Reference Guide Dell Networking W-Series ArubaOS 6.4.
Copyright Information © 2014 Aruba Networks, Inc. Aruba Networks trademarks include , Aruba Networks®, Aruba ® Wireless Networks , the registered Aruba the Mobile Edge Company logo, and Aruba Mobility Management System®. Dell™, the DELL™ logo, and PowerConnect™ are trademarks of Dell Inc. All rights reserved. Specifications in this manual are subject to change without notice. Originated in the USA. All other trademarks are the property of their respective owners.
The ArubaOS Command-Line Interface The Dell Networking W-Series ArubaOS 6.4.x command-line interface (CLI) allows you to configure and manage Dell controllers. The CLI is accessible from a local console connected to the serial port on the controllers or through a Telnet or Secure Shell (SSH) session from a remote management console or workstation. Telnet access is disabled by default.
Command firewall Description l The datapath web-cc parameter is introduced, to clear datapath web content classification statistics. l The web-cc parameter is introduced. This parameter enables web content classification for all HTTP traffic. Once enabled, ArubaOS enforces ACLs and bandwidth policies associated with web content categories or reputation levels. The web-cc-cache-miss-drop parameter is introduced.
Command Description show provisioning-ap-list The output of this command can display the service tag of an AP. user-role l l wlan ssid-profile The web-cc-category and web-cc-reputation parameters are introduced. Use these parameters to create a user role that applies a bandwidth contract to the specified web content category or reputation level. The web-cc disable parameter is introduced to disable web content classification for this particular user-role.
Command Description l l ipv6 firewall rf arm-profile arp grat-arp The valid range for the following parameters is changed to <116384>: l ping l session l tcp-syn The default values for the following parameters are changed: cm-band-g-max-signal l cm-sticky-snr l cm-sticky-min-signal l cm-lb-client-thresh l show airgroup status l l show airgroupservice l l show ap arm client-match restriction-table show ap blacklist-clients The Chromecast service is renamed to DIAL.
Command Description l l show whitelist-db rap start state The following new parameters are introduced: apgroup l apname l fullname l user-role The check-for-accounting parameter is introduced. What’s New In ArubaOS 6.4.0.0 New Commands The following commands are introduced in the ArubaOS 6.4.0.
Command Description show pan state This command displays the current status of associated PAN firewalls. show pan statistics This command displays PAN profile statistics. show sso idp-profile This command displays the configured SSO IDP profiles. show ucc call-info cdrs This command displays the Call Detailed Report (CDR) statistics for Unified Communication and Collaboration (UCC). show ucc client-info This command displays the UCC client status and CDR statistics.
Command Description wlan hotspot h2qp-operatorfriendly-name-profile This command defines a Hotspot 2.0 Query Protocol (H2QP) operator-friendly name profile. The operator-friendly name configured in this profile is a free-form text field that can identify the operator and also something about the location. wlan hotspot h2qp-wan-metricsprofile This command creates a Hotspot 2.0 Query Protocol (H2QP) profile that specifies the hotspot WAN status and link metrics.
Command Description l l l l l l heartbeat: heartbeat-interval heartbeat-threshold over-subscription pre-shared-key state-sync interface fastethernet | gigabitethernet The lldp parameter is introduced. interface vlan The dhcp parameter for configuring dynamic host configuration protocol for IPv6 is introduced. interface tunnel Tunnel destination ipv6, tunnel mode gre ipv6, tunnel source ipv6, parameters are introduced. ip access-list session The redirect parameter is introduced under action.
Command Description show ipv6 mld config The ssm-range parameter is introduced. show ipv6 mld group The mode and age parameters are introduced. show ntp peer The IPv6 parameter is introduced. show ntp servers Flags indicating the status of the server, are introduced.
Command Description app lync traffic-control (deprecated) This command is deprecated and replaced by app lync trafficcontrol . About this Guide This guide describes the Dell Networking W-Series ArubaOS 6.4.x command syntax. The commands in this guide are listed alphabetically. The following information is provided for each command: l Command Syntax—The complete syntax of the command. l Description—A brief description of the command.
Configuration changes on Master Controllers Some commands can only be issued when connected to a master controller. If you make a configuration change on a master controller, all connected local controllers will subsequently update their configurations as well. You can manually synchronize all of the controllers at any time by saving the configuration on the master controller. CLI Access When you connect to the controller using the CLI, the system displays its host name followed by the login prompt.
When typed at the end of a possible command or abbreviation, the question mark lists the commands that match (if any). For example: (host) > c? clear clock configure copy Clear configuration Configure the system clock Configuration Commands Copy Files If more than one item is shown, type more of the keyword characters to distinguish your choice. However, if only one item is listed, the keyword or abbreviation is valid and you can press tab or the spacebar to advance to the next keyword.
Saving Configuration Changes Each Dell controller contains two different types of configuration images. The running-config holds the current controller configuration, including all pending changes which have yet to be saved. To view the running-config, use the following command: l (host) # show running-config The startup config holds the configuration which will be used the next time the controller is rebooted. It contains all the options last saved using the write memory command.
Typographic Conventions The following conventions are used throughout this manual to emphasize important concepts: Table 2: Text Conventions Type Style Description Italics This style is used to emphasize important terms and to mark the titles of books. Boldface This style is used to emphasize command names and parameter options when mentioned in the text. Commands This fixed-width font depicts command syntax and examples of commands and command output.
Table 3: Line Editing Keys Key Effect Description Ctrl A Home Move the cursor to the beginning of the line. Ctrl B or the left arrow Back Move the cursor one character left. Ctrl D Delete Right Delete the character to the right of the cursor. Ctrl E End Move the cursor to the end of the line. Ctrl F or the right arrow Forward Move the cursor one character right. Ctrl K Delete Right Delete all characters to the right of the cursor.
Address/Identifier Description Basic Service Set Identifier (BSSID) This entry is the unique hard-wireless MAC address of the AP. A unique BSSID applies to each frequency— 802.11a and 802.11g—used from the AP. Use the same format as for a MAC address. Extended Service Set Identifier (ESSID) Typically the unique logical name of a wireless network. If the ESSID includes spaces, you must enclose the name in quotation marks.
aaa alias-group (deprecated) aaa alias-group clone no ... set vlan condition essid|location equals set-value Description This command configured an aaa alias with set of VLAN derivation rules that could speed up user rule derivation processing for deployments with a very large number of user derivation rules. Command History Version Description ArubaOS 6.3 Command introduced. ArubaOS 6.4 Command deprecated. Dell Networking W-Series ArubaOS 6.4.
aaa authentication captive-portal aaa authentication captive-portal apple-cna-bypass auth-protocol mschapv2|pap|chap black-list clone default-guest-role default-role enable-welcome-page guest-logon ip-addr-in-redirection login-page logon-wait {cpu-threshold }|{maximum-delay }|{minimum-delay } logout-popup-window max-authentication-failures no ...
Parameter Description Range mschapv2|pap|chap cifies the type of authentication required by this profile, PAP is the default authentication type. pap black-list Name of an existing black list on an IPv4 or IPv6 network destination. The black list contains websites (unauthenticated) that a guest cannot access. Specify a netdestination host or subnet to add that netdestination to the captive portal blacklist.
Parameter Description Range Default guest-logon Enables Captive Portal logon without authentication. enabled/ disabled disabled ipaddr-in-redirection-url Sends the controller’s interface IP address in the redirection URL when external captive portal servers are used. An external captive portal server can determine the controller from which a request originated by parsing the ‘switchip’ variable in the URL. This parameter requires the Public Access license.
Parameter Description Range Default logout-popupwindow Enables a pop-up window with the Logout link that allows the user to log out. If this option is disabled, the user remains logged in until the user timeout period has elapsed or the station reloads. enabled/ disabled enabled max-authentication-failures Maximum number of authentication failures before the user is blacklisted. 0-10 0 no Negates any configured parameter.
Parameter Description Range Default show-fqdn Allows the user to see and select the fullyqualified domain name (FQDN) on the login page. The FQDNs shown are specified when configuring individual servers for the server group used with captive portal authentication. enabled/ disabled disabled show-acceptable-use-policy Show the acceptable use policy page before the logon page. enabled/ disabled disabled single-session Allows only one active user session at a time.
Parameter Description Range Default user-vlan-in-redirection-url Add the user VLAN in the redirection URL. This parameter requires the Public Access license. enabled disabled disabled user-vlan-redirection-url Sends the user’s VLAN ID in the redirection URL when external captive portal servers are used. — — welcome-page URL of the page that appears after logon and before redirection to the web URL. This can be set to any URL. — /auth/welcome.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.0 The max-authentication-failures parameter no longer requires a license. ArubaOS 6.1 The sygate-on-demand, black-list and white-list parameters were added. ArubaOS 6.2 the auth-protocol parameter was added, and the user-chap parameter was deprecated. ArubaOS 6.3 The user-idle-timeout parameter was introduced. ArubaOS 6.4 The url-hash-key parameter was introduced.
aaa authentication dot1x aaa authentication dot1x {|countermeasures} ca-cert cert-cn-lookup clear clone delete-keycache eapol-logoff enforce-suite-b-128 enforce-suite-b-192 framed-mtu heldstate-bypass-counter ignore-eap-id-match ignore-eapolstart-afterauthentication machine-authentication blacklist-on-failure|{cache-timeout }|enable| {machine-default-role }|{user-default-role } max-authentication-failures max-requests multi
Parameter Description Range Default clear Clear the Cached PMK, Role and VLAN entries. This command is available in enable mode only. — — countermeasures Scans for message integrity code (MIC) failures in traffic received from clients. If there are more than 2 MIC failures within 60 seconds, the AP is shut down for 60 seconds. This option is intended to slow down an attacker who is making a large number of forgery attempts in a short time.
Parameter Description Range Default heldstate-bypass-counter (This parameter is applicable when 802.1X authentication is terminated on the controller, also known as AAA FastConnect.) Number of consecutive authentication failures which, when reached, causes the controller to not respond to authentication requests from a client while the controller is in a held state after the authentication failure.
Parameter Description Range Default max-authentication-failures Number of times a user can try to login with wrong credentials after which the user is blacklisted as a security threat. Set to 0 to disable blacklisting, otherwise enter a non-zero integer to blacklist the user after the specified number of failures. 0-5 0 (disabled) max-requests Maximum number of times ID requests are sent to the client.
Parameter Description Range Default reload-cert Reload Certificate for 802.1X termination. This command is available in enable mode only. — — server Sets options for sending authentication requests to the authentication server group. server-retry Maximum number of authentication requests that are sent to server group. 0-3 3 server-retry-period Server group retry interval, in seconds.
Parameter Description Range Default (any) 24 hours EAP-Generic Token Card (GTC): Described in RFC 2284, this EAP method permits the transfer of unencrypted usernames and passwords from client to server. The main uses for EAP-GTC are one-time token cards such as SecureID and the use of LDAP or RADIUS as the user authentication server. You can also enable caching of user credentials on the controller as a backup to an external authentication server.
Parameter Description Range Default tls-guest-access Enables guest access for EAPTLS users with valid certificates. — disabled tls-guest-role User role assigned to EAP-TLS guest. NOTE: This parameter requires the PEFNG license. — guest unicast-keyrotation Enables unicast key rotation. — disabled use-session-key Use RADIUS session key as the unicast WEP key. — disabled use-static-key Use static key as the unicast/multicast WEP key.
Usage Guidelines The 802.1X authentication profile allows you to enable and configure machine authentication and 802.1X termination on the controller (also called “AAA FastConnect”). In the AAA profile, specify the 802.1X authentication profile, the default role for authenticated users, and the server group for the authentication. Examples The following example enables authentication of the user’s client device before user authentication.
aaa authentication mac aaa authentication mac case upper|lower clone delimiter {colon|dash|none} max-authentication-failures no ... reauthentication timer reauth period {|server} Description This command configures the MAC authentication profile. Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters.
Usage Guidelines MAC authentication profile configures authentication of devices based on their physical MAC address. MACbased authentication is often used to authenticate and allow network access through certain devices while denying access to all other devices. Users may be required to authenticate themselves using other methods, depending upon the network privileges. Example The following example configures a MAC authentication profile to blacklist client devices that fail to authenticate.
aaa authentication mgmt aaa authentication mgmt default-role {guest-provisioning|location-api-mgmt|network-operations|no-access|readonly|root} enable no ... server-group Description This command configures authentication for administrative users.
aaa authentication mgmt default-role read-only server-group internal Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 The network-operations role was introduced. ArubaOS 3.3 The location-api-mgmt role was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 38 | aaa authentication mgmt Dell Networking W-Series ArubaOS 6.4.
aaa authentication-server internal aaa authentication-server internal use-local-switch Description This command specifies that the internal database on a local controller be used for authenticating clients. Usage Guidelines By default, the internal database in the master controller is used for authentication. This command directs authentication to the internal database on the local controller where you run the command. Command History This command was available in ArubaOS 3.0.
aaa authentication-server ldap aaa authentication-server ldap admin-dn admin-passwd allow-cleartext authport base-dn clone enable filter host key-attribute max-connection no ... preferred-conn-type ldap-s|start-tls|clear-text timeout Description This command configures an LDAP server. Starting from ArubaOS 6.4, a maximum of 128 LDAP servers can be configured on the controller.
Parameter Description Range Default filter Filter that should be applied to search of the user in the LDAP database. The default filter string is (objectclass=*). — (objectclass=*) host IP address of the LDAP server, in dotteddecimal format. — — key-attribute Attribute that should be used as a key in search for the LDAP server. For Active Directory, the value is sAMAccountName.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
aaa authentication-server radius aaa authentication-server radius acctport authport called-station-id type {ap-group | ap-macaddr | ap-name | ipaddr | macaddr | vlan-id} [delimiter {colon | dash | none}] [include-ssid {enable |disable}] clone enable enable-ipv6 host | key mac-delimiter [colon | dash | none | oui-nic] mac-lowercase nas-identifier nas-ip nas-ip6 no ...
Parameter Description Range Default called-station-id type {ap-group | ap-macaddr | ap-name | ipaddr | macaddr | vlan-id} Configure this parameter to be sent with the RADIUS attribute Called Station ID for authentication and accounting requests. The called-station-id parameter can be configured to include AP group, AP MAC address, AP name, controller IP, controller MAC address, or user vlan. The default value is controller MAC address. — macaddr enable Enables the RADIUS server.
Parameter Description Range Default nas-ip NAS IP address to send in RADIUS packets. You can configure a “global” NAS IP address that the controller uses for communications with all RADIUS servers. If you do not configure a server-specific NAS IP, the global NAS IP is used. To set the global NAS IP, enter the ip radius nas-ip command. — — nas-ip6 NAS IPv6 address to send in RADIUS packets.
Parameter Description l l l Range Default If you associate a Source Interface (by entering a VLAN number) with a configured server, then the source IP address of the packet will be that interface’s IP address. If you do not associate the Source Interface with a configured server (leave the field blank), then the IP address of the global Source Interface will be used. If you want to configure an IPv6 address for the Source Interface, specify the IPv6 address for the ip6addr parameter.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.0 RADIUS server can be identified by its qualified domain name (FQDN). ArubaOS 6.1 The source-interface parameter was added. ArubaOS 6.3 l l l ArubaOS 6.4 The mac-delimiter parameter was introduced. The enable-ipv6 and nas-ip6 parameters were introduced. An IPv6 host address can be specified for the host parameter. The ipv6 addr parameter was added. The called-station-id parameter was introduced.
aaa authentication-server tacacs aaa authentication-server tacacs clone enable host key no ... retransmit session-authorization tcp-port timeout Description This command configures a TACACS+ server. Starting from ArubaOS 6.4, a maximum of 128 TACACS servers can be configured on the controller. Syntax Parameter Description Range Default Name that identifies the server.
Example The following command configures, enables a TACACS+ server and enables session authorization: aaa authentication-server tacacs tacacs1 clone default host 10.1.1.245 key qwERtyuIOp enable session-authorization Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.0 session-authorization parameter was introduced. ArubaOS 6.3 IPv6 support was added for TACACS server. You can now specify an IPv6 host address for the host parameter.
aaa authentication-server windows aaa authentication-server windows clone
aaa authentication stateful-dot1x aaa authentication stateful-dot1x default-role enable no ... server-group timeout Description This command configures 802.1X authentication for clients on non-Dell APs. Syntax Parameter Description Range Default default-role Role assigned to the 802.1X user upon login. NOTE: The PEFNG license must be installed. — guest enable Enables 802.1X authentication for clients on non-Dell APs. Use no enable to disable stateful 8021.
aaa authentication stateful-dot1x clear aaa authentication stateful-dot1x clear Description This command clears automatically-created control path entries for 802.1X users on non-Dell APs. Syntax No parameters. Usage Guidelines Run this command after changing the configuration of a RADIUS server in the server group configured with the aaa authentication stateful-dot1x command. This causes entries for the users to be created in the control path with the updated configuration information.
aaa authentication stateful-ntlm aaa authentication stateful-ntlm clone default-role enable server-group timeout Description This command configures stateful NT LAN Manager (NTLM) authentication. Syntax Parameter Description Range Default clone Create a copy of an existing stateful NTLM profile — — default-role Select an existing role to assign to authenticated users. — guest no Negates any configured parameter.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
aaa authentication via auth-profile aaa authentication via auth-profile auth-protocol {mschapv2|pap} cert-cn-lookup clone default-role desc max-authentication-failures no pan-integration radius-accounting rfc-3576-server server-group Description This command configures the VIA authentication profile.
Parameter Description Default max-authentication-failures Number of times VIA will prompt user to login due to incorrect credentials. After the maximum authentication attempts failures VIA will exit. 3 pan-integration Requires IP mapping at Palo Alto Network. - radius-accounting Server group for RADIUS accounting. - rfc-3576-server Configures the RFC 3576 server.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
aaa authentication via connection-profile aaa authentication via connection-profile admin-logoff-script admin-logon-script allow-user-disconnect allow-whitelist-traffic auth_domain_suffix auth-profile auth_doman_suffix auto-launch-supplicant auto-login auto-upgrade banner-message-reappear-timeout client-logging client-netmask client-wlan-profile position clone controllers-load-balance csec-gateway-url csec-http-ports
Syntax Parameter Description Default admin-logoff-script Enables VIA logoff script. Disabled admin-logon-script Enables VIA logon script. Disabled allow-user-disconnect Enable or disable users to disconnect their VIA sessions. Enabled allow-whitelist-traffic If enabled, this feature will block network access until the VIA VPN connection is established. Disabled auth_domain_suffix Enables a domain suffix on VIA Authentication, so client credentials are sent as domainname\username instead of j
Parameter Description Default will end and the VIA Login banner message reappears. client-logging Enable or disable VIA client to auto login and establish a secure connection to the controller. Enabled client-netmask The network mask that has to be set on the client after the VPN connection is established. 255.255.255.
Parameter Description Default csec-gateway-url Specify the content security service providers URL here. You must provide a fully qualified domain name. — csec-http-ports Specify the ports (separated by comma) that will be monitored by the content security service provider. Do not add space before or after the comma. — domain-preconnect Enable this option to allow users with lost or expired passwords to establish a VIA connection to corporate network.
Parameter Description Default ikev2-proto Enable this to use IKEv2 protocol to establish VIA sessions. Disabled ikev2auth Use this option to set the IKEv2 authentication method. By default user certificate is used for authentication. The other supported methods are EAP-MSCHAPv2, EAP-TLS. The EAP authentication is done on an external RADIUS server. User Certificates ipsec-cryptomap List of IPsec crypto maps that the VIA client uses to connect to the controller.
Parameter Description l Default and the rest is just bridged directly on the client. If disabled, all traffic will flow through the controller. suiteb-crypto Use this option to enable Suite-B cryptography. See RFC 4869 for more information about Suite-B cryptography. Disabled support-email The support e-mail address to which VIA users will send client logs. None tunnel address
A list of network destination (IP address and netmask) that the VIA client will tunnel through the controller.Parameter Description Default windows-credentials Enable or disable the use of the Windows credentials to login to VIA. If enabled, the SSO (Single Sign-on) feature can be utilized by remote users to connect to internal resources. Enabled Usage Guidelines Issue this command to create a VIA connection profile. A VIA connection profile contains settings required by VIA to establish a secure connection to the controller. You can configure multiple VIA connection profiles.
Release Modification ArubaOS 6.2 The following commands were introduced: l allow-whitelist-traffic l banner-message-reappear-timeout l controllers-load-balancing l enable-fips l enable-supplicant l whitelist ArubaOS 6.3 The user-idle-timeout parameter was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
aaa authentication via global-config aaa authentication via global-config no ssl-fallback-enable Description The global config option allows to you to enable SSL fallback mode. If the SSL fallback mode is enabled the VIA client will use SSL to create a secure connection. Syntax Parameter Description Default no Disable SSL fallback option — ssl-fallback-enable Use this option to enable an SSL fallback connection.
aaa authentication via web-auth aaa authentication via web-auth default auth-profile position clone no Description A VIA web authentication profile contains an ordered list of VIA authentication profiles. The web authentication profile is used by end users to login to the VIA download page (https:///via) for downloading the VIA client. Only one VIA web authentication profile is available.
aaa authentication vpn aaa authentication vpn cert-cn-lookup clone default-role export-route max-authentication-failures no ... pan-integration radius-accounting server-group user-idle-timeout Description This command configures VPN authentication settings. Syntax Parameter Description Default There are three VPN profiles: default, default-rap or default-cap. This allows users to use different AAA servers for VPN, RAP and CAP clients.
Parameter Description Default NOTE: This parameter requires the RFProtect license. no Negates any configured parameter. — pan-integration Require IP mapping at Palo Alto Networks firewalls. disabled radius-accounting < Configure server group for RADIUS accounting — server-group Name of the group of servers used to authenticate VPN users. See aaa servergroup on page 102. internal user-idle-timeout The user idle timeout for this profile.
Version Description ArubaOS 6.3 The user-idle-timeout parameter was introduced. ArubaOS 6.3.1 The export-route parameter was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system, except for noted parameters. The default-role parameter requires the Policy Enforcement Firewall for VPN Users (PEFV) license. Config mode on master controllers 71 | aaa authentication vpn Dell Networking W-Series ArubaOS 6.4.
aaa authentication wired aaa authentication wired no ... profile Description This command configures authentication for a client device that is directly connected to a port on the controller. Syntax Parameter Description no Negates any configured parameter. profile Name of the AAA profile that applies to wired authentication. This profile must be configured for a Layer-2 authentication, either 802.1X or MAC. See aaa profile on page 92.
aaa authentication wispr aaa authentication wispr agent string clone default-role logon-wait {cpu-threshold }|{maximum-delay }|{minimum-delay } no ...
Parameter Description maximum-delay If the controller’s CPU utilization has surpassed the CPU-threshold value, the maximum-delay parameter defines the minimum number of seconds a user will have to wait to retry a login attempt. Range: 1-10 seconds. Default: 10 seconds. minimum-delay If the controller’s CPU utilization has surpassed the CPU-threshold value, the minimum-delay parameter defines the minimum number of seconds a user will have to wait to retry a login attempt.
l Bongo l Trustive l weRoam l AT&T A WISPr authentication profile includes parameters to define RADIUS attributes, the default role for authenticated WISPr users, maximum numbers of authenticated failures and logon wait times. The WISPrLocation-ID sent from the controller to the WISPr RADIUS server will be the concatenation of the ISO Country Code, E.164 Country Code, E.164 Area Code and SSID/Zone parameters configured in this profile.
aaa bandwidth-contract aaa bandwidth-contract {kbits |mbits } Description This command configures a bandwidth contract. Syntax Parameter Description Range Name that identifies this bandwidth contract. — kbits Limit the traffic rate for this bandwidth contract to a specified number of kilobits per second. 256-2000000 mbits Limit the traffic rate for this bandwidth contract to a specified number of megabits per second.
aaa derivation-rules aaa derivation-rules user no ... set {aaa-profile|role|vlan} condition set-value {|} [description ][position ] Description This command configures rules which assigns a AAA profile, user role or VLAN to a client based upon the client’s association with an AP. A user role cannot be assigned by an AAA derivation rule unless the controller has an installed PEFNG license.
Usage Guidelines The user role can be derived from attributes from the client’s association with an AP. User-derivation rules are executed before the client is authenticated. You configure the user role to be derived by specifying condition rules; when a condition is met, the specified user role is assigned to the client. You can specify more than one condition rule; the order of rules is important as the first matching condition is applied. You can also add a description of the rule.
The device identification feature allows you to assign a user role or VLAN to a specific device type by identifying a DHCP option and signature for that device. If you create a user rule with the DHCP-Option rule type, the first two characters in the Value field must represent the hexadecimal value of the DHCP option that this rule should match, while the rest of the characters in the Value field indicate the DHCP signature the rule should match.
Feb 26 02:56:02 :202536: |dhcpdwrap| |dhcp| Datapath vlan10: REQUEST 00:26:c6:52:6b:7c reqIP=10.10.10.254 Options 3d:010026c6526b7c 0c:41525542412d46416c73653232 51:00000041525542412d46416c736532322e73757279612e636f6d 3c:4d53465420352e30 37:010f03062c2e2f1f21f92b 2b:dc0100 Examples The following command sets the client’s user role to “guest” if the client associates to the “Guest” ESSID. The rule description indicates that is was created for special customers.
aaa dns-query-interval aaa dns-query-interval Description Configure how often the controller should generate a DNS request to cache the IP address for a RADIUS server identified via its fully qualified domain name (FQDN). Syntax Parameter Description Specify, in minutes, the interval between DNS requests sent from the controller to the DNS server. By default, DNS requests are sent every 15 minutes.
aaa inservice aaa inservice Description This command designates an “out of service” authentication server to be “in service”. Syntax Parameter Description Server group to which this server is assigned. Name of the configured authentication server.
aaa ipv6 user add aaa ipv6 user add authentication-method {dot1x|stateful-dot1x} mac name profile role Description This command manually assigns a user role or other values to a specified IPv6 client. Syntax Parameter Description IPv6 address of the user to be added. authentication-method Authentication method for the client. dot1x 802.1X authentication. stateful-dot1x Stateful 802.1X authentication.
aaa ipv6 user add 2002:d81f:f9f0:1000:e409:9331:1d27:ef44 role ipv6-web-debug Command History This command was available in ArubaOS 3.3. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers Dell Networking W-Series ArubaOS 6.4.
aaa ipv6 user clear-sessions aaa ipv6 user clear-sessions Description This command clears ongoing sessions for the specified IPv6 client. Syntax Parameter Description IPv6 address of the client. Usage Guidelines This command clears any ongoing sessions that the client already had before being assigned a role with the aaa ipv6 user add command.
aaa ipv6 user delete aaa ipv6 user delete {|all|mac |name |role } Description This command deletes IPv6 clients, users, or roles. Syntax Parameter Description IPv6 address of the client to be deleted. all Deletes all connected IPv6 clients. mac MAC address of the IPv6 client to be deleted. name Name of the IPv6 client to be deleted. role Role of the IPv6 client to be deleted.
aaa ipv6 user logout aaa ipv6 user logout Description This command logs out an IPv6 client. Syntax Parameter Description IPv6 address of the client to be logged out. Usage Guidelines This command logs out an authenticated IPv6 client. The client must reauthenticate. Example The following command logs out an IPv6 client: aaa user logout 2002:d81f:f9f0:1000:e409:9331:1d27:ef44 Command History This command was available in ArubaOS 3.3.
aaa log [no] aaa log Description Enable per-user log files for AAA events. Syntax No parameters Usage Guidelines By default, logging is always enabled. Issue the no aaa log command to disable per-user logging and reenable it again using the command aaa log. The W-7200 Series controllerssupport 1KB of log files per user for up to 32,000 users, and W-6000and W-3600 controllers support 1KB of log files per user for up to 16,000 users. Example The example below enables per-user AAA log files.
aaa password-policy mgmt aaa password-policy mgmt enable no password-lock-out password-lock-out-time password-max-character-repeat. password-min-digit password-min-length password-min-lowercase-characters password-min-special-character password-min-special-character password-min-uppercase-characters password-not-username Description Define a policy for creating management user passwords.
Parameter Description password-min-length The minimum number of characters required for a management user password Range: 6-64 characters. Default: 6. password-min-lowercasecharacters The minimum number of lowercase characters required in a management user password. Range: 0-10 characters. By default, there is no requirement for lowercase letters in a password, and the parameter has a default value of 0.
Command History This command was available in ArubaOS 5.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 91 | aaa password-policy mgmt Dell Networking W-Series ArubaOS 6.4.
aaa profile aaa profile authentication-dot1x authentication-mac clone devtype-classification dot1x-default-role dot1x-server-group download-role enforce-dhcp initial-role l2-auth-fail-through mac-default-role mac-server-group multiple-server-accounting no ...
Parameter Description Default devtype-classification The device identification feature can automatically identify different client device types and operating systems by parsing the User-Agent strings in a client’s HTTP packets. When the devtype-classification parameter is enabled, the output of the show user and show user-table commands shows each client’s device type, if that client device can be identified. enabled dot1x-default-role Configured role assigned to the client after 802.
Parameter Description Default radius-accounting Name of the server group used for RADIUS accounting. See aaa server-group on page 102. — radius-interim-accounting By default, the RADIUS accounting feature sends only start and stop messages to the RADIUS accounting server. Issue the interimradius-accounting command to allow the controller to send Interim-Update messages with current user statistics to the server at regular intervals.
Parameter default-dot1x defaultmac-auth defaultopen authentication-dot1x default N/A N/A authentication-mac N/A default N/A dot1x-default-role authenticated guest guest dot1x-server-group N/A N/A N/A initial-role logon logon logon mac-default-role guest authenticated guest mac-server-group default default default radius-accounting N/A N/A N/A rfc-3576-server N/A N/A N/A user-derivation-rules N/A N/A N/A wired-to-wireless roam enabled enabled enabled Example Th
Command Information Platforms Licensing Command Mode All platforms Base operating system, except for noted parameters Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
aaa query-user aaa query-user Description Troubleshoot an LDAP authentication failure by verifying that the user exists in the ldap server database. Syntax Parameter Description Name of an LDAP server. Name of a user whose LDAP record you want to view.
Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers Dell Networking W-Series ArubaOS 6.4.
aaa radius-attributes aaa radius-attributes add {date|integer|ipaddr|string} [vendor ] Description This command configures RADIUS attributes for use with server derivation rules. Syntax Parameter Description add Adds the specified attribute name (alphanumeric string), associated attribute ID (integer), and type (date, integer, IP address, or string). date Adds a date attribute. integer Adds a integer attribute.
aaa rfc-3576-server aaa rfc-3576-server clone key no ... Description This command configures a RADIUS server that can send user disconnect, session timeout, and change-ofauthorization (CoA) messages, as described in RFC 3576, “Dynamic Authorization Extensions to Remote Dial In User Service (RADIUS)”. Syntax Parameter Description IP address of the server. clone Name of an existing RFC 3576 server configuration from which parameter values are copied.
Related Commands Command Description aaa profilerfc-3576-server Associate an RFC-3576 server to a AAA profile. show aaa state user View information for a user whose session timeout is altered by a RFC 3576 server. Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 6.3 Introduced support for session timeout messages from the RFC 3576 server.
aaa server-group aaa server-group allow-fail-through auth-server [match-authstring contains|equals|starts-with ] [match] [position ] [trim-fqdn] clone load-balance no ...
Parameter Description Default match-fqdn This option associates the authentication server with a specified domain. An authentication request is sent to the server only if there is an exact match between the specified domain and the portion of the user information sent in the authentication request. With this option, the user information must be in one of the following formats: \ @ — position Position of the server in the server list.
Usage Guidelines You create a server group for a specific type of authentication or for accounting. The list of servers in a server group is an ordered list, which means that the first server in the group is always used unless it is unavailable (in which case, the next server in the list is used). You can configure servers of different types in a server group, for example, you can include the internal database as a backup to a RADIUS server. You can add the same server to multiple server groups.
aaa sygate-on-demand (deprecated) aaa sygate-on-demand remediation-failure-role Description This command configures the user role assigned to clients that fail Sygate On-Demand Agent (SODA) remediation. Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 3.4 Command deprecated 105 | aaa sygate-on-demand (deprecated) Dell Networking W-Series ArubaOS 6.4.
aaa tacacs-accounting aaa tacacs-accounting server-group command {action|all|configuration|show} mode {enable|disable} Description This command configures reporting of commands issued on the controller to a TACACS+ server group. Syntax Parameter Description Range Default server-group The TACACS server group to which the reporting is sent. — — command The types of commands that are reported to the TACACS server group. — — action Reports action commands only.
aaa test-server aaa test-server {mschapv2|pap} Description This command tests a configured authentication server. Syntax Parameter Description mschapv2 Use MSCHAPv2 authentication protocol. pap Use PAP authentication protocol. Name of the configured authentication server. Username to use to test the authentication server. Password to use to test the authentication server.
aaa timers aaa timers dead-time idle-timeout
Usage Guidelines These parameters can be left at their default values for most implementations. Example The following command changes the idle time to 10 minutes: aaa timers idle-timeout 10 Related Commands (host) (config) #show aaa timers (host) (config) #show datapath user table Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 3.
aaa trusted-ap aaa trusted-ap Description This command configures a trusted non-Dell AP. Syntax Parameter Description MAC address of the AP Usage Guidelines This command configures a non-Dell AP as a trusted AP. Example The following command configures a trusted non-Dell AP: aaa trusted-ap 00:40:96:4d:07:6e Command History This command was available in ArubaOS 3.0.
aaa user add aaa user add [] [authentication-method {dot1x|mac|stateful-dot1x|vpn| web}] [mac-addr ] [name ] [profile ] [role ] Description This command manually assigns a user role or other values to a specified client or device. Syntax Parameter Description IP address of the user to be added. Number of users to create starting with . authentication-method Authentication method for the user. dot1x 802.
In enable mode: aaa user add 10.1.1.236 role web-debug Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers Dell Networking W-Series ArubaOS 6.4.
aaa user clear-sessions aaa user clear-sessions Description This command clears ongoing sessions for the specified client. Syntax Parameter Description IP address of the user. Usage Guidelines This command clears any ongoing sessions that the client already had before being assigned a role with the aaa user add command. Example The following command clears ongoing sessions for a client: aaa user clear-sessions 10.1.1.236 Command History This command was available in ArubaOS 3.0.
aaa user delete aaa user delete {|all|mac |name |role } Description This command deletes clients, users, or roles. Syntax Parameter Description IP address of the client to be deleted. all Deletes all connected clients. mac MAC address of the client to be deleted. name Name of the client to be deleted. role Role of the client to be deleted. Usage Guidelines This command allows you to manually delete clients, users, or roles.
aaa user fast-age aaa user fast-age Description This command enables fast aging of user table entries. Syntax No parameters. Usage Guidelines When this feature is enabled, the controller actively sends probe packets to all users with the same MAC address but different IP addresses. The users that fail to respond are purged from the system. This command enables quick detection of multiple instances of the same MAC address in the user table and removal of an “old” IP address.
aaa user logout aaa user logout Description This command logs out a client. Syntax Parameter Description IP address of the client to be logged out. Usage Guidelines This command logs out an authenticated client. The client must reauthenticate. Example The following command logs out a client: aaa user logout 10.1.1.236 Command History This command was available in ArubaOS 3.0.
aaa user monitor aaa user monitor |off Description This command checks to see whether an authenticated user's attributes differ from those in the SOS. Syntax Parameter Description IP address of the user whose attributes are being checked.
aaa user purge-log aaa user purge-log Description This clear aaa user log files Syntax No parameters Usage Guidelines Per-user log files for AAA events can be used for troubleshooting issues with a specific client or device. This command clears log information for deleted users. Example aaa user purge log Command History This command was available in ArubaOS 6.
aaa user stats-poll aaa user stats-poll Description This command enables user statistics polling. If enabled, ArubaOS will poll user data verify that user information in the controller datapath is in synchronization with the data in the controller's authentication module. Syntax Parameter Description This command enables user statistics polling, and defines the time interval between polls. The supported range is 60-600 seconds.
aaa xml-api aaa xml-api server clone default-authentication-role key no ... Description This command configures an external XML API server. Syntax Parameter Description server IP address of the external XML API server. clone Name of an existing XML API server configuration from which parameter values are copied. key Preshared key to authenticate communication between the controller and the XML API server.
activate whitelist download activate whitelist download Description This command synchronizes the remote AP whitelist on the controller with the Activate whitelist database. Syntax No parameters Usage Guidelines Use this command to synchronize the controller's remote AP whitelist with the cloud-based Activate service. The controller and the Activate server must have layer-3 connectivity to communicate.
activate-service-whitelist activate-service-whitelist add-only interval no ... password whitelist-enable Description This command configures the profile that allows the controller to integrate with the Dell Activate cloud-based services to track, provision and update your remote APs. Syntax Parameter Description add-only Allow only addition or modification of entries to the Activate remote AP whitelist database. This parameter is enabled by default.
Command History This command was introduced in ArubaOS 6.3 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
adp adp discovery {disable|enable} igmp-join {disable|enable} igmp-vlan Description This command configures the Aruba Discovery Protocol (ADP). Syntax Parameter Description Range Default discovery Enables or disables ADP on the controller. enabled/ disabled enabled igmp-join Enables or disables sending of Internet Group Management Protocol (IGMP) join requests from the controllers. enabled/ disabled enabled igmp-vlan VLAN to which IGMP reports are sent.
airgroup airgroup server-refresh MAC-address test-server MAC-address active-domain active-wireless-discovery {disable | enable} cppm-server aaa no rfc-3576-server rfc3576_udp_port server-dead-time server-group cppm-server {enforce-registration | query-interval <1..
Parameter Description Range Default active-wirelessdiscovery {disable | enable} If enabled, controller actively sends refresh requests to discover wireless servers. If disabled, the controller sends refresh requests to wired AirGroup servers only. This parameter is available on the master controller only. The master controller pushes this AirGroup configuration to all the applicable local controllers.
Parameter Description Range Default global-credits In an AirGroup network, AirGroup devices generate excess mDNS query and response packets. Using this command, the controller restricts these packets by assigning tokens. The controller processes these mDNS packets based on this token value. The controller rejects any packets beyond this token limit. The token renews every 15 seconds. The renewal time is not a configurable parameter.
Example Access the controller’s command-line interface and use the following command to enable the AirGroup Global Setting: (host) (host) (host) (host) (host) (host) (host) (host) (host) (config) (config) (config) (config) (config) (config) (config) (config) (config) # # # # # # # # # airgroup airgroup airgroup airgroup airgroup airgroup airgroup airgroup airgroup server-refresh MAC-address test-server MAC-address enable dlna enable mdns enable cppm-server enforce-registration query-i
airgroupservice airgroupservice description disallow-role disallow-vlan <1..4094> id no Description This command defines an AirGroup service on the master controller. The master controller pushes this AirGroup configuration to all the applicable local controllers. Syntax Parameter Description Range Default airgroupservice Name of the AirGroup service. — — description Description of the AirGroup service.
Related Commands Command Description show airgroupservice This command displays the service details of all AirGroup services in the controller. Command History: Release Modification ArubaOS 6.3 Command introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Configuration mode on master controllers 131 | airgroupservice Dell Networking W-Series ArubaOS 6.4.
airgroup static mdns-record airgroup static mdns-record ptr [server_ipaddr] srv a aaaa txt no… Description This command configures group static mDNS records. Syntax Parameter Description Range Default ptr Specifies the PTR (Pointer) record that is used for DNS-Service Discovery — — Mac_addr MAC address of the server.
Parameter Description Range Default that is used by a host. ipv4addr IPv4 address of the server. — — aaaa Specifies the AAAA (IPv6 address) record. This is used for mapping host names to an IP address of the host. — — ipv6addr IPv6 address of the server. — — text Specifies the TEXT record for human-readable text in a DNS record. 1-255 characters. — server_ipaddr Specifies the IP address of the AirGroup server. — — no Negates any configured parameter.
9)._airplay._tcp.local" 10.15.121.240 The following example shows the PTR record was created: (host) (config-airgroup-record) #show airgroup cache entries Cache Entries ------------Name Type Class TTL Origin Expiry Last Update ---- ---- ----- --- ------ ------ ----------_airplay._tcp.local PTR IN 4500 10.15.121.
(host) (config-airgroup-record) #aaaa fe80::9e20:7bff:fecd:ec41 The following example shows the AAAA record was created: (host) (config-airgroup-record) #show airgroup cache entries static Cache Entries ------------Name Type Data Origin ---- ---- ---- -----_airplay._tcp.local PTR Apple\032TV\032\0409\041._airplay._tcp.local 10.15.121.240 Apple TV (9)._airplay._tcp.local SRV/NBSTAT Apple-TV-mbabu-9.local port:7000 10.15.121.240 Apple-TV-mbabu-9.local A 10.15.121.240 10.15.121.240 Apple-TV-mbabu-9.
airgroup static mdns-record txt [server_ipaddr] The following example creates a TEXT record: (host) (config) #airgroup static mdns-record txt 9c:20:7b:cd:ec:41 "Apple TV mbabu (4)._airpla y._tcp.local" "features=0x5a7ffff7" 10.15.121.240 The following example shows the TEXT record was created: Cache Entries ------------Name Type Class TTL Origin Expiry Last Update ---- ---- ----- --- ------ ------ ----------_airplay._tcp.local PTR IN 4500 10.15.121.
Command History Release Modification ArubaOS 6.4 Command introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode 137 | airgroup static mdns-record Dell Networking W-Series ArubaOS 6.4.
am am scan [bssid ] am test {suspect-rap bssid match-type match-method |wired-mac {add|remove {bssid |enet-mac } mac } Description These commands enable channel scanning or testing for the specified air monitor. Syntax Parameter Description Range scan IP address of the air monitor to be scanned. — Channel to which the scanning is tuned. Set to 0 to enable scanning of all channels.
Command History: Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3.1 Support for the wired-mac and associated parameters was introduced. Command Information 139 | am Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
ap authorization-profile ap authorization-profile authorization-group Description This command defines a temporary configuration profile for remote APs that are not yet authorized on the network. Syntax Parameter Description Range Default authorization-profile Name of this instance of the profile. The name must be 1-63 characters. — “default” authorization-group Name of a configuration profile to be assigned to the group unauthorized remote APs.
ap debug advanced-stats ap debug advanced-stats {ap-name }|{ ip-addr }|{ ip6-addr } {net80211}|{radio 1|0} enable|disable Description Issue this command under the supervision of Dell technical support to enable the collection and display of advanced AP debugging information. Syntax Parameter Description ap-name Name of the AP for which you want to record advanced debugging information.
ap debug client-trace start ap debug client-trace start {ap-name }|{ip-addr }|{ip6-addr } mac [length-range |[length-range } Description Use this command to trace management packets from a client MAC address. Syntax Parameter Description ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP. mac MAC address of the client.. length-range data packet max length.
ap debug client-trace stop ap debug client-trace stop {ap-name }|{ip-addr }|{ip6-addr } mac Description Use this command to stop tracing management packets from a client MAC address. Syntax Parameter Description ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP. mac MAC address of the client..
ap debug dot 11r remove-key ap debug dot 11r remove-key [ap-name | ip-addr ] Description This command removes the r1 key from an AP. Syntax Parameter Description MAC address of the client. ap-name Name of the AP. ip-addr IP address of the AP. Usage Guidelines Use this command to remove an r1 key from an AP when the AP does not have a cached r1 key during Fast BSS Transition roaming.
ap debug radio-event-log ap debug radio-event log [start|stop] [ap-name |ip-addr |ip6-addr ] radio <0|1> size events [all|ani|rcfind|rcupdate|rx|size|text|tx] [hex ] Description Start and stops packet log capture of radio events for debugging purposes, and sends a log file of the events to a dump server when logging stops.
Example The following commands starts and stops a Wi-Fi radio event log: (host)(config)#ap debug radio-event-log start ap-name 6c:f3:7f:c6:71:90 radio 0 events all (host)(config)#ap debug radio-event-log stop ap-name 6c:f3:7f:c6:71:90 radio 0 Related Commands show ap debug radio-event-log status Command History Release Modification ArubaOS 6.
ap debug radio-registers dump ap debug radio-registers dump [ap-name |ip-addr |ip6-addr ] [filename {all|interrupt|qcu |radio}] Description This command allows you to collect all or specific radio register information into a separate file. Syntax Parameter Description ap-name Name of Access Point ip-addr Collect radio register information for this specific AP radio. ip6-addr Collect radio register information for the AP assigned to this ipv6 address.
ap enet-link-profile ap enet-link-profile clone dot3az duplex {auto|full|half} no ... speed {10|100|1000|auto} Description This command configures an AP Ethernet link profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” clone Name of an existing Ethernet Link profile from which parameter values are copied. — — dot3az Enable support for the 803.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3 Support for 1000 Mbps (1 Gbps) Ethernet port speed was introduced. ArubaOS 6.2 Support for the dot3az parameter was introduced. Command Information Platforms Licensing Command Mode Available on all platforms Base operating system Config mode on master controllers 149 | ap enet-link-profile Dell Networking W-Series ArubaOS 6.4.
ap flush-r1-on-new-r0 ap·flush- r1-on-new-r0 {enable|disable} Description Use this command to enable or disable flushing of R1 keys, when R0 is updated for d-tunnel or bridge mode. Syntax Parameter Description enable Enable flushing of R1 keys. disable Disable flushing of R1 keys. Example The following example enables flushing of R1 keys. (host) (config) #ap flush-r1-on-new-r0 enable The following command displays the status of flushing of R1 keys.
ap image-preload ap image-preload activate all-aps|specific-aps add {ap-group | ap-name } cancel clear-all delete {ap-group | ap-name } [partition ] [max-downloads ] Description Configure APs to preload a new software image from a W-3600 or W-6000M3 controller before the controller starts actively running the new image.
Usage Guidelines The AP image preload feature minimizes the downtime required for a controller upgrade by allowing the APs associated to a W-3400, W-3600 or W-6000M3 controller to download the new images before the controller actually starts running the new version.
ap-lacp-striping-ip ap-lacp-striping-ip aplacp-enable no striping-ip lms Description Define an AP LACP LMS map information profile that maps a GRE striping IP address to an existing LMS-IP address. Syntax Parameter Description aplacp-enable Issue this command to enable LACP IP striping. This feature is disabled by default no ... Issue this command to negate any setting or return a configured parameter it to its default value. striping-ip Specify an IPv4 address for the 802.
Related Commands The following show commands display information about the settings defined in the AP LACP LMS map information profile: l show ap-lacp-striping-ip: displays all settings defined in AP LACP LMS map information profile. l show ap database: the output of this command displays an s flag to indicate that the AP is enabled with a striping IP address. l show ap debug lacp: the output of this command displays the AP's striping IP address, as defined in the AP LACP LMS map information profile.
ap lldp med-network-policy-profile ap lldp med-network-policy-profile application-type guest-voice|guest-voice-signaling|softphone-voice|streaming-video|videoconferencing|video-signaling|voice|voice-signaling clone dscp l2-priority no ... tagged vlan Description Define an LLDP MED network policy profile that defines DSCP values and L2 priority levels for a voice or video application.
Parameter Description Range NOTE: This is the default application type. Use this application type if the AP is part of a network that requires a different policy for voice signaling than for the voice media. Do not use this application type if both the same network policies apply to both voice and voice signaling traffic. - clone Make a copy of an existing profile by specifying that profile name.
(host) (host) (host) (host) (AP LLDP Profile "video1")lldp-med-network-policy-profile vid-stream (AP LLDP Profile "video1")! (config)ap wired-port-profile corp2 (AP wired port profile "corp2")lldp-profile video1 Command History This command was introduced in ArubaOS 6.2. Command Information Platforms Licensing Command Mode Available on all platforms Base operating system Config mode on master controllers 157 | ap lldp med-network-policy-profile Dell Networking W-Series ArubaOS 6.4.
ap lldp profile ap lldp profile clone dot1-tlvs port-vlan|vlan-name dot3-tlvs link-aggregation|mac|mfs|power lldp-med-network-policy-profile lldp-med-tlvs capabilities|inventory|network-policy no ...
Parameter Description lldp-med-network-policy-profile Specify the LLDP MED Network Policy profile to be associated with this LLDP profile. lldp-med-tlvs Specify which of the following LLDP-MED TLVs the AP will send in LLDP PDUs. The AP will not send any LLDPMED TLVs by default. capabilities Transmit the LLDP-MED capabilities TLV. The AP will automatically send this TLV if any of the other LLDPMED TLVs are enabled. inventory Transmit the LLDP-MED inventory TLV.
Usage Guidelines Link Layer Discovery Protocol (LLDP), is a Layer-2 protocol that allows network devices to advertise their identity and capabilities on a LAN. Wired interfaces on Dell APs support LLDP by periodically transmitting LLDP Protocol Data Units (PDUs) comprised of type-length-value (TLV) elements. Use this command to specify which TLVs should be sent by the AP interface associated with the LLDP profile.
ap mesh-cluster-profile ap mesh-cluster-profile clone cluster no ... opmode [opensystem | wpa2-psk-aes] rf-band {a | g} wpa-hexkey wpa-passphrase Description This command configures a mesh cluster profile used by mesh nodes. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description Range Default wpa-hexkey Configures a WPA pre-shared key. — — wpa-passphrase Sets the WPA password that generates the PSK. — — Usage Guidelines Mesh cluster profiles are specific to mesh nodes (APs configured for mesh) and provide the framework of the mesh network. You must define and configure the mesh cluster profile before configuring an AP to operate as a mesh node. You can configure multiple mesh cluster profiles to be used within a mesh cluster.
ap mesh-ht-ssid-profile ap mesh-ht-ssid-profile 40MHz-enableba-amsdu-enable clone high-throughput-enable ldpc legacy-stations max-rx-a-mpdu-size max-tx-a-mpdu-size min-mpdu-start-spacing mpdu-agg no short-guard-intvl-20Mhz short-guard-intvl-40Mhz stbc-rx-streams stbc-tx-streams supported-mcs-set temporal-diversity Description This command configures a mesh high-throughput SSID profile used by mesh nodes.
Parameter Description legacy-stations Allow or disallow associations from legacy (non-HT) stations. By default, this parameter is enabled (legacy stations are allowed). max-tx-a-mpdu-size Maximum size of a transmitted aggregate MPDU, in bytes. 1576 -65535 max-rx-a-mpdu-size Maximum size of a received aggregate MPDU, in bytes. 8191, 16383, 32767, 65535 min-mpdu-start-spacing Minimum time between the start of adjacent MPDUs within an aggregate MPDU, in microseconds.
Parameter Description Range Default The 802.11n standard specifies two guard intervals: 400ns (short) and 800ns (long). Enabling a short guard interval can decrease network overhead by reducing unnecessary idle time on each AP. Some outdoor deployments, may, however require a longer guard interval. If the short guard interval does not allow enough time for reflections to settle in your mesh deployment, inter-symbol interference values may increase and degrade throughput.
If you modify a currently provisioned and running high-throughput SSID profile, your changes take effect immediately. You do not reboot the controller or the AP. Example The following command configures a mesh high-throughput SSID profile named “HT1” and sets some nondefault settings for MAC protocol data unit (MPDU) aggregation: (host) (config) #ap mesh-ht-ssid-profile HT1 max-rx-a-mpdu-size 32767 max-tx-a-mpdu-size 32767 min-mpdu-start-spacing .
ap mesh-radio-profile ap mesh-radio-profile a-tx rates [6|9|12|18|24|36|48|54] allowed-vlans children clone eapol-rate-opt g-tx rates [1|2|5|6|9|11|12|18|24|36|48|54] heartbeat-threshold hop-count link-threshold max-retries mesh-ht-ssid-profile mesh-mcast-opt mesh-survivability metric-algorithm {best-link-rssi|distributed-tree-rssi} mpv no ...
Parameter Description Range Default g-tx rates Indicates the transmit rates for the 802.11b/g radio. The AP attempts to use the highest transmission rate to establish a mesh link. If a rate is unavailable, the AP goes through the list and uses the next highest rate. 1, 2, 5, 6, 9, 11, 12, 18, 24, 36, 48, 54 1, 2, 5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbps heartbeatthreshold Indicates the maximum number of heartbeat messages that can be lost between neighboring mesh nodes.
Parameter Description Range Default best-linkrssi Selects the parent with the strongest RSSI, regardless of the number of children a potential parent has. — — distributedtree-rssi Selects the parent based on link-RSSI and node cost based on the number of children. This option evenly distributes the mesh points over high quality uplinks. Low quality uplinks are selected as a last resort. — — mpv This parameter is experimental and reserved for future use.
Parameter Description Range Default Connected mesh nodes evaluate alternative links only if the existing uplink becomes a sub-threshold link. NOTE: Starting with ArubaOS 3.4.1, if a mesh point using the subthreshold-only mode reselects a more distant parent because its original, closer parent falls below the acceptable threshold, then as long as that mesh point is connected to that more distant parent, it will seek to reselect a parent at the earlier distance (or less) with good link quality.
Example The following command creates a mesh radio profile named “radio2” and associates a mesh high-throughput profile named meshHT1: (host) (config) #ap mesh-radio-profile radio2 mesh-ht-ssid-profile meshHT1 Related Commands To view a complete list of mesh radio profiles and their status, use the following command: (host) (config) #show ap mesh-radio-profile To view the settings of a specific mesh radio profile, use the following command: (host) (config) #show ap mesh-radio-profile Command Histo
ap provisioning-profile ap provisioning-profile apdot1x-passwd apdot1x-username cellular_nw_preference 3g-only|4g-only|advanced|auto clone link-priority-cellular link-priority-ethernet master clear|{set } no pppoe-passwd pppoe-service-name pppoe-user remote-ap reprovision uplink-vlan usb-dev usb-dial usb-init usb-modeswitch -v -p -V -P -M usb-passwd usb-power-mode auto| enable|disable us
Parameter Description Default Range RSSI is within required range, and if so, connects to that network. If the RSSI for the modem’s selected network is not within the required range, the RAP will then check the RSSI limit of an alternate network (for example, 3G), and reconnect to that alternate network. The RAP will repeat the above steps each time it tries to connect using a 4G multimode modem in this mode.
Parameter Description Default Range uplink-vlan If you configure an uplink VLAN on an AP connected to a port in trunk mode, the AP sends and receives frames tagged with this VLAN on its Ethernet uplink. By default, an AP has an uplink vlan of 0, which disables this feature. NOTE: If an AP is provisioned with an uplink VLAN, it must be connected to a trunk mode port or the AP’s frames will be dropped. 0( disabled) to 4095 0 usb-dev The USB device identifier.
Parameter Description Default Range usb-user The PPP username provided by the cellular service provider — — Usage Guidelines The AP provisioning profile allows you to define a set of provisioning parameters to an AP group. These settings can be saved or assigned to an AP group via the command ap-group provisioning-profile . In order to enable cellular uplink for a remote AP (RAP), the RAP must have the device driver for the USB data card and the correct configuration parameters.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 Introduced support for the following parameters: l usb-dev l usb-dial l usb-init l usb-passwd l usb-tty l usb-type l usb-user l link-priority-cellular l link-priority-ethernet ArubaOS 6.0 The uplink-vlan parameter was introduced. ArubaOS 6.1 The following new parameters were introduced for provisioning APs for 802.
ap packet-capture ap packet-capture [open-port|close-port] ap packet-capture raw-start [] radio <0|1> channel maxlen ap packet-capture interactive [] radio <0|1> channel ap packet-capture [clear|stop|pause|resume][] radio <0|1> show ap packet-capture status Description These commands m
Parameter Description pause Pause a packet capture session. stop Stop a packet capture session. resume Resume a packet capture session. ID of the PCAP session. Usage Guidelines These commands direct an AP to send WiFi packet captures to a client packet analyzer utility such as Airmagnet, Wireshark and so on, on a remote client.
The following commands start an interactive packet capture session for the AP ap1. #ap packet-capture open-port 5555 #ap packet-capture interactive ap-name ap1 "type eq all" 192.168.0.3 5555 radio 0 The output of the command in the example below displays packet capture session statistics for the AP ap1. In this example, the output has been divided into multiple sections to better fit on the pages of this document. In the actual command-line interface, it will appear in a single, long table.
ap process restart ap process restart {ap-name }|{ip-addr }|{ip6-addr } Description Use this command to restart the AP process of a particular AP. Syntax Parameter Description ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP. Usage Guidelines This command should only be used under the guidance of Dell technical support. Command History Introduced in ArubaOS 6.3.
ap regulatory activate ap regulatory activate Description This command activates the specified Regulatory-Cert. Syntax None. Parameter Description Name of the Regulatory-Cert to be activated. Default — Usage Guidelines Use this command to activate a new Regulatory-Cert to your configuration. Related Commands To view the current Regulatory-Cert, use the show ap regulatory command. To view the supported channels, use the show ap allowed-channels country-code command.
ap regulatory-domain-profile ap regulatory-domain-profile clone country-code no ... valid-11a-40mhz-channel-pair valid-11a-80mhz-channel-group valid-11a-channel valid-11g-40mhz-channel-pair valid-11g-channel Description This command configures an AP regulatory domain profile. Syntax Parameter Description Name of this instance of the profile.
Parameter Description Default Note: Changing the country code causes the valid channel lists to be reset to the defaults for the country. valid-11g-40mhz -channel-pair Specify a channel pair valid for 40 MHz operation in the 802.11g frequency band for the specified regulatory domain. The two channels must be separated by a dash.
Related Commands To view the supported channels, use the show ap allowed-channels command. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3 Support for the IEEE 802.11n standard, including channel pairs for 40 MHz mode of operation, was introduced. ArubaOS 5.0 The valid-11a-40mhz-channel-pair and valid-11g-40mhz-channel-pair parameters no longer support the + and - parameters that allowed you to define a primary and backup channel within the channel pair. ArubaOS 6.
ap regulatory reset ap regulatory reset Description This command returns the controller to the factory default Regulatory-Cert. Syntax None. Usage Guidelines Use this command to return the controller to the .factory default regulatory information. Related Commands To view the current Regulatory-Cert, use the show ap regulatory command. To view the supported channels, use the show ap allowed-channels country-code command. Command History Release Modification ArubaOS 6.4.
ap snmp-profile (deprecated) Description This command configures an SNMP profile for APs. Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 Command deprecated 187 | ap snmp-profile (deprecated) Dell Networking W-Series ArubaOS 6.4.
ap snmp-user-profile (deprecated) ap snmp-user-profile auth-passwd auth-prot {md5|none|sha} clone no ... priv-passwd user-name Description This command configures an SNMPv3 user profile for APs. Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 Command deprecated Dell Networking W-Series ArubaOS 6.4.
ap spectrum clear-webui-view-settings ap spectrum clear-webui-view-settings Description Clear a saved spectrum dashboard view. Syntax no parameters Usage Guidelines Saved spectrum view preferences may not be backwards compatible with the spectrum analysis dashboard in earlier versions of ArubaOS.
ap spectrum local-override no override ap-name spectrum-band 2ghz|5ghz Description Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Syntax Parameter Description Range Default override ap-name name of an AP whose radio should be converted to a spectrum monitor radio — — spectrum band Spectrum band or portion of the band to be monitored by the spectrum monitor radio 2GHz (channels 1-14) 5GHz(channels 36-64, 100140 and 149-165).
Command History Release Modification ArubaOS 6.0 Command introduced ArubaOS 6.2 The spectrum-band parameter supports a 5ghz value, allowing an AP to monitor the entire 5 Ghz radio band. Previous versions of ArubaOS supported 5ghzlower, 5ghz-middle and 5ghz-upper settings. Command Information Platforms Licensing Command Mode All platforms RF Protect license Config mode on master controllers 191 | ap spectrum local-override Dell Networking W-Series ArubaOS 6.4.
ap system-profile ap system-profile aeroscout-rtls-server ip-or-dns port include-unassoc-sta am-scan-rf-band [a | g | all] bkup-lms-ip bkup-lms-ipv6 lms-ping-interval bootstrap-threshold clone dns-domain double-encrypt dump-server gre-striping-ip heartbeat-dscp heartbeat-in led-mode normal|off lms-hold-down-period lms-ip lms-ipv6 lms-preemption maintenance-mode max-request-retr
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” aeroscout-rtlsserver Enables the AP to send RFID tag information to an AeroScout real-time asset location (RTLS) server. RTLS station reporting includes information for APs and the clients that the AP has detected. If you include the include-unassoc-sta parameter, the station reports will also include information about clients not associated to any AP.
Parameter Description Range Default dns-domain Name of domain that is resolved by corporate DNS servers. Use this parameter when configuring split tunnel. — — double-encrypt This parameter applies only to remote APs. Use double encryption for traffic to and from a wireless client that is connected to a tunneled SSID. When enabled, all traffic is reencrypted in the IPsec tunnel. When disabled, the wireless frame is only encapsulated inside the IPsec tunnel.
Parameter Description Range Default lms-hold-downperiod Time, in seconds, that the primary LMS must be available before an AP returns to that LMS after failover. 1-3600 600 seconds lms-ip In multi-controller networks, this parameter specifies the IP address of the local management switch (LMS)— the Dellcontroller—which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network.
Parameter Description Range Default This setting is useful when deploying, maintaining, or upgrading the network. If enabled, APs stop flooding unnecessary traps and syslog messages to network management systems or network operations centers when deploying, maintaining, or upgrading the network. The controller still generates debug syslog messages if debug logging is enabled. max-request-re tries Maximum number of times to retry APgenerated requests, including keepalive messages.
Parameter Description Range Default rap-dhcp-poolnetmask Configures a DHCP pool for remote APs. This is the netmask used for the DHCP pool. — 255.255.255.0 rap-dhcp-poolstart Configures a DHCP pool for remote APs. This is the first IP address of the DHCP pool. — 192.168.11.2 rap-dhcp-server-id IP address used as the DHCP server identifier. — 192.168.11.1 rap-dhcp-server-vlan VLAN ID of the remote AP DHCP server used if the controller is unavailable.
Parameter Description Range Default the station reports will also include information about clients not associated to any AP. By default, unassociated clients are not included in station reports. session-acl Session ACL configured with the ip access-list session command. NOTE: This parameter requires the PEFNG license. — — spanning-tree Enables the spanning-tree protocol. — disabled syscontact SNMP system contact information. — — telnet Enable or disable telnet to the AP.
Release Modification to rtls-server ip-or-dns and aeroscout-rtls-server ip-or-dns. ArubaOS 6.3.1 The gre-striping-ip parameter was introduced. ArubaOS 6.4.2.0 The gre-striping-ip parameter was deprecated. GRE striping IP settings are defined using the ap-lacp-striping-ip command. The system-message-frequency parameter now accepts a value in the range of 1-3600 seconds.
ap wipe out flash ap wipe out flash ap-name ip-addr Description Overwrite the entire AP compact flash, destroying its contents (including the current image file). Syntax Parameter Description Range Default ap-name Wipe out the flash of the AP with the specified name. — — ip-addr Wipe out the flash of the AP with the specified IP address. — — Usage Guidelines Use this command only under the supervision of Dell technical support.
ap wired-ap-profile ap wired-ap-profile broadcast clone forward-mode {bridge|split-tunnel|tunnel} no ... switchport access vlan | {mode access|trunk} |trunk {allowed vlan | add | except | remove }| native vlan trusted wired-ap-enable Description This command configures a wired AP profile. Syntax Parameter Description Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description switchport Configures the switching mode characteristics for the port. access The VLAN to which the port belongs. The default is VLAN 1. mode The mode for the port, either access or trunk mode. The default is access mode. trunk allowed Allows multiple VLANs on the port interface. You must define this parameter using VLAN IDs or VLAN names VLAN IDs and VLAN names cannot be listed together.
Command Information Platforms Licensing Command Mode All platforms Base operating system, except for noted parameters Config mode on master controllers 203 | ap wired-ap-profile Dell Networking W-Series ArubaOS 6.4.
ap wired-port-profile ap wired-port-profile aaa-profile authentication-timeout clone enet-link-profile lldp-profile no rap-backup shutdown spanning-tree wired-ap-profile Description This command configures a wired port profile. Syntax Parameter Description aaa-profile Name of a AAA profile to be used by devices connecting to the AP’s wired port.
Usage Guidelines This command is only applicable to APs with Ethernet ports. Issue this command to enable or disable the wired port, define an AAA profile for wired port devices, and associate the port with an ethernet link profile that defines its speed and duplex values.
apboot apboot {all [global|local]|ap-group [global|local]|ap-name |ip-addr |wired-mac } Description This command reboots the specified APs. Syntax Parameter Description Default all Reboot all APs. all global Reboot APs on all controllers. global local Reboot only APs registered on this controller. This is the default. local ap-group Reboot APs in a specified group. ap-group global Reboot APs on all controllers.
apconnect apconnect {ap-name |bssid |ip-addr } parent-bssid Description This command instructs a mesh point to disconnect from its current parent and connect to a new parent. Syntax Parameter Description ap-name Specify the name of the mesh point to be connected to a new parent. bssid Specific the BSSID of the mesh point to be connected to a new parent. ip-addr Specific the IP address of the mesh point to be connected to a new parent.
apdisconnect apdisconnect {ap-name |bssid |ip-addr } Description This command disconnects a mesh point from its parent. Syntax Parameter Description ap-name Specifies the name of the parent AP. bssid Specifies the BSSID of the parent AP. ip-addr Specifies the IP address of the parent AP. Usage Guidelines Each mesh point learns about the mesh portal from its parent (a mesh node that is part of the path to the mesh portal).
apflash [deprecated] apflash all|{ap-group }|{ap-name }|{ip-addr }|{wired-mac } global|local [backup-partition] [server ] Description This command reflashes the specified AP. Starting with ArubaOS 6.1, this command can only be run by Dell Technical Support or users in support mode. Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 6.0 The global and local parameters were introduced. ArubaOS 6.
ap-group ap-group ap-system-profile authorization-profile clone dot11a-radio-profile dot11a-traffic-mgmt-profile dot11g-radio-profile dot11g-traffic-mgmt-profile enet0-port-profile enet1-port-profile enet2-port-profile enet3-port-profile enet4-port-profile event-thresholds-profile ids-profile mesh-cluster-profile priority mesh-radio-profile
Parameter Description Range Default dot11g-radio-profile Configures 802.11g radio settings and load balancing for the AP group; contains the ARM profile. See rf dot11a-radio-profile on page 664. — “default” dot11g-traffic-mgmt-profile Configures bandwidth allocation. See wlan traffic-management-profile on page 2079. — — enet0-port-profile Configures the duplex and speed of the Ethernet interface 0 on the AP.
Parameter Description Range Default mesh-radio-profile Configures the 802.11g and 802.11a radio settings for mesh nodes that are members of the AP group. See ap mesh-ht-ssidprofile on page 163. Commands to configure mesh for outdoor APs require the Outdoor Mesh license. — “default” no Negates any configured parameter. — — regulatory-domain-profile Configures the country code and valid channels. See ap regulatory-domain-profile on page 182.
Command Information Platforms Licensing Command Mode All platforms Base operating system, except for noted parameters Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
ap-leds ap-leds {all | ap-group | ap-name | ip-addr | wired-mac } {global blink|normal}|{local blink|normal} Description This command allows you to set the behavior of an AP’s LEDs.
