMP, a table of PROBE requests from unassociated audible clients. Probe Table Description The first time a PROBE request is received from an unassociated audible client, a new entry in the Probe Table is created, consisting of: Radio number (1 or 2) ■...

  • Page 306: Identity Driven Management

    Special Features Identity Driven Management Identity Driven Management Identity-Driven Management (IDM) is integrated with 802.1X authentication methods, and to successfully utilize IDM, the access point SSID slated to use IDM must have one of the 802.1X security methods configured. IDM automat- ically configures the edge of the network, based on the identity of the user.

  • Page 307: Idm Acl

    ProCurve (HP) Vendor-Specific ID: 11 • Vendor-Specific Attribute for ACLs: 61 (string = HP-IP-FILTER-RAW) • Setting: HP-IP-FILTER-RAW = < “permit” or “deny” (Access Control Entry (ACE)> N o t e “Permit” forwards inbound packets, “deny” drops packets. ACL configuration, including: ■...
  • Page 308 Special Features Identity Driven Management — This page is intentionally unused. — 8-38...

  • Page 309: Command Line Reference

    Command Line Reference...

  • Page 310: Contents

    Command Line Reference Contents Contents Overview ............9-8 General Commands .
  • Page 311 Command Line Reference Contents System Clock Commands ........9-34 sntp .
  • Page 312 Command Line Reference Contents RADIUS Accounting/Authentication ......9-65 radius-accounting ......... . 9-65 radius failover-to-local | retransmit .
  • Page 313 Command Line Reference Contents description ..........9-92 dns primary .
  • Page 314 Command Line Reference Contents show basic-rate ......... . . 9-121 show stations .
  • Page 315 Command Line Reference Contents management-vlan ......... 9-146 QoS Commands .

  • Page 316: Overview

    Command Line Reference Overview Overview This chapter describes the commands provided by the Access Point 530 CLI. The CLI commands can be broken down into the functional groups shown below. Command Group Description Page General Initial commands for performing basic access point tasks. 9-10 System Management Basic commands for performing basic status, management,...
  • Page 317 Command Line Reference Overview The access mode shown in the following tables is indicated by these abbrevi- ations: • GC (Global Configuration), MC (Manager Executive Configuration), • • IC-E (Ethernet Interface Configuration), • IC-WDS(WDS Interface Configuration), • IC-R (Radio Wireless Interface Configuration), and •...

  • Page 318: General Commands

    Command Line Reference General Commands General Commands These commands are used to configure the basic commands on the access point. Command Function Mode Page configure Set the current context level to the Global 9-10 Configuration level. copy “Flash/File Commands” on page 9-50 9-51 Sets the current context level to the Manager Exec 9-11...

  • Page 319: End

    Command Line Reference General Commands Default Setting Command Mode Manager Exec Example ProCurve Access Point 530# configure ProCurve Access Point 530(config) This command sets the current context level to the Manager Exec level. Syntax Default Setting Command Mode Manager Exec Example This example shows how to return to the Manager Exec level from the Ethernet Interface Configuration mode:...

  • Page 320: Logout

    Command Line Reference General Commands Command Mode Manager Exec Example This example shows how to return to the previous command levels starting from the Interface Configuration mode and finally logging out of the CLI session: ProCurve Access Point 530(ethernet)# exit ProCurve Access Point 530(config)# exit ProCurve Access Point 530# exit Connection to host lost.

  • Page 321: Reload

    Command Line Reference General Commands Default Setting Command Mode Manager Exec Command Usage • Use the ping command to see if another site on the network can be reached. The following are some results of the ping command: • – Normal response - The normal response occurs in one to ten seconds, depending on network traffic.

  • Page 322: Show

    Command Line Reference General Commands This example shows how to perform a warm reboot of the system: ProCurve Access Point 530# reload Device will be rebooted, do you want to continue [y/n]?y Do you want to save the current configuration [y/n]?n Connection to host lost.
  • Page 323 Command Line Reference General Commands logging - Shows all the entries in the event log. See “show logging” on • page 9-32. mac-auth-local - Show all the entries in the local MAC address authen- • “show mac-auth-local” on page 9-74. tication control lists.

  • Page 324: Terminal

    Command Line Reference System Management Commands terminal This command sets terminal line parameters. Syntax terminal length | width length - Set number of lines on a screen. • – <2-1000> - Number of lines on a screen. width - Set width of display terminal. •...

  • Page 325: Country

    Command Line Reference System Management Commands Command Function Mode Page 9-21 [no] buttons Enables the ability to clear the password(s) and/or configurations. [no] cli-configuration Enables all CLI confirmation dialog prompts. 9-24 9-23 [no] console Enables the access point to be managed through a serial port.
  • Page 326 Command Line Reference System Management Commands Country Code Country Code Country Code Country Code Argentina French Guiana Luxembourg Singapore Armenia Georgia Macau Slovakia Australia Germany Macedonia, The Former Slovenia Yugoslav Republic Of Austria Gibraltar Malaysia South Africa Azerbaijan Greece Malta Spain Bahamas Guam...

  • Page 327: Hostname

    Command Line Reference System Management Commands Country Code Country Code Country Code Country Code Cuba Korea, Democratic Philippines Yemen People Republic Of Cyprus Korea, Republic Of Poland Zambia Czech Republic Kuwait Portugal Zimbabwe Denmark Kyrgyzstan Puerto Rico Dominican Republic Lao People’s Democratic Qatar Republic Ecuador...

  • Page 328: Domain

    Command Line Reference System Management Commands hostname - A text string to identify the system. • (Maximum length: 50 characters) Default Setting ProCurve-AP-530 Command Mode Global Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# hostname Gary domain This command sets the system domain name suffix for hostname/domain- name lookups, when the suffix is not obtained through DHCP.

  • Page 329: Password Manager

    Command Line Reference System Management Commands password manager This command sets the password for entering the Manager Exec level. Syntax password manager <password> password - A text string to establish security for entry into the Manager • Exec level. Note: The password is case sensitive and must be at least 1 character and at most 32 characters long.

  • Page 330: Cli-Confirmation

    Command Line Reference System Management Commands password-reset - Enables the ability to reset the password(s) on this • device via the buttons. The no version of the command disables this devices ability to reset the password(s) on this device via the buttons. system-reset - Enables the ability to reset the system via the buttons.

  • Page 331: Console

    Command Line Reference System Management Commands Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# cli-confirmation ProCurve Access Point 530(config)# console This command enables the serial console on the access point. The no version disables the serial console on the access point. The no console command will not work if the factory reset button is already disabled (e.g."...

  • Page 332: Ssh

    Command Line Reference System Management Commands Command Mode Global Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# telnet ProCurve Access Point 530(config)# This command enables the remote ssh access to this device. The no version disables the remote ssh access to this device. Syntax no ssh Default Setting...

  • Page 333: Show Buttons

    Command Line Reference System Management Commands ssl - Enable remote HTTPS (secure) access to the device. The no • version of the command disables remote HTTPS access. Default Setting Enabled Command Mode Global Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# web-management ssl ProCurve Access Point 530(config)# show buttons...

  • Page 334: Show Console

    Command Line Reference System Management Commands show console This command displays the status of the console. Syntax show console Default Setting Command Mode Manager Exec General Configuration Context Example ProCurve Access Point 530(config)# show console CLI Access: Serial Interface Enabled Telnet Interface Enabled SSH Interface...

  • Page 335: Show System-Information

    Command Line Reference System Management Commands Example ProCurve Access Point 530(config)# show ssh SSH Status Enabled ProCurve Access Point 530(config)# show system-information This command shows information about the device and the hostname/DNS information. This command is the same as the show system command. Syntax show system-information Default Setting...
  • Page 336 Command Line Reference System Management Commands Example ProCurve Access Point 530# show system-information Serial Number TW547VV07X System Name ProCurve-AP-530 System Up Time 2 days 23 hours 35 mins 18 secs System Location not set System Country Code Software Version WA.01.00 Ethernet MAC Address 00:14:C2:A5:08:CB IP Address...

  • Page 337: Show Version

    Command Line Reference System Management Commands show version This command displays the version of the software running on the device. Syntax show version Default Setting Command Mode Manager Exec Global Configuration Example ProCurve Access Point 530# show version Image Software Version WA.02.00.0412 Boot Software Version WAB.01.00...

  • Page 338: System Logging Commands

    Command Line Reference System Logging Commands System Logging Commands These commands are used to configure system logging on the access point. Command Function Mode Page Displays all log entries in access point memory. 9-30 [no] logging Adds a syslog server host IP address and assign a port number 9-31 <syslog_host>...

  • Page 339: Logging

    Command Line Reference System Logging Commands Example ProCurve Access Point 530# log Keys: M=eMergency C=Critical W=Warning I=Information A=Alert E=Error N=Notice D=Debug ----- Event Log Listing: Most Recent Events First ---- I 01/03/00 03:57:15 login[29765]: root login on `ttyp0' I 01/03/00 02:28:56 login[24466]: root login on `ttyp0' I 01/02/00 04:00:49 login[7445]: root login on `ttyp0'...

  • Page 340: Show Debug

    Command Line Reference System Logging Commands Command Usage The following examples show how to relay log entries to a syslog host on port 514 at IP address 10.1.0.3. Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# logging 10.1.0.3 514 ProCurve Access Point 530(config)# Related Commands show logging...
  • Page 341 Command Line Reference System Logging Commands Syntax show logging Default Setting Command Mode Manager Exec Example ProCurve Access Point 530# show logging Keys: M=eMergency C=Critical W=Warning I=Information A=Alert E=Error N=Notice D=Debug ----- Event Log Listing: Most Recent Events First ---- I 01/03/00 03:57:15 login[29765]: root login on `ttyp0' I 01/03/00 02:28:56 login[24466]: root login...

