Home > Motorola > Wireless > Motorola Wing 5 Manual

Motorola Wing 5 Manual

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual Motorola Wing 5 Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 249 Motorola manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 1128
    Add page 1001 to Favourites
    image text
    Enable zoom 
    							SMART-RF-POLICY 21 - 19
21.1.12 smart-ocs-monitoring
smart-rf-policy
Applies smart Off Channel Scanning (OCS) instead of dedicated detectors
Supported in the following platforms:
 AP300
 AP621
 AP650
 AP6511
 AP6521
 AP6532
 AP71XX
 RFS4000
 RFS6000
 RFS7000
 NX9000
 NX9500
Syntax
smart-ocs-monitoring {client-aware|extended-scan-frequency|frequency|
off-channel-duration|power-save-aware|sample-count|voice-aware}
smart-ocs-monitoring {client-aware [2.4GHz|5GHz] []}
smart-ocs-monitoring {extended-scan-frequency [2.4GHz|5GHz] []}
smart-ocs-monitoring {frequency [2.4GHz|5GHz] []}
smart-ocs-monitoring {off-channel-duration [2.4GHz|5GHz] []}
smart-ocs-monitoring {power-save-aware [2.4GHz|5GHz] [dynamic|strict]}
smart-ocs-monitoring {sample-count [2.4GHz|5GHz] []}
smart-ocs-monitoring {voice-aware [2.4GHz|5GHz] [dynamic|strict]}
    Add page 1002 to Favourites
    image text
    Enable zoom 
    							21 - 20 WiNG CLI Reference Guide
Parameters
• smart-ocs-monitoring {client-aware [2.4GHz|5GHz] []}
• smart-ocs-monitoring {extended-scan-frequency [2.4GHz|5GHz] []}
• smart-ocs-monitoring {frequency [2.4GHz|5GHz] []}
• smart-ocs-monitoring {off-channel-duration [2.4GHz|5GHz] []}
client-aware Optional. Enables client aware scanning on this Smart RF policy
Use this parameter to configure a client threshold number. When the number of clients 
connected to a radio equals this threshold number, the radio does not change its channel 
even if needed (based on the interference recovery determination made by the smart 
master)
2.4GHz  Enables client aware scanning on the 2.4GHz band
Avoids radio scanning when a specified minimum number of clients are present
  – Sets the minimum number of clients from 1 - 255. The default is 50 clients.
5GHz  Enables client aware scanning on the 5GHz band
Avoids radio scanning when a specified minimum number of clients are present
  – Sets the minimum number of clients from 1 - 255. The default is 50 clients.
extended-scan-frequency Optional. Enables an extended scan, as opposed to a neighbor only scan, on this Smart 
RF policy. This is the frequency radios use to scan for non-peer radios
2.4GHz  Enables extended scan on the 2.4GHz band
  – Sets the number of trails from 0 - 50. The default is 5.
5GHz  Enables extended scan on the 5GHz band
  – Sets the number of trails from 0 - 50. The default is 5.
frequency Optional. Specifies the frequency the channel must be switched. Sets the value, in 
seconds, from 1 - 120
2.4GHz  Selects the 2.4GHz band
  – Sets a scan frequency from 1 - 120 seconds. The default is 6 seconds.
5GHz  Selects the 5GHz band
  – Sets a scan frequency from 1 - 120 seconds. The default is 6 seconds.
off-channel-duration Optional. Specifies the duration to scan off channel
This is the duration access point radios use to monitor devices within the network and, 
if necessary, perform self healing and neighbor recovery to compensate for coverage 
area losses within a RF Domain.
2.4GHz  Selects the 2.4GHz band
  – Sets the off channel duration from 20 - 150 milliseconds. The default is 50 
milliseconds.
5GHz  Selects the 5GHz band
  – Sets the off channel duration from 20 - 150 milliseconds. The default is 50 
milliseconds.