Command Information Platforms Licensing Command Mode Available on all platforms Base operating system Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
ap-move ap-move all ap-group ap-name Description When HA is enabled, use this command to move an AP or group of APs to their standby controller. Syntax Parameter Description all Move all APs. ap-group Move all APs belonging to the specified AP group. ap-name Move the specified AP.
ap-name ap-name ap-system-profile authorization-profile clone dot11a-radio-profile dot11a-traffic-mgmt-profile dot11g-radio-profile dot11g-traffic-mgmt-profile enet0-profile enet1-profile event-thresholds-profile exclude-mesh-cluster-profile-ap exclude-virtual-ap ids-profile mesh-cluster-profile priority mesh-radio-profile no ...
Parameter Description Default dot11g-radioprofile Configures 802.11g radio settings for the AP group; contains the ARM profile. See rf dot11a-radio-profile on page 664. “default” dot11g-trafficmgmt-profile Configures bandwidth allocation. See wlan trafficmanagement-profile on page 2079. — enet0-profile Configures the duplex and speed of the Ethernet 0 interface on the AP. See ap enet-link-profile on page 148.
Parameter Description Default voip-cac-profile Configures voice over IP (VoIP) call admission control (CAC) options. See wlan voip-cac-profile on page 2096. This parameter requires the PEFNG license. “default” Usage Guidelines Profiles that are applied to an AP group can be overridden on a per-AP name basis, and virtual APs can be added or excluded on a per-AP name basis. If a particular profile is overridden for an AP, all parameters from the overriding profile are used.
ap-regroup ap-regroup {ap-name |serial-num |service-tag |wired-mac } Description This command moves a specified AP into a group. Syntax Parameter Description Default ap-name Name of the AP. — serial-num Serial number of the AP. — service-tag Service tag of the AP. — wired-mac MAC address of the AP. — Name that identifies the AP group. The name must be 1-63 characters.
ap-rename ap-rename {ap-name |serial-num |service-tag |wired-mac } Description This command changes the name of an AP to the specified new name. Syntax Parameter Description ap-name Current name of the AP. serial-num Serial number of the AP. service-tag Service tag of the AP. wired-mac MAC address of the AP. New name for the AP. The name must be 1-63 characters. NOTE: You cannot use quotes (“) in the AP name.
| ap-rename Dell Networking W-Series ArubaOS 6.4.
app lync traffic-control app lync traffic-control clone no ... prioritize-desktop-sharing prioritize-file-transfer prioritize-video prioritize-voice Description This command creates a traffic control profile that allows the controller to recognize and prioritize a specific type of Lync traffic in order to apply QoS through the Lync Application Layer Gateway (ALG). Syntax Parameter Description clone Copy configuration from another traffic control prioritization profile. no ...
Version Description ArubaOS 6.4 Command introduced. NOTE: This command replaces app lync traffic-control (deprecated). Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config mode on master or local controllers 225 | app lync traffic-control Dell Networking W-Series ArubaOS 6.4.
app lync traffic-control (deprecated) app lync traffic-control no ... prioritize desktop-sharing prioritize file-transfer prioritize video prioritize voice Description This command allows the controller to recognize and prioritize a specific type of Lync traffic in order to apply QoS through the Lync Application Layer Gateway (ALG). Command History Version Description ArubaOS 6.3 Command introduced. ArubaOS 6.4 Command deprecated.
arm move-sta arm move-sta Description This command moves a client station to another BSSID. Syntax Parameter Description MAC address of the client to be moved to another BSSID BSSID of the AP to which the client should associate. Usage Guidelines Issue this command to manually move a client to a different BSSID Example The following command moves a client with the MAC address 00:0B:86:01:7A:C0 to the BSSID 00:1C:B3:09:85:15.
arp arp Description This command adds a static Address Resolution Protocol (ARP) entry. Syntax Parameter Description IP address of the device to be added. Hardware address of the device to be added, in the format xx:xx:xx:xx:xx:xx. Usage Guidelines If the IP address does not belong to a valid IP subnetwork, the ARP entry is not added.
audit-trail audit-trail [all] Description This command enables an audit trail. Syntax Parameter Description all Enables audit trail for all commands, including enable mode commands. The audit-trail command without this option enables audit trail for all commands in configuration mode. Usage Guidelines By default, audit trail is enabled for all commands in configuration mode. Use the show audit-trail command to display the content of the audit trail.
backup backup {flash|pcmcia} Description This command backs up compressed critical files in flash. Syntax Parameter Description flash Backs up flash directories to flashbackup.tar.gz file. pcmcia Backs up flash images to external PCMCIA flash card. This option can only be executed on controllers that have a PCMCIA slot. Usage Guidelines Use the restore flash command to untar and uncompress the flashbackup.tar.gz file. Example The following command backs up flash directories to the flashbackup.tar.
banner motd banner motd Description This command defines a text banner to be displayed at the login prompt when a user accesses the controller. Syntax Parameter Description Range Indicates the beginning and end of the banner text. — The text you want displayed. up to 1023 characters Usage Guidelines The banner you define is displayed at the login prompt to the controller. The banner is specific to the controller on which you configure it.
Command History This command was introduced in ArubaOS 1.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
boot boot cf-test [fast | read-only | read-write] config-file remote-node [all|ip-address
The following command uses system partition 1 the next time the controller boots: boot system partition 1 Command History Modification ArubaOS 1.0 Introduced for the first time. ArubaOS 6.0 The remote-node parameter was introduced. ArubaOS 6.2 The remote-node parameter was deprecated. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
cellular profile cellular profile dialer driver acm|hso|option|sierra|ptumlusbnet import modeswitch {eject }|rezero no priority <1-255> serial tty user password vendor product Description Create new profiles to support new USB modems or to customize USB characteristics. Syntax Parameter Description cellular profile Enter the keywords cellular profile followed by your profile name.
Parameter Description priority <1-255> Enter the keyword priority to override the default cellular priority (100). Range: 1 to 255. Default: 100 serial Enter the keyword serial followed by the USB device serial number tty Enter the keyword tty followed by the Modem TTY port (i.e. ttyUSB0, ttyACM0) user password Enter the keyword user followed by your login, and then enter the keyword password followed by your password to establish user name authentication.
cfgm cfgm {set config-chunk |set heartbeat |set maximum-updates |snapshottimer |sync-command-blocks |sync-typecomplete|sync-type snapshot} Description This command configures the configuration module on the master controller. Syntax Parameter Description Range Default set config-chunk Maximum packet size, in Kilobytes, that is sent every second to the local controller whenever the master controller sends a configuration to the local.
Example The following command sets the maximum packet size as 20 KB per second whenever the master controller sends a configuration to the local : (host) (config) #cfgm set config-chunk 20 Command History This command was introduced in ArubaOS 3.1. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
clear clear aaa acl airgroup {server|statistics|user} ap arm arp counters crypto datapath dot1x fault gab-db ip ipc ipv6 lldp loginsession master-local-entry master-local-session port provisioning-ap-list provisioning-params rap-wml update-counter upgrade-images voice vpdn web-cc cache web-cc stats wms Description This command clears various user-configured values from your running configuration.
Parameter Description load-balance Clear load balance statistics. Parameters: l statistics — Clear load balance statistics. multiple-server-accounting Clear multiple server accounting statistics. Parameters: l statistics — Clear multiple server accounting statistics. state Clear internal status of authentication modules. Parameters: l configuration — Clear all configured objects. l debug-statistics — Clear debug statistics. l messages — Clear authentication messages that were sent and received.
Parameter Description l l l mesh Clear all mesh commands. port Toggle the link on the specified port. remote flash-config Clears the flash configuration from a specified AP. An AP can be specified by ap-name, BSSID, IPv4 address, or IPv6 address. arm Clear the following types of ARM client match information l l client-match-summary client-match-unsteerable arp Clear all ARP table information. You can either clear all information or enter the IP address of the ARP entry to clear a specific value.
Parameter Description l l l l l l l l l l l route {counters} route-cache {A.B.C.D|counters} session {counters} ssl {counters} station {counters} tcp {counters} tunnel {counters} user {counters} web-cc {counters} wifi-reassembly {counters} wmm {counters} dot1x Clears all 802.1X specific counters and supplicant statistics. Use the following parameters: l counters l supplicant-info fault Clears all SNMP fault configuration. gap-db Clears global AP database.
Parameter Description port Clear all port statistics that includes link-event counters or all counters. Use the following parameters: l link-event l stats provisioning-ap-list Clear AP entries from the provisioning list. provisioning-params Clear provisioning parameters and reset them to the default configuration values. rap-wml Clear wired MAC lookup cache for a DB server. update-counter Clear all update counter statistics.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The following MLD parameters are added to the ipv6 option: l mld group l mld stats-counters ArubaOS 6.3 l l l l l ArubaOS 6.4 l l ArubaOS 6.4.2.0 l l The device-id-cache, load-balance, multiple-server-accounting parameters were introduced under aaa parameter. The airgroup parameter was introduced. The dhcp binding parameter under ipv6 was introduced. The proxy-mobilty-group parameter under mld was introduced.
clear wms wired-mac clear wms wired-mac [ all | gw-mac | monitored-ap-wm | prop-eth-mac | regap-oui | system-gw-mac | system-wired-mac | wireless-device ] Description Clear learned and collected Wired MAC information. Optionally, enter the MAC address, in nn:nn:nn:nn:nn:nn format, of the AP that has seen the Wired Mac. Syntax Description all Clear all the learned and collected wired Mac information.
clock append clock clock append Description This command enables the timestamp feature, adding a date and time to the output of show commands. Syntax No parameters. Usage Guidelines When you enable the timestamp feature, the command-line interface includes a timestamp in the output of each show command indicating when the show command was issued. Note that the output of show clock and show log do not include timestamps, even when this feature is enabled.
clock set clock clock set Description This command sets the date and time. Syntax Parameter Description Range year Sets the year. Requires all 4 digits. Numeric month Sets the month. Requires the first three letters of the month. Alphabetic day Sets the day. 1-31 time Sets the time. Specify hours, minutes, and seconds separated by spaces. Numeric Usage Guidelines You can configure the year, month, day, and time. You must configure all four parameters.
clock summer-time recurring clock summer-time [recurring] <1-4> first last <1-4> first last [<-23 - 23>] Description Set the software clock to begin and end daylight savings time on a recurring basis. Syntax Parameter Description Range WORD Enter the abbreviation for your time zone.
You also have the option to set the number of hours by which to offset the clock from UTC. This has the same effect as the clock timezone command. Example The following example sets daylight savings time to occur starting at 2:00 AM on Sunday in the second week of March, and ending at 2:00 AM on Sunday in the first week of November. The example also sets the name of the time zone to PST with an offset of UTC - 8 hours.
clock timezone clock timezone <-23 to 23> Description This command sets the time zone on the controller. Syntax Parameter Description Range Name of the time zone. 3-5 characters -23 to 23 Hours offset from UTC. -23 to 23 Usage Guidelines The name parameter can be any alphanumeric string, but cannot start with a colon (:). A time zone name longer than five characters is not accepted.
cluster-member-custom-cert cluster-member-custom-cert member-mac ca-cert server-cert suite-b ] Description This command sets the controller as a control plane security cluster root, and specifies a custom user-installed certificate for authenticating cluster members.
Related Commands Parameter Description Mode control-plane-security Configure the control plane security profile. Config mode show cluster-config Show the multi-master cluster configuration for the control plane security feature. Enable mode show cluster-switches Issue this command on a master controller using control plane security in a multi-master environment to show other the other controllers to which it is connected. Enable mode Command History. Introduced in ArubaOS 6.1.
cluster-member-factory-cert cluster-member-factory-cert member-mac Description This command sets the controller as a control plane security cluster root, and specifies a custom user-installed certificate for authenticating cluster members.
Command History Introduced in ArubaOS 6.1. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on cluster root controllers Dell Networking W-Series ArubaOS 6.4.
cluster-member-ip cluster-member-ip ipsec Description This command sets the controller as a control plane security cluster root, and specifies the IPsec key for a cluster member. Syntax Parameter Description Switch IP address of a control plane security cluster member. You can also use the IP address 0.0.0.0 to set a single IPsec key for all cluster members.
Related Commands Parameter Description Mode control-plane-security Configure the control plane security profile. Config mode show cluster-config Show the multi-master cluster configuration for the control plane security feature. Enable mode show cluster-switches Issue this command on a master controller using control plane security in a multi-master environment to show other the other controllers to which it is connected. Enable mode Command History Introduced in ArubaOS 5.0.
cluster-root-ip cluster-root-ip ipsec ipsec-custom-cert root-mac1 [root-mac2 ] ca-cert server-cert [suite-b ] ipsec-factory-cert root-mac-1 [root-mac-1 ] Description This command sets the controller as a control plane security cluster member, and defines the IPsec key or certificate for secure communication between the cluster member and the controller’s cluster root.
each cluster member, which in turn certifies their own local controllers and APs. Since all controllers and APs in the cluster get their certificates from the cluster root, they will all have the same trust anchor, and the APs can switch to any other controller in the cluster and still remain connected to the secure network.
configure terminal configure terminal Description This command allows you to enter configuration commands. Syntax No parameters. Usage Guidelines Upon entering this command, the enable mode prompt changes to: (host) (config) # To return to enable mode, enter Ctrl-Z or exit. Example The following command allows you to enter configuration commands: (host) # configure terminal Command History This command was introduced in ArubaOS 3.0.
control-plane-security control-plane-security auto-cert-allow-all auto-cert-allowed-addrs auto-cert-prov cpsec-enable no ... Description Configure the control plane security profile by identifying APs to receive security certificates. Syntax Parameter Description auto-cert-allow-all When you issue the controlplane-security auto-cert-allowall command, the controller will send a certificate to all associated APs when auto certificate provisioning is enabled.
Usage Guidelines Controllers enabled with control plane security will only send certificates to APs that you have identified as valid APs on the network. If you are confident that all campus APs currently on your network are valid APs, you can configure automatic certificate provisioning to send certificates from the controller to each campus AP, or to all campus APs within a specific range of IP addresses.
controller-ip controller-ip [loopback|vlan ] no ... Description This command sets the controller IP to the loopback interface address or a specific VLAN interface address. Syntax Parameter Description Default loopback Sets the controller IP to the loopback interface. disabled vlan Set the controller IP to a VLAN interface. — Specifies the VLAN interface ID.
controller-ipv6 controller-ipv6 [loopback|vlan ] no ... Description This command sets the default IPv6 address of the controller to the IPv6 loopback interface address or a specific VLAN interface address. Syntax Parameter Description Default loopback Sets the controller IP to the loopback interface. disabled vlan Set the controller IP to a VLAN interface. — Specifies the VLAN interface ID.
copy copy flash: {flash: | scp: tftp: | usb: partition {0|1} } ftp: system: partition {0|1} | running-config {flash: | ftp: [] | startup-config | tftp: } | scp: {flash: | system: partition [0|1]}| startup-config {flash: | tftp: }
Parameter Description ftp: Using FTP, copy the configuration to an FTP server. NOTE: Using this parameter, a password is required to access the FTP server. The password is masked, and must be entered in a separate line. Specify the IP address of the FTP server. User account name required to access the FTP server. Specify a remote directory, if needed. startup-config Copy the active, running configuration to the start-up configuration.
Parameter Description Specify the new name of the copied file. system Copy the file to the system partition. usb: Copy a file from an attached USB device to the flash file system. partition Specify the partition on the USB device. Full name of the file to be copied. flash: Copy the file to the flash file system Specify the new name of the copied file.
startup configuration file is named default.cfg: (host) (config) #copy tftp: 192.0.2.0 engineering flash: default.bak copy flash: default.bak flash: default.cfg Command History This command was introduced in ArubaOS 1.0. Modification ArubaOS 1.0 Introduced for the first time. ArubaOS 6.2 The USB parameters introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config modes on master controllers Dell Networking W-Series ArubaOS 6.4.
cp-bandwidth-contract cp-bandwidth-contract {mbits <1..2000>}|{kbits <256..2000000>} Description This command configures a bandwidth contract traffic rate which can then be associated with a whitelist session ACL. Syntax Parameter Description Name of a bandwidth contract. mbits <1..2000> Set a bandwidth rate inn mbits/seconds. kbits <256..2000000> Set a bandwidth rate in kbits/seconds.
crypto-local ipsec sa-cleanup crypto-local ipsec sa-cleanup Description Issue this command to clean IPsec security associations (SAs). Syntax No parameters Usage Guidelines Use this command to remove old IPsec security associations if remote APs on your network still use an old SA after upgrading to a newer version of ArubaOS. Command History This command was introduced in ArubaOS 6.1.
crypto dynamic-map crypto dynamic-map disable no ... set pfs {group1|group2|group14|group19|group20} set security-association lifetime kilobytes set security-association lifetime seconds set transform-set [] [] [] version v1|v2 Description This command configures a new or existing dynamic map. Syntax Parameter Description Range Default Name of the map. — — Priority of the map.
Parameter Description Range Default set transform-set Name of the transform set for this dynamic map. You can specify up to four transform sets. You configure transform sets with the crypto ipsec transform-set command. — defaulttransform version Specify the version of IKE protocol the controller uses to set up a security association (SA) in the IPsec protocol suite l v1:IKEv1 l v2: IKEv2 — v1 Usage Guidelines Dynamic maps enable IPsec SA negotiations from dynamically addressed IPsec peers.
crypto ipsec crypto ipsec mtu transform-set esp-3des|esp-aes128|esp-aes128-gcm|esp-aes192|espaes256|esp-aes256-gcm|esp-des esp-md5-hmac|esp-null-hmac|esp-sha-hmac} Description This command configures IPsec parameters. Syntax Parameter Description mtu Configure the IPsec Maximum Transmission Unit (MTU) size. The supported range is 1024 to 1500 and the default is 1500. transform-set Create or modify a transform set.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The esp-aes128-gcm and esp-aes256-gcm transform-set parameters were introduced. Command Information Platforms Licensing Command Mode All platforms The esp-aes128-gcm and esp-aes56-gcm transform-set parameters require the Advanced Cryptography (ACR) license. All other parameters are available in the base OS. Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
crypto isakmp crypto isakmp address netmask } disable eap-passthrough eap-mschapv2|eap-peap|eap-tls enable groupname key address netmask udpencap-behind-natdevice enable|disable packet-dump Description This command configures Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Syntax Parameter Description address Configure the IP address for the group key.
Parameter Description udpencap-behind-natdevice Configure NAT-T if controller is behind NAT device. (For Windows VPN Dialer only) enable Enable Nat-T. This is the recommended setting if the controller is behind a NAT device. disable Disable Nat-T. packet-dump Issue this command in enable mode to troubleshoot an IPsec tunnel establishment by looking at the packet exchanges between the controller and the remote AP or the other IPsec peer. The packet dump output is saved to a file named ike.pcap.
crypto isakmp block-aruba-ca crypto-local isakmp block-aruba-ca enable disable Description This command configures the controller to accept or reject Dell certified clients. Syntax Parameter Description enable Accept Dell certified client certificates. disable Reject Dell certified client certificates and use custom certificates instead. Example This command configures a CA certificate: crypto-local isakmp block-aruba-ca enable Command History This command was introduced in ArubaOS 6.3.
crypto isakmp policy crypto isakmp policy authentication pre-share|rsa-sig|ecdsa-256|ecdsa-384 disable|enable [bypass|secret] encryption 3DES|AES128|AES192|AES256|DES group 1|2|14|19|20 hash md5|sha|sha1-96|sha2-256-128|sha2-384-192 prf PRF-HMAC-MD5|PRF-HMAC-SHA1|PRF-HMAC-SHA256|PRF-HMAC-SHA384 lifetime no disable version v1|v2 Description This command configures Internet Key Exchange (IKE) policy parameters for the Internet Security Association and Key Management Protocol (ISAKMP).
Parameter Description group Configure the IKE Diffie Hellman group. 1 Use the 768-bit Diffie Hellman prime modulus group. This is the default group setting. 2 Use the 1024-bit Diffie Hellman prime modulus group. 14 Use the 2048-bit Diffie Hellman DDH prime modulus group. 19 Use the 256-bit random Diffie Hellman ECP modulus group. 20 Use the 384-bit random Diffie Hellman ECP modulus group hash md5 Use MD5 as the hash algorithm. sha Use SHA-1 as the hash algorithm.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The following parameters were introduced. l authentication ecdsa-256 l authentication ecdsa-384 l hash sha1-96 l hash sha2-256-128 l hash sha2-384-192 l prf ArubaOS 6.3 The Diffie-Hellman group 14 parameter was introduced. ArubaOS 6.4 The disable/enable and no parameters were introduced.
crypto-local ipsec-map crypto-local crypto-local ipsec-map
Parameter Description Range Default peer-ip If you are using IKEv1 to establish a siteto-site VPN to a statically addressed remote peer, identify the peer device by enteringIP address of the peer gateway. NOTE: If you are configuring an IPsec map for a static-ip controller with a dynamically addressed remote peer, you must leave the peer gateway set to its default value of 0.0.0.0.
Parameter Description Range Default IKEv2 only) set security-association lifetime Configures the lifetime for the security association (SA). set seconds In seconds 300-86400 7200 seconds kilobytes In kilobytes 1000 1000000000 — set server-certificate User-defined name of a server certificate installed in the controller. Use the show crypto-local pki ServerCert command to display the server certificates that have been imported into the controller.
Table 6: Default IKE Policy Settings Authentica -tion Method Policy Number IKE Version Encryption Algorithm Hash Algorithm Default protection suite 10001 IKEv1 3DES-168 SHA 160 Pre-Shared Key N/A 2 (1024 bit) Default RAP Certificate protection suite 10002 IKEv1 AES -256 SHA 160 RSA Signature N/A 2 (1024 bit) Default RAP PSK protection suite 10003 AES -256 SHA 160 Pre-Shared Key N/A 2 (1024 bit) Default RAP IKEv2 RSA protection suite 1004 IKEv2 AES -256 SSHA160 RSA Signature
Policy Name Policy Number IKE Version Encryption Algorithm Hash Algorithm Authentica -tion Method PRF Method DiffieHellman Group Default Suite-B 256 bit ECDSA protection suite 10009 IKEv2 AES -256 SHA 384192 ECDSA-384 Signature hmacsha2-384 Random ECP Group (384 bit) Default Suite-B 128bit IKEv1 ECDSA protection suite 10010 IKEv1 AES-GCM128 SHA 256128 ECDSA-256 Signature hmacsha2-256 Random ECP Group (256 bit) Default Suite-B 256-bit IKEv1 ECDSA protection suite 10011 IKEv1 AES-GC
For a static IP controller that responds to IKE Aggressive-mode for Site-Site VPN: (host) (config)crypto-local ipsec-map src-net dst-net peer-ip 0.0.0.
crypto-local isakmp ca-certificate crypto-local isakmp ca-certificate Description This command assigns the Certificate Authority (CA) certificate used to authenticate VPN clients. Syntax Parameter Description ca-certificate User-defined name of a trusted CA certificate installed in the controller. Use the show crypto-local pki TrustedCA command to display the CA certificates that have been imported into the controller. Usage Guidelines You can assign multiple CA certificates.
crypto-local isakmp certificate-group crypto-local isakmp certificate-group server-certificate ca-certificate Description The command configures an IKE Certificate Group for VPN Clients. Syntax Parameter Description Range Default server-certificate The IKE server certificate name for VPN clients. 1-64 characters — ca-certificate The IKE CA Certificate for this server certificate.
crypto-local isakmp disable-aggressive-mode crypto-local isakmp disable-aggressive-mode Description The command disables the IKEv1 aggressive mode. Syntax No parameters. Usage Guidelines The master-local communication by default uses IPsec aggressive mode when a PSK is used for authentication between controllers. You need to convert master-local communication to certificate-based IPsec authentication before disabling aggressive mode.
crypto-local isakmp dpd crypto-local isakmp dpd idle-timeout retry-timeout retry-attempts Description This command configures IKE Dead Peer Detection (DPD) on the local controller. Syntax Parameter Description Range Default idle-timeout Idle timeout, in seconds. 10-3600 22 seconds retry-timeout Retry interval, in seconds. 2-60 2 seconds retry-attempts Number of retry attempts.
crypto-local isakmp key crypto-local isakmp key {address netmask }|{fqdn } |fqdn-any Description This command configures the IKE preshared key on the local controller for site-to-site VPN. Syntax Parameter Description key IKE preshared key value, between 6-64 characters. To configure a pre-shared key that contains non-alphanumeric characters, surround the key with quotation marks. For example: crypto-local isakmp key “key with spaces” fqdn-any.
crypto-local isakmp permit-invalid-cert crypto-local isakmp permit-invalid-cert Description This command allows invalid or expired certificates to be used for site-to-site VPN. Syntax No parameters. Usage Guidelines This command allows invalid or expired certificates to be used for site-to-site VPN. Command History This command was introduced in ArubaOS 3.2.
crypto-local isakmp sa-cleanup crypto-local isakmp sal-cleanup Description This command enables the cleanup of IKE SAs. Syntax No parameters. Usage Guidelines This command removes expired ISAKMP SAs from the controller. Command History This command was introduced in ArubaOS 6.1. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master and local controllers 293 | crypto-local isakmp sa-cleanup Dell Networking W-Series ArubaOS 6.4.
crypto-local isakmp server-certificate crypto-local isakmp server-certificate Description This command assigns the server certificate used to authenticate the controller for VPN clients using IKEv1 or IKEv2 Syntax Parameter Description server-certificate User-defined name of a server certificate installed in the controller. Use the show crypto-local pki ServerCert command to display the server certificates that have been imported into the controller.
crypto-local isakmp xauth crypto-local isakmp xauth Description This command enables IKE XAuth for VPN clients. Syntax No parameters. Usage Guidelines The no crypto-local isakmp xauth command disables IKE XAuth for VPN clients. This command only applies to VPN clients that use certificates for IKE authentication. If you disable XAuth, then a VPN client that uses certificates will not be authenticated using username/password. You must disable XAuth for Cisco VPN clients using CAC Smart Cards.
crypto-local pki crypto-local pki CRL IntermediateCA OCSPResponderCert OCSPSignerCert PublicCert ServerCert TrustedCA global-oscp-signer-cert rcp Issue this command to configure a local certificate, OCSP signer or responder certificate and Certificate Revocation List (CRL). You can also list revocation checkpoints and enable the responder service.
Parameter Description Name of the signer certificate. Original imported filename of the signer certificate. TrustedCA Trusted CA certificate. This can be either a root CA or intermediate CA. Dell encourages (but does not require) an intermediate CA’s signing CA to be the controller itself. Name of the signer certificate. Original imported filename of the signer certificate.
Related Commands Command Description Mode crypto-local pki rcp Specifies the certificates that are used to sign OCSP responses for this revocation check point Config mode show crypto-local pki This command shows local certificate, OCSP signer or responder certificate and CRL data and statistics. Config mode Command History Version Modification ArubaOS 3.2 Command introduced. ArubaOS 6.
crypto-local pki rcp crypto-local pki rcp [crl-location ]|[enable-ocsp-responder]|[ocsp-responder-cert ]|[ocsp-signer-cert ]| [ocsp-url ]|[revocation-check [None||]] Description Use this command to specify the certificates used to sign OCSP for the revocation check point. Syntax Parameter Description rcp Specifies the revocation check point.
Parameter Description performed for certificates being verified against this trusted CA. l CRL- CRL is used for the revocation check method. l OCSP- OCSP is used for the revocation check method. You can configure one fallback method. Usage Guidelines This command lets you configure the check methods that are used for this revocation check point..
Command History Version Modification ArubaOS 3.2 Command introduced. ArubaOS 6.1 The following parameters were introduced: l CRL l Intermediate CA l OCSPResponderCert l OCSPSignerCert l global-ocsp-signer-cert l rcp l service-ocsp-responder Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
crypto map global-map crypto map global-map ipsec-isakmp {dynamic }|{ipsec } Description This command configures the default global map. Syntax Parameter Description dynamic } ipsec Use a dynamic map. Name of the dynamic map. Use a IPsec map. Name of an IPsec map. Usage Guidelines This command identifies the dynamic or ipsec map used as the default global map.
crypto crypto pki csr {rsa key_len |{ec curve-name } common_name country state_or_province city organization unit email expirycheck Description Generate a certificate signing request (CSR) for the captive portal feature.
Display the CSR output by entering the command show crypto pki csr. Note that this command only generates CSR on a controller running ArubaOS 3.x or later. Earlier versions require that you generate the certificate externally. Example The following command configures a CSR for a user with the email address jdoe@example.com. (host)(config) #crypto pki csr key 1024 common_name www.example.lcom country US state_or_ province ca city Sunnyvale organization engineering unit pubs email jdoe@example.
crypto pki-import crypto pki-import {der|pem|pfx|pkcs12|pkcs7} {CRL|IntermediateCA|OCSPResponderCert|OCSPSignerCert|PublicCert|ServerCert|TrustedCA} Description Import certificates for the captive portal feature. Syntax Parameter Description der Import the following certificates in DER format. CRL Import a CRL. IntermediateCA Import an intermediate CA certificate. OCSPResponderCert Import an OCSP Responder certificate.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The CRL, IntermediateCA, OCSPResponderCert, OCSPSignerCert parameters were added. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 307 | crypto pki-import Dell Networking W-Series ArubaOS 6.4.
database synchronize database synchronize period |captive-portal-custom Description This command manually synchronizes the database between a pair of redundant master controllers Syntax Parameter Description captive-portal custom Includes custom captive portal files.. period Configures the interval for automatic database synchronization. Interval in minutes. Range is 1 — 25200 minutes. Usage Guidelines This command takes effect immediately.
delete delete {filename |ssh-host-addr |ssh-known-hosts} Description This command deletes a file or RSA signature entry from flash. Syntax Parameter Description filename Name of the file to be deleted. ssh-host-addr Deletes the entry stored in flash for the RSA host signature created when you run the copy scp command. ssh-known -hosts Deletes all entries stored in flash for the RSA host signatures created when you run the copy scp command.
destination destination [invert] Description This command configures the destination name and address. Syntax Parameter Description Range STRING Destination name. Alphanumeric A.B.C.D Destination IP address or subnet. — invert Specifies all destinations except this one. — Usage Guidelines You can configure the name and IP address of the destination. You can optionally configure the subnet, or invert the selection.
dialer group crypto-local dialer group dial-string init-string no ... Description Configure a dialer group with dialing parameters for a USB modem. Syntax Parameter Description dial-string The dial string column specifies the number to dial. init-string The init string can contain carrier-specific dialing options for the USB modem. You can often find these settings in online forums or from your ISP.
dir dir Description This command displays a list of files stored in the flash file system. Syntax No parameters. Usage Guidelines Use this command to view the system files associated with the controller. Output from this command includes the following: l The first column contains ten place holders that display the file permissions. n First place holder: Displays - for a file or d for directory.
dot1x high-watermark <1-32000> stm-throttling percent no ... Use this command only under the supervision of Dell support. Description Use this command under the guidance of Dell support to configure the maximum and minimum thresholds of the table that contains 802.1X sessions being processed. Syntax Parameter Description high-watermark The maximum entries in the Active table.
dpi dpi custom-app global-bandwidth-contract {app [downstream |upstream][kbits|mbits }| {appcategory [downstream |upstream][kbits|mbits } Description This command configures Deep-Packet Inspection and the global bandwidth contract for an application or application category for the AppRF feature. Syntax Parameter Description custom-app The application or application category. Name of the application or application category.
Command History Introduced in ArubaOS 6.4 Command Information 315 | dpi Platform License Command Mode Available on all platforms Available in the base operating system Config mode on local or master controllers Dell Networking W-Series ArubaOS 6.4.
dynamic-ip dynamic-ip restart Description This command restarts the PPPoE or DHCP process. Syntax No parameters. Usage Guidelines This command can be used to renegotiate DHCP or PPPoE parameters. This can cause new addresses to be assigned on a VLAN where the DHCP or PPPoE client is configured. Command History This command was introduced in ArubaOS 3.
eject usb eject usb: Description Use this command to eject a USB device from your controller. Usage Guidelines Use this command to safely remove an external USB device, Example (host) #eject usb: Command History Command introduced in ArubaOS 6.2 Command Information Platform License Command Mode Available on all platforms Available in the base operating system User mode on master or local controllers in enable mode. 317 | eject usb Dell Networking W-Series ArubaOS 6.4.
enable enable Description This user mode command switches the controller into enable mode. The enable mode allows you to access privileged commands. Usage Guidelines To enter enable mode, you are prompted for the password configured during the controller’s initial setup. Passwords display as asterisks (*) when you enter them. To change the password, use the config mode enable secret command.
enable bypass enable bypass no enable bypass Description This config mode command allows you to bypass the enable password prompt and go directly to the privileged command mode. Usage Guidelines Use this command when you want to access the privileged mode directly after logging in to the controller and not be prompted to enter an enable mode password. To restore the enable mode password prompt, use the config mode command. no enable bypass.
enable secret enable secret Description This config mode command allows you to change the password for enable mode. Usage Guidelines Use this command to change the password for enable mode. To reset the password to the factory default of “enable”, use the no enable command. The password must not contain a space and special characters. Example The following example allows you to change the password for enable mode. (host) #configure terminal Enter Configuration commands, one per line.
encrypt encrypt {disable|enable} Description This command allows passwords and keys to be displayed in plain text or encrypted. Syntax Parameter Description Default disable Passwords and keys are displayed in plain text — enable Passwords and keys are displayed encrypted enabled Usage Guidelines Certain commands, such as show crypto isakmp key, display configured key information. Use the encrypt command to display the key information in plain text or encrypted.
esi group esi group [no]|[ping ]|[server ] Description This command configures an ESI group. Syntax Parameter Description no Negates any configured parameter. ping Specify the name of a set of ping checking attributes defined via the command esi ping. Only one set is allowed. server Specify the name of a server to be added or removed from the ESI group. You define ESI servers via the command esi server.
esi parser domain esi parser domain [no] | [peer ] | [server ] Description This command configures an ESI syslog parser domain. Syntax Parameter Description no Negates any configured parameter peer (Optional.) Specify the IP address of an another controller in this domain. These controllers are notified when the user cannot be found locally.
esi parser rule esi parser rule [condition ] | [domain ] | [enable] [match {ipaddr | mac | user }] | [no] | [position ] | [set {blacklist | role } | [test {msg | file }] Description This command creates or changes an ESI syslog parser rule. Syntax Parameter Description Range Default condition Specifies the REGEX (regular expression) pattern that uniquely identifies the syslog.
l User: The username identifier. It can be in the form of a name, MAC address, or IP address. l Action: The action to take when a rule match occurs. Once a condition match occurs, no further rule-matching will be made. For the matching rule, only one action can be defined. For more details on the character-matching operators, repetition operators, and expression anchors used to defined the search or match target, refer to the External Services Interfacechapter in the Dell Networking WSeries ArubaOS 6.4.
Command History Introduced in ArubaOS 3.1 Command Information Platform License Command Mode Available on all platforms. Requires the PEFNG license Config mode on master and local controllers 327 | esi parser rule Dell Networking W-Series ArubaOS 6.4.
esi parser rule-test esi parser rule-test [file ] | [msg ] Description This command allows you to test all of the enabled parser rules. Syntax Parameter Description file Tests against a specified file containing more than one syslog message. msg Tests against a syslog message, where is the message text. Usage Guidelines You can test the enabled parser rules against a syslog message input, or run the expression through a file system composed of syslog messages.
Command History Introduced in ArubaOS 3.1 Command Information Platform License Command Mode Available on all platforms Requires the PEFNG license Config mode on master and local controllers 329 | esi parser rule-test Dell Networking W-Series ArubaOS 6.4.
esi ping esi ping [frequency ] | [no] | [retry-count ] | [timeout ] | Description This command specifies the ESI ping health check configuration. Syntax Parameter Description Range Default frequency Specifies the ping frequency in seconds. 1–65536 no Negates any configured parameter — — retry-count Specifies the ping retry count 1–65536 2 timeout Specifies the ping timeout in seconds.
esi server esi server [dport ] | [mode {bridge | nat | route}] | [no] | [trusted-ip-addr [health-check]] | [trusted-port ] | [untrusted-ip-port [health-check]] | [untrusted-port ] Description This command configures an ESI server. Syntax Parameter Description dport Specifies the NAT destination TCP/UDP port. mode Specifies the ESI server mode of operation: bridge, nat, or route no Negates any configured parameter.
Command Information Platform License Command Mode Available on all platforms Requires the PEFNG license Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.4.
exit exit Description This command exits the current CLI mode. Syntax No parameters. Usage Guidelines Upon entering this command in a configuration sub-mode, you are returned to the configuration mode. Upon entering this command in configuration mode, you are returned to the enable mode. Upon entering this command in enable mode, you are returned to the user mode. Upon entering this command in user mode, you are returned to the user login.
export export gap-db Description This command exports the global AP database to the specified file. Syntax Parameter Description Name of the file to which the global AP database is exported. Usage Guidelines This command is intended for system troubleshooting. You should run this command only when directed to do so by a Dell support representative. The global AP database resides on a master controller and contains information about known APs on all controllers in the system.
file syncing profile file syncing profile file-syncing-enable no sync-time Description This command allows the user to configure the file syncing profile. Syntax Parameter Description Range Default file-syncing-enable Enables file syncing on the controller. — enabled no Negates any configured parameter. — — sync-time Configures the time, in minutes, between file syncs. 30 - 180 30 minutes Usage Guidelines This command enables or disables the file syncing.
fips fips [disable|enable] This command applies only to the FIPS version of ArubaOS. Description This command enables and disables the FIPS mode of operation. Syntax Parameter Description enable Enables the FIPS mode of operation. disable Disables the FIPS mode of operation. Usage Guidelines This command enables or disables the FIPS mode of operation. You can view the FIPS mode of operation status using the show fips command.
firewall firewall allow-stun allow-tri-session amsdu attack-rate arp <1-16384> {blacklist|drop} cp <1-16384> grat-arp <1-16384> {blacklist|drop} ping <1-16384> session <1-16384> tcp-syn <1-16384> bwcontracts-subnet-broadcast cp cp-bandwidth-contract deny-inter-user-bridging deny-inter-user-traffic deny-source-routing disable-ftp-server disable-stateful-h323 disable-stateful-sccp-processing disable-stateful-sip-processing disable-stateful-sips-processing disable-stateful-ua-processing disable-stateful-vocera
Syntax Parameter Description Range Default allow-stun Allows ICE-STUN based firewall traversal. — enabled allow-tri-session Allows three-way session when performing destination NAT. This option should be enabled when the controller is not the default gateway for wireless clients and the default gateway is behind the controller. This option is typically used for captive portal configuration.
Parameter Description Range Default deny-inter-user-bridging Prevents the forwarding of Layer2 traffic between wired or wireless users. You can configure user role policies that prevent Layer3 traffic between users or networks but this does not block Layer2 traffic. This option can be used to prevent traffic, such as Appletalk or IPX from being forwarded. If enabled, traffic (all non-IP traffic) to untrusted port or tunnel is also blocked.
Parameter Description Range Default dpi Enables Deep-Packet Inspection (DPI) — disabled drop-ip-fragments When enabled, all IP fragments are dropped. You should not enable this option unless instructed to do so by a Dell representative. — disabled enable-bridging Enables bridging when the controller is in factory default. — disabled enable-per-packet-logging Enables logging of every packet if logging is enabled for the corresponding session rule. Normally, one event is logged per session.
Parameter Description Range Default log-icmp-error Logs received ICMP errors. You should not enable this option unless instructed to do so by a Dell representative. — disabled prevent-dhcp-exhaustion Enable check for DHCP client hardware address against the packet source MAC address. This command checks the frame's source-MAC against the DHCPv4 client hardware address and drops the packet if it does not match.
Parameter Description Range Default NOTE: Best practices is to enable this parameter only during maintenance window or off-peak production hours. session-voip-timeout Idle session timeout, in seconds, for sessions that are marked as voice sessions. If no voice packet exchange occurs over a voice session for the specified time, the voice session is removed.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 3.2 The wmm-voip-content-enforcement parameter was introduced. ArubaOS 3.3 The session-mirror-destination parameter was modified. ArubaOS 3.3.2 The local-valid-users parameter was added. ArubaOS 3.4 The voip-proxy-arp parameter was renamed to broadcast-filter-arp and it does not require a Voice license. The prohibit-arp-spoofing parameter was added. The deny-inter-user-traffic parameter was added. ArubaOS 6.
Command Information Platform License Command Mode Available on all platforms Base operating system except the voip-wmm-voipcontent-enforcement parameter which requires the PEFNG license. Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
firewall cp firewall cp ipv4|ipv6 deny|permit |any|{host } proto{ ports }|ftp|http|https|icmp|snmp|ssh|telnet|tftp [bandwidth-contract ] no... Description This command creates whitelist session ACLs. Whitelist ACLs consist of rules that explicitly permit or deny session traffic from being forwarded or not to the controller.
Parameter tftp bandwidth-contract Description Range Default Specifies the Trivial File Transfer Protocol. — — Specify the name of a bandwidth contract defined via the cp-bandwidth-contract command. — — Usage Guidelines This command turns the session ACL from a blacklist to a whitelist. A rule must exist that explicitly permits the session before it is forwarded to the controller and the last rule in the list denies everything else.
firewall cp-bandwidth-contract firewall cp-bandwidth-contract {auth|route|sessmirr|trusted-mcast|trusted-ucast |untrusted-mcast|untrusted-ucast} Description This command configures bandwidth contract traffic rate limits, in packets per second, to prevent denial of service attacks. Syntax Parameter Description Range Default auth Specifies the traffic rate limit that is forwarded to the authentication process.
firewall-visibility firewall-visibility no ... Description Enables or disables policy enforcement firewall visibility feature. Syntax No parameters. Usage Guideline When you enable this feature, the Firewall Monitoring page on the Dashboard tab of the WebUI displays the summary of all sessions in the controller aggregated by users, devices, destinations, applications, WLANs, and roles. Example The following command enables firewall visibility.
gateway health-check disable gateway health-check disable Description Disable the gateway health check. Usage Guidelines The gateway health check feature can only be enabled by Dell Technical Support. This command disables the gateway health check, and should only be issued under the guidance of the support staff.
guest-access-email guest-access-email smtp-port smtp-server no... Description This command configures the SMTP server which is used to send guest email. Guest email is generated when a guest user account is created or when the Guest Provisioning user sends guest user account email a later time. Syntax Parameter Description Range Default smtp-port Identifies the SMTP port through which the guestaccess email is sent. — — The SMTP port number.
Command History Modification ArubaOS 3.4 Introduced for the first time. Command Information Platform License Command Mode Available on all platforms Available in the base operating system. Config mode on master controllers. Dell Networking W-Series ArubaOS 6.4.
ha ha group-membership group-profile ] clone controller role active|dual|standby controller-v6 role active|dual|standby heartbeat heartbeat-interval heartbeat-threshold no over-subscription pre-shared-key preemption state-sync Description This command configures the High Availability:Fast Failover feature by assigning controllers to a highavailability group, and defining the deployment role for each contr
Parameter Description faster AP failover from an active controller to a standby controller, especially in situations where the active controller reboots or loses connectivity to the network. heartbeat-interval Enter a heartbeat interval in the Heartbeat Interval field to define how often inter-controller heartbeats are sent.
controllers for that AP. This feature does not require that the active controller act the configuration master for the local standby controller . A master controller in a master-local deployment can act as an active or a standby controller . When the AP first connects to its active controller, that controller sends the AP the IP address of a standby controller, and the AP attempts to connect to the standby controller.
halt halt Description This command halts all processes on the controller. Syntax No parameters. Usage Guidelines This command gracefully stops all processes on the controller. You should issue this command before rebooting or shutting down to avoid interrupting processes. Command History Introduced in ArubaOS 3.0 Command Information Platform License Command Mode Available on all platforms Available in the base operating system. Enable mode on master and local controllers.
help help Description This command displays help for the CLI. Syntax No parameters. Usage Guidelines This command displays keyboard editing commands that allow you to make corrections or changes to the command without retyping. You can also enter the question mark (?) to get various types of command help: l When typed at the beginning of a line, the question mark lists all commands available in the current mode.
hostname hostname Description This command changes the hostname of the controller. Syntax Parameter Description Range Default hostname The hostname of the controller 1-63 See below Usage Guidelines The hostname is used as the default prompt. You can use any alphanumeric character, punctuation, or symbol character. To use spaces, plus symbols (+), question marks (?), or asterisks (*), enclose the text in quotes.
iap del branch-key iap del branch-key Description This command removes a branch from the controller based on the branch key. Syntax Parameter Description branch-key Key for the branch, which is unique to each branch. Example (host) (config) #iap del branch-key b3c65c4d013836cf190566ca1afdf87c95350cffb1c782e463 Related Commands Command Description show iap table This command displays the branch details connected to the controller. Command History Release Modification ArubaOS 6.
iap trusted-branch-db iap trusted-branch-db add {mac-address } allow-all del {mac-address } del-all Description This command is used to configure an IAP-VPN branch as trusted. Syntax Parameter Description add Configure an IAP trusted branch entry. mac-address MAC-address of an AP. allow-all Configure all branches as trusted. del Delete an IAP trusted branch entry. mac-address MAC-address of AP. Delete all trusted branch entries.
Command Information Platforms Licensing Command Mode All platforms Base operating system, except for noted parameters Enable or Configuration mode on master and local controller 361 | iap trusted-branch-db Dell Networking W-Series ArubaOS 6.4.
ids ap-classification-rule change id-classification-rule check-min-discovered-aps classify-to-type [neighbor | suspected-rogue] clone conf-level-incr discovered-ap-cnt match-ssids no snr-max snr-min ssid Description Configure the AP classification rule profile. Syntax Parameter Description Range Default Enter the AP classification rule profile name.
identified by its ASCII character string name (32 characters maximum). The AP classification rules have one of the following specifications: l SSID of the AP l SNR of the AP l Discovered-AP-Count or the number of APs that can see the AP Once you have created an AP classification rule, but must ienable it by adding it to the IDS AP Matching Rules profile: ids ap-rule-matching rule-name SSID specification Each rule can have up to 6 SSID parameters.
ids ap-rule-matching no rule-name Description Configure the IDS active AP rules profile by enabling an AP classification rule. Syntax Parameter Description no Negates any configured parameter rule-name Name of the IDS AP classification rule Usage Guidelines This command activates an active AP rule created by the ids ap-classification-rule change command. You must create the rule before you can activate it.
ids dos-profile ids ids dos-profile ap-flood-inc-time ap-flood-quiet-time ap-flood-threshold assoc-rate-thresholds auth-rate-thresholds block-ack-dos-quiet-time chopchop-quiet-time client-ht-40mhz-intol-quiet-time client-flood-inc-time client-flood-quiet-time client-flood-threshold client-ht-40mhz-intolerance clone cts-rate-quiet-time cts-rate-threshold cts-rate-time-interval deauth-rate-thresholds detect-ap-flood detect-
power-save-dos-quiet-time power-save-dos-threshold probe-request-rate-thresholds probe-response-rate-thresholds rts-rate-quiet-time rts-rate-threshold rts-rate-time-interval spoofed-deauth-blacklist tkip-replay-quiet-time Description This command configures traffic anomalies for denial of service (DoS) attacks. Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters.
Parameter Description Range Default client-ht-40mhz-intol-quiettime Controls the quiet time (when to stop reporting intolerant STAs if they have not been detected), in seconds, for detection of 802.11n 40 MHz intolerance setting. 60-360000 seconds 900 seconds client-flood-inc-time Number of consecutive seconds over which the client count is more than the threshold.
Parameter Description Range Default detect-disconnect-station In a station disconnection attack, an attacker spoofs the MAC address of either an active client or an active AP. The attacker then sends deauthenticate frames to the target device, causing it to lose its active association. Use this command to enable the detection of disconnect station attack.
Parameter Description Range Default detect-power-save-dos-attack Enable/disable detection of Power Save DoS attack true false enable detect-rate-anomalies Enable/disable detection of rate anomalies true false disable detect-rts-rate-anomaly Enable/disable detection of RTS rate anomaly true false disable detect-tkip-replay-attack Enable/disable detection of TKIP replay attack true false disable disassoc-rate-thresholds Rate threshold for disassociate frames.
Parameter Description Range Default malformed-association-requestquiet-time Time to wait, in seconds, after detecting a malformed association request after which the check can be resumed. 60-360000 seconds 900 seconds malformed-auth-frame-quiet-time Time to wait, in seconds, after detecting a malformed authentication frame after which the check can be resumed.
Parameter Description Range Default power-save-dos-threshold The Power Management ON packets sent by a station as a percentage of the Power Management OFF packets sent, in intervals of 10 second, which will trigger this event. 1- 100 % 80% probe-request-rate-thresholds Rate threshold for probe request frames. — — probe-response-rate-thresholds Rate threshold for probe response frames.
Command History Release Modification ArubaOS 3.0 Command Introduced. ArubaOS 3.3 Updated with support for high-throughput IEEE 802.11n standard. ArubaOS 3.4 detect-disconnect-sta and disconnect-sta-quiet-time parameters deprecated. ArubaOS 6.0 Deprecated predefined profiles and added numerous DoS profile options ArubaOS 6.1 Added the following parameter in support of Detection of the Meiners Power Save DoS attack, including event notification to the user.
ids general-profile ids general-profile adhoc-ap-inactivity-timeout adhoc-ap-max-unseen-timeout ap-inactivity-timeout ap-max-unseen-timeout clone ids-events [logs-and-traps | logs-only | none | traps-only] min-pot-ap-beacon-rate min-pot-ap-monitor-time mobility-manager-rtls mon-stats-update-interval no ...
Parameter Description Range Default min-pot-ap-beacon-rate Minimum beacon rate acceptable from a potential AP, in percentage of the advertised beacon interval. 0-100 25% min-pot-ap-monitor-time Minimum time, in seconds, a potential AP has to be up before it is classified as a real AP.
Parameter Description Range Default wireless-containment deauth-only none tarpit-all-sta tarpit-non-valid-sta Enable wireless containment including Tarpit Shielding. Tarpit shielding works by steering a client to a tarpit so that the client associates with it instead of the AP that is being contained.
Command Information Platform License Command Mode Available on all platforms Requires the RFprotect license. Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
ids impersonation-profile ids impersonation-profile ap-spoofing-quiet-time beacon-diff-threshold beacon-inc-wait-time beacon-wrong-channel-quiet-time clone detect-ap-impersonation detect-ap-spoofing detect-beacon-wrong-channel detect-hotspotter hotspotter-quiet-time no ... protect-ap-impersonation Description This command configures anomalies for impersonation attacks.
Parameter Description Range Default detect-beacon-wrong-channel Enable/disable detection of beacons advertising the incorrect channel — disable detect-hotspotter Enable/disable detection of the Hotspotter attack to lure away valid clients. — disable hotspotter-quiet-time Time to wait in seconds after detecting an attempt to Use the Hotspotter tool against clients. 60360000 seconds 900 seconds no Negates any configured parameter.
Command Information Platform License Command Mode Available on all platforms Requires the RFprotect license Config mode on master controllers 379 | ids impersonation-profile Dell Networking W-Series ArubaOS 6.4.
ids management-profile event-correlation [logs-and-traps | logs-only | none | traps-only] event-correlation-quiet-time Description Mange the event correlation. Syntax Parameter Description Range event-correlation logs-and-traps logs-only none traps-only Correlation mode for IDS event traps and syslogs (logs). Event correlation can be enabled with generation of correlated logs, traps, or both. To disable correlation, enter the keyword none.
ids profile ids profile clone dos-profile general-profile impersonation-profile no ... signature-matching-profile unauthorized-device-profile Description This command defines a set of IDS profiles. Syntax Parameter Description Default Name that identifies an instance of the profile. The name must be 1-63 characters. “default” clone Name of an existing IDS profile from which parameter values are copied.
signature-matching-profile sig1 unauthorized-device-profile unauth1 Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 6.0 Deprecated predefined profiles Deprecated Predefined Profile Deprecated Profile for levels: disabled, high, medium, and low l ids-disabled l ids-high-setting l ids-medium-setting l ids-low-setting Command Information Platform License Command Mode Available on all platforms Requires the RFprotect license Config mode on master controllers.
ids rate-thresholds-profile ids rate-thresholds-profile channel-inc-time channel-quiet-time channel-threshold clone no ... node-quiet-time node-threshold node-time-interval Description This command configures thresholds that are assigned to the different frame types for rate anomaly checking. Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters.
l Deauthentication frames l Probe Request frames l Probe Response frames l Authentication frames Example The following command configures frame thresholds: (host) (config) #ids rate-thresholds-profile Lobby (host) (IDS Rate Thresholds Profile "Lobby") #channel-threshold 250 Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 6.0 Deprecated predefined profiles Deprecated Predefined Profiles Deprecated the predefined profile with probe-request-response-threshold.
ids signature-matching-profile ids signature-matching-profile clone no ... signature Description This command contains defined signature profiles. Syntax Parameter Description Default Name that identifies an instance of the profile. The name must be 1-63 characters. “default” clone Name of an existing IDS signature matching profile from which parameter values are copied. — no Negates any configured parameter. — signature Name of a signature profile.
Command Information Platform License Command Mode Available on all platforms Requires the RFprotect license Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
ids signature-profile ids signature-profile bssid clone dst-mac frame-type {assoc|auth|beacon|control|data|deauth|disassoc|mgmt|probe-request|proberesponse no ... payload [offset ] seq-num src-mac Description This command configures signatures for wireless intrusion detection. Syntax Parameter Description Default Name that identifies an instance of the profile. The name must be 1-63 characters.
Parameter Description Default For beacon, probe-request, and probe-response frame types, specify the length, in bytes, of the SSID. Maximum length is 32 bytes. — no Negates any configured parameter. — payload Pattern at a fixed offset in the payload of an 802.11 frame. Specify the pattern to be matched as a string or hex pattern. Maximum length is 32 bytes. — When a payload pattern is configured, specify the offset in the payload where the pattern is expected to be found in the frame.
Command History Version Modification ArubaOS 3.0 Command Introduced Command Information Platform License Command Mode Available on all platforms Requires the RFprotect license Config mode on master controllers 389 | ids signature-profile Dell Networking W-Series ArubaOS 6.4.
ids unauthorized-device-profile ids unauthorized-device-profile adhoc-using-valid-ssid-quiet-time allow-well-known-mac [hsrp|iana|local-mac|vmware|vmware1|vmware2|vmware3] cfg-valid-11a-channel cfg-valid-11g-channel classification clone detect-adhoc-network detect-adhoc-using-valid-ssid detect-bad-wep detect-ht-greenfield detect-invalid-mac-oui detect-misconfigured-ap detect-sta-assoc-to-rogue detect-unencrypted-valid-client detect-valid-client-misassociation d
Syntax Parameter Description Range Defaul t Name that identifies an instance of the profile. The name must be 1-63 characters. — “default” adhoc-using-valid-ssid-quiettime Time to wait, in seconds, after detecting an adhoc network using a valid SSID, after which the check can be resumed. 60360000 900 seconds allow-well-known-mac Allows devices with known MAC addresses to classify rogues APs.
Parameter Description Range Defaul t cfg-valid-11a-channel List of valid 802.11a channels that thirdparty APs are allowed to use. 34-165 N/A cfg-valid-11g-channel List of valid 802.11b/g channels that thirdparty APs are allowed to use. 1-14 N/A classification Enable/disable rogue AP classification. A rogue AP is one that is unauthorized and plugged into the wired side of the network.
Description detect-sta-assoc-to-rogue Enable/disable detection of station association to rogue AP. detect-unencrypted-validclient Enable/disable detection of unencrypted valid clients. — enable detect-valid-clientmisassociation Enable/disable detection of misassociation between a valid client and an unsafe AP.
Parameter Description Range Defaul t protect-adhoc-enhanced Enables advanced protection from open/WEP adhoc networks. When enhanced adhoc containment is carried out, a new repeatable event, syslog and SNMP trap will be generated for each containment event. — false protect-adhoc-network Enables protection from adhoc neworks using WPA/WPA2 security. When adhoc networks are detected, they are disabled using a denial of service attack.
Parameter Description Range Defaul t rogue-containment Rogue APs can be detected (see classification) but are not automatically disabled. This option automatically shuts down rogue APs. When this option is enabled (true), clients attempting to associate to an AP classified as a rogue are disconnected through a denial of service attack. — false suspect-rogue-conf-level Confidence level of suspected Rogue AP to trigger containment.
Usage Guidelines Unauthorized device detection includes the ability to detect and disable rogue APs and other devices that can potentially disrupt network operations.
ids wms-general-profile wms general adhoc-ap-ageout-interval ap-ageout-interval collect-stats learn-ap learn-system-wired-macs no persistent-neighbor persistent-valid-sta poll-interval poll-retries propagate-wired-macs sta-ageout-interval stat-update Description This command configures the WLAN management system (WMS).
Parameter Description Range Default poll-retries Maximum number of failed polling attempts before the polled AM is considered to be down. (any) 2 propagate-wiredmacs Enables the propagation of the gateway wired MAC information. — enabled sta-ageout-interval Time, in minutes, that a client remains unseen by any probes before it is deleted from the database. ? 30 minutes stat-update Enables statistics updating in the database.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 399 | ids wms-general-profile Dell Networking W-Series ArubaOS 6.4.
ids wms-local system-profile ids wms-locals-profile max-rbtree-entries max-system-wm max-threshold system-wm-update-interval ] Description This command sets the local configuration parameters to control the size of the Wired MAC table and APs and Stations. Syntax Parameter Description max-rbtree-entries Set the max threshold for the total number of AP and Station RBTree entries.
Command History Release Modification ArubaOS 3. Introduced ArubaOS 6.1 Local configuration parameters to control the size of the Wired MAC table max-system-wm and system-wm-update-interval ArubaOS 6.1.3 The wms-local command was renamed to ids wms-local-system-profile. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 401 | ids wms-local system-profile Dell Networking W-Series ArubaOS 6.4.
ifmap ifmap cppm enable no server host port username passwd Description This command is used in conjunction with ClearPass Policy Manager. It sends HTTP User Agent Strings and mDNS broadcast information to ClearPass so that it can make more accurate decisions about what types of devices are connecting to the network. Syntax Parameter Description Default enable Enables the IFMAP protocol. — server Configures the CPPM IF-MAP server.
Related Commands Command Description Mode show ifmap This command is used in conjunction with ClearPass Policy Manager. It sends HTTP User Agent Strings and mDNS broadcast information to ClearPass so that it can make more accurate decisions about what types of devices are connecting to the network Config mode Command History Version Modification ArubaOS 6.
Interface cellular interface cellular ip access-group session Description This command allows you to specify an ingress or egress ACL to the cellular interface of an EVDO modem. Syntax Parameter Description Enter the name or number of the access group you want to apply to the EVDO modem.
interface fastethernet | gigabitethernet interface interface {fastethernet|gigabitethernet} / description duplex {auto|full|half} ip access-group {in|out|session {vlan }} tunneled-node-port no ...
Description Range Default Applies session ACL to interface and optionally to a selected VLAN associated with this port. — — tunneled-node-port Enable tunneled node capability on the interface. — disabled no Negates any configured parameter. — — poe Enables Power-over-Ethernet (PoE) on the interface. — enabled Enables Cisco-style PoE on the interface. — disabled jumbo Enables or disables jumbo frame MTU configured via firewall on a port.
Description Range Default cost Administrative cost associated with the spanning tree. 1-65535 19 (Fast Ethernet) 4 (Gigabit Ethernet) port-priority Spanning tree priority of the interface. A lower setting brings the port closer to root port position (favorable for forwarding traffic) than does a higher setting. This is useful if ports may contend for root position if they are connected to an identical bridge. 0-255 128 portfast Enables forwarding of traffic from the interface.
Description Range Default Sets the supplied range of VLANs as trusted. All remaining become untrusted automatically. For example, If you set a VLAN range as: vlan 1-10, 100-300, 301, 305-400, 501-4094 Then all VLANs in this range are trusted and all others become untrusted by default. You can also use the no trusted vlan command to explicitly make an individual VLAN untrusted. The no trusted vlan command is additive and adds given vlans to the existing untrusted vlan set.
Example The following commands configure an interface as a trunk port for a set of VLANs: (host) (host) (host) (host) (config) # interface fastethernet 1/2 (config-range)# switchport mode trunk (config-range)# switchport trunk native vlan 10 (config-range)# switchport trunk allowed vlan 1,10,100 The following commands configure trunk port 1/2 with test-acl session for VLAN 2.
interface loopback interface loopback ip address ipv6 address no ... Description This command configures the loopback address on the controller. Syntax Parameter Description ip address Host IP address in dotted-decimal format. This address should be routable from all external networks. ipv6 address Host IPv6 address that is routable from all external networks. no Negates any configured parameter.
| interface loopback Dell Networking W-Series ArubaOS 6.4.
interface port-channel interface port-channel add {fastethernet|gigabitethernet} / del {fastethernet|gigabitethernet} / ip access-group {in|out|session {vlan }} jumbo no ...
Parameter Description Range Default access vlan Sets the interface as an access port for the specified VLAN. The interface carries traffic only for the specified VLAN. — — mode Sets the mode of the interface to access or trunk mode only. — — trunk Sets the interface as a trunk port for the specified VLANs. A trunk port carries traffic for multiple VLANs using 802.1q tagging to mark frames for specific VLANs.
Usage Guidelines A port channel allows you to aggregate ports on a controller. You can configure a maximum of 8 port channels per supported controller with a maximum of 8 interfaces per port channel. Note the following when setting up a port channel between a controller and a Cisco switch (such as a Catalyst 6500 Series Switch): l There must be no negotiation of the link parameters. l The port-channel mode on the Cisco switch must be “on”.
interface-profile voip-profile interface-profile voip-profile clone no{...} voip-dot1p voip-dscp voip-mode [auto-discover | static] voip-vlan Description This command creates a VoIP profile that can be applied to any interface or an interface group. Syntax Parameter Description Range Default Name of the VoIP profile. 1-32 characters; cannot begin with a numeric character — voip-dot1p Specifies the dot1p priority.
Command History This command was introduced in ArubaOS Release Modification ArubaOS 6.2 Command introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.4.
interface range interface range {fastethernet|gigabitethernet} /- duplex {auto|full|half} ip access-group {in|out|session {vlan }} no ...
Parameter Description Range port-priority Spanning tree priority of the interface. A lower setting brings the port closer to root port position (favorable for forwarding traffic) than does a higher setting. This is useful if ports may contend for root position if they are connected to an identical bridge. 0-255 portfast Enables forwarding of traffic from the interface. — — speed Sets the interface speed: 10 Mbps, 100 Mbps, or auto configuration.
Usage Guidelines Use the show port status command to obtain information about the interfaces available on the controller. Example The following command configures a range of interface as a trunk port for a set of VLANs: interface range fastethernet 1/12-15 switchport mode trunk switchport trunk native vlan 10 switchport trunk allowed vlan 1,10,100 Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.
interface tunnel interface tunnel description inter-tunnel-flooding ip address ipv6 address X:X:X:X::X mtu no ... shutdown trusted tunnel destination {|ipv6 }|keepalive ||mode gre {|ip|ipv6}|source {|controller-ip|ipv6 {X:X:X:X::X|controllerip|loopback|vlan }|loopback|vlan }|vlan } Description This command configures a tunnel interface.
Parameter Description Range Default trusted Set this interface and range of VLANs to be trusted. VLANs not included in the trusted range of VLANs will be, by default, untrusted. Trusted ports and VLANs are typically connected to internal controlled networks, while untrusted ports connect to third-party APs, public areas, or other networks to which access controls should be applied. When Dell APs are attached directly to the controller, set the port to be trusted.
Parameter source vlan Description Range Default The local endpoint of the tunnel on the controller. This can be one of the following: l
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 The keepalive parameter was introduced. ArubaOS 6.4 The checksum parameter was deprecated. Tunnel destination ipv6, tunnel mode gre ipv6, tunnel source ipv6, parameters were introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master and local controllers 423 | interface tunnel Dell Networking W-Series ArubaOS 6.4.
interface vlan interface vlan bandwidth-contract bcmc-optimization description ip {address |dhcp-client client-id|internal|pppoe}|helper-address |igmp [proxy][snooping]|local-proxy-arp|nat[inside]|{ospf {area|authentictaion|cost|dead-interval|hello-interval|message-digestkey|priority|retransmit-interval|transmit-delay}| pppoe-max-segment-size | pppoepassword |pppoe-service-name |pppoe-username |routing} ipv6 {address
Parameter Description ip Configures IPv4 for this interface. Range Default address Configures the IP address for this interface, which can be one of the following: l dhcp-client: use DHCP to obtain the IP address l internal: IP address allocated from the Remote Node Profile. l pppoe: use PPPoE to obtain the IP address — — helper-address IP address of the DHCP server for relaying DHCP requests for this interface.
Parameter Description Range Default pppoe-service-name Configures the PPPoE service name. 1–80 — pppoe-username Configures the PAP username on the PPPoE Access Concentrator for the switch. 1–80 — routing Enables layer-3 forwarding on the VLAN interface. To disable layer3 forwarding, you must configure the IP address for the interface and specify no ip routing. — (enabled) Configures IPv6 for this interface.
Parameter Description l l l l l l l Range Default managed-configflag—Enables hosts to use DHCP server for stateful address autoconfiguration mtu—Configures maximum transmission unit for RA other-config-flag— Enables hosts to use DHCP server for other non-address stateful autoconfiguration preference— Configures a router preference prefix—Configures IPv6 RA prefix reachable-time— configures neighbor discovery reachable time retransmit-time— configures neighbor discovery retransmit time no Negates
Parameter Description Range Default ESSID is an alphanumeric name that uniquely identifies a wireless network. — — shutdown Causes a hard shutdown of the interface. — — suppress-arp Prevents flooding of ARP broadcasts on all the untrusted interfaces. — — essid Usage Guidelines All ports on the controller are assigned to VLAN 1 by default. Use the interface fastethernet | gigabitethernet command to assign a port to a configured VLAN.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master and local controllers 429 | interface vlan Dell Networking W-Series ArubaOS 6.4.
interface vlan ipv6 interface vlan ipv6 {address link-local | [/ | eui-64] ipv6 dhcp server ipv6 mld [snooping] ipv6 nd {ra [dns | enable | hop-limit | interval | life-time | managed-config-flag | mtu | other-config-flag | preference | prefix] | reachable-time | retransmit-time }} Description This command configures the IPv6 link local address or the global unicast address, and the IPv6 router advertisement parameters for this
Parameter Description l Range Default 0 prefix—Configures IPv6 RA prefix. reachable-time Configures the neighbor discovery reachable time in msec. 03,600,000 retransmit-time Configures the neighbor discovery retransmit time in msec. 03,600,000 Usage Guidelines You can use this command to configure the IPv6 link local address and the global unicast address for this interface. Example The following example configures the link local address for the VLAN 1.
interface vlan ip igmp proxy interface vlan ip igmp snooping|{proxy fastethernet|gigabitethernet /} Description This command enables IGMP and/or IGMP snooping on this interface, or configures a VLAN interface for uninterrupted streaming of multicast traffic. Syntax Parameter Description snooping Enable IGMP snooping. The IGMP protocol enables an router to discover the presence of multicast listeners on directly-attached links.