  • Page 342: System Clock Commands

    Command Line Reference System Clock Commands System Clock Commands These commands are used to configure SNTP on the access point. Command Function Mode Page sntp <server> Specifies time server 9-34 [ time-zone <minutes>] show sntp Shows current SNTP configuration settings. 9-35 show time Shows current date and time.

  • Page 343: Show Sntp

    Command Line Reference System Clock Commands Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# sntp 10.1.0.19 time-zone -480 show sntp This command displays the current time and configuration settings for the SNTP client. Syntax show sntp Default Setting Command Mode Manager Exec Example...
  • Page 344 Command Line Reference System Clock Commands Example ProCurve Access Point 530# show time Sat Jan 3 16:35:14 2008 ProCurve Access Point 530# 9-36...

  • Page 345: Network Management Application Commands

    Command Line Reference Network Management Application Commands Network Management Application Commands These commands are used to configure Simple Network Management Protocol (SNMP) and Link Layer Discovery Protocol which defines standards for facilities network management.. Command Function Mode Page SNMP [no] snmp-server community Sets up the private community access string to 9-38 <comm>...

  • Page 346: Snmp-Server Community Restricted | Unrestricted

    Command Line Reference Network Management Application Commands snmp-server community restricted | unrestricted This command defines the community access string for the read-only or read- write access Simple Network Management Protocol. Use the no form to remove the specified community string. Syntax snmp-server <...

  • Page 347: Snmp-Server Contact

    Command Line Reference Network Management Application Commands snmp-server contact This command specifies the SNMP contact name. Use the no form to remove the specified contact name. Syntax snmp-server contact <contact> no snmp-server contact contact - Name of the contact. • Default Setting Command Mode Global Configuration...

  • Page 348: Snmp-Server Host

    Command Line Reference Network Management Application Commands snmp-server host This command specifies the recipient of an SNMP trap notification. Use the no form to remove the specified trap host. Syntax snmp-server host <host> <comm> no snmp-server host host - IP address of the host. •...

  • Page 349: Snmp-Server Location

    Command Line Reference Network Management Application Commands snmp-server location This command specifies the SNMP location description. Use the no form to remove the specified location description. Syntax snmp-server location <location> no snmp-server location location - Name of the contact. • Default Setting Command Mode Global Configuration...

  • Page 350: Snmp-Server Port

    Command Line Reference Network Management Application Commands snmp-server port This command specifies the port number that the SNMP server will use on this device. Syntax snmp-server port <port> port - The number specifying the port to which the SNMP server will •...

  • Page 351: Snmp-Server Trap

    Command Line Reference Network Management Application Commands snmp-server trap This command enables and disables selected SNMP traps on the access point. Syntax [no] snmp-server trap <trap> trap - One of the SNMP traps supported by the AP-530: • adHocNetworkDetected apDetectionUpdate apInterfaceUpdate buttonUpdate clientAssociation...
  • Page 352 Command Line Reference Network Management Application Commands Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# snmp-server trap radiusAcctUpdate ProCurve Access Point 530(config)# 9-44...

  • Page 353: Show Snmp-Server

    Command Line Reference Network Management Application Commands show snmp-server This command displays information about the configuration and status of the SNMP server on this device. Syntax show snmp-server Default Setting None Command Mode Manger Exec Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# show snmp-server SNMP Server Settings ---------------------------------------------------------------------------...

  • Page 354: Snmpv3 Enable

    Command Line Reference Network Management Application Commands snmpv3 enable This command enables and disables SNMPv3 functions on the access point. Syntax snmpv3 enable [no] snmpv3 enable Default Setting Disabled Command Mode Global Configuration Example ProCurve Access Point 530# config ProCurve Access Point 530(config)# snmpv3 enable ProCurve Access Point 530(config)# show snmpv3 SNMPv3: Enabled...

  • Page 355: Snmpv3 User-Name

    Command Line Reference Network Management Application Commands snmpv3 user-name This command adds or removes SNMPv3 users on the access point. Syntax snmp-server user-name <user-name> [auth <md5 | sha> <auth-pass> [priv <des } aes> <priv-pass>]] [no] snmp-server user-name <user-name> user-name - The username of the new SNMPv3 user. •...

  • Page 356: Show Snmpv3

    Command Line Reference Network Management Application Commands show snmpv3 This command displays the current SNMPv3 settings on the access point. Syntax show snmpv3 Default Setting Disabled Command Mode Manager Exec Example ProCurve Access Point 530# show snmpv3 SNMPv3: Enabled SNMP engine ID: 00:00:00:0b:00:00:00:14:c2:a5:09:8c SNMPv3 user accounts: Username Auth.

  • Page 357: Show Lldp

    Command Line Reference Network Management Application Commands Command Mode Global Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# lldp ProCurve Access Point 530(config)# show lldp This command displays the status of the Link Layer Discovery Protocol (LLDP) service on the device. Syntax show lldp Default...

  • Page 358: Flash/File Commands

    Command Line Reference Flash/File Commands Flash/File Commands These commands are used to manage the system software or configuration files. Command Function Mode Page copy <ftp | scp | Copy data from a remote server onto the device. 9-53 tftp> <flash | startup-config>...

  • Page 359: Copy

    Command Line Reference Flash/File Commands copy This command copies data from a remote server onto the device. Syntax copy <ftp | scp | tftp> <flash | startup-config> <ip> <file> [user-name <user> password <pass>] ftp | scp | tftp - Specifies the type of remote server where the file is •...

  • Page 360: Copy Startup-Config

    Command Line Reference Flash/File Commands Syntax copy custom-default startup-config Default Setting Command Mode Manager Exec Example In this example, the copy custom-default startup-config command resets the startup configuration to the same setting as the custom-default configuration. ProCurve Access Point 530# copy custom-default startup- config ProCurve Access Point 530# Related Commands...

  • Page 361: Copy Factory-Default

    Command Line Reference Flash/File Commands Command Mode Manager Exec Example. ProCurve Access Point 530# copy startup-config ftp 192.168.1.52 copystart user-name chris password open ProCurve Access Point 530# copy startup-config tftp 192.168.1.52 copystart copy factory-default This command resets configuration file to the factory-default configuration on the device Syntax copy factory-default [ startup-config | custom-default ]...

  • Page 362: Erase

    Command Line Reference Flash/File Commands startup-config - Copies the running configuration to the startup config- • uration file. This option is functionally the same as the write memory command. custom-default - Copies the running configuration to the customer- • modifiable default configuration file. Default Setting Command Mode Manager Exec...

  • Page 363: Write

    Command Line Reference Flash/File Commands Default Setting Command Mode Manager Exec Example This example shows how to reset the startup configuration to the defaults.: ProCurve Access Point 530# erase startup-config ProCurve Access Point 530# Related Commands copy custom-default startup-config (page 9-51) write This command views or saves the running configuration of the device.

  • Page 364: Show Config

    Command Line Reference Flash/File Commands show config This command displays the startup configuration on the device. Syntax show config Default Setting Command Mode Manager Exec Example ProCurve Access Point 530# show config <?xml version="1.0"?> <config> <interface name="wlan0wds1"> <type>wds</type> <status>down</status> <wds-security-policy>no-security</wds-security-policy> <wep-key-length>104</wep-key-length>...

  • Page 365: Show Copy

    Command Line Reference Flash/File Commands show copy This command displays the status of the last copy operation (ftp/scp/tcfp). Syntax show copy Default Setting Command Mode Manager Exec Global Configuration Example ProCurve Access Point 530# show copy ------------------------------------------------------------ Copy Operation Status (FTP/SCP/TFTP) Last software image (flash) copy result: not initiated Last configuration file copy result:...

  • Page 366: Show Custom-Default

    Command Line Reference Flash/File Commands Example ProCurve Access Point 530# show tech ------------------------------------------------------------ Description Radio 1 - WLAN 10 Status Disabled SSID SSID 10 VLAN None BSSID not assigned yet DTIM Period Security Type no-security (No Sec.) Closed System Disabled MAC Auth Mode local deny-list only MAC Auth List...
  • Page 367 Command Line Reference Flash/File Commands Example ProCurve Access Point 530# show custom-default Version: 1 Length: 98936 MD5sum: 87a35d67230ec78a4a33d37abbf2bec0 <?xml version="1.0"?> <config> <interface name="wlan0wds1"> <type>wds</type> <status>down</status> <wds-security-policy>wpa-psk</wds-security-policy> <wep-key-length>104</wep-key-length> <radio>wlan1</radio> <wds-ssid>WDS SSID 2</wds-ssid> <wep-key-ascii>no</wep-key-ascii> <wds-wpa-psk-format>ascii</wds-wpa-psk-format> <description>Wireless Distribution System - Link 2</ description> </interface>...

  • Page 368: Show Running-Config

    Command Line Reference Flash/File Commands show running-config This command displays the running configuration file in a readable text format. Syntax show running-config Default Setting Command Mode Manager Exec Example ProCurve Access Point 530# show running-config <config> <interface name="wlan0wds1"> <type>wds</type> <status>down</status> <wds-security-policy>no-security</wds-security-policy>...

  • Page 369: Group Configuration

    Command Line Reference Group Configuration Group Configuration Use the following commands to configure a group of access points whose parameters are synchronized whenever one member of the group is updated. Only parameters in the Group Configuration Parameter Block are synchro- nized Command Function...

  • Page 370: Group-Config Name

    Command Line Reference Group Configuration The following example enables the group configuration feature. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# group-config write memory ProCurve Access Point 530(config)# ProCurve Access Point 530(config)# group-config name The command sets the name of the group to which the access point will belong.