    Add page 1003 to Favourites
    image text
    Enable zoom 
    							SMART-RF-POLICY 21 - 21
• smart-ocs-monitoring {power-save-aware [2.4GHz|5GHz] [dynamic|strict]}
• smart-ocs-monitoring {sample-count [2.4GHz|5GHz] []}
• smart-ocs-monitoring {voice-aware [2.4GHz|5GHz] [dynamic|strict]}
Examples
rfs7000-37FABE(config-smart-rf-policy-test)#smart-ocs-monitoring extended-scan-
frequency 2.4Ghz 9
rfs7000-37FABE(config-smart-rf-policy-test)#smart-ocs-monitoring sample-count 2.4Ghz 
3
rfs7000-37FABE(config-smart-rf-policy-test)#smart-ocs-monitoring off-channel-
duration 2.4Ghz 25
rfs7000-37FABE(config-smart-rf-policy-test)#show context
smart-rf-policy test
 sensitivity custom
 smart-ocs-monitoring off-channel-duration 2.4GHz 25
 smart-ocs-monitoring sample-count 2.4GHz 3
 smart-ocs-monitoring extended-scan-frequency 2.4GHz 9
 smart-ocs-monitoring client-aware 5GHz 1
rfs7000-37FABE(config-smart-rf-policy-test)#
Related Commands
power-save-aware Optional. Enables power save aware scanning on this Smart RF policy
2.4GHz [dynamic|strict] Sets power save aware scanning mode on the 2.4GHz band
 dynamic – Dynamically avoids scanning based on traffic for power save (PSP) clients
 strict – Strictly avoids scanning when PSP clients are present
5GHz [dynamic|strict] Sets power save aware scanning mode on the 5GHz band
 dynamic – Dynamically avoids scanning based on traffic for PSP clients
 strict – Strictly avoids scanning when PSP clients are present
sample-count Optional. Specifies the number of samples to collect before reporting an issue to the 
smart master
2.4GHz  Selects the 2.4GHz band
  – Specifies the number of samples to collect from 1 - 15. The default is 5.
5GHz  Selects the 5GHz band
  – Specifies the number of samples to collect from 1 - 15. The default is 5.
voice-aware Optional. Enables voice aware scanning on this Smart RF policy
2.4Ghz [dynamic|strict] Specifies the scanning mode on the 2.4GHz band
 dynamic – Dynamically avoids scanning based on traffic for voice clients
 strict – Strictly avoids scanning when voice clients are present
The default is dynamic.
5Ghz [dynamic|strict] Specifies the scanning mode on the 5GHz band
 dynamic – Dynamically avoids scanning based on traffic for voice clients
 strict – Strictly avoids scanning when voice clients are present.
The default is dynamic.
noDisables off channel monitoring
    Add page 1004 to Favourites
    image text
    Enable zoom 
    							21 - 22 WiNG CLI Reference Guide
21.1.13 smart-ocs-monitoring (ap7161)
smart-rf-policy
Enables automatic channel selection on an AP7161 model access point, provided radio meshpoint is configured. Use this 
command to configure meshpoint on an AP7161.
Supported in the following platforms:
 AP7161
Syntax
smart-ocs-monitoring {client-aware|extended-scan-frequency|frequency|meshpoint|
off-channel-duration|power-save-aware|sample-count|voice-aware}
smart-ocs-monitoring {client-aware [2.4GHz|5GHz] []}
smart-ocs-monitoring {extended-scan-frequency [2.4GHz|5GHz] []}
smart-ocs-monitoring {frequency [2.4GHz|5GHz] []}
smart-rf-monitoring {meshpoint [2.4GHz|4.9GHz|5GHz]}
smart-rf-monitoring {meshpoint [2.4GHz |4.9GHz |
5GHz ]}
smart-ocs-monitoring {off-channel-duration [2.4GHz|5GHz] []}
smart-ocs-monitoring {power-save-aware [2.4GHz|5GHz] [dynamic|strict]}
smart-ocs-monitoring {sample-count [2.4GHz|5GHz] []}
smart-ocs-monitoring {voice-aware [2.4GHz|5GHz] [dynamic|strict]}
Parameters
This section documents only the meshpoint feature of the smart-ocs-monitoring command. For other parameter details, 
see smart-ocs-monitoring.
• smart-rf-monitoring {meshpoint [2.4GHz |4.9GHz |
5GHz ]}
Examples
AP71XX-0E3B54(config-smart-rf-policy-smart-7161)#smart-ocs-monitoring meshpoint 
2.4GHz meshpoint-name
AP71XX-0E3B54(config-smart-rf-policy-smart-7161)#show context
smart-rf-policy smart-7161
smart-ocs-monitoring meshpoint 5GHz meshpoint-name
smart-ocs-monitoring meshpoint 4.9GHz meshpoint-name
smart-ocs-monitoring meshpoint 2.4GHz meshpoint-name
Related Commands
meshpoint Optional. Configures a meshpoint on an AP7161
2.4GHz 
Configures the meshpoint on the 2.4GHz band
  – Sets the meshpoint name
4.9GHz 
Configures the meshpoint on the 4.9GHz band
  – Sets the meshpoint name
5GHz 
Configures the meshpoint on the 5GHz band
  – Sets the meshpoint name
noDisables a radio meshpoint configured on an AP7161
    Add page 1005 to Favourites
    image text
    Enable zoom 
    							CHAPTER 22 WIPS-POLICY
This chapter summarizes WIPS policy commands in detail.