Issue the command interface vlan ipv6 mld to enable the MLD protocol and allow an IPv6 router to discover the presence of multicast listeners on directly-attached links. Use the CLI command interface vlan ipv6 mld snooping, and the IPv6 router will send multicast frames to only those nodes that need to receive them. Command History This command was introduced in ArubaOS 3.
ip access-list eth ip ip access-list eth {|} deny { []|any} [mirror] [position} no ... permit { []|any} [mirror][position] Description This command configures an Ethertype access control list (ACL). Syntax Parameter Description Range eth Enter a name, or a number in the specified range.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3 The mirror parameter was introduced. Command Information Platform License Command Mode Available on all platforms Requires the PEFNG license. Config mode on master controllers 435 | ip access-list eth Dell Networking W-Series ArubaOS 6.4.
ip access-list extended ip access-list extended {|} deny ipv6 no ... permit Description This command configures an extended access control list (ACL). To configure IPv6 specific rules, use the ipv6 keyword for each rule. Syntax Parameter Description Range extended Enter a name, or a number in the specified range. 100-199, 2000-2699 ipv6 Use the ipv6 keyword to add IPv6 specific rules. — deny Reject the specified packets.
Parameter Description Range host: specify a single host IP address Destination, which can be one of the following: Destination address (IPv4 or IPv6) and wildcard any: any destination host: specify a single host IP address — Usage Guidelines Extended ACLs are supported for compatibility with router software from other vendors. This ACL permits or denies traffic based on the source or destination IP address or IP protocol.
ip access-list mac ip access-list mac {|} deny {[]|any|host } [mirror] no ... permit {[]|any|host } [mirror] Description This command configures a MAC access control list (ACL). Syntax Parameter Description Range mac Configures a MAC access list. Enter a name, or a number in the specified range.
Command Information Platform License Command Mode Available on all platforms Requires the PEFNG license Config mode 439 | ip access-list mac Dell Networking W-Series ArubaOS 6.4.
ip access-list session ip access-list session [] ipv6 [] no ... Description This command configures an access control list (ACL) session. To create IPv6 specific rules, use the ipv6 keyword. Syntax Parameter Description Name of an access control list session. ipv6 Use the ipv6 keyword to create IPv6 specific rules.
Parameter Description Action if rule is applied, which can be one of the following: deny: Reject packets. Applicable to both IPv4 and IPv6. dst-nat: Performs destination NAT on packets. Forward packets from source network to destination; re-mark them with destination IP of the target network. This action functions in tunnel/decrypt-tunnel forwarding mode. User should configure the NAT pool in the controller. dual-nat: Performs both source and destination NAT on packets.
Usage Guidelines Session ACLs define traffic and firewall policies on the controller. You can configure multiple rules for each policy, with rules evaluated from top (1 is first) to bottom. The first match terminates further evaluation. Generally, you should order more specific rules at the top of the list and place less specific rules at the bottom of the list. The ACL ends with an implicit deny all. To configure IPv6 rules, use the ipv6 keyword followed by the regular ACL keywords.
ip access-list standard ip access-list standard {|} deny { |any|host } no ... permit { |any|host } Description This command configures a standard access control list (ACL). Syntax Parameter Description Range standard Enter a name, or a number in the specified range. 1-99, 1300-1399 ipv6 Use the ipv6 keyword to create IPv6 specific standard rules.
ip cp-redirect-address ip cp-redirect-address | disable Description This command configures a redirect address for captive portal. Syntax Parameter Description Host address with a 32-bit netmask. This address should be routable from all external networks. disable Disables automatic DNS resolution for captive portal. Usage Guidelines This command redirects wireless clients that are on different VLANs (from the controller’s IP address) to the captive portal on the controller.
ip default-gateway ip default-gateway |{import cell|dhcp|pppoe}|{ipsec } Description This command configures the default gateway for the controller. Syntax Parameter Description IP address of the default gateway. import Use a gateway IP address obtained through the cell interface, DHCP or PPPoE. The default gateway is imported into the routing table and removed when the uplink is no longer active. cell Use a gateway IP address obtained through the cell interface.
ip dhcp excluded-address ip dhcp excluded-address [] Description This command configures an excluded address range for the DHCP server on the controller. Syntax Parameter Description Low end of range of IP addresses. For example, you can enter the IP address of the controller so that this address is not assigned. High end of the range of IP addresses.
ip dhcp pool ip dhcp pool default-router ... dns-server { ... |import} domain-name lease netbios-name-server { ... |import} network {|} no ... option ip pooltype ipupsell|private|public vendor-class-identifier Description This command configures a DHCP pool on the controller. Syntax Parameter Description default-router IP address of the default router for the DHCP client.
Usage Guidelines A DHCP pool should be created for each IP subnetwork for which DHCP services should be provided. DHCP pools are not specifically tied to VLANs, as the DHCP server exists on every VLAN. When the controller receives a DHCP request from a client, it examines the origin of the request to determine if it should respond. If the IP address of the VLAN matches a configured DHCP pool, the controller answers the request.
ip domain lookup ip domain lookup Description This command enables Domain Name System (DNS) hostname to address translation. Syntax There are no parameters for this command. Usage Guidelines This command is enabled by default. Use the no form of this command to disable. Example The following command enables DNS hostname translation: (host)(config) #ip domain lookup Command History This command was available in ArubaOS 3.0.
ip domain-name ip domain-name Description This command configures the default domain name. Syntax Parameter Description domain-name Name used to complete unqualified host names. Do not specify the leading dot (.). Usage Guidelines The controller uses the default domain name to complete hostnames that do not contain domain names. You must have at least one domain name server configured on the controller (see ip name-server on page 466).
ip igmp ip igmp last-member-query-count last-member-query-interval max-members-per-group query-interval query-response-interval <.1 seconds> quick-client-convergence robustness-variable <2-10> ssm-range startup-query-count startup-query-interval version-1-router-present-timeout Description This command configures Internet Group Management Protocol (IGMP) timers and counters.
Parameter Description Range Default startup-query-interval Interval, in seconds, at which the controller sends general queries on startup. 1-65535 seconds 1/4 of the query interval version-1-router-present-timeout Timeout, in seconds, if a version 1 IGM router is detected. 1-65535 seconds 400 seconds Usage Guidelines IGMP is used to establish and manage IP multicast group membership. See RFC 3376, “Internet Group Management Protocol, version 3” for more information.
ip local ip local pool [] Description This command configures a local IP pool for Layer-2 Tunnel Protocol (L2TP). Syntax Parameter Description pool Name for the address pool. Starting IP address for the pool. (Optional) Ending IP address for the pool. Usage Guidelines VPN clients can be assigned IP addresses from the L2TP pool. Example The following command configures an L2TP pool: (host) (config) #ip local pool 10.1.1.1 10.1.1.
ip mobile active-domain ip mobile ip mobile active-domain Description This command configures the mobility domain that is active on the controller. Syntax Parameter Description active-domain Name of the mobility domain. Usage Guidelines All controllers are initially part of the “default” mobility domain. If you use the “default” mobility domain, you do not need to specify this domain as the active domain on the controller.
ip mobile domain ip mobile domain description hat description no Description This command configures the mobility domain on the controller. Syntax Parameter Description Name of the mobility domain. description Description of the mobility domain. The description can be a maximum of 30 characters (including spaces). hat Configures a home agent table (HAT) entry. The IP address of the home agent controller that requires mobility service.
Home Agent Table Home Agent Description --------------- ------------------------192.0.2.1 East building entries Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.0 A new parameter, description is added for providing more information about a HAT entry. ArubaOS 6.
ip mobile foreign-agent ip mobile foreign-agent {lifetime | max-visitors | registrations {interval | retransmits }} Description This command configures the foreign agent for IP mobility. Syntax Parameter Description Range Default lifetime Requested lifetime, in seconds, as per RFC 3344, “IP Mobility Support for IPv4”. 10-65534 180 seconds max-visitors Maximum number of active visitors.
ip mobile home-agent ip mobile home-agent {max-bindings |replay } Description This command configures the home agent for IP mobility. Syntax Parameter Description Range Default max-bindings Maximum number of mobile IP bindings. This option is an additional limitation to control the maximum number of roaming users.
ip mobile packet-trace ip mobile packet-trace Description This command enables packet tracing for the given mac address. Use this command with caution. It replaces the existing users with user entries from the imported file. Syntax Platform License The MAC address of the host Usage Guidelines Executing this command enables packet tracing for the given mac address. This is used for troubleshooting purposes only.
ip mobile proxy ip mobile proxy auth-sta-roam-only |event-threshold |log-trail | no-service-timeout | on-association | refresh-stale-ip stale-timeout | trail-length |trail-timeout Description This command configures the proxy mobile IP module in a mobility-enabled controller. Syntax Parameter Description Range Default auth-sta-roamonly Allows a client to roam only if has been authenticated.
Parameter Description Range Default stale-timeout Number of seconds the mobility state is retained after the loss of connectivity. This allows authentication state and mobility information to be preserved on the home agent controller. The default is 60 seconds but can be safely increased. Note that in many case a station state is deleted without waiting for the stale timeout; user delete from management, foreign agent to foreign agent handoff, etc.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.2 The re-home parameter was deprecated as the re-homing functionality is no longer available. ArubaOS 6.3 The block-dhcp-release, dhcp aggressive-transaction, dhcp ignoreoptions, dhcp max-requests <0-50>, dhcp transaction-hold <1-100>, dhcp transaction- timout <10-600>, stand-alone-AP parameters are deprecated.
ip mobile revocation ip mobile revocation {interval |retransmits Description This command configures the frequency at which registration revocation messages are sent. Syntax Parameter Description Range Default interval Retransmission interval, in milliseconds. 100-10000 ms 1000 ms retransmits Maximum number of times the home agent or foreign agent attempts mobile IP registration/revocation message exchanges before giving up.
ip mobile trail (deprecated) ip mobile trail {host IP address | host MAC address} Description This command configures the capture of association trail for all devices. Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 6.1 Command deprecated 465 | ip mobile trail (deprecated) Dell Networking W-Series ArubaOS 6.4.
ip name-server ip name-server Description This command configures servers for name and address resolution. Syntax Parameter Description IP address of the server. Usage Guidelines You can configure up to six servers using separate commands. Specify one or more servers when you configure a default domain name (see ip domain-name on page 450). Example The following command configures a name server: ip name-server 10.1.1.245 Command History This command was available in ArubaOS 3.0.
ip nat ip nat pool [] Description This command configures a pool of IP addresses for network address translation (NAT). Syntax Parameter Description pool Name of the NAT pool. IP address that defines the beginning of the range of source NAT addresses in the pool. IP address that defines the end of the range of source NAT addresses in the pool. Destination NAT IP address.
ip ospf ip ospf area|{authentication message-digest | cost | dead-interval | hellointerval | message-digest-key | priority | retransmitinterval |transmit-delay Description Configure OSPF on the VLAN interface. Syntax Parameter Description Range Default area Enable OSPF on a specific interface by entering the IP address of the router that will use OSPF.
Related Commands Command Description show ip ospf View the OSPF configuration Command History Release Modification ArubaOS 3.4 Command introduced Command Information Platforms Licensing Command Mode All Platforms Base operating system Configuration Interface Mode (configsubif) 469 | ip ospf Dell Networking W-Series ArubaOS 6.4.
ip pppoe-max-segment-size (deprecated) ip pppoe-max-segment-size Description This command configures the maximum TCP segment size (mss), in bytes, for Point-to-Point Protocol over Ethernet (PPPoE) data. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 Command deprecated Dell Networking W-Series ArubaOS 6.4.
ip pppoe-password (deprecated) ip pppoe-password Description This command configures the PPP over Ethernet (PPPoE) password. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 Command deprecated 471 | ip pppoe-password (deprecated) Dell Networking W-Series ArubaOS 6.4.
ip pppoe-service-name (deprecated) ip pppoe-service-name Description This command configures the PPP over Ethernet (PPPoE) service name. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 Command deprecated Dell Networking W-Series ArubaOS 6.4.
ip pppoe-username (deprecated) ip pppoe-username Description This command configures the PPP over Ethernet (PPPoE) username. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 Command deprecated 473 | ip pppoe-username (deprecated) Dell Networking W-Series ArubaOS 6.4.
ip radius ip radius {nas-ip |rfc-3576-server udp-port |source-interface {loopback|vlan } Description This command configures global parameters for configured RADIUS servers. Syntax Parameter Description Range Default nas-ip NAS IP address to send in RADIUS packets. A server-specific NAS IP configured with the aaa authentication-server radius command supersedes this configuration.
Command Information Platform License Command Mode Available on all platforms The ip radius rfc-3576-server udp-port command requires the PEFNG license. Other commands are available in the base operating system. Config mode on master and local controllers 475 | ip radius Dell Networking W-Series ArubaOS 6.4.
ids rap-wml-server-profile ids rap-wml-server-profile ageout cache{disable|enable clone db-name ip-addr password type mssql|mysql user Description Use this command to specify the name and attributes of a MySQL or an MSSQL server. Syntax Parameter Description Default ageout (Optional) Specifies the cache ageout period, in seconds. 0 cache (Optional) Enables the cache, or disables the cache.
ids rap-wml-table-profile mssqlserver table-name mactest_undelimited timestampcolumn time lookup-time 600 ids rap-wml-table-profile mssqlserver table-name mactest_delimited mac-delimiter : timestampcolumn time lookup-time 600 Command History Release Modification ArubaOS 2.0 Command introduced ArubaOS 6.1 This command was renamed from rap-wml to ids rap-wml-server-profile. Command Information Platforms Licensing Command Mode All platforms Requires the RF Protect license.
ids rap-wml-table-profile ids rap-wml-table-profile clone column-name lookup-time mac-delimiter no ... timestamp-column Description Use this command to specify the name and attributes of the database table to be used for lookup.
(host) (config) # ids rap-wml-server-profile mssqlserver type mssql ip-addr 10.4.11.11 db-name automatedtestdatabase user sa password sa ids rap-wml-table-profile mssqlserver table-name mactest_undelimited timestampcolumn time lookup-time 600 ids rap-wml-table-profile mssqlserver table-name mactest_delimited mac-delimiter : timestampcolumn time lookup-time 600 Command History Release Modification ArubaOS 2.0 Command introduced ArubaOS 6.
ip route ip route { []|ipsec |null 0} Description This command configures a static route on the controller. Syntax Parameter Description Enter the destination prefix address in dotted decimal format (A.B.C.D). Enter the destination prefix mask address in dotted decimal format (A.B.C.D). [] Enter the forwarding router address in dotted decimal format (A.B.C.D). Optionally, enter the distance metric (cost) for this route.
ipv6 cp-redirect-address ipv6 cp-redirect-address | disable Description This command configures a redirect address for captive portal. Syntax Parameter Description This address should be routable from all external networks. disable Disables automatic DNS resolution for captive portal. Usage Guidelines This command redirects wireless clients that are on different VLANs (from the controller’s IP address) to the captive portal on the controller.
ipv6 default-gateway ipv6 default-gateway Description This command configures an IPv6 default gateway. Syntax Parameter Description Specify the IPv6 address of the default gateway. cost Specify the distance metric to select the routing protocol that determines the way to learn the route. Usage Guidelines This command configures an IPv6 default gateway.
ipv6 dhcp excluded-address ipv6 dhcp excluded-address [] Description This command configures an excluded IPv6 address range for the DHCPv6 server on the controller. Syntax Parameter Description Low end of range of IPv6 addresses. For example, you can enter an IPv6 address that should not be assigned. High end of the range of IPv6 addresses.
ipv6 dhcp pool ipv6 dhcp pool dns-server domain-name lease network no ... option {ip | text } preference <1-255> Description This command configures a DHCPv6 pool on the controller. Syntax Parameter Description dns-server IPv6 address of the DNS server. domain-name Domain name to which the client belongs. lease The amount of time that the assigned IPv6 address is valid for the client.
Command Information Platform License Command Mode Available on all platforms Available in the base operating system Config mode on master controllers 485 | ipv6 dhcp pool Dell Networking W-Series ArubaOS 6.4.
ipv6 enable ipv6 enable Description This command enables IPv6 packet processing globally. This option is disabled by default. Syntax No parameters. Usage Guidelines This command enables IPv6 packet processing globally. Command History This command was introduced in ArubaOS 6.0. Command Information Platform License Command Mode Available on all platforms Available in the base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
ipv6 firewall ipv6 firewall attack-rate {ping |session |tcp-syn } deny-inter-user-bridging | drop-ip-fragments | enable-per-packet-logging | enforce-tcp-handshake | prohibit-ip-spoofing | prohibit-rst-replay | session-idle-timeout | session-mirror-destination {ip-address }|{port } Description This command configures firewall options on the controller for IPv6 traffic.
Parameter Description Range Default enforce-tcphandshake Prevents data from passing between two clients until the three-way TCP handshake has been performed. This option should be disabled when you have mobile clients on the network as enabling this option will cause mobility to fail. You can enable this option if there are no mobile clients on the network. — disabled prohibit-ipspoofing Detects IP spoofing (where an intruder sends messages using the IP address of a trusted client).
Command Information Platform License Command Mode Available on all platforms Available in the base operating system, except for noted parameters Config mode on master controllers 489 | ipv6 firewall Dell Networking W-Series ArubaOS 6.4.
ipv6 neighbor ipv6 neighbor vlan Description This command configures an IPv6 static neighbor on a VLAN interface. Syntax Parameter Description Specify the IPv6 address of the neighbor entry. vlan Specify the VLAN ID. Specify the 48-bit hardware address of the neighbor entry. Usage Guidelines You can configure an IPv6 static neighbor on a VLAN interface.
ipv6 mld ipv6 mld query-interval query-response-interval robustness-variable ssm-range Description This command configures the IPv6 MLD (Multi-listener discovery) parameters. Syntax Parameter Description query-interval Specify the time interval in seconds (1-65535) between general queries sent by the querier. The default value is 125 seconds. By varying this value, you can tune the number of MLD messages on the link; larger values cause MLD queries to be sent less often.
Command History Release Modification ArubaOS 6.1 Command introduced ArubaOS 6.4 The ssm-range parameter was introduced. Command Information Platform License Command Mode Available on all platforms Available in the base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
ipv6 proxy-ra ipv6 proxy-ra interval Description This command configures an interval for proxy Router Advertisement. Syntax Parameter Description interval Configures proxy Router Advertisement Interval (180-1800 sec). This overrides interface Router Advertisement interval value if its value is lesser. Usage Guidelines This command configures interval for proxy Router Advertisement.
ipv6 radius ipv6 radius {nas-ip6 |source-interface {loopback|vlan } Description This command configures global parameters for configured IPv6 RADIUS servers. Syntax Parameter Description nas-ip6 NAS IPv6 address to send in RADIUS packets. A server-specific NAS IPv6 configured with the aaa authentication-server radius command supersedes this configuration. source-inter face Interface for all outgoing RADIUS packets.
ipv6 route ipv6 route {ipv6-prefix/prefix-length}|ipv6-next-hop|null|vlan[vlanid]|link-local-next-hop} |cost Description This command configures static IPv6 routes on the controller. Syntax Parameter Description Specify the IPv6 address and the prefix length of the destination. Specify the next-hop IPv6 address or null 0 to terminate or discard the packets. Listed below are the following options: l X:X:X:X::X-IPv6 address of next-hop.
kernel coredump [no] kernel coredump Use this command under the supervision of Dell Global Technical Support. Description This command enables the controller to capture the snapshot of the working memory of the control plane when the control plane has terminated abnormally. An additional flash memory available check is imposed on core dump. If less than 100 MB of space is left on the flash, the extra core dump chunks get discarded.
lacp group lacp group mode {active | passive} Description Enable Link Aggregation Control Protocol (LACP) and configure LACP on the interface. Parameter Description Enter the link aggregation group (LAG) number. Range: 0-7 mode {active | passive} Enter the keyword mode followed by either the keyword active or passive. l Active mode—the interface is in active negotiating state. LACP runs on any link that is configured to be in the active state.
lacp port-priority lacp port-priority Description Configure the LACP port priority. Syntax Parameter Description Enter the port-priority value. The higher the value number the lower the priority. Range: 1 to 65535 Default: 255 Usage Guidelines Set the port priority for LACP.
lacp system-priority lacp system-priority Description Configure the LACP system priority. Syntax Parameter Description Enter the system priority value. The higher the value number the lower the priority. Range: 1 to 65535 Default: 32768 Usage Guidelines Set the LACP system priority.
lacp timeout lacp timeout {long | short} Description Configure the timeout period for the LACP session. Syntax Parameter Description long Enter the keyword long to set the LACP session to 90 seconds. This is the default. short Enter the keyword short to set the LACP session to 3 seconds. Usage Guidelines The timeout value is the amount of time that a port-channel interface waits for a LACPDU (Link Aggregation Control Protocol data unit) from the remote system before terminating the LACP session.
lcd-menu lcd-menu [no] disable menu [maintenance [factory-default| media-eject| qui-quick-setup | media-eject | system-halt | system-reboot | upgrade-image [parition0 | partition1]| upload-config]] Description This command allows you to enable or disable the LCD menu either completely or for specific operations. Syntax Parameter Description lcd-menu Enters the LCD menu configuration mode. no Delete the specified LCD menu option. disable Disables (or enables) the complete LCD menu.
menu menu menu menu menu menu menu menu menu menu menu maintenance maintenance maintenance maintenance maintenance maintenance maintenance maintenance maintenance maintenance system-halt halt-stack system-halt halt-local upgrade-image upload-config factory-default media-eject system-reboot system-halt gui-quick-setup enabled enabled enabled enabled enabled enabled enabled enabled enabled enabled enabled Example The following example disables the LCD menu completely: (host) #configure terminal (host) (co
license license add del export import profile centralized-licensing-enable report } server-ip server-redundancy {license-vrrp }|[peer-ip-address } Description This command allows you to install, delete, and manage software licenses on the controller. Syntax Parameter Description add Installs the software license key in the controller. The key is normally sent to you via email. This parameter is available in enable mode.
Parameter Description ralized licensing feature. This command is available in config mode. license-vrrp Use this command to specify a VRRP instance to be used for the centralized licensing feature. This command is available in config mode. By default, the master controller in a master-local topology is the primary licensing server.
Other client controllers on the network connect to the licensing server using the VRRP virtual IP address configured for that set of redundant servers. By default, the primary licensing server uses the configured virtual IP address. However, if the controller acting as the primary licensing server becomes unavailable, the secondary licensing server will take ownership of the virtual IP address, allowing licensing clients to retain seamless connectivity to a licensing server.
Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 6.3 The following commands were introduced to support the centralized licensing feature: l profile centralized-licensing-enable l server-ip l server-redundancy {license-vrrp }|[peer-ip-address } Command Information Platform License Command Mode Available on all platforms Available in the base operating system Enable or config mode on master and local controllers Dell Networking W-Series ArubaOS 6.4.
local-custom-cert local-custom-cert local-mac ca-cert server-cert suite-b Description This command configures the user-installed certificate for secure communication between a local controller and a master controller. Syntax Parameter Description MAC address of the local controller’s user-installed certificate. ca-cert User-defined name of a trusted CA certificate installed on the local controller.
Command Information Platform License Available on all platforms The suite-b gcm-128 and suite-b gcm-256 encryption options for IPsec custom certificates requires the Advanced Cryptography (ACR) license. All other parameters are available in the base operating system Dell Networking W-Series ArubaOS 6.4.
local-factory-cert local-factory-cert local-mac Description This command configures the factory-installed certificate for secure communication between a local controller and a master controller. Syntax Parameter Description MAC address of the local controller’s factory-installed certificate. Usage Guidelines Use this command on a master controller to configure the factory certificate for communication with a local controller.
local-userdb-ap add (deprecated) local-userdb-ap add mac-address ap-group ap-name description full-name remote-ip Description This command adds a Remote AP entry to the Remote AP whitelist table. Command History Modification ArubaOS 3.0 Command introduced ArubaOS 6.2 Command replaced by whitelist-db rap add. 511 | local-userdb-ap add (deprecated) Dell Networking W-Series ArubaOS 6.4.
local-userdb-guest add local-userdb-guest local-userdb-guest add {generate-username|username } {generate-password|password } [comment ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ][guest-phone ][mode disable][opt-field-1 ][opt-field-2 ][opt-field-3 ][opt-field-4 ] [sponsor-dept ][sponsor-mail ][sponsor-fullname ][sponsor-name ]
Parameter Description Range Default opt-field-1 This category can be used for some other purpose. For example, the optional category fields can be used for another person, such as a “Supervisor.” You can enter username, full name, department and Email information into the optional fields. — — opt-field-2 Same as opt-field-1. — — opt-field-3 Same as opt-field-1. — — opt-field-4 Same as opt-field-1. — — sponsor-dept The guest sponsor’s department name.
Command History Introduced in ArubaOS 3.4. Command Information Platform License Command Mode Available on all platforms Available in the base operating system. The role parameter requires the PEFNG license. Enable and config modes on master controllers. Dell Networking W-Series ArubaOS 6.4.
local-userdb-remote-node (deprecated) localuserdb local-userdb-remote-node add mac-address remote-node-profile del mac-address Description This command adds a Remote Node to the Remote Node whitelist. You can also delete the whitelist entry using this command. Syntax Parameter Description Range Default mac-address MAC address of the Remote Node in colonseparated six-octet format.
Command Description Mode remote-node-profile (deprecated) The remote-node-profile command lets you create a Remote Node profile. Config mode show remote-node (deprecated) Shows Remote Node configuration, dhcp instance, license usage and running configuration information. Enable and Config mode show remote-node-dhcp-pool (deprecated) Shows Remote Node dhcp pool configuration information. Enable and Config mode show remote-node-profile (deprecated) Shows Remote Node profile status information.
local-userdb add localuserdb local-userdb add {generate-username|username } {generate-password|password } [comment ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ][guest-phone ][mode disable] [opt-field-1 ][opt-field-2 ][opt-field-3 ][opt-field-4 ][[remote-ip ][role ][sponsor-dept ][sponsor-mail ][sponsor-fullname ][sponso
Parameter Description Range Default opt-field-2 Same as opt-field-1. — — opt-field-3 Same as opt-field-1. — — opt-field-4 Same as opt-field-1. — — remote-ip IP address assigned to the remote peer. role Role for the user. This role takes effect when the internal database is specified in a server group profile with a server derivation rule. If there is no server derivation rule configured, then the user is assigned the default role for the authentication method.
Related Commands Command Description Mode show local-userdb Use this command to show the parameters displayed in the output of this command. Enable and Config modes show local-userdb-guest Use this command to show the parameters displayed in the output of the local-userdbguest add command. Enable and Config modes mgmt-user Use the webui-cacert command if you want an external authentication server to derive the management user role.
localip localip ipsec Description This command configures the IP address and preshared key for the local controller on a master controller. Syntax Parameter Description IP address of the local controller. Use the 0.0.0.0 address to configure a global preshared key for all inter-controller communications. ipsec To establish the master-local IPsec tunnel using IKEv1, enter a preshared key between 6-64 characters.
local-userdb-ap del local-userdb-ap del mac-address [all] Description This command deletes a Remote AP entry from the obsolete Remote AP database. Syntax Parameter Description mac-address MAC address of the remote AP to be removed from the Remote AP database. all Remove all entries from the whitelist. Usage Guidelines When you upgrade from ArubaOS 5.0-6.1 to ArubaOS 6.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.3 The all parameter was added to delete all entries from the obsolete remote AP database Dell Networking W-Series ArubaOS 6.4.
local-userdb-ap modify (deprecated) local-userdb-ap modify mac-address ap-name description full-name remote-ip Description This command modifies a Remote AP entry in the Remote AP whitelist table. Command History Modification ArubaOS 3.0 Command introduced. ArubaOS 6.2 Command replaced by whitelist-db rap modify. 523 | local-userdb-ap modify (deprecated) Dell Networking W-Series ArubaOS 6.4.
local-userdb-ap revoke (deprecated) local-userdb-ap revoke mac-address revoke-comment Description Revoke a lost or stolen remote AP to prevent unauthorized users from accessing the company’s corporate network Command History Modification ArubaOS 3.0 Command introduced. ArubaOS 6.2 Command deprecated. For ArubaOS 6.3 or later, use or whitelist-db cpsec revoke Dell Networking W-Series ArubaOS 6.4.
local-userdb del local-userdb {del username |del-all} Description This command deletes entries in the controller’s internal database. Syntax Parameter Description del username Deletes the user account for the specified username. del-all Deletes all entries in the internal database. Usage Guidelines User account entries created with expirations are automatically deleted from the internal database at the specified expiration.
local-userdb export local-userdb export Description This command exports the internal database to a file. Use this command with caution. It replaces the existing users with user entries from the imported file. Syntax Parameter Description export Saves the internal database to the specified file in flash. Usage Guidelines After using this command, you can use the copy command to transfer the file from flash to another location.
local-userdb fix-database local-userdb fix-database Description This command deletes and reinitializes the internal database. Syntax No parameters. Usage Guidelines Before using this command, you can save the internal database with the local-userdb export command. Command History Introduced in ArubaOS 3.0. Command Information Platform License Command Mode Available on all platforms Available in the base operating system Enable mode on master controllers.
local-userdb-guest del local-userdb-guest {del username |del-all} Description This command deletes entries in the controller’s internal database. Syntax Parameter Description del username Deletes the user account for the specified username. del-all Deletes all entries in the internal database. Usage Guidelines User account entries created with expirations are automatically deleted from the internal database at the specified expiration.
local-userdb-guest modify local-userd-guest modify username [comments ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ][guest-phone ][mode disable][opt-field-1 ][opt-field-2 ][optfield-3 ][opt-field-4 ][password ][sponsor-mail ][sponsor-fullname ][sponsor-name ][start-time
Parameter Description Range Default NOTE: A sponsor is the guest's primary contact for the visit. sponsor-email The sponsor’s email address. — — sponsor-fullname The sponsor’s full name. — — sponsor-name The sponsor’s name. — — start-time Date and time, in mm/dd/yyy and hh:mm format, the guest account begins. — — Usage Guidelines Use the show local-userdb-guest command to view the current user account entries in the internal database.
local-userdb-guest send-email local-userdb-guest send-email [to-guest][to-sponsor] Description This command causes the controller to send email to the guest and/or sponsor any time a guest user is created. Syntax Parameter Description Range Default Name of the guest 1 – 64 characters — to-guest Allows you to send email to the guest user’s address. — — to-sponsor Allows you to send email to the sponsor’s email address.
local-userdb import local-userdb import Description This command replaces the internal database with the specified file from flash. Syntax Parameter Description import Replaces the internal database with the specified file. Usage Guidelines This command replaces the contents of the internal database with the contents in the specified file. The file must be a valid internal database file saved with the local-userdb export command.
local-userdb maximum-expiration local-userdb maximum-expiration Description This command configures the maximum time, in minutes, that a guest account in the internal database can remain valid. Syntax Parameter Description Range maximum-expiration Maximum time, in minutes, that a guest account in the internal database can remain valid. 12147483647 Usage Guidelines The user in the guest-provisioning role cannot create guest accounts that expire beyond the configured maximum time.
local-userdb modify local-userdb modify username [comments ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ] [guest-phone ][mode disable][opt-field-1 ][opt-field-2 ][opt-field-3 ][opt-field-4 ][remote-ip ][role ][sponsor-dept ][sponsormail ][sponsor-fullname ][sponsor-name ][start-time
Parameter Description Range Default sponsor-dept The guest sponsor’s department name NOTE: A sponsor is the guest's primary contact for the visit. — — sponsor-email The sponsor’s email address. — — sponsor-fullname The sponsor’s full name. — — sponsor-name The sponsor’s name. — — start-time Date and time, in mm/dd/yyy and hh:mm format, the guest account begins. — — Usage Guidelines Use the show local-userdb command to view the current user account entries in the internal database.
local-userdb send-to-guest local-userdb send-to-guest Description This command automatically sends email to the guest when the guest user is created. Syntax No parameters. Usage Guidelines A guest is the person who needs guest access to the company’s Dell wireless network. Email is sent directly to the guest after the guest user is created. When configuring the guest provisioning feature, the guest user is generally created by Guest Provisioning user.
local-userdb send-to-sponsor local-userdb send-to-sponsor Description This command automatically sends email to the guest’s sponsor when the guest user is created. Syntax No parameters. Usage Guidelines The sponsor is the guest's primary contact. Email is sent directly to the guest’s sponsor after the guest user is created. When configuring the guest provisioning feature, the sponsor is generally created by the Guest Provisioning user.
location location Description This command configures the location of the controller. Syntax Parameter Description location A text string that specifies the system location. Usage Guidelines Use this command to indicate the location of the controller. You can use a combination of numbers, letters, characters, and spaces to create the name. To include a space in the name, use quotation marks to enclose the text string. To change the existing name, enter the command with a different string.
location-server-feed enable disable Description This command allows sends RSSI information from APs to a location management server. Syntax Parameter Description enable Enable the feed that sends RSSI information to a location management server. This feature is disabled by default. disable Disable the feed that sends RSSI information to a location management server. This feature is disabled by default.
logging logging [ipaddr|ipv6addr|facility|level] Description Use this command to specify the IP address of the remote logging server, facility, severity, and the type. Syntax Parameter Description Range ipaddr To set the remote logging server IPv4 address. A.B.C.D ipv6addr To set the remote logging server IPv6 address. X:X:X:X::X facility To set the remote logging server facility. level To set the logging level upto which the messages are logged.
Command Information Platform License Command Mode Available on all platforms Available in the base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
logging facility logging facility Description Use this command to set the facility to use when logging to the remote syslog server. Syntax Parameter Description Range The facility to use when logging to a remote syslog server. local0 to local7 Usage Guidelines The local use facilities (local0, local1, local2, local3, local4, local5, local6, and local7) are not reserved for specific message-generating sources, and can be used for sending syslog messages.
logging level logging level [process ] [subcat ] Description Use this command to set the categories or subcategories and the severity levels of messages that are logged. Syntax Parameter Description The message severity level, which can be one of the following (in order of severity level): emergencies (0) Panic conditions that occur when the system becomes unstable. alerts (1) Any condition requiring immediate attention and correction.
Parameter Description armd ARM processes authmgr User authentication certmgr Certificate manager cfgm Configuration Manager cpsec Control plane security crypto VPN (IKE/IPsec) cts Transport service dbsync Database synchronization dds logging for DDS processes dhcpd DHCP packets esi External Services Interface extifmgr External Interface Manager fpapps Layer 2 and 3 control fw_visibility Firewall visibility processes gsmmgr GSM manager ha_mgr High availability manager httpd
Parameter Description pppoed PPPoE pptp PPTP processes Run-time processes profmgr Profile Manager publisher Publish subscribe service ravd Router Advertisement daemon rfm RF Troubleshooting Manager snmp SNMP spectrum Spectrum analysis processes stm Station management syslogdwrap Syslogd wrap traffic Traffic ucm UCM processes wms Wireless management (master controller only) subcat Message subcategory, which depends upon the message category specified.
Command History Version Description ArubaOS 2.5 Command introduced ArubaOS 6.3 l l ArubaOS 6.4 A new subcategory amon is added in the logging level command to account for AMON related logging messages. A new process mdns is added to view mDNS debug messages. A new process category ha_mgr is added to manage high availability processes.
loginsession loginsession timeout Description This command configures the time management session (via Telnet or SSH) remains active without user activity. Syntax Parameter Description Range Default timeout Number of seconds or minutes that a management session remains active without any user activity. 5-60 minutes or 13600 seconds, 0 to disable 15 minutes Usage Guidelines The management user must re-login to the controller after a Telnet or SSH session times out.
logout logout Description This command exits the current CLI session. Syntax No parameters. Usage Guidelines Use this command to leave the current CLI session and return to the user login. Example The following command exits the CLI session: (host) >logout User: Command History This command was available in ArubaOS 3.0.
mac-address-table mac-address-table static {fastethernet|gigabitethernet} / vlan Description This command adds a static entry to the MAC address table. Syntax Parameter Description Range Media Access Control (MAC) address, in the format xx:xx:xx:xx:xx:xx. — is always 1. — Number assigned to the network interface embedded in the controller. Port numbers start at 0 from the left-most position. vlan ID number of the VLAN.
master-redundancy master-vrrp master-redundancy master-vrrp Description This command associates a VRRP instance with master controller redundancy. Syntax Parameter Description Range The virtual router ID for the VRRP instance configured with the vrrp command. 1-255 Usage Guidelines To maintain a highly redundant network, you can use a controller as a standby for the master controller. The underlying protocol used is VRRP which you configure using the vrrp command.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
masterip masterip ipsec [interface uplink|{vlan }] [fqdn ] ipsec-custom-cert master-mac1 [master-mac2 ] ca-cert server-cert [interface uplink|{vlan }] [fqdn ] [suite-b gcm-128|gcm-256] ipsec-factory-cert master-mac1 [master-mac2 ] [interface uplink|{vlan }] [fqdn ] Description This command configures the IP address and preshared key or certificate for the master controller on a local controller.
Parameter Description ipsec-factory-cert Use the factory-installed certificate on the master controller to establish a master-local IPsec tunnel using IKEv2. master-mac1 The MAC address of the certificate on the Master. master-mac2 (Optional) the MAC address of the certificate on the backup master controller. interface Specify the uplink or VLAN interface on the master controller to initiate IKE. uplink Use the master controller’s current active uplink to initiate IKE.
Command Information Platform License Command Mode Available on all platforms The suite-b gcm-128 and suite-b gcm-256 encryption options for IPsec custom certificates requires the Advanced Cryptography (ACR) license. All other parameters are available in the base operating system Available in Config mode on local controllers 555 | masterip Dell Networking W-Series ArubaOS 6.4.
master-redundancy peer-ip master-redundancy peer-ip ipsec ipsec-custom-cert master-mac ca-cert server-cert [suite-b gcm-128|gcm256] ipsec-factory-cert master-mac Description This command configures the IP address and preshared key or certificate for a redundant master controller on another master controller. Syntax Parameter Description IP address of the redundant controller. Use the 0.0.0.
Example The following command configures the local controller on a master controller: (host) (config) #peer-ip 10.4.62.5 ipsec-custom-cert master-mac 00:02:2D:11:55:4D ca-cert cacert1 server-cert server1 Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The ipsec-factory-cert and ipsec-custom-cert parameters were introduced to allow certificate-based authentication of master and local controllers.
mgmt-server profile wlan mgmt-server profile clone airgroupinfo-enable location-enable misc-enable monitored-info-enable monitored-stats-enable no sessions-enable stats-enable tag-enable uccmonitoring-enable voiceinfo-enable Description Configure a management server profile on the controller for an AirWave management server or for an Analytics Location Engine (ALE) that should receive Advanced Monitoring (AMON) protocol messages filtered based on the profile settings.
Parameter Description tag-enable If enabled, tag messages will be sent to the management server. uccmonitoring-enable If enabled, the messages about the unified communications manager will be sent to the management server. voiceinfo-enable If enabled, the voice call records will be sent to the management server. Usage Guidelines Use this command to create a new management server profile on the controller or to edit the default profiles.
mgmt-server type wlan mgmt-server type ale primary-server profile amp primary-server profile Description Register a management server with the controller by specifying the IP address of an AirWave management server or Analytics and Location Engine that should receive messages from the controller using the Advanced Monitoring (AMON) protocol. You must also specify the management configuration profile in which the AMON message filtering settings can be done.
mgmt-user mgmt-user mgmt-user localauth-disable mgmt-user ssh-pubkey client-cert mgmt-user webui-cacert serial Description This command configures an administrative user. Syntax Parameter Description Default Name of the user. You can create a maximum of 10 management users.
Parameter Description Default Name of the user. — Role assigned to the authenticated user. — Revocation Checkpoint for the ssh user's client certificate. The rcp checks the revocation status of the SSH user’s client certificate before permitting access. — The client certificate for authenticating administrative users using the WebUI. — The CA certificate.
Release Modification ArubaOS 3.3 The location-api-mgmt role and localauth-disable parameters were introduced. ArubaOS 3.4 The webui-cacert parameter had additional functionality introduced. ArubaOS 6.3 The parameter was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 563 | mgmt-user Dell Networking W-Series ArubaOS 6.4.
mobility-manager mobility-manager user [interval ] [retrycount ] [udp-port ] [rtls ] trap-version {1|2c|3} Description This command allows the controller to communicate with an MMS server. Usage Guidelines This command needs to be configured before the controller can communicate with the MMS server. This command performs three tasks: l Configures the IP address of the MMS server.
netdestination netdestination description host [position ] invert name network [position ] no ... range [position ] Description This command configures an alias for an IPv4 network host, subnetwork, or range of addresses. Syntax Parameter Description Name for this host or domain. Maximum length is 63 characters. description Description about the this destination up to 128 characters long.
Example The following command configures an alias for an internal network: (host) (config) #netdestination Internal network 10.1.0.0 255.255.0.0 Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 Host functionality now only supports IPv4 subnets. ArubaOS 6.2 Name parameter has maximum character length. Command Information Platforms Licensing Command Mode All platforms Requires the Policy Enforcement Firewall license.
netdestination6 netdestination6 description host [position ] invert name network [position ] no ... range [position ] Description This command configures an alias for an IPv6 network host, subnetwork, or range of addresses. Syntax Parameter Description Default Name of the IPv6 destination host or subnetwork up to 63 characters long.
(host) (config) #netdestination6 Internal network fe80:0:0:0:0:0:a01:0/128 Command History Release Modification ArubaOS 6.1 Command introduced ArubaOS 6.3 A new field, description has been introduced to provide a description about the netdestination up to 128 characters long. ArubaOS 6.3 Maximum length allowed for netdestination6 is now 63 characters. Command Information Platforms Licensing Command Mode All platforms Requires the Policy Enforcement Firewall license.
netexthdr netexthdr eh deny | permit Description This command allows you to edit the packet filter options in the extension header (EH). Syntax Parameter Description Default Specify the EH alias name.
Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
netservice netservice |tcp|udp {list ,}|{ []} [ALG ] Description This command configures an alias for network protocols. Syntax Parameter Description Range netservice Name for this alias. — IP protocol number. 0-255 tcp Configure an alias for a TCP protocol udp Configure an alias for a UDP protocol list , Specify a list of non-contiguous port numbers, by entering up to six port numbers, separated by commas.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.0 The list parameter for defining non-contiguous ports was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
network-printer [deprecated] network-printer [max-clients <2-20> | max-clients-per-host <1-20> | max-jobs <1-1000>] Description This command allows you to configure client and print job for the USB printer connected to a W-600 Series controller. Syntax Parameter Description max-clients Specify the maximum number of clients that can use the printer. Currently, the W-600 Series supports a maximum of 20 concurrent clients.
network-storage [deprecated] network-storage [share ] share [usb: disk mode {read-only | read-write} no share Description This command allows you to perform the following operation on a network share: l Configure a file system path for the share–This allows users to access the share from their computer. l Remove the share access using the no share command. Syntax Parameter Description share Enter a name for the share on the controller.
Command Information Platforms Licensing Command Mode W-600 Series Base operating system Enable mode 575 | network-storage [deprecated] Dell Networking W-Series ArubaOS 6.4.
ntp authenticate ntp authenticate Description This command enables or disables NTP authentication. Syntax No parameters. Usage Guidelines Network Time Protocol (NTP) authentication enables the controller to authenticate the NTP server before synchronizing local time with server. This helps identify secure servers from fradulent servers. This command has to be enabled for NTP authentication to work.
ntp authentication-key ntp authentication-key md5 Description This command configures a key identifier and secret key and adds them into the database. NTP authentication works with a symmetric key configured by user. The key is shared by the client (Dell controller) and an external NTP server. Syntax Parameter Description Default The key identifier is a string that is shared by the client (Dell controller) and an external NTP server. This value is added into the database.
ntp server #ntp server {|[iburst] [key]} Description This command configures a Network Time Protocol (NTP) server. Syntax Parameter Description Default IPv4/IPv6 Address IPv4/IPv6 Address of the Peer. — iburst (Optional) This parameter causes the controller to send up to ten queries within the first minute to the NTP server. This option is considered “aggressive” by some public NTP servers. disabled key This is the key identifier used to authenticate the NTP server.
ntp trusted-key ntp trusted-key Description This command configures an additional subset of trusted keys which can be used for NTP authentication. Syntax Parameter Description Default An additional trusted string that can be used for authentication — Usage Guidelines You can configure additional subset of keys which are trusted and can be used for NTP authentication. Example The following command configures an additional trusted key(84956) which can be used for NTP authentication.
packet-capture packet-capture controlpath [interprocess {all | }] [other] [sysmsg {all | ] [tcp {all | }] [udp {all | ]] copy-to-flash {controlpath-pcap | datapath-pcap} datapath {ipsec } [wifi-client {decrypted | encrypted | all}] destination [interface ] [ip-address ] [local-filesystem] no reset-pcap {controlpath-pcap | datapath-pcap} Description Use this command to enable or disable packet capturing and set packet capturing opti
Parameter Description Default are stored in /var/log/oslog/datapath.pcap or mirrored out of the controller. ipsec Enable or disable IPSec packet capturing. Enter the IPSec peer IP address to specify a given peer. Disabled NOTE: Capture to local-filesystem is not supported with this option. wifi-client {decrypted | encrypted | all} Enable or disable packet capturing from a wifi client. Specify the client device by entering the device's MAC address.
Example The following command enables packet capturing for debugging a wireless WEP station doing VPN. This example uses the following parameters and values: l Station up/down: sysmsg opcode 30 l WEP key plumbing: sysmsg opcode 29 l DHCP: sysmsg opcode 90 l IKE: UDP port 500 and 4500 l Layer 2 Tunneling Protocol (L2TP): UDP port 1701 (host) #packet-capture sysmsg 30,29,90 (host) #packet-capture udp 500,4500,1701,1812,1645 Command History This command was introduced in ArubaOS 2.3.
packet-capture-defaults packet-capture controlpath [interprocess {all | }] [other] [sysmsg {all | ] [tcp {all | }] [udp {all | ]] datapath {ipsec } [wifi-client {decrypted | encrypted | all}] destination [interface ] [ip-address ] [local-filesystem] no Description Use this command to enable or disable packet capturing and define a set of default packet capturing options on the control path for debugging purposes.
Parameter {decrypted | encrypted | all} Description Default device's MAC address. Additionally, you can specify what type of traffic captured: decrypted, encrypted, or all. destination Configures the capture destination. — interface or Sends packet captures to a specific interface on the controller. Specify the interface using the slot/port format or for the W-7200 Series controllers.
2 1 Packet filtering UDP with 1 port(s) enabled: 1 Command History This command was introduced in ArubaOS 2.3. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 585 | packet-capture-defaults Dell Networking W-Series ArubaOS 6.4.
page page Description This command sets the number of lines of text the terminal will display when paging is enabled. Syntax Parameter Description Range length Specifies the number of lines of text displayed. 24 - 100 Usage Guidelines Use this command in conjunction with the paging command to specify the number of lines of text to display. For more information on the pause mechanism that stops the command output from printing continuously to the terminal, see paging on page 587.
paging paging Description This command stops the command output from printing continuously to the terminal. Syntax No parameters Usage Guidelines By default, paging is enabled. With paging enabled, there is a pause mechanism that stops the command output from printing continuously to the terminal. If paging is disabled, the output prints continuously to the terminal. To disable paging, use the no paging command. You must be in enable mode to disable paging.
pan active-profile pan active-profile profile Description This command makes a Palo Alto Network (PAN) profile active from a set of profiles, if any. Syntax Parameter Description profile The name of the PAN profile to be activated. Usage Guidelines This command makes a PAN profile active from a set of profiles, if any. Only one PAN profile can be active at a time.
pan profile pan profile clone firewall host port username passwd no Description This command configures a PAN profile. Syntax Parameter Description clone Name of an existing PAN profile configuration from which parameter values are copied. firewall Configures the information for the associated PAN firewall. host IP address or hostname of the PAN firewall. port Port number of the PAN firewall.
panic panic {clear | info {file |nvram } | list {file |nvram} | save } Description This command manages information created during a system crash. Syntax Parameter Description clear Removes panic information from non-volatile random access memory (NVRAM). info Displays the content of specified panic files. list Lists panic information in the specified file in flash or in NVRAM.
perf-test perf-test server start|stop controller|{ap [ap-name }|{ip-addr }|{ip6-addr } [tcp|udp] client start|stop controller|{ap [ap-name }|{ip-addr }|{ip6-addr } tcp|udp duration parallel window bandwidth port open|close Description Use this command under the guidance of Dell technical support to launch or halt an Iperf throughput test between the controller and the AP.
Parameter Description UDP Run Iperf tests using the UDP protocol. bandwidth Rate at which the Iperf test data should be sent, in bits/sec. The default value is 1 Mbit/sec. This parameter supports the suffixes K (to represent Kbits/sec) and M (to represent Mbits/sec.) duration Number of seconds for which the test runs. The supported range is 10-120 seconds, and the default value is 10 seconds. parallel Number of parallel clients threads to run. window TCP window size.
pcap (deprecated) pcap {raw-start [bssid ] [channel ] [maxlen ]}|{interactive [bssid ][channel ]}|{clear|pause|resume|stop [bssid ]} Description These commands manage packet capture (PCAP) on Dell air monitors. Syntax Parameter Description raw-start Stream raw packets to an external viewer. IP address of the air monitor collecting packets.
Parameter Description clear Clears the packet capture session. pause Pause a packet capture session. resume Resume a packet capture session. start Start a new packet capture session. stop Stop a packet capture session. IP address of the air monitor collecting packets. ID of the PCAP session. bssid (Optional) Specify the BSSID of the Air Monitor interface for the PCAP session. BSSID of the Air Monitor Interface, which is usually its MAC address.
Command History Version Change ArubaOS 3.0 Command Introduced ArubaOS 3.4 The maxlen parameter was introduced, and the pcap start command deprecated. ArubaOS 6.2 Functionality with 2 new parameters, now subsumed by the ap packet capture command. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 595 | pcap (deprecated) Dell Networking W-Series ArubaOS 6.4.
phonehome phonehome https Description This command configures the PhoneHome auto reporting feature. Syntax Parameter Description https Configure controllers running ArubaOS 6.4 send PhoneHome reports to an Activate server using HTTPS. Earlier versions of ArubaOS allow the PhoneHome feature to send reports to an SMTP server only. The email address is used to properly identify the user sending the report. Command History Version Description ArubaOS 6.
ping ping | ipv6 { | interface vlan } count df-flag packet-size source Description This command sends five ICMP echo packets to the specified ip address. You can also ping the specified IPv6 address. Syntax Parameter Description Default Range Destination IP Address — — ipv6 l interface vlan Specify this parameter to ping an IPv6 address. l Specify the IPv6 global address.
Press 'q' to abort. Sending 5, 100-byte ICMPv6 Echos to 2005:d81f:f9f0:1001::14, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 0.309/0.3726/0.463 ms Command History Release Modification ArubaOS 1.0 Command introduced ArubaOS 6.1 Introduced ipv6 parameter to provide support for IPv6. ArubaOS 6.3 Introduced the following parameters: l l l l count df-flag packet-size source This command was introduced in ArubaOS 1.0.
pkt-trace pkt-trace acl {enable|disable} [trace {cptrace|pktrace} [trace-mask ]]] Description Enable packet tracing in the datapath. Use this feature only under the supervision of Dell technical support. Syntax Parameter Description Enable packet tracing for the specified access-control list. enable Enable packet tracing for the ACL. disable Disable packet tracing for the ACL. cptrace Send packet trace data into the Control Processor.
pkt-trace-global pkt-trace-global {enable|disable} [trace-mask ] Description Enable global packet tracing in the datapath. Use this feature only under the supervision of Dell technical support. Syntax Parameter Description Enable packet tracing for the specified access-control list. enable Enable global packet tracing for the ACL. disable Disable global packet tracing for the ACL. tracemask Specify a trace mask.
policer-profile (deprecated) policer-profile cbs {k | m | g} cir clone ebs [k | m | g] exceed-action drop | permit | remark exceed-profile no.. violate-action drop | permit violate-profile Description This command configures a Policer profile to manage the transmission rate of a class of traffic based on userdefined criteria. Command History Release Modification ArubaOS 6.2 Command deprecated.
pptp ip local pool pptp ip local pool [] Description This command configures an IP address pool for VPN users using Point-to-Point Tunneling Protocol (PPTP). Syntax Parameter Description User-defined name for the address pool. Starting IP address for the pool. Ending IP address for the pool.
priority-map priority-map dot1p high dscp high no ... Description This command configures the Type of Service (ToS) and Class of Service (CoS) values used to map traffic into high priority queues. Syntax Parameter Description Range User-defined name of the priority map. — dot1p IEEE 802.1p priority value, or a range of values separated by a dash (-).
process monitor process monitor log|restart| Description The process monitor validates the integrity of processes every 120 seconds. If a process does not respond during three consecutive 120-second timeout intervals, that process is flagged as nonresponsive and the process monitor will create a log message, restart the process or reboot the controller Syntax Parameter Description log The process monitor creates a log message when a process fails to responding properly.
/mswitch/bin/fpapps /mswitch/bin/pim /mswitch/bin/lic PROCESS_RUNNING PROCESS_RUNNING 0 0 120 120 3 3 Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 3.4 The process restart command was deprecated. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 605 | process monitor Dell Networking W-Series ArubaOS 6.4.
prompt prompt Description This command changes the prompt text. Syntax Parameter Description Range Default prompt The prompt text displayed by the controller. 1–64 Usage Guidelines You can use any alphanumeric character, punctuation, or symbol character. To use spaces, plus symbols (+), question marks (?), or asterisks (*), enclose the text in quotes.
provision-ap provision-ap a-ant-bearing a-ant-gain a-ant-tilt-angle a-antenna {1|2|both} altitude ap-group ap-name apdot1x-passwd apdot1x-username cellular_nw_preference 3g-only|4g-only|advanced|auto copy-provisioning-params {ap-name | ip-addr } dns-server-ip dns-server-ip6 domain-name external-antenna fqln g-ant-bearing g-ant-gain g-ant-tilt-angle g-antenna {1|2|b
usb-passwd usb-power-mode auto|enable|disable usb-tty usb-tty-control usb-type usb-user Description This command provisions or reprovisions an AP. Dell Networking W-Series ArubaOS 6.4.
Syntax 609 | provision-ap Dell Networking W-Series ArubaOS 6.4.
Par- R- a- a- m- Description n- e- g- t- e er aa n tb e ar in g Determines the horizontal coverage distance of the 802.11a (5GHz) antenna from True North. From a planning perspective, the horizontal coverage pattern does not consider the elevation or vertical antenna pattern. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. 0360 Decimal Degrees aa n tg ai n Antenna gain for 802.11a (5GHz) antenna.
Par- R- a- a- m- Description n- e- g- t- e er aa n ttil ta n gl e Directs the angle of the 802.11a (5GHz) antenna for optimum coverage. Use a - (negative) value for downtilt and a + (positive) value for uptilt. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. 9 0 t o + 9 0 D e c i m a l D e g r e e s aa nt e n n a Antenna use for 5 GHz (802.11a) frequency band.
Par- R- a- a- m- Description n- e- g- t- e er al tit u d e Altitude, in meters, of the AP. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. — a pgr o u p Name of the AP group to which the AP belongs. — a pn a m e Name of the AP to be provisioned. — a p d ot 1 xp a ss w d Password of the AP to authenticate to 802.1X using PEAP.
Par- R- a- a- m- Description n- e- g- t- e er c el lu la r_ n w _ pr ef er e n c e 3 go nl y | 4 go nl y | a d v a n c e d | a ut o This setting allows you to select how the modem should operate. l l l l 613 | provision-ap — auto (default): In this mode, the modem firmware will control the cellular network service selection; so the cellular network service failover and fallback is not interrupted by the remote AP (RAP). 3g_only: Locks the modem to operate only in 3G.
Par- R- a- a- m- Description n- e- g- t- e er c o p ypr o vi si o ni n gp ar a m s Initializes the provisioning-params workspace with the current provisioning parameters of the specified AP, The provisioning parameters of the AP must have previously been retrieved with the read-bootinfo option. NOTE: This parameter can only be used on the master controller. — d n ss er v e rip IP address of the DNS server for the AP. — d n ss er v e rip 6 IPv6 address of the DNS server for the AP.
Par- R- a- a- m- Description n- e- g- t- e er e xt er n a la nt e n n a Use an external antenna with the AP. — fq ln Fully-qualified location name (FQLN) for the AP, in the format . — ga n tb e ar in g Determines the horizontal coverage distance of the 802.11g (2.4GHz) antenna from True North. From a planning perspective, the horizontal coverage pattern does not consider the elevation or vertical antenna pattern.
Par- R- a- a- m- Description n- e- g- t- e er ga n tg ai n Antenna gain for 802.11g (2.4GHz) antenna. — ga n ttil ta n gl e Directs the angle of the 802.11g (2.4GHz) antenna for optimum coverage. Use a - (negative) value for downtilt and a + (positive) value for uptilt. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. 9 0 t o + 9 0 D e c i m a l D e g r e e s ga nt e n n a Antenna use for 2.4 GHz (802.
Par- R- a- a- m- Description n- e- g- t- e er g at e w a y IP address of the default gateway for the AP. — g at e w a y 6 IPv6 address of the default gateway for the AP. — ik e p sk IKE preshared key for the AP. — in st al la ti o n Specify the type of installation (indoor or outdoor). The default parameter automatically selects an installation mode based upon the AP model type. d e f a u l t i n d o o r o u t d o o r ip 6 a d dr Static IPv6 address of the AP.
Par- R- a- a- m- Description n- e- g- t- e er ip 6 pr ef ix The prefix of static IPv6 address of the AP. — ip a d dr Static IP address for the AP. — la tit u d e Latitude coordinates of the AP. Use the format: Degrees, Minutes, Seconds (DMS). For example: 37 22 00 N — li n kpr io rit yc el lu la r Set the priority of the cellular uplink.
Par- R- a- a- m- Description n- e- g- t- e er li n kpr io rit yet h er n et Set the priority of the wired uplink. Each uplink type has an associated priority; wired ports having the highest priority by default. — lo n gi tu d e Longitude coordinates of the AP. Use the DMS format. For example: 122 02 00 W — m a st er Name or IP address of the master controller. — m e s hro le Configure the AP to operate as a mesh node.
Par- R- a- a- m- Description n- e- g- t- e er m e s hs a e Enable or disable Simultaneous Authentication of Equals (SAE) on a mesh network. This option offers enhanced security over the default wpa2-psk-aes mesh security setting, and provides secure, attackresistant authentication using a pre-shared key.
Par- R- a- a- m- Description n- e- g- t- e er p p p o ec h a ps e cr et PPPoE CHAP secret key for the AP. — p p p o ep a ss w d Point-to-Point Protocol over Ethernet (PPPoE) password for the AP. — p p p o es er vi c en a m e PPPoE service name for the AP. — p p p o eu s er PPPoE username for the AP. — 621 | provision-ap Dell Networking W-Series ArubaOS 6.4.
Par- R- a- a- m- Description n- e- g- t- e er re a db o ot in fo Retrieves current provisioning parameters of the specified AP. NOTE: This parameter can only be used on the master controller. — re pr o vi si o n Provisions one or more APs with the values in the provisioning-params workspace. To use reprovision, you must use read-bootinfo to retrieve the current values of the APs into the provisioning-ap-list. NOTE: This parameter can only be used on the master controller.
Par- R- a- a- m- Description n- e- g- t- e er s er v e rip IP address of the controller from which the AP boots. s er v e rn a m e DNS name of the controller from which the AP boots. s e tik e p s kb ya d dr Set a IKE preshared key to correspond to a specific IP address. sy sl o c at io n User-defined description of the location of the AP. 623 | provision-ap Dell Networking W-Series ArubaOS 6.4.
Par- R- a- a- m- Description n- e- g- t- e er u pl in kvl a n < u pl in kvl a n > If you configure an uplink VLAN on an AP connected to a port in trunk mode, the AP sends and receives frames tagged with this VLAN on its Ethernet uplink. By default, an AP has an uplink vlan of 0, which disables this feature. NOTE: If an AP is provisioned with an uplink VLAN, it must be connected to a trunk mode port or the AP’s frames will be dropped.
Par- R- a- a- m- Description n- e- g- t- e er USB cellular devices on remote APs typically register as modems, but may occasionally register as a massstorage device. If a remote AP cannot recognize its USB cellular modem, use the usb-modeswitch command to specify the parameters for the hardware model of the USB cellular data-card. NOTE: You must enclose the entire modeswitch parameter string in quotation marks. 625 | provision-ap Dell Networking W-Series ArubaOS 6.4.
Par- R- a- a- m- Description n- e- g- t- e er u s bin it The initialization string for the USB modem. This parameter only needs to be specified if the default string is not correct. u s bp a ss w d A PPP password, if provided by the cellular service provider u s bp o w e rm o d e a ut o | e n a bl e | di s a bl e Set the USB power mode to control the power to the USB port. u s btt y The TTY device path for the USB modem.
Par- R- a- a- m- Description n- e- g- t- e er u s btt yc o nt ro l The TTY device control path for the USB modem. This parameter only needs to be specified if the default path is not correct. u s bty p e Specify the USB driver type.
Provisioned or reprovisioned values do not take effect until the AP is rebooted. APs reboot automatically after they are successfully reprovisioned. In order to enable cellular uplink for a remote AP (RAP), the RAP must have the device driver for the USB data card and the correct configuration parameters. ArubaOS includes device drivers for the most common hardware types, but you can use the usb commands in this profile to configure a RAP to recognize and use an unknown USB modem type.
The following are useful commands when provisioning one or more APs: l show|clear provisioning-ap-list displays or clears the APs that will be provisioned. l show|clear provisioning-params displays or resets values in the provisioning-params workspace. l show ap provisioning shows the provisioning parameters an AP is currently using.
Release Modification l l usb-modeswitch 4g-usb-type ArubaOS 6.2.1.0 The cellular_nw_preference parameter was introduced for provisioning multi-mode modems, and the 4g-usb-type parameter was deprecated. Specify a 2/3G or 4G modem type using the usb-type parameter. ArubaOS 6.3 The sierrausbnet and storage usb-type parameters were introduced. ArubaOS 6.3.1 the rndis usb-type parameter was introduced. ArubaOS 6.4.2.0 The service-tag parameter was introduced under reprovision parameter.
qos-profile (deprecated) qos-profile clone dot1p drop-precedence {high | low} dscp no traffic-class Description This command configures a QoS profile to assign TC/DP, DSCP, and 802.1p values to an interface or policer profile. Command History Release Modification ArubaOS 6.2 Command deprecated. 631 | qos-profile (deprecated) Dell Networking W-Series ArubaOS 6.4.
reload-peer-sc (deprecated) reload-peer-sc Description This command performs a reboot of the W-6000M3 controller module. Command History Version Description ArubaOS 1.0 Command Introduced ArubaOS 6.1 Command deprecated Dell Networking W-Series ArubaOS 6.4.
reload reload Description This command performs a reboot of the controller. Syntax No parameters. Usage Guidelines Use this command to reboot the controller if required after making configuration changes or under the guidance of Dell Networks customer support. The reload command powers down the controller, making it unavailable for configuration. After the controller reboots, you can access it via a local console connected to the serial port, or through an SSH, Telnet, or WebUI session.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config modes on master controllers 635 | reload Dell Networking W-Series ArubaOS 6.4.
remote-node-local-factory-cert (deprecated) localuserdb remote-node-local-factory-cert Description Configure factory certificates for secure traffic between Remote-Node-Masters and Remote-Nodes. Syntax No parameters Usage Guidelines Issue this command on a Remote-Node Master to use a factory-installed certificate to authenticate a RemoteNode.
remote-node-localip (deprecated) localuserdb remote-node-localip ipsec KEY Description This command configures the switch-IP address and preshared key for the local Remote Node on a master Remote Node. Syntax Parameter Description Switch-IP address of the local remote node. Use the 0.0.0.0 address to configure a global preshared key for all inter-controller communications. ipsec Preshared key, which must be between 6-64 characters.
remote-node-masterip (deprecated) remote-node-masterip ipsec key ipsec-factory-cert Description This command configures the IP address and preshared key or factory-installed certificate for the RemoteNode Master on a local Remote Node. Syntax Parameter Description IP address of the master Remote Node. ipsec Secure communication between a Remote-Node and Remote-Node master by defining a preshared key, which must be between 6-64 characters.
Command Information Platform License Command Mode Available on all platforms Available in the base operating system Config mode on local Remote Nodes. 639 | remote-node-masterip (deprecated) Dell Networking W-Series ArubaOS 6.4.
remote-node-profile (deprecated) remote-node-profile aaa authentication-server internal use-local-switch cellular profile clone controller-ip vlan ip address dialer group instance interface cellular [{fastethernet|gigabitethernet} /] |[loopback]| [port-channel ]|[tunnel <1-2147483647>|vlan ] ip [default-gateway ]|{import cell|dhcp|pppoe}|{ipsec } }|[domain lookup|domain-name
validate vlan []|[ ]|[range ]|[wired aaa-profile ] vrrp {advertise |authentication |description |ip address |preempt|priority |shutdown} tracking interface {fastethernet /|gigabitethernet /}{sub }|tracking master-up-time add |tracking vlan {sub }|tracking vrrp-master-state add |vlan } Description The remote-node-profile comma
Parameter Description define how the controller-ip is derived: n dhcp-client: The remote node will use DHCP to obtain IP address n internal: Then remote node IP will be derived from the remote node DHCP pool. n pppoe: Use PPPoE to obtain IP address For details on using this command, see interface fastethernet | gigabitethernet on page 405 ip Configure the Interface Internet Protocol configuration sub commands. For details, see command descriptions beginning with ip default-gateway on page 445.
Parameter Description priority-map Priority Map specification, used to prioritize the incoming packets on an interface. For details on using this command, see priority-map on page 603. remote-node-dhcp-pool Name of the DHCP pool. pool-type {vlan }|tunnel Specify whether you are creating a pool of IP addresses for RN VLANs or RN tunnels. The ID number of the VLAN associated with the RN.
Usage Guidelines Use the remote-node-profile command to create a Remote Node profile. You define configuration settings for each Remote Node through a Remote Node profile on the Remote Node-master. The Remote Node-master must be a master controller.
Command Information Platform License Command Mode Available on all platforms Available in the base operating system. Enable and Config modes on master controllers. 645 | remote-node-profile (deprecated) Dell Networking W-Series ArubaOS 6.4.
rename rename Description This command renames an existing system file. Syntax Parameter Description filename An alphanumeric string that specifies the current name of the file on the system. newfilename An alphanumeric string that specifies the new name of the file on the system. Usage Guidelines Use this command to rename an existing system file on the controller.
restore restore flash Description This command restores flash directories backed up to the flashbackup.tar.gz file. Syntax Parameter Description flash Restores flash directories from the flashbackup.tar.gz file. Usage Guidelines Use the backup flash command to tar and compress flash directories to the flashbackup.tar.gz file. Example The following command restores flash directories from the flashbackup.tar.gz file: (host) #restore flash Command History This command was introduced in ArubaOS 3.0.
rf am-scan-profile clone dwell-time-active-channel dwell-time-other-reg-domain-channel dwell-time-rare-channel dwell-time-reg-domain-channel no scan-mode Description Configure an Air Monitor (AM) scanning profile. Syntax Parameter Description Range Default Name of this instance of the profile.
l Active Channel—This qualifier indicates that wireless activity (for example, a probe request) is detected on this channel by the presence of an AP or other 802.11 activity. l All Regulatory Domain Channels—A valid non-overlapping channel that is in the regulatory domain of at least one country. l Rare Channels —Channels that fall into a frequency range outside of the regulatory domain; 2484 MHz and 4900MHz-4995MHz (J-channels), and 5000-5100Mhz.
rft rft test profile antenna-connectivity ap-name [dest-mac [phy {a|g}| radio {0|1}]] rft test profile link-quality {ap-name dest-mac [phy {a|g}| radio {0|1}] | bssid dest-mac | ip-addr dest-mac [phy {a|g}|radio {0|1}]} rft test profile raw {ap-name dest-mac [phy {a|g}|radio {0|1}] | bssid dest-mac | ip-addr dest-mac [phy {a|g}|radio {0|1}]} Description This command is used for RF tr
rf arm-rf-domain-profile rf arm-rf-domain profile arm-rf-domain-key Description This profile holds a non-editable key defined by the master controller, and used to sign over-the air (OTA) ARM updates exchanged between APs. Syntax Parameter Description Non-editable key value Command History Release Modification ArubaOS 6.
rf arm-profile rf arm-profile 40MHz-allowed-bands {All|None|a-only|g-only} 80MHz support acceptable-coverage-index active-scan (not intended for use) aggressive-scan assignment {disable|maintain|multi-band|single-band} backoff-time cellular-handoff-assist channel-quality-aware-arm channel-quality-threshold channel-quality-wait-time client-aware client-match clone cm-band-a-min-signal cm-band-g-max-signal
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” 40MHz-allowed- bands The specified setting allows ARM to determine if 40 MHz mode of operation is allowed on the 5 GHz or 2.4 GHz frequency band only, on both frequency bands, or on neither frequency band. All/None/ a-only/g-only a-only All Allows 40 MHz channels on both the 5 GHZ (802.11a) and 2.4 GHZ (802.11b/g) frequency bands.