  • Page 371: Show Group-Config

    Command Line Reference Group Configuration member-id - The string that identifies the access point within the group. • (Range: 1-40 alphanumeric characters) Default Setting None Command Mode Global Configuration Example: The following example identifies the access point in the member list as "AP1". ProCurve Access Point 530# configure ProCurve Access Point 530(config)# group-config member-id AP1 ProCurve Access Point 530(config)# write memory...
  • Page 372 Command Line Reference Group Configuration Example:. ProCurve Access Point 530# show group-config Status: Enabled Group name: WHBldg22 Member ID: ------------------------------- 00:14:C2:A5:09:8C 10.0.1.101 00:14:C2:A5:6A:B3 10.0.1.102 ProCurve Access Point 530# 9-64...

  • Page 373: Radius Accounting/Authentication

    Command Line Reference RADIUS Accounting/Authentication RADIUS Accounting/Authentication The access point provides configuration for RADIUS Accounting servers and Radius Authentication which can be used to provide valuable information on user activity in the network. Command Function Mode Page [no] radius-accounting < primary | Enables RADIUS Accounting.

  • Page 374: Radius Failover-To-Local | Retransmit

    Command Line Reference RADIUS Accounting/Authentication Default Setting Disabled Command Mode WLAN Radio Interface Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# radius-accounting primary ip 192.168.1.52 ProCurve Access Point 530(radio1-wlan1)# radius-accounting port 161 ProCurve Access Point 530(radio1-wlan1)# radius-accounting...

  • Page 375: Radius Primary | Secondary

    Command Line Reference RADIUS Accounting/Authentication Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# radius failover-to- local ProCurve Access Point 530(radio1-wlan1)# radius retransmit radius primary | secondary This command configures RADIUS configures primary and secondary param- eters for this WLAN.
  • Page 376 Command Line Reference RADIUS Accounting/Authentication mac-format single-dash - MAC addresses are in the form xxxxxx-xxxxxx. • Default Setting DHCP is enabled. Command Mode WLAN Radio Interface Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# radius primary key open ProCurve Access Point 530(radio1-wlan1)# radius primary ip...

  • Page 377: Radius Users

    Command Line Reference RADIUS Users RADIUS Users The access point provides configuration to add local RADIUS user information in the network. Command Function Mode Page [no] radius-local Configure a new radius-local user account or modify 9-69 <username> [disabled] a user account. | [ password <password>| realname <realname>]...

  • Page 378: Show Radius-Local

    Command Line Reference RADIUS Users Command Mode Global Configuration Example: The following example first sets the radius-local username to "chris" and subsequently sets the password for the chris user account to "chrisopen". ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radius-local chris ProCurve Access Point 530(config)# radius-local chris password chrisopen ProCurve Access Point 530(config)#...
  • Page 379 Command Line Reference RADIUS Users Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# show radius-local Username Real Name Status ---------- ---------- ---------- MSmith Mr Smith Enabled Chris CSmith Enabled ProCurve Access Point 530(config)# 9-71...

  • Page 380: Mac Address Authentication

    Command Line Reference MAC Address Authentication MAC Address Authentication Use these commands to define MAC authentication on the access point. For local MAC authentication, first create the MAC authorization lists, enter the MAC addresses to be filtered and then define the default filtering policy using the address filter default command.

  • Page 381: Mac-Auth-Remote

    Command Line Reference MAC Address Authentication Default None Command Mode WLAN Interface Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# mac-auth-local Bob accept-list ProCurve Access Point 530(radio1-wlan1)# mac-auth-remote This command enables remote MAC address authentication by using the RADIUS authentication server settings on this WLAN.

  • Page 382: Show Mac-Auth-Local

    Command Line Reference MAC Address Authentication show mac-auth-local This command displays all the entries in the local MAC address authentication control lists on the device. Syntax show mac-auth-local [<name> ] • name - Displays only MAC address entries for the specified list. Default Command Mode WLAN Radio Interface Configuration...

  • Page 383: Mac Lockout

    Command Line Reference MAC Lockout MAC Lockout Use these commands to control MAC lockout functions on the access point. Command Function Mode Page [no] lockout-mac <mac Adds or removes the selected MAC address to the MAC 9-75 address> Lockout list. show lockout-mac Shows all entries in the MAC Lockout list.

  • Page 384: Show Lockout-Mac

    Command Line Reference MAC Lockout show lockout-mac This command displays all entries in the MAC Lockout list on the device. Syntax show lockout-mac Default None Command Mode Manager Exec Example ProCurve Access Point 530# show lockout-mac Locked out addresses 00:14:C2:A5:09:8D 0A:16:D2:5A:23:78 Number of locked out MAC addresses = 2 ProCurve Access Point 530#...
  • Page 385 Command Line Reference MAC Lockout Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# lockout-mac clear all 2 MAC addresses removed from lockout list ProCurve Access Point 530(config)# show lockout-mac No MAC addresses in lockout list. ProCurve Access Point 530(config)# 9-77...

  • Page 386: Client/Station Deauthentication

    Command Line Reference Client/Station Deauthentication Client/Station Deauthentication Use this command to deauthenticate a device. Command Function Mode Page deauth-mac <mac Deauthenticates the specified MAC address from the 9-78 address> device. deauth-mac This command deauthenticates a device from the access point. Syntax deauth-mac <mac address>...

  • Page 387: Web Authentication Commands

    Command Line Reference Web Authentication Commands Web Authentication Commands The commands described in this section are used to enable and configure Web Authentication (Web-Auth) in the Access Point 530. Command Function Mode Page Global [no] web-auth Enables 802.1X authentication using a IC-R- 9-82 Web-browser interface on the access...

  • Page 388: Web-Auth (Global Address Pool)

    Command Line Reference Web Authentication Commands Command Function Mode Page web-auth custom-login-text [title <title- Specifies the custom text field values IC-R- 9-83 text>] | [header <header-text>] | [footer on the Web-Auth Login screen. WLAN <footer-text>] | [descriptive <descriptive-text>] [no] web-auth default-welcome-page Enables or disables the default field IC-R- 9-83...

  • Page 389: Web-Auth (Global Guest User)

    Command Line Reference Web Authentication Commands Example ProCurve Access Point 530(config)# web-auth starting-ip- address 192.168.0.1 255.255.240.0 ProCurve Access Point 530(config)# web-auth lease-time 60 show web-auth ProCurve Access Point 530(config)# Temporary Address Pool Start 192.168.0.1 Subnet 255.255.240.0 Lease time (secs.) Guest Username lbg_guest Guest Password lbgpassword...

  • Page 390: Web-Auth (Wlan Configuration)

    Command Line Reference Web Authentication Commands web-auth (WLAN Configuration) These commands configure the Web-Auth settings for the selected WLAN. The no version of a command clears the field value. Syntax [no] web-auth [no] web-auth guest-login [no] web-auth username-login [no] web-auth redirect-url web-auth retry-limit <retries>...

  • Page 391: Web-Auth (Wlan Screen Customization)

    Command Line Reference Web Authentication Commands Example ProCurve Access Point 530(radio1-wlan1)# web-auth guest-login ProCurve Access Point 530(radio1-wlan1)# web-auth username-login ProCurve Access Point 530(radio1-wlan1)# web-auth retry-limit 3 ProCurve Access Point 530(radio1-wlan1)# web-auth redirect-url www.procurve.com show wlan 1 ProCurve Access Point 530(radio1-wlan1)# WLAN # 1 on Radio 1 Description Radio 1 - WLAN 1...
  • Page 392 Syntax [no] web-auth default-login-page web-auth custom-login-text [title <title-text>] | [header <header-text>] | [footer <footer-text>] | [descriptive <descriptive-text>] [no] web-auth default-welcome-page web-auth custom-welcome-text [title <title-text>] | [header <header-text>] | [footer <footer-text>] | [descriptive <descriptive-text>] [no] web-auth default-failed-page web-auth custom-failed-text [title <title-text>] | [header <header-text>] | [footer <footer-text>] | [descriptive <descriptive-text>] default-login-page - Enables or disables the default field values for the •...

  • Page 393: Show Web-Auth

    Command Line Reference Web Authentication Commands Example ProCurve Access Point 530(radio1-wlan1)# web-auth custom-login-text title GS User Login ProCurve Access Point 530(radio1-wlan1)# web-auth custom-login-text header GS User Login ProCurve Access Point 530(radio1-wlan1)# web-auth custom-login-text descriptive Enter your General Services Department username and password. show wlan 1 ProCurve Access Point 530(radio1-wlan1)# show web-auth...

  • Page 394: Ap Authentication Commands

    Command Line Reference AP Authentication Commands AP Authentication Commands The command described in this section is used to enable and configure AP Authentication in the Access Point 530. Command Function Mode Page [no] ap-authentication Enables and disables AP authentication on the 9-86 access point.

  • Page 395: Show Ap-Authentication

    Command Line Reference Filtering Commands show ap-authentication This command displays the current AP Authentication settings on the device. Syntax show ap-authentication Default none Command Mode Global Configuration Example ProCurve Access Point 530(config)# show ap-authentication Status: Enabled EAP Type: peap ProCurve Access Point 530(config)# Filtering Commands The commands described in this section are used to filter communications between wireless stations, control access to the management interface from...

  • Page 396: Inter-Station-Blocking

    Command Line Reference Filtering Commands inter-station-blocking This command enables inter station blocking on the device. The no version of the command disables inter station blocking on the device. Syntax inter-station-blocking no inter-station-blocking Default Disabled Command Mode Global Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# inter-station-blocking ProCurve Access Point 530(config)# wireless-mgmt-block...

  • Page 397: Show Filters

    Command Line Reference Filtering Commands ProCurve Access Point 530# configure ProCurve Access Point 530(config)# wireless-mgmt-block ProCurve Access Point 530(config)# show filters This command displays management/traffic/security filter settings for the device. Syntax show filters Default Command Mode Global Configuration Manager Exec Example.

  • Page 398: Ethernet Interface Commands

    Command Line Reference Ethernet Interface Commands Ethernet Interface Commands The commands described in this section configure connection parameters for the Ethernet interface. Command Function Mode Page interface <interface> Enters Ethernet interface configuration mode 9-90 enable Enables the interface. IC-E 9-91 disable Disables the interface.