The Wireless Intrusion Protection Systems (WIPS) is an additional measure of security designed to continuously monitor 
the network for threats and intrusions. Along with wireless VPNs, encryptions and authentication policies, WIPS enhances 
the security of a WLAN. 
The wireless controller supports WIPS through the use of sensor devices that locate unauthorized access points.
Use the (config) instance to configure WIPS policy commands. To navigate to the WIPS policy instance, use the following 
commands:
rfs7000-37FABE(config)#wips-policy 
rfs7000-37FABE(config)#wips-policy test
rfs7000-37FABE(config-wips-policy-test)#?
Wips Policy Mode commands:
  ap-detection               Rogue AP detection
  enable                     Enable this wips policy
  event                      Configure an event
  history-throttle-duration  Configure the duration for which event duplicates
                             are not stored in history
  no                         Negate a command or set its defaults
  signature                  Signature to configure
  use                        Set setting to use
  clrscr                     Clears the display screen
  commit                     Commit all changes made in this session
  do                         Run commands from Exec mode
  end                        End current mode and change to EXEC mode
  exit                       End current mode and down to previous mode
  help                       Description of the interactive help system
  revert                     Revert changes
  service                    Service Commands
  show                       Show running system information
  write                      Write running configuration to memory or terminal
rfs7000-37FABE(config-wips-policy-test)#
    Add page 1006 to Favourites
    image text
    Enable zoom 
    							22 - 2 WiNG CLI Reference Guide
22.1 wips-policy
WIPS-POLICY
Table 22.1 summarizes WIPS policy commands
Table 22.1wips-policy Commands
Command Description Reference
ap-detectionDefines the WIPS AP detection configurationpage 22-3
enableEnables a WIPS policypage 22-4
eventConfigures eventspage 22-5
history-throttle-
durationConfigures the duration event duplicates are omitted from the event 
historypage 22-9
noNegates a command or sets its defaultpage 22-10
signatureConfigures signaturepage 22-14
useDefines a WIPS policy settingspage 22-31
clrscrClears the display screenpage 5-3
commitCommits (saves) changes made in the current sessionpage 5-4
doRuns commands from EXEC modepage 4-66
endEnds and exits the current mode and moves to the PRIV EXEC modepage 5-5
exitEnds the current mode and moves to the previous modepage 5-6
helpDisplays the interactive help systempage 5-7
revertReverts changes to their last saved configurationpage 5-13
serviceInvokes service commands to troubleshoot or debug 
(config-if) 
instance configurationspage 5-14
showDisplays running system informationpage 6-4
writeWrites the system running configuration to memory or terminalpage 5-42
    Add page 1007 to Favourites
    image text
    Enable zoom 
    							WIPS-POLICY 22 - 3
22.1.1 ap-detection
wips-policy
Enables the detection of unauthorized or unsanctioned APs. Unauthorized APs are untrusted access points connected to 
an access point managed network. These untrusted APs accept wireless client associations. It is important to detect such 
rogue APs and declare them unauthorized.
Supported in the following platforms:
 AP300
 AP621
 AP650
 AP6511
 AP6521
 AP6532
 AP71XX
 RFS4000
 RFS6000
 RFS7000
 NX9000
 NX9500
Syntax
ap-detection {ageout|wait-time}
ap-detection {age-out []|wait-time []}
Parameters
• ap-detection {age-out []|wait-time []}
Examples
rfs7000-37FABE(config-wips-policy-test)#ap-detection wait-time 15
rfs7000-37FABE(config-wips-policy-test)#ap-detection age-out 50
rfs7000-37FABE(config-wips-policy-test)#show context
wips-policy test
 ap-detection-ageout 50
 ap-detection-wait-time 15
rfs7000-37FABE(config-wips-policy-test)#
Related Commands
age-out 
Optional. Configures the unauthorized AP ageout interval. The WIPS policy uses this 
value to ageout unauthorized APs.
  – Sets an ageout interval from 30 - 86400 seconds. The default is 5 
minutes (300 seconds).
wait-time 
Optional. Configures the wait time before a detected AP is declared as unauthorized
  – Sets a wait time from 10 - 600 seconds. The default is 1 minute
 (60 seconds).
noDisables the detection of unauthorized or unsanctioned APs
    Add page 1008 to Favourites
    image text
    Enable zoom 
    							22 - 4 WiNG CLI Reference Guide
22.1.2 enable
wips-policy
Associates this WIPS policy with a wireless controller profile
Supported in the following platforms:
 AP300
 AP621
 AP650
 AP6511
 AP6521
 AP6532
 AP71XX
 RFS4000
 RFS6000
 RFS7000
 NX9000
 NX9500
Syntax
enable
Parameters
None
Examples
rfs7000-37FABE(config-wips-policy-test)#enable
rfs7000-37FABE(config-wips-policy-test)#
Related Commands
noDisables a WIPS policy from use with a wireless controller profile
    Add page 1009 to Favourites
    image text
    Enable zoom 
    							WIPS-POLICY 22 - 5
22.1.3 event
wips-policy
Configures events, filters and threshold values for this WIPS policy. Events have been grouped into three categories, 
AP anomaly, client anomaly, and excessive. WLANs are baselined for matching criteria. Any deviation from this baseline 
is considered an anomaly and logged as an event.