Parameter Description Range Default maintain Maintains existing channel assignments. — — multi-band Computes ARM assignments for both 5 GHZ (802.11a) and 2.4 GHZ (802.11b/g) frequency bands. — — single-band Computes ARM assignments for a single band. — — backoff-time Time, in seconds, an AP backs off after requesting a new channel or power.
Parameter Description Range Default If enabled, the controller compares whether or not an AP has more clients than its neighboring APs on other channels. If an AP’s client load is at or over a predetermined threshold as compared to its immediate neighbors, or if a neighboring Dell AP on another channel does not have any clients, load balancing will be enabled on that AP. This feature is enabled by default clone Name of an existing ARM profile from which parameter values are copied.
Parameter Description Range Default of times the client match feature failed to steer a client to a different radio, and the reason that each steer attempt was triggered. If the client match feature attempts to steer a client to a new radio multiple consecutive times for the same reason but client steering fails each time, the controller notifies the AP to mark the client as unsteerable for that specific trigger.
Parameter Description Range Default ment in signal strength can be defined using the cm-sticky-snr-delta command.) cm-sticky-snr If the client's received signal strength indicator (RSSI) is above this signal-tonoise ratio (SNR) threshold, that client will be allowed to stay associated to its current AP. If the client's received signal strength is below this threshold, it may be moved to a different AP.
Parameter Description Range Default load-aware-scan-threshold Load aware ARM preserves network resources during periods of high traffic by temporarily halting ARM scanning if the load for the AP gets too high. The Load Aware Scan Threshold is the traffic throughput level an AP must reach before it stops scanning. The supported range for this setting is 020000000 bytes/second. (Specify 0 to disable this feature.
Parameter Description Range Default ota-updates The ota-updates option allows an AP to get information about its RF environment from its neighbors, even the AP cannot scan. If this feature is enabled, when an AP on the network scans a foreign (non-home) channel, it sends other APs an Over-the-Air (OTA) update in an 802.11 management frame that contains information about the scanning AP's home channel, the current transmission EIRP value of its home channel, and one-hop neighbors seen by that AP.
Parameter Description Range Default video-aware-scan As long as there is at least one video frame every 100 mSec the AP will reject an ARM scanning request. Note that for each radio interface, video frames must be defined in one of two ways: l Classify the frame as video traffic via a session ACL. l Enable WMM on the WLAN’s SSID profile and define a specific DSCP value as a video stream. Next, create a session ACL to tag the video traffic with the that DSCP value.
controller receives a client steer request from an AP, the controller identifies the optimal AP candidate and manages the client’s relocation to the desired radio. This is an improvement from previous releases, where the ARM feature was managed exclusively by APs, the without the larger perspective of the client's RF neighborhood.
Example The following command configures VoIP-aware scanning for the arm-profile named “voice-arm:” (config) (host) #rf arm-profile voice-arm voip-aware-scan Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3. Support for the high-throughput IEEE 802.11n standard was introduced ArubaOS 3.3.2 Support for the wait-time parameter was removed. ArubaOS 3.4.1 The voip-aware-scan parameter no longer requires a license, and is available in the base OS. ArubaOS 6.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 663 | rf arm-profile Dell Networking W-Series ArubaOS 6.4.
rf dot11a-radio-profile rf dot11a-radio-profile am-scan-profile arm-profile beacon-period beacon-regulate cap-reg-eirp cell-size-reduction channel channel-reuse {static|dynamic|disable} channel-reuse-threshold clone csa csa-count disable-arm-wids-function dot11h high-throughput-enable ht-radio-profile interference-immunity maximum-distance mgmt-frame-throttle
Parameter Description Range Default beacon-period Time, in milliseconds, between successive beacon transmissions. The beacon advertises the AP’s presence, identity, and radio characteristics to wireless clients. 60 (minimum) 100 milliseconds beacon-regulate Enabling this setting introduces randomness in the beacon generation so that multiple APs on the same channel do not send beacons at the same time, which causes collisions over the air.
Parameter Description Range Default determined by increasing the primary channel number by 4. Example: 157+ represents 157 as the primary channel and 161 as the secondary channel. l num-: Entering a channel number with a minus (-) sign selects a primary and secondary channel for 40 MHz and 80 Mhz modes. The number entered becomes the primary channel and the secondary channel is determined by decreasing the primary channel number by 4.
Parameter Description Range Default client-match The ARM client match feature continually monitors a client's RF neighborhood to provide ongoing client bandsteering and load balancing, and enhanced AP reassignment for roaming mobile clients. This feature is recommended over the legacy bandsteering and spectrum load balancing features, which, unlike client match, do not trigger AP changes for clients already associated to an AP.
Parameter Description Range Default dot11h Enable advertisement of 802.11d (Country Information) and 802.11h (TPC or Transmit Power Control) capabilities This parameter is disabled by default. — disabled high-throughput-enable Enables high-throughput (802.11n) features on a radio using the 5 GHz frequency band. — enabled ht-radio-profile Name of high-throughput radio profile to use for configuring high-throughput support on the 5 GHz frequency band. See rf htradio-profile on page 688.
Parameter Description Range Default 0-999999 20 frames per interval Note: This parameter only applies to AUTH and ASSOC/RE-ASSOC management frames. mgmt-framethrottle-limit Maximum number of management frames allowed in each throttle interval. NOTE: This parameter only applies to AUTH and ASSOC/RE-ASSOC management frames. mode One of the operating modes for the AP.
Parameter Description l Range Default If spectrum load balancing is enabled in a 802.11a radio profile and a spectrum load balancing domain isalso defined, AP radios belonging to the same spectrum load balancing domain will be considered part of the same RF neighborhood for load balancing, and will not recognize RF neighborhoods defined by the ARM feature.
Parameter Description Range Default — Enabled Transmission power may be further limited by regulatory domain constraints and AP capabilities. very-highthroughput-enable Enable or disable support for Very High Throughput (802.11ac) on the radio. Usage Guidelines This command configures radios that operate in the 5 GHz frequency band, which includes radios utilizing the IEEE 802.11a or IEEE 802.11n standard.
The following command configures APs to operate in high-throughput (802.
rf dot11g-radio-profile rf dot11g-radio-profile am-scan-profile arm-profile beacon-period beacon-regulate cap-reg-eirp cell-size-reduction channel channel-reuse {static|dynamic|disable} channel-reuse-threshold clone csa csa-count disable-arm-wids-function dot11b-protection dot11h high-throughput-enable ht-radio-profile interference-immunity maximum-distance m
Parameter Description Range Default beacon-period Time, in milliseconds, between successive beacon transmissions. The beacon advertises the AP’s presence, identity, and radio characteristics to wireless clients. 60 (minimum) 100 milliseconds beacon-regulate Enabling this setting introduces randomness in the beacon generation so that multiple APs on the same channel do not send beacons at the same time, which causes collisions over the air.
Parameter Description Range Default channel Channel number for the AP 802.11g/802.11n.802.11ac physical layer. The available channels depend on the regulatory domain (country). Channel number configuration options for 20 MHz, 40 MHz, and 80 Mhz modes: l num: Entering a channel number disables 40 MHz mode and activates 20 MHz mode for the entered channel. l num+: Entering a channel number with a plus (+) sign selects a primary and secondary channel for 40 MHz and 80 Mhz modes.
Parameter Description Range Default channel Channel number for the AP 802.11g/802.11n physical layer. The available channels depend on the regulatory domain (country). Channel number configuration options for 20 MHz and 40 MHz modes: l num: Entering a channel number disables 40 MHz mode and activates 20 MHz mode for the entered channel. l num+: Entering a channel number with a plus (+) sign selects a primary and secondary channel for 40 MHz mode.
Parameter Description l l Range Default Dynamic mode: In this mode, the Clear Channel Assessment (CCA) thresholds are based on channel loads, and take into account the location of the associated clients. When you set the Channel Reuse This feature is automatically enabled when the wireless medium around the AP is busy greater than half the time. When this mode is enabled, the CCA threshold adjusts to accommodate transmissions between the AP its most distant associated client.
Parameter Description Range Default WARNING: Disabling protection violates the 802.11 standard and may cause interoperability issues. If this feature is disabled on a WLAN with 802.11b clients, the 802.11b clients will not detect an 802.11g client talking and can potentially transmit at the same time, thus garbling both frames. dot11h Enable advertisement of 802.11d (Country Information) and 802.11h (TPC or Transmit Power Control) capabilities This parameter is disabled by default.
Parameter Description Range Default maximum-distance Maximum distance between a client and an AP or between a mesh point and a mesh portal, in meters. This value is used to derive ACK and CTS timeout times. A value of 0 specifies default settings for this parameter, where timeouts are only modified for outdoor mesh radios which use a distance of 16km. 0-24km (40MHz mode) 0 meters 0-54km (20MHz mode) The upper limit for this parameter varies, depending on the 20/40 MHz mode for a 2.
Parameter Description Range Default For a list of APs that can be converted into a spectrum monitor or hybrid AP, refer to the Spectrum Analysis chapter of the Dell Networking W-Dell Networking WSeries ArubaOS 6.4.x User Guide. no Negates any configured parameter. — — radio-enable Enables or disables radio configuration. — enabled slb-mode channel|radio SLB Mode allows control over how to balance clients.
Parameter Description Range Default balancing domain isalso defined, AP radios belonging to the same spectrum load balancing domain will be considered part of the same RF neighborhood for load balancing, and will not recognize RF neighborhoods defined by the ARM feature. spectrum-load-balancing The Spectrum Load Balancing feature helps optimize network resources by balancing clients across channels, regardless of whether the AP or the controller is responding to the wireless clients' probe requests.
Parameter Description Range Default tpc-power The transmit power advertised in the TPC IE of beacons and probe responses. Range: 0-51 dBm 0-51 dBm 15 dBm tx-power Sets the initial transmit power (dBm) on which the AP operates, unless a better choice is available through calibration. This parameter can be set from 0 to 51 in .5 dBm increments, or set to the regulatory maximum value of 127 dBm. Transmission power may be further limited by regulatory domain constraints and AP capabilities.
points. This is because mesh portals use a default maximum-distance value of 16,050 meters, and mesh points use, by default, the maximum possible maximum-distance value. The maximum-distance value should be set correctly to span the largest link distance in the mesh network so that when a mesh point gets the configuration from the network it will apply the correct ack-timeout, ctstimeout and slot-time values.
Release Modification l l l l Spectrum load balancing domain RX Sensitivity Tuning Based Channel Reuse RX Sensitivity Threshold ARM/WIDS Override ArubaOS 3.4.1 The maximum-distance parameter was introduced. ArubaOS 3.4.2 The beacon-regulate parameter was introduced. ArubaOS 6.0 The following parameteters were introduced l am-scan-profile l cap-reg-eirp l slb-mode l slb-update-interval ArubaOS 6.1 The spectrum-monitoring and slb-threshold parameters were introduced. ArubaOS 6.1.3.
rf event-thresholds-profile rf event-thresholds-profile bwr-high-wm bwr-low-wm clone detect-frame-rate-anomalies fer-high-wm fer-low-wm ffr-high-wm ffr-low-wm flsr-high-wm flsr-low-wm fnur-high-wm fnur-low-wm frer-high-wm frer-low-wm frr-high-wm frr-low-wm no ... Description This command configures the event thresholds profile.
Parameter Description Range Default fer-low-wm After a frame error rate exceeded condition exists, the condition persists until the frame error rate drops below this value. The recommended value is 8%. 0-100 0% ffr-high-wm If the frame fragmentation rate (as a percentage of total frames in an AP) exceeds this value, a frame fragmentation rate exceeded condition exists. The recommended value is 16%.
Usage Guidelines The event threshold profile configures Received Signal Strength Indication (RSSI) metrics. When certain RF parameters are exceeded, these events can signal excessive load on the network, excessive interference, or faulty equipment. This profile and many of the detection parameters are disabled (value is 0) by default.
rf ht-radio-profile rf ht-radio-profile 40MHz-intolerance clone diversity-spreading-workaround honor-40MHz-intolerance no Description This command configures high-throughput AP radio settings. High-throughput features use the IEEE 802.11n standard. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description Range Default This feature is disabled by default and should be kept disabled unless necessary. Usage Guidelines The ht-radio-profile configures high-throughput settings for networks utilizing the IEEE 802.11n standard, which supports 40 MHZ channels and operates in both the 2.4 GHZ and 5 GHZ frequency bands. Most transmissions to high throughput (HT) stations are sent through multiple antennas using cyclic shift diversity (CSD).
rf optimization-profile rf optimization-profile clone handoff-assist low-rssi-threshold no ... rssi-check-frequency rssi-falloff-wait-time Description This command configures the RF optimization profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” clone Name of an existing optimization profile from which parameter values are copied.
Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 The following parameters were deprecated: l ap-lb-max-retries l ap-lb-user-high-wm l ap-lb-user-low-wm l ap-lb-util-high-wm l ap-lb-util-low-wm l ap-lb-util-wait-time
rf spectrum-profile rf spectrum-profile age-out audio|bluetooth|cordless-ff-phone|cordless-fh-base|cordless-fh-network|genericff|generic-fh|microwave|microwave-inverter|unknown|video|wifi|xbox clone no ... Description Define the device ageout times used by a spectrum monitor, or hybrid AP radio.
Parameter Description Range Default natures of the fixed frequency audio, video and cordless phone devices are very similar and that some of these devices may be occasionally classified as Fixed Frequency (Other). generic-fh When the classifier detects a frequency hopper that does not fall into one of the above categories, it is classified as Frequency Hopper (Other). Some examples include IEEE 802.
Parameter Description Range Default wifi Wi-Fi devices. 5-65535 seconds 600 sec xbox The Microsoft Xbox device uses a frequency hopping protocol in the 2.4 GHz band. These devices are classified as Frequency Hopper (Xbox). Note that this setting is applicable to 2.4GHz spectrum monitor radios only. 5-65535 seconds 25 sec clone Make a copy of an existing spectrum profile. no Remove a spectrum profile or negate a configured parameter.
router mobile router mobile Description This command enables Layer-3 (IP) mobility. Syntax No parameters. Usage Guidelines Use this command to enable IP mobility on a controller. IP mobility is disabled by default on the controller. This command must be executed on all controllers(master and local) that need to provide support for layer-3 roaming in a mobility domain.
router ospf router ospf aggregate-route rapng-vpn area default-cost nssa [default-information no-redistribution | no-summary] stub [no-summary] default-information originate always redistribute loopback rapng-vpn vlan [ | add | remove ] router-id subnet exclude Description Global OSPF configuration for the upstream router. Syntax Parameter Description aggregate-route Enter the aggregate route information.
Parameter Description Remove user VLANs to the list. remove router-id Enter the router ID in IP address format. subnet exclude Specify the subnet that OSPF will not advertise. Enter the subnet and mask address in dotted decimal format (A.B.C.D). Usage Guidelines OSPFv2 is a dynamic Interior Gateway routing Protocol (IGP) based on IETF RFC 2328. The ArubaOS implementation of OSPF allows controllers to deploy effectively in a Layer 3 topology.
service service [dhcp] [dhcpv6] [network-storage] [print-server] Description This command enables the DHCP server on the controller.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 699 | service Dell Networking W-Series ArubaOS 6.4.
show aaa accounting tacacs show aaa accounting tacacs Description Show configuration information for TACACS+ accounting servers. Usage Guidelines This command displays TACACS+ data for your controller if you have previously configured a TACACS+ server and server group. The output includes the current TACACS+ accounting mode (enabled or disabled), and the name of the TACACS+ server group.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 701 | show aaa accounting tacacs Dell Networking W-Series ArubaOS 6.4.
show aaa authentication all show show aaa authentication all Description Show authentication statistics for your controller, including authentication methods, successes and failures. Usage Guidelines This command displays a general overview of authentication statistics. To view authentication information for specific profiles such as a captive-portal, MAC or 801.x authentication profile, issue the commands specific to those features.
show aaa authentication captive-portal show aaa authentication captive-portal [] Description This command shows configuration information for captive portal authentication profiles. Syntax Parameter Description The name of an existing captive portal authentication profile.
Logon wait minimum wait Logon wait maximum wait logon wait CPU utilization threshold Max Authentication failures Show FQDN Authentication Protocol Login page Welcome page Show Welcome Page Add switch IP address in the redirection URL Adding user vlan in redirection URL Add a controller interface in the redirection URL Allow only one active user session White List Black List Show the acceptable use policy page User idle timeout Redirect URL Bypass Apple Captive Network Assistant URL Hash Key 5 sec 10 sec 60
Parameter Description Logon wait minimum wait Minimum time, in seconds, the user will have to wait for the logon page to pop up if the CPU load is high. Logon wait maximum wait Maximum time, in seconds, the user will have to wait for the logon page to pop up if the CPU load is high. logon wait CPU utilization threshold CPU utilization percentage above which the logon wait interval is applied when directing a captive portal user with the logon page.
Parameter Description Show the acceptable use policy page If enabled, the captive portal page will show the acceptable use policy page before the user logon page. This feature is disabled by default. User Idle Timeout The user idle timeout for this profile. The valid range is 30-15300 in multiples of 30 seconds. Enabling this option overrides the global settings configured in the AAA timers. If this is disabled, the global settings are used.
show aaa authentication captive-portal customization show aaa authentication captive-portal customization Description Display customization settings for a captive portal profile Syntax Parameter Description The name of an existing captive portal authentication profile. Usage Guidelines The this command shows how a captive portal profile has been customized with non-default configuration settings.
Related Commands Command Description Mode aaa authentication captive-portal If you do not yet have any captive portal profiles defined, use the command aaa authentication captive-portal to configure your captive portal profiles. Config mode Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show aaa authentication dot1x show aaa authentication dot1x [|countermeasures] Description This command shows information for 802.1X authentication profiles. Syntax Parameter Description The name of an existing 802.1X authentication profile. countermeasures Reports if WPA/WPA2 Countermeasures have been enabled for 802.1X profiles. If enabled, the AP scans for message integrity code (MIC) failures in traffic received from clients.
Machine Authentication: Default Machine Role Machine Authentication Cache Timeout Blacklist on Machine Authentication Failure Machine Authentication: Default User Role Interval between Identity Requests Quiet Period after Failed Authentication Reauthentication Interval Use Server provided Reauthentication Interval Multicast Key Rotation Time Interval Unicast Key Rotation Time Interval ...
Parameter Value Reauthentication Interval Interval, in seconds, between reauthentication attempts. Use Server provided Reauthentication Interval If enabled, 802.1X authentication will use the server-provided reauthentication period. Multicast Key Rotation Time Interval Interval, in seconds, between multicast key rotations. Unicast Key Rotation Time Interval Interval, in seconds, between unicast key rotations. Authentication Server Retry Interval Server group retry interval, in seconds.
Parameter Value Delay between EAP-Success and WPA2 Unicast Key Exchange Show the delay interval between EAP-Success and unicast key exchanges, in msec. Range: 0-2000msec. Default: 0 (no delay). Delay between WPA/WPA2 Unicast Key and Group Key Exchange Interval, in milliseconds, between unicast and multicast key exchanges. Time interval after which the PMKSA will be deleted Show the PMKSA cache interval. Time interval in Hours. Range: 1-2000. Default: 8 hrs.
Parameter Value Validate PMKID Shows if the Validate PMKID feature is enabled or disabled. When this option is enabled, the client must send a PMKID in the associate or reassociate frame to indicate that it supports OKC; otherwise, full 802.1X authentication takes place. (This feature is optional, since most clients that support OKC do not send the PMKID in their association request.) Use Session Key If enabled, the controller will use a RADIUS session key as the unicast WEP key.
Parameter Value CA-Certificate Name of the CA certificate for client authentication loaded in the controller. Server-Certificate Name of the Server certificate used by the controller to authenticate itself to the client. TLS Guest Access Shows if guest access for valid EAP-TLS users is enabled or disabled. TLS Guest Role User role assigned to EAPTLS guest. Ignore EAPOL-START after authentication If enabled, the controller ignores EAPOL-START messages after authentication.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.1 The Check certificate common name against AAA server, Enforce Suite-b-128 and Enforce Suite-b-192 parameters were introduced. ArubaOS 6.3.1.2 The Delete Keycache upon user deletion parameter was introduced.
show aaa authentication mac show aaa authentication mac [] Description This command shows information for MAC authentication profiles.Issue this command without the option to display the entire MAC Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed MAC authentication configuration information for that profile.
Related Commands Command Description Mode aaa authentication mac Configure MAC authentication values on your controller. Config mode Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 717 | show aaa authentication mac Dell Networking W-Series ArubaOS 6.4.
show aaa authentication mgmt show aaa authentication mgmt Description This command displays administrative user authentication information, including management authentication roles and servers. Usage Guidelines Issue this command to identify the default management role assigned to authenticated administrative users, and the name of the group of servers used to authenticate these users. Example The output of the following example displays management authentication information for your controller.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.1 The Mode parameter in the command output was renamed Enable. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 719 | show aaa authentication mgmt Dell Networking W-Series ArubaOS 6.4.
show aaa authentication stateful-dot1x show aaa authentication stateful-dot1x [config-entries] Description This command displays configuration settings for 802.1X authentication for clients on non-Dell APs. Syntax Parameter Description config-entries Display details for the AP Server configuration list. Usage Guidelines Issue this command to identify the default role assigned to the 802.1X user group, name of the group of RADIUS servers used to authenticate the 802.1X users, and the 802.
---------------------------Cfg-Name AP-IP -------- ----cfg22 Server -----10.3.14.6 Shared-Secret ------------RADIUS1 Parameter Description Cfg-Name is a auto-generated name AP-IP IP address of the AP. Server Name of the authentication server. Shared-Secret Shared authentication secret.
show aaa authentication stateful-ntlm show aaa authentication stateful-ntlm Description This command displays configuration settings for the Stateful NTLM Authentication profile.Issue this command without the option to display the entire Stateful NTLM Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed Stateful NTLM authentication configuration information for that profile.
Parameter Description Default Role This parameter shows the role assigned to NTLM authenticated users. Server Group The name of a windows server group. Mode The Mode parameter indicates whether or not this authentication profile is enabled or disabled. Timeout Timeout period for an authentication request, in seconds.
show aaa authentication via auth-profile show aaa authentication via auth-profile [] Description This command displays configuration settings for the VIA Authentication profile. Issue this command without the option to display the entire VIA Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed VIA authentication configuration information for that profile.
The output of this command includes the following parameters: Parameter Description Default Role Role assigned to the captive portal user upon login. Server Group Name of the group of servers used to authenticate captive portal users. Max Authentication failures Maximum number of authentication failures before the user is blacklisted. Description Description of the VIA authentication profile.
show aaa authentication via connection-profile show aaa authentication via connection-profile [] Description This command displays configuration settings for the VIA connection profile. Issue this command without the option to display the entire VIA Connection profile list, including profile status and the number of references to each profile. Include a profile name to display detailed VIA connection configuration information for that profile.
VIA tunneled networks Enable split tunneling VIA Client WLAN profiles Allow client side logging VIA IKE V2 Policy VIA IKE Policy Use Windows Credentials Enable IKEv2 Use Suite B Cryptography IKEv2 Authentication method VIA IPSec V2 Crypto Map VIA IPSec Crypto Map Allow user to save passwords Enable Supplicant Enable FIPS Module Auto-launch Supplicant Lockdown All Settings Domain Suffix in VIA Authentication Enable Controllers Load Balance Enable Domain Pre-connect VIA Banner Message Reappearance Timeout(min
Parameter Description Allow client to autoupgrade Enable or disable VIA client to automatically upgrade when an updated version of the client is available on the controller. Default: Enabled VIA tunneled networks A list of network destination (IP address and netmask) that the VIA client will tunnel through the controller. All other network destinations will be reachable directly by the VIA client. Enable split-tunneling Enable or disable split tunneling.
Parameter Description Lockdown All Settings If enabled, all user options on the VIA client are disabled. Domain Suffix in VIA Authentication Enables a domain suffix on VIA Authentication, so client credentials are sent as domainname\username instead of just username. Enable Controllers Load Balance This option allows the VIA client to failover to the next available selected randomly from the list as configured in the VIA Servers option.
Parameter Description Block traffic until VPN tunnel is up If enabled, this feature will block network access until the VIA VPN connection is established. Block traffic rules Specify a hostname or IP address and network mask to define a whitelist of users to which the Block traffic until VPN tunnel is up setting will not apply.
show aaa authentication via web-auth show aaa authentication via web-auth [default] Description A VIA web authentication profile contains an ordered list of VIA authentication profiles. The web authentication profile is used by end users to login to the VIA download page (https:///via) for downloading the VIA client. Only one VIA web authentication profile is available.
Command History This command was introduced in ArubaOS 5.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show aaa authentication vpn show aaa authentication vpn [default|default-cap|default-rap] Description This command displays VPN authentication settings, including authentication roles and servers. Usage Guidelines Issue this command to identify the default role assigned to VPN users, the name of the group of servers used to authenticate the VPN users, and the maximum number of authentication failures allowed before the user is blacklisted.
Related Commands Command Description Mode aaa authentication via auth-profile Use the command aaa authentication via auth-profile to configure the settings displayed in the output of this show command. Config mode Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 5.0 The default-cap and default-rap profiles were introduced. ArubaOS 6.1 The Check certificate common name against AAA server parameter was introduced.
show aaa authentication wired show aaa authentication wired Description View wired authentication settings for a client device that is directly connected to a port onthe controller. Usage Guidelines This command displays the name of the AAA profile currently used for wired authentication. Example The following example shows the current wired profile for the controller is a profile named “secure_profile_3.
show aaa authentication wispr show aaa authentication wispr option to display the entire WISPr Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed WISPr authentication configuration information for that profile.
--------Default Role Server Group Logon wait minimum wait Logon wait maximum wait logon wait CPU utilization threshold WISPr Location-ID ISO Country Code WISPr Location-ID E.164 Country Code WISPr Location-ID E.
Command History This command was introduced in ArubaOS 3.4.1. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 739 | show aaa authentication wispr Dell Networking W-Series ArubaOS 6.4.
show aaa authentication-server all show aaa authentication-server all Description View authentication server settings for both external authentication servers and the internal controller database. Usage Guidelines The output of this command displays statistics for the Authentication Server Table, including the name and address of each server, server type and configured authorization and accounting ports.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 741 | show aaa authentication-server all Dell Networking W-Series ArubaOS 6.4.
show aaa authentication-server internal show aaa authentication-server internal [statistics] Description View authentication server settings for the internal controller database. Examples The output of the command below shows that the internal authentication server has been disabled (host) #show aaa authentication-server internal Internal Server --------------Host IP addr ---------Internal 10.168.254.
Parameter Description PAP Requests Number of PAP requests received by the internal server. PAP Accepts Number of PAP requests accepted by the internal server. PAP Rejects Number of PAP requests rejected by the internal server. MSCHAPv2 Requests Number of MSCHAPv2 requests received by the internal server. MSCHAPv2 Accepts Number of MSCHAPv2 requests accepted by the internal server. MSCHAPv2 Rejects Number of MSCHAPv2 requests rejected by the internal server.
show aaa authentication-server ldap show aaa authentication-server ldap [] Description Display configuration settings for your LDAP servers. Syntax Parameter Description Name that identifies an LDAP server. Examples The output of the example below displays the LDAP server list with the names of all the LDAP servers.
Parameter Description host IP address of the LDAP server Admin-DN Distinguished name for the admin user who has read/search privileges across all of the entries in the LDAP database. Admin Passwd Password for the admin user. Allow Clear-Text If enabled, this parameter allows clear-text (unencrypted) communication with the LDAP server. Auth Port Port number used for authentication.
show aaa authentication-server radius show aaa authentication-server radius [|statistics] Description Display configuration settings for your RADIUS servers. Syntax Parameter Description Name that identifies a RADIUS server. statistics Displays the statistics for all RADIUS servers. Usage Guidelines Timeouts information in the output of this command includes RADIUS accounting requests.
Enable IPv6 NAS IPv6 Source Interface Use MD5 Use IP address for calling station ID Mode Lowercase MAC addresses MAC address delimiter Service-type of FRAMED-USER called-station-id Disabled N/A N/A Disabled Disabled Enabled Disabled none Disabled macaddr colon disable The output of this command includes the following information: Parameter Description host IP address of the RADIUS server Key Shared secret between the controller and the authentication server.
Parameter Description called-station-id Configure this parameter to be sent with the RADIUS attribute Called Station ID for authentication and accounting requests. The called-station-id parameter can be configured to include AP group, AP MAC address, AP name, controller IP, controller MAC address, or user vlan. The default value is controller MAC address.
Parameter Description not receive a response before the message timed out. NOTE: Timeouts include RADIUS accounting requests. Every request controller sends to the RADIUS server is monitored for a timeout, so each retry increments this counter. AvgRspTme Average response time. Time taken, on an average, for the RADIUS server to respond to a message from the controller. Tot Rq Total errors. This counter reflects the total number of requests sent to the RADIUS server (auth and accounting requests).
show aaa authentication-server tacacs show aaa authentication-server tacacs []|statistics Description Display configuration settings for your TACACS+ servers. Syntax Parameter Description Name that identifies an TACACS+ server. statistics Displays accounting, authorization, and authentication request and response statistics for the TACACS server.
Parameter Description TCP Port TCP port used by the server. Retransmits Maximum number of retries sent to the server by the controller before the server is marked as down. Timeout Maximum time, in seconds, that the controller waits before timing out the request and resending it. Mode Shows whether this server is Enabled or Disabled. The output of this command includes the following parameters: Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.
show aaa authentication-server windows show aaa authentication-server windows [] Description Display configuration settings for your Windows servers. Syntax Parameter Description Name that identifies a Windows server. Examples The output of the example below displays the Windows server list with the names of all the Windows servers used for NTLM authentication.
Command History This command was introduced in ArubaOS 3.4.1. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 753 | show aaa authentication-server windows Dell Networking W-Series ArubaOS 6.4.
show aaa bandwidth-contracts show aaa bandwidth-contracts [] Description This command shows the contract names, ID numbers and Rate limits for your bandwidth contracts. Syntax Parameter Description (Optional) Name of a bandwidth contract. Example Specify a bandwidth contract name to view information for a specific bandwidth contract, or omit that parameter to veiw information for all configured bandwidth contracts.
show aaa debug vlan user show aaa debug vlan user [ip |ipv6 |mac ] Description Display user VLAN derivation related debug information. Syntax Parameter Description ip User identification based on IPv4 address. ipv6 User identification based on IPv6 address. mac User identification based on MAC address. Example The output of the example below displays the VLAN derivation debug information of an user with IPv4 address.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show aaa derivation-rules show aaa derivation-rules [server-group |user ] Syntax Parameter Description Name of a server group Name of a user rule group Description Show derivation rules based on user information or configured for server groups. Example The output of the following command shows that the server group group1 has the internal database configured as its authentication server, and that there is a single rule assigned to that group.
Parameter Description Operation This is the match method by which the string in Operand is matched with the attribute value returned by the authentication server. l contains – The rule is applied if and only if the attribute value contains the string in parameter Operand. l starts-with – The rule is applied if and only if the attribute value returned starts with the string in parameter Operand.
Parameter Description l l l l ends-with – The rule is applied if and only if the attribute value returned ends with the string in parameter Operand. equals – The rule is applied if and only if the attribute value returned equals the string in parameter Operand. not-equals – The rule is applied if and only if the attribute value returned is not equal to the string in parameter Operand. value-of – This is a special condition.
show aaa dns-query-interval show aaa dns-query-interval Description View the configured interval between DNS requests sent from the controller to the DNS server. Syntax No parameters Usage Guidelines If you define a RADIUS server using the FQDN of the server rather than its IP address, the controller will periodically generate a DNS request and cache the IP address returned in the DNS response.
show aaa fqdn-server-names show aaa fqdn-server-names Description Show a table of IP addresses that have been mapped to fully qualified domain names (FQDNs). Syntax No parameters. Usage Guidelines If you define a RADIUS server using the FQDN of the server rather than its IP address, the controller will periodically generate a DNS request and cache the IP address returned in the DNS response. Issue this command to view the IP addreses that currently correlate to each RADIUS server FQDN.
show aaa load-balance statistics show aaa load-balance statistics server-group Description Display the load balancing statistics for RADIUS servers. Syntax Parameter Description Name of the server group.
Parameter Description secret or bad reply digest. Acc Access accept. Number of responses from the RADIUS server with invalid secret or bad reply digest. Rej Access reject. Number of responses from the RADIUS server that indicate that client authentication failed. Acct Rsp Accounting response. Number of responses sent from the RADIUS server in response to accounting requests sent from the controller. Chal Access challenge.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.1 The Source Interface parameter was introduced. ArubaOS 6.3 The enable-ipv6 and nas-ip6 fields were added to the output of this command. ArubaOS 6.4 The Outstanding Auths parameter was added to the output of this command. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show aaa main-profile show aaa main-profile summary Description Show a summary of all AAA profiles. Example The output of the show aaa main-profile summary command shows roles, server group settings, and wireto-wireless-roaming statistics for each AAA profile.
Related Commands Command Description Mode aaa profile Use aaa profile define the parameters displayed in the output of this show command. Config mode Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show aaa password-policy mgmt show aaa password-policy mgmt [statistics] Description Show the current password policy for management users. Syntax Parameter Description statistics Include this optional parameter to show the numbers of failed login attempts and any lockout periods for management user accounts.
Parameter Description Minimum number of Lower Case characters The maximum number of lowercase letters required for a management user password. By default, there is no requirement for lowercase letters in a password, and the parameter has a default value of 0. Minimum number of Digits Minimum number of numeric digits required in a management user password. By default, there is no requirement for digits in a password, and the parameter has a default value of 0.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 769 | show aaa password-policy mgmt Dell Networking W-Series ArubaOS 6.4.
show aaa profile show aaa profile Description Show configuration details for an individual AAA profile. Example The output of the following command shows roles, servers and server group settings, and wire-to-wirelessroaming statistics for each AAA profile. (host) #show aaa profile default AAA Profile "default" --------------------Parameter --------Initial role MAC Authentication Profile MAC Authentication Default Role MAC Authentication Server Group 802.1X Authentication Profile 802.
Parameter Description 8021.X Authentication Default Role Configured role assigned to the user after 802.1X authentication. 8021.X Authentication Server Group Name of the server group used for 802.1X authentication. Download Role from CPPM Status of role download from CPPM. If enabled, the controller downloads the role from ClearPass Policy Manager (CPPM) if not defined. L2 Authentication Fail Through To select the other authentication method if one fails.
Related Commands Command Description Mode aaa profile Use the command aaa profile to define AAA profiles. Config mode Command History This command was introduced in ArubaOS 3.0. Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 3.4.1 License requirements changed in ArubaOS 3.4.1, so the sip-authenticationrole parameter required the Policy Enforcement Firewall license instead of the Voice Services Module license required in earlier versions. ArubaOS 6.
show aaa radius-attributes show aaa radius-attributes Description Show RADIUS attributes recognized by the controller. Example The output of the following command shows the name, currently configured value, type, vendor and RADIUS ID for each attribute.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers. Dell Networking W-Series ArubaOS 6.4.
show aaa rfc-3576-server show aaa rfc-3576-server statistics udp-port Description Show configuration details for an RFC-3576 server, which is a RADIUS server that can send user disconnect, session timeout and change-of-authorization (CoA) messages, as described in RFC 3576. Syntax Parameter Description IP address of an RFC-3576 server statistics View detailed connection and authentication information for all RFC 3575 servers. udp-port Show the configured RFC3576 server port.
Disconnect Rejects No Secret No Session ID Bad Authenticator Invalid Request Packets Dropped Unknown service CoA Requests CoA Accepts CoA Rejects No permission 1 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 2 0 0 0 0 0 Packets received from unknown clients: 0 Packets received with unknown request: 0 Total RFC3576 packets Received : 0 The output of the show aaa rfc-3576-server statistics command includes the following parameters: Parameter Description Disconnect Requests Number of disconnect requests sent by the ser
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 777 | show aaa rfc-3576-server Dell Networking W-Series ArubaOS 6.4.
show aaa server-group show aaa server-group [|summary] Description Show configuration details for your AAA server groups. Syntax Parameter Description The name of an existing AAA server group. Usage Guidelines Issue this command without the >
Parameter Description name Name of an existing AAA server group. Servers Number of servers in the group. Rules Number of rules configured for the server group. hits Number of hits for the server’s rules. Out-of-Service Indicates whether the server is active, or out of service. Active servers may not have an entry in the Out-of-Service column.
Parameter Description l l l l starts with the string in parameter Operand. ends-with – The rule is applied if and only if the attribute value returned ends with the string in parameter Operand. equals – The rule is applied if and only if the attribute value returned equals the string in parameter Operand. not-equals – The rule is applied if and only if the attribute value returned is not equal to the string in parameter Operand. value-of – This is a special condition.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 781 | show aaa server-group Dell Networking W-Series ArubaOS 6.4.
show aaa state ap-group show aaa state ap-group Description Show the names and ID numbers of your AP groups Example This first example shows that the selected controller has two defined AP groups. (host) #show aaa state ap-group AP Group Table -------------Name ID ---- -ap1 ap2 1 2 Related Commands Command Description Mode aaa server-group Use aaa server-group to define the AP groups displayed in the output of this show command Config mode Command History This command was introduced in ArubaOS 3.
show aaa state configuration show aaa state configuration Description Display authentication state configuration information, including the numbers of successful and failed authentications. Example This example shows authentication settings and values for a controller with no current users.
Ping/SYN/Session attacks = 0/0/0 The output of the show aaa state configuration command includes the following parameters: Parameter Description Switch IP IP address of the local controller. Master IP IP address of the master controller. Switch Role Role assigned to the controller on which you issued the show aaa state command.
Parameter Description Auth server in service Number of authentication servers currently in service. Radius server timeouts Number of times the RADIUS server did not respond to the authentication request. Web Total number of captive portal authentications or authentication failures since the last controller reset. MAC Total number of MAC authentications or authentication failures since the last controller reset.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.3 The per-user log field was added to the output of this command This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show aaa state debug-statistics show aaa state debug statistics Description show debug statistics for controller authentication, authorization and accounting. Syntax No parameters.
Parameter Description non-ip Number of non-IP type packets sent between the datapath and the controlpath. zero-ip Number of packets sent without an internet protocol (IP). loopback If 1, the controller has a defined loopback address. If 0, a loopback address has not yet been configured. mac mismatch Number of users that were not authenticated due to MAC mismatches. spoof Number of users that were not authenticated due to spoofed IP addresses.
Parameter dtunnel Description Number of users in decrypt tunnel forwarding mode that aged out after STM deauthentication, and timer expiration. Idled users from STM timeout tunnel Number of users in tunnel forwarding mode that aged out after the STM timer expired. dtunnel Number of users in decrypt tunnel forwarding mode that aged out after the STM timer expired.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The Mobility Stats parameter was introduced. ArubaOS 6.2 Additional statistics for idled users and user rejects were introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local or local controllers Dell Networking W-Series ArubaOS 6.4.
show aaa state log show aaa state log [info] Description Display global log files for AAA events. Syntax Parameter Description info This parameter displays debugging information for internal use only.
Command Information Platforms Licensing Command Mode W-6000, W-3600 and W-7200 Series controllers Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show aaa state messages Description Display numbers of authentication messages sent and received. Syntax No parameters. Usage Guidelines This command displays a general overview of authentication statistics. To view authentication information for specific profiles such as a captive-portal, MAC or 801.x authentication profile, issue the commands specific to those features. Example The output of this command displays tables of statistics for PAPI, RAW socket and Sibyte messages.
114 126 rand eapkey 1614 1316231 1614 1316231 1612 2632462 1612 2632462 114 rand 2 2 0 0 The output of this command contains the following parameters: Parameter Description Msg ID ID number for the message type. Name Message name. Since last Read Number of messages received since the buffer was last read. Total Total number of message received since the controller was last reset. opcode Code number of the message type.
show aaa state station show aaa state station Description Display AAA statistics for a station. Syntax Parameter Description MAC address of a station. Example The example below shows statistics for a station with four associated user IP addresses. The output of this command shows station data, the AAA profiles assigned to the station, and the station’s authentication method.
show aaa state user show aaa state user Description Display statistics for an authenticated user. Syntax Parameter Description IP address of a user. Example The example below shows statics for a user with the IP address 10.1.10.11. The output of this command shows user data, the user’s authentication method. and statistics for assigned roles, timers and flags. (host) #show aaa state user 10.1.10.11 Name: MYCOMPANY\tsenter, IP: 10.1.10.
show aaa sygate-on-demand (deprecated) show aaa sysgate-on-demand Syntax No parameters. Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 3.4 Command deprecated. 797 | show aaa sygate-on-demand (deprecated) Dell Networking W-Series ArubaOS 6.4.
show aaa tacacs-accounting Description Show TACACS accounting configuration. Syntax No parameters. Example The example below shows that TACACS accounting has been enabled, and that the TACACS server is in the server group acct-server.
show aaa timers Description Show AAA timer values. Syntax No parameters Example The example below shows that the controller has all default timer values: (host) #show aaa timers User idle timeout = 6 minutes Auth Server dead time = 10 minutes Logon user lifetime = 5 minutes Related Commands Command Description Mode aaa timers Use aaa timers to define the settings displayed in the output of this show command. Config mode Command History This command was introduced in ArubaOS 3.0.
show aaa web admin-port show aaa web admin-port Description Show the port numbers of HTTP and HTTPS ports used for web administration. Syntax No parameters. Example The example below shows that the controller is configured to use HTTPS on port 4343 or 443, and HTTP on port 8888. (host) #show aaa web admin-port https port = 4343 http port = 8888 Command History This command was introduced in ArubaOS 3.0.
show aaa xml-api server show aaa xml-api server [] Description Show a list of XML servers used for authentication, authorization and accounting. Syntax Parameter Description IP address of an XML API server. Include this parameter to see if a secret key is configured for the specified server. Example The output of this command shows that the controller has two configured XML API servers that are each referenced by two different AAA profiles.
show aaa xml-api statistics show aaa xml-api statistics Description Display statistics for an external XML API server. Syntax Parameter Description IP address of XML API server. Usage Guidelines Issue this command to troubleshoot AAA problems and monitor usage on an XML server. Example The example below shows AAA statistics for an external XML server with the IP address 10.1.2.3. This command shows the number of times that a particular event has occurred per client.
Parameter Description user_authenticate Number of users authenticated on the XML server since the last controller reboot. user_add Number of users added to the controller’s user table. user_delete Number of users removed from the controller’s user table. user_blacklist Number of denied user association requests. user_query Number of user queries performed. unknown user Number of unknown users. unknown role Number of unknown user roles.
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers 805 | show aaa xml-api statistics Dell Networking W-Series ArubaOS 6.4.
show acl ace-table show acl ace-table {ace <0-1999>}|{acl <1-2700>} Description Show an access list entry (ACE) table for an access control list (ACL). Syntax Parameter Description ace <0-1999> Show a single ACE entry. acl <1-2700> Show all ACE entries for a single ACL. Example The following example shows that there are eighteen access control entries for ACL 1.
show acl acl-table show acl acl-table <1-2700> Description Display information for a specified access control list (ACL). Syntax Parameter Description acl-table <1-2700> Specify the number of the ACL for which you want to view information. Example The following example displays the ACL table for the controller.
Parameter Description ACE count Number of access control entries in the ACL Name Name of the access control list Applied Number of times the ACL was applied to a role. Total free ACE entries The total number of free ACE entries. This includes available ACE entries at the bottom of the list, as well as free ACE entries in the middle of the table from previous access list entries that were later removed. Free ACE entries at the bottom The total number of free ACE entries at the bottom of the list.
show acl hits show acl hits Description Show internal ACL hit counters. Syntax No parameters. Usage Guidelines Issue this command to see the number of times an access control list defined a user’s role, or traffic and firewall policies for a user session. Example In the example below, the output of the User Role ACL Hits table is shown in two separate tables to allow the output to fit on a single page of this document.
------------ACL ACE New Hits --- --- -------5 22 Total Hits ---------- Index ----0 The output of this command includes the following information: Parameter Description Role Name of the role assigned by the ACL. Policy Name of the policy used by the ACL Src The traffic source, which can be one of the following: l : Name of a user-defined alias for a network host, subnetwork, or range of addresses. l any: match any traffic. l host: specify a single host IP address.
Parameter Description Total Hits Number of times the ACL was applied since the controller was last reset. Index Index number of the ACL. Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master controllers 811 | show acl hits Dell Networking W-Series ArubaOS 6.4.
show activate-service-whitelist show activate-service-whitelist Description This command displays the profile that allows the controller to synchronize its remote AP whitelist with the Dell Activate cloud-based services. Syntax No parameters. Usage Guidelines Use this command to view the credentials the controlleruses to synchronize the remote AP whitelist with an Activate server.
show adp config show adp config Description Show Aruba Discovery Protocol (ADP) configuration settings. Syntax No parameters. Example The following example shows that the controller has all default settings for ADP.
show adp counters show adp counters Description Show Aruba Discovery Protocol (ADP) counters. Syntax No parameters. Example The following example shows the ADP counter table for the controller. (host) #show adp counters ADP Counters -----------key value ------IGMP Join Tx 1 IGMP Drop Tx 0 ADP Tx 0 ADP Rx 0 The output of this command includes the following parameters: Parameter Description IGMP Join Tx Number of Internet Group Management Protocol (IGMP) join requests sent by the controller.
show airgroup show airgroup active-domains aps blocked-queries {dlna|mdns} blocked-service-id {dlna|mdns} cache entries {dlna|mdns|static} cppm {entries | server-group} cppm-server {aaa | query-interval | radius statistics | rfc3576 statistics} domain global-credits internal-state statistics {dlna|mdns} multi-controller-table servers {dlna | mdns | verbose} status users {dlna|mdns|verbose} vlan Description This command displays AirGroup global settings, domain, active-domain, and more AirGroup configuratio
Parameter Description cppm server-group: This command displays AirGroup CPPM server group defined in the controller. For more information, see show airgroup cppm on page 827 l aaa: This command displays the AAA parameters for AirGroup. l query-interval: The AirGroup CPPM query interval is used to refresh the CPPM entries at periodic intervals. This command displays the CPPM query interval value configured in the controller. l radius statistics: This command displays the RADIUS statistics for AirGroup.
Example Access the controller’s command-line interface and use the following command to display the current status of the AirGroup configuration and AirGroup services configured on the controller: (host) #show airgroup status AirGroup Feature ---------------Status -----Enabled AirGroup- MDNS Feature ---------------------Status -----Enabled AirGroup- DLNA Feature ---------------------Status -----Enabled AirGroup Location Discovery --------------------------Status -----Enabled AirGroup Active Wireless Discove
AirGroup Domains ---------------Name Description -------------Campus1 AirGroup_campus1 Campus2 IP-Address ---------10.10.10.1 11.11.11.1 9.9.9.1 8.8.8.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master and local controllers 819 | show airgroup Dell Networking W-Series ArubaOS 6.4.
show airgroup active-domains show airgroup active-domains Description This command displays a list of AirGroup active-domains configured. Syntax No parameters.
show airgroup blocked-queries show airgroup blocked-queries [mdns|dlna] Description This command displays the service ID that was queried but not available in the AirGroup service table. Syntax Parameter Description Range Default mdns Specifies the mDNS blocked queries. — — dlna Specifies the DLNA blocked queries.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode Dell Networking W-Series ArubaOS 6.4.
show airgroup blocked-service-id show airgroup blocked-service-id [mdns|dlna] Description This command displays the list of blocked services. Syntax Parameter Description Range Default mdns Specifies the mDNS blocked services. — — dlna Specifies the DLNA blocked services. — — Example The airgroup service disable command disables an AirGroup service by blocking the service IDs for that service.
Command History: Release Modification ArubaOS 6.3 Command introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode Dell Networking W-Series ArubaOS 6.4.
show airgroup cache entries show airgroup cache [mdns|dlna|static] Description This command displays the AirGroup mDNS and DLNA resource records in cache in a controller: Syntax Parameter Description Range Default Displays the AirGroup mDNS and DLNA resource records in the cache. — — mdns Displays the mDNS cache entries. — — dlna Displays the DLNA cache entries. — — static Displays static cache entries.
Column Description Name Displays the name of the Service ID. Type Displays the type of mDNS or DLNA record. Class Displays the class of the record. This is usually IN. TTL Displays the time to live value of the service ID in seconds. Origin Displays the source IP of the AirGroup server. Expiry Displays the expiry period of the mDNS or DLNA record in seconds. Last Update Displays the time stamp of the last cache update. Command History: Release Modification ArubaOS 6.3 Command introduced.
show airgroup cppm show airgroup cppm {|} Description This command displays the information for devices registered in ClearPass Policy Manager. Syntax Parameter Description Range Default Displays the CPPM registration information. — — Displays the Server Group information.
Column Description Device Displays the MAC address of the AirGroup device. device-owner Displays the user name of the AirGroup device. shared location-id AP-name Displays the location ID based on an AP name. NOTE: The geographical location of AirGroup device can be tracked with respect to its RF neighbors. AirGroup devices connected to APs can be located based on nearby APs.
show airgroup cppm-server show airgroup cppm-server {||radius |rfc3576 } Description This command displays the information for devices registered in ClearPass Policy Manager. Syntax Parameter Description Range Default cppm-server Displays the ClearPass Policy Manager server information. — — Displays the data for the ClearPass Policy Manager servers.
The output of this command includes the following parameters: Column Description Device Displays the MAC address of the AirGroup device. device-owner Displays the user name of the AirGroup device. shared location-id AP-name Displays the location ID based on an AP name. NOTE: The geographical location of AirGroup device can be tracked with respect to its RF neighbors. AirGroup devices connected to APs can be located based on nearby APs.
show airgroup domain show airgroup domain Description This command displays a list of AirGroup domains configured. Syntax No parameters. Example Use this command to view a list of AirGroup domains configured: (host) #show airgroup domain AirGroup Domains ---------------Name Description -------------Campus1 AirGroup_campus1 Campus2 AirGroup_campus2 IP-Address ---------10.15.121.240 11.11.11.1 9.9.9.1 8.8.8.
show airgroup internal-state statistics show airgroup internal-state [mdns|dlna] Description This command displays the statistics of packets sent and received per second by a controller: Syntax Parameter Description Range Default statistics Displays the Packets sent and received. — — dlna Displays the DLNA statistics. — — mdns Displays the mDNS statistics.
------ ----------------------- ---------- -------------------- --------7 app 0 6 0 0 193 N/A 859 2985 214 619 Rx Request N/A N/A 71 318 Rx Response N/A N/A 143 301 Tx Request-Refresh 0 1 N/A N/A Tx Request-discovery 55 300 N/A N/A Tx Request-wildcard 0 0 N/A N/A Tx Response-Solicited 0 0 N/A N/A Tx Response-Solicited-Fragment 0 0 N/A N/A Tx Response-Unsolicited 0 0 N/A N/A Sibyte DLNA Messages -------------------Opcode Name Sent Since Last Read Sent Total Recv Since Last Read Recv Total ------ -------------
Query - resp pkt gen & send 453 2537 1437 1149 Query - Response packet send 4739 28569 549 552 Query 8806 40946 2162 1184 MDNS Multi-controller Cluster Messages -------------------------------------Type Sent Since Last Read Sent Total Recv Since Last Read Recv Total ----------------------- ---------- -------------------- ---------Unicast Response with tag 0 0 0 0 Request with tag 66 311 5 7 Raw Response 0 0 0 0 DLNA Multi-controller Cluster Messages -------------------------------------Type Sent Since Last
show airgroup global-credits show airgroup global credits Description This command displays the current and user configured global tokens assigned to query and response packets. Syntax No parameters. Example In an AirGroup network, AirGroup devices generate excess mDNS query and response packets. Using airgroup global-credits command, the AirGroup controller restricts these packets by assigning tokens. The controller processes these mDNS packets based on this token value.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode Dell Networking W-Series ArubaOS 6.4.
show airgroup multi-controller-table show airgroup multi-controller-table [mdns|dlna] [verbose] Description This command displays the IP address of all the controllers participating in an AirGroup multi-controller environment. Syntax Parameter Description Range Default mdns Displays the mDNS statistics. — — dlna Displays the DLNA statistics. — — verbose Displays additional information in a tabular format.
Table 7: show airgroup multi-controller-table Column Description IP-Address Displays the IP address of all the controllers participating in an AirGroup multi-controller environment. Type Displays the type of record. Request with Tag Tx Displays the number of AirGroup multi-controller queries transmitted with meta-tag information by the controller to other controllers in its multi-controller domain.
show airgroup servers show airgroup servers [mdns|dlna] [verbose] Description This command displays the status of the AirGroup server (Apple TV, AirPrint Printer, Google ChromeCast, and so on) in a controller: Syntax Parameter Description Range Default mdns Displays the mDNS servers. — — dlna Displays the DLNA servers. — — verbose Displays additional information in a tabular format.
Column Description Service Displays the AirGroup service hosted by the server. VLAN Displays the VLAN ID of the AirGroup server. Wired/Wireless Indicates if the AirGroup server is connected to a Wired LAN or Wireless LAN. NOTE: The column displays Wired when the server is connected to an untrusted wired port. When the server is connected to a trusted wired port, the column displays N/A. Role Displays the user role of the AirGroup server. Group Displays the group of the AirGroup user.
| show airgroup servers Dell Networking W-Series ArubaOS 6.4.
show airgroup status show airgroup status Description This command displays the global settings of the AirGroup configuration and AirGroup services configured in the WLAN controller. Syntax No parameters. Example Issue this command to view the global settings of the AirGroup configuration and AirGroup services configured in the WLAN controller.
remotemgmt sharing chat googlecast DIAL DLNA Media DLNA Print allowall test airplay Disabled Disabled Disabled Disabled Enabled Enabled Disabled Enabled Enabled Enabled The output of this command includes the following parameters: Column Description AirGroup Feature Status Displays the status of AirGroup in the controller. AirGroup - MDNS Feature Displays the status of mDNS. AirGroup - DLNA Feature Displays the status of DLNA.
show airgroup users show airgroup users [mdns|dlna] [verbose] Description This command displays the user table. Syntax Parameter Description Range Default mdns Displays the mDNS users. — — dlna Displays the DLNA users. — — verbose Displays additional information in a tabular format.
Column Description Rec-filtered Displays the number of queries filtered as a result of the policies. Rec-responded Displays the number of queries responded from the AirGroup user. Last-query Displays the time stamp of the last query received. CPPM-Req Displays the number of requests sent by the controller to the CPPM server to populate the policy details for the given AirGroup client.
show airgroup vlan show airgroup vlan Description This command displays the status of the disallowed AirGroup VLANs. Syntax No parameters. Example The following example displays the status of the disallowed AirGroup VLANs: (host) #show airgroup vlan VLAN Table ---------Vlan-Id IP-Address ---------------1 10.15.121.240 2 0.0.0.0 3 10.15.121.240 4 10.15.121.
show airgroupservice show airgroupservice [dlna|mdns] [verbose] Description This command displays the service details of all AirGroup services in the controller. Syntax Parameter Description Range Default airgroupservice This command displays the service details of all AirGroup services in the controller. — — mdns Displays the mDNS services. — — dlna Displays the DLNA services. — — Verbose Displays additional services information in a tabular format.
chat googlecast DIAL Chat GoogleCast supported by Chromecast etc DIAL supported by Chromecast,FireTV,Roku etc Disabled Disabled Enabled DLNA Media Media Disabled -----text removed for brevity-------- DLNA Print Print Disabled allowall Remaining-Services Disabled Disallowed-VLAN --------------- ID -_odisk._tcp _afpovertcp._tcp _xgrid._tcp _presence._tcp _googlecast.
Command History: Release Modification ArubaOS 6.3 Command introduced. ArubaOS 6.4 mDNS and DLNA parameters were introduced. ArubaOS 6.4.1 l l The Chromecast service was renamed to DIAL. The googlecast service was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode 849 | show airgroupservice Dell Networking W-Series ArubaOS 6.4.
show ap active show ap active [ap-name |{arm-edge dot11a|dot11g|voip-only}|dot11a|dot11g|essid |ip-addr |ip6-addr |{type access-point|air-monitor|(sensor dot11a|dot11g|voip-only)}|voip-only Description Show all active APs registered to a controller. Syntax Parameter Description ap-name View data for an AP with a specified name. arm-edge Show the state of ARM edge APs. counters Show the counters. dot11a Show 802.11a radio information. dot11g Show 802.
l An AP with an external antenna is not provisioned with external antenna gain settings. l Both radios on the AP are disabled. l No virtual APs are defined on the AP. l The AP has profile errors. Issue the command "show profile errors" for details. l The GRE tunnel between the AP and the controller was blocked by a firewall after the AP became active. l The AP is temporarily down while it is upgrading its software. The AP will become active again after upgrading.
Column Description AP Type AP model type. Flags This column displays any flags for this AP. The list of flag abbreviations is also included in the output of the show ap active command. 1 = 802.1x authenticated AP 2 = Using IKE version 2; A = Enet1 in active/standby mode B = Battery Boost On C = Cellular; D = Disconn. Extra Calls On E = Wired AP enabled F = AP failed 802.1x authentication H = Hotspot Enabled K = 802.11K Enabled L = Client Balancing Enabled M = Mesh N = 802.
show ap-group show ap-group [] Description Show settings for an AP group. Syntax Parameter Description The name of an AP group. Usage Guidelines Issue this command without the optional parameter to display the entire AP group list, including profile status for each profile. Include an AP group name to display detailed configuration information for that AP group profile. Example This first example shows that the controller has nine configured AP groups.
Ethernet interface 1 link profile AP system profile VoIP Call Admission Control profile 802.11a Traffic Management profile 802.
Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 855 | show ap-group Dell Networking W-Series ArubaOS 6.4.
show ap-name show ap-name [] Description Show a list of AP names. Include the parameter to display detailed configuration information for that AP. Syntax Parameter Description The name of an AP. Example This first example shows that the controller has eight registered APs. The Name column lists the names of each registered AP. Note that APs are all user-defined, so they will not have an entry in the Profile Status column.
Parameter Description Virtual AP Virtual AP profile that which configures a specified WLAN. Excluded Virtual AP Excludes the specified mesh cluster profile from this AP. 802.11a radio profile Profile that defines 802.11a radio settings for the AP. 802.11g radio profile Profile that defines 802.11g radio settings for the AP. Wired AP profile Profile that defines wired port settings for APs assigned to the AP.
show ap allowed-channels show ap allowed-channels ap-name country-code [ap-type ] ip-addr Description This command shows the allowed channels on a specific AP or country code. Syntax Parameter Description ap-name Name of an AP. country-code [ap-type ] Specify a country code to display allowed channels for that country.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 859 | show ap allowed-channels Dell Networking W-Series ArubaOS 6.4.
show ap ap-group show ap ap-group {ap-name |bssid |ip-addr } Description Show the AP group settings for an individual AP. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID). An AP’s BSSID is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address. Enter the IP address in dotteddecimal format.
Related Commands Command Description Mode ap-group Configure your AP groups and AP group profiles. Config mode Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 861 | show ap ap-group Dell Networking W-Series ArubaOS 6.4.
show ap arm client-match history show ap arm client-match history client-mac Description If the client match feature is enabled, the output of this command shows the history of AP association changes triggered by the client match feature. Syntax Parameter Description client-mac MAC address of a client for which you want to view a history of AP association changes triggered by the client match feature.
Parameter Description the load on APs in the client's RF neighborhood, and the SNR levels the client detected from each underutilized AP. From (Radio/AP/Signal(dBm)) This column shows the radio MAC address, AP model and radio number, and signal strength in dBm of the radio to which the client was moved. To (Radio/AP/Signal (dBm)) Radio, AP name and signal strength of the radio to which the client was moved.
show ap arm client-match neighbors show ap arm client-match neighbors ap-name ip-addr ip6-addr Description If the client match feature is enabled, the output of this command displays the BSSID of other APs seen by clients in the select AP's RF neighborhood. Syntax Parameter Description ap-name View neighboring clients for an AP with a specified name ip-addr View neighboring clients for an AP with a specified IP address.
Parameter Description Last heard Date and time at which the AP last heard from the client Related Commands Use the following command to enable the client match feature: l rf arm-profile client-match The following commands display additional statistics for the client match feature: l show ap arm client-match probe-report l show ap arm client-match restriction-table l show ap arm virtual-beacon-report l show ap arm client-match unsupported l show ap arm client-match summary l show ap arm clie
show ap arm client-match probe-report show ap arm client-match probe-report ap-name ip-addr ip6-addr assoc phy-type 802.11a|802.11b|80211g Description If the client match feature is enabled, the output of this command displays the client probe report for the specified AP. Syntax Parameter Description ap-name Name of the AP for which you want to view a client report. ip-addr IPv4 address of an AP for which you want to view a client probe report.
ac:81:12:59:5c:12 00:24:d7:40:bb:b0 00:1a:73:15:8c:5f 32 31 32 0 0 0 50 58 57 9 9 9 Wed Apr 10 01:20:45 2013 Wed Apr 10 01:20:37 2013 Wed Apr 10 01:20:38 2013 The output of this command includes the following parameters: Parameter Description Client MAC AP name of the AP from which the client can detect a signal. Signal Signal strength, in dBm, of the probe request received from the client. Assoc A "Y" in this field indicates that the client is currently associated to that AP radio.
show ap arm client-match restriction-table show ap arm client-match restriction-table ap-name ip-addr ip6-addr Description If the client match feature is enabled, the output of this command displays the list of clients that the client match feature has restricted from the specified AP.
Time since last restriction(sec) -------------------------------3866 Radio Bssid ----------00:1a:1e:89:c0:c0 The output of this command includes the following parameters: Parameter Description Client MAC Displays the MAC address of the client that Client Match is attempting to steer. Time last restricted Displays the date and time at which the client was last steered in the vicinity of this radio.
Command History Release Modification ArubaOS 6.3 Command introduced. ArubaOS 6.4.1.0 Following parameters were introduced: l l l l PS deauth Probe(home/scan/bc_ssid) Auth(home/scan) Radio Bssid The following parameters were modified: l l l Time last restricted Restricted(Cur/Last) Time since last restricted Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap arm client-match summary show ap arm client-match summary [client-mac ]|[advanced] Description If the client match feature is enabled, the output of this command shows the history of AP association changes triggered by the client match feature. Syntax Parameter Description client-mac MAC address of a client for which you want to view a history of AP association changes triggered by the client match feature. advanced Display advanced debugging information.
Parameter Description MAC MAC address of the client that was moved to a different AP radio. Sticky (T/S) The output of this column shows the following two values: l l Bandsteer (T/S) The output of this column shows the following two values: l l Loadbal (T/S) l T: Total number of times the client match feature attempted to move an AP to a different radio on dual-radio AP to balance the client load between the AP radios.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 873 | show ap arm client-match summary Dell Networking W-Series ArubaOS 6.4.
show ap arm client-match unsupported show ap arm client-match unsupported Description If the client match feature is enabled, the output of this command displays a list of clients that failed to be steered to a more optimal AP, and the reason the initial steering request was triggered,. Syntax No parameters. Usage Guidelines The controller also keeps track of the number of times the client match feature failed to steer a client to a different radio, and the reason that each steer attempt was triggered.
l show ap arm client-match neighbors l show ap arm client-match restriction-table l show ap arm virtual-beacon-report l show ap arm client-match unsupported l show ap arm client-match summary l show ap arm client-match history Command History Introduced in ArubaOS 6.3. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 875 | show ap arm client-match unsupported Dell Networking W-Series ArubaOS 6.4.
show ap arm history show ap arm history {ap-name }|{bssid }|{ip-addr } Description For each interface on an AP, show the history of channel and power changes due to Adaptive Radio Management (ARM). Syntax Parameter Description ap-name Show ARM history for an AP with a specific name. bssid Show ARM history for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
The output of this command includes the following information: Parameter Description Reason This column displays one of the following code to indicate why the channel or power change was made. l I: Interference l R: Radar detected l N: Noise exceeded l E: Error threshold exceeded l INV: Invalid Channel l G: Rogue AP Containment l M: Empty Channel l P+: Increase Power l P-: Decrease Power l OFF: Turn off Radio l ON: Turn on Radio The Reason key appears at the bottom of the ARM History table.
show ap arm neighbors show ap arm neighbors {ap-name }|{bssid }|{ip-addr } Description Show the ARM settings for an AP’s neighbors. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID). An AP’s BSSID is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address. Enter the IP address in dotteddecimal format.
show ap arm rf-summary show ap arm rf-summary {ap-name }|{bssid }|{ip-addr } [verbose] Description Show the state and statistics for all channels being monitored by an individual AP. Syntax Parameter Description ap-name Show channel data for an AP with a specific name. bssid Show channel data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
ARM Edge State Last check channel/pwr Last change channel/pwr Next Check channel/pwr Assignment Mode Interface Name Current ARM Assignment Covered channels a/g Free channels a/g ARM Edge State Last check channel/pwr Last change channel/pwr Next Check channel/pwr Assignment Mode :disable :7m:13s/22s :32m:22s/10h:15m:40s :33s/4m:43s :Single Band :wifi1 :11/21 :0/1 :0/0 :disable :3m:25s/2m:1s :10h:15m:40s/10h:15m:40s :1m:4s/3m:59s :Single Band The output of this command includes the following information: Pa
Parameter Description ARM Edge State If enabled, ARM-enabled APs on the network edge will not become Air Monitors. Last check channel/pwr Time elapsed since the AP checked its channel and power settings, in hour:minute:second format. Last change channel/pwr Time elapsed since the AP changed its channel and power settings, in hour:minute:second format. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.
show ap arm scan-times show ap arm scan-times {ap-name |bssid |ip-addr } Description Show AM channel scan times for an individual AP and displays information about the current valid 20/40/80 MHz channels in the regulatory domain. Syntax Parameter Description ap-name Show channel scan data for an AP with a specific name. bssid Show channel scan data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
161 11855640 1924 0 0 DVACULPT 35698 165 103180 938 0 0 DAC 35699 1 191840 1744 0 0 DVACLF 35716 2 182380 1658 1 0 DACL 35717 3 168410 1531 0 0 DACL 35718 4 182930 1663 0 0 DCL 35669 5 384560 3496 2 0 DVACULP 35722 6 384120 3492 0 0 DACUL 7 350790 3189 1 0 DVACULF 8 384230 3493 1 0 DACUL 9 381370 3467 0 0 DACUL 10 153120 1392 0 0 DCU 11 35902840 1744 0 0 DVACUPT 12 134640 1224 0 0 DACU 13 97790 889 0 0 DACU 14 15180 138 0 0 D Channel Flags: D: All-Reg-Domain Channel, C: Reg-Domain Channel, A: Activity Pre L
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap arm split-scan-history show ap arm split-scan-history {ap-name |bssid |ip-addr } Description Show scanning information for a "split-scan", where ARM performs an additional scans on each channel within a 40 MHz channel pair or 80 MHz channel set. Syntax Parameter Description ap-name Show scan data for an AP with a specific name. bssid Show scan data for a specific Basic Service Set Identifier (BSSID) on an AP.