  • Page 399: Enable (Ethernet)

    Command Line Reference Ethernet Interface Commands Command Mode Global Configuration Example: ProCurve Access Point 530(config)# interface ethernet ProCurve Access Point 530(ethernet)# enable (ethernet) This command enables the specified interface. Syntax enable Default Setting Command Mode Ethernet Interface Configuration Example: ProCurve Access Point 530(config)# interface ethernet ProCurve Access Point 530(ethernet)# enable ProCurve Access Point 530(ethernet)# disable (ethernet)

  • Page 400: Description

    Command Line Reference Ethernet Interface Commands Command Usage This command allows you to disable the Ethernet interface due to abnormal behavior (e.g., excessive collisions), and re-enable it after the problem has been resolved. You may also want to disable the Ethernet interface for security reasons.

  • Page 401: Dns Secondary

    Command Line Reference Ethernet Interface Commands Syntax dns primary <server_1> server_1 - A static ip address set to the primary dns server. • (0.0.0.0~255.255.255.255) Default Setting Disabled Command Mode Global Configuration Command Usage • The primary and secondary name servers are queried in sequence. •...

  • Page 402: Ip Address

    Command Line Reference Ethernet Interface Commands Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# dns secondary 10.1.0.55 ProCurve Access Point 530(config)# ip address This command configures the IP address settings for the interface. The no version of the command clears the statically assigned IP address and network mask.

  • Page 403: Ip Default-Gateway

    Command Line Reference Ethernet Interface Commands • DHCP is enabled by default.The static ip address is used if the dhcp client is enabled, but can't contact a DHCP server. If contact is made with a DHCP server, then the DHCP client must be disabled in order to implement a static ip address.

  • Page 404: Speed-Duplex

    Command Line Reference Ethernet Interface Commands Example: ProCurve Access Point 530(config)# interface ethernet ProCurve Access Point 530(ethernet)# ip default-gateway 192.168.1.1 ProCurve Access Point 530(ethernet)# speed-duplex This command configures the mode of operation for the Ethernet port (Requires reboot). Syntax speed-duplex <auto |auto-10 |auto-100 |10-half |100-half |10-full |100-full > auto - Uses auto negotiation for speed and duplex mode.

  • Page 405: Show Interface

    Command Line Reference Ethernet Interface Commands Default Setting Command Mode Manager Exec Example ProCurve Access Point 530# show ip IP Address Information: System Host Name ProCurve-AP-530 IP Address 192.168.1.2 Subnet Mask 255.255.255.0 Default Gateway 192.168.1.253 DHCP Client Enabled DNS Information (Obtained from DHCP): Domain Name Suffix example.ca.example.net.

  • Page 406: Show Ip

    Command Line Reference Ethernet Interface Commands Example ProCurve Access Point 530# show interface ethernet Ethernet interface: --------------------- Description Ethernet MAC address 00:14:C2:A5:08:CB Speed-duplex auto Administrative status Enabled Link status [add-in-future] Management VLAN ID Untagged-VLAN ID Spanning Tree (STP) Enabled STP Port State forwarding STP Hello Interval 10.0...
  • Page 407 Command Line Reference Ethernet Interface Commands Example ProCurve Access Point 530# show ip IP Address Information: System Host Name ProCurve-AP-530 IP Address 192.168.1.2 Subnet Mask 255.255.255.0 Default Gateway 192.168.1.253 DHCP Client Enabled DNS Information (Obtained from DHCP): Domain Name Suffix example.net Primary DNS Server 204.127.202.0...

  • Page 408: Wireless Interface Commands

    Command Line Reference Wireless Interface Commands Wireless Interface Commands The commands described in this section configure global parameters for the wireless interface. Command Function Mode Page radio < 1 | 2 > Enters wireless interface configuration mode. 9-101 ssid <ssid> Sets SSID string.

  • Page 409: Radio

    Command Line Reference Wireless Interface Commands Command Function Mode Page slot-time Sets the wait time. IC-R 9-113 rts-threshold Sets the packet size threshold at which an RTS must IC-R 9-113 be sent to the receiving station prior to the sending station starting communications tx-power-reduction Adjusts the power of the radio signals transmitted from...

  • Page 410: Ssid

    Command Line Reference Wireless Interface Commands Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# ssid This command sets the Service Set Identifier (SSID) for this WLAN. Syntax ssid <ssid> ssid - The text string that specifies the SSID of the interface. •...

  • Page 411: Description

    Command Line Reference Wireless Interface Commands description This command adds a description to the radio, ssid, or wds interfaces. Use the no form to remove the description. The interface description is displayed when using the show wlan 1 command from the Manager Exec level. Syntax description <string>...
  • Page 412 Command Line Reference Wireless Interface Commands Command Mode WLAN Interface Configuration Command Usage • When closed system is enabled, stations with a configured SSID of "any" are not able to associate with the access point. Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# closed-system...

  • Page 413: Antenna

    Command Line Reference Wireless Interface Commands Radio Interface Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# mode g ProCurve Access Point 530(radio1)# antenna This command configures which antenna to use with this radio. Syntax antenna <external | internal>...

  • Page 414: Basic-Rate

    Command Line Reference Wireless Interface Commands single - Single antenna (using the "primary" antenna plug only. • Default Setting Diversity Command Mode Radio Interface Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# antenna mode diversity ProCurve Access Point 530(radio1)# basic-rate This command configures the specified transmission rate to the set of adver-...

  • Page 415: Supported-Rate

    Command Line Reference Wireless Interface Commands supported-rate This command adds the specified transmission rate to the set of supported rates for this radio. The no version of the command removes the specified transmission rate from the set of supported rates for this radio. Syntax supported-rate <value>...

  • Page 416: Beacon-Interval

    Command Line Reference Wireless Interface Commands Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# channel-policy static 1 ProCurve Access Point 530(radio1)# beacon-interval This command configures the rate at which beacon frames are transmitted rate-limit from the access point.

  • Page 417: Dtim-Period

    Command Line Reference Wireless Interface Commands dtim-period This command configures the frequency at which stations sleeping in low- power mode should wake up to receive broadcast/multicast transmissions. Syntax dtim-period <value> value - Interval between the beacon frames that transmit broadcast or •...

  • Page 418: Max-Stations

    Command Line Reference Wireless Interface Commands max-stations This command sets the maximum number of wireless stations for this WLAN. Syntax max-stations<value> value - The value of the maximum number of stations. Valid value is • between 0 and 256. Default Setting Command Mode Radio Interface Configuration Example...

  • Page 419: Protected-Mode

    Command Line Reference Wireless Interface Commands Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# preamble short ProCurve Access Point 530(radio1# protected-mode This command configures the 802.11 b/g CTS protection mode for this radio. The no version of the command disables the protection mode.

  • Page 420: Inactivity-Timeout

    Command Line Reference Wireless Interface Commands Command Mode Radio Interface Configuration Command Usage • If the packet size is smaller than the preset fragment size, the packet will not be fragmented. • Setting the threshold to the largest value (2,346 bytes) effectively disables fragmentation.

  • Page 421: Slot-Time

    Command Line Reference Wireless Interface Commands Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# inactivity-timeout 10 ProCurve Access Point 530(radio1)# slot-time This command sets the wait-time before transmitting data on this radio. Syntax slot-time <long | short>...

  • Page 422: Tx-Power-Reduction

    Command Line Reference Wireless Interface Commands Command Mode Radio Interface Configuration Command Usage • If the threshold is set to 0, the access point always sends RTS signals. If set to 2347, the access point never sends RTS signals. If set to any other value, and the packet size equals or exceeds the RTS threshold, the RTS/CTS (Request to Send / Clear to Send) mechanism will be enabled.

  • Page 423: Enable (Wireless)

    Command Line Reference Wireless Interface Commands Command Usage • The radio operates at maximum power when this parameter is set to 0 dB. • It may be necessary to apply Tx Power Reduction, if your antenna gain causes the radio power to exceed the regulatory domain limit. •...

  • Page 424: Disable (Wireless)

    Command Line Reference Wireless Interface Commands disable (wireless) This command disables either the radio, ssid, or wds interfaces. Syntax disable Default Setting Command Mode Radio Interface Configuration WDS Interface Configuration WLAN Interface Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# disable ProCurve Access Point 530(radio1)# show radio...

  • Page 425: Show Ssid

    Command Line Reference Wireless Interface Commands Example ProCurve Access Point 530# show radios ------------------------------------------------------------ Radio Status Base MAC Address Mode Channel TX-Power ----------------------------------------------------------------------- Disabled 00:14:C2:A5:22:E0 802.11g - Auto 0 dBm Disabled 00:14:C2:A5:22:F0 802.11a 36 - Auto 0 dBm ProCurve Access Point 530# show radio 1 Description Radio 1 - 802.11g Base MAC...
  • Page 426 Command Line Reference Wireless Interface Commands all - Display information about the WLAN (SSID/BSS) on both radios • (only has an effect when in a radio or WLAN context). Default Command Mode Manager Exec WLAN Interface Configuration Example: show ssid 1 ProCurve Access Point 530# show ssid 1 WLAN # 1 on Radio 1 Description...

  • Page 427: Show Wlan

    Command Line Reference Wireless Interface Commands show wlan This command provides information about the Service Sets/Basic Service Sets of the radio(s) on the device. If in a radio or WLAN context, displays informa- tion only about the radio in context. This is functionally equivalent to the show ssid command.
  • Page 428 Command Line Reference Wireless Interface Commands Example: show wlans ProCurve Access Point 530(radio1-wlan1)# show wlans All WLANs on Radio 1: WLAN BSSID VLAN Security Status ------------------------------------------------------------------------------ SSID 1 00:14:C2:A5:22:E0 No Sec. Enabled SSID 2 not assigned yet none(-) No Sec. Disabled SSID 3 not assigned yet none(-)

  • Page 429: Show Basic-Rate

    Command Line Reference Wireless Interface Commands Example: show wlan1 ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# show wlan1 ------------------------------------------------------------ WLAN # 1 on Radio 1 Description Radio 1 - WLAN 1 Status Enabled SSID...