Supported in the following platforms:
 AP300
 AP621
 AP650
 AP6511
 AP6521
 AP6532
 AP71XX
 RFS4000
 RFS6000
 RFS7000
 NX9000
 NX9500
Syntax
event [ap-anomaly|client-anomaly|enable-all-events|excessive]
event ap-anomaly [ad-hoc-violation|airjack|ap-ssid-broadcast-in-beacon|
asleap|impersonation-attack|null-probe-response|
transmitting-device-using-invalid-mac|unencrypted-wired-leakage|wireless-bridge]
event client-anomaly [crackable-wep-iv-key-used|dos-broadcast-deauth|
fuzzing-all-zero-macs|fuzzing-invalid-frame-type|fuzzing-invalid-mgmt-frames|
fuzzing-invalid-seq-num|identical-src-and-dest-addr|invalid-8021x-frames|
netstumbler-generic|non-changing-wep-iv|tkip-mic-counter-measures|wellenreiter]
{filter-ageout []}
event enable-all-events
event excessive [80211-replay-check-failure|aggressive-scanning|
auth-server-failures|decryption-failures|dos-assoc-or-auth-flood|
dos-eapol-start-storm |dos-unicast-deauth-or-disassoc|eap-flood|
eap-nak-flood|frames-from-unassoc-station] {filter-ageout []|
threshold-client []|threshold-radio []}
    Add page 1010 to Favourites
    image text
    Enable zoom 
    							22 - 6 WiNG CLI Reference Guide
Parameters
• event ap-anomaly [ad-hoc-violation|airjack|ap-ssid-broadcast-in-beacon|
asleap|impersonation-attack|null-probe-response|
transmitting-device-using-invalid-mac|unencrypted-wired-leakage|wireless-bridge]
• event client-anomaly [crackable-wep-iv-key-used|dos-broadcast-deauth|
fuzzing-all-zero-macs|fuzzing-invalid-frame-type|fuzzing-invalid-mgmt-frames|
fuzzing-invalid-seq-num|identical-src-and-dest-addr|invalid-8021x-frames|
netstumbler-generic|non-changing-wep-iv|tkip-mic-counter-measures|wellenreiter]
{filter-ageout []}
ap-anomaly Enables AP anomaly event tracking
An AP anomaly event refers to suspicious frames sent by neighboring APs.
ad-hoc-violation Tracks adhoc network violations
airjack Tracks AirJack attacks
ap-ssid-broadcast-in-beacon Tracks AP SSID broadcasts in beacon events
asleap Tracks ASLEAP attacks. These attacks break Lightweight Extensible Authentication 
Protocol (LEAP) passwords
impersonation-attack Tracks impersonation attacks. These are also referred to as spoofing attacks, where 
the attacker assumes the address of an authorized device.
null-probe-response Tracks null probe response attacks
transmitting-device-using-
invalid-macTracks transmitting device using invalid MAC attacks
unencrypted-wired-leakage Tracks unencrypted wired leakage
wireless-bridge Tracks wireless bridge (WDS) frames
client-anomaly Enables client anomaly event tracking. These are suspicious client events 
compromising the security of the network
crackable-wep-iv-key-used Tracks the use of a crackable WEP IV Key
dos-broadcast-deauth Tracks DoS broadcast deauthentication events
fuzzing-all-zero-macs Tracks Fuzzing: All zero MAC addresses observed
fuzzing-invalid-frame-type Tracks Fuzzing: Invalid frame type detected
fuzzing-invalid-mgmt-frames Tracks Fuzzing: Invalid management frame detected
fuzzing-invalid-seq-num Tracks Fuzzing: Invalid sequence number detected
identical-src-and-dest-addr Tracks identical source and destination addresses detection
invalid-8021x-frames Tracks Fuzzing: Invalid 802.1x frames detected
netstumbler-generic Tracks Netstumbler (v3.2.0, 3.2.3, 3.3.0) events
non-changing-wep-iv Tracks unchanging WEP IV events
tkip-mic-counter-measures Tracks TKIP MIC counter measures caused by station
    All Motorola manuals Comments (0)