Command History Introduced in ArubaOS 6.3.1 Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap arm state show ap arm state [ap-name |dot11a|dot11g|ip-addr ] Description Display Adaptive Radio Management (ARM) information for an individual AP’s neighbors, or show all available data for any neighboring AP using an 802.11a or 802.11g radio type. Syntax Parameter Description ap-name Show aggregate ARM Neighbor Information for a specific AP. dot11a Show aggregate ARM Neighbor Information for all APs using an 802.11a radio.
Column Description Assignment The AP’s current channel assignment. Neighbor Density The neighborhood density for the specified AP is listed with the values A/B/C/D, where: l A= Number of the AP’s clients heard in the AP neighbor’s client list l B= Number of clients in AP neighbor’s client list l C= Density percentage, (AP clients heard in in the AP neighbor client list / AP client density * 100).
show ap arm status show ap arm status {ap-name }|{bssid }|{ip-addr } Description Issue this command under the supervision of Dell support to display detailed debugging Adaptive Radio Management (ARM) information and ARM status counters for an individual AP. Syntax Parameter Description ap-name Show ARM status for an AP with a specific name. bssid Show ARM status for a specific Basic Service Set Identifier (BSSID) on an AP.
show ap arm virtual-beacon-report show ap arm virtual-beacon-report ap-name ip-addr ip6-addr phy-type 80211a|80211b|80211g Description If the client match feature is enabled, the output of this command displays the virtual beacon report for an AP with a specific IP or MAC address. Syntax Parameter Description ap-name Name of an AP for which you want to view a virtual beacon report.
Parameter Description AP MAC address of the AP from which the client can detect a signal. Channel Channel on which the signal was deteched Signal Signal strength, in dBm, of the probe request received from Client Clients Number of clients associated with that AP Assoc A "Y" in this field indicates that the client is currently associated to that AP radio.
show ap association show ap association [ap-name |ap-group |bssid |channel |client-mac |essid |ip-addr |ip6-addr |phy {a|b|g}|voip-only] Description Show the association table for an AP group or for an individual AP. Syntax Parameter Description ap-group Show AP associations for a specific AP group. You can also include the channel, essid or voip-only keywords to further filter the output of this command.
Example Use the show ap association client-mac command to verify that a user has associated with an AP, or to determine last AP to which the client was connected. The output of this command in the example below shows the association table for the client with the MAC address 00:13:fd:5c:7c:59. If the flags column in the output of this command shows an 'A', the client associated last to that AP. Alternately, the AP with the smallest value of association time is the last AP to which the client had associated.
Column Description assoc. time Amount of time the client has associated with the AP, in the format hours:minutes:seconds. num assoc Number of clients associated with the AP. flags This column displays any flags for this AP. The list of flag abbreviations is included in the output of the show ap association command. Command History Introduced in ArubaOS 3.0.
show ap association remote show ap association remote [ap-name |ap-group |bssid |channel |essid Description Display the association table for an individual AP or group of APs in bridge mode. Syntax Parameter Description ap-name Show AP associations for a specific remote AP. ap-group Show AP associations for a specific group of remote APs. bssid Show the AP associations for an specific AP Basic Service Set Identifier (BSSID).
Column Description auth This column displays a y if the AP has been configured for 802.11 authorization frame types. Otherwise, it displays an n. assoc This column displays a y if the AP has been configured for 802.11 association frame types. Otherwise, it displays an n. aid 802.11 association ID. A client receives a unique 802.11 association ID when it associates to an AP. 1-int Number of beacons in the 802.11 listen interval.
show ap authorization-profile show ap authorization-profile [] Description This command shows information for AP authorization profiles. Syntax Parameter Description The name of an an existing AP authorization profile. Usage Guidelines The AP authorization profile specifies which configuration should be assigned to a remote AP that has been provisioned but not yet authenticated at the remote site.
Parameter Value AP authorization group Name of a configuration profile to be assigned to the group unauthorized remote APs. Related Commands Command Description Mode ap authorization-profile This command defines a temporary configuration profile for remote APs that are not yet authorized on the network. Config mode Command History This command was introduced in ArubaOS 3.0.
show ap blacklist-clients show ap blacklist-clients Description Show a list of clients that have been denied access. Usage Guidelines Use the stm CLI command to add or remove users from a blacklist. Additionally, the dot1x authentication, VPN authentication and MAC authentication profiles allow you to automatically blacklist a client if machine authentication fails. Examples The output of this command shows that the controller has a single user-defined blacklisted client.
Related Commands Command Description Mode stm add-blacklist-client stm remove-blacklist-client Manually add or remove clients from a blacklist. Config mode Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.4.1.
show ap bss-table show ap bss-table [ap-name |bssid |counters|essid |ip-addr |ip6-addr |port \|standby>] Description Show an AP’s Basic Service Set (BSS). Syntax Parameter Description ap-name Show the BSS table for a specific AP. bssid Show the BSS table for an specific AP Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
----- ------------- --- -6c:f3:7f:e7:2c:10 N/A 1500 1 Bs 6c:f3:7f:e7:69:10 N/A 1500 1 Bs d8:c7:c8:80:27:d0 N/A 1500 1 Bs -- --- ---- ---------------- ------ ------- ------- ----- 10.3.31.217 a-VHT am ?/?/? 0 ard 0 25m:47s 10.3.31.253 a-VHT am ?/?/? 0 rlo-225 0 44m:24s 10.3.31.222 a-HT am ?/?/? 0 arr 0 44m:24s - The output of this command includes the following information: Column Description bss The AP Basic Service Set Identifier (BSSID).
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.2 Introduced support for the following parameters: l essid l essid l essid l essid Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 903 | show ap bss-table Dell Networking W-Series ArubaOS 6.4.
show ap bw-report show ap bw-report {ap-name |bssid |ip-addr } Description Show the bandwidth reporting table for a specific AP. Syntax Parameter Description ap-name Show bandwidth data for an AP with a specific name. bssid Show bandwidth data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description Offered Load Attempted throughput for the Virtual AP, in kbps. Delivered Load Actual throughput for the Virtual AP, in kbps. This value may be less than the offered load if the Virtual AP has used all its allocated bandwidth. Average Throughput Average throughput for the virtual AP, in kbps. Command History Introduced in ArubaOS 3.0.
show ap client status show ap client status Description Show the current status of a specific client. Syntax Parameter Description MAC address of a client Examples The output of the command shows the status of an individual client in the STA (station) table.
Column Description state If the client has been both authorized and associated, this data column will display auth-assoc. If the client has only been authorized, this data column will display auth. Reason If the client failed to authenticate, this data column lists the reason code for 802.11 authentication failure Command History Introduced in ArubaOS 3.0.
show ap client trail-info show ap client trail-info [] Description Use this command to show client activity for debugging purposes. Syntax Parameter Description MAC address of the client. Usage Guidelines Use this command to view client activity, including reasons for client deauthentication, the history of how that client moved between different APs, and any alerts or errors encountered by that client.
The output of these commands include the following information: Column Description MAC MAC address of the client BSSID BSSID of the client ESSID ESSID to which the client associated AP-name Name of the AP to which the client associated VLAN VLAN ID of the VLAN to which the client associated. Deauth-reason Reason why the client was deauthorized.
show ap debug client-trace show ap client-trace {ap-name }|{ip-addr }|{ip6-addr } mac Description Use this command to show counts of different types of management data frames traced from a client MAC address. Syntax Parameter Description ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP. mac MAC address of the client..
show ap config show ap config {ap-group }|{ap-name }|{essid } Description Show a large list of configuration settings for an ap-group or an individual AP. Syntax Parameter Description ap-group Display configuration settings for an AP group. ap-name Display configuration settings for an AP with a specific name. essid Display configuration settings for an AP with a specific Extended Service Set Identifier (ESSID).
FIPS enable "default" SNMP sysContact "default" RFprotect Server IP "default" RFprotect Backup Server IP "default" AeroScout RTLS Server "default" RTLS Server configuration "default" Remote-AP DHCP Server VLAN "default" Remote-AP DHCP Server Id "default" Remote-AP DHCP Default Router "default" Remote-AP DHCP Pool Start "default" Remote-AP DHCP Pool End "default" Remote-AP DHCP Pool Netmask "default" Remote-AP DHCP Lease Time "default" Heartbeat DSCP "default" Session ACL "default" Image URL "default" Mainte
Parameter Description Backup LMS IP For multi-controller networks, this parameter displays the IPv4 address of a backup to the IP address specified with the lms-ip parameter. Backup LMS IP For multi-controller networks, this parameter displays the IPv6 address of a backup to the IP address specified with the lms-ip parameter. LMS Preemption When this parameter is enabled, the local management switch automatically reverts to the primary LMS IP address when it becomes available.
Parameter Description Double Encrypt This parameter applies only to remote APs. Double encryption is used for traffic to and from a wireless client that is connected to a tunneled SSID. When enabled, all traffic is reencrypted in the IPsec tunnel. When disabled, the wireless frame is only encapsulated inside the IPsec tunnel. Native VLAN ID Native VLAN for bridge mode virtual APs (frames on the native VLAN are not tagged with 802.1q tags). SAP MTU Maximum Transmission Unit (MTU) size, in bytes.
Parameter Description Keepalive Interval Time, in seconds, between keepalive messages from the AP Dump Server (For debugging purposes.) Displays the server to receive the core dump generated if an AP process crashes. Telnet Reports whether telnet access the AP is enabled or disabled. SNMP sysContact SNMP system contact information. AeroScout RTLS Server Displays whether or not the AP will send RFID tag information to an AeroScout real-time asset location (RTLS) server.
Parameter Description Remote-AP bw reservation Session ACLs with uplink bandwidth reservation in kilobits per second. You can specify up to three session ACLs to reserve uplink bandwidth. Heartbeat DSCP DSCP value of AP heartbeats (0-63). Session ACL Shows the access control list (ACL) applied on the uplink of a remote AP. Maintenance Mode Shows if Maintenance mode is enabled or disabled.
Parameter Description High throughput enable (radio) Shows if high-throughput (802.11n) features on the 2.4 GHz frequency band are enabled or disabled. Channel Shows the channel number for the AP’s 802.11a/802.11n physical layer. Beacon Period Shows the time, in milliseconds, between successive beacon transmissions. The beacon advertises the AP’s presence, identity, and radio characteristics to wireless clients.
Parameter Description If enabled, the controller compares whether or not an AP has more clients than its neighboring APs on other channels. If an AP’s client load is at or over a predetermined threshold as compared to its immediate neighbors, or if a neighboring Dell AP on another channel does not have any clients, load balancing will be enabled on that AP. This feature is disabled by default. Spectrum Load Balancing mode Spectrum Load Balancing Mode allows control over how to balance clients.
Parameter Description l l Rx sensitivity tuning based channel reuse 919 | show ap config If spectrum load balancing is enabled in a 802.11a radio profile but the spectrum load balancing domain is not defined, ArubaOS uses the ARM feature to calculate RF neighborhoods. If spectrum load balancing is enabled in a 802.
Parameter Description l the time. When this mode is enabled, the CCA threshold adjusts to accommodate transmissions between the AP its most distant associated client. Disable mode: This mode does not support the tuning of the CCA Detect Threshold. Rx sensitivity threshold RX Sensitivity Tuning Based Channel Reuse Threshold, in -dBm. If the Rx Sensitivity Tuning Based Channel reuse feature is set to static mode, this parameter manually sets the AP’s Rx sensitivity threshold (in dBm).
Parameter Description l l Level-4: level 3 and FIR immunity. Level-5: disable PHY reporting. Enable CSA Displays whether or not the AP has enabled channel switch announcements (CSAs) for 802.11h. CSA Count Number of channel switch announcements that must be sent before the AP will switch to a new channel. Management Frame Throttle interval Average interval that rate limiting management frames are sent from this radio, in seconds.
Parameter Description 20MHz mode: 54km 40MHz mode: 24km Iff you configure a value above the supported maximum, the maximum supported value will be used instead. Values below 600m will use default settings. l l Spectrum Monitoring When this parameter is enabled, it turns an AP in ap-mode into a hybrid AP. An AP in hybrid AP mode will continue to serve clients as an access point while it scans and analyzes spectrum analysis data for a single radio channel.
Parameter Description Scan Interval This column indicates, in seconds, how often the AP will leave its current channel to scan other channels in the band if scanning is enabled Active Scan Displays whether or not the active scan feature is enabled. NOTE: This option elicits more information from nearby APs, but also creates additional management traffic on the network. Active Scan is disabled by default, and should not be enabled except under the direct supervision of Dell Support.
Parameter Description Power Save Aware Scan Shows if the power save aware scan is enabled or disabled. If enabled, the AP will not scan a different channel if it has one or more clients and is in power save mode. Default: enabled Ideal Coverage Index The Dell coverage index metric is a weighted calculation based on the RF coverage for all DellAPs and neighboring APs on a specified channel. The Ideal Coverage Index specifies the ideal coverage that an AP should try to achieve on its channel.
Parameter Description Backoff Time After an AP changes channel or power settings, it waits for this backoff time interval before it asks for a new channel/power setting. Error Rate Threshold The minimum percentage of PHY errors and MAC errors in the channel that will trigger a channel change. Error Rate Wait Time Minimum time in seconds the error rate on the AP has to exceed its defined error rate threshold before it triggers a channel change.
Parameter Description Mode Aware Arm Shows if the mode-aware ARM feature has been enabled or disabled for this AP. If enabled, ARM will turn the AP into an Air Monitors (AMs) if it detects higher coverage levels than necessary. This helps avoid higher levels of interference on the WLAN. Although this setting is disabled by default, you may want to enable this feature if your APs are deployed in close proximity (e.g. less than 60 feet apart). Scan mode Identifies the scan mode for the AP.
Parameter Description Encryption Encryption type used on this AP. DTIM Interval Shows the interval, in milliseconds, between the sending of Delivery Traffic Indication Messages (DTIMs) in the beacon. This is the maximum number of beacon cycles before unacknowledged network broadcasts are flushed. Basic Rates Lists supported 802.11a rates, in Mbps, that are advertised in beacon frames and probe responses from this AP. Transmit Rates Lists 802.11a rates at which the AP is allowed to send data.
Parameter Description Short Preamble Shows if a short preamble for 802.11b/g radios is enabled or disabled for this AP. Network performance may be higher when short preamble is enabled. In mixed radio environments, some 802.11b wireless client stations may experience difficulty associating with the AP using short preamble. To use only long preamble, disable short preamble. Legacy client devices that use only long preamble generally can be updated to support short preamble.
Parameter Description 902il Compatibility Mode Shows if 902 il compatibility mode is enabled or disabled. (This parameter only needs to be enabled for APs with associated clients using NTT DoCoMo 902iL phones.) Hide SSID Shows if the feature to hide a SSID name in beacon frames is enabled or disabled. Deny_Broadcast Probes When a client sends a broadcast probe request frame to search for all available SSIDs, this option controls whether or not the system responds for this SSID.
Parameter Description Drop Broadcast and Multicast If this feature is enabled on an AP, it drops all downstream broadcast or multicast traffic to increase battery life. WEP Key 1 Displays the static WEP key (1 of 4). WEP Key 2 Displays the static WEP key (2 of 4). WEP Key 3 Displays the static WEP key (3 of 4). WEP Key 4 Displays the static WEP key (4 of 4). WEP Transmit Key Index Displays the key index that specifies which static WEP key is to be used.
Parameter Description 802.11g Beacon Rate Sets the beacon rate for 802.11g for APs use a Distributed Antenna System (DAS). Using this parameter in normal operation may cause connectivity problems. 802.11a Beacon Rate Sets the beacon rate for 802.11a for APs use a Distributed Antenna System (DAS). Using this parameter in normal operation may cause connectivity problems. Advertise QBSS Load IE Shows if the AP has enabled or disabled the advertising of QBSS in the load IE.
Parameter Description Short guard interval in 20 MHz mode Shows if the AP has enabled or disabled use of short guard interval in 20 MHz mode of operation. Short guard interval in 40 MHz mode Shows if the AP has enabled or disabled use of short guard interval in 40 MHz mode of operation. Maximum number of spatial streams usable for STBC transmission Controls the maximum number of spatial streams usable for STBC transmission. 0 disables STBC transmission, 1 uses STBC for MCS 0-7.
Parameter Description The use of TKIP or WEP for unicast traffic forces the use of legacy transmissions rates. Disabling this mode prevents the association of stations using TKIP or WEP for unicast traffic. This mode is disabled by default. Virtual AP enable Wireless LAN profiles configure WLANs in the form of virtual AP profiles. This parameter shows if the AP has enabled or disabled virtual APs. Allowed band Shows the band(s) on which to use the virtual AP: l a—802.11a band only (5 GHz) l g—802.
Parameter Description When an AP is configured to use the decrypt-tunnel forwarding mode, that AP decrypts and decapsulates all 802.11 frames from a client and sends the 802.3 frames through the GRE tunnel to the controller, which then applies firewall policies to the user traffic. When the controller sends traffic to a client, the controller sends 802.3 traffic through the GRE tunnel to the AP, which then converts it to encrypted 802.11 and forwards to the client. Only 802.
Parameter Description DoS Prevention Shows the status of the Dos Prevention option. If enabled, virtual APs ignore deauthentication frames from clients. This prevents a successful deauth attack from being carried out against the AP. This does not affect third-party APs. Station Blacklisting Shows if the virtual AP has enabled or disabled detection of denial of service (DoS) attacks, such as ping or SYN floods, that are not spoofed deauth attacks.
Parameter Description persistent— Permanently enables the virtual AP after the remote AP initially connects to the controller. l standard—Enables the virtual AP when the remote AP connects to the controller. A remote AP should use always and backup for bridge SSIDs, and use persistent and standard for 802.1X, tunneled, and split-tunneled SSIDs. l Convert Broadcast ARP requests to unicast If this option is enabled, all broadcast ARP requests are converted to unicast and sent directly to the client.
Parameter Description VoIP Call Admission Control Shows if WiFi VoIP Call Admission Control features are enabled or disabled. VoIP Bandwidth based CAC Shows the maximum bandwidth that can be handled by one radio, in kbps. VoIP Call Capacity Show the number of simultaneous calls that can be handled by one radio. VoIP Bandwidth Capacity (kbps) Shows the maximum bandwidth that can be handled by one radio, in kbps.
Parameter Description VoIP Drop SIP Invite and send status code (server) Displays the status code sent to the server when a SIP Invite is dropped.
show ap coverage-holes (deprecated) show ap coverage holes Description Show information for APs that have detected coverage holes in the wireless network. Command History Version Description ArubaOS 2.0 Command introduced ArubaOS 6.1 Command deprecated 939 | show ap coverage-holes (deprecated) Dell Networking W-Series ArubaOS 6.4.
show ap database show ap database {flags|group |inactive|indoor|local|long|outdoor|{page }| sensors [disconnected]|sort-by [ap-flags|ap-group|ap-ip| ap-mac|ap-name|ap-serial|ap-type|fqln|provisioned|status {up|down}|switch-ip]|sort-direction [ascending|descending]|start |status {up|down]|switch |unprovisioned|usb} Description Show the list of access points in the controller’s database. Syntax Parameter Description flags Show only APs with flags set [LUDINRCc12ME] .
Parameter Description ap-type Sort by AP model. fqln Sort by Fully Qualified Location Name (FQLN). provisioned Sort by provisioning statistics. status up|down If used with the sort-by keyword, status sorts the output of the command by status type (up or down.) Otherwise, use the status keyword to display APs with the specified status. switch-ip Sort by controller IP address. uptime Sort by AP uptime. sort-direction Choose sort direction of AP list:.
AP-120-35-A2 default 120 172.20.72.243 Down 172.20.1.103 AP-124-29:3A default 124 172.20.72.252 Up 2d:2h:0m:22s 172.20.1.103 AP-124-5B:2A default 124abg 172.20.72.245 Up 2d:2h:0m:43s 172.20.1.103 AP-124-D7:D6 default 124 172.20.72.244 Up 2d:2h:0m:25s 172.20.1.103 AP-124-E5:41 default 124 172.20.72.248 Up 2d:2h:0m:10s 172.20.1.103 AP-124-F3:CE default 124 172.20.72.242 Up 2d:2h:0m:5s 172.20.1.103 AP-124-F3:DE default 124 172.20.72.247 Up 2d:2h:0m:32s 172.20.1.103 AP-124-F3:EA default 124 172.20.72.
show ap database-summary show ap database-summary Description Show a general summary of access point information for this controller. Usage Guidelines Use this command to show the current number of active APs and Air Monitors. This command is also useful for determining how many unprovisioned APs or duplicate APs are on the network. For full details on each AP registered to a controller, use the command show ap database.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap debug association-failure (deprecated) show ap debug association-failure [{ap-name }|{bssid }|{client-mac }|{essid }|{ip-addr }] Description Display association failure information that can be used to troubleshoot problems on an AP. Command History Platforms Licensing ArubaOS 3.0 Command introduced ArubaOS 5.0 Command deprecated 945 | show ap debug association-failure (deprecated) Dell Networking W-Series ArubaOS 6.4.
show ap debug bandwidth-management show ap debug bandwidth-management [ap-name |ip-addr |ip6-addr ] Description This command shows bandwidth management information for clients. Syntax Parameter Description ap-name Name of the access point. ip-addr IP address of the access point. ip6-addr IPv6 address of the access point Examples The output of this command shows interface and shaping and interface policy for this AP.
show ap debug bss-config show ap debug bss-config [ap-name |bssid ||essid |ip-addr |ip6-addr |port /] Description Show the configuration for each BSSID of an AP. This information can be used to troubleshoot problems on an AP. Syntax Parameter Description ap-name Filter the AP Config table by AP name. bssid Filter the AP Config table by BSSID. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description bss Basic Service Set (BSS) identifier, which is usually the AP’s MAC address. ess Extended Service Set (ESS) identifier; a user-defined name for a wireless network. vlan The BSSID’s VLAN number. IP The AP’s IP address. phy One of the following 802.11 types l a l a-HT (high-throughput) l g l g-HT (high-throughput) type This column shows if the BSSID is for an access point (ap) or an air monitor (am). fw-mode The configured forward mode for the AP’s virtual AP profile.
show ap debug bss-stats show ap debug bss-stats [bssid ] Description Show debug and troubleshooting statistics from a specific BSSID of an AP. Syntax Parameter Description bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. Examples The example below shows part of the output of the command show ap debug bss-stats bssid .
The output of this command includes the following information: Parameter Description Tx Frames Rcvd Number of transmitted frames that were received. Tx Bcast Frames Rcvd Number of transmitted broadcast frames that were received. Tx Frames Dropped Number of transmitted frames that were dropped. Tx Bcast Frames Dropped Number of transmitted broadcast frames that were dropped. Tx Frames Transmitted Number of frames successfully transmitted. Tx Bytes Rcvd Number of transmitted bytes received.
Parameter Description Tx Broadcast Data Frames Sent Broadcast data frames transmitted by the AP. Tx Multicast Data Frames Multicast data frames transmitted by the AP. Tx DMO Multicast NOTE: This counter applies to APs in decrypt-tunnel or split forwarding modes only. They may also increment for Instant APsin bridge forwarding mode if the Instant AP performs bridge-mode multicast conversion. Tx DMO Invalid NOTE: This counter applies to APs in decrypt-tunnel or split forwarding modes only.
Parameter Description TX LDPC Frames Number of transmitted frames with Low Density Parity Check (LDPC) enabled. Tx WMM Number of Wi-fi Multimedia (WMM) packets transmitted for the following access categories. If the AP has not transmitted packets in a category type, this data row will not appear in the output of the command. l Tx WMM [BE]: Best Effort l Tx WMM [BK]: Background l Tx WMM [VO]: VoIP l Tx WMM [VI]: Video Tx Data Mbps Number of frames transmitted at the specified rate, (Mbps).
Parameter Description Rx Data Frames Number of data frames received. Rx Data Bytes Number of data bytes received. Rx Time Data Total time spent on frames successfully received. Rx Duplicate Frames Number of duplicate frames received. Rx Broadcast Data Frames Number of broadcast frames received. Rx Multicast Data Frames Number of multicast frames received. Rx Unicast Data Frames Number of unicast frames received. Rx Null Data Frames Number of null data frames received.
show ap debug client-deauth-reason-counters show ap debug client-deauth-reason-counters Description Shows the aggregate client deauth reason counters Examples The output of the command below shows client deauth reason counters. (host) #show ap debug client-deauth-reason-counters Deauth Reason Counters ---------------------Name Value -------- Command History Introduced in ArubaOS 6.3.
show ap debug client-mgmt-counters show ap debug client-mgmt-counters Description Show the numbers of each type of message from an AP’s clients. This information can be used to troubleshoot problems on an AP. Examples The output of the command below shows client management counters.
Parameter Description Update STA Tunnel Response (For internal use only) ARM Update Number of times an AP has changed its adaptive radio management (ARM) settings.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 957 | show ap debug client-mgmt-counters Dell Networking W-Series ArubaOS 6.4.
show ap debug client-stats show ap debug client-stats
Rx 54 Mbps Rx WMM [BE] 1730 39 The output of this command includes the following information: Parameter Description Frames Rcvd For TX Number of frames received for transmission. Tx Frames Dropped Number of transmission frames that were dropped. Frames Transmitted Number of frames successfully transmitted. Success With Retry Number of frames that were transmitted after being retried. Tx Mgmt Frames Number of management frames transmitted.
Parameter Description Last SNR CTL2 The signal-to-noise ratio for the last received data packet on the secondary (control) channel 2. This parameter is only displayed for APs operating in 40 Mhz mode. Last ACK SNR Signal-to-noise ratio for the last received ACK packet. Last ACK SNR CTL0 Signal-to-noise ratio for the last received ACK packet on the primary (control) channel 0. This parameter is only displayed for APs operating in 40 Mhz mode.
show ap debug client-table show ap debug client-table [ap-name |bssid |ip-addr |ip6-addr ] Description Show clients associated to an AP. Syntax Parameter Description ap-name Filter the client table by AP name. bssid Filter the client table by BSSID. This will print clients on top from given BSSID. ip-addr Filter the client table by AP IP address. ip6-addr Filter the client table by AP IPv6 address.
VHT Flags: C - 160MHz; c - 80MHz; V - Short GI 160; v - Short GI 80 E - Beamformee; e - Beamformer HT_State shows client's original capabilities (not operational capabilities) The output of this command includes the following information: Parameter Description MAC MAC address of a client. ESSID Extended Service Set identifier (ESSID) used by the client. An ESSID is a user-defined name for a wireless network. BSSID Basic Service Set identifier for the client.
Parameter Description Tx_Pkts Number of packets transmitted from the AP to the client. Rx_Pkts Number of packets the AP received from the client. PS_Qlen Number of packets in the power save queue length. Tx_Retries Number of packets that the AP had to resend to the client due to an initial transmission failure.
Command History Version Description ArubaOS 3.0 Command Introduced ArubaOS 6.3.1 The Client Health metric was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap debug counters show ap debug counters {ap-name |bssid |group |ip-addr |ip6addr } Description Show AP reboot/bootstrap counters, and crash information for an individual AP or AP group, or all APs referenced on the controller. Syntax Parameter Description ap-name Show debug counters for an AP with a specified name. bssid Show debug counters for a specific Basic Service Set Identifier (BSSID).
The output of this command includes the following information: Column Description Name Name of the AP. Group Name of the AP’s group. IP Address IP address of the AP. Configs sent Number of times configuration changes have been sent to the AP. Configs Acked Number of times that the AP has acknowledged receiving a configuration change. AP Boots Sent Number of times reboot requests have been sent to the AP. AP Boots Acked Number of times that the AP has acknowledged receiving a reboot request.
show ap debug crash-info show ap debug crash-info {ap-name |ip-addr ip6-addr } Description Show crash log information (if it exists) for an individual AP. The stored information is cleared from the flash after the AP reboots. Syntax Parameter Description ap-name Show crash information for an AP with a specified name. ip-addr Show crash information for an AP with a specified IP address by entering an IP address in dotted-decimal format.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 969 | show ap debug crash-info Dell Networking W-Series ArubaOS 6.4.
show ap debug crypto show ap debug crypto {ap-name |detail|history|ip-addr } Description This command shows the debug crypto logs for an AP. Syntax Parameter Description ap-name Shows crypto logs information for an AP with a specified name. detail Specifies the crypto logs details for the following: ap-name: Specifies the name of AP. ip-addr: Specifies the IP Address of AP.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode 971 | show ap debug crypto Dell Networking W-Series ArubaOS 6.4.
show ap debug datapath show ap debug datapath {ap-group |ap-name |bssid |ip-addr |ip6-addr } Description Show datapath tunnel parameters of an AP or AP group. Syntax Parameter Description ap-group Show data path information for a specific AP group. ap-name Show data path information for an AP with a specific name. bssid Show data path information for a specific Basic Service Set Identifier (BSSID).
Column Description gre-type GRE tunnel type. deny-bcast If enabled, the AP will respond to broadcast probe requests. If disabled, the AP will not respond to these requests. num-clients Number of clients currently using the network. The output of the following command shows datapath tunnel parameters for an AP with the IPv6 address 11:12:11:11::2.
show ap debug dot11r show ap debug dot11r efficiency state [ap-name | ip-addr ] Description This command displays all the r1 keys that are stored in an AP and the hit/miss rate of r1 keys cached on an AP before a Fast BSS Transition roaming. Syntax Parameter Description efficiency Show the hit/miss rate of r1 keys cached on an AP before a Fast BSS Transition roaming for the specified client MAC address.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 975 | show ap debug dot11r Dell Networking W-Series ArubaOS 6.4.
show ap debug driver-log show ap debug driver-log {ap-name |bssid |ip-addr |ip6-addr } Description Show an AP’s driver logs. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug gre-tun-stats show ap debug gre-tun-stats {ap-name | bssid |ip-addr |ip6-addr } Description Shows GRE tunnel packet statistics of an AP. Syntax Parameter Description ap-name Shows GRE tunnel packets information for an AP. bssid Shows GRE tunnel packets information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug gsm-counters show ap debug gsm-counters verbose Description Displays the GSM counters of an AP or AP group. Syntax Parameter Description verbose Displays the event statistics in a tabular format.
show ap debug ipc forwarding-statistics show ap debug ipc forwarding-statistics {ap-name |ip-addr |ip6-addr } Description Show an AP’s ipc forwarding statistics. Syntax Parameter Description ap-name Show log information for an AP with a specific name. ip-addr Show log information for an AP with a specific IP address by entering an IP address in dotted-decimal format. ip6-addr Show log information for an AP with a specific IPv6 address.
show ap debug lacp show ap debug lacp {ap-name |bssid |ip-addr |ip6-addre} Description Displays the number of GRE packets sent and received on the two Ethernet ports. Syntax Parameter Description ap-name Show LACP information for an AP with a specific name. bssid Show LACP information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Command History Version Modification ArubaOS 6.3.1 Command introduced Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 981 | show ap debug lacp Dell Networking W-Series ArubaOS 6.4.
show ap debug lldp show ap debug lldp Description Show an AP’s debug log. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address. ip-addr Show log information for an AP with a specific IP address by entering an IP address in dotted-decimal format.
show ap debug log show ap debug log {ap-name |bssid |ip-addr |ip6-addr } Description Show an AP’s debug log. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug config-msg-history show ap debug config-msg-history [ap-name |ip-addr |ip6-addr ] Description This command shows recent configuration messages sent and received by an AP. Syntax Parameter Description ap-name Name of the access point. ip-addr IP address of the access point. ip6-addr IPv6 address of the access point Examples The output of this command shows the configuration message history for the AP named "myAP-ap-105.
show ap debug mgmt-frames (deprecated) Description Show traced 802.11 management frames. Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 5.0 Command deprecated 985 | show ap debug mgmt-frames (deprecated) Dell Networking W-Series ArubaOS 6.4.
show ap debug port status show ap debug port status {ap-name |bssid |ip-addr |ip6-addr } Description Shows the status of the AP's wired ports. Syntax Parameter Description ap-name Name of the AP. bssid BSSID of the AP. ip-addr IP address of the AP. ip6-addr IPv6 address of the AP. Examples The output of the command displays the wired port status of an AP named LocalAP1.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 987 | show ap debug port status Dell Networking W-Series ArubaOS 6.4.
show ap debug radio-event-log status show ap debug radio-event-log status {ap-name |ip-addr |ip6-addr } Description Show information about the radio event information captured in packet log files. Syntax Parameter Description ap-name Show log information for an AP with a specific name. ip-addr Show log information for an AP with a specific IPv4 address by entering its IPv4 address in dotted-decimal format.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 989 | show ap debug radio-event-log status Dell Networking W-Series ArubaOS 6.4.
show ap debug radio-registers show ap debug radio-registers 0|1} {ap-name |ip-addr |ip6-addr } {radio Description This command allows you to view radio register changes. Syntax Parameter Description ap-name Name of the AP for which you want to view register changes. ip-addr IPv4 address of the AP for which you want to view register changes. ip6-addr IPv6 address of the AP for which you want to view register changes.
show ap debug radio-stats show ap debug radio-stats {ap-name |ip-addr } radio {0|1} [advanced] Description Show aggregate radio debug statistics of an AP. Syntax Parameter Description ap-name Show log information for an AP with a specific name. ip-addr Show log information for an AP with a specific IP address by entering its IP address in dotted-decimal format. ip6-addr IPv6 address of the Access Point.
Parameter Description Total Radio Resets Total number of times the radio reset. Resets Beacon Fail Number of times the radio reset due to beacon failure. BB check positives Number of times the radio checked for a baseband hang condition Resets BeacQ Stuck An AP’s radio typically sends a beacon every 100 milliseconds. If beacons are not sent at a regular interval or the radio experiences excessive noise, the beacon queue will reset. This parameter indicates the number of queue resets.
Parameter Description Avail TX Buffers An AP has a set number of buffers which it can use to buffer frames for nonresponsive power save clients. The total number of buffer frames depends upon the AP model type. 11g Protection This parameter shows whether 802.11g protection has been enabled or disabled. Last TX Antenna This parameter indicates whether the last frame transmitted was sent on antenna 1 or antenna 0. This parameter can be useful for troubleshooting external antennas.
Parameter Description Radio Reset Scan Rejects Number of times the scan was rejected due to a recent radio reset. Queue Drain Scan Rejects This legacy statistic has been deprecated, and will not increment. Scan Success Number of successful scans. To view scan details, use the command show ap arm scan-times. Scan Deferred Number of times the scan was deferred due to pending beacon trnsmissions on the home channel.
Parameter Description Tx Bcast Frames Dropped Number of transmitted broadcast frames that were dropped. Tx Frames Transmitted Number of frames successfully transmitted. Tx Bytes Rcvd Number of transmitted bytes received. Tx Bytes Transmitted Number of transmitted bytes Tx Time Frames Rcvd Number of times transmitted frames were received. Tx Time Frames Dropped Number of times transmitted frames were dropped. Tx Time Frames Transmitted Number of times frames were transmitted.
Parameter Description Tx Time Data Total time spent sending frames received for transmission, including the frames that were dropped after retrying. Tx Broadcast Data Frames Sent Broadcast data frames transmitted by the AP. Tx Broadcast Data Frames Sent(PPS) Rate of broadcast data frames transmitted by the AP, in packets per second. Tx Multicast Data Frames Multicast data frames transmitted by the AP.
Parameter Description Tx Dropped After Retry Number of frames dropped after an attempted retry. Tx Dropped No Buffer Number of frames dropped because the AP’s buffer was full. Tx Missed ACKs Number of retries triggered because an acknowledgement was not received. Tx Failed Beacons Number of times a radio failed to transmit a beacon at the scheduled interval (100ms). Tx Multi-Beacon Fail Number of times multiple consecutive beacons failed to transmit.
Parameter Description Tx WMM [category] dropped Number of dropped Wi-Fi Multimedia (WMM) packets in the following access categories . If the AP has not transmitted packets in a category type, this data row will not appear in the output of the command. Tx WMM [BE]: Best Effort Tx WMM [BK]: Background Tx WMM [VO]: VoIP Tx WMM [VI]: Video Tx UAPSD OverflowDrop Number of packets dropped due to Unscheduled Automatic Power Save Delivery (U-APSD) overflow.
Parameter Description Rx Last SNR EXT1 Signal-to-noise ratio for the last received ACK packet on the secondary (extension) channel 1. This parameter is only displayed for APs operating in 40 Mhz mode. Rx Last SNR EXT2 Signal-to-noise ratio for the last received ACK packet on the secondary (extension) channel 2. This parameter is only displayed for APs operating in 40 Mhz mode. Rx Last ACK SNR EXT0 Signal-to-noise ratio for the last received ACK packet on the secondary (extension) channel 0.
Parameter Description Channel busy 64s The percentage of time the radio channel was busy in the last 64 seconds. Ch Busy perct @ beacon intvl Percentage of time the channel was busy over the last 30 beacon intervals. Rx Time perct @ beacon intvl Percentage of time the AP was receiving data over the last 30 beacon intervals. Rx Discarded Events Number of non-802.11 events that were detected and discarded during normal operation.
Parameter Description Rx RTS Frames (PPS) Rate at which RTS frames were received, in packets per second. Rx CTS Frames Clear To Send (CTS) frames received. This type of frame are used to verify that a client is ready to receive information. Rx CTS Frames (PPS) Rate at which CTS frames were received, in packets per second. RX PS Poll Frames Power-Save Poll (PS-Poll) frames received.
Parameter Description RX bad length Number of frames received with incorrect length. Rx Null Src MAC Number of received frames with source MAC address as NULL. Rx Managment Frames Dropped Number of received management frames that were dropped. Rx Data Frames Dropped Number of received data frames that were dropped. SNR from CTL0 Signal-to-noise ratio (SNR) on chain 0. Throttle drops Number of received frames dropped by AP due to throttling when AP is under high load.
show ap debug received-config show ap debug received-config ap-name [essid ] bssid [essid ] ip-addr [essid ] ip6-addr [essid ] Description Show the configuration the AP downloaded from the controller. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID).
Load aware Scan Threshold 40 MHz intolerance Honor 40 MHz intolerance Legacy station workaround Country Code ESSID ... 1250000 Bps Disabled Enabled Disabled US guest The output of this command includes the following information: Parameter Description BSSID The BSSID of the AP. LMS IP The LMS IP is the IP address of the local controller used by the AP for client data processing.
Parameter Description Management Frame Throttle interval Average interval that rate limiting management frames are sent from this radio, in seconds. If this column displays a zero (0), rate limiting is disabled for this AP. Management Frame Throttle Limit Maximum number of management frames that can come from this radio in each throttle interval. Active Scan Displays whether or not the active scan feature is enabled.
Parameter Description 802.11a Basic Rates Minimum data rate required for a client to associate with the AP. For an 802.11a radio, this value can be 6, 12 and 24 802.11 data rates. 802.11b/g radios will report a value of 1 and 2 802.11 data rates. 802.11a Transmit Rates 802.11 data rate at which the AP will transmit data to its clients. This value can be 6-54 for 802.11a radios, and 1-54 for 802.11b/g radios.
Parameter Description Maximum Transmit Failures Display the maximum number of transmission failures allowed before the client gives up. BC/MC Rate Optimization Shows if the AP has enabled or disabled scanning of all active stations currently associated to that AP to select the lowest transmission rate for broadcast and multicast frames. This option only applies to broadcast and multicast data frames; 802.11 management frames are transmitted at the lowest configured rate.
Parameter Description Band steering reduces co-channel interference and increases available bandwidth for dual-band clients, because there are more channels on the 5GHz band than on the 2.4GHz band. Dual-band 802.11n-capable clients may see even greater bandwidth improvements, because the band steering feature will automatically select between 40MHz or 20MHz channels in 802.11n networks. This feature is disabled by default, and must be enabled in a Virtual AP profile.
show ap remote debug association-failure show ap remote debug association-failure [{ap-name }|{bssid }{essid }] Description Display association failure information that can be used to troubleshoot problems on an AP. Syntax Parameter Description ap-name Filter the Association Failure Table by AP name. bssid Filter the Association Failure Table by Basic Service Set Identifier (BSSID). The BSSID is usually the AP’s MAC address.
Column Description State This data column shows if the client is currently authorized or both authorized and associated with an AP. Radio The AP radio type. Idle Time Amount of time that the client has been idle, in the format hours:minutes:seconds. Reason A brief description of the reason why the client failed to associate. Command History Introduced in ArubaOS 5.0.
show ap debug shaping-table show ap debug shaping-table {ap-name |ip-addr } Description Show shaping information for clients associated to an AP. Syntax Parameter Description ap-name Show shaping table information for a specific AP. ip-addr Show shaping table information for a specific AP IP address by entering its IP address in dotted-decimal format. Example The following command shows the shaping table of an AP named ap22.
Column Description pktout Number of packets sent by the AP. pktdrop Number of packets dropped by the AP. pktqd Number of packets queued. cmn [C:O:H] (For internal use only.) drop Number of CCK (802.11b) and OFDM (802.11a/g) packets dropped. Numcl Number of CCK (802.11b) and OFDM (802.11a/g) packets dropped. TotCl Total number of clients associated with the AP Bwmgmt This data column displays a 1 if the bandwidth management feature has been enabled. Otherwise, it displays a 0.
show ap debug spanning-tree show ap debug spanning-tree {ap-group |ap-name |bssid |ip-addr } Description Show an AP’s spanning tree statistics. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug switching show ap debug switching {ap-name |ip-addr |ip6-addr } Description Show an AP’s switching statistics. Syntax Parameter Description ap-name Name of the Access Point. ip-addr IP address of the Access Point. ip6-addr IPv6 address of the Access Point. Example The following command shows the ..................................... (host) #show ap debug switching Command History Release Modification ArubaOS 3.
show ap debug system-status show ap debug system-status ap-name bssid ip-addr ip6-addr Description Show detailed system status information for an AP. Syntax Parameter Description ap-name Show system status data for an AP with a specific name. bssid Show system status data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Parameter Description The Failed column in the Descriptor Usage section This parameter can tell you if the AP is dropping packets. Interface Information table This parameter can tell you if the Ethernet network is working properly. This table should not show an excessive number of errors. AP Uptime table Low values in this table can indicate problems with the wired network, or with the AP itself. Tunnel Heartbeat table This table can indicate the health of the underlying wired network.
show ap debug trace-addr show ap debug trace-addr Description Show MAC addresses in the trace buffer. Usage Guidelines Use this command to troubleshoot wireless clients that are being traced for 802.11 communication Examples The output of the command shows the Trace List table. If no wireless clients are being traced, this table will be empty.
show ap debug usb show ap debug usb ap-name ip-addr ip6-addr Description This command displays the USB information provisioned on the RAP. Syntax Parameter Description ap-name Show system status data for an AP with a specific name. ip-addr Show system status data for an AP with a specific IP address by entering an IP address in dotted-decimal format.
Command History Release Modification ArubaOS 6.2 Command introduced ArubaOS 6.3 The ip6-addr parameter was introduced. Command Information Platforms Licensing Command Mode Available on all platforms Base operating system Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show ap details show ap details [advanced]{ap-name ||ip-addr |ip6-addr |wired-mac } Description Show detailed provisioning parameters, hardware, and operating information for a specific AP.
AP State Entry created Last activity Reboots Bootstraps Bootstrap Threshold Running 2008-10-23 20:04:53 2008-10-28 08:07:48 0 1 7Slot/Port 2/24 The output of this command includes the following information: Column Description AP IP Address IP address of the AP LMS IP Address The IP address of the local management switch (LMS)—the Dell controller which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network.
Column Description Bootstrap threshold Number of consecutive missed heartbeats on a GRE tunnel (heartbeats are sent once per second on each tunnel) before an AP rebootstraps. On the controller, the GRE tunnel timeout is 1.5 x bootstrap-threshold; the tunnel is torn down after this number of seconds of inactivity on the tunnel. Slot/Port The controller port used by the AP, in the format /.
Column Description Server Name DNS name of the controller from which the AP boots. Server IP IP address of the controller from which the AP boots Antenna gain for 802.11a Antenna gain for 802.11a (5GHz) antenna. Antenna gain for 802.11g Antenna gain for 802.11g (2.4GHz) antenna. Antenna for 802.11a Antenna use for 5 GHz (802.11a) frequency band. 1: AP uses antenna 1 l 2: AP uses antenna 2 l both: AP uses both antennas l Antenna for 802.11g Antenna use for 2.4 GHz (802.11g) frequency band.
Column Description Antenna bearing for 802.11a Horizontal coverage distance of the 802.11a (5GHz) antenna from true north, from 0-360 degrees. NOTE: This parameter is supported on outdoor APs only. The horizontal coverage pattern does not consider the elevation or vertical antenna pattern. Antenna bearing for 802.11g Horizontal coverage distance of the 802.11g (2.4GHz) antenna from true north, from 0-360 degrees. NOTE: This parameter is supported on outdoor APs only.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap enet-link-profile show ap enet-link-profile [] Description Show a list of all Ethernet Link profiles. Usage Guidelines Include a profile name to display details for the specified Ethernet Link Profile, or omit the parameter to display a list of all Ethernet Link profiles.
show ap essid show ap essid Description Show a Extended Service Set Identifier (ESSID) summary for the controller, including the numbers of APs and clients associated with each ESSID. Examples The output of the command in the example below shows statistics for four configured ESSIDs.
show ap ht-rates show ap ht-rates bssid Description Show high-throughput rate information for a basic service set (BSS). Syntax Parameter Description bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. Examples The output of this command shows high-throughput rates for each supported MCS value. These values are applicable to high-throughput (802.11n-capable) APs only.
Related Commands Command Description show ap vht-rates Show very-high-throughput rate information for a basic service set (BSS). Command History Introduced in ArubaOS 3.3. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap image-preload-status (deprecated) show ap image-preload-status page start Description This command displayed the list of APs that will preload a new version of software from a controller with the AP preload feature activated. Starting with ArubaOS 6.4, command was replaced by the command show ap image-preload status. Command History Release Modification ArubaOS 6.3 Command introduced ArubaOS 6.
show ap image-preload status show ap image-preload status all list summary Description Display the list of APs that will preload a new version of software from a controller with the AP preload feature activated. Syntax Parameter Description all Display the complete status of AP image preload operation. list Displays the list of APs and their image preload statuses. summary Summarizes the status of AP image preload operation.
6c:f3:7f:c3:a6:56 11-05 15:39:58 0 SecureJack 10.3.90.14 135 Preloaded 2013-11-05 15:38:50 2013- (host) #show ap image-preload status list AP Image Preload AP Status -------------------------AP Name AP Group AP IP AP Type Time Failure Count Failure Reason ------------------------------------- -------------6c:f3:7f:c3:a6:56 SecureJack 10.3.90.
Column Description AP IP IP address of the AP. AP Type AP model type. Current state of the AP’s preload attempt Preloaded: The AP is finished preloading a new software image. l Preloading: The AP is currently downloading the new image. l Waiting: The AP is waiting to start preloading the new image from the controller. Preload State l Start Time Time the AP starting preloading an image. End Time Time the AP completed the image preload.
show ap image version show ap image version [ap-name |ip-addr ] Description Display an AP’s image version information. Syntax Parameter Description ap-name View image version information for an AP with a specific name. ip-addr View image version information for an AP with a specific IP address. Enter the address of the AP in dotted-decimal format.
Column Description Num Matches Number of times the running image version matched the flash image version after a reboot. Num Mismatches Number of times the running image version did not match the flash image version after a reboot. If the images do not match, the AP will upgrade to the flash image. Bad Checksums Number of bad checksum calculations due to an invalid or corrupted image file. Image Load Status Current status of the AP following an upgrade.
show ap-lacp-striping-ip show ap-lacp-striping-ip Description Define an LLDP MED network policy profile that defines DSCP values and L2 priority levels for a voice or video application. Syntax No parameters Usage Guidelines Example @@@. (host) (config) #show ap-lacp-striping-ip AP LACP LMS map information --------------------------Parameter Value ------------AP LACP Striping IP Enabled GRE Striping IP 2.2.2.2 LMS 3.3.3.3 GRE Striping IP 4.4.4.4 LMS 5.5.5.5 GRE Striping IP 10.65.30.50 LMS 10.65.30.
show ap license-usage show ap license-usage Description Show AP license usage information. Examples The output of the command below shows that controller has 13 associated campus APs using licenses, with 3 unused campus AP licenses remaining.
Parameter Description Remote-Node APs Number of remote node APs currently using a license on the controller. Tunneled Nodes Number of tunneled nodes currently using a license on the controller. CAPs Number of unused campus APs licenses remaining on the controller. RAPs Number of unused remote APs licenses remaining on the controller. Command History Release Modification ArubaOS 3.0 Command Introduced. ArubaOS 3.3 The following parameters were introduced: l Total 802.11n-120abg Licenses l 802.
show ap lldp show ap lldp [] Description Display a list of LLDP-MED Network Policy profiles, or display the current configuration settings of an individual profile. Syntax Parameter Description Specify a LLDP profile name to view configuration settings for that profile. Examples The following example lists all LLDP profile profiles.
Parameter Description PDU transmission Shows if LLDP PDU transmission is enabled on the AP. Reception of LLDP PDUs Shows if LLDP PDU reception is enabled on the AP. Transmit interval (seconds) The interval between LLDP TLV transmission seconds. The supported range is 1-3600 seconds and the default value is 30 seconds. Transmit hold multiplier This value is multiplied by the transmit interval to determine the number of seconds to cache learned LLDP information before that information is cleared.
show ap lldp counters show ap lldp counters ap-name ip-addr ip6-addr (ipv6-addr> Description Show LLDP counters for a specific AP, or all APs sending or receiving LLDP Protocol Data Units (PDUs). Syntax Parameter Description ap-name Show counter statistics for an AP with a specific name. ip-addr View counter statistics for an AP with a specific IP address. Enter the IP address of the AP in dotted-decimal format.
Command Information Platforms Licensing Command Mode All platforms Base operating system. Enable or Config mode on master or local controllers 1043 | show ap lldp counters Dell Networking W-Series ArubaOS 6.4.
show ap lldp med-network-policy-profile show ap lldp med-network-policy-profile [] Description Display a list of LLDP-MED Network Policy profiles, or display the current configuration settings of an individual profile. Syntax Parameter Description Specify a LLDP-MED Network Policy profile name to view configuration settings for that profile.
The output of this command includes the following information: Parameter Description LLDP-MED application type Type of application that this profile manages. This profile supports the following options: l guest-voice : The AP services a separate voice network for guest users and visitors. l guest-voice-signaling : The AP is part of a network that requires a different policy for guest voice signaling than for guest voice media.
Parameter Description LLDP-MED application VLAN Indicates the VLAN ID (0-4094) or VLAN name of the VLAN used by the application. LLDP-MED application VLAN tagging Indicates if the policy applies to a to a VLAN that is tagged with a VLAN ID or untagged. The default value is untagged. NOTE: When an LLDP-MED network policy is defined for use with an untagged VLAN, then the L2 priority field is ignored and only the DSCP value is used. LLDP-MED application Layer-2 priority Displays a configured 802.
show ap lldp neighbors show ap lldp neighbors ap-name ip-addr ip6-addr (ipv6-addr> Description Show LLDP neighbors for a specific AP, or all APs sending or receiving LLDP Protocol Data Units (PDUs). Syntax Parameter Description ap-name Show LLDP neighbor statistics for an AP with a specific name. ip-addr View LLDP neighbor statistics for an AP with a specific IP address. Enter the IP address of the AP in dotted-decimal format.
Parameter Description Mgmt. Address Management address of the LLDP neighbor Capabilities This data column can list any of the following data codes to indicate LLDP neighbor capabilities. l R: Router l B: Bridge l A: Access Point l P: Phone l O: Other Command History Command introduced in ArubaOS 6.2. Command Information Platforms Licensing Command Mode All platforms Base operating system. Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show ap load-balancing show ap load balancing Description Show the load-balancing information for each AP with load balancing enabled. Examples The output of the command in the example below shows details for a single AP enabled with the loadbalancing feature. (host) #show ap load-balancing Load Balance Enabled Access Point Table --------------------------------------bss cur-cl util(kbps) -------- ---------00:0b:86:cc:8e:4e Wireless_1 mp22 2/24 10.3.148.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap mesh active show ap mesh active [|{page }|{start }] Description Show active mesh cluster APs currently registered on this controller. Syntax Parameter Description Name of a mesh cluster profile. page Limit the output of this command to a specific number of entries by entering the number of entries you want to display.
Column Description BSSID Basic Service Set Identifier (BSSID) for the AP. This is usually the AP’s MAC address. Band/Ch/EIRP/MaxEIRP The RF band in which the AP should operate (a or g)/ Radio channel used by the AP/Current effective Isotropic Radiated Power (EIRP) /maximum EIRP MTU Maximum Transmission Unit (MTU) size, in bytes. This value describes the greatest amount of data that can be transferred in one physical frame. Enet 0/1 Shows the current mode of each wired interface. Bridge: 802.
show ap mesh-cluster-profile show ap mesh-cluster-profile [] Description Show configuration settings for a mesh cluster profile. Syntax Parameter Description Name of a mesh cluster profile Usage Guidelines The command show ap mesh-cluster-profile displays a list of all mesh cluster profiles configured on the controller, including the number of references to each profile and each profile’s status.
Command History Introduced in ArubaOS 3.2. Command Information Platforms Licensing Command Mode All platforms This show command is available in the base operating system. Commands to configure the mesh feature require the Mesh license. Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap mesh debug counters show ap mesh debug counters {ap-name }|{bssid }|{ip-addr } Description Show counters statistics for a mesh node. Syntax Parameter Description ap-name Show counter statistics for an AP with a specific name. bssid Show counter statistics for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. ip-addr View counter statistics for an AP with a specific IP address.
Column Description Interface Indicates whether the mesh interface connects to a Parent AP or a Child AP. Each row of data in the Mesh Packet Counters table shows counter values for an individual interface. Echo Sent Number of echo packets sent. Echo Recv Number of echo packets received. Probe Req Number of probe request packets sent from the interface specified in the Mesh-IF parameter. Probe Resp Number of probe response packets sent to the interface specified in the Interface parameter.
show ap mesh debug current-cluster show ap mesh debug current-cluster {ap-name }|{bssid }|{ip-addr } Description Display information for the mesh cluster currently used by a mesh point or mesh portal. Syntax Parameter Description ap-name Show mesh cluster data for an AP with a specific name. bssid Show mesh cluster data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms This show command is available in the base operating system. Commands to configure the mesh feature require the Mesh license. Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap mesh debug forwarding-table show ap mesh forwarding-table {ap-name }|{ip-addr } Description Show the forwarding table for a remote mesh point or remote mesh portal. Syntax Parameter Description ap-name Show data for a remote mesh node with a specific name. ip-addr Show data for a remote mesh node with a specific IP address by entering its IP address in dotted-decimal format. Usage Guidelines This is an internal technical support command.
show ap mesh debug hostapd-log show ap mesh debug hostapd-log {ap-name }|{bssid }|{ip-addr } Description Show the debug log messages for the hostapd process. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap mesh debug meshd-log show ap mesh debug meshd-log {ap-name }|{bssid }|{ip-addr } [] Description Show the debug log messages for the meshd process. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap mesh debug provisioned-clusters show ap mesh debug provisioned-clusters {ap-name }|{bssid }|{ip-addr } Description Show cluster profiles provisioned on a mesh portal or mesh point. Syntax Parameter Description ap-name Show data for a mesh node with a specific name. bssid Show data for a mesh node with a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description Cluster Name Name of the mesh cluster using this profile RF band The RF band in which the AP should operate: l g = 2.4 GHz l a = 5 GHz Encryption Data encryption setting for the mesh cluster profile. l opensystem—No authentication and encryption. l wpa2-psk-aes—WPA2 with AES encryption using a preshared key. WPA Hexkey The WPA pre-shared key (only for mesh cluster profiles using WPA2 with AES encryption).
show ap mesh-ht-ssid-profile show ap mesh-ht-ssid-profile [] Description Show configuration settings for a mesh high-throughput Service Set Identifier (SSID) profile. Syntax Parameter Description Name of a mesh high-throughput SSID profile. Usage Guidelines High-throughput APs support additional settings not available in legacy APs. A mesh high-throughput SSID profile can enable or disable high-throughput (802.
Column Description 40 MHz channel usage This parameter shows if the profile enables or disables the use of 40 MHz channels. BA AMSDU Enable Shows of the AP has enabled or disabled the ability to receive AMSDU in BA negotiation. Temporal Diversity Enable Shows if temporal diversity has been enabled or disabled. When this feature is enabled and the client is not responding to 802.
Column Description Min MPDU start spacing Configured minimum time between the start of adjacent MPDUs within an aggregate MPDU, in microseconds. Supported MCS set Displays a list of Modulation Coding Scheme (MCS) values or ranges of values to be supported on this SSID. The MCS you choose determines the channel width (20MHz vs. 40MHz) and the number of spatial streams used by the mesh node.
Command History Version Description ArubaOS 3.4 Command introduced ArubaOS 6.1 The allow weak encryption parameter was deprecated. The following parameters were introduced: l Short guard interval in 20 MHz mode l Low-density Parity Check l Maximum number of spatial streams usable for STBC reception l Maximum number of spatial streams usable for STBC transmission ArubaOS 6.2 The following parameters were introduced.
show ap mesh neighbors show ap mesh neighbors {ap-name }|{bssid }|{ip-addr } [names] Description Show all mesh neighbors for an AP. Syntax Parameter Description ap-name Show mesh neighbors for an AP with a specific name. bssid Show mesh neighbors for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Total count: 5, Children: 2 Relation: P = Parent; C = Child; N = Neighbor; B = Blacklisted-neighbor Flags: R = Recovery-mode; S = Sub-threshold link; D = Reselection backoff; F = Auth-failure; H = High Throughput; L = Legacy allowed The output of this command includes the following information: Column Description MAC MAC address of the mesh node. Portal By default, this column displays the BSSID of the mesh point.
Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4.1 The names parameter was introduced. The output of this command was also modified to include the Rate Tx/Rx column. Command Information Platforms Licensing Command Mode All platforms This show command is available in the base operating system. Commands to configure the mesh feature require the Mesh license. Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap mesh-radio-profile show ap mesh-radio-profile [] Description Show configuration settings for a mesh radio profile. Syntax Parameter Description Name of a mesh radio profile. Usage Guidelines The radio profile determines the radio frequency/channel used only by mesh nodes to establish mesh links. Mesh nodes operating in different cluster profiles can share the same radio profile.
Parameter Description 802.11a Transmit Rates Indicates the transmit rates for the 802.11a radio. The AP attempts to use the highest transmission rate to establish a mesh link. If a rate is unavailable, the AP goes through the list and uses the next highest rate. 802.11g Transmit Rates Indicates the transmit rates for the 802.11g radio. The AP attempts to use the highest transmission rate to establish a mesh link. If a rate is unavailable, the AP goes through the list and uses the next highest rate.
Parameter Description links only if the existing uplink becomes a sub-threshold link. Retry Limit Maximum number of times a mesh node can re-send a packet. RTS Threshold The packet size sent by mesh nodes. Mesh nodes transmitting frames larger than this threshold must issue request to send (RTS) and wait for other mesh nodes to respond with clear to send (CTS) to begin transmission. This helps prevent mid-air collisions. Command History Release Modification ArubaOS 3.2 Command Introduced.
show ap mesh tech-support show ap mesh tech-support ap-name Description Display all information for an AP, and save that information in a file on the controller Syntax Parameter Description Name of an AP for which you want to create a report Filename for the report created by this command. The file can only be saved in the flash directory. If desired, you can use FTP or TFTP to copy the file to another destination.
show ap mesh topology show ap mesh topology [long] [page ] [start ] Description Show the mesh topology tree. Syntax Parameter Description long Include the names of a mesh portal’s children in the output of this command page Limit the output of this command to a specific number of entries by entering the number of entries you want to display.
Column Description Path Cost A relative measure of the quality of the path from the AP to the controller. A lower number indicates a better quality path, where a higher number indicates a less favorable path (e.g, a path which may be longer or more congested than a path with a lower value.) For a mesh point, the path cost is the sum of the (parent path cost) + (the parent node cost) + (the link cost).
show ap monitor show ap monitor active-laser-beams|ap-list|channel|client-list|containment-info|idsstate|mesh-list|pot-ap-list|pot-client-list|routers|wired-mac {ap-name }|{bssid }|{ip-addr } {ap-bssid }|{enet-mac } Description Show information for Dell Air Monitors. Syntax Parameter Description active-laser-beams Show active laser beam generators.
Parameter Description bssid BSSID of Access Point ip-addr IP Address of Access Point mesh-list pot-ap-list Show list of Mesh APs being monitored. Display the Potential AP table. The Potential AP table shows the following data: bssid: the AP’s Basic Service Set Identifier. l channel: The AP’s current radio channel l phy type: The radio’s PHY type. Possible values are 802.11a, 802.11a-HT40, 802.11b/g, 802.11b/g-HT-20.
-----------------bssid ----d8:c7:c8:3d:41:20 6c:f3:7f:8e:6a:b1 18:64:72:93:6a:63 d8:c7:c8:3d:46:72 6c:f3:7f:43:d4:2a dt/mt ----22053/21183 22053/21183 22053/16068 21976/2165 21404/2668 ut/it ----1/0 1/0 1/0 34/0 0/0 essid ----test-apprf esx12_1x test_cp 135-hierarchy-psk sw-inst encr ---wpa2-psk-aes wpa2-8021x-aes wpa2-psk-aes wpa2-psk-aes wpa2-psk-aes chan ---1 1 1 36 40 nstas ----0 0 0 0 0 ap-type ------suspected-rogue(20%) interfering interfering suspected-rogue(20%) interfering avg-rssi -------50 1
Parameter Description Therefore, the higher the RSSI number, the stronger the signal. curr-rssi Shows the current RSSI for the device. wmacs Shows the number of unique wireless MAC addresses seen on the Wi-Fi network from the AP's BSSID. ibss Shows all the monitored APs (BSSIDs). Command History Version Modification ArubaOS 3.0. Command introduced ArubaOS 3.4. The ap-bssid and enet-mac parameters were added to the show ap monitor wired-mac command. ArubaOS 6.
show ap monitor association show ap monitor association {ap-name }|{bssid }|{ip-addr } Description Show the association table for an Air Monitor (AM). Syntax Parameter Description ap-name Show data for an AM with a specific name. bssid Show data for an AM with a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AM’s MAC address.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 1083 | show ap monitor association Dell Networking W-Series ArubaOS 6.4.
show ap monitor debug show ap monitor debug counters|status {ap-name }|{bssid }|{ip-addr } show ap monitor debug profile-config {ap-name }|{bssid }|{ip-addr } ap-radio|ap-system|arm|event-thresholds|ids-dos|ids-general|ids-impersonation|ids-signaturematching|ids-unauthorized-device|interference|regulatory-domain|rf-behavior Description Show information for an Air Monitor’s current status, message counters, or profile settings.
Parameter Description interference Show an Air Monitor’s interference configuration settings, as defined in its current RF Optimization profile. regulatory-domain Show an Air Monitor’s Regulatory Domain configuration settings, as defined in its Regulatory Domain profile. rf-behavior Show an Air Monitor RF Behavior Configuration Examples The output of the following command includes the WLAN Interface, Data Structures, WLAN InterfaceSwitch Status and RTLS Configuration tables for the specified AP.
Stats Update Interval Poll Interval Num Switches Collect Stats 60 174000 1 enabled WLAN Interface Switch Status ----------------------------Bssid Type Status ack -------------00:1a:1e:11:5f:10 local up 3322965 00:1a:1e:11:5f:00 local up 3322965 Last-reg N-reg Last-update Next-update N-updates Last- -------- ----- ----------- ----------- --------- ------ 3321891 3821 3322965 197 10368 3321891 3821 3322917 187 10378 RTLS Configuration and State ----------------------------Type Server
Column Description ip The AP’s IP address. gw-ip IP address for the AP’s gateway. gw-mac MAC address for the AP’s gateway. status Shows if the interface is currently enabled or disabled. pkts Number of packets seen on the AP’s wired interface. macs Number of MAC addresses in the Wired MAC table for that interface. gw-macs Number of MAC addresses in the Wired MAC table for that interface. tagged-pkts Number VLAN-tagged packets sent to that interface.
Column Description msg-hash Number of different message types seen on the interface. ap-l (For internal use only) WMS on Master Indicates if the AP communicates to the wms process on a master or local controller. enabled: Communicates with a master controller. disabled: Communicates with a local controller only. Stats Update Interval If the AP is collecting statistics, this value is the interval in seconds in which the AP sends statistics to the WMS process on a controller.
Column Description Rpt-Sta Displays whether station reporting is enabled or not. Incl-Unassoc-Sta Displays whether unassociated stations are included in station reporting or not. Sta-Sent Displays cumulative count of station reports sent to server. Cmpd-Msgs-Sent Displays cumulative count of compound messages containing station reports sent to server. Command History Version Modification ArubaOS 3.0. Command introduced. ArubaOS 3.4.
show ap monitor stats show ap monitor stats advanced {ap-name }|{bssid }|{ip-addr } clientmac show ap monitor stats {ap-name }|{bssid }|{ip-addr } mac Description Show packet, signal and channel statistics for an AP or a client. Syntax Parameter Description advanced Show advanced statistics for an AP or client. ap-name Show statistics for an AP with a specific name.
FRR FRER --- ---17 4 Handoff Assist -------------rssi-index cur-signal old-cur-signal ---------- ---------- -------------0 51 0 High Throughput Parameters -------------------------ht-type primary-channel sec-channel gf-supported ------- --------------- ----------- -----------none 0 0 0 40mhz-intolerance ----------------0 The output of this command includes the following information: Column Description retry Percent of 802.11 retry frames sent because a client failed to send an ACK.