  • Page 430: Show Stations

    Command Line Reference Wireless Interface Commands Command Mode Manager Exec Example ProCurve Access Point 530# show basic-rate Basic (advertised) data rates (Mbps). -------------------------------------- Radio 1 (802.11g): 1, 2, 5.5, 11 Radio 2 (802.11a): 6, 12, 24, 54 ProCurve Access Point 530# show stations This command displays information about wireless stations.

  • Page 431: Show Supported-Rate

    Command Line Reference Wireless Interface Commands Example. ProCurve Access Point 530# show stations ------------------------------------------------------------ Station On WLAN (radio index/WLAN index) Auth. Assoc. Fwd. ------------------------------------------------------------------------------ 00:11:50:55:50:11 work1 (2/1) 00:15:00:47:5f:6a SSID 10 (1/10) ProCurve Access Point 530# show stations detail Station 00:11:50:55:50:11 Authenticated Radio/WLAN work1 (2/1)

  • Page 432: Wireless Security Commands

    Command Line Reference Wireless Security Commands Wireless Security Commands The commands described in this section configure parameters for wireless security on SSID interfaces. Command Function Mode Page security <no-security | static- Enables the type of security suite on a SSID IC-W-S 9-125 wep | dynamic wep | wpa-psk |...

  • Page 433: Security

    Command Line Reference Wireless Security Commands security This command defines the mechanisms employed by the access point for wireless security. Syntax security <no-security | static-wep | dynamic-wep | wpa-psk| wpa-8021x> no-security - No encryption for data transfers. This is not recom- •...
  • Page 434 Command Line Reference Wireless Security Commands • WPA2 defines a transitional mode of operation for networks moving from WPA security to WPA2. WPA2 Mixed Mode allows both WPA and WPA2 stations to associate to a common SSID interface. When the encryption cipher suite is set to tkip-aes, the unicast encryption cipher (TKIP or AES) is negotiated for each client.

  • Page 435: Wep-Default-Key

    Command Line Reference Wireless Security Commands Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# security wpa-8021x ProCurve Access Point 530(radio1-wlan1)# wpa-allowed ProCurve Access Point 530(radio1-wlan1)# wpa2-allowed ProCurve Access Point...

  • Page 436: Wep-Key-Ascii

    Command Line Reference Wireless Security Commands Example The following example shows how to configure a WLAN to use static WEP keys for authentication and encryption. These commands enable security and establish the transfer key index (set to ProCurve Access Point 530# configure ProCurve Access Point 530(config)# radio 1 ProCurve Access Point 530(radio1)# wlan 1 ProCurve Access Point 530(radio1-wlan1)# security static-wep...

  • Page 437: Wep-Key-Length

    Command Line Reference Wireless Security Commands wep-key-length This command sets the WEP key length when using static-wep security. Syntax wep-key-length <64|128> 64 - The 64 bit wep key length (with initializing vector, otherwise it is • 40 bits). 128 - The 128 bit wep key length (with initializing vector, otherwise it •...

  • Page 438: Open-System-Auth

    Command Line Reference Wireless Security Commands Default Setting None Command Mode WLAN Interface Configuration Example ProCurve Access Point 530(radio1-wlan1)# wep-key-ascii ProCurve Access Point 530(radio1-wlan1)# wep-key-length 64 ProCurve Access Point 530(radio1-wlan1)# wep-key-1 abcde ProCurve Access Point 530(radio1-wlan1)# wep-key-2 fghi ProCurve Access Point 530(radio1-wlan1)# wep-key-3 klmn ProCurve Access Point 530(radio1-wlan1)# wep-key-4 opqr ProCurve Access Point 530(radio1-wlan1)# open-system-auth...

  • Page 439: Wpa-Allowed | Wpa2-Allowed

    Command Line Reference Wireless Security Commands shared-key-auth This command enables shared-key authentication for associating with this WLAN. The no version of the command disables shared-key authentication. Syntax shared-key-auth no shared-key-auth Default Setting Disabled Command Mode WLAN Interface Configuration Command Usage •...

  • Page 440: Wpa-Pre-Shared-Key

    Command Line Reference Wireless Security Commands Example ProCurve Access Point 530(radio1-wlan1)# wpa-allowed ProCurve Access Point 530(radio1-wlan1)# wpa2-allowed ProCurve Access Point 530(radio1-wlan1)# wpa-pre-shared-key This command defines a Wi-Fi Protected Access (WPA) pre-shared key when using WPA security. Syntax wpa-pre-shared-key <key> key - The key string must be a string of characters between 8 and 63. •...

  • Page 441: Wpa-Cipher-Tkip

    Command Line Reference Wireless Security Commands wpa-cipher-tkip This command enables Temporal Key Integrity Protocol for WPA on this WLAN. The no command disables TKIP for WPA on this WLAN. Syntax wpa-cipher-tkip no wpa-cipher-tkip Default Setting Enabled. This is the default CIPHER protocol. Command Mode WLAN Interface Configuration Command Usage...

  • Page 442: Wpa-Psk-Ascii

    Command Line Reference Wireless Security Commands Command Usage • This is one of the authentication options required to establish proper WPA-PSK or WPA-802.1X security. • When both TKIP and AES authentication methods are set, both TKIP and AES stations can associate with the access point. WPA stations must have either a valid TKIP or AES Key to communicate.

  • Page 443: Rsn-Preauthentication

    Command Line Reference Wireless Security Commands Command Mode WLAN Interface Configuration Example ProCurve Access Point 530(radio1-wlan1)# wpa-psk-hex ProCurve Access Point 530(radio1-wlan1)# rsn-preauthentication This command enables WPA2 stations to pre-authenticate on this WLAN. The no version of the command disables WPA2 stations from being able to pre- authenticate.

  • Page 444: Neighbor Ap Detection Commands

    Command Line Reference Neighbor AP Detection Commands Neighbor AP Detection Commands The access point can be configured to periodically scan all radio channels and find other access points within range. Alternatively, the access point can scan continuously in a dedicated mode with no stations supported. A database of nearby access points is maintained where detected APs can be identified.

  • Page 445: Ap-Detection Duration

    Command Line Reference Neighbor AP Detection Commands Command Usage • While the access point scans a channel for neighbor APs, wireless stations will not be able to connect to the access point. Therefore, frequent scanning or scans of a long duration will degrade the access point’s performance.

  • Page 446: Ap-Detection Interval

    Command Line Reference Neighbor AP Detection Commands 3600 s Command Mode Radio Interface Configuration Example ProCurve Access Point 530(radio1)# ap-detection expire-time ProCurve Access Point 530(radio1)# ap-detection interval This command sets the amount of time to wait between scans when performing periodic (passive) scanning. Syntax ap-detection interval <value>...

  • Page 447: Show Detected-Ap

    Command Line Reference Neighbor AP Detection Commands Command Mode Radio Interface Configuration Example ProCurve Access Point 530(radio1)# ap-detection max-entries ProCurve Access Point 530(radio1)# show detected-ap This command displays the current AP detection configuration. Syntax show detected-ap Default Setting Command Mode Manager Exec Radio Interface Configuration Example...

  • Page 448: Adaptive Tx Power Control Commands

    Command Line Reference Adaptive Tx Power Control Commands Adaptive Tx Power Control Commands The commands described in this section configure parameters for Adaptive Tx Power Control. Command Function Mode Page [no] atpc Enables and disables Adaptive Tx Power IC-R 9-140 Control on the selected radio.

  • Page 449: Atpc Avoid-Other-Aps

    Command Line Reference Adaptive Tx Power Control Commands Example ProCurve Access Point 530(radio1)# atpc ProCurve Access Point 530(radio1)# atpc avoid-other-aps This command enables and disables the Avoid Other APs function. Syntax [no] atpc avoid-other-aps no - Disables the Avoid Other APs function on the selected radio. •...

  • Page 450: Atpc Adapt

    Command Line Reference Adaptive Tx Power Control Commands Default Setting Disabled Command Mode Interface Configuration (Radio) Command Usage • When an RF Group Name is specified, adapts only to other APs on the same channel that have the same RF Group Name assigned. •...

  • Page 451: Atpc Max-Atpc-Atten

    Command Line Reference Adaptive Tx Power Control Commands Example ProCurve Access Point 530(radio1)# atpc adapt ap ProCurve Access Point 530(radio1)# atpc max-atpc-atten This command sets the Maximum Tx Power Reduction to be applied by on the selected radio. Syntax atpc max-reduction <max-reduction> no - Disables on the selected radio.
  • Page 452 Command Line Reference Adaptive Tx Power Control Commands Example ProCurve Access Point 530# show atpc Radio 1 ------- atpc: enabled RF Group name: AirportNet Avoid Other WLANs: disabled Max Power Reduction: Adaptive Mode: Current Beacon Backoff: 4 dB Current Data Backoff: 4 dB Radio 2 -------...

  • Page 453: Vlan Commands

    Command Line Reference VLAN Commands VLAN Commands The VLAN commands supported by the access point are listed below. Command Function Mode Page vlan <vid> Configures the default VLAN for an SSID IC-R- 9-145 interface. WLAN [no] untagged-vlan <vid> Configure the global untagged VLAN ID for 9-146 the AP.