Column Description NOTE: This value is updated only if 'handoff-assist' is enabled in the AP’s RF Optimization profile. cur-signal The Receive Signal Strength Indicator (RSSI) of the most recent frame received from the specified MAC address. old-cur-signal The most recent Receive Signal Strength Indicator (RSSI) of the MAC which is 3 lower or 5 higher than the current RSSI.
show ap packet capture show ap pcap status {ap-name }|{bssid }|{ip-addr } Description Show the status of outstanding packet capture (pcap) sessions. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description max-pkt-size Maximum size of all captured packets. num-pkts Number of packets captured during the session. status Shows the current status of the packet-capture session. url Packet capture data can be downloaded to this URL target IP address of the client station running Wildpacket’s AiroPeek monitoring application Command History Introduced in ArubaOS 3.0.
show ap papi-err show ap papi-err {ap-name |bssid |ip-addr |ip6-addr } Description Show PAPI error messages. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap port status ap-name bssid ip-addr ip6-addr wired-mac Description Shows the status of the AP's wired ports. The status is updated every 60 seconds. Syntax Parameter Description ap-name Name of the AP. bssid BSSID of the AP. ip-addr IP address of the AP. ip6-addr IPv6 address of the AP. wired-mac MAC address of the AP.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 1097 | show ap port status Dell Networking W-Series ArubaOS 6.4.
show ap profile-usage show ap profile-usage {ap-name |bssid |ip-addr } Description Show a complete list of all profiles referenced by an individual AP or an AP BSSID. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap provisioning show ap provisioning {ap-name }|{bssid }|{ip-addr } Description Show provisioning parameters currently used by an AP. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address.
PAP Password PPPOE User Name PPPOE Password PPPOE Service Name PPPOE CHAP Secret USB User Name USB Password USB Device Type N/A N/A N/A N/A N/A N/A N/A any The output of this command includes the following information: Column Description AP Name Name of the AP. AP Group AP group to which the AP belongs. Location name Fully-qualified location name (FQLN) for the AP. SNMP sysLocation User-defined description of the location of the AP, as defined with the command provision-ap syslocation.
Column Description Single chain mode for Radio 0 If this parameter is set to 1 for an 802.11n-capable radio, the radio will operate in single-chain mode, and will transmit and receive data using only legacy rates and single-stream HT rates up to MCS 7. This parameter is set to 0 (disabled) by default. Single chain mode for Radio 1 If this parameter is set to 1 for an 802.
Column Description Mesh Role If the mesh role is “none,” the AP is operating as a thin AP. An AP operating as a mesh node can have one of two roles: mesh portal or mesh point. Installation Indicates the type of installation (indoor or outdoor). The default parameter indicates that the installation mode is determined by the AP model type. Latitude Latitude coordinates of the AP, in the format Degrees Minutes Seconds (DMS).
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 Introduced support for mesh parameters, additional antenna parameters, and AP location parameters. ArubaOS 3.4 Introduced support for the following parameters: l Installation l Mesh SAE l USB User Name l USB Password l USB Device Type l USB Device Identifier l USB Dial String l USB Initialization String l USB TTY device path ArubaOS 5.
show ap provisioning-profile ap provisioning-profile [] Description This command shows information for AP provisioning profiles. Syntax Parameter Description The name of an an existing AP provisioning profile. Usage Guidelines The AP provisioning profile allows you to define a set of provisioning parameters to an AP group. These settings can be saved or assigned to an AP group via the command ap-group provisioning-profile .
USB TTY device control path Link Priority Ethernet Link Priority Cellular Username of AP so that AP can authenticate to 802.1x using PEAP N/A 0 0 N/A Description This command defines a provisioning profile for an AP or group of APs. Syntax Parameter Description Remote-AP Indicates that the profile is associated with a remote AP using certificates. Master IP/FQDN The FQDN or IP address for the master controller. PPPOE User Name PPPoE username for the AP.
Parameter Description Uplink VLAN If you configured an uplink VLAN on an AP connected to a port in trunk mode, the AP sends and receives frames tagged with this VLAN on its Ethernet uplink. By default, an AP has an uplink vlan of 0, which disables this feature. Usage Guidelines The AP provisioning profile allows you to define a set of provisioning parameters to an AP group. These settings can be saved or assigned to an AP group via the command ap-group provisioning-profile .
show ap radio-database show ap radio-database [band a|g] [group ] [mode access-point|airmonitor|disabled|ht|ht-40mhz|legacy|sap-monitor] [sort-by ap-group|ap-ip|ap-name|aptype|switch-ip] [sort-direction ascending|descending] [start ] [switch ] Description Show radio information for Access Points visible to this controller. Syntax Parameter Description band Show only APs with a radio operating in the specified band. a Show only APs with a radio operating in the 802.
Parameter Description start Start displaying the output of this command at a chosen index number by entering the index number of the AP at which command output should start. switch Display information for APs associated with a specific controller by entering the IP address of that controller. Example The output of the command shows that the AP is aware of five other access points, three of which are active.
Column Description 11a Mode/Chan/EIRP/Cli 802.1a radio type and mode/802.11a radio channel used by the AP/current Effective Isotropic Radiated Power (EIRP)/Number of Clients associated with the radio. Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 1109 | show ap radio-database Dell Networking W-Series ArubaOS 6.4.
show ap radio-summary show ap radio-summary ap-group ap-name dot11a dot11g ip-addr ip6-addr Description Show AP radios registered to this controller. Syntax Parameter Description ap-group Allows you to filter radio information by AP group. ap-name Allows you to filter radio information by AP name. dot11a Allows you to filter 802.11a radio information. dot11g Allows you to filter 802.11g radio information.
TD: Time used by data frames (%); TM: time used by mgnt frames(%); time used by ctrl frames (%) Total Radios:6 The output of this command includes the following information: Parameter Description Name Name of the AP. Group Group to which AP radio is assigned. AP Type AP model. IP Address Radio IP address. Band Band on which radio is operating on (2.4 or 5 GHz). Mode Mode on which radio is operating; AP: AP Mode; AM: Air Monitor Mode, Spectrum: Spectrum Monitor Mode.
show ap regulatory show ap regulatory Description Shows the currently active Regulatory Cert. Syntax None. Usage Guidelines Issue this command to view the currently active Regulatory Cert Examples The example below shows the version of Regulatory Cert currently active on the controller. (host) #show ap regulatory Regulatory Version :1.0_43859 Command History Introduced in ArubaOS 6.4.1.
show ap regulatory-domain-profile show ap regulatory-domain-profile [] Description Show the list of regulatory domain profiles, or the settings in an individual regulatory domain profile Syntax Parameter Description Show data for a specific regulatory domain profile Usage Guidelines Issue this command without the parameter to display the entire regulatory domain profile list, including profile status and the number of references to each profile.
Valid Valid Valid Valid Valid 802.11a 802.11a 802.11a 802.11a 802.11a 80MHz 80MHz 80MHz 80MHz 80MHz channel channel channel channel channel group group group group group 52-64 100-112 116-128 132-144 149-161 The output of this command includes the following information: Column Description Country Code Code that represents the country in which the APs will operate. The country code determines the 802.11 wireless transmission spectrum. Valid 802.11g channel Selected 802.
show ap remote counters show ap remote counters {ap-name }|{bssid }|{ip-addr } Description Show the numbers of message counters for Remote APs Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. You must specify an AP’s BSSID, which is usually the AP’s MAC address ip-addr Show data for an AP with a specific IP address.
show ap remote debug association show ap remote debug association [ap-name |bssid |ip-addr ] Description Show the association table of the AP to identify the clients associated to each AP. Syntax Parameter Description ap-name Show client associations for a specific AP name. bssid Show client associations for an specific AP Basic Service Set Identifier (BSSID). The BSSID is usually the AP’s MAC address.
Column Description mac MAC address of the client. auth This column displays a y if the AP has been configured for 802.11 authorization frame types. Otherwise, it displays an n. assoc This column displays a y if the AP has been configured for 802.11 association frame types. Otherwise, it displays an n. aid 802.11 association ID. A client receives a unique 802.11 association ID when it associates to an AP. 1-int Number of beacons in the 802.11 listen interval.
show ap remote debug association show ap remote debug association [ap-name |bssid |ip-addr Description Show the association table for an AP. Syntax Parameter Description ap-name Show AP associations for a specific AP. You can also include the essid, phy or voip-only keywords to further filter the output of this command. bssid Show the AP associations for an specific AP Basic Service Set Identifier (BSSID).
65 0x10c4 a-HT-40sgi-2ss 35m:41s 1 WA65 0x1072 24m:29s 1 a WA The output of this command includes the following information: Column Description Name Name of an AP bssid The AP Basic Service Set Identifier (BSSID) mac MAC address of the AP auth This column displays a y if the AP has been configured for 802.11 authorization frame types. Otherwise, it displays an n. assoc This column displays a y if the AP has been configured for 802.11 association frame types. Otherwise, it displays an n.
show ap remote debug bss-config show ap remote debug bss-config [ap-name |bssid |ip-addr Description Show the configuration for each BSSID of an AP. This information can be used to troubleshoot problems on an AP. Syntax Parameter Description ap-name Filter the AP Config Table by AP name. ip-addr Filter the AP Config Table by IP address by entering an IP address in dotteddecimal format.
Column Description type This column shows if the BSSID is for an access point (ap) or an air monitor (am). fw-mode The configured forward mode for the AP’s virtual AP profile. l bridge: Bridge locally l split-tunnel: Tunnel to controller or NAT locally l tunnel: Tunnel to controller max-cl The maximum number of clients allowed for this BSSID. preamble Shows if short preambles are enabled for 802.11b/g radios. Network performance may be higher when short preamble is enabled.
show ap remote debug client-mgmt-counters show ap remote debug client-mgmt-counters Description Show the numbers of each type of message from an AP’s clients. This information can be used to troubleshoot problems on an AP.
Parameter Description Update STA Tunnel Request (For internal use only) Update STA Tunnel Response (For internal use only) ARM Update Number of times an AP has changed its adaptive radio management (ARM) settings.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap remote debug flash-config show ap remote debug flash-config {ap-name |bssid |ip-addr |ip6-addr } acls|vap |vaps Description Show the remote AP configuration stored in flash memory. Syntax Parameter Description ap-name Show debugging data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
... The output of this command includes the following information: Column Description Native VLAN VLAN ID of the native VLAN. DHCP VLAN VLAN ID of Remote AP DHCP server used when the controller is unreachable. DHCP ADDR IP Address used as DHCP Server Identifier. DHCP POOL NETMASK Netmask of the DHCP server pool. DHCP POOL START IP Address used as the start of a range of addresses for a DHCP pool. DHCP POOL END IP Address used as the end of a range of addresses for a DHCP pool.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 1127 | show ap remote debug flash-config Dell Networking W-Series ArubaOS 6.4.
show ap remote debug mgmt-frames show ap remote debug mgmt-frames {ap-name }|{bssid |{ip-addr } [client-mac ] [count ] Description Show traced 802.11 management frames for a remote AP. Syntax Parameter Description ap-name Show debugging information for a specific AP. bssid Show debugging information for a specific Basic Service Set Identifier (BSSID).
Column Description assoc-req: Association request SA Source MAC address. DA Destination MAC address. BSS Basic Service Set Identifier (BSSID) of the AP signal Signal strength as a signal to noise ratio. For example, a value of 30 would indicate that the power of the received signal is 30 dBm above the signal noise threshold. Misc Additional information describing the client’s action. In the case of deauthentication, a reason associated with the event will be displayed in this column.
show ap snmp show ap snmp wlsxSwitchStationMgmtTable wlsxSwitchStationStatsTable wlsxWlanAPBssidTable wlsxWlanAPTable wlsxWlanRadioTable Description This command displays the AP-related SNMP tables. Syntax Parameter Description wlsxSwitchStationMgmtTable Display user tree. wlsxSwitchStationStatsTable Display user statistics tree. wlsxWlanAPBssidTable Display BSSID SNMP tree. wlsxWlanAPTable Display SNMP tree wlsxWlanRadioTable Display radio table SNMP tree.
show ap spectrum ap-list show ap spectrum ap-list {ap-name }|{ip-addr } ap-bssid channel essid limit or page freq-band 2.4ghz|5ghz sort start Description This command shows spectrum data seen by an access point that has been converted to a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information.
Examples The output of this example shows spectrum data seen by spectrum monitor ap123. The output in the example below has been divided into two tables to better fit this document. In the ArubaOS CLI, the output appears as a single, long table.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.
show ap spectrum channel-metrics show ap spectrum channel-metrics {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command shows channel quality, availability and utilization metrics as seen by a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor. freq-band 2.4ghz|5ghz View information for a specific radio type, either 2.
Channel Metrics Table --------------------Channel Quality(%) Availability(%) ------- ---------- --------------1 97 57 2 80 58 3 63 58 4 71 57 5 88 54 6 98 51 7 88 54 8 69 56 9 60 57 10 30 29 11 0 0 12 25 50 13 50 99 14 99 99 1+/563 54 2+/663 51 3+/763 51 4+/869 51 5+/960 51 6+/1030 29 7+/110 0 Utilization(%) -------------43 42 42 43 46 49 46 44 43 71 100 50 1 1 46 49 49 49 49 71 100 WiFi Util(%) -----------40 22 5 16 36 47 35 14 3 1 0 0 0 0 36 47 47 47 47 1 0 Interference Util(%) -------------------3 20
Command Description Mode rf dot11g-radio-profilemodespectrum-mode Set a 802.11g radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client.
show ap spectrum channel-summary show ap spectrum channel-summary {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command displays a summary of the 802.11a or 802.11g channels seen by a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor for which you want to view spectrum information. freq-band 2.
Column Description Channel An 802.11a or 802.11g radio channel. Known APs Number of valid APs identified on the radio channel. UnKnown APs Number of invalid or rogue APs identified on the radio channel. Channel Util (%) Percentage of the channel currently in use. Max AP Signal (dBm) Signal strength of the AP that has the maximum signal strength on a channel. Max Interference (dBm) Signal strength of the non-Wi-Fi device that has the highest signal strength.
show ap spectrum client-list show ap spectrum client-list {ap-name }|{ip-addr } |{ip6-addr } ap-bssid channel essid mac or page freq-band 2.4ghz|5ghz Description This command shows details for clients seen by a specified spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information.
Spectrum Client Table --------------------mac bssid ------00:14:a4:d1:34:63 00:24:6c:80:48:79 00:19:7d:3a:96:d9 00:24:6c:80:7b:c9 00:16:cf:af:3e:e1 00:24:6c:80:48:79 00:1c:26:5b:a7:ac 00:24:6c:81:8b:19 00:21:6b:c6:b2:12 00:24:6c:80:48:79 00:21:6a:9c:0e:36 00:24:6c:81:8b:19 00:21:6a:51:e4:30 00:1a:1e:87:c1:91 00:24:d6:65:a9:e6 00:24:6c:80:48:7a signal(dBm) ---------------71 -66 -74 -79 -66 -72 -63 -69 -------2010-05-17 2010-05-17 2010-05-17 2010-05-17 2010-05-17 2010-05-17 2010-05-17 2010-05-17 essid ----e
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.
show ap spectrum debug show ap spectrum debug {channel-info|channel-quality|classify|classify-fft|devicedetails|device-info|devices-seen} {ap-name }|{ip-addr } freq-band {2.4ghz|5ghz} Description This command saves spectrum analysis channel information to a file on the spectrum monitor. Syntax Parameter Description channel-info Save channel information for later analysis.
Command Description Mode rf dot11g-radio-profilemodespectrum-mode Set a 802.11g radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers Command History Introduced in ArubaOS 6.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 1143 | show ap spectrum debug Dell Networking W-Series ArubaOS 6.4.
show ap spectrum debug fft show ap spectrum debug fft {ap-name }|{ip-addr } freq-band {2.4ghz|5ghz} avg duty-cycle fft-to-controller max normalized raw raw-normalized Description Save FFT (Fast Fourier Transform) power data to a file on the spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor. freq-band 2.
Command Description Mode rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.11g radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers Command History Introduced in ArubaOS 6.0.
show ap spectrum debug monitors show ap spectrum debug monitors Description Show a detailed description of all spectrum monitors on the controller. Syntax No parameters Examples The output of this command shows a list of available spectrum monitor or hybrid AP devices, a list of spectrum devices currently subscribed to a spectrum client, message counters for subscribed spectrum devices and the subscription history.
Usage Guidelines Use this command under the guidance of a Dell technical support representative to troubleshoot spectrum analysis errors. Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.
show ap spectrum debug status show ap spectrum debug status {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command shows detailed status and statistics for a spectrum monitor or hybrid AP. Syntax Parameter Description ap-name Name of the spectrum device for which you want to view status information. ip-addr IP address of the spectrum device for which you want to view status information. freq-band 2.
show ap spectrum device-duty-cycle show ap spectrum device-duty-cycle {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description Shows the current duty cycle for devices on all channels being monitored by the spectrum monitor or hybrid AP radio. Syntax Parameter Description ap-name Name of the spectrum device for which you want to view spectrum information. ip-addr IP address of the spectrum device for which you want to view spectrum information. freq-band 2.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.
show ap spectrum device-history show ap spectrum device-history {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [type audio-ff|bluetooth|cordless-base-fh|cordless-network-fh|cordless-phone-ff|genericff|generic-fh|generic-interferer|microwave|microwave-inverter|video|xbox] Description This command shows the history of the last 256 non-Wi-Fi devices. Syntax Parameter Description ap-name Name of the spectrum monitor or hybrid AP for which you want to view spectrum information.
Usage Guidelines Use this command to view channel, signal and duty-cycle information and add/delete times for the last 256 devices seen by a spectrum monitor or hybrid AP. Non-Wi-Fi Interferers The following table describes each type of of non-Wi-Fi interferer detected by a spectrum monitor or hybrid AP. Note also that a hybrid AP on a 20 MHz channel will see 40 MHz Wi-Fi data as non-Wi-Fi data.
Non-Wi-Fi Interferer Type Description Microwave Common residential microwave ovens with a single magnetron are classified as a Microwave. These types of microwave ovens may be used in cafeterias, break rooms, dormitories and similar environments. Some industrial, healthcare or manufacturing environments may also have other equipment that behave like a microwave and may also be classified as a Microwave device.
Column Description cordless base FH (frequency hopper) cordless phone FF (fixed frequency l cordless network FH (frequency hopper) l generic FF (fixed frequency l generic FH (frequency hopper) l generic interferer l microwave l microwave inverter l video l xbox NOTE: For additional details about non-Wi-Fi device types shown in this table, see Non-Wi-Fi Interferers on page 1152 l l ID ID number assigned to the device by the spectrum monitor or hybrid AP radio.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 1155 | show ap spectrum device-history Dell Networking W-Series ArubaOS 6.4.
show ap spectrum device-list show ap spectrum device-list {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [type audio-ff|bluetooth|cordless-base-fh|cordless-network-fh|cordless-phone-ff|genericff|generic-fh|generic-interferer|microwave|microwave-inverter|video|xbox] Description Show a device summary table and channel information for non-Wi-Fi devices currently seen by a spectrum monitor or hybrid AP radio.
Usage Guidelines Issue this command to view detailed information about currently active non-Wi-Fi devices on the network. Use the optional type parameter to display data for one specific device type only. For additional details about nonWi-Fi device types shown in this table, see Non-Wi-Fi Interferers on page 1152. A hybrid AP on a 20 MHz channel will see 40 MHz Wi-Fi data as non-Wi-Fi data.
Column Description Duty-cycle Device duty cycle. This value represents the percent of time the device broadcasts a signal. Add-time Time at which the device was first detected. Update-time Time at which the device’s status was updated. Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.
show ap spectrum device-log show ap spectrum device-log {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [type audio-ff|bluetooth|cordless-phone-ff|cordless-phone-fh| generic-ff|generic-fh|generic-interferer|microwave|microwave-inverter|video|xbox] Description This command shows a time log of add and delete events for non-Wi-Fi devices. Syntax Parameter Description ap-name Name of the spectrum monitor for hybrid AP or which you want to view spectrum information.
Usage Guidelines Use this table to show a time log of when non-Wi-Fi devices were added to and deleted from the Wi-fi Device log table. For additional details about non-Wi-Fi device types shown in this table, see Non-Wi-Fi Interferers on page 1152. A hybrid AP on a 20 MHz channel will see 40 MHz Wi-Fi data as non-Wi-Fi data. Examples The output of this example shows that the spectrum monitor ap123 logged data for four frequency-hopping cordless base devices seen by its 802.11g radio.
Column Description Duty Cycle Device duty cycle. This value represents the percent of time a signal is broadcast on a specific channel or frequency. Center Freq Center frequency of the signal sent by the device. Start Freq Lowest signal frequency sent by the device. End Freq Highest signal frequency sent by the device. Channels affected Radio channels affected by the device signal. Bandwidth Amount of signal bandwidth used by the device, in kilohertz.
show ap spectrum device-summary show ap spectrum device-summary {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command shows the numbers of wi-fi and non-Wi-Fi device types on each channel monitored by a spectrum monitor or hybrid AP Syntax Parameter Description ap-name Name of the spectrum monitor or hybrid AP for which you want to view spectrum information.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.
show ap spectrum interference-power show ap spectrum interference-power {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [] Description This command shows the interference power detected by a 802.11a or 80211g radio on a spectrum monitor or hybrid AP. Syntax Parameter Description ap-name Name of the spectrum monitor or hybrid AP for which you want to view spectrum information.
-----------------------Channel Noise Floor(dBm) Max Interference(dBm) ------- -----------------------------------149 -91 -71 153 -63 -58 157 -92 -60 161 -94 -70 165 -93 -69 149+ -60 -58 157+ -89 -60 Max AP Signal(dBm) Max AP SSID Max AP BSSID ACI(dBm) ------------------ ----------- ------------ -------- -40 ethersphere-wpa2 00:24:6c:80:7b:c9 -77 -42 guest 00:1a:1e:87:c1:90 -63 -48 alpha 00:1a:1e:50:01:30 -74 -39 00:24:6C:C0:15:EB 00:24:6c:81:57:c8 -61 -26 sw-jfb-attack 00:1a:1e:9b
show ap spectrum-load-balancing show ap spectrum-load-balancing [group ] Description Show spectrum load balancing information for an AP with this feature enabled. Syntax Parameter Description group Filter this information to show only data for the specified spectrum load balancing domain. Examples The output of the command below shows the APs currently using the spectrum load-balancing domain default-1.
show ap spectrum local-override show ap spectrum local-override Description This command shows a list of AP radios currently converted to spectrum monitors via the spectrum localoverride list Syntax No parameters Examples The output of this example shows that three APs each have two radios defined as spectrum monitors.
Command History Introduced in ArubaOS 6.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show ap spectrum monitors show ap spectrum monitors Description This command shows a list of APs terminating on the controller that are currently configured as spectrum monitors or hybrid APs Syntax No parameters Examples The output of this example shows that the 802.11a radio on a spectrum monitor named ap123 is sending spectrum analysis data to a client with the IP address 10.240.16.177.
Command History Introduced in ArubaOS 6.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show ap spectrum technical-support show ap spectrum technical-support ap-name Description Save spectrum data for later analysis by technical support. Syntax Parameter Description Save technical support information for a specific spectrum monitor. Name of the file to which this data should be saved. This file does not have to already exist on the controller, the show ap spectrum technical-support command will create this file.
show ap standby show ap active [ap-name |{arm-edge dot11a|dot11g|voip-only}|dot11a|dot11g|essid |ip-addr |ip6-addr |{type access-point|air-monitor|(sensor dot11a|dot11g|voip-only)}|voip-only Description Show all APs in standby mode currently registered to a controller. Syntax Parameter Description ap-name View data for an AP with a specified name. bssid View data for a specific BSSID.
Column Description IP address IP address of the AP, in dotted decimal format. 11g Clients Number of 802.11g clients using the AP. 11g Ch/EIRP/MaxEIRP 802.11g radio channel used by the AP/current effective Isotropic Radiated Power (EIRP) /maximum EIRP. 11a Clients Number of 802.11a clients using the AP. 11a Ch/EIRP/MaxEIRP 802.11a radio channel used by the AP/current EIRP/maximum EIRP. AP Type AP model type. Flags This column displays any flags for this AP.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap system-profile show ap system-profile Description Show an AP’s system profile settings. Syntax Parameter Description Name of a system profile. Examples The output of the command below shows the current configuration settings for the default system profile.
RTLS Server configuration Telnet N/A Disabled The output of this command includes the following information: Column Description RF Band For dual-band radios, this parameter displays the RF band in which the AP should operate: l g = 2.4 GHz l a = 5 GHz RF Band for AM mode scanning Scanning band for multiple RF radios. g = 2.4 GHz l a = 5 GHz l all = Radio scans both bands. This is the default setting.
Column Description LMS Preemption When this parameter is enabled, the local management switch automatically reverts to the primary LMS IP address when it becomes available. LMS Hold-down Period Time, in seconds, that the primary LMS must be available before an AP returns to that LMS after failover.rap-dhcp-server-vlan VLAN ID of the remote AP DHCP server used if the controller is unavailable. This VLAN enables the DHCP server on the AP (also known as the remote AP DHCP server VLAN).
Column Description Dump Server (For debugging purposes.) Displays the server to receive the core dump generated if an AP process crashes. Heartbeat DSCP DSCP value of AP heartbeats (0-63). Maintenance Mode Shows if Maintenance mode is enabled or disabled. If enabled, APs stop flooding unnecessary traps and syslog messages to network management systems or network operations centers when deploying, maintaining, or upgrading the network.
Release Modification ArubaOS 6.0 Added support for the option to set the RF scanning band (am-scan-rf-band). The keepalive-interval parameter was deprecated. ArubaOS 6.2.1.3 The root-ap parameter was deprecated. This parameter identified the root AP in a hierarchy of Remote APs. ArubaOS 6.3 The output of this command includes the Tunnel Heartbeat Interval parameter.
show ap tech-support show ap tech-support ap-name [] Description Display all information for an AP, or save that information to a file on the controller. This information can be used by Dell technical support to diagnose a problem with an AP. Syntax Parameter Description Name of the AP for which you want to view tech support data. Save the output of this command into a file on the controller with the specified filename.
show ap vht-rates show ap vht-rates bssid Description Show very-high-throughput (VHT) rates for an AP that supports 802.11ac. Syntax Parameter Description bssid Show VHT rates for a specific Basic Service Set Identifier (BSSID) on an 802.11ac-capable AP. The Basic Service Set Identifier (BSSID) is usually the AP’s radio's MAC address.
Range for 80 MHz: 29.3 - 1300.0 Mbps The output of this command includes the following information: Column Description MCS A Modulation Coding Scheme (MCS) values supported on this high-throughput SSID. Streams Number of spatial streams used by the MCS index value. 20 MHz 802.11n data rates for the MCS for 20 Mhz transmissions. 20 MHz SGI 802.11n data rates for the MCS for 20 Mhz transmissions using a short guard interval. 40 MHz 802.11n data rates for the MCS for 40 Mhz transmissions.
show ap virtual-beacon-report show ap virtual-beacon-report ap-name client-mac ip-addr ip6-addr Description If the client match feature is enabled, the output of this command displays the virtual beacon report for an AP or a client with a specific IP or MAC address. Syntax Parameter Description ap-name Name of the AP for which you want to view a virtual beacon report.
Parameter Description Current Time Timestamp showing the current time and date AP NDame of the AP from which the client can detect a signal. IP address IP address of the AP from which the client can detect a signal. Radio MAC address of the AP radio from which the client can detect a signal. Signal (dBm) Signal strength, in dBm, from the AP radio.
show ap vlan-usage show ap vlan-usage [{ap-name }|{bssid |{essid |{ip-addr }| {virtual-ap Show VLAN data for an AP with a specific name. bssid Show VLAN data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ap wired-ap-profile show ap wired-ap-profile [] Description Show a list of all wired AP profiles, or display the configuration parameters in a specific wired AP profile. Syntax Parameter Description Name of a wired AP profile. Usage Guidelines The command show ap wired-ap-profile displays a list of all wired AP profiles, including the number of references to each profile and the profile status.
Column Description Trunk mode native VLAN VLAN ID of the native VLAN. Trunk mode allowed VLANs Range of allowed VLAN IDs for the native VLAN. Trusted Shows if the wired port on an AP using this profile is a trusted port. Possible values are Trusted or Not Trusted. Broadcast If set to broadcast, the wired AP port will forward broadcast traffic. If the parameter displays Do Not Broadcast, broadcast traffic will not be forwarded. Command History Introduced in ArubaOS 3.0.
show ap wired-port-profile show ap wired-port-profile Description Shows all AP wired port profiles and their status. Syntax No parameters. Example The example below shows that the controller has three wired port profiles. The References column lists the number of other profiles with references to the wired port profile, and the Profile Status column indicates whether the profile is predefined. User-defined profiles will not have an entry in the Profile Status column.
Parameter Description AP LLDP Profile Name of an LLDP Profile associated with this wired port. Shut Down? Shows if the wired AP port is enabled (no) or disabled (yes). Remote AP Backup Use the rap-backup parameter to use the wired port on a Remote AP for local connectivity and troubleshooting when the AP cannot reach the controller. If the AP is not connected to the controller, no firewall policies will be applied when this option is enabled.
show ap wired stats show ap wired stats {ap-name } | {ip-addr }|{client-ip } | {client-mac } Description Shows statistics for RAP wired clients. Syntax Parameter Description ap-name Show wired RAP statistics for a specified AP name. ip-addr Show wired RAP statistics for a specified AP by entering an IP address in dotted-decimal format. client-ip Show wired RAP statistics for a specified client IP address.
Column Description RX Bytes Number of bytes received TX Broadcast Packets Number of broadcast packets sent TX Broadcast Bytes Number of broadcast bytes sent TX Multicast Packets Number of multicast packets sent TX Multicast Bytes Number of multicast bytes sent Command History Introduced in ArubaOS 5.0.
show ap wmm-flow show ap wmm-flow [{ap-name }|{bssid }|{essid }|{ip-addr }] dotlla|dotllg Description Show the Wireless Multimedia (WMM) flow table. Syntax Parameter Description ap-name View an AP with a specified name. bssid View data for an AP with a specific BSSID (Basic Service Set Identifier). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address. essid View data for a specific ESSID (Extended Service Set Identifier).
Column Description AP name Name of an AP with recorded WMM flows ESSID Extended Service Set Identifier (ESSID) of a wireless network. Client MAC address of the client. Description The description is a long string that includes the following information. TSID: Traffic Stream Identifier. The TSID should match the priority level for each flow. Priority: One of the following IEEE 802.
show app lync call-cdrs show app lync prioritized-calls [all] Description This command displays the Call Detail Record (CDR) for prioritized Lync calls in the controller. Syntax Parameter Description all Displays CDR information for all Lync calls. Example In this example, the output is divided into multiple sections to better fit on the pages of this document. In the actual command-line interface, it appears in a single, long table.
Column Dir Description Displays the following call direction: OG — outgoing l IC — incoming l Called To Status Displays the user name of the Lync client being called. Displays the following call status: CONNECTED — active call l SUCC — successful terminated call l ABORTED — aborted call l Dur(sec) Displays the time duration of the Lync call. Orig time Displays the time stamp when the Lync call originated. MOS Value Displays the Mean Opinion Score of the voice call.
Command History Version Description ArubaOS 6.3 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show app lync call-quality show app lync call-quality [all] Description This command displays the call quality information for Lync voice and video calls. Syntax Parameter Description all Displays call quality information for all voice and video Lync calls. Example In this example, the output is divided into multiple sections to better fit on the pages of this document. In the actual command-line interface, it appears in a single, long table.
Column Description Called To Displays the user name of the Lync client being called. Duration Displays the time duration of the Lync call. Codec Displays the voice compression protocol used for the Lync call. Delay Displays the average delay in milli seconds. Jitter Displays the jitter in milli seconds. Pkt Loss Displays the loss of packet in percentage. MOS Value Displays the Mean Opinion Score of the voice call.
show app lync client-status show app client-status active-only bssid essid extn ip sta Description Displays details of clients that are actively using Lync. An entry is created for clients that have actively participated in voice, video, desktop-sharing or file-sharing sessions. Syntax Parameter Description active-only Filter records based on active Lync clients bssid Filter records based on BSSID of a Lync client.
Column Description Client(IP) Displays the IP address of the Lync client. Client(MAC) Displays the MAC address of the Lync client. Client Name Displays the user name of the Lync client. Registration State Displays the following registration state of the Lync client with Lync server: UNKNOWN: The Lync client is connected to the controller. The client is yet to initiate any Lync voice, video, desktop sharing, or file transfer session.
show app lync tracebuf show app lync tracebuf Description This command displays the Lync message trace buffer for the first 256 events. Events such as establishing voice, video, desktop sharing, and file transfer are recorded. Syntax No parameters. Example The output is divided into multiple sections to better fit on the pages of this document, however, in the actual command-line interface, data appears in a single, long table.
Column Description BSSID Displays the BSSID of the access point to which the Lync client is connected. CACStatus l Media Type l DSCP Displays the DSCP value for the session. WMM AC Displays the value of the Wi-Fi Multimedia Access Category. The controller sends the packet with this value. AP-Name Displays the name the access point receiving calls. Src Port Displays the source port of the Real-Time Protocol (RTP) session or file transfer session.
show app lync traffic-control show app lync traffic-control [] Description This command displays the types of Lync traffic prioritized through the Lync Application Layer Gateway (ALG) QoS. Syntax Parameter Description profile-name Lync traffic control profile name.
show arp show arp Description Show Address Resolution Protocol (ARP) entries for the controller. Syntax No parameters Example This example shows configured static ARP entries for the controller. (host) #show arp Protocol Address Internet 10.3.129.98 Internet 10.3.129.253 Internet 10.3.129.250 Internet 10.3.129.99 Internet 10.3.129.96 Internet 10.3.129.
show audit-trail show audit-trail { | login ] Description Show the controller’s audit trail log. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. login Start displaying the log output from the specified number of lines from the end of the login/logout log. Example By default, the audit trail feature is enabled for all commands in configuration mode.
Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Enable and Config modes. Audit trails can only be enabled on master controllers Dell Networking W-Series ArubaOS 6.4.
show auth-tracebuf show auth-tracebuf [count <1-250] [failures] [mac
] Description Show the trace buffer for authentication events. Syntax Parameter Description count <1-250> limit the output of the command to the specified number of packets. failures Filter the output of this command to display only authentication failures mac Filter the output of this command to display only information for a specified MAC address.Feb 5 08:08:35 psk aes Feb 5 08:08:35 station-up * 00:09:ef:05:1e:b2 00:1a:1e:97:e5:42 - - station-data-ready * 00:09:ef:05:1e:b2 00:00:00:00:00:00 66 - wpa2 Each row in the output of this table may include some or all of the following information: l A timestamp that indicates when the entry was created. l The type of exchange that was made. l The direction the packet was sent. l The source MAC address. l The destination MAC address. l BSSID/Server Name. l The packet number.
show banner show banner Description Show the current login banner Syntax No parameters Usage Guidelines Issue this command to review the banner message that appears when you first log in to the controller’s command-line or browser interfaces. Example (host) # show banner This testlab controller is scheduled for maintenance starting Saturday night at 11 p.m. Related Commands Configure a banner message using the command banner motd. Command History This command was available in ArubaOS 3.0.
show boot show boot history Description Display boot parameters, including the boot partition and the configuration file to use when booting the controller. Syntax Parameter Description history Displays the controller's reloads and upgrade history. Example (host) #show boot history Reboot History Table -------------------No Description User Role IP Timestamp -- ----------- ---- ---- -- --------- 1 Centralized Upgrade to 6.3.1.0 for target 192.168.89.2 Successful.
show cellular profile show cellular profile [] | [factory] Description Display the cellular profiles and profile settings. Syntax Parameter Description Enter the name of an existing cellular profile factory Display a list of factory supported cellular profiles. Usage Guidelines Issue this command without the parameter to display configuration parameters for the entire list of available cellular profiles.
Parameters Description Serial USB device serial number. Dialer Name of a dialer group profile. TTY Modem TTY port. Driver One of the following cellular modem drivers: acm: Linux ACM driver. l hso: Option High Speed driver. l option: Option USB data card driver (default). l sierra: Sierra Wireless driver. l Priority Modeswitch Displays the cellular profile priority; profiles with the default priority of 100 will display the word default in the Priority column Range: 1 to 255.
show clock show clock [summer-time|timezone|append] Description Display the system clock. Syntax Parameter Description summer-time Show summer (daylight savings) time settings. timezone Show the configured timezone for the controller. append If the timestamp feature is enabled, including a timestamp in show command output. Usage Guidelines Include the optional summer-time parameter to display configured daylight savings time settings.
show cluster-config show cluster-config Description Show the multi-master cluster configuration for the control plane security feature. Usage Guidelines When you issue this command from the cluster root, the output of this command shows the cluster role of the controller, and the IP address of each member controller in the cluster. When you issue this command from a cluster member, the output of this command shows the cluster role of the controller, and the IP address of the cluster root.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on cluster member or cluster root controllers 1217 | show cluster-config Dell Networking W-Series ArubaOS 6.4.
show cluster-switches show cluster-switches Description Issue this command on a master controller using control plane security in a multi-master environment to show other the other controllers to which it is connected. Usage Guidelines When you issue this command from the cluster root, the output of this command displays the IP address of the VLAN used by the cluster member to connect to the cluster root.
Command History This command was introduced in ArubaOS 5.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on cluster member or cluster root controllers 1219 | show cluster-switches Dell Networking W-Series ArubaOS 6.4.
show command-mapping show command-mapping [reverse] Description Show the mapping new commands to deprecated commands. Syntax Parameter Description reverse Sort the command map by deprecated command syntax. This command is useful to find the current command syntax for a deprecated command. Usage Guidelines The syntax of many commands changed after the release of ArubaOS 3.0. Use this command to display a list of current commands and their deprecated command equivalents.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 1221 | show command-mapping Dell Networking W-Series ArubaOS 6.4.
show configuration show configuration diff Description Show the saved configuration on the controller. Syntax Parameter Description diff Displays a list of successfully executed configuration commands since the last write memory. The configuration differences are cleared whenever a write memory is performed. Usage Guidelines Issue this command to view the entire configuration saved on the controller, including all profiles, ACLs, and interface settings.
show controller-ip show controller-ip Description Show controller’s country and domain upgrade trail. Syntax No parameters. Example The output of this command shows the controller’s IP address and VLAN interface ID. (host) # show controller-ip Switch IP Address: 10.168.254.221 Switch IP is configured to be Vlan Interface: 1 Command History This command was available in ArubaOS 3.
show controller-ipv6 show controller-ipv6 Description Show controller’s IPv6 address and VLAN interface ID. Syntax No parameters. Example (host) # show controller-ipv6 Switch IPv6 Address: 2005:d81f:f9f0:1001::14 Switch IPv6 address is from Vlan Interface: 1 The output of this command shows the controller’s IPv6 address and VLAN interface ID. Command History This command is introduced in ArubaOS 6.
show control-plane-security show control-plane-security Description Show the current configuration of the control plane security profile. Syntax No parameters. Usage Guidelines The control plane security profile enables and disables the control plane security feature and identifies campus APs to receive security certificates. Issue this command to view current control plane security settings.
show country show country [trail] Description Show controller’s country and domain upgrade trail. Syntax Parameter Description trail Display the record showing how the switch was reconfigured for it’s current country domain when the controller hardware was upgraded. Usage Guidelines A controller’s country code sets the regulatory domain for the radio frequencies that the APs use. This value is typically set during the controller’s initial setup procedure.
show cp-bwcontracts show cp-bwcontract Description Display a list of Control Processor (CP) bandwidth contracts for whitelist ACLs. Syntax No parameters. Example The CP bw contracts table lists the contract names, the ID number assigned to each contract, and its defined traffic rate in bits per second.
show cpuload show cpuload [current] Description Display the controller CPU load for application and system processes. Syntax Parameter Description current Include this optional parameter at the request of Dell technical support to display additional CPU troubleshooting statistics. Example This example shows that the majority of the controller’s CPU resources are not being used by either application (user) or system processes. (host) #show cpuload user 6.9%, system 7.7%, idle 85.
show crypto-local ipsec-map show crypto-local ipsec [tag ] Description Displays the current IPsec map configuration on the controller. Syntax Parameter tag Description Display a specific IPsec map. Usage Guidelines The command show crypto-local ipsec displays the current IPsec configuration on the controller. Examples The command show crypto-local ipsec-map shows the default map configuration along with any specific IPsec map configurations.
Command History Version Modification ArubaOS 3.4 Command introduced. ArubaOS 6.1 The output of this command displays the configured IKE version. ArubaOS 6.3 The output of this command displays the Security association lifetime kilobytes parameter. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show crypto dp show show crypto dp [peer ] Descriptions Displays crypto data packets. Syntax Parameter Description dp Shows crypto latest datapath packets. The output is sent to crypto logs. peer Clears crypto ISAKMP state for this IP. Usage Guidelines Use this command to send crypto data packet information to the controller log files, or to clear a crypto ISAKMP state associated with a specific IP address.
show crypto dynamic-map show crypto dynamic-map [tag ] Descriptions Displays IPsec dynamic map configurations. Syntax Parameter Description dynamic-map IPsec dynamic maps configuration. tag A specific dynamic map. Usage Guidelines Dynamic maps enable IPsec SA negotiations from dynamically addressed IPsec peers. Once you have defined a dynamic map, you can associate that map with the default global map using the command crypto map globalmap.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 1233 | show crypto dynamic-map Dell Networking W-Series ArubaOS 6.4.
show crypto ipsec show crypto ipsec {mtu|sa[peer ]|transform-set [tag ]} Descriptions Displays the current IPsec configuration on the controller. Syntax Parameter Description mtu IPsec maximum mtu. sa Security associations. peer transform-set tag IPsec security associations for a peer. IPsec transform sets. A specific transform set.
Transform set will Transform set will newset: { esp-3des esp-sha-hmac } negotiate = { Transport, Tunnel } name: { esp-aes256-gcm esp-sha-hmac } negotiate = { Transport, Tunnel } Related Commands Command Description Mode crypto ipsec Use this command to configure IPsec parameters. Config mode Command History This command was introduced in ArubaOS 3.0.
show crypto isakmp show crypto isakmp eap-passthrough groupname ipsecSPI key log ap packet-dump policy sa stats transports udpencap-behind-natdevice Descriptions This command displays Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Syntax Parameter Description eap-passthrough Display configured IKEv2 EAP Methods. groupname Show the IKE Aggressive group name. ipsecSPI Show IPSEC spi hash table entries.
Usage Guidelines Use the show crypto isakmp command to view ISAKMP settings, statistics and policies. Examples The command show crypto isakmp stats shows the IKE statistics.
This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show crypto-local isakmp show crypto-local isakmp ca-certificate certificate-group disable-aggressive-mode dpd key server-certificate xauth Descriptions This command displays Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Syntax Parameter Description ca-certificate Shows all the Certificate Authority (CA) certificate associated with VPN clients.
ISAKMP Certificate Groups -------------------------Server certificate name CA certificate name ----------------------- ------------------- (host) #show crypto-local isakmp dpd DPD is Enabled: Idle-timeout = 22 seconds, Retry-timeout = 2 seconds, Retry-attempts = 3 (host) #show crypto-local isakmp key ISAKMP Local Pre-Shared keys configured for ANY FQDN ----------------------------------------------------Key --ISAKMP Local Pre-Shared keys configured by FQDN -----------------------------------------------FQ
Command Description Mode crypto-local isakmp disable-aggressive-mode Use this command to disable the IKEv1 aggressive mode. Config mode crypto-local isakmp dpd Use this command to configure IKE Dead Peer Detection (DPD) on the local controller. Config mode crypto-local isakmp key Use this command to configure the IKE preshared key on the local controller for site-to-site VPN.
show crypto-local pki show crypto-local pki CRL [ ALL|crlnumber|fingerprint|hash|issuer|lastupdate|nextupdate] IntermediateCA [ALL|alias|dates|fingerprint|hash|issuer|modulus|purpose|serial|subject] OCSPResponderCert [ALL|alias|dates|fingerprint|hash|issuer|modulus|purpose|serial|subject] OCSPSignerCert [ALL|alias|dates|fingerprint|hash|issuer|modulus|purpose|serial|subject] PublicCert [ALL|alias|dates|fingerprint|hash|issuer|modulus|purpose|serial|subject] ServerCert [AL
Parameter Description NOTE: IntermediateCA has the identical sub-parameters as those listed under the TrustedCA parameter in this table. OSCPResponderCert Shows the name, original filename, reference count and expiration status of all ocsprespondercert certificates on this controller. NOTE: OCSPResponderCert has the identical sub-parameters as those listed under the TrustedCA parameter in this table. OCSPSignerCert Shows the OCSP Signer certificate.
Usage Guidelines Use the show crypto-local pki command to view all CRL and certificate status, OCSP client and OCSP responder status and statistics. Example This example displays a list of all OCSP responder certificates on this controller. (host) (config) #show crypto-local pki OCSPResponderCert Certificates -----------Name -------------ocspJan28 ocspresp-standalone-feb21 ocsprespFeb02 OCSPresponder1 ocspresponder2 OCSPresponderlatest Original Filename ----------------ocspresp-jan28.cer ocspresp-feb21.
CRL signing CRL signing Any Purpose Any Purpose OCSP helper OCSP helper : No CA : No : Yes CA : Yes : Yes CA : No This example displays the certificate’s subject. (host) (config) #show crypto-local pki OCSPResponderCert ocspJan28 subject subject= /CN=WIN-T1BQQFMVDED.security1.qa.mycorp.com Related Commands Command Description Mode crypto-local pki This command is saved in the configuration file and verifies the presence of the certificate in the controller’s internal directory structure.
show crypto map show crypto ipsec map Descriptions This command displays the IPsec map configurations. Syntax Parameter Description map Usage Guidelines Use the show crypto map command to view configuration for global, dynamic and default map configurations. Examples The command show crypto map shows statistics for the global, dynamic and default maps.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The output of this command displays the configured IKE version for the map. ArubaOS 6.3 The output of this command displays the Security association lifetime kilobytes parameter. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 1247 | show crypto map Dell Networking W-Series ArubaOS 6.4.
show crypto pki show crypto pki csr Descriptions This command displays the certificate signing request (CSR) for the captive portal feature. Syntax Parameter Description csr Usage Guidelines Use the show crypto pki command to view the CSR output. Examples The command show crypto pki shows output from the crypto pki csr command. (host) #show crypto pki csr Certificate Request: Data: Version: 0 (0x0) Subject: C=US, ST=CA, L=Sunnyvale, O=sales, OU=EMEA, CN=www.mycompany.com/emailAddress=myname@mycompany.
YXJ1YmFuZXR3b3Jrcy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOaw 8pU30BjE7ve9XZaFSaNWY3bumYL+SzFsgCXE7ceejl4+oh+QYreRaXUn6Cm60XY8 CxTdgzoMYvIvSZBH9S/mTtzDBn7SUSnsUoxAJt6uxqAhG+5GsXqb3QtnREhmGezH 9CS9KJiix2v7to5DqsciOrjsmgpQwCm3hEZwpT8JAgMBAAGgADANBgkqhkiG9w0B AQUFAAOBgQAlzg8pkXPpzSiF6nR8RLq30F0tU2TcrQf97Qmvt0p/FJpfwwqK+P9A JZz0l3NbU80OnNJjuFWlvSB0WPhwvrmCStAe/I1xoDO7m/mh7tnoYuQ05PeLf208 cExMGOB//ovyAaIPAEmB995CuQVZfOSJ7Y/hO1BafpE7nAmPt2uYgA== -----END CERTIFICATE REQUEST----- Related Commands Command Des
show database show database synchronization Description Shows database synchronization status. Syntax No parameters. Usage Guidelines Issue this command to show the status database synchronization status. Example This example shows a database synchronization status.
show datapath acl id acl {[ap-name | ip-addr ] name type } amsdu tx application {ap-name |counters|ip-addr } bridge [ap-name |counters|ip-addr |table |verbose] bwm table cp-bwm crypto debug {dma counters|epa|eth1info|opcode|performance|pkttrace-buffer| trace-buffer|trace-route} dhcp {vm-mac} dpi error [counters] esi table exthdr firewall-agg-sess [counters] fqdn frame {ap-name |counters|ip-addr
wifi-reassembly counters wmm counters Descriptions Displays system statistics for your controller. Syntax Parameter Description acl id Displays datapath statistics associated with a specified ACL. The ACL index is found in the show rights command. amsdu tx Shows datapath AMSDU TX queue statistics ap-name Name of the AP. ip-addr IP address of the AP application counters Shows application counters and errors generated by applications running on a particular AP.
Parameter Description eap counters EAP termination statistics are displayed. eth1info Displays IPv4 fragment table statistics. memory Displays SOS memory statistics. opcode Displays datapath debugging information. NOTE: Use this command only under the supervision of Dell technical support. performance all Displays datapath debug performance statistics including the SUM/CPU, addr, and description. Displays datapath performance counters by specified CPU ID display.
Parameter Description l l controller and the packet dropped. Dot1d Discards-Spanning tree is disabled and each BPDU frame is counted and dropped. Denied Frames-Frames that are denied by the ACL's data path of the controller. ap-name Name of the AP. ip-addr IP address of the AP. hardware Displays datapath hardware counters and hardware packet statistics information. internal Internal details are displayed. dir Hardware directory file File in the directory.
Parameter station Description Displays theIPv6 station membership. lag table Displays contents of the datapath link aggregation group (LAG) or port channel table. message-queue counters Displays statistics of messages received by a CPU from other datapath CPUs (only CPUs that receive messages and non-zero statistics are shown). maintenance counters Displays datapath maintenance statistics. mobility Displays datapath IP mobility information.
Parameter Description tunneled-node Displays the tunneled node ports. untrusted-vlan Show if there are untrusted vlan entries for the indicated slot and port. xsec Displays the xsec ports. rap-bw-resv ap-name ip-addr Displays the remote AP uplink BW reservation statistics of the RAP only. rap-pkt-trace ap-name ip-addr Displays the remote AP packet-trace statistics of the RAP only. rap-stats ap-name ip-addr Displays the remote AP statistics of the RAP only.
Parameter Description services Displays the datapath services table statistics including protocol, port and service. session Displays datapath session statistics. ap-name Name of AP. counters Displays counters statistics including current entries, high water mark, maximum entries, total entries, allocation failures, duplicate entries, cross linked entries, number of reverse entries and maximum link length. dpi Displays Deep Packet Information for this session.
Parameter Description counters Display the current and high water mark amount of 802.11 associated wireless devices on a controller. Values output from this command represent the water-marks since the last boot of the controller. This is the same value obtainable from the Num Associations output from the show stm connectivity command. mac Hardware address, in hexadecimal format. tcp Displays contents of the tcp tunnel table.
Parameter Description user Displays datapath user statistics such as current entries, pending deletes, high water mark, maximum entries, total entries, allocation failures, invalid users and maximum link length. ap-name Name of AP. counters User counters. ip-addr IP address of the AP.
Usage Guidelines Use the show datapath command to display various datapath statistics for debugging purposes. Example The following example displays a list of tunnels.
C - Prohibit new calls, P - Permanent, m - Convert multicast, n - Convert RAs to unicast(VLAN Pooling/L3 Mobility enabled), V - enforce user vlan(open clients only) H - Standby (HA-Lite) # Source Destination Prt Type MTU VLAN OVLAN Acls BSSID Decaps Encaps Heartbeats Flags ------ ------------- -------------------- --- ---- ---- ---- ----- -------------- ---------------- --------- --------- ----------- ----16 2046:eab::25 2047:eab::25 47 0 1280 0 0 0 0 0 00:00:00:00:00:00 119209 25535 28873 TEFPR The follow
Parameter Description Crypto SendNPlusFailed Indicates a queue overrun in the input of the encryption circuit. IPSec Frag Failures This counter increments when the AP detects a failure to fragment a frame before or after IPsec encryption. IPSec Invalid Length The inbound IPsec frame length is verified before and after decryption. If the frame length is found to be incorrect , this counter is incremented.
Version Description ArubaOS 6.4 The following parameters were introduced: l dpi l session dpi l session ipv6 dpi l session session-id dpi ArubaOS 6.4.1.0 The following parameters were introduced as part of the show datapath frame command output: l Excessive ARP Requests l Excessive Gratuitous ARP Requests The acl id parameter was added. ArubaOS 6.4.2.0 l l The session web-cc parameter was introduced. This command displays web-content category information about the session.
show destination show destination Description Display the aliases for default and user-defined network destinations. Syntax Parameter Description string Optional parameter to view details of a specific destination alias. Example This example displays the network destinations configured in the controller. (host) #show destination controller ---------Position Type IP addr -------- ---- ------1 host 10.16.15.
Command History This command was available in ArubaOS 1.0. Replaced with netdestination in 3.0. Command Information Platforms Licensing Command Mode All platforms You must have a PEFNG license to configure or view a destination. Enable or Config mode on master and local controllers 1265 | show destination Dell Networking W-Series ArubaOS 6.4.
show dialer group crypto-local show dialer group Description Display dialer group information. Syntax No parameters. Usage Guidelines Displays the Dialer Group Table with the current dialing parameters. Example (host) #show dialer group Dialer Group Table -----------------Name Init String -------------evdo_us ATQ0V1E0 gsm_us AT+CGDCONT=1,"IP","ISP.CINGULAR" Dial String ----------ATDT#777 ATD*99# Command History Introduced in ArubaOS 3.4.
show dir crypto-local show dir usb: disk Description Display the list of directories in the specified disk and the filesystem path. Syntax Parameter Description Name of the USB device. If you do not know the name of the USB disk, issue the command show usb-storage to view a list of device names. The USB file system path. Example The command below displays the USB directory list for a device named SEGATE-HJ1235_p1.
show dot1x ap-table show dot1x ap-table Description Shows the 802.1X AP table. Syntax No parameters. Example Issue this command to display details from the AP table. AP Table -------MAC IP Essid Type Forwarding-Mode Profile Acl -----------------------------00:1a:1e:87:ff:c0 10.3.9.242 AP FORWARD_TUNNEL_80211 default/ 1 00:1a:1e:87:ff:d0 10.3.9.242 sw-pn-nokia AP FORWARD_TUNNEL_80211 default/default 1 00:1a:1e:82:ab:a0 10.3.9.220 AP FORWARD_TUNNEL_80211 default/ 1 00:1a:1e:82:ab:b0 10.3.9.
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers 1269 | show dot1x ap-table Dell Networking W-Series ArubaOS 6.4.
show dot1x ap-table aes show dot1x ap-table aes Description Shows the AES keys of all APs. Syntax No parameters. Example Issue this command to display AES keys of all APs.
show dot1x ap-table dynamic-wep show dot1x ap-table dynamic-wep Description Shows the dynamic WEP keys of all APs. Syntax No parameters. Example Issue this command to display dynamic keys of all APs.
show dot1x ap-table static-wep show dot1x ap-table static-wep Description Shows the static WEP keys of all APs. Syntax No parameters. Example Issue this command to display the static WEP keys of all APs.
show dot1x ap-table tkip show dot1x ap-table tkip Description Displays a table of TKIP keys on the controller. Syntax No parameters. Example Issue this command to display all TKIP keys.
show dot1x counters show dot1x counters Description Displays a table of dot1x counters. Example Issue this command to display all 802.1X counter information. 802.1x Counters AP Sync Request...................4 Sync Response..................3 Up.............................4 Down...........................1 Resps..........................4 Acl............................53 Station Sync Request...................9 Sync Response..................9 Up.............................2321 Down....................
Parameter Description AP l l l l l l Sync Request Sync Response Up Down Resps Acl Station Sync Request l Sync Response l Up l Down l Unknown l EAP RX Pkts l Dropped Pkts l TX Pkts l WPA Message-1 l Message-2 l Message-3 l Message-4 l Group Message-1 l Group Message-2 l Rx Failed l IE Mismatches l Key Exchange Failures l WPA2 Message-1 l Message-2 l Message-3 l Message-4 l Rx Failed l IE Mismatches l Key Exchange Failures l l l l l l l l l l l l l l l l l l l l l l l l l l l l l l l Number of sy
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show dot1x supplicant-info show dot1x supplicant-info Description Shows the details about a specific supplicant. Example Issue this command to display the details about a supplicant.
Parameter Description Name Supplicant name. MAC Address Supplicant MAC address. AP MAC Address AP MAC address. Status Supplicant’s status. Unicast Cipher Supplicant’s unicast cipher. Multicast Cipher Supplicant’s multicast cipher. EAP-Type Supplicant’s EAP-Type. EAPOL Starts Number of EAPOL starts. EAP ID Requests Number of EAP ID requests. EAP ID Responses Number of EAP ID responses. EAPOL Logoffs from station Number of EAPOL logoffs from the station.
Parameter Description Length of the last EAP request The length of the last EAP request. ID of the last EAP response The ID of the last EAP response. Length of the last EAP response The length of the last EAP response. ID of the last radius request The ID of the last radius request. Length of the last radius request The length of the last radius request. ID of the last radius response The ID of the last radius response.
show dot1x supplicant-info list-all show dot1x supplicant-info list all Description Shows all 802.1X supplicants. Syntax No parameters. Example Issue this command to display all 802.1X supplicants as well as additional relevant information. 802.
show dot1x supplicant-info pmkid show dot1x supplicant-info pmkid Description Shows the PMKIDs of the various stations on the controller. Syntax No parameters. Example Issue this command to display the PMKIDs of the various stations on the controller.
show dot1x supplicant-info statistics show dot1x supplicant-info statistics Description Shows the 802.1X statistics of the users. Syntax No parameters. Example Issue this command to display the 802.1X statistics of the users. 802.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers 1283 | show dot1x supplicant-info statistics Dell Networking W-Series ArubaOS 6.4.
show dot1x watermark history crypto-local show dot1x watermark history Description Use this command under the guidance of Dell support to view information about the table that contains 802.1X sessions being processed. Syntax No parameters Command History Introduced in ArubaOS 6.3.1.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show dpi show dpi application name all category custom-app global-bandwidth-contract all category custom-app Description Shows applications and application categories that are configured for deep-packet inspection. It also shows DPI global bandwidth contracts by application or application category. Syntax Parameter Description name Name of the application all Shows all applications category Shows all applications within a category.
Related Commands Command Description Mode dpi Use this command to configurs Deep-Packet Inspection and the global bandwidth contract for an application or application categories for the AppRF feature. Config mode Command History This command was introduced in ArubaOS 6.4. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show esi groups show esi groups [{group-name |{ping-name }] Description Show ESI group information. Syntax Parameter Description group-name View the facility used when logging messages into the remote syslog server. ping-name Enter the name of a set of ping values to how the names of ESI groups using that set of ping attributes. Define a set of ESI ping values using the command esi ping. server Show the IP address of a remote logging server.
Command History This command was introduced in ArubaOS 2.5. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers. 1289 | show esi groups Dell Networking W-Series ArubaOS 6.4.
show esi parser show esi parser domains|rules|stats Description Show ESI parser information. Syntax Parameter Description domains Show ESI parser domain information. rules Show ESI parser rule information. stats Show ESI parser rule stats. Usage Guidelines The ESI parser is a generic syslog parser on the controller that accepts syslog messages from external thirdparty appliances such as anti-virus gateways, content filters, and intrusion detection systems.
Command History This command was introduced in ArubaOS 3.1. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers. 1291 | show esi parser Dell Networking W-Series ArubaOS 6.4.
show esi ping show esi ping [ping-name ] Description Show settings for ESI ping health check attributes. Syntax Parameter Description ping-name Include the optional ping-name parameters to display settings for one specified set of ping settings. Example This example below shows that the controller has three defined sets of ping attributes.
Command History This command was introduced in ArubaOS 2.5. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers. 1293 | show esi ping Dell Networking W-Series ArubaOS 6.4.
show esi servers show esi servers [{group-name |{server-name }] Description Show configuration information for ESI servers. Syntax Parameter Description group-name Include this optional parameter to display information for all ESI servers assigned to a specific ESI group. server-name Specify an ESI server name to view configuration information for just that server.
Column Description Name Name of the ESI server. Trusted IP Displays the server IP address on the trusted network. As an option, you can also enable a health check on the specified address Untrusted IP Displays the server IP address on the untrusted network. As an option, you can also enable a health check on the specified address Trusted s/p Shows the slot and port connected to the trusted side of the ESI server; slot/port format.
show faults show fault [history] Description Display a list of faults, which are any problematic conditions of the ArubaOS software or hardware. Syntax Parameter Description history Include this parameter to display a history of faults cleared by the controller or the operator. Usage Guidelines A controller can maintain a list of up to 100 faults. Once 100 faults have been logged, any faults arising after that are dropped. The controller maintains a history of the last 100 faults that have cleared.
2009-03-02 18:13:09 112 All authentication servers in server back in service. 2009-03-02 18:13:09 113 Authentication Server corp1-supersvr 2009-03-02 18:13:09 114 All authentication servers in server back in service. 2009-03-02 18:13:09 115 Authentication Server corp1-supersvr Total number of entries in the queue :23 group sg-auth2 are brought is down. group sg-auth2 are brought is down.
show file syncing profile show file syncing profile Description This command displays the configuration the file syncing profile. Syntax None. Usage Guidelines Execute this command to view the file syncing profile. Example The following example shows the output of show file syncing profile. (host) #show file syncing profile File syncing profile -------------------Parameter Value ------------File syncing Enabled sync time 30 Command History This command was introduced in ArubaOS 6.4.1.
show fips show fips This command applies only to the FIPS version of ArubaOS. Description Displays FIPS mode of operation status as enabled or disabled. Syntax No parameters. Example The output of this command shows that the FIPS mode of operation is currently enabled. (host) # show fips FIPS Settings: -------------Mode Enabled Command History This command was introduced in ArubaOS-FIPS 2.4.
show firewall show firewall Description Display a list of global firewall policies. Syntax No parameters Example This example below shows all firewall policies currently configured on the controller.
Enforce TCP Sequence numbers AMSDU Rx Jumbo Frames Session-tunnel FIB Prevent DHCP exhaustion Stateful SIPS Processing Deny source routing Immediate Freeback DPI Classification STUN Based Traversal Web Content Classification Web Content Cache Miss Drop Disabled Enabled Disabled Enabled Disabled Enabled Disabled Disabled Enabled [Cfg: enabled, PEF license: installed] Enabled Enabled Disabled The output of this command includes the following information: Parameter Description Enforce TCP handshake before
Parameter Description Per-packet logging If active, and logging is enabled for the corresponding session rule, this feature logs every packet. Blacklist Grat ARP attack client If enabled, blacklist clients exceeding the Gratuitous ARP attack rate. Stateful SIP Processing Shows if the controller has enabled or disabled monitoring of exchanges between a voice over IP or voice over WLAN device and a SIP server.
Parameter Description Rate limit CP trusted ucast traffic Displays the trusted unicast traffic rate limit. Rate limit CP trusted mcast traffic Displays the trusted multicast traffic rate limit. Rate limit CP route traffic Displays the traffic rate limit for traffic that needs generated ARP requests. Rate limit CP session mirror traffic Displays the traffic rate limit for session mirrored traffic forwarded to the controller.
Parameter Description thereby preventing DHCP pool depletion. Stateful SIPS Processing If disabled, disables monitoring of exchanges between a voice over IP or voice over WLAN device and a SIP server. This option should be enabled only when there is no VoIP or VoWLAN traffic on the network. Deny Source Routing If enabled, forwarding of IP frames with source routing with the source routing options set is disallowed. Immediate Freeback If enabled, immediately frees buffers on W-7200 controllers.
Command History Release Modification ArubaOS 3.4 Command introduced. ArubaOS 6.4 The following parameters were introduced: Jumbo Frames l Stall Detection l DPI Classification l STUN Based Traversal l ArubaOS 6.4.1 The following parameters were introduced as part of the show firewall command: l Blacklist Grat ARP attack client l Blacklist ARP attack client l Monitor ARP attack l Monitor Gratuitous ARP attack ArubaOS 6.4.2.
show firewall-cp show firewall-cp [internal] Description Displays the captive-portal (CP) firewall policies on the controller. Syntax No Parameters Example The output of this command shows the CP firewall policies. (host) #show firewall-cp CP firewall policies -------------------IP Version Source IP contract ---------- ----------ipv4 any ipv4 10.10.10.
show firewall-visibility show firewall-visibility {debug|status} Description Displays the policy enforcement firewall visibility process state and status information. Syntax Parameter Description debug Displays process state information for debugging firewall visibility. status Displays the status of firewall visibility as enabled or disabled. Example The output of this command shows the status of firewall visibility.
show flush-r1-on-new-r0 ap·flush- r1-on-new-r0 {enable|disable} Description Use this command to view the status of flushing r1 keys on new r0. Syntax No parameters. Example The following example displays the status of flushing r1 keys on new r0: (host) (config) #show flush-r1-on-new-r0 Fast Roaming flush-r1-on-new-r0:enable Command History Release Modification ArubaOS 6.
show gap-debug show gap-debug Description Displays the troubleshooting information for the global AP database. Usage Guidelines Use this command to identify any issues with the global AP database. This command displays the troubleshooting information for the global AP database.
Column Description Activity The time at which the last activity happened on the LMS. Status Indicates if the status of the LMS is up or down. Msg in Prog Indicates if an active communication is happening between the LMS and the master controller. It can be Yes or No. If it is yes, then the Msg Len and Attempt fields are set. Msg Len The length of the message that the master controller is syncing with the LMS. Attempts Number of times the master controller has attempted to sync with the LMS.
show gateway health-check show gateway health-check Description Display the current status of the gateway health-check feature. Syntax No parameters. Usage Guidelines The gateway health check feature can only be enabled by Dell Technical Support. Example This example below shows that the gateway health-check feature has not been enabled on the controller.
show global-user-table count show global-user-table show global-user-table count [current-switch] [authentication-method] {dot1x | mac | stateful-dot1x | vpn | web} [role] [bssid] [essid] [ap-name] [phy-type] {a | b | g} [age] Description This command displays a count of global user based on the specified criteria.
Command Information Platforms Licensing Command Mode All platforms Master controller only Base operating system Enable or config mode on master controllers 1313 | show global-user-table count Dell Networking W-Series ArubaOS 6.4.
show-global-user-table list show global-user-table list current-switch] authentication-method] {dot1x | mac | stateful-dot1x | vpn | web} role bssid devtype essid ap-name phy-type a|b|g age not or rows sort {sort_by_ap-name | sort_by_authtype | sort_by_bssid | sort_by_current-switch | sort_ by_essid | sort_by_ip | sort_by_mac | sort_by_name | sort_by_phy-type | sort_by_role}{asc | desc} start Des
Parameter Description sort Sort the list based on a specified criteria, in ascending or descending order start Show user table starting from a specific row Example Issue this command to display a global user count. The output of this command is split into two tables in this document, however it appears in one table in the CLI. (host) (config) Global Users ----IP name -----------192.168.160.1 10.100.105.100 wlanAP 10.100.105.102 10.100.105.97 10.100.105.
Parameter Description Essid User’s extended service set identifier (ESSID). Bssid User’s basic service set identifier (BSSID). Phy User Phy type (a, b or g). Profile Profile name Forward mode Forwarding mode assigned to the user (tunnel, split-tunnel, decrypt-tunnel or bridge). Type Type of client device, if identified. Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 6.
show guest-access-email show guest-access-email Description This command shows a guest access email profile configuration. The guest access email process sends email to either the guest or the sponsor whenever a guest user account is created or when the Guest Provisioning user manually sends email from the Guest Provisioning page. Syntax No parameters. Usage Guidelines Issue this command to show the current guest access email profile parameters.
show ha ap show ha ap information {ip-addr |ip6-addr } table Description This command displays information about APs using the High Availability feature. Syntax Parameter Description information ip-addr ip6-addr Issue this command under the supervision of Dell support to troubleshoot the High Availability feature. table Display the High Availability AP table to view information about APs configured to use the High Availability feature.