  • Page 454: Untagged-Vlan

    Command Line Reference VLAN Commands N o t e You must not use the same VLAN ID for both a statically configured VLAN and for a VLAN dynamically configured by a RADIUS server policy. If you dynam- ically assign a VLAN that has already been statically assigned to a VLAN or to the management VLAN or untagged VLAN, the dynamic authentication will fail and will continue trying to authenticate.
  • Page 455 Command Line Reference VLAN Commands Command Mode Ethernet Interface Configuration Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# interface ethernet ProCurve Access Point 530(ethernet)# management-vlan 9 ProCurve Access Point 530(ethernet)# N o t e You must not use the same VLAN ID for both a statically configured VLAN and for a VLAN dynamically configured by a RADIUS server policy.

  • Page 456: Qos Commands

    Command Line Reference QoS Commands QoS Commands The QoS commands supported by the access point are listed below. C A U T I O N The default WMM parameters settings are usually adequate for WMM opera- tion. Incorrect WMM settings can adversely affect network performance. Changes to WMM parameters should be reserved for someone with an advanced knowledge of how WMM operates.

  • Page 457: Qos Ap-Params

    Command Line Reference QoS Commands qos ap-params This command configures QoS-related parameters on the device for this radio. Syntax qos ap-params <voice | video | best-effort | background> { [aifs <aifs>] [cwmin <cwmin>] [cwmax <cwmax>] [burst <burst>]} voice - High priority queue, minimum delay. Time-sensitive data such •...
  • Page 458 Command Line Reference QoS Commands Radio 1 Adaptive Inter- Contention Contention Maximum Burst Queue Frame Space Min. Window Max. Window Length ------------------------------------------------------------------------------- Voice Video Best-Effort Background 1023 Radio 2 Adaptive Inter- Contention Contention Maximum Burst Queue Frame Space Min. Window Max.

  • Page 459: Qos Sta-Params

    Command Line Reference QoS Commands qos sta-params This command configures QoS related parameters on the device for the wireless stations. Syntax qos sta-params <voice|video|best-effort|background> {<[aifs <aifs>] [cwmin <cwmin>] [cwmax <cwmax>] [txop-limit <txop-limit>]} voice - High priority queue, minimum delay. Time-sensitive data such •...
  • Page 460 Command Line Reference QoS Commands Radio 1 Adaptive Inter- Contention Contention Maximum Burst Queue Frame Space Min. Window Max. Window Length ------------------------------------------------------------------------------- Voice Video Best-Effort Background 1023 Radio 2 Adaptive Inter- Contention Contention Maximum Burst Queue Frame Space Min. Window Max.

  • Page 461: Qos Wmm

    Command Line Reference QoS Commands This example sets the quality of service TXOP-LIMIT (transmission opportu- nity limit) parameter on the Standard EDCA high priority queue. . ProCurve Access Point 530(radio1)# qos sta-params background txop-limit 1 ProCurve Access Point 530(radio1)# qos wmm This command enables using Wireless Multimedia Extensions on this WLAN.

  • Page 462: Show Qos

    Command Line Reference QoS Commands show qos This command displays details about QoS settings on the device. Syntax show qos [ ap-params |sta-params ] ap-params - Displays detailed information about QoS settings on the • device. sta-params - Display detailed information about QoS settings on the •...
  • Page 463 Command Line Reference QoS Commands Example: wme-queue . ProCurve Access Point 530(radio1)# show qos sta-params Transmission queue QoS settings for wireless stations: Radio 1 Adaptive Inter- Contention Contention Transmission Queue Frame Space Min. Window Max. Window Opportunity Limit ------------------------------------------------------------------------------- Voice Video Best-Effort 1023...

  • Page 464: Rate-Limit

    Command Line Reference QoS Commands rate-limit This command configures the maximum rate at which the access point transmits multicast and broadcast traffic. The no version of the command disables rate-limiting on the radio. Syntax rate-limit <rate> <burst> no rate-limit rate - The broadcast/multicast rate limit value in packets per second. •...

  • Page 465: Wireless Distribution System (Wds)

    Command Line Reference Wireless Distribution System (WDS) Wireless Distribution System (WDS) The WDS commands supported by the access point are listed below. Command Function Mode Page description Establishes the WDS link description IC-WDS 9-158 disable Disables the WDS link. IC-WDS 9-158 enable Establishes the WDS link.

  • Page 466: Disable (Wds)

    Command Line Reference Wireless Distribution System (WDS) Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# interface wds1 ProCurve Access Point 530(wds1)# description WDSEXAMPLE ProCurve Access Point 530(wds1)# disable (wds) This command disables the WDS link. Syntax disable Default Setting Disabled Command Mode WDS Interface Configuration...

  • Page 467: Wds-Ssid

    Command Line Reference Wireless Distribution System (WDS) Example ProCurve Access Point 530# configure ProCurve Access Point 530(config)# interface wds1 ProCurve Access Point 530(wds1)# enable ProCurve Access Point 530(wds1)# wds-ssid This command sets the WDS SSID string for this WDS link. This command is only used for the wpa-psk security mode only.

  • Page 468: Remote-Mac (Wds)

    Command Line Reference Wireless Distribution System (WDS) Default Command Mode WDS Interface Configuration Example ProCurve Access Point 530(wds1)# radio-used 1 remote-mac (wds) This command sets the remote MAC address associated with this WDS link. Syntax remote-mac <mac address> mac address - Specifies an entry in the authentication control list by •...

  • Page 469: Wep-Key (Wds)

    Command Line Reference Wireless Distribution System (WDS) Command Mode WDS Interface Configuration Example ProCurve Access Point 530(wds1)# show wds 1 WDS # 1 Description WDSLINK Status Enabled Use Radio Local MAC 00:14:03:A2:4F:DE Remote MAC 00:0D:9D:C6:98:7E STP State forwarding WDS SSID marge Security Type no-security (from WLAN 1)

  • Page 470: Wep-Key-Ascii (Wds)

    Command Line Reference Wireless Distribution System (WDS) – If Key Length is 104 bits and Key Type is "Hex", then each WEP Key must be 26 characters long. Default Setting None Command Mode WDS Interface Configuration Example ProCurve Access Point 530(wds1)# wep-key abcde ProCurve Access Point 530(wds1)# wep-key-ascii (wds) This command sets the WDS WEP key type to ASCII when using static-wep...

  • Page 471: Wpa-Pre-Shared-Key (Wds)

    Command Line Reference Wireless Distribution System (WDS) 128 - The 128 bit wep key length (with initializing vector, otherwise it • is 104 bits). Default Setting Command Mode WDS Interface Configuration Example ProCurve Access Point 530(wds1)# wep-key-length 64 ProCurve Access Point 530(wds1)# wpa-pre-shared-key (wds) This command defines a Wi-Fi Protected Access (WPA) personal key associ- ated with this link.

  • Page 472: Spanning Tree Protocol (Stp)

    Command Line Reference Spanning Tree Protocol (STP) Spanning Tree Protocol (STP) The STP commands supported by the access point are listed below. Command Function Mode Page [no] stp [hello-time <value>] [forward- Sets stp parameters for this device. GC 9-164 delay <value>] [priority <value>] This command configures Spanning Tree Protocol settings for the device.
  • Page 473 Command Line Reference Spanning Tree Protocol (STP) Example. ProCurve Access Point 530# configure ProCurve Access Point 530(config)# stp ProCurve Access Point 530(config)# stp hello-time 5 ProCurve Access Point 530(config)# stp forward-delay 10 ProCurve Access Point 530(config)# stp priority 255 ProCurve Access Point 530(config)# 9-165...
  • Page 474 Command Line Reference Spanning Tree Protocol (STP) — This page is intentionally unused. — 9-166...
  • Page 475 File Uploads, Downloads, and Resets...
  • Page 476 File Uploads, Downloads, and Resets Contents Contents Overview ........... . . A-3 Downloading Access Point Software .

  • Page 477: Overview

    File Uploads, Downloads, and Resets Overview Overview You can download new access point software and upload or download config- uration files. These features are useful for acquiring periodic access point software upgrades and for storing or retrieving a switch configuration. This appendix includes the following information: ■...

  • Page 478: General Software Download Rules

    File Uploads, Downloads, and Resets Downloading Access Point Software Downloading Access Point Software The ProCurve support site periodically provides access point software http://www.procurve.com/software updates through the ProCurve Web site (visit select Wireless access points). After you acquire a new access point software file, you can use one of the following methods for downloading the software code to the access point.

  • Page 479: Web: Tftp, Ftp, Or Stp Software Download To The Access Point

    File Uploads, Downloads, and Resets Downloading Access Point Software Determine the name of the access point software file stored in the TFTP, ■ FTP, or SCP server for the access point N o t e If your TFTP, FTP, or STP server is a Unix workstation, ensure that the case (upper or lower) that you specify for the filename is the same case as the characters in the access point software filenames on the server.
  • Page 480 File Uploads, Downloads, and Resets Downloading Access Point Software • File Name: Specifies the name of the software file on the server. The new software file name should not contain slashes (\ or /), the leading letter of the file name should not be a period (.), and the maximum length for file names on the FTP/TFTP server is 255 char- acters or 32 characters for files on the access point.

  • Page 481: Cli: Viewing Software Versions

    File Uploads, Downloads, and Resets Downloading Access Point Software To Upload a Local Software File: Select Management> System Maintenance > Software tab. Specify the path and file name of the software on the local computer in [Search] the File Name field. You can use to find the software upgrade file on a local system.

  • Page 482: Transferring Configuration Files

    File Uploads, Downloads, and Resets Transferring Configuration Files Transferring Configuration Files Using the Web user interface and CLI commands described in this section, you can copy access point configuration files to and from an FTP, TFTP, or STP server. When you copy the access point configuration file to a specified server type, that file can later be downloaded to the access point to restore the system configuration.
  • Page 483 File Uploads, Downloads, and Resets Transferring Configuration Files • [Update]: Updates the system with the specified parameters and performs any requested actions. ■ Reset Configuration: Parameters and actions needed to reset a config- uration. • [Reset to Factory Default]: Resets the AP to original settings. •...
  • Page 484 File Uploads, Downloads, and Resets Transferring Configuration Files Enter IP Address, File Name, Username, and Password for the server details Click [Update] to perform the upload or download operation. To Reset A Configuration: Select Management> System Maintenance > Configuration Files tab. To reset the configuration back to the factory default configuration, click [Reset] on the Reset to Factory Default option.
  • Page 485 File Uploads, Downloads, and Resets Transferring Configuration Files Using the CLI to Copy and Reset Config Files. This example displays how to reset the configuration file back to the factory-default configuration on the device. ProCurve Access Point 530#copy factory-default startup- config ProCurve Access Point 530# This example shows how to reset by ‘erasing’...
  • Page 486 File Uploads, Downloads, and Resets Transferring Configuration Files Using the CLI to Copy Data From a Remote Server to the Device. This example displays how to copy data from a remote server (FTP) to this device. If using this command for a FTP or STP server, you will need to include the username and password for the server.
  • Page 487 File Uploads, Downloads, and Resets Transferring Configuration Files This example displays the custom configuration file in a readable text format. ProCurve Access Point 530#show custom-default ------------------------------------------------------------ <?xml version="1.0"?> <config> <interface name="wlan0wds1"> <radio>wlan0</radio> <type>wds</type> <status>down</status> <wep-key-length>104</wep-key-length> <wep-key-ascii>no</wep-key-ascii> <description>Wireless Distribution System - Link 2</description>...

  • Page 488: Rebooting The Access Point

    File Uploads, Downloads, and Resets Rebooting the Access Point Rebooting the Access Point Using the Web user interface and CLI described in this section, you can reboot the access point, which cycles the system back to the last saved configuration. Web: Rebooting the System The Reboot tab on the System Maintenance screen enables the access point to reboot to the last saved configuration file.

  • Page 489: Cli: Rebooting The System

    File Uploads, Downloads, and Resets Rebooting the Access Point To continue the process, click [OK]. To discontinue the process, click [Cancel]. To validate the reboot process worked, test the connection through any option available (Web, Telnet, SSH). CLI: Rebooting the System CLI Commands Used in This Section.
  • Page 490 File Uploads, Downloads, and Resets Rebooting the Access Point button while the LEDs are still flashing, then the AP is rebooted. Please note that this function can be disabled by the CLI or Web UI. “Disabling the Access Point Push Buttons” on page A-18. A-16...
  • Page 491 File Uploads, Downloads, and Resets Rebooting the Access Point [Clear]: Resets the password. ■ • Use a pointed object to press the clear button. Once pressed, all LEDs shut off within one second. The LED shutdown is followed by all LEDs flashing rapidly (about 10 times/second).

  • Page 492: Disabling The Access Point Push Buttons

    File Uploads, Downloads, and Resets Disabling the Access Point Push Buttons Disabling the Access Point Push Buttons Using the Web user interface and CLI described in this section, you can disable the ability to use the push buttons on the back panel of the access point. Web: Disabling the Push Buttons The Access tab on the Management –...

  • Page 493: Cli: Disabling The Access Point Buttons

    File Uploads, Downloads, and Resets Disabling the Access Point Push Buttons To Disable the Access Point Push Buttons: Select Management> AP Access > Remote tab. To shut down the push button(s) on the back panel of the access point controlling the factory default file reset capability, click Disabled for the Factory Reset option.
  • Page 494 File Uploads, Downloads, and Resets Disabling the Access Point Push Buttons Using the CLI to View the Reset and Clear Buttons Status. This example displays how to view the push button status. ProCurve Access Point 530(config)# show buttons ------------------------------------------------------------ Custom Reset Disabled Factory Reset Disabled...
  • Page 495 Defaults...
  • Page 496 Defaults Contents Contents Overview ........... . . B-3 System Management .

  • Page 497: Overview

    Defaults Overview Overview This section features useful tables detailing the defaults of the commands configured on the access point. N o t e The following command groupings are not included in this default appendix as they are not applicable (Show CLI, General, Flash/File, This appendix follows the syntax grouping structure in the Chapter 9 refer- ence CLI section and includes the following information: ■...
  • Page 498 Defaults System Management System Management Command Default Settings Mode Page country For NA units, preset to US 9-17 <country code> hostname <hostname> ProCurve-AP-530 9-19 password manager admin 9-21 <password> [no] buttons Enabled 9-21 [no] cli-confirmation Enabled 9-22 [no] console Enabled 9-23 [no] telnet Enabled...
  • Page 499 Defaults SNMP SNMP Command Default Settings Mode Page [no] snmp-server Restricted community with a public access default. 9-38 <comm> restricted | unrestricted snmp-server Contact 9-41 contact<contact> [no] snmp-server host Host Address: None 9-40 <host><comm> Community String: public snmp-server port By default an SNMP agent only listens to requests from 9-42 <port>...
  • Page 500 Defaults RADIUS Accounting/Authentication. RADIUS Accounting/Authentication. Command Default Settings Mode Page [no] radius-accounting Disabled 9-65 [no] radius failover-to-local Disabled, retransmit value is 3. 9-66 | retransmit [no] radius primary | Disabled 9-67 secondary RADIUS Users. Command Default Settings Mode Page [no] radius-local Ip address is 192.168.1.10.
  • Page 501 Defaults AP Authentication AP Authentication Command Default Settings Mode Page ap-authentication Disabled 7-55 Filtering Command Default Settings Mode Page [no] inter-station- Disabled 9-88 blocking [no] wireless-mgmt- Disabled. GC & MC 9-88 block Ethernet Interface Command Default Settings Mode Page interface <interface> 9-90 enable IC-E...
  • Page 502 Defaults Wireless Interface Wireless Interface Command Default Settings Mode Page radio None 9-101 ssid SSID 1 (1-16) IC-W 9-102 description Radio: Radio 1 - WLAN 1 IC-W 9-103 SSID: SSID 1 closed-system Disabled IC-W-S 9-103 mode<value> IC-W 9-104 antenna <external | Internal IC-W 9-105...
  • Page 503 Defaults Wireless Security Wireless Security Command Default Settings Mode Page security <no-security|static- no-security IC-W-S 9-125 wep|dynamic wep|wpa- psk|wpa-8021x> wep-default-key <1| 2| 3| 4> 1 IC-W-S 9-127 [no] wep-key ascii Enabled IC-W-S 9-128 wep-key-length <64|128> IC-W-S 9-129 wep-key-<1| 2| 3| 4> None IC-W-S 9-129...
  • Page 504 Defaults VLAN VLAN Command Default Settings Mode Page [no] vlan None IC-W-S 9-145 [no] untagged-vlan 9-146 <vid> management-vlan 9-146 <vid> [tagged | untagged] Adaptive Tx Power Control Command Default Settings Mode Page atpc Disabled IC-R 9-140 atpc avoid-other-aps Disabled IC-R 9-141 atpc adapt AP mode...
  • Page 505 Defaults Command Default Settings Mode Page qos ap- IC-W-S 9-149 Radio 1 Adap Inter- Content Content Max Burst params Queue Frame Space Min. Window Max. Window Length ------------------------------------------------------------ Voice Video Best-Eff Background 7 1023 Radio 2 Adap Inter- Content Content Max Burst Queue Frame Space...

  • Page 506: Wireless Distribution System (Wds

    Defaults Wireless Distribution System (WDS) Wireless Distribution System (WDS) Command Default Settings Mode Page description (wds) None IC-W-W 9-157 enable (wds) Disabled IC-W-W 9-158 wds-ssid WDS SSID X, where X is the index of the WDS interface. IC-W-W 9-159 radio-used IC-W-W 9-159 remote-mac...
  • Page 507 Adaptive Tx Power Control Use Cases...
  • Page 508 Adaptive Tx Power Control Use Cases Contents Contents Use Model: Airport Deployment ........C-3 Airport Case 1 –...

  • Page 509: Use Model: Airport Deployment

    Adaptive Tx Power Control Use Cases Use Model: Airport Deployment Use Model: Airport Deployment This use model demonstrates how Adaptive Transmit Power Control works in relation to SSID and RF Group Name configuration settings. All AP-530 APs are owned/managed by the Airport ■...

  • Page 510: Results With No Rf Group Name

    Adaptive Tx Power Control Use Cases Use Model: Airport Deployment Settings Avoid Other WLANs – On the Airport APs, the network administrator has disabled ‘Avoid Other WLANs’, so that their power reduction calculations will not be affected by the APs of tenants, such as Jimbo’s AP #N. RF Group Name –...

  • Page 511: Airport Case 2 - With Rf Group Name

    Adaptive Tx Power Control Use Cases Use Model: Airport Deployment Airport Case 2 – With RF Group Name Now consider the exact same configuration as in Case 1, except that now the Airport APs have been configured with an RF Group Name of "AirportNet". AP #1 AP #2 AP #3...

  • Page 512: Results With Rf Group Name

    Adaptive Tx Power Control Use Cases Use Model: Airport Deployment AP #4 & AP #N – AP #4 [AirportNet] compares its RF Group Name with AP #N [none]. Since AP #N is not in the AirportNet RF Group, AP #1 will not consider reducing power for AP #N.

  • Page 513: Use Model: Warehouse Deployment

    Adaptive Tx Power Control Use Cases Use Model: Warehouse Deployment Use Model: Warehouse Deployment This use model demonstrates how Adaptive Transmit Power Control works in physical environments with very high ceilings and remote stations, some of which are mobile, and how the Adaptive Mode affects RF coverage and performance in this environment.

  • Page 514: Decisions: Ap #1 And Ap #4

    Adaptive Tx Power Control Use Cases Use Model: Warehouse Deployment Settings Avoid Other WLANs – On the Airport APs, ‘Avoid Other WLANs’ is disabled, so that their power reduction calculations will not be affected by any potential rogue APs. RF Group Name – RF Group is configured on all APs as ‘storage 1’. All Warehouse APs will reduce power for any other audible AP 530 in the ware- house, regardless of the SSID configuration.