Command Information Platform License Command Mode Available on all platforms Available in the base operating system. Enable mode on master and local controllers. 1319 | show ha ap Dell Networking W-Series ArubaOS 6.4.
show ha group show ha group-membership group-profile []} Description This command displays High Availability profile settings and shows the high availability group to which the controller is currently assigned. Syntax Parameter Description group-membership
Command Information Platform License Command Mode Available on all platforms Available in the base operating system. Enable mode on master and local controllers. 1321 | show ha group Dell Networking W-Series ArubaOS 6.4.
show ha heartbeat counters show ha heartbeat counters Description This command displays statistics for the High Availability extended controller capacity feature. Syntax No parameters. Usage Guidelines The high availability inter-controller heartbeat feature allows for faster AP failover from an active controller to a standby controller, especially in situations where the active controller reboots or loses connectivity to the network.
Parameter Description Active Reference Count Number of APs that are using that standby controller as their active controller. Total HeartBeat Sent Total number of heartbeats sent by the controller. Total Heartbeat REceived Total nunmber of heartbeats received by the controller. Last Missed Heartbeat (count) time Timestamp showing when the last heartbeat sent was not received, as well as the number of heartbeats that failed to be sent. Command History Introduced in ArubaOS 6.
show ha oversubscription statistics show ha oversubscription statistics Description This command displays statistics for the High Availability extended controller capacity feature Syntax No parameters. Usage Guidelines Starting with ArubaOS 6.4.0.
this example, because this topology is within the the 4x rated AP capacity limit and maximum tunnel limit for the a W-7210 controller model. If the network administrator later changed all the APs in this deployment to support 10 BSSIDs, each active controller would use (512 * 10) tunnels, for a combined total of 20,480 tunnels on the four active controllers.
Parameter Description Active Remaining Number of APs that can connect to this controller in Active mode. Standby Remaining Number of APs that can connect to this controller in Standby mode. Maximum allowed Standby Maximum number of Standby APs supported by the controller. Maximum BSS tunnels The maximum number of BSS tunnels supported by the controller. Average BSS/AP The average number of BSS tunnels per AP using the controller as a standby controller.
show hostname show hostname Description Show the hostname of the controller. Syntax No parameters. Example The output of this command shows the hostname configured for the controller. A hostname can contain alphanumeric characters, spaces, punctuation, and symbol characters. (host) # show hostname hostname is SampleHost Related Commands Configure the controller’s hostname using the command hostname. Command History This command was available in ArubaOS 1.0.
show iap detailed-table show iap detailed-table branch-key long Description Displays the details of all the branches terminating at the controller. Syntax Parameter Description branch-key Key for the branch, which is unique to each branch. long Displays the branches connected to the controller in detailed view.
Parameter Description Flags This column displays any flags for the branch subnet l P = Primary Tunnel l B = Backup Tunnel l C = Centralized l D = Distributed l L = Local l U = Unassigned l 3 = Routed(L3) l 2 = Bridged(L2) Branch (Subnet/Vlan) Subnet mask or VLAN assigned to the branch BID Branch ID IP Address Range Allocated branch subnet IP address range Client Count Number of client terminating on this controller Command History Release Modification ArubaOS 6.
show iap table show iap table branch-key long Description Displays the branch details connected to the controller. Syntax Parameter Description branch-key Key for the branch, which is unique to each branch. long Displays the branches connected to the controller in detailed view.
Parameter Description Status Current status of the branch (UP/DOWN). Inner IP Internal VPN IP of the branch. Assigned Subnet Subnet mask assigned to the branch. Assigned Vlan VLAN ID assigned to the branch. Key Key for the branch, which is unique to each branch. Bid(Subnet Name) Branch ID (BID) of the subnet. l In the example above, the controller displays bid-per-subnet-per-branch i.e., for "LA" branch, BID "2" for the ip-range "10.15.205.0-10.15.205.250" with client count per branch "5").
show iap trusted-branch-db show iap trusted-branch-db Description Displays the details of IAP trusted branch database information.
Command Information Platforms Licensing Command Mode All platforms Base operating system, except for noted parameters Enable or Configuration mode on master and local controller 1333 | show iap trusted-branch-db Dell Networking W-Series ArubaOS 6.4.
show ids ap-classification-rule id-classification-rule Description Display the IDS AP classification rule profile. Syntax Parameter Description Enter the AP classification rule profile name. Usage Guidelines Issue this command without the option to view the AP Classification Rule Profile list. Add the rule name option to display values for the rule.
Command Information Platforms Licensing Command Mode Available on all platforms Requires the RFprotect license Config mode on master controllers 1335 | show ids ap-classification-rule Dell Networking W-Series ArubaOS 6.4.
show ids ap-rule-matching Description Display the IDS active AP rules profile. Example (host) (config) #show ids ap-rule-matching IDS Active AP Rules Profile --------------------------Parameter Value ------------AP Rule name snr0 AP Rule name rule1 AP Rule name rule2 AP Rule name exclude-ssid-rule In the above example, the rule names in the Value column have been activated by the ids ap-rule-matching command. Command History Release Modification ArubaOS 6.
show ids dos-profile show ids dos-profile Description Show an IDS Denial Of Service (DoS) Profile Syntax Parameter Description Name of an IDS DoS profile. Usage Guidelines Issue this command without the parameter to display an IDS DoS profile. Examples The example below shows that the controller has four configured DoS profiles.
EAP Rate Time Interval EAP Rate Quiet Time Detect CTS Rate Anomaly CTS Rate Threshold CTS Rate Time Interval CTS Rate Quiet Time Detect RTS Rate Anomaly RTS Rate Threshold RTS Rate Time Interval RTS Rate Quiet Time Detect Rate Anomalies Rate Thresholds for Assoc Frames Rate Thresholds for Disassoc Frames Rate Thresholds for Deauth Frames ...
show ids general-profile show ids general-profile Description Display an IDS General profile. Syntax Parameter Description Name of an IDS General profile. Usage Guidelines Issue this command without the parameter to display the IDS General profile list. Include a profile name to display detailed configuration information for that profile. Examples The example below shows that the controller has four configured General profiles.
Wired Containment Wired Containment of AP's Adj MACs Wired Containment of Suspected L3 Rogue Wireless Containment Debug Wireless Containment WMS Client Monitoring true true false deauth-only false all The output of this command includes the following parameters: Parameter Description Adhoc AP Max Unseen Timeout Adhoc (IBSS) AP Inactivity Timeout Ad hoc (IBSS) AP inactivity timeout in number of scans. AP Inactivity Timeout Time, in seconds, after which an AP is aged out.
Parameter Description Wired Containment of Suspected L3 Rogue Shows if the profile has enabled or disabled the feature to identify and contain an AP with a preset wired MAC address that is completely different from the AP’s BSSID. where the MAC address that the AP provides to wireless clients as a ‘gateway MAC’ is offset by one character from its wired MAC address. Wireless Containment Shows if the profile has enabled or disabled containment from the wireless side.
show ids impersonation-profile show ids impersonation-profile Description Display an IDS Impersonation Profile. Syntax Parameter Description Name of an IDS Impersonation profile. Usage Guidelines Issue this command without the parameter to display the IDS Impersonation profile list. Include a profile name to display detailed configuration information for that profile.
Parameter Description Detect AP Impersonation Shows of the profile has enabled or disabled detection of AP impersonation. Protect from AP Impersonation Shows if AP impersonation is enabled or disabled for the profile. When AP impersonation is detected, both the legitimate and impersonating AP are disabled using a denial of service attack. Beacon Diff Threshold Percentage increase in beacon rates that triggers an AP impersonation event.
show ids management-profile Description Displays the management event correlation for IDS event traps and sylogs (logs). Example The following example displays the current management status.
show ids profile show ids profile Description Display all ids profiles or display a specific profile name. Syntax Parameter Description Name of an IDS profile. Usage Guidelines Issue this command without the parameter to display the list of IDS profiles. Include a profile name to display detailed information for that profile. Examples The example below shows that the controller has seven configured IDS Profiles.
Parameter Description IDS General profile Name of a IDS General profile to be applied to an AP or AP group. IDS Signature Matching profile Name of a IDS Signature Matching profile to be applied to an AP or AP group. IDS DOS profile Name of a IDS Denial of Service profile to be applied to an AP or AP group. IDS Impersonation profile Name of a IDS Impersonation profile to be applied to an AP or AP group.
show ids rate-thresholds-profile show ids rate-thresholds-profile Description Show an IDS Rate Thresholds profile. Syntax Parameter Description Name of an IDS Rate Threshold profile. Usage Guidelines Issue this command without the parameter to display the IDS Rate Threshold profile list. Include a profile name to display detailed configuration information for that profile.
Parameter Description exceeded in order to trigger an alarm. Channel Quiet Time The time that must elapse after a channel rate alarm before another identical alarm may be triggered. This option prevents excessive messages in the log file. Channel Threshold Number of a specific type of frame that must be exceeded within a specific interval in an entire channel to trigger an alarm. Node Time Interval Time, in seconds, in which the threshold must be exceeded in order to trigger an alarm.
show ids signature-matching-profile show ids signature-matching-profile Description Show an IDS Signature Matching profile. Syntax Parameter Description Name of an IDS Signature Matching profile. Usage Guidelines Issue this command without the parameter to display the entire IDS Signature Matching profile list. Include a profile name to display detailed configuration information for that profile.
Related Commands Configure the Signature Matching profile using the command ids signature-matching-profile. Command History Version Description ArubaOS 3.0 Command Introduced ArubaOS 6.0 Refreshed show output Command Information Platforms Licensing Command Mode Available on all platforms Requires the RFprotect license Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show ids signature-profile show ids signature-profile Description Show an IDS signature profile. Syntax Parameter Description Name of an IDS Signature profile. Usage Guidelines Issue this command without the parameter to display the entire IDS Signature profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Parameter Description Frame Type Type of 802.11 frame. For each type of frame, further parameters may be included to filter and detect only the required frames. l assoc: Association frame type. l auth: Authentication frame type. l beacon: Beacon frame type. l control: All control frames. l data: All data frames. l deauth: Deauthentication frame type. l disassoc: Disassociation frame type. l mgmt: Management frame type. l probe-request: Probe request frame type.
show ids unauthorized-device-profile show ids unauthorized-device-profile Description Show an IDS Unauthorized Device Profile. Syntax Parameter Description Name of an IDS Unauthorized Device profile Usage Guidelines Issue this command without the parameter to display the IDS Unauthorized Device profile list. Include a profile name to display detailed configuration information for that profile.
MAC OUI detection Quiet Time Detect Misconfigured AP Protect Misconfigured AP Detect Bad WEP Privacy Require WPA Valid 802.11g channel for policy enforcement Valid 802.
Parameter Description Adhoc Network Using Valid SSID Quiet Time Shows time to wait, in seconds, after detecting an adhoc network using a valid SSID, after which the check can be resumed. Allow Well Known MAC Shows if the profile allows devices with known MAC addresses to classify rogue APs.
Parameter Description Rogue Containment Shows if the controller will automatically shut down rogue APs. Suspected Rogue Containment Shows if the controller will automatically treat suspected rogue APs as interfering APs. Suspected Rogue Containment Confidence Level Confidence level of suspected Rogue AP to trigger containment, expressed as a percentage. Detect Station Association To Rogue AP Shows if the profile has been configured to detect station association to a rogue AP.
Parameter Description network log message or trap has been triggered before an identical log message or trap can be sent again. Protect From Wireless Hosted Networks Shows if the profile has enabled or disabled containment on a wireless hosted network by launching a denial of service attack to disrupt associations between a Windows 7 softwareenabled Access Point (softAP) and a client, and disrupt associations between the client that is hosting the softAP and any access point to which the host connects.
show ids wms-general-profile show ids wms-general-profile Description Display general statistics for the wms configuration. Syntax No parameters. Example This example shows per-channel statistics for all monitored APs.
Column Description Persistent Neighbor APs Shows the status of known AP neighbors. Persistent Valid STAs Shows the status of known AP neighbors. AP learning Shows the status of “learning” of non-Dell APs. Propagate Wired Macs Shows if the controller has enabled or disabled the propagation of the gateway wired MACs. Collect Stats for Monitored APs and Clients Shows if the master controller will collect up to 25,000 statistic entries for monitored APs and clients.
show ifmap show ifmap cppm state cppm Descriptions Issue this command to show the CPPM IF-MAP configuration profile and the IP-MAP connection state. Syntax Parameter Description cppm Shows the CPPM IF-MAP profile parameters and their values. state cppm Shows the CPPM IF-MAP connection state including if it is enabled, and the servers and their state.
Related Commands Command Description Mode ifmap This command is used in conjunction with ClearPass Policy Manager. It sends HTTP User Agent Strings and mDNS broadcast information to ClearPass so that it can make more accurate decisions about what types of devices are connecting to the network Config mode Command History Version Modification ArubaOS 6.3 Command introduced.
show image version Description Display the current system image version on both partition 0 and 1. Syntax No parameters. Example The following example shows that the controller is running ArubaOS 3.4 and booting off partition 0:0. (host) #show image version ---------------------------------Partition : 0:0 (/dev/hda1) **Default boot** Software Version : AOS-W 3.3.2.
show interface cellular access-group show interface cellular access-group Description List the Access groups configured on the cellular interface. Example (host) (config-cell)#show interface cellular access-group Cell Interface: session access list 3 is configured Command History Release Modification ArubaOS 5.0 Command introduced Command Information Platforms Licensing Command Mode W-600 Series Base operating system Configuration Mode (config-cell) Dell Networking W-Series ArubaOS 6.4.
show interface counters show interface counters Description Displays a table of L2 interfaces counters. Syntax No parameters Example The example below shows the output of show interface counters on a W-650 controller.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show interface fastethernet show interface fastethernet Description Displays information about a specified fast Ethernet port. Syntax Parameter Description access-group Displays access groups configured on this interface. counters Displays L2 interface counters for the specified interface. switchport Displays L2 interface information. untrusted-vlan Displays port member vlan untrusted status. xsec Displays xsec configuration.
Parameter Description loopback... Displays whether or not loopback is set. Configured Configured transfer operation and speed. Negotiated Negotiated transfer operation and speed. MTU bytes MTU size of the specified port in bytes. BW is... Bandwidth of the link. Last clearing of “show interface counters” Time since “show interface counters” was cleared. Below the time, all current counters related to the specified port are listed. This port is... Whether or not this port is trusted.
Parameter Description InMcastPkts Number of multicast packets received through the port. InBcastPkts Number of broadcast packets received through the port. OutOctets Number of octets sent through the port. OutUcastPkts Number of unicast packets sent through the port. OutMcastPkts Number of multicast packets sent through the port. OutBcastPkts Number of broadcast packets sent through the port.
#show interface fastethernet 1/1 xsec xsec vlan 7 is ACTIVE The output of this command includes the following parameters: Parameter Description xsec vlan 7 is ACTIVE This states that xsec is active on the specified port as well as the associated VLAN. Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show interface gigabitethernet show interface gigabitethernet Description Displays information about a specified Gigabit Ethernet port. Syntax Parameter Description counters Displays L2 interface counters for the specified interface. switchport Displays L2 interface information. untrusted-vlan Displays port member vlan untrusted status. xsec Displays xsec configuration. Examples The example below shows the output of show interface gigabitethernet 1/0.
Parameter Description Encapsulation Encapsulation method assigned to this port. loopback... Displays whether or not loopback is set. Configured Configured transfer operation and speed. Jumpo support... Jumbo frame support is enabled. Negotiated Negotiated transfer operation and speed. MTU bytes MTU size of the specified port in bytes. BW is... Bandwidth of the link. Last clearing of “show interface counters” Time since “show interface counters” was cleared. link status last changed...
Name: GE1/0 Switchport: Enabled Administrative mode: static access Operational mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Access Mode VLAN: 62 (VLAN0062) Trunking Native Mode VLAN: 1 (Default) Trunking Vlans Enabled: NONE Trunking Vlans Active: NONE The output of this command includes the following parameters: Parameter Description Name Port name. Switchport Whether or not switchport is enabled. Administrative mode Administrative mode .
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show interface loopback show interface loopback Description Displays information about the loopback IP interface. Syntax No parameters Example The example below shows the output of show interface loopback on a W-650 controller. #show interface loopback loopback interface is up line protocol is up Hardware is Ethernet, address is 00:0B:86:51:14:D0 Internet address is 10.3.49.100 255.255.255.255 The output of this command includes the following parameters: Parameter Description loopback interface is...
Dell Networking W-Series ArubaOS 6.4.
show interface port-channel show interface port-channel Description Displays information about a specified port-channel interface. Syntax Parameter Description access-group Displays access groups configured on this interface. counters Displays L2 interface counters for the specified interface. untrusted-vlan Displays port member vlan untrusted status. xsec Displays xsec configuration. Example The example below shows the output of show interface port-channel 0 on a controller.
Parameter Description Description The port type, name, and connector type. If the LAG is created by LACP, it is indicated as shown in the display output above. If the LAG is created by LACP, you can not statically add or delete any ports under that port channel. All other commands are allowed. If LACP is not shown, then the LAG is created by static configuration. Spanning Tree is... Spanning tree status on the specified port-channel.
Parameter Description InOctets Number of octets received through the port. InUcastPkts Number of unicast packets received through the port. InMcastPkts Number of multicast packets received through the port. InBcastPkts Number of broadcast packets received through the port. OutOctets Number of octets sent through the port. OutUcastPkts Number of unicast packets sent through the port. OutMcastPkts Number of multicast packets sent through the port.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show interface-profile voip-profile show interface-profile voip-profile Description This command displays the specified VoIP profile configuration information. Syntax Parameter Description Name of the VoIP profile. Examples The following example shows configuration details for the VoIP profile: (host) #show interface-profile voip-profile profile1 VOIP profile "profile1" ----------------------Parameter Value --------- ----VOIP VLAN 1 DSCP 0 802.
show interface tunnel show interface tunnel Description Displays information about tunnel interfaces. Syntax Parameter Description id Tunnel interface number. Example The example below shows the output of show interface tunnel for IPv4. #show interface tunnel 2000 Tunnel 2000 is up line protocol is up Description: Tunnel Interface Internet address is 3.3.3.1 255.255.255.0 Source 192.168.203.1 Destination 192.168.202.
Parameter Description Destination IP address of the tunnel’s destination. Tunnel mtu is set to... Size of the specified tunnel’s MTU. Tunnel is an... Description of the specified tunnel. Tunnel is... Whether or not the specified tunnel is trusted. Inter tunnel flooding is... Status of inter tunnel flooding on the specified tunnel. Tunnel keepalive is... Status of tunnel keepalive on the specified tunnel. Command History This command was introduced in ArubaOS 3.0.
show interface vlan show interface vlan Description Displays information about a specified VLAN interface. Syntax No parameters Example The example below shows the output of show interface vlan 1 on a W-650 controller. #show interface vlan 1 VLAN1 is up line protocol is down Hardware is CPU Interface, Interface address is 00:0B:86:61:82:40 (bia 00:0B:86:61:82:40) Description: 802.1Q VLAN Internet address is 10.3.49.50 255.255.255.
Parameter Description loopback... Loopback status MTU MTU size of the specified port in bytes Last clearing of “show interface counters” Time since “show interface counters” was cleared link status last changed Time since link status last changed Proxy ARP is... Status of proxy ARP on the specified interface DHCP Option-82 is... Status of DHCP Option 82. If the MAC address and ESSID are configured on this interface Command History This command was introduced in ArubaOS 3.0.
show inventory show inventory Description Displays hardware inventory of the controller. Syntax No parameters. Example Issue this command to display the hardware component inventory of the controller. The output of this command will vary, depending upon controller type.
Fan Tray Serial# Back Plane Assembly# Back Plane Serial# Power Supply type Power Supply 0 Power Supply 1 Power Supply 2 M3mk1 Card Temperatures AMP Card Temperatures M3mk1 Card Voltages : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : C00013879 (Date:12/18/04) 2000006B (Rev:01.
Parameter Description Line Card FPGA Name/type of FPGA associated with the specified line card slot Line Card Switch Chip Name/type of switch card associated with the specified line card slot Line Card Mez Card States whether or not a mezzanine card is present in the specified slot Line Card SPOE States whether or not a SPOE card is present in the specified slot Line Card Sup Card 0 States whether or not a supervisor card 0 is
Parameter Description M3mk1 Card Voltages This parameter displays to columns of voltages for many components displayed previously by this command. The voltage displayed in the right column should match the corresponding value in the left column, generally with +/5%. Command History This command was introduced in ArubaOS 1.0.
show iostat show iostat Description Displays IO statistics information. This command reports Central Processing Unit (CPU) statistics and input/output statistics for devices and partitions. Syntax No parameters. Example Issue this command to display the IO statistics of the controller.
Command History This command was introduced in ArubaOS 1.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers 1391 | show iostat Dell Networking W-Series ArubaOS 6.4.
show ip access-group show ip access-group Description Display access control lists (ACLs) configured for each port on the controller. Syntax No parameters. Examples The example below shows part of the output of this command. If a port does not have a defined session ACL, the Port-Vlan Session ACL table will be blank.
Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Config or Enable mode on master or local controllers 1393 | show ip access-group Dell Networking W-Series ArubaOS 6.4.
show ip access-list show ip access-list {brief|} Description Display a table of all configured access control lists (ACLs), or show details for a specific ACL. Syntax Parameter Description brief Display a table of information for all ACLs. Specify the name of a single ACL to display detailed information on that ACL. Examples The example below shows general information for all ACLs in the Access List table.
Parameter Description Use Count Number of rules defined in the ACL. Roles Names of user roles associated with the ACL. Include the name of a specific ACL to show detailed configuration information for that ACL. The output in the example below has been divided into two sections to better fit int this document. The output in the commandline interface will appear in a single, long table.
Parameter Description Service Network service, which can be one of the following: l An IP protocol number (0-255). l The name of a network service (use the show netservice command to see configured services). l any: Matches any traffic. l tcp: A TCP port number (0-65535). l destination port number: specify the TCP port number (0-65535) l source: TCP/UDP source port number l udp: A UDP port number (0-65535). Action Action if rule is applied, which can be one of the following: deny: Reject packets.
Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Config or Enable mode on master or local controllers 1397 | show ip access-list Dell Networking W-Series ArubaOS 6.4.
show ip cp-redirect-address show ip cp-redirect-address Description Show the captive portal automatic redirect IP address. Syntax No parameters. Examples The example below shows the IP address to which captive portal users are automatically directed. (host) # show ip cp-redirect-address Captive Portal redirect Address... 10.3.63.11 Related Commands Command Description ip cp-redirect-address This command configures a redirect address for captive portal. Command History Introduced in ArubaOS 3.0.
show ip dhcp show ip dhcp {binding|database|statistics} Description Show DHCP Server Settings. Syntax Parameter Description binding Show DHCP server bindings. database Show DHCP server settings. statistics Show DHCP pool statistics. Examples The example below shows DHCP statistics for two configured networks.
Parameter Description Expired leases Number of leases that have expired because they have extended past their valid lease period. Abandoned leases Number of abandoned leases. Abandoned leases will not be reassigned unless there are no free leases available. Related Commands Command Description ip dhcp pool This command configures a DHCP pool on the controller. ipv6 dhcp pool This command configures a DHCPv6 pool on the controller. Command History Release Modification ArubaOS 3.
show ip domain-name show ip domain-name Description Show the full domain name and server. Syntax No parameters. Examples The example below shows that the IP domain lookup feature is enabled, but that no DNS server has been configured on the controller. (host) #show ip domain-name IP domain lookup: IP Host.Domain name: Enabled MyCompany2400. No DNS server configured Related Commands Command Description ip domain lookup This command enables Domain Name System (DNS) hostname to address translation.
show ip igmp show ip igmp config|counters|{group maddr [ ]}|{interface [vlan ]}| {proxy-group vlan }|{proxy-mobility-group maddr }|proxy-mobiity-stats|proxy-stats Description Display Internet Group Management Protocol (IGMP) timers and counters.
65 10.6.5.252 255.255.255.0 00:0b:86:01:99:00 disabled 1 10.6.2.252 255.255.255.0 00:0b:86:01:99:00 disabled 66 10.6.6.252 255.255.255.0 00:0b:86:01:99:00 disabled 63 10.6.3.252 255.255.255.0 00:0b:86:01:99:00 disabled disabled 10.6.5.252 disabled disabled 10.6.2.252 disabled disabled 10.6.6.252 disabled disabled 10.6.3.252 disabled CP CP CP CP The output of this command includes the following parameters: Parameter Description VLAN A VLAN ID number.
Parameter Description query-interval Interval, in seconds, at which the controller sends host-query messages to the multicast group address 224.0.0.1 to solicit group membership information. query-response-interval Maximum time, in .1 second intervals, that can elapse between when the controller sends a host-query message and when it receives a response. This must be less than the query-interval.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Config or Enable mode on master controllers. 1405 | show ip igmp Dell Networking W-Series ArubaOS 6.4.
show ip mobile show ip mobile active-domains binding [|||brief] domain [] global hat host [|||brief] multicast-vlan-table [client-macaddr] packet-trace [] remote || trace |||{force |} traffic dropped|foreign-agent|home-agent|proxy trail | tunnel visitor [|||brief] Description Di
Parameter Description [] Filter the Mobile Host List to display data for a specific host IPv6 address. [] Filter the Mobile Host List to display data for a specific host MAC address. [brief] Limit the output of this command to show just two lines of data. multicast-vlan-table mac Displays mobility multicast VLAN table information. MAC address of the client.
Parameter Description tunnel Show the Mobile Tunnel Table for IPIP Tunnels. visitor Display a list of mobile nodes visiting a foreign agent. [] Filter the Foreign Agent Visitor list to display data for a specific host IPv4 address. [] Filter the Foreign Agent Visitor list to display data for a specific host IPv6 address. [] Filter the Foreign Agent Visitor list to display data for a specific host MAC address.
Parameter Description MAC and IP addresses of the host Roaming Status Displays how long the host has used its current controller and VLAN. Home VLAN VLAN ID, IP address and subnet of the home VLAN. DHCP lease Displays the amount of time the station has had its current DHCP lease. Related Commands Command Description ip mobile active-domain This command configures the mobility domain that is active on the controller.
show ip nat pool show ip nat pool Description Display pools of IP addresses for network address translation (NAT. Syntax No parameters Examples The example below shows the current NAT pool configuration on the controller. (host) # show ip nat pools NAT Pools --------Name Start IP End IP ---- ---------------2net 2.1.1.1 DNAT IP ------2.1.1.125 The output of this command includes the following parameters: Parameter Description Name Name of the NAT pool.
show ip ospf show ip ospf [database]|[debug route]|[interface tunnel|vlan ]|[neighbor]|[rapng-vpn aggregate-routes ]|[redistribute]|[subnet] Description Display statistics and configuration information for the Open Shortest Path First (OSPF) routing protocol. Syntax Parameter Description database Show database information for the OSPF protocol. debug route Show debugging information for OSPF routes.
To display OSPF settings for an individual interface, you must specify a VLAN or tunnel ID number. The example below displays part of the output of the show ip ospf interface vlan command. (host) # show ip ospf interface vlan 10 Vlan 3 is up, line protocol is up Internet Address 3.3.3.1, Mask 255.255.255.0, Area 10.1.1.1 Router ID 10.4.131.227, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State WAIT, Priority 1 Designated Router id 0.0.0.0, Interface Address 3.3.3.
Parameter Description DisCd Number of received packets that are discarded. BadVer Number of received packets that have bad OSPF version number. BadNet Number of received packets that belong to different network than the local interface. BadArea Number of received packets that belong to different area than the local interface. BadDstAdr Number of received packets that have wrong destination address.
show ip pppoe-info show ip pppoe-info Description Display configuration settings for Point-to-Point Protocol over Ethernet (PPPoE). Syntax No parameters. Examples The example below shows the current PPPoE configuration. (host) #show ip pppoe-info PPPoE PPPoE PPPoE PPPoE username: rudolph123 password: service name: ppp2056 VLAN: 22 The output of this command includes the following parameters: Parameter Description PPPoE username PAP username configured on the PPPoE access concentrator.
show ip radius show ip radius nas-ip|source-interface Description Display global parameters for configured RADIUS servers. Syntax Command Description nas-ip Show the Network Access Server (NAS) IP address attribute sent in outgoing RADIUS requests source-interface Show the source address of outgoing RADIUS requests Examples The example below shows the RADIUS client NAS IP address. (host) #show ip radius nas-ip RADIUS client NAS IP address = 10.168.254.
show ip route show ip route counters static stats Description View the Dell controller routing table. Syntax Command Description counters Displays the number of routes present, categorized by type. static Include this optional parameter to display only static routes. stats Displays route statistics. Usage Guidelines This command displays static routes configured on the controller via the ip route command.
Related Commands Command Description ip radius This command configures global parameters for configured RADIUS servers. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.3 Introduced counters parameter. . Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Config or Enable mode on master or local controllers 1417 | show ip route Dell Networking W-Series ArubaOS 6.4.
show ipc statistics app-ap show ipc statistics app-ap {am|sapd|sta} {ap-name }|{bssid }|{ip-addr } Description Display Inter Process Communication (IPC) statistics for a specific AP or BSSID. Syntax Parameter Description am Show IPC statistics for an air monitor. sapd Show IPC statistics for the SAPD process. stm Show IPC statistics for station management communications. ap-name Show IPC statistics for an AP with a specific name.
The output of this command includes the following data columns: Parameter Description Tx Msg Number of transmitted messages. Tx Blk Number of blocking messages transmitted. Tx Ret Number of transmitted messages that were returned. Tx Fail Number of failure messages that were transmitted. Rx Ack Number of received acknowledgements. Rx Msg Number of received messages. Rx Drop Number of received messages that were dropped. Rx Err Number of received messages with errors.
show ipc statistics app-id show ipc statistics app-id Description Display Inter Process Communication (IPC) statistics for a specific AP or BSSID. Syntax Parameter Description Application ID number. This number must be obtained from Dell support. Usage Guidelines Issue this command at the request of Dell support to troubleshoot application errors. Command History This command was available in ArubaOS 1.0.
show ipc statistics app-name show ipc statistics app-name Description Display Inter Process Communication (IPC) statistics for a specific application.
Profile Manager 0 Mobile IP 0 Syslog Manager 0 WMS 19 PIM 1 Configuration Man 12 License Manager 0 Datapath 0 Nanny 0 Remote Statistics To application Ack WMS 0 STM 0 Allocated Buffers Static Buffers Static Buffer Size 1 1 0 0 1 0 0 0 1120303 0 0 0 1076236 1 0 0 2 2 0 0 2 0 0 0 0 0 0 0 0 19 0 0 2 1 0 0 2 1 1 0 2 1 0 0 2 13 0 0 1 1 0 0 1 0 0 0 3281237 66425 1 0 1907552 1382289 104 6 1 0 0 0 0 0 0 0 Tx Msg Tx Blk Tx Ret Tx Fail Rx Ac
Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 1423 | show ipc statistics app-name Dell Networking W-Series ArubaOS 6.4.
show ipv4 user-table show ipv4 user-table ap-group ap-name authentication-method dot1x|mac|opensystem|psk|stateful-dot1x|via-vpn|vpn|web bssid debug essid internal ip [log] mac mobile {[bindings][visitors]} name phy-type {[a]|[b]} role rows station verbose Description Displays IPv4 user table entries. You can filter the output based on various parameters are described in table.
Parameter Description debug Displays entries in the IPv4 user-table that are in debug mode. essid Displays entries in the IPv4 user-table that are associated to the specified ESSID. If the ESSID includes spaces, you must enclose it in quotation marks. internal Displays internal IPv4 users. ip Displays IPv4 users that match the specified IPv4 IP address. log Displays the log information for the specified IPv4 client. mac Displays users with the specified MAC address.
10.20.102.113 24:77:03:cf:ff:98 ALCATEL-LUCENT\laura employee 00:01:27 802.1x SH-GF-1 Wireless alpha-wpa2/d8:c7:c8:44:2c:51/a-HT aplha-india tunnel Win 7 10.20.102.36 00:27:10:5c:b5:38 mbabu employee 00:01:04 802.1x SH-1F-13 Wireless alpha-wpa2/d8:c7:c8:89:c9:f1/a-HT aplha-india tunnel Win 7 BLR-MBABU-T410 10.20.102.131 58:94:6b:7a:40:c0 ALCATEL-LUCENT\sneeralgi employee 00:00:53 802.1x SH-3F-05 Wireless alpha-wpa2/00:24:6c:80:50:28/a-HT aplha-india tunnel Win 7 10.20.102.
Parameter Description Roaming Current roaming status of the client. Essid/Bssid/Phy ESSID/BSSID/Phy to which the client is associated. Profile Displays the AAA profile. Command History Release Modification ArubaOS 3.3 Command introduced ArubaOS 6.3 The optional log parameter was introduced to display log files for events triggered by a specific user. Only W-6000, W-3600 and W-7200 Series controllers support per-user logging.
show ipv6 access-list (deprecated) show ipv6 access-list [ | brief] Description Displays IPv6 access list configured in the controller. Syntax Parameter Description string To view details of a specific ACL. brief To view a summary of all IPv6 ACLs. Command History Version Modification ArubaOS 3.3 Command introduced ArubaOS 6.1 Command deprecated. This command has been replaced by the show ip access-list command. Dell Networking W-Series ArubaOS 6.4.
show ipv6 datapath session counters (deprecated) show ipv6 datapath session counters Description Displays datapath session table statistics. Command History Version Modification ArubaOS 1.0 Command introduced ArubaOS 6.1 Command deprecated. This command has been replaced by the show datapath session ipv6 counters command. 1429 | show ipv6 datapath session counters (deprecated) Dell Networking W-Series ArubaOS 6.4.
show ipv6 datapath session table (deprecated) show ipv6 datapath session table Description Displays current IPv6 session on the controller. Syntax Parameter Description Optional parameter. If specified, displays IPv6 datapath session table for that IP address. By default, displays session table for all IPv6 addresses. Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 Command deprecated.
show ipv6 datapath user counters (deprecated) show ipv6 datapath user counters Description Displays datapath user table statistics. Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 Command deprecated. This command has been replaced by the show datapath user ipv6 command. 1431 | show ipv6 datapath user counters (deprecated) Dell Networking W-Series ArubaOS 6.4.
show ipv6 datapath user table (deprecated) show ipv6 datapath user table Description Displays ipv6 datapath user table entries. Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 Command deprecated. This command has been replaced by the show datapath user ipv6 command. Dell Networking W-Series ArubaOS 6.4.
show ipv6 dhcp show ipv6 dhcp binding database [pool] Description Shows DHCPv6 server settings. Syntax Parameter Description binding Show DHCPv6 server bindings. database Show DHCPv6 server settings. statistics Show DHCPv6 pool statistics. Examples The example below shows the DHCPv6 database: (host)#show ipv6 dhcp database DHCPv6 enabled # 2001-feed-64-nw subnet6 2001:feed::/120 { option vendor-class-identifier "ArubaAP"; option dhcp6.
(host) (config) #show ipv6 dhcp database pool DHCPv6 # DHCPv6 subnet6 2001:470:faca:4::/120 { default-lease-time 43200; max-lease-time 43200; option dhcp6.domain-search "test.org"; option vendor-class-identifier "ArubaAP"; option dhcp6.vendor-opts "2001:feed::235"; option dhcp6.name-servers 2001:470:20::2; option dhcp6.preference 25; option dhcp6.
show ipv6 firewall show ipv6 firewall Example This example displays the status of all firewall configurations.
Parameter Description Per-packet logging If active, and logging is enabled for the corresponding session rule, this feature logs every packet. Enforce TCP handshake before allowing data If enabled, this feature prevents data from passing between two clients until the three-way TCP handshake has been performed. Enabling this option causes mobility to fail. So, disable this option if you have mobile clients on the network as.
show ipv6 interface show ipv6 interface [brief] Description View IPv6-related information on all interfaces. Syntax Parameter Description brief Optional parameter. If specified, displays the IPv6-related information on all the interfaces in a summary format.
fe80::b:8600:326d:863c/64 2050:3::50:1/64 loopback [ up/up ] fe80::b:860f:ff6d:863c/64 mgmt [down/down] unassigned tunnel 2 [ up/up ] unassigned The following table details the columns and content in the show command. Column Description Interface List the interface and interface identification with the IPv6 address and netmask for the interface, if configured. Status/Protocol States the administrative status and the IPv6 status on the interface.
show ipv6 mld config show ipv6 mld config Description Displays Multicast Listener Discover (MLD) configuration details. Example This example displays the current MLD configuration values.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.4.
show ipv6 mld counters show ipv6 mld counters Description Displays the statistics of MLD. Example This example displays the MLD statistics for the following values.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.4.
show ipv6 mld group show ipv6 mld group Example This example displays MLD group details.
The output of the show ipv6 mld group command includes the following parameters: Parameter Description Source IP address of the multicast source. Age This parameter specifies the aging time. Command History Release Modification ArubaOS 3.3 Command introduced ArubaOS 6.4 The mode and age parameters were introduced Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.
show ipv6 mld interface show ipv6 mld interface Example This example displays MLD status on VLANs. To view details for a specific VLAN, you can specify the VLAN ID.
show ipv6 mld proxy-group show ipv6 mld proxy-group [vlan ] Example This example displays MLD proxy-group details.
show ipv6 mld proxy-stats show ipv6 mld proxy-stats Example This example displays the status of the MLD proxy. (host) #show ipv6 mld proxy-stats MLD Proxy Statistics(Upstream) -----------------------------Name Sent Received ------- -------Queries 39 Joins 51 112 Leaves 9 0 The output of this command includes the following parameters: Parameter Description Name Type of packet. Sent Number of packets sent. Received Number of packets received. Command History This command was available in ArubaOS 6.
show ipv6 mld proxy-mobility-group show ipv6 mld proxy-mobility-group [maddr ] Example This example displays MLD proxy-mobility-group details. (host) #show ipv6 mld proxy-mobility-group MLD MIP Group Table ------------------Group Members ----- ------ff1e::2 1 ff02::1:3 2 ff02::c 1 The output of this command includes the following parameters: Parameter Description Group Name of MLD mobility group. Members Number of members in an MLD mobility group.
show ipv6 mld proxy-mobility-stats show ipv6 mld proxy-mobility-stats Example This example displays the details of MLD proxy-mobility statistics.
show ipv6 neighbors show ipv6 neighbors Description Displays the IPv6 neighbors configured on a VLAN interface. Usage Guidelines This command displays the IPv6 neighbors configured on a VLAN interface via the ipv6 neighbor command. Examples The example below shows the ipv6 neighbors configured on VLAN 1 .
show ipv6 ra status show ipv6 ra status Description Displays the IPv6 RA status on the VLAN interfaces. Usage Guidelines This command displays the IPv6 RA status on the VLAN interfaces. Examples The example below shows the IPv6 RA status on the VLAN interfaces .
show ipv6 route show ipv6 route [counters | static] Description Displays the Dell controller IPv6 routing table. Syntax Command Description counters Displays the number of routes present, categorized by type. static Include this optional parameter to display only static IPv6 routes. Usage Guidelines This command displays static IPv6 routes configured on the controller via the ipv6 route command.
Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Config or Enable mode on master or local controllers 1453 | show ipv6 route Dell Networking W-Series ArubaOS 6.4.
show ipv6 user-table show ipv6 user-table ap-group ap-name authentication-method dot1x|mac|opensystem|psk|stateful-dot1x|via-vpn|vpn|web bssid debug essid internal ip [log] mac mobile {[bindings][visitors]} name phy-type {[a]|[b]} role rows station verbose Description Displays IPv6 user table entries. You can filter the output based on various parameters are described in table.
Parameter Description debug Displays entries in the IPv6 user-table that are in debug mode. essid Displays entries in the IPv6 user-table that are associated to the specified ESSID. If the ESSID includes spaces, you must enclose it in quotation marks. internal Displays internal IPv6 users. ip Displays IPv6 users that match the specified IPv6 IP address. log Displays the log information for the specified IPv6 client. mac Displays users with the specified MAC address.
fe80::216:ceff:fe2c:b485 00:16:ce:2c:b4:85 Wing-A logon 00:00:06 802.1x 00:0b:86:c1:0e:8c Wireless Wing-A/00:0b:86:90:e8:c0/g default-dot1x 2003:d81f:f9f0:1001:617c:9151:6d25:f754 00:16:ce:2c:b4:85 Wing-A logon 00:00:06 802.1x 00:0b:86:c1:0e:8c Wireless Wing-A/00:0b:86:90:e8:c0/g default-dot1x The output of this command includes the following parameters: Parameter Description IP IP address of the client in that row that authenticating using dot1x MAC MAC address of the client.
show keys show keys [all] Description Show whether optional keys and features are enabled or disabled on the controller. Syntax Parameter Description all Include this optional parameter to display the status of all optional keys and features. If this parameter is omitted, the output displays the status of the most commonly used features and keys. Example The following example displays the status of the most commonly used keys and features on the controller.
Related Commands To view the license usage database (including the license key strings) use the command show license on page 1463. Command History This command was available in ArubaOS 1.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers Dell Networking W-Series ArubaOS 6.4.
show lacp show lacp {counters | internal | neighbor} Description View the LACP configuration status. Syntax Parameter Description Enter the Link aggregation group number. Range: 0-7 counters Enter the keyword counters to view the LACP traffic. internal Enter the keyword internal to view the LACP internal information. neighbor Enter the keyword neighbor to view the LACP neighbor information. Example The port uses the group number +1 as its “actor admin key”.
---FE 1/1 FE 1/2 -------10 12 -------10 12 ------0 0 -------- --------- --------0 0 0 0 0 0 Related Command Command Description lacp group Enable LACP and configure on the interface show interface port-channel View information on a specified port-channel interface show lacp sys-id View the LACP system ID information Command History Release Modification ArubaOS 3.4.
show lacp sys-id show lacp sys-id Description View the LACP system MAC address and port priority. Example This command returns the port priority and the MAC address (comma separated). In the example below, the port priority is the default value 32768 followed by the MAC address 00:0B:86:40:37:C0.
show lcd-menu show lcd-menu Description Displays the current LCD Menu configuration. Syntax None. Example An example output of the show lcd-menu command.
show license show license [limits] Description Displays the license table. Syntax Parameter Description limits Enter the keyword limit to display the current license limits. Example An example output of the show license command.
Parameter Description Key The license key. Installed The license installation date and time. Expires The date that your evaluation license expires is listed in this column. Permanent license will always have a “Never” in this column. Expired evaluation licenses will also be indicated in this column. Flags This column displays some status about your license. The legend for this column appears at the bottom of the display output. They are: A: The license is auto-generated.
show license aggregate show license aggregate Description Display the license limits sent from centralized licensing clients to the licensing server. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, you can issue this command from the command-line interface of the centralized licensing server controller to view license limits sent by licensing clients.
Parameter Description Last update (secs. ago Time, in seconds, that has elapsed since the licensing table on the master licensing controller was updated. Total License Count These rows display the total numbers of licenses available for each license type. These numbers include licenses sent from licensing clients and and any licenses currently installed on the licensing master. Related Commands Issue this command from the command-line interface of the centralized licensing master controller.
show license client-table show license client-table Description Display the centralized license limits applied to each licensing client. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing client to view license limits applied to that licensing client from the licensing table. Example The following example displays output of the show license client-table command.
Related Commands To view additional statistics for license usage on the licensing server, use the command show license aggregate. Command History Release Modification ArubaOS 6.3 Command introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on centralized licensing client controllers Dell Networking W-Series ArubaOS 6.4.
show license debug show license debug Description Displays a summary of the current settings of the centralized licensing feature. Syntax No parameters Example The following example shows the output of the show license debug command. (host) # show license debug Summary of licensing state Centralized Licensing: Enabled Switch Role: Master License Role: License Server Master IP: 192.0.2.100 Switch IP: 192.0.1.103 License Server IP: 0.0.0.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on local and master controllers. Dell Networking W-Series ArubaOS 6.4.
show license heartbeat stats show license heartbeat stats Description Display the license heartbeat statistics between the centralized licensing server and the license client. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing server to view heartbeat requests to and responses from each licensing client associated to that licensing server.
Command History Release Modification ArubaOS 6.3 Command introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on centralized licensing master or licensing client controllers. Dell Networking W-Series ArubaOS 6.4.
show license profile show license profile Description Display the license profile to determine if centralized licensing is enabled on the controller. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing master or client to determine if centralized licensing is enabled on that controller. Note that each controller supports only one licensing profile.
show license server-table show license server-table Description Display the license table as it appears on the centralized licensing server. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing server to view to view licensing counts for each supported license type..
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on centralized licensing master or licensing client controllers. 1475 | show license server-table Dell Networking W-Series ArubaOS 6.4.
show license server-redundancy show license server-redundancy Description Display information about a redundant server used by the centralized licensing feature. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing server to view to information for the redundant server.
show license-usage show license-usage acr | ap | user | xsec |client Description Display license usage information. Syntax Parameter Description acr Show ACR license usage ap Show AP license usage information. user Show Policy Enforcement Firewall (PEF) user license usage. xsec Show Extreme Security (xSec) user and tunnel license usage. client For deployments using centralized licensing, show the license usage by centralized licensing clients.
AP Licenses ----------Type ---AP Licenses RF Protect Licenses PEF Licenses Overall AP License Limit AP Usage -------Type ---Active CAPs Standby CAPs RAPs Remote-node APs Tunneled nodes Total APs Number -----512 512 512 512 Count ----3 0 0 0 0 3 Remaining AP Capacity --------------------Type Number ---- -----CAPs 509 RAPs 509 When you issue the show license-usage client command from the command-line interface of a controller configured as a centralized licensing server, the output displays license usage
Parameter Description PEF Total number of Policy Enforcement Firewall (PEF) licenses used by a licensing client associated with this controller. RF Protect Total number of RFprotect licenses used by a licensing client associated with this controller. xSec Module Total number of Extreme Security (xSec) licenses used by a licensing client associated with this controller. ACR Total number of advanced Cryptography (ACR) licenses used by a licensing client associated with this controller.
show lldp interface show lldp interface [fastethernet | gigabitethernet ] Description This command displays the LLDP interfaces information. Syntax Parameter Description fastethernet Displays LLDP information on a fastethernet port. gigabitethernet .Displays LLDP information on a gigabitethernet interface. Example The example shows two commands. The output of the show lldp interface command displays information for all LLDP interfaces.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers 1481 | show lldp interface Dell Networking W-Series ArubaOS 6.4.
show lldp neighbor show lldp neighbor interfaces [fastethernet | gigabitethernet [detail]] Description This command displays information about LLDP peers. Syntax Parameter Description fastethernet Displays LLDP information on a fastethernet port. gigabitethernet Displays LLDP information on a gigabitethernet interface. detail Include details.
Parameter Description Local Intf Slot and port number. Chassis ID MAC address of the LLDP Peer. Capability Shows the capabilities of the peer to operate as a router, bridge, access point, phone or other network device. Remote Intf Remote interface. Expiry-time Expiry time. System Name Name of the peer system, as supplied by the peer. The output of the show lldp neighbor interface gigabitethernet detail command varies, depending upon the type of LLDP peer detected.
Parameter Description Media attached unit type This parameter displays additional details about an LLDP-MED device attached to the interface. The specific details depend upon the capabilities of the device. VLAN VLAN ID assigned to the peer interface. pvid Indicates if the VLAN ID is assigned to the peer access port. MAC Shows the MAC address of the rogue AP detected by the Instant AP(IAP), which is blacklisted by the MAS.
show lldp statistics show lldp statistics [interface fastethernet | gigabitethernet ] Description This command displays the LLDP statistics information. Syntax Parameter Description fastethernet Displays LLDP information on a fastethernet port. gigabitethernet Displays LLDP information on a gigabitethernet interface. Usage Guidelines By default, this command displays LLDP statistics for the entire list of LLDP interfaces.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.4.
show local-cert-mac show local-cert-mac tag Description Display the IP, MAC address and certificate configuration of local controllers in a master-local configuration. Syntax Parameter Description tag IP address of the local controller or MAC address of the local controller certificate. Usage Guidelines By default the output of this command shows each local controller’s IP and MAC address and the type of certificate used by those local controllers (Custom or Factory).
Related Commands Command Description Mode local-factory-cert This command configures the factory-installed certificate for secure communication between a local controller and a master controller. Enable or Config mode on master controllers. local-custom-cert This command configures a custom certificate for secure communication between a local controller and a master controller. Enable or Config mode on master or local controllers. Command History Available in ArubaOS 6.
show local-userdb-ap local-userdb-ap mac-address start Description View detailed information for the obsolete RAP whitelist database used in ArubaOS 6.1 and earlier. Syntax Parameter Description mac-address MAC address of the remote AP to be removed from the Remote AP Whitelist table. start Start displaying the table at the specified record in the database Usage Guidlines When you upgrade from ArubaOS 5.0-6.1 to ArubaOS 6.
Parameter Description Name MAC address of the AP. AP-Group Name of the AP group to which the AP has been assigned. AP-name Name of the AP. If no name has been specified, this column will display the AP’s MAC address Full-name Text string used to identify the AP. This field often describes the AP’s user, and corresponds to the User Name field in the RAP whitelist in the WebUI. Authen-Username User name of the user who authenticated the remote AP.
Command History Modification ArubaOS 5.0 Command introduced. ArubaOS 6.2 Command replaced by show whitelist-db rap on page 1813. 1491 | show local-userdb-ap Dell Networking W-Series ArubaOS 6.4.
show local-userdb-guest show local-userdb-guest Description Shows information about guest accounts in the local user database. Syntax Parameter Description maximum-expiration How long the account is valid, in minutes, in the internal database. The user account record’s location (by number) as it is listed in the database. The number of user account records that display on one page.
Parameter Description Role Role for the user. This role takes effect when the internal database is specified in a server group profile with a server derivation rule. If there is no server derivation rule configured, then the user is assigned the default role for the authentication method. E-mail Shows the email address of the user account. Enabled Shows whether the account is enabled or disabled. Expiry Shows the expiration date for the user account. If this is not set, the account does not expire.
show local-userdb-remote-node (deprecated) show local-userdb-remote-node mac-address start Description The output of this command lists the MAC address and assigned Remote Node profile for of each Remote Node Controller associated with that Remote Node Controller master. Syntax Parameter Description mac-address How long the account is valid, in minutes, in the internal database. start The user account record’s location (by number) as it is listed in the database.
Related Commands Command Description Mode remote-node-profile (deprecated) The remote-node-profile command lets you create a Remote Node Controller profile. Config mode Command History Release Modification ArubaOS 6.0 Command introduced. ArubaOS 6.2 Command deprecated. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master and local controllers 1495 | show local-userdb-remote-node (deprecated) Dell Networking W-Series ArubaOS 6.4.
show local-userdb show local-userdb {[maximum-expiration][start page The user account record’s location (by number) as it is listed in the database. The number of user account records that display on one page.
Parameter Description Role Role for the user. This role takes effect when the internal database is specified in a server group profile with a server derivation rule. If there is no server derivation rule configured, then the user is assigned the default role for the authentication method. E-mail Shows the email address of the user account. Enabled Shows whether the account is enabled or disabled. Expiry Shows the expiration date for the user account. If this is not set, the account does not expire.
show local-userdb username show local-userdb username Description Shows information about specific user account in the internal controller database. Usage Guidelines Issue this command to display an overview of a particular user account in the database. Example This example shows the basic summary of a user account Paula in the database.
show local-userdb username show local-userdb username Description Shows information about specific user account in the internal controller database. Usage Guidelines Issue this command to display an overview of a particular user account in the database. Example This example shows the basic summary of a user account Paula in the database.
show localip show localip Description Displays the IP address and VPN shared key between master and local. Syntax No parameters. Example The output of this command shows the controller’s IP address and shared key between master and local controllers. (host) # show localip Local Switches configured by Local Switch IP --------------------------------------------Switch IP address of the Local Key ------------------------------ --0.0.0.0 ******** Command History This command was available in ArubaOS 3.
show log all show log all [] Description Show the controller’s full log. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. Example This example shows the most ten recent log entries for the controller.
show log ap-debug show log ap-debug{[][all]} Description Show the controller’s AP debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the AP debug logs for the controller. Example This example shows the ten most recent AP debug logs for the controller. (host) #show log ap-debug 10 Nov 24 20:54:24 KERNEL(AP39@10.6.1.21): All Rights Reserved Nov 24 20:54:24 KERNEL(AP39@10.6.1.
show log bssid-debug show log bssid-debug{[][all]} Description A Basic Service Set Identifier (BSSID) uniquely defines each wireless client and Wireless Broadband Router. This command shows the controller’s BSSID debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the BSSID debug logs for the controller. Command History This command was available in ArubaOS 3.0.
show log errorlog show log errorlog{[][all]} Description Show the controller’s system errors and other critical information. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the error logs for the controller. Example This example shows the ten most recent system log errors. (host) #show log errorlog 10 Mar 5 10:30:34 |AP 1.1.1@10.3.49.
Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Enable and Config modes. 1505 | show log errorlog Dell Networking W-Series ArubaOS 6.4.
show log essid-debug show log essid-debug{[][all]} Description Show the controller’s ESSID debug logs. An Extended Service Set Identifier (ESSID) is used to identify the wireless clients and Wireless Broadband Routers in a WLAN. All wireless clients and Wireless Broadband Routers in the WLAN must use the same ESSID. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log.
show log network show log network{[][all]} Description Show the controller’s system network errors. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the network logs for the controller.
show log security show log security{[][all]} Description Show the controller’s security logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the security logs for the controller. Example This example shows the controller’s last seven security logs.
show log system show log system{[][all]} Description Show the controller’s system logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the system logs for the controller. Example This example shows the controller’s last ten system logs.
show log user show log user{[][all]} Description Show the controller’s user logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the user logs for the controller. Example This example shows the controller’s last ten user logs. (host) #show log user 10 Mar 5 13:29:57 :501083: |stm| Probe request: address from AP 10.3.49.253-00:0b:86:a2:e7:40-1.1.
show log user-debug show log user-debug{[][all]} Description Show the controller’s user debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the user debug logs for the controller. Example This example shows the controller’s last ten user debug logs. (host) #show log user-debug 10 Mar 5 13:57:24 :501090: 00:0b:86:a2:e7:40-1.1.1 Mar 5 13:57:24 :501090: 00:0b:86:a2:e7:41-1.1.
show log wireless show log wireless{[][all]} Description Show the controller’s wireless logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the wireless logs for the controller. Example This example shows the controller’s last ten wireless logs. (host) #show log wireless 10 Mar 5 13:59:31 :404003: |AP 1.1.1@10.3.49.
show logging show logging facility|server|{level [verbose]} Description the IP address of the remote logging server, as well as facility log types and their associated facility levels. Syntax Parameter Description facility View the facility used when logging messages into the remote syslog server. server Show the IP address of a remote logging server. level [verbose] Show logging levels at which the messages are logged.
Remote Server: 1.1.1.1 FACILITY MAPPING TABLE ---------------------local-facility severity -------------- -------user debugging remote-facility --------------local1 Related Commands Command Description Mode logging Use this command to specify the IP address of the remote logging server, as well as facility log types and their associated facility levels. Config mode on master and local controllers Command History This command was introduced in ArubaOS 2.5.
show loginsessions show loginsessions Description Displays the current administrator login sessions statistics. Syntax No parameters. Example Issue this command to display the admin login session statistics. Session Table ------------ID User Name -- --------1 admin User Role --------root Connection From --------------10.100.102.
show mac-address-table show mac-address-table Description Displays a MAC forwarding table. Syntax No parameters. Example Issue this command to display the MAC forwarding table.
Command History This command was introduced in ArubaOS 1.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show master-configpending show master-configpending Description Displays the list of global commands which are not saved and are not sent to the local controller. Syntax No parameters. Example This example below displays the commands which are not saved and are not sent to the local controller. (host) #show master-configpending aaa profile "default-xml-api" aaa xml-api server "10.17.93.2" aaa xml-api server "10.17.93.2" aaa xml-api server "10.17.93.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master controllers. Dell Networking W-Series ArubaOS 6.4.
show master-local stats show master-local stats [] [] Description Display statistics for communication between master and local controllers. Syntax Parameter Description Include the IP address of a controller to display statistics that controller only. Start displaying the output of this command at the specified page number. Usage Guidelines By default, master and Local controllers exchange heartbeat messages every 10 seconds.
Parameter Description Peer Reset The number of times the connection to peer is been reset. The connection could reset due to network connectivity problems or when the peer switch reboots. Cfg Terminate Number of times the controller has failed to upgrade to a new configuration Last Synced Timestamp showing the last time the local controller synched its configuration from the master controller. Command History This command was introduced in ArubaOS 3.0.
show master-redundancy show master-redundancy Description Display the master controller redundancy configuration. Syntax No parameters. Example This example below shows the current master redundancy configuration, including the ID number of the master VRRP virtual router and the IP address of the peer controller for master redundancy. (host) #show master-redundancy Master redundancy configuration: VRRP Id 2 current state is MASTER Peer's IP Address is 2.1.1.
show memory show memory aaa ap {meshd|rfd|sapd}|{ap-name }|{bssid }|{ip-addr } auth certmgr cfgm cpsec dbsync debug [verbose] dhcpd ecc fpapps fpcli isakmpd l2tpd mdns mobileip ospf pim pptpd profmgr slb snmpd stm udbserver wms Description Show the amounts of free and available memory on the controller, or include a process name to show memory information for a process on the AP or controller.
Parameter Description certmgr Display the memory information for certmgr process. cfgm Display memory information for the cfgm process on the controller. cpsec Displays memory information for the Control Plane Security process on the controller. dbsync Display memory information for the dbsync process on the controller. debug [verbose] Display detailed memory information to debug memory errors the controller. This command should only be used under the supervision of Dell Technical Support.
Include the name of a process to show memory statistics for that process. The example below shows memory statistics for mobileip.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.3 The following parameters were introduced: l aaa l cpsec l ecc l mdns Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 1527 | show memory Dell Networking W-Series ArubaOS 6.4.
show mgmt-role show mgmt-role Description This command allows the user to view a list of management role configurations. Syntax No parameters. Example Issue this command to display a list of management user roles.
show mgmt-server show mgmt-server message-counters process {auth | fw_visibility | spectrum | stm | wms} profile Description Displays the message counter information of management server. Syntax Parameter Description message-counters Message counter in the recent past.
Stats Tag Sessions Monitored Info Monitored Stats Misc Location Voice Info Enabled Enabled Enabled Disabled Disabled Enabled Enabled Disabled Command History Release Modification ArubaOS 3.4 Command introduced. ArubaOS 6.3 The wms process is introduced to track the Advanced Monitoring (AMON) message counters. ArubaOS 6.3.1 The profile parameter was introduced.
show mgmt-servers show mgmt-servers Description Displays list of management servers that receive Advanced Monitoring (AMON) messages from the controller. Syntax Parameter Description mgmt-servers Management Servers. This could be AirWave Management Server or any other server that receive messages from the controller using AMON protocol. Example The output of this command shows list of management servers in the controller.
show mgmt-users show mgmt-users [ | local-authentication-mode | ssh-pubkey | webui-cacert ] Description Displays list of management users on the controller and also details of each management users. Syntax Parameter Description username To view details of a specific management user. local-authentication-mode Status of local-authentication mode. ssh-pubkey Number of management users using the ssh-pubkey.
show tunneled-node config show tunneled-node config Description Displays wired tunneled node configuration details. Syntax No parameters. Example The output of this command shows the tunneled node configuration details. (host) # show tunneled-node config Tunneled Node:Enabled Tunneled Node Server:4.4.4.1 Tunnel Loop Prevention:Disabled Tunnel Node MTU:5000 Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The command name was changed to show tunneled-node config.
show netdestination show netdestination Description Displays IPv4 and IPv6 network destination information. Syntax No parameters. Example Issue this command to display all netdestination configured on this controller. The output below displays information for all configured IPv4 and IPv6 netdestinations. To display additional detailed information for an individual netdestinations, include the name of the netdestination at the end of the command.
show netexthdr show netexthdr Description This command displays the IPv6 extension header (EH) types that are denied. Syntax Parameter Description Default Specify the EH alias name. default Usage Guidelines Example The following command displays the denied extended header types in the default EH: (host) #show netexthdr default Extended Header type(s) Denied -----------------------------51, Command History Release Modification ArubaOS 6.
show netservice show netservice [] Description Show network services Syntax Parameter Description Name of a network service. Usage guidelines Issue this command without the optional parameter to view a complete table of network services on the controller. Include the parameter to display settings for a single network service only. Example The following example shows the protocol type, ports and application-level gateway (ALG) for the DHCP service.
show netstat show netstat [stats] Description Show current active network connections. Syntax Parameter Description Show network statistics, filtered by protocol type. Usage guidelines Issue this command without the optional stats parameter to view a complete table of active network connections. Include the stats parameter to display aggregate statistics for IP, ICMP, TCP and UDP protocols. Example The following example shows incoming and outgoing packet statistics for the controller.
1006383 segments received 1147229 segments send out 9603 segments retransmitted 0 bad segments received. 2568 resets sent Udp: 928478757 packets received 40767 packets to unknown port received. 426937 packet receive errors 910267627 packets sent Related Commands To configure an alias for network protocols, use the command netservice. Command History This command was available in ArubaOS 1.0.
show network-printer show network-printer [config | job | status] Description Displays configuration, job status details, and printer status of USB printers connected to a W-600 Series controller. Syntax Parameter Description config Displays the configuration details of the printer service on the controller. job Displays the list of job in queue in all printers connected to the controller. status Displays the status of all printers connected to the controller.
show network-storage show network-storage [ files opened | shares { | disk | status | users {disk } ] Description Displays details about the USB storage device connect to a W-600 Series controller. Syntax Parameter Description files opened Displays the list of opened files in the USB storage device connected to the controller. shares Displays the list of shares that are created in the USB storage device.
show ntp trusted-keys show ntp trusted-keys Description Show information for the NTP trusted key Syntax No parameters. Example The following example shows values for the NTP authentication keys, Key ID and Md5 secret key. (host) #show ntp authentication-keys Key Id -----12345 md5 secret ---------4567 The output of this command includes the following parameters: Parameter Description Key ID The key identifier used to when you configured the NTP authentication key.
show ntp peer show ntp peer Description Show NTP peer information. Syntax Parameter Description IPv4/IPv6 Address of the peer. Example The output of this commands shows IPv4 and IPv6 address of the peer. (host) #show ntp peer 2008::2 remote 2008::2, local 2008::1 hmode client, pmode sym_active, stratum 16, precision -20 leap 11, refid [73.78.73.84], rootdistance 0.00000, rootdispersion 0.
timer 0s, flags config, bclient reference time: d6186d7e.c99ed7ba Sun, Oct 27 2013 20:58:38.787 originate timestamp: 00000000.00000000 Wed, Feb 6 2036 22:28:16.000 receive timestamp: d6186e24.f02d3f57 Sun, Oct 27 2013 21:01:24.938 transmit timestamp: d6186e24.f02d3f57 Sun, Oct 27 2013 21:01:24.938 filter delay: 0.00113 0.00000 0.00000 0.00000 0.00000 0.00000 0.00000 0.00000 filter offset: 0.398620 0.000000 0.000000 0.000000 0.000000 0.000000 0.000000 0.000000 filter order: 0 1 2 3 4 5 6 7 offset 0.
show ntp servers show ntp servers [brief] Description Show information for Network Time Protocol (NTP) servers. Syntax Parameter Description brief Display the IP address of the defined NTP servers, iburst and key settings. Examples The following example shows values for the primary and backup NTP servers. The primary server is marked with an asterisk (*) and the backup server is marked with an equals sign (=).
Parameter Description delay Delay, in seconds, between the time that the local clock polls the NTP server and the NTP server returns a reply. offset The difference in time, in seconds, between the local clock and the NTP server. disp Dispersion represents the maximum error of the local clock relative to the reference clock, and is a measurement of the time server and network quality. Lower dispersion values are preferred over higher dispersion values.
show ntp status show ntp status Description Show information for a NTP server. Syntax No parameters. Example The following example shows values for the primary NTP server.
Parameter Description packets processed Number of packets received in response to previous packets sent. current version Number of packets matching the current NTP version. previous version Number of packets matching the previous NTP version. declined Number of packets declined. access denied Number of packets for which access has been denied. bad length or format Number of packets with invalid length, format or port number. packets received Total number of packets received.
Parameter Description stability The average magnitude of offset between several time queries broadcastdelay The broadcast delay of this NTP server association, in seconds. authdelay The authentication delay of this NTP server association, in seconds. Related Commands To configure an NTP server, use the command ntp server. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.
show packet-capture show packet-capture controlpath-pcap [hex] datapath-pcap [hex] Description Displays packet capture status on the controller. Syntax Parameter Description controlpath-pcap [hex] Displays controlpath packets captured in the local-filesystem. datapath-pcap [hex] Displays datapath packets captured in the local-filesystem. Example The output of this command shows the packet capture configuration details.
Command History Release Modification ArubaOS 3.3.2 Command introduced. ArubaOS 6.3 Controlpath-pcap and datapath-pcap parameters added. Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 1551 | show packet-capture Dell Networking W-Series ArubaOS 6.4.
show packet-capture-defaults show packet-capture-defaults Description Displays the status of default packet capture options. Syntax No parameters. Example The output of this command shows packet capture status. (host) # show packet-capture-defaults Current Active Packet Capture Actions(current switch) ===================================================== Packet filtering for TCP ports disabled. Packet filtering for UDP ports disabled. Packet filtering for internal messaging opcodes disabled.
show pan active-profile show pan active-profile Description This command shows the active PAN firewall profile at the local controller level. Syntax No syntax. Usage Guidelines Issue this command to show the current active PAN firewall profile running on the controller. (host) #show pan active-profile Palo Alto Networks Active Profile --------------------------------Parameter --------Active Palo Alto Networks profile Value ----PAN-Group-1 Command History Modification ArubaOS 6.4 Command introduced.
show pan profile show pan profile Description This command shows the configuration of PAN firewalls in a specified PAN profile. Syntax No syntax. Usage Guidelines Issue this command to see the connection status of the PAN firewalls associated with the controller. (host)#show pan profile PAN-Group-1 Palo Alto Networks Servers Profile "PAN-Group-1" -----------------------------------------------Parameter Value ------------Palo Alto Networks Firewall 1.2.3.4:443 Palo Alto Networks Firewall 2.
show pan state show pan state Description This command shows the current connection status of PAN firewalls. Syntax No syntax. Usage Guidelines Issue this command to see the connection status of the PAN firewalls associated with the controller. (host) #show pan state Palo Alto Networks Servers Connection State[PAN-Group-1] -------------------------------------------------------Firewalls State ------------1.2.3.4:443 DOWN 2.2.2.2:123 UP[11/25/13 12:45:49]Established 3.3.3.
show pan statistics show pan statistics Description This command shows PAN firewall interface statistics. Syntax No syntax. Usage Guidelines Issue this command to see PAN firewall interface statistics.