  • Page 515: Warehouse Case 2 - Adaptive Mode Ap + Clients

    Adaptive Tx Power Control Use Cases Use Model: Warehouse Deployment Warehouse Case 2 – Adaptive Mode AP + Clients Now consider the exact same configuration as in Case 1, except that now the Warehouse APs have been configured with Adaptive Mode set to "AP+Clients". AP #1 AP #2 AP #3...

  • Page 516: Warehouse Model Analysis

    Adaptive Tx Power Control Use Cases Use Model: Warehouse Deployment Warehouse Model Analysis The Warehouse Use Model is a good example of an "AP+Clients" Adaptive Mode environment. By nature, a warehouse's content is not static. Shelves and floor space can contain different amounts of materials that are being loaded or removed.
  • Page 517 Open Source Licenses...
  • Page 518 Open Source Licenses Contents Overview ..........D-3 GPL2 (GNU General Public License, v.2) .

  • Page 519: Overview

    Open Source Licenses Overview This appendix includes the following information: ■ Open Source licenses...

  • Page 520: Gpl2 (Gnu General Public License

    Open Source Licenses GPL2 (GNU General Public License, v.2) GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
  • Page 521 Open Source Licenses The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License.
  • Page 522 Open Source Licenses These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works.
  • Page 523 Open Source Licenses 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance.
  • Page 524 Open Source Licenses distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time.

  • Page 525: Gpl + Linking Exception

    Open Source Licenses GPL + Linking Exception “GPL2 (GNU General Public License, v.2)” plus an exception permitting linking the library with other software.
  • Page 526 Open Source Licenses ClearSilver Neotonic ClearSilver is available under the following license, derived from the Apache Software License v1.1 For alternative licensing, please contact the authors at clearsilver@neotonic.com Neotonic ClearSilver Software License Version 1.0 Copyright (c) 2001 Brandon Long and Neotonic Software Corporation. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1.Redistributions of source code must retain the above copyright notice, this list of conditions and...
  • Page 527 Open Source Licenses This software consists of voluntary contributions made by many individuals on behalf of Neotonic Software Corporation. For more information on Neotonic Software Corporation, please see http:// www.neotonic.com/. Some of the concepts of this software are based on previous software developed by Scott Shambarger, Paul Clegg, and John Cwikla.

  • Page 528: Dropbear License

    Open Source Licenses Dropbear License The majority of code is written by Matt Johnston, under the following license: Copyright (c) 2002,2003 Matt Johnston All rights reserved. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do...
  • Page 529 Open Source Licenses loginrec is written primarily by Andre Lucas, atomicio.c by Theo de Raadt. strlcat() is (c) Todd C. Miller ===== Import code in keyimport.c is modified from PuTTY's import.c, licensed as follows: PuTTY is copyright 1997-2003 Simon Tatham. Portions copyright Robert de Bath, Joris van Rantwijk, Delian Delchev, Andreas Schultz, Jeroen Massar, Wez Furlong, Nicolas Barry, Justin Bradford, and CORE SDI S.A.

  • Page 530: Sflow License

    Open Source Licenses sFlow License Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. LICENSE AGREEMENT PLEASE READ THIS LICENSE AGREEMENT ("AGREEMENT") CAREFULLY BEFORE REPRODUCING OR IN ANY WAY UTILIZING THE sFlow(R) SOFTWARE ("SOFTWARE") AND/ OR ANY ACCOMPANYING DOCUMENTATION ("DOCUMENTATION") AND/OR THE RELATED SPECIFICATIONS ("SPECIFICATIONS").
  • Page 531 Open Source Licenses Hardware and Products, and (v) distribute any Products that include the Software, the Documentation, or software in which the Specifications have been implemented. Trademark License. InMon hereby grants to Licensee a perpetual (subject to InMon's termination rights under Section 7 below), nonexclusive, royalty-free, worldwide, transferable, sublicensable license to use the Trademark on or in connection with the Software, the Documentation, the Specifications and any software that implements the Specifications.
  • Page 532 Open Source Licenses DOCUMENTATION, THE SPECIFICATIONS. OR OTHERWISE, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT OF ANY INTELLECTUAL PROPERTY RIGHTS. Limitation of Liability. IN NO EVENT SHALL INMON OR ITS SUPPLIERS OR LICENSORS BE LIABLE FOR ANY CONSEQUENTIAL, INCIDENTAL, SPECIAL, INDIRECT OR EXEMPLARY DAMAGES WHATSOEVER, WHETHER RELATED TO OR ARISING OUT OF THIS AGREEMENT, THE TRADEMARK, THE SOFTWARE, THE DOCUMENTATION, THE...
  • Page 533 Open Source Licenses Choice of Law and Forum. This Agreement shall be governed by and construed under the laws of the State of California, without giving effect to such state's conflict of laws principles. The parties hereby submit to the personal jurisdiction of, and agree that any legal proceeding with respect to or arising under this Agreement shall be brought in, the United States District Court for the Northern District of California or the state courts of the State of California for the County of San Francisco.

  • Page 534: Lgpl (Gnu Lesser General Public License

    Open Source Licenses LGPL (GNU Lesser General Public License) GNU LESSER GENERAL PUBLIC LICENSE Version 2.1, February 1999 Copyright (C) 1991, 1999 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
  • Page 535 Open Source Licenses that what they have is not the original version, so that the original author's reputation will not be affected by problems that might be introduced by others. Finally, software patents pose a constant threat to the existence of any free program. We wish to make sure that a company cannot effectively restrict the users of a free program by obtaining a restrictive license from a patent holder.
  • Page 536 Open Source Licenses GNU LESSER GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License Agreement applies to any software library or other program which contains a notice placed by the copyright holder or other authorized party saying it may be distributed under the terms of this Lesser General Public License (also called "this License").
  • Page 537 Open Source Licenses c) You must cause the whole of the work to be licensed at no charge to all third parties under the terms of this License. d) If a facility in the modified Library refers to a function or a table of data to be supplied by an application program that uses the facility, other than as an argument passed when the facility is invoked, then you must make a good faith effort to ensure that, in the event an application does not supply such function or table, the facility still operates, and performs whatever part of...
  • Page 538 Open Source Licenses distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange. If distribution of object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place satisfies the requirement to distribute the source code, even though third parties are not compelled to copy the source along with the object code.
  • Page 539 Open Source Licenses code, so that the user can modify the Library and then relink to produce a modified executable containing the modified Library. (It is understood that the user who changes the contents of definitions files in the Library will not necessarily be able to recompile the application to use the modified definitions.) b) Use a suitable shared library mechanism for linking with the Library.
  • Page 540 Open Source Licenses distribute the Library is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 9.
  • Page 541 Open Source Licenses distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 13. The Free Software Foundation may publish revised and/or new versions of the Lesser General Public License from time to time.
  • Page 542 Open Source Licenses If you develop a new library, and you want it to be of the greatest possible use to the public, we recommend making it free software that everyone can redistribute and change. You can do so by permitting redistribution under these terms (or, alternatively, under the terms of the ordinary General Public License).
  • Page 543 Open Source Licenses Intel (2) Copyright (c) 2000-2003 Intel Corporation All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: Redistributions of source code must retain the above copyright notice, this list of conditions ❥...
  • Page 544 Open Source Licenses Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial...
  • Page 545 Open Source Licenses Copyright (c) [dates as appropriate to package] The Regents of the University of California. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1.

  • Page 546: Cmu (Carnegie Mellon University

    Open Source Licenses CMU (Carnegie Mellon University) Copyright (c) 1984-2000 Carnegie Mellon University. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
  • Page 547 Open Source Licenses OpenSSL LICENSE ISSUES =============== The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses.
  • Page 548 Open Source Licenses SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ========================================================================== This product includes cryptographic software written by Eric Young (eay@cryptsoft.com).
  • Page 549 Open Source Licenses "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;...
  • Page 550 Open Source Licenses — This page is intentionally unused. — D-34...
  • Page 551 Index Numerics ATPC use cases … C-3 802.11a … 6-8, 6-10 802.11b … 6-9 802.11e … 8-4 burst, AP EDCA … 8-7 802.11g … 6-9 802.11g & 802.11b … 6-8 Clear button … 4-26 Access Point configuration levels … 3-8 AP detection …...
  • Page 552 wireless security … B-9 logon authentication DHCP … 5-23, 9-94 RADIUS client … 9-65, 9-69, B-6 DNS name … 3-5, 4-5 RADIUS server … 9-65, 9-69, B-6 Domain Name Server … 4-4 lost password … 4-26 download, TFTP … A-4 Dynamic VLAN …...
  • Page 553 basic, Web … 6-12 country code, CLI … 6-4 password mode, CLI … 6-11 creating … 4-8, 4-24 mode, Web … 6-10 if you lose the password … 4-26 parameter configuration table … 6-6 lost … 4-26 parameters, CLI … 6-21 reset …...
  • Page 554 community string … 9-38 enabling SNMPv3 … 5-38, 5-40 VLAN setting parameters, CLI … 5-29 client VLAN … 5-57 setting parameters, Web … 5-28, 5-39, 5-41 enabling untagged VLAN, Web … 5-59 trap destinations, CLI … 5-36, 5-40 enabling VLAN support, CLI … 5-61 trap destinations, Web …...
  • Page 556 Technical information in this document is subject to change without notice. © Copyright 2008 Hewlett-Packard Development Company, L.P. Reproduction, adaptation, or translation without prior written permission is prohibited except as allowed under the copyright laws. December 2008 Manual Part Number 5991-2193...

This manual is also suitable for:

Procurve 530 ww (j8987a)Procurve 530 naProcurve 530 ww

Table of Contents