Command History Modification ArubaOS 6.4 Command introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master or local controllers 1557 | show pan statistics Dell Networking W-Series ArubaOS 6.4.
show papi kernel-socket-stats show papi kernel-socket-stats Description This command shows the state of UDP PAPI sockets in the kernel. Syntax No syntax. Usage Guidelines Issue this command to show the state of the UDP PAPI sockets in the kernel. The following example shows partial output of this command.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master or local controllers 1559 | show papi kernel-socket-stats Dell Networking W-Series ArubaOS 6.4.
show perf-test reports show perf-test reports ap {ap-name }|{ip-addr }|{ip6-addr } controller Description Use this command under the guidance of Dell technical support to view the results of an Iperf throughput test launched from an AP or controller. Syntax Parameter Description ap Display the results of an Iperf throughput test launched from an AP. ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP.
show poe show poe [slot/port] Description Displays the PoE status of all or a specific port on the controller. Syntax No parameters. Example The output of this command shows the PoE status of port 10 in slot 1. (host) # show poe 1/10 PoE Status ---------Port Status --------FE 1/10 Off Voltage(mV) ----------N/A Current(mA) ----------N/A Power (mW) ---------N/A Command History This command was available in ArubaOS 3.
show policer-profile (deprecated) show policer-profile Description Displays the policer profile configuration. Command History This command was deprecated in ArubaOS 6.2. Dell Networking W-Series ArubaOS 6.4.
show port link-event show port link-event Description Displays the link status on each of the port on the controller. Syntax No parameters. Example The output of this command shows the link status on all ports in the controller.
show port monitor show port monitor Description Displays the list of ports that are configured to be monitored. Syntax No parameters. Example The output of this command shows the link status on all ports in the controller. (host) # show port monitor Monitor Port -----------FE 1/10 Port being Monitored -------------------FE 1/20 Command History This command was available in ArubaOS 3.3.
| show port monitor Dell Networking W-Series ArubaOS 6.4.
show port stats show port status Description Displays the activity statistics on each of the port on the controller. Syntax No parameters. Example The output of this command shows the link status on all ports in the controller. (host) # show port stats Port Statistics --------------Port PacketsIn CRCErrors --------------FE1/4 0 FE1/5 0 FE1/6 0 FE1/7 0 FE1/8 0 FE1/9 0 FE1/10 0 FE1/11 0 FE1/12 0 FE1/13 0 FE1/14 0 FE1/15 0 FE1/16 2937495 FE1/17 0 FE1/18 591066 FE1/19 0 FE1/20 1205264 FE1/21 0 FE1/22 0 ...
show port status show port status Description Displays the status of all ports on the controller. Syntax No parameters. Example The output of this command shows the status of all ports in the controller. (host) # show port status Port Status ----------Slot-Port PortType --------- -------1/0 FE 1/1 FE 1/2 FE 1/3 FE 1/4 FE 1/5 FE 1/6 FE 1/7 FE 1/8 FE 1/9 FE 1/10 FE 1/11 FE 1/12 FE 1/13 FE 1/14 FE 1/15 FE 1/16 FE ...
show port trusted show port trusted Description Displays the list of ports configured with trusted profiles. Syntax No parameters. Example The output of this command shows the list of ports with trusted profile. (host) # show port trusted FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE GE GE 1/0 1/1 1/2 1/3 1/4 1/5 1/6 1/7 1/8 1/9 1/10 1/11 1/12 1/13 1/14 1/15 1/16 1/17 1/18 1/19 1/20 1/21 1/22 1/23 1/24 1/25 Command History This command was available in ArubaOS 3.3.
show port xsec show port xsec Description Displays the list of xSec enabled ports. Syntax No parameters. Example The output of this command shows the list of xSec enabled ports. (host) #show port xsec Xsec Ports ---------Interface xsec vlan state --------- --------- ----- Command History This command was available in ArubaOS 3.3.
show priority-map show priority-map Description Displays the list of priority maps on a interface. Syntax No parameters. Example The output of this command shows the priority maps configured on all interfaces. (host) # show priority-map Priority Map ------------ID Name DSCP-TOS -- ----------1 my-map 4-20,60 DOT1P-COS --------4-7 Command History This command was available in ArubaOS 3.
show processes show processes [sort-by {cpu | memory}] Description Displays the list of all process running on the controller. You can sort the list either by CPU intensive or memory intensive processes. Syntax Parameter Description sort-by Add a sort filter to the output cpu This will sort output based on CPU usage. memory This will sort output based on memory usage. Example The output of this command shows list of processes sorted by CPU usage.
Command Information Platformss Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show profile-errors show profile-errors Description Displays the list of invalid user-created profiles. Syntax No parameters. Example The output of this command shows list of profiles that are invalid and also displays the error in those profiles. In this example, the VLAN 1000 that is mapped to a virtual-ap that does not exist.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show profile-hierarchy show profile-hierarchy Description Displays the profile hierarchy template. Syntax No parameters. Usage Guidelines The output of this command shows how profiles relate to each other, and how some higher-level profiles reference other lower-level profiles. The output of this command will vary, depending upon controller configuration and licenses. Command History This command was available in ArubaOS 3.
show profile-list aaa show profile-list aaa [{alias-group [page | start]} | {authentication [captive-portal | dot1x | mac | stateful-ntlm | wispr]} |{authentication-server [ldap | radius | tacacs | windows]} | {profile} | {rfc-3576-server} | {server-group} | {xml-api}] Description Displays the list of AAA profiles. Syntax Parameter Description alias-group Lists all alias-groups.
Name ---default References ---------1 Profile Status -------------- Command History This command was available in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 1577 | show profile-list aaa Dell Networking W-Series ArubaOS 6.4.
show profile-list ap show profile-list ap [ enet-link-profile | mesh-cluster-profile | mesh-ht-ssid-profile | mesh-radio-profile | regulatory-domain-profile | snmp-profile | snmp-user-profile | system-profile | wired-ap-profile ] Description Displays the list of AP profiles. Syntax Parameter Description enet-link-profile Display a list of AP Ethernet link profiles. mesh-cluster-profile Display a list of mesh cluster profiles used by mesh nodes.
show profile-list ap-group show profile-list ap-group Description Displays the status of AP groups profiles in the controller. Syntax No parameters. Example The output of this command shows the status of AP group profiles in the controller. (host) # show profile-list ap-group AP group List ------------Name Profile Status ----------------default Total:1 Command History This command was available in ArubaOS 3.
show profile-list ap-name show profile-list ap-name Description Displays the status of AP profiles in the controller. Syntax No parameters. Example The output of this command shows status of AP profiles in the controller. (host) # show profile-list ap-name AP name List -----------Name Profile Status ---- -------------Total:0 Command History This command was available in ArubaOS 3.
show profile-list ha show profile-list ha group-profile [page | start] Description Displays the list of HA profiles. Syntax Parameter Description group-profile Lists all HA group information. page Specify the number of items to display start Specify the first item to display Example The output of this command shows list of HA group profile information.
show profile-list ids show profile-list ids [dos-profile | general-profile | impersonation-profile | profile | rate-thresholds-profile | signature-matching-profile | signature-profile | unauthorized-device-profile ] Description Displays the status of all IDS profiles in the controller. Syntax Parameter Description dos-profile Display a list of IDS DoS profiles. general-profile Display a list of IDS generate profiles. impersonation-profile Display a list IDS impersonation profile.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 1583 | show profile-list ids Dell Networking W-Series ArubaOS 6.4.
show profile-list rf show profile-list rf [ arm-profile | dot11a-radio-profile | dot11g-radio-profile | event-thresholds-profile | ht-radio-profile | optimization-profile ] Description Displays the status of all radio profiles. Syntax Parameter Description arm-profile Details of Adaptive Radio Management (ARM) Profile. dot11a-radio-profile Details of AP radio settings for the 5GHz frequency band, including the ARM profile and the high-throughput (802.11n) radio profile.
show profile-list wlan show profile-list wlan bcn-rpt-req-profile client-wlan-profile dotllk-profile dot11r-profile edca-parameters-profile handover-trigger-profile hotspot ht-ssid-profile ssid-profile traffic-management-profile virtual-ap voip-cac-profile wmm-traffic-management-profile] Description Displays the status of WLAN profiles on the controller.
Parameter Description h2qp-conn-capability-profile Shows a list of all H2QP Connection Capability profiles h2qp-op-cl-profile Shows a list of all H2QP Operating Class Indication profiles h2qp-operator-friendly-profile Shows a list of all H2QP Operator Friendly Name profiles h2qp-wan-metrics-profile Shows a list of all H2QP WAN Metrics profiles hs2-profile Shows a list of all Hotspot 2.
show provisioning-ap-list show provisioning-ap-list Description Displays the list of all APs that are in queue to be provisioned by the admin. Syntax No parameters. Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 6.4.2.0 The output of this command displays the service tag of an AP.
show provisioning-params show provisioning-params Description Displays the list of parameters and the values used to provision the APs. Syntax No parameters. Example The output of this command shows list of all provisioning parameters and their values.
Antenna tilt angle for 802.11g Mesh SAE N/A sae-default Command History This command was available in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 1589 | show provisioning-params Dell Networking W-Series ArubaOS 6.4.
show qos-profile (deprecated) show qos-profile Description Displays the QoS profile configuration. Command History This command was deprecated in ArubaOS 6.2. Dell Networking W-Series ArubaOS 6.4.
show rap-wml show rap-wml [cache | server | wired-mac ] Description Displays the name and attributes of a MySQL database or a MySQL server. Syntax Parameter Description cache Displays the cache of all lookups for a database server. servers Displays the database server state. wired-mac Displays the wired MAC discovered on traffic through the AP. Example The output of this command shows status of all database servers.
show references aaa authentication crypto-local show references aaa authentication {captive-portal }|{dot1x }|{mac }|mgmt|stateful-dot1x|{stateful-ntlm }|vpn|wired|{wispr {profilename>} [page ] [start ] Description Show AAA profile references. Syntax Parameter Description captive-portal Show the number of references to a captive-portal profile. dot1x Show the number of references to a 802.
Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4.1 The stateful-ntlm and wispr parameters were introduced. Command Information Platforms Licensing Command Mode Available on all platforms Base operating system Config mode on master and local controllers 1593 | show references aaa authentication Dell Networking W-Series ArubaOS 6.4.
show references aaa authentication-server crypto-local show references aaa authentication-server {ldap }|{radius }|{tacacs } [page ] [start ] Description Display information about AAA authentication servers. Syntax Parameter Description ldap Show the number of server groups that include references to the specified LDAP server.
| show references aaa authenticationserver Dell Networking W-Series ArubaOS 6.4.
show references aaa profile crypto-local show references aaa profile Description Show references to an AAA Profile. Syntax Parameter Description profile Name of an AAA profile for which you want to view references. Example Issue this command to show the wlan virtual AP profiles that include references to the specified AAA profile. The example below shows that seven different virtual AP profiles include a single reference to the AAA profile default.
show references aaa rfc-3576-server show references aaa rfc-3576-server {page start} Description Show information about the configuration profiles that reference a specific RFC 3576 server. Syntax Parameter Description IP address of an RFC-3576 server page Include this parameter to limit output of this command to the specified number of items.
show references aaa server-group crypto-local show references aaa server-group {[page][start]} Description Show references to a server group. Syntax Parameter Description server-group Name of the server group for which you want to show references page Include this parameter to limit output of this command to the specified number of items. start Include this parameter to start displaying the output of this command at the specified index number.
Command Information Platforms Licensing Command Mode Available on all platforms Base operating system Config mode on master and local controllers 1599 | show references aaa server-group Dell Networking W-Series ArubaOS 6.4.
show references activate-service-whitelist crypto-local show references activate-service-whitelist {page start} Description Displays activate service whitelist profile references. Syntax Parameter Description activate-service-whitelist Name of the activate service whitelist profile for which you want to show references page Include this parameter to limit output of this command to the specified number of items.
show references airgroup crypto-local show references airgroup cppm-server aaa [page ] [start ] Description Display information about AAA authentication servers. Syntax Parameter Description cppm-server Specifies the ClearPass Policy Server information. aaa Specifies the AAA parameters for AirGroup. page Include this optional parameter to limit output of this command to the specified number of items.
show references ap crypto-local show references ap enet-link-profile mesh-cluster-profile mesh-ht-ssid-profile mesh-radio-profile regulatory-domain-profile system-profile wired-ap-profile page start Description Show the number of references to a specific AP profile.
References to AP Ethernet Link profile "default" -----------------------------------------------Referrer Count -----------ap-group "10.0.0" enet0-profile 1 ap-group "10.0.
show references guest-access-email crypto-local show references guest-access-email [page ] [start ] Description Show references to the global guest access email profile. Syntax Parameter Description page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references ha crypto-local show references ha group-profile {page start} Description Displays HA group profile references. Syntax Parameter Description group-profile Name of the HA group profile for which you want to show references page Include this parameter to limit output of this command to the specified number of items. start Include this parameter to start displaying the output of this command at the specified index number.
show references ids crypto-local show references ids dos-profilegeneral-profile general-profile impersonation-profile profile rate-thresholds-profile signature-matching-profile signature-profile unauthorized-device-profile Description Displays IDS profile references.
show references ifmap cppm crypto-local show references ifmap cppm {page start} Description Displays the CPPM IF-MAP references. Syntax Parameter Description ifmap cppm Shows references to the CPPM IF-MAP profile. page Include this parameter to limit output of this command to the specified number of items. start Include this parameter to start displaying the output of this command at the specified index number.
show references license profile crypto-local show references license profile {page start} Description Displays the license provisioning profile references. Syntax Parameter Description license Shows references to the license provisioning profile. profile Enables or disables centralized licensing. page Include this parameter to limit output of this command to the specified number of items.
show references mgmt-server profile crypto-local show references mgmt-server profile Description Shows the management server configuration profiles. Syntax Parameter Description mgmt-server profile Specifies the management profile name. page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references papi-security crypto-local show references papi-security [page ] [start ] Description Show references to a PAPI security profile. Syntax Parameter Description page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references rf crypto-local show references rf dot11a-radio-profile dot11g-radio-profile event-thresholds-prof ht-radio-profile optimization-profile Description Show RF profile references. Syntax Parameter Description dot11a-radio-profile Show references to a 802.11a radio profile dot11g-radio-profile Show references to a 802.
show references upgrade-profile crypto-local show references upgrade-profile {page start} Description Displays the upgrade profile references. Syntax Parameter Description upgrade-profile Shows references to the upgrade profile. page Include this parameter to limit output of this command to the specified number of items. start Include this parameter to start displaying the output of this command at the specified index number.
show references user-role crypto-local show references user-role Description Show access rights for user role. Syntax Parameter Description The role name assigned to a user.
show references web-server crypto-local show references web-server [page ] [start ] Description Show the Web server configuration references. Syntax Parameter Description page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references wlan crypto-local show references wlan bcn-rpt-req-profile client-wlan-profile dot11k-profile dot11r-profile edca-parameters-profile handover-trigger-profile hotspot {advertisement-profile}|{anqp-3gpp-nwk-profile }|{anqp-domain-nameprofile }|{anqp-ip-addr-avail-profile }|{anqp-nai-realmprofile }|{anqp-nwk-auth-profile }|{anqp-roam-cons-profile }|{anqp-venue-name-pr
Parameter Description l l l l l l l l l l l anqp-domain-name-profile anqp-ip-addr-avail-profile anqp-nai-realm-profile anqp-nwk-auth-profile anqp-roam-cons-profile anqp-venue-name-profile h2qp-conn-capability-profile h2qp-op-cl-profile h2qp-operator-friendly-name-profile h2qp-wan-metrics-profile hs2-profile ht-ssid-profile Shows references to a high-throughput SSID profile. rrm-ie-profile Shows references to an RRM IE profile.
Command Information Platforms Licensing Command Mode Available on all platforms Base operating system Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.4.
show remote-node (deprecated) Description Shows configuration and other information about the remote node. Syntax Parameter Description config Shows configuration information for the remote node. dhcp-instance Shows the remote node address pool information including pool name, DHCP pool start IP address, DHCP pool mask, DHCP pool broadcast IP address, and the DHCP pool gateway IP address.
ip route 10.1.1.41 255.255.255.255 10.3.29.254 mgmt-user "admin" "root" "ade8c0d3890aa97914d926120279aef2" service dhcp ip dhcp pool vlanx domain-name mycorp.com ip dhcp pool vlanx ip dhcp pool vlanx default-router 192.167.1.1 ip dhcp pool vlanx dns-server 192.167.1.1 ip dhcp pool vlanx network 192.167.1.0 255.255.255.240 remote-node config-id 32 This example shows remote node AP license usage information.
show remote-node-dhcp-pool (deprecated) show remote-node-dhcp-pool Description The output of this command lists shows Remote Node DHCP pool summary information. Syntax Parameter Description remote-node-profile-name Name of the Remote Node profile Usage Guidelines Each Remote Node profile contains a Remote Node DHCP address pool, which defines a range of IP addresses allocated for Remote Node controllers at a remote site, and the VLAN to be associated with those addresses.
Related Commands Command Description Mode remote-node-profile (deprecated) The remote-node-profile command lets you create a Remote Node profile. Config mode Command History Release Modification ArubaOS 6.0 Command introduced. ArubaOS 6.2 Command was deprecated. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master and local controllers 1623 | show remote-node-dhcp-pool (deprecated) Dell Networking W-Series ArubaOS 6.4.
show rf am-scan-profile show rf am-scan-profile [] Description Display the Air Monitor (AM) scanning profile list. Optionally display parameter and values of a specified Air Monitor profile. Syntax Parameter Description Name of this instance of the profile. Usage Guidelines Enter the basic show command to view a list of profiles, the number of profiles and the profile status.
Parameter Description all-reg-domain Scan channels in all regulatory domain rare Scan all channels (all regulatory domains and rare channels) reg-domain Scan channels in the APs regulatory domain Dwell time: Active channels Dwell time (in ms) for channels where there is wireless activity Dwell time: Regulatory Domain channels Dwell time (in ms) for AP's Regulatory domain channels Dwell time: non-Regulatory Domain channels Dwell time (in ms) for channels not in the APs regulatory domain Dwell t
show rf arm-rf-domain-profile show rf arm-rf-domain profile Description This profile contains a non-editable key defined by the master controller, and used to sign over-the air (OTA) ARM updates exchanged between APs. Syntax No parameters Example The output of this command displays the OTA key defined by the master controller.
show rf arm-profile show rf arm-profile [] Description Show an Adaptive Radio Management (ARM) profile. Syntax Parameter Description Name of an ARM profile. Usage Guidelines Issue this command without the parameter to display the entire ARM profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Scanning Multi Band Scan VoIP Aware Scan Power Save Aware Scan Video Aware Scan Ideal Coverage Index Acceptable Coverage Index Free Channel Index Backoff Time Error Rate Threshold Error Rate Wait Time Channel Quality Aware Arm Channel Quality Threshold Channel Quality Wait Time Minimum Scan Time Load aware Scan Threshold Mode Aware Arm Scan Mode Client Match Client Match report interval (sec) Client Match Unsteerable Client Ageout Client Match Unsteerable Client Ageout Interval Client Match Sticky Client Ch
Parameter Description Rogue AP Aware If enabled, Dell APs may change channels to contain off-channel rogue APs with active clients. This security features allows APs to change channels even if the Client Aware setting is disabled. This setting is disabled by default, and should only be enabled in highsecurity environments where security requirements are allowed to consume higher levels of network resources. You may prefer to receive Rogue AP alerts via SNMP traps or syslog events.
Parameter Description Error Rate Wait Time Time, in seconds, that the error rate has to maintain or surpass the error rate threshold before it triggers a channel change. Channel Quality Aware Arm Shows if ARM changes are based on on channel quality and noise floor values. If this parameter is disabled, only noise-floor values will be used to change channels. Default: Disabled Channel Quality Threshold Displays the hannel quality percentage below which ARM initiates a channel change.
Parameter Description Client Match Sticky Client Check SNR (dB) If the client's received signal strength indicator (RSSI) is above this signalto-noise ratio (SNR) threshold, that client will be allowed to stay associated to its current AP. If the client's received signal strength is below this threshold, it may be moved to a different AP.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.3 The noise-wait-time, and noise-threshold parameters were deprecated, and the support for the following parameters were introduced. l 80MHz support l Aggressive scanning l Client match Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers Dell Networking W-Series ArubaOS 6.4.
show remote-node-profile (deprecated) show remote-node-profile Description The output of this command shows Remote Node profile configuration information. Syntax Parameter Description remote-node-profile-name Name of the Remote Node profile Usage Guidelines This show remote-node-profile command shows the configuration status of a Remote Node profile. To create a Remote Node profile, use the remote-node-profile command to create a Remote Node profile.
Command History Release Modification ArubaOS 6.0 Command introduced. ArubaOS 6.2 Command was deprecated. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master and local controllers Dell Networking W-Series ArubaOS 6.4.
show rf dot11a-radio-profile show rf dot11a-radio-profile [] Description Show an 802.11a Radio profile. Syntax Parameter Description Name of an 802.11a profile. Usage Guidelines Issue this command without the parameter to display the entire 802.11a Radio profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Spectrum Load Balancing Threshold (%) Spectrum Load Balancing Domain Beacon Period Beacon Regulate Advertized regulatory max EIRP ARM/WIDS Override Reduce Cell Size (Rx Sensitivity) Management Frame Throttle interval Management Frame Throttle Limit Maximum Distance RX Sensitivity Threshold RX Sensitivity Tuning Based Channel Reuse Adaptive Radio Management (ARM) Profile High-throughput Radio Profile AM Scanning Profile 20 percent N/A 100 msec Disabled 0 OFF 0 dB 1 sec 20 0 meters 0 dB disable default defau
Parameter Description If enabled, the controller compares whether or not an AP has more clients than its neighboring APs on other channels. If an AP’s client load is at or over a predetermined threshold as compared to its immediate neighbors, or if a neighboring Dell AP on another channel does not have any clients, load balancing will be enabled on that AP. This feature is disabled by default. Spectrum load balancing mode SLB Mode allows control over how to balance clients.
Parameter Description RX Sensitivity Threshold If the Rx Sensitivity Tuning Based Channel reuse feature is set to static mode, this parameter manually sets the AP’s Rx sensitivity threshold (-dBm). The AP will filter out and ignore weak signals that are below the channel threshold signal strength. For example, if the RX sensitivity threshold was set to -65 dBm, the AP would ignore signals with a strength from -1 dBM to -64 dBm.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 3.3.2 Introduced support for the high-throughput IEEE 802.11n standard. ArubaOS 3.4.0 Support for the following parameters: l Spectrum load balancing l RX Sensitivity Tuning Based Channel Reuse l RX Sensitivity Threshold l ARM/WIDS Override ArubaOS 3.4.2 Support for the Beacon Regulate parameter ArubaOS 6.
show rf dot11g-radio-profile show rf dot11g-radio-profile [] Description Show an 802.11g Radio profile. Syntax Parameter Description Name of a 802.11g profile. Usage Guidelines Issue this command without the parameter to display the entire 802.11g profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
RX Sensitivity Threshold Non 802.11 Interference Immunity Enable CSA CSA Count Management Frame Throttle interval Management Frame Throttle Limit ARM/WIDS Override Reduce Cell Size (Rx Sensitivity) Protection for 802.
Parameter Description If enabled, the controller compares whether or not an AP has more clients than its neighboring APs on other channels. If an AP’s client load is at or over a predetermined threshold as compared to its immediate neighbors, or if a neighboring Dell AP on another channel does not have any clients, load balancing will be enabled on that AP. This feature is disabled by default. Spectrum load balancing mode SLB Mode allows control over how to balance clients.
Parameter Description RX Sensitivity Threshold If the Rx Sensitivity Tuning Based Channel reuse feature is set to static mode, this parameter manually sets the AP’s Rx sensitivity threshold (-dBm). The AP will filter out and ignore weak signals that are below the channel threshold signal strength. For example, if the RX sensitivity threshold was set to -65 dBm, the AP would ignore signals with a strength from -1 dBM to -64 dBm.
Parameter Description Maximum Distance Maximum distance between a client and an AP or between a mesh point and a mesh portal, in meters. This value is used to derive ACK and CTS timeout times. A value of 0 specifies default settings for this parameter, where timeouts are only modified for outdoor mesh radios which use a distance of 16km. Spectrum Monitoring If enabled, the AP operates as a hybrid AP that can simultaneously serve clients and monitor a single channel for spectrum analysis data.
show rf event-thresholds-profile show rf event-thresholds-profile [] Description Show an Event Thresholds profile. Syntax Parameter Description name of an Event Thresholds profile Usage Guidelines Issue this command without the parameter to display the entire Event Thresholds profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Frame Retry Rate Low Watermark 8 % The output of this command includes the following parameters: Parameter Description Detect Frame Rate Anomalies Shows of the profile enables or disables detection of frame rate anomalies. Bandwidth Rate High Watermark If bandwidth in an AP exceeds this value, it triggers a bandwidth exceeded condition. The value represents the percentage of maximum for a given radio. (For 802.11b, the maximum bandwidth is 7 Mbps. For 802.11 a and g, the maximum is 30 Mbps.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers 1647 | show rf event-thresholds-profile Dell Networking W-Series ArubaOS 6.4.
show rf ht-radio-profile show rf ht-radio-profile [] Description Show a High-throughput Radio profile. Syntax Parameter Description Name of a High-throughput Radio profile. Usage Guidelines Issue this command without the parameter to display the entire High-throughput Radio profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Parameter Description 40 MHz intolerance Shows whether or not APs using this radio profile will advertise intolerance of 40 MHz operation. By default, 40 MHz operation is allowed. Honor 40 MHz intolerance If this parameter is enabled, the radio will stop using the 40 MHz channels if the 40 MHz intolerance indication is received from another AP or station. CSD Override Diversity Spreading Workaround When this feature is enabled, all legacy transmissions will be sent using a single antenna.
show rf optimization-profile show rf optimization-profile [] Description Show an Optimization profile. Syntax Parameter Description name of an ARM profile Usage Guidelines Issue this command without the parameter to display the entire Optimization profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
The output of this command includes the following parameters: Parameter Description Station Handoff Assist If enabled, this parameter allows the controller to force a client off an AP when the RSSI drops below a defined minimum threshold. Detect Association Failure Shows if the profile enables or disables STA association failure detection. Coverage Hole Detection Shows if the profile enables or disables coverage hole detection.
This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers Dell Networking W-Series ArubaOS 6.4.
show rf spectrum-profile rf spectrum-profile Description Show a spectrum profile used by the spectrum analysis feature. Syntax Parameter Description Name of a spectrum profile. Usage Guidelines Issue this command without the parameter to display the entire spectrum profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
The output of this command includes the following information: Parameter Description Age Out: WIFI The number of seconds for which a wifi device must stop sending a signal before the spectrum monitor considers that device no longer active on the network. The default value is 600 seconds. Age Out: Generic Interferer The number of seconds for which an unknown device must stop sending a signal before the spectrum monitor considers that device no longer active on the network.
Parameter Description Age Out: Bluetooth The number of seconds for which a bluetooth device must stop sending a signal before the spectrum monitor considers that device no longer active on the network. The default value is 25 seconds. Note that this parameter is applicable to 2.4GHz spectrum monitor radios only.
show rft profile show rft profile {all|antenna-connectivity|link-quality|raw} Description Show parameters for the predefined RF test profiles. Syntax Parameter Description all Show all predefined profiles. antenna-connectivity Show configured parameters for the predefined Antenna Connectivity test profile. link-quality Show configured parameters for the predefined Link Quality test profile. raw Show configured parameters for the predefined RAW test profile.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers 1657 | show rft profile Dell Networking W-Series ArubaOS 6.4.
show rft result show rft result all|{trans-id } Description Show the results of an RF test. Syntax Parameter Description all Show the most recent test result for each test type (antenna-connectivity, linkquality or raw). trans-id Each RF test is assigned a transaction ID. Include the trans-id parameters to show the test result for a specific transaction ID.
show rft transactions show rft transactions Description Show transaction IDs of RF tests. Syntax No parameters. Usage guidelines The rft command is used for RF troubleshooting, and should only be used under the supervision of Dell technical support. Issue the show rft transaction command to view the transaction IDs for the most recent test of each test type. Example The following example shows the transaction IDs for the latest RAW, link-quality and antenna-connectivity tests.
show rights show rights [] Description Displays the list of user roles in the roles table with high level details of role policies. To view role policies of a specific role specify the role name. Syntax Parameter Description name-of-a-role Enter the role name to view its policy details. Example The output of this command shows the list of roles in the role table.
show roleinfo show roleinfo Description Displays the role of the controller. Syntax No parameters. Example The output of this command shows the role of the controller. (host) # show roleinfo switchrole:master Command History This command was available in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 1661 | show roleinfo Dell Networking W-Series ArubaOS 6.4.
show rrm dot11k admission-capacity show rrm dot11k admission-capacity Description Displays the available admission capacity for voice traffic on an AP. Syntax No parameters. Example The output of this command shows the available admission capacity for voice traffic on all APs. (host) # show rrm dot11k admission-capacity 802.
show rrm dot11k ap-channel-report show rrm dot11k ap-channel-report [ap-name | bssid | ip-addr | ip6-addr | essid ] Description Displays the channel information gathered by the AP. You can either specify an ap-name, bssid or ip-address of an AP to see more details. Syntax Parameter Description ap-name Enter the name of the AP. bssid Enter the BSSID address of the AP. ip-addr Enter the IP address of the AP.
show rrm dot11k beacon-report show rrm dot11k beacon-report Description Displays the beacon report information sent by a client to its AP. Syntax No parameters. Example The output of this command shows the beacon report for the client 00:1f:6c:7a:d4:fd. (host) # show rrm dot11k beacon-report station-mac 00:1f:6c:7a:d4:fd 802.11K Beacon Report Details -------------------------------------------------Channel ---------1 BSSID ------00:0b:86:6d:3e:40 Reg Class -----------0 Antenna ID ------------1 Meas.
show rrm dot11k neighbor-report show rrm dot11k neighbor-report [ap-name | bssid | ip-addr ] Description Displays the neighbor information for a particular AP. If the AP name or the AP’s IP address is specified, the user should specify the ESSID to get the neighbor information. If the ESSID is not specified, the command will display the neighbor information for all the Virtual AP's configured on the AP.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show rrm dot11k transmit-stream-report station-mac show rrm dot11k transmit-stream-report station-mac Description This is a diagnostic option for quick verification of received transmit stream measurement reports. Displays the contents of the transmit stream measurement reports received from a client. Syntax Parameter Description mac-addr MAC address of the client. Command History This command is introduced in ArubaOS 5.
show running-config show running-config Description Displays the current controller configuration, including all pending changes which are yet to be saved. Syntax No parameters. Example The output of this command shows the running configuration on the controller. (host) # show running-config version 5.0 enable secret "******" telnet soe loginsession timeout 0 hostname "vjoshi-2400" clock timezone PST -8 location "Building1.
show session-acl-list show session-acl-list Description Displays the list of configured session ACLs in the controller. Syntax No parameters. Example The output of this command shows the session ACLs in the controller. (host) # show session-access-list v6-icmp-acl allow-diskservices control validuser v6-https-acl vocera-acl icmp-acl v6-dhcp-acl captiveportal v6-dns-acl allowall test sip-acl https-acl ... ... ...
show slots show slots Description Displays the list of slots in the controller, including the status and card type. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show slots Slots -----Slot Status ---- -----1 Present Card Type --------A2400 Command History This command was available in ArubaOS 3.
show snmp community show snmp community Description Displays the SNMP community string details. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show snmp community SNMP COMMUNITIES ---------------COMMUNITY ACCESS --------- -----public READ_ONLY VERSION ------V1, V2c Command History This command was available in ArubaOS 3.
show snmp inform show snmp inform Description Displays the length of SNMP inform queue. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show snmp inform stats Inform queue size is 100 SNMP INFORM STATS ----------------HOST PORT INFORMS-INQUEUE ---- ---- --------------- OVERFLOW -------- TOTAL INFORMS ------------- Command History This command was available in ArubaOS 3.
show snmp trap-hosts show snmp trap-hosts Description Displays the configured SNMP trap hosts. Syntax No parameters. Example The output of this command shows details of a SNMP trap host. (host) # show snmp trap-hosts SNMP TRAP HOSTS --------------HOST VERSION ---------10.16.14.1 SNMPv2c SECURITY NAME ------------public PORT ---162 TYPE ---Trap TIMEOUT ------N/A RETRY ----N/A Command History This command was available in ArubaOS 3.
show snmp trap-list show snmp trap-list Description Displays the list of SNMP traps. Syntax No parameters. Example The output of this command shows the list of SNMP traps and the status.
show snmp trap-queue show snmp trap-queue Description Displays the list of SNMP traps in queue. Syntax No parameters. Example The output of this command shows the list of SNMP traps sent to host. (host) # show snmp trap-queue a)wlsxMgmtUserAuthenticationFailed The trap indicates that a management user authentication failed. 2013-10-29 08:08:10 Management user authentication failed for user commonuser1 with IP address 10.20.102.79 usermac 00:00:00:00:00:00 server name CiscoACS-2 serverip 10.15.28.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show snmp user-table show snmp user-table [user auth-prot [sha | md5] priv-prot [aes | des] ] Description Displays the list of SNMP user profile for a specified username. Syntax Parameter Description auth-prot Authentication protocol for the user, either HMAC-MD5-98 Digest Authentication Protocol (MD5) or HMAC-SHA-98 Digest Authentication Protocol (SHA), and the password for use with the designated protocol.
show spanning-tree show spanning-tree Description View the RSTP and PVST+ configuration.
Topology change flag is not set, detected flag not set, changes 1 Times: hold 1, topology change 35 hello 2, max age 20, forward delay 15 Timers: hello 0, notification 0 Last topology change: 2 days, 0 hours, 31 mins, 21 secs Command History Release Modification ArubaOS 6.0 PVST+ added ArubaOS 3.4 Upgraded STP to RSTP with full backward compatibility.
show spantree show spantree | | | | Description View the global RSTP and PVST+ topology. Syntax Parameter Description blocking View the spanning tree ports in the Blocking state. enable View the spanning tree ports in the Enable state. forwarding View the spanning tree ports in the Forwarding state. off View the ports with spanning tree disabled vlan View the spanning tree instance for the VLAN.
Port ---FE 1/3 FE 1/1 State ----Discarding Forwarding Cost ---0 4 Prio ---128 128 PortFast -------Disable Disable P-to-P -----Enable Enable Role ---Disabled Designated Command History Release Modification ArubaOS 6.0 PVST+ added ArubaOS 3.4 Upgraded STP to RSTP with full backward compatibility.
show ssh show ssh Description Displays the SSH configuration details. Syntax No parameters. Example The output of this command shows SSH configuration details. (host) # show ssh SSH Settings: ------------DSA Mgmt User Authentication Method Enabled username/password Command History This command was available in ArubaOS 3.
show sso idp-profile show sso idp-profile Description Displays all SSO IDP profiles. Syntax No parameters. Example The output of this command lists all SSO IDP profiles on the controller. ((host) (config) #show sso idp-profile SSO Profile List ---------------Name References Profile Status ------------- -------------sso-example 0 Command History This command was available in ArubaOS 6.
show startup-config show startup-config Description Displays the configuration which will be used the next time the controller is rebooted. It contains all the options last saved using the write memory command. Any unsaved changes are not included. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show startup-config version 3.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show station-table show station-table [mac | verbose ] Description Displays the internal station table entries and also details of a station table entry. Syntax Parameter Description mac Displays the details of the AP that matches the specified MAC address. verbose Displays the details of all the APs in a table format. Example The output of this command shows details of an entry in the station table.
show storage show storage Description Displays the storage information on the controller. Syntax No parameters. Example The output of this command shows the storage details on the controller. (host) # show storage Filesystem /dev/root none /dev/hda3 /dev/usb/flash3 /dev/usbdisk/2 /dev/usbdisk/1 Size 57.0M 70.0M 149.7M 1.5G 3.5G 3.9G Used Available Use% Mounted on 54.6M 2.3M 96% / 2.0M 68.0M 3% /tmp 9.3M 132.6M 7% /flash 168.6M 1.3G 12% /flash 71.4M 3.2G 2% /mnt/usbdisk/2 131.0M 3.
show switch ip show switch ip Description Displays the IP address of the controller and VLAN ID. Syntax No parameters. Example The output of this command shows the IP address and VLAN ID of the controller. (host) # show switch ip Switch IP Address: 10.16.15.1 Switch IP is from Vlan Interface: 1 Command History This command was available in ArubaOS 3.
show switch software show switch software Description Displays the details of the software running in the controller. Syntax No parameters. Example The output of this command shows the details of software running in the controller. (host) # show switch software Command History This command was available in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show switches show switches [all | regulatory | state {complete | incomplete | inprogress | required} | summary ] Description Displays the details of switches connected to the master controller, including the master controller itself. Syntax Parameter Description all List of all switches. regulatory Displays information about the currently active regulatory file. state Configuration status of all switches. summary Status of all switches connected to the master.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.0 The version column in the output of this command was expanded to include both the version and the build number for controllers running ArubaOS 6.0 and later releases. ArubaOS 6.4.1 The regulatory parameter was added. Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show switchinfo show switchinfo Description Displays the latest and complete summary of controller details including role, last configuration change, hostname, reason for last reboot. Syntax No parameters. Example The output of this command lists all controllers connected to the master controller including the master controller.
show syscontact show syscontact Description Displays the contact information for support. Syntax No parameters. Example The output of this command shows the contact information for technical support. (host) # show syscontact admin@mycompany.com Command History This command was available in ArubaOS 3.1 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show syslocation show syslocation Description Displays the location details of the controller. Syntax No parameters. Example The output of this command location of the controller. (host) # show syslocation Building 1, Floor 1 Command History This command was available in ArubaOS 3.1 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 1695 | show syslocation Dell Networking W-Series ArubaOS 6.4.
show tech-support show tech-support user Description Displays all information about the controller required for technical support purposes. Syntax Parameter Description Stores the output in specified file name. Maximum length of the file name is 127 characters user Run a user specific tech-support command. Command History Release Modification ArubaOS 3.1 Command available. ArubaOS 6.2 User and parameters added.
show telnet show telnet Description Displays the status of telnet access using the command line interface (CLI) or Serial over Ethernet (SOE) to the controller. Syntax No parameters. Example The output of this command shows the status of CLI and SOE access to the controller. (host) # show telnet telnet cli is enabled telnet soe is enabled Command History This command was available in ArubaOS 3.
show threshold show threshold all|controlpath-cpu|controlpath-memory|datapath-cpu| no-of-aps|no-of-locals|total-tunnel-capacity|user-capacity| Description This command shows controller capacity thresholds which, when exceeded, will trigger alerts. Syntax Parameter Description all Display all alert thresholds. controlpath-cpu Display the alert threshold for controlpath CPU capacity.
message will be triggered if the resource usage drops below the threshold once again. Example (host) (config) #show threshold all Controller Capacity Threshold Values -----------------------------------RESOURCE THRESHOLD(%) ------------------Datapath-Cpu 30 % Controlpath-Cpu 80 % Controlpath-Memory 85 % Total-Tunnel-Capacity 80 % Ap-Tunnel-Capacity 80 % User-Capacity 80 % No-of-APs 80 % No-of-locals 80 % Command History The command was introduced in ArubaOS 6.2.
show threshold-limits show threshold-limits controlpath-memory|fan-speed|no-of-aps|no-of-locals|total-tunnel-capacity|user-capacity Description This command shows current values of the different resources monitored by the controller. Syntax Parameter Description controlpath-memory The output of this command displays the default memory threshold which, when exceeded, will trigger an alert, the current configured threshold, the total memory (in MB) and the currently available memory (in MB).
Threshold Values For Controlpath Memory ---------------------------------------Default(%) Current(%) Total Memory (MB) Available Memory (MB) ---------- ---------- ----------------- --------------------85 77 679 225 The following command shows the current alert thresholds for all monitored controller resources: Command History The command was introduced in ArubaOS 6.2.
show time-range show time-range [|summary] Description Displays the list of time range configured in the system and rules affected by the time range. Syntax No parameters. Example The output of this command shows the absolute time range details.
show timer debug statistics app-name show ipc statistics app-name Description Displaytimer debugging statistics for a specific application.
0 3600000 30 Yes 1575400 0x2ad41c84 0 3600000 30 Yes 1575400 0x2ad4a200 360 300000 0 Yes 3400 0x57d564 360 60000 0 Yes 3400 0x46942c 360 60000 0 Yes 3400 0x2b230730 360 60000 0 Yes 3400 0x54e8a4 380 60000 0 No 1400 0x646fb8 402 1000 0 Yes 800 0x42a068 410 300000 1 Yes 52800 0x5b599c 422 5000 0 Yes 2800 0x2b2544a0 447 8085 0 No 5300 0x478660 472 10000 0 Yes 7800 0x41ce70 492 60000 0 No 9800 0x42a820 SI: Spoke Index TV: Timer Value RC: Rotation Count RT: Remaining Time FN: Function:Line Number PAPI_Init_Prio
show tpm cert-info show tpm cert-info Description Displays the TPM and Factory Certificate information on MIPS controllers (W-6000M3, W-3000 Series, and W600 Series). Syntax No parameters. Usage Guidelines Use this command to verify that TPM and factory certificates are installed as expected. This command should be executed before enabling CPSec on MIPS controllers (W-6000M3, W-3000 Series, and W-600 Series). Example In the example below, the TPM and certificates are installed.
show trunk show trunk Description Displays the list of trunk ports on the controller. Syntax No parameters. Example The output of this command shows details of a trunk port. (host) # show trunk Trunk Port Table ----------------Port Vlans Allowed Vlan -----------------FE2/12 1,613,615-617,632-633,636-640,667-668 Vlans Active Native ------------ -------- 1,613,615-617,632-633,636-640,667-668 1 Command History This command was available in ArubaOS 3.
show tunnel-group show tunnel-group Description Displays the operational status of the tunnel-groups configured on the controller. Syntax Parameter Description Displays the operational status of the specified tunnel-group.
show tunneled-node show tunneled-node [state|database] Description Displays the state of the tunneled node and lists all tunneled nodes connected to the controller. Syntax No parameters. Example The output of this command shows the tunneled node state. (host) # show tunneled-node state Tunneled Node State --------IP MAC s/p state vlan tunnel inactive-time -- --- --- ----- ---- ------ ------------192.168.123.14 00:0b:86:40:32:40 1/23 complete 10 9 1 192.168.123.
show ucc call-info cdrs show ucc call-info cdrs ap [app [h323 | lync | noe | sccp | sip | svp | vocera]] app {h323 [detail] | lync [detail] | noe [detail] | sccp [detail] | sip [detail] | svp [detail] | vocera [detail]} cid detail Description This command displays the Call Detailed Records (CDR) statistics for Unified Communication and Collaboration (UCC).
CDRS-Detail: -----------CDR ID UCC Call ID ------ ----------2 1 1 1 Delay(msec) ----------6.00 0.00 AP Name ------W-AP105 W-AP135 Jitter(msec) -----------1.00 2.00 Avg Tx Rate(Mbps) ----------------48.02 40.68 Re-Assoc -------0 0 Src Port -------50036 50026 Packet Loss(%) -------------1.84 0.13 Tx Drop(%) ---------0.05 1.87 Tx Retry(%) ----------5.51 9.64 DSCP ---56 56 Dest Port --------50026 50036 Orig DSCP --------46 0 Codec ----G722 G722 WMM-AC -----6 6 Avg Rx Rate(Mbps) ----------------35.
Column Description information signal and the level of background noise. Avg Tx Rate(Mbps) Displays the average transmission rate in Mbps. Tx Drop(%) Displays the transmission packet drop in percentage. Tx Retry(%) Displays the transmission retry in percentage. Avg Rx Rate(Mbps) Displays the average receive rate in Mbps. Rx Retry(%) Displays the receive retry in percentage. Command History Version Description ArubaOS 6.4 Command introduced.
show ucc client-info show ucc client-info app {h323 [detail] | lync [detail] | noe [detail] | sccp [detail] | sip [detail] | svp [detail] | vocera [detail]} detail sta Description This command displays the UCC client status and CDR statistics. Syntax Parameter Description app {h323 [detail] | lync [detail] | noe [detail] | sccp [detail] | sip [detail] | svp [detail] | vocera [detail]} Displays the UCC client status and CDR statistics based on a specific ALG.
192.0.2.22 00:23:33:41:c8:b8 11.46 0.04 0.02 123 192.0.2.26 24:77:03:9a:6c:dc 6.40 3.40 0.32 847 192.0.2.29 00:22:90:ea:9e:f1 10.78 0.00 0.95 197 192.0.2.20 00:23:33:41:79:f8 9.79 0.00 0.40 134 Avg Tx Rate(Mbps) ----------------3.42 3.54 0.37 0.20 Avg Rx Rate(Mbps) ----------------1.68 2.12 5.38 3.
show ucc configuration show ucc configuration cac-alg dialplan-profile logging midcall-timeout realtime-analysis rtcp-inactivity sip traffic-control lync Description This command displays the UCC configuration in the controller. Syntax Parameter Description cac-alg Displays the CAC profiles configured in the controller. dialplan-profile Displays the dialplan profile configured in the controller.
Command History Version Description ArubaOS 6.4 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license. Config or Enable mode on master or local controllers. Dell Networking W-Series ArubaOS 6.4.
show ucc statistics show ucc statistics counter cac | call {client [app {h323 | lync | noe | sccp | sip | svp | vocera}]| global [app {h323 | lync | noe | sccp | sip | svp | vocera}]} dialplan-hits remote wmm-flow {ap-name | bssid | ip-addr } tspec-enforcement wmm-flow Description This command displays the UCC call statistics in the controller.
Win 7 18 0 0 4 WMM (VI, VO, BK, BE):total calls with received priority The following command displays the client call counters: (host) #show ucc statistics counter call client Per Client Call Counters: ------------------------Client IP Client MAC -----------------192.0.2.22 00:23:33:41:c8:b8 192.0.2.26 24:77:03:9a:6c:dc 192.0.2.
Command History Version Description ArubaOS 6.4 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license. Config or Enable mode on master or local controllers. 1719 | show ucc statistics Dell Networking W-Series ArubaOS 6.4.
show ucc trace-buffer show ucc trace-buffer lync [count ] sccp [count ] sip [count ] Description This command displays the UCC call message trace buffer for Lync, SCCP, and SIP ALGs. Events such as establishing voice, video, desktop sharing, and file transfer are recorded. Syntax Parameter Description lync [count ] Displays Lync call message trace buffer. sccp [count ] Displays SCCP call message trace buffer.
Column Description Event Time Displays the time stamp when the VoIP call originated. BSSID Displays the BSSID of the AP to which the VoIP client is connected. Called To Displays the user name of the VoIP client being called. CAC-Status Displays if call admission control limit is reached. The values are: PASS l FAIL l NA NOTE: When the Call Status for the Lync client is Call Quality Update, the value of the CAC-Status for the Lync client is NA. l Media Type Displays the type of Lync call.
show upgrade configuration show upgrade configuration Description The output of this command shows the current upgrade configuration, including profile settings, image files and targets. Syntax No parameters Usage Guidelines The centralized image upgrade feature allows a master controller to automatically upgrade its associated local controllers by sending an image from an image server to one or more local controllers.
Parameter Description Range Default Password If the protocol parameter is set to FTP or SCP, this parameter displays the password that ArubaOS will use to connect to the image server - - File path Location on the image server where the image file(s) are located - - Max downloads Maximum number of local controllers that can simultaneously download a file from a file server. The centralized image downloading feature supports up to 100 simultaneous downloads.
show upgrade status show upgrade status[summary] Description The output of this command shows the status of controllers using the centralized upgrade feature. Syntax Parameter Description summary Display a summary of all local controllers using the centralized image upgrade, including the numbers of controllers currently in each upgrade state.
Parameter Description Range Default use to connect to the image server. File path File path to the location on the image server where the image file(s) reside. - - Max downloads Maximum number of local controllers that can simultaneously download a file from a file server. The centralized image downloading feature supports up to 100 simultaneous downloads. If this field is left blank, ArubaOS will use its default value of 10 downloads.
Parameter Description each controller after it downloads its new image. Not supported The local controller is running a version of ArubaOS that does not support centralized image downloads. Waiting, image not verified The image must be verified as valid before the local controller can download that image. Not part of target The local controller is associated with a master controller using the centralized image upgrade feature, but is not part of the upgrade target.
show upgrade-profile Description The settings in this centralized image upgrade profile allow the master controller to automatically upgrade its associated local controllers by sending an image from an image server to one or more local controllers. Syntax No parameters Usage Guidelines The centralized image upgrade feature is enabled and configured on a master controller only, and supports up to 100 simultaneous image downloads.
Parameter Description l l Range Default FTP SCP Server IP address IP address of the image server. - - Username If the protocol parameter is set to FTP or SCP, this parameter displays the user name that ArubaOS uses to connect to the image server. - - Password If the protocol parameter is set to FTP or SCP, this parameter displays the password that ArubaOS will use to connect to the image server. - - File path File path to the location on the image server where the image file(s) reside.
show uplink crypto-local show uplink [config|{connection }|signal|{stats
show usb crypto-local show usb [cellular|ports|test|verbose] Description Display detailed USB device information. Syntax Parameter Description cellular Enter the keyword cellular to display cellular devices. ports Enter the keyword ports to display detailed TTY port information such as signal strength. test Enter the keyword test to test the USB TTY ports. NOTE: Testing an invalid modem port may cause the controller to “hang”. To resolve this, unplug and re-plug the modem.
Command Information Platforms Licensing Command Mode W-600 Series and W-7200 controllers Base operating system Config mode on master and local controllers 1731 | show usb Dell Networking W-Series ArubaOS 6.4.
show user show user ap-group ap-name authentication-method dot1x|mac|opensystem|psk|stateful-dot1x|via-vpn|vpn|web bssid devtype essid internal ip [log] location b.f.l mac [log] mobile {[bindings][visitors]} name phy-type {[a]|[b]} role rows Description Displays detailed information about user in terms of AP group, authentication method, role and so on.
Parameter Description essid Show user data for a specific ESSID. If the ESSID includes spaces, you must enclose it in quotation marks. internal Display internal user entries only. Include the rows options to filter the output of this command by specifying the number of rows from the end of the output and the total number of rows to display/ ip Show user data for a specific IP address .
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The devtype parameter was introduced, and the output of this command expanded to include the Type column. ArubaOS 6.2 Output for the IP address shows if it is derived using DHCP. ArubaOS 6.3 The optional log parameter was introduced to display log files for events triggered by a specific user. Only W-6000, W-3600 and W-7200 Series controllers support per-user logging. This command was introduced in ArubaOS 3.0.
show user_session_count (deprecated) show user_session_count Description Show the number of users using an ESSID for different time intervals. Syntax No parameters Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 6.0 Command deprecated 1735 | show user_session_count (deprecated) Dell Networking W-Series ArubaOS 6.4.
show user-table show user-table ap-group ap-name authentication-method dot1x|mac|opensystem|psk|stateful-dot1x|via-vpn|vpn|web bssid devtype debug essid internal ip [log] location b.f.
Parameter Description vpn Show data for devices using VPN authentication. web Show data for devices using captive portal authentication. bssid Show user data for a specific device BSSID. debug Show all user data for debugging purposes. devtype Show output for a specified device type, if identified. If the device name includes spaces, you must enclose it in quotation marks. essid Show user data for a specific ESSID.
Usage Guidelines Use the show user-table command to show detailed user statistics which includes the entire output of the user-table, mobility state and statics, authentication statistics, VLAN assignment method, AP datapath tunnel information, radius accounting statistics, user-role derivation method, datapath session flow entries and 802.11 association state and statistics. Examples This example displays users currently in the employee role.
RadAcct sessionID:n/a RadAcct Traffic In 4/216 Out 2/420 (0:4/0:0:0:216,0:2/0:0:0:420) Timers: reauth 0 Profiles AAA:1_wlan_135-aaa_prof, dot1x:dot1x_prof-rwv10, mac:pMac CP: def-role:'logon' siprole:'' via-auth-profile:'' ncfg flags udr 0, mac 1, dot1x 1, RADIUS interim accounting 0 IP Born: 1354560806 (Mon Dec 3 10:53:26 2012) Core User Born: 1354560805 (Mon Dec 3 10:53:25 2012) Upstream AP ID: 0, Downstream AP ID: 0 Device Type: Dalvik/1.4.0 (Linux; U; Android 2.3.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The devtype parameter was introduced, and the output of this command expanded to include the Type column. ArubaOS 6.2 Output for the IP address shows if it is derived using DHCP. ArubaOS 6.3 The optional log parameter was introduced to display log files for events triggered by a specific user. Only W-6000, W-3600 and W-7200 Series controllers support per-user logging. This command was introduced in ArubaOS 3.0.
Dell Networking W-Series ArubaOS 6.4.
show util_proc show util_proc guest-email counters Description Show counters for the guest email process. Syntax No parameters. Usage Guidelines As part of guest provisioning, the guest access email feature allows you to define the SMTP port and server that processes guest provisioning email. This server sends email to the guest or the sponsor when a guest user manually sends email from the Guest Provisioning page, or when a user creates a guest account.
show valid-network-oui-profile show valid-network-oui-profile Description This command displays the Valid Equipment OUI Profile table Syntax No parameters Usage Guidelines If you used the valid-networkoui-profile to add a new OUI to the controller, issue the show valid-network-ouiprofile command to see a list of current OUIs.
show version show version Description Show the system software version. Syntax No parameters. Example (host) #show version Aruba Operating System Software. ArubaOS (MODEL: Dell Networking W-650 Controller-US), Version 6.1.0.0 Website: http://www.dell.com Copyright (c) 2002-2011, Aruba Networks, Inc. Compiled on 2011-04-28 at 00:18:36 PDT (build 28106) by p4build ROM: System Bootstrap, Version CPBoot 1.0.0.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers Dell Networking W-Series ArubaOS 6.4.
show via show via version websessions Description Displays VIA version and web session details. Syntax Parameter Description Range Default version Displays the version of VIA client available on the controller. — — websessions Displays the list of users connected to the VIA controller using the VIA client. — — Example The following example displays the version of VIA client available on the controller.
show vlan-bwcontract-explist show vlan-bwcontract-explist [internal] Description Show entries in the VLAN bandwidth contracts MAC exception lists. Syntax Parameter Description internal Include the optional internal parameter to display the MAC addresses in the internal, preconfigured VLAN bandwidth contracts MAC exception list. Example The following command displays the MAC addresses in the internal MAC exception list.
show vlan show vlan Description This command shows a configured VLAN interface number, description and associated ports. Syntax Parameter Description Range Default Identification number for the VLAN. 1-4094 1 Usage Guidelines Issue this command to show the selected VLAN configuration. The VLAN column lists the VLAN ID. The Description column provides the VLAN name or number and the Ports column shows the VLAN’s associated ports.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show vlan-assignment show vlan-assignment Description This command shows the number of clients assigned to a VLAN. Syntax No parameters. Usage Guidelines Issue this command to show the number of clients that are assigned to a VLAN. (host) #show vlan-assignment VLAN Assignment --------------VLAN #CLIENTS ---- -------10 0 Related Commands (host) (config) #vlan (host) (config) #vlan-name Command History This command was introduced in ArubaOS 6.2.
show vlan-assignment-auth show vlan-assignment-auth Description This command shows the VLAN usage in the user authentication module. Syntax No parameters. Usage Guidelines Issue this command to view all the VLAN IDs that are configured along with the current client count that uses that VLAN ID. (host) #show vlan-assignment-auth Vlan usage in AUTH -----------------VLAN ID Usage ------- ----10 0 Related Commands (host) (config) #vlan Command History This command was introduced in ArubaOS 6.3.
show vlan mapping show vlan mapping Description This command shows a configured VLAN name, its pool status, assignment type and the VLAN IDs assigned to the pool. Syntax Parameter Description Range Default Identification number for the VLAN. 1-4094 1 Usage Guidelines Issue this command to show the selected VLAN configuration. The VLANName column displays the name of the VLAN pool. The Pool Status column indicates if the pool is enabled or disabled.
show vlan status show vlan status Description This command shows the current status of all VLANs on the controller. Syntax No parameters. Usage Guidelines Issue this command to show the status of VLANs on the controller. The VLANID column displays the VLAN ID name or number. The IP Address column provides the VLAN’s IP address. The Adminstate column indicates if the VLAN is enabled or disabled. The Operstate column indicates if the VLAN is currently up and running.
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master or local controllers 1755 | show vlan status Dell Networking W-Series ArubaOS 6.4.
show vlan summary show vlan summary Description This command shows the number of existing VLANs. Syntax Parameter Description Number of existing VLANs The number of existing VLANs on the controller. Usage Guidelines Issue this command to show the number of existing VLANs on the controller. (host) #show vlan summary Number of existing VLANs :13 Related Commands (host) (config) #vlan (host) (config) #vlan-name Command History This command was introduced in ArubaOS 3.0.
show vlan-bwcontract-explist show vlan-bwcontract-explist [internal] Description Show entries in the VLAN bandwidth contracts MAC exception lists. Syntax Parameter Description internal Include the optional internal parameter to display the MAC addresses in the internal, preconfigured VLAN bandwidth contracts MAC exception list. Example The following command displays the MAC addresses in the internal MAC exception list.
show voice alg-based-cac show voice alg-based-cac Description Displays the status of the VoIP signaling based Call Admission Control (CAC). Syntax No parameters. Example The output of this command shows the status of the ALG based CAC. (host) #show voice alg-based-cac WARNING: This command will be deprecated, please use show ucc commands instead. Voice alg-based-cac:enable Command History Version Description ArubaOS 6.2 Command introduced.
show voice call-cdrs show voice call-cdrs bssid cid count detail essid extn ip proto rtpa sta Description Displays detailed call records of voice client. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. cid View the detailed call records for a specific client based on the Call Detail Record (CDR) ID.
Parameter Description l l h323 lync rtpa Include this parameter to view the voice call quality reports based on the call quality analysis from the RTP media streams. NOTE: This parameter is applicable only if Real Time Call Quality Analysis is enabled on the voice calls. sta Filter records based on the MAC address of a voice client. Example The first example shows the breakdown of Lync data transfer sessions into voice, video, desktop-sharing, and file-transfer.
17 10.16.33.61 1001 lync OG NA Terminated x-data NA 0 0 00:24:6c:27:5f:f0 akvoice1 24 0 16 10.16.33.62 1000 lync IC 93 Inactivity x-msrta GREEN 0 0 00:24:6c:27:5f:f0 akvoice1 46 7 10.16.33.62 1000 lync IC 1001 Inactivity x-rtvc1 GREEN 0 0 00:24:6c:27:5f:f0 akvoice1 40 5 15 10.16.33.61 1001 lync OG 93 Inactivity x-msrta GREEN 0 0 00:24:6c:27:5f:f0 akvoice1 46 7 10.16.33.61 1001 lync OG 1000 Inactivity x-rtvc1 NA 0 0 00:24:6c:27:5f:f0 akvoice1 40 5 14 10.16.33.
Timestamp --------Feb 19 14:55:34 AP Name ------arun_105 BSS Id -----00:24:6c:27:5f:f0 Category -------Initial Association Event ----Joining AP Command History Version Description ArubaOS 3.3.1 Command introduced. ArubaOS 6.0 The cid and rtpa parameters were introduced. ArubaOS 6.3 Using the detail parameter now displays the following additional fields: l l l l l Call Type Src port Dest port DSCP WMM AC Under the proto parameter, the lync protocol is introduced.
show voice call-counters show voice call-counters Description Displays outgoing, incoming and terminated call counter details. The total calls equals the sum of the calls originated and terminated. It also equals the sum of the active, success, failed, blocked, aborted, and forwarded calls. Syntax No parameters. Example The output of this command shows call counter statitics.
show voice call-density show voice call-density bssid essid extn ip proto Description Displays call density report for voice calls. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. essid Filter records based on ESSID of voice clients. extn Filter records based on the extension of a voice client. ip Filter records based on the IP address of an AP.
... Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.3 Under the proto parameter, the lync protocol is introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers 1765 | show voice call-density Dell Networking W-Series ArubaOS 6.4.
show voice call-perf show voice call-perf bssid essid extn ip proto Description Displays the performance of voice calls of all clients connected to the controller. You can filter the report based on BSSID, ESSID, extension, IP address or the VOIP protocol type. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. essid Filter records based on ESSID of voice clients.
Command History Version Description ArubaOS 3.3.1 Command introduced. ArubaOS 6.3 Under the proto parameter, the lync protocol is introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers 1767 | show voice call-perf Dell Networking W-Series ArubaOS 6.4.
show voice call-quality show voice call-quality bssid essid extn ip proto rtpa sta Description Displays voice call quality for each call over a period of time. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. essid Filter records based on ESSID of voice clients. extn Filter records based on the extension of a voice client.
-------------------3042 3042 3042 3042 BSSID ----00:0b:86:5c:d6:08 00:0b:86:5c:d6:08 00:0b:86:5c:d6:08 00:0b:86:5c:d6:08 -------141 119 35 100 ESSID ----nkrtp nkrtp nkrtp nkrtp ----- G711 ----108.241 115.333 98.000 103.528 -----7.793 13.000 12.000 6.056 -------8.809 8.480 0.391 4.622 ------73 78 90 80 ---YELLOW YELLOW GREEN GREEN AP Name ------voice-a voice-a voice-a voice-a Num Records:4 Command History Version Description ArubaOS 3.3.1 Command introduced. ArubaOS 6.
show voice call-stats show voice call-stats bssid cip essid extn ip proto sta Description Displays voice call statistics for each client. Syntax Parameter Description bssid Filter records based on BSSID of a voice client. cip Filter records based on a client’s IP address. essid Filter records based on ESSID of a voice client.
Command History Version Description ArubaOS 3.3.1 Command introduced. ArubaOS 6.3 Under the proto parameter, the lync protocol is introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers 1771 | show voice call-stats Dell Networking W-Series ArubaOS 6.4.
show voice client-status show voice client-status active-only bssid essid extn ip proto sta Description Displays list of voice clients and their status. You can also view details of a specific voice client. Syntax Parameter Description active-only Filter records based on active voice clients bssid Filter records based on BSSID of a voice client. essid Filter records based on ESSID of a voice client.
10.16.33.62 00:24:d7:40:a8:64 1000 Call Status ----------Idle Idle BSSID ----00:1a:1e:80:bb:10 00:24:6c:27:5f:f0 ESSID ----test test lync AP Name ------local1 local1 10.16.10.15 REGISTERED Flags ----W b Num Clients:2 Flags: V - Visitor, W - Wired, R - Remote, B - Blocked, b - Best Effort Command History Version Description ArubaOS 3.3.1 Command introduced. ArubaOS 6.0 The sta para\meter was introduced. ArubaOS 6.3 l l l Under the proto parameter, the lync protocol is introduced.
show voice configurations show voice configurations Description Displays the details of the voice related configurations on your controller. Syntax No parameters. Example The output of this command shows details about all voice configurations on a controller.
SIP settings ------------s Parameter --------Session Timer Session Expiry Dialplan Profile Value ----Disabled 300 sec N/A Voice rtcp-inactivity:disable Voice sip-midcall-req-timeout:disable Command History Version Description ArubaOS 6.0 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers 1775 | show voice configurations Dell Networking W-Series ArubaOS 6.4.
show voice dialplan-profile show voice dialplan-profile Description Displays list of SIP voice dialplan. You can also specify a dialplan to view configuration. Syntax No parameter. Example The output of this command shows list of all dialplans and the configuration of long distance dialplan.
show voice logging show voice logging Description Displays the MAC address of the voice client that has logging enabled. Syntax No parameters. Example The output of this command shows the MAC address of the voice client that has logging enabled. (host) #show voice logging VoIP Logging -----------Parameter --------Client's MAC Address for Logging Value ----11:22:33:44:55:67 Command History Version Description ArubaOS 6.0 Command introduced.
show voice msg-stats show voice msg-stats lync {bssid | cip | essid | ip | sta } sccp {bssid | cip | essid | ip | sta } sip {bssid | cip | essid | ip | sta } Description Displays voice client message statistics for each client using either Lync ALG, Signaling Connection Control Part (SCCP), or Session Initiation Protocol (SIP).
Num Clients:2 The output of the command in the second example shows voice message statistics for a Lync client with a MAC address. (host) #show voice msg-stats lync sta 00:24:d7:40:ca:88 LYNC Voice Client(s) Msg Statistics ----------------------------------Client Name Client IP AP Name BSSID ----------- ----------------1001 10.16.33.
show voice real-time-analysis show voice real-time-analysis [sta ] Description Displays the call quality parameters based on the call quality analysis on the RTP media streams for voice calls. Syntax Parameter Description sta View the detailed real time call quality analysis report for a voice client based on the MAC address. You can also view the average call quality values for all the clients without passing the MAC address.
Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers 1781 | show voice real-time-analysis Dell Networking W-Series ArubaOS 6.4.
show voice real-time-analysis-config show voice real-time-analysis-config Description Displays the status of Real Time Call Quality Analysis configuration. Syntax No parameters. Example The output of this command shows the status of Real Time Call Quality Analysis configuration on a controller. (host) #show voice real-time-config Configure Real-Time Analysis ---------------------------Parameter --------Real-Time Analysis of voice calls Value ----Enabled Command History Version Description ArubaOS 6.
show voice rtcp-inactivity show voice rtcp-inactivity Description Displays the status of RTCP protocol. Syntax No parameters. Example The output of this command shows the status of RTCP protocol. (host) #show voice rtcp-inactivity Voice rtcp-inactivity:disable Command History Version Description ArubaOS 3.3.1 Command introduced.
show voice sip show voice sip Description Displays the SIP settings on the controller. Syntax No parameters. Example The output of this command shows the SIP settings on a controller. (host) #show voice sip SIP settings ------------s Parameter --------Session Timer Session Expiry Dialplan Profile Value ----Enabled 300 sec N/A Command History Version Description ArubaOS 6.0 Command introduced.
show voice sip-midcall-req-timeout show voice sip-midcall-req-timeout Description Displays the status of the SIP mid-call request timeout configuration on the controller. Syntax No parameters. Example The output of this command shows the status of the SIP mid-call request timeout configuration on a controller. (host) #show voice sip-midcall-req-timeouts Voice sip-midcall-req-timeout:disable Command History Version Description ArubaOS 6.0 Command introduced.
show voice statistics show voice statistics [ cac | sip-dialplan-hits | tspec-enforcement ] Description Displays the CAC, UDP SIP dial plan hits, and TSPEC enforced voice statistics. Syntax Parameter Description cac Displays the dropped SIP Invites and SIP Status Code for both server and the client side. Note: This filter supports only the SIP protocol and will work only if CAC is enabled for the parameters. sip-dialplan-hits Displays the statistics of SIP dialplan hits.
show voice trace show voice trace lync [count | ip | mac ] sccp [count | ip | mac ] sip [count | ip | mac ] Description Displays the signaling message trace details for either Lync ALG, Signaling Connection Control Part (SCCP), or Session Initiation Protocol (SIP) clients. Syntax Parameter Description count View the specified number of the latest SIP, SCCP, or Lync voice client messages. Specify an integer value.
Lync Lync Lync Lync 1000 1000 1000 1000 00:24:d7:40:a8:64 00:24:d7:40:a8:64 00:24:d7:40:a8:64 00:24:d7:40:a8:64 Direction --------Server-To-Client Client-To-Server Server-To-Client Client-To-Server 10.16.33.61 10.16.33.61 10.16.33.61 10.16.33.
Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers 1789 | show voice trace Dell Networking W-Series ArubaOS 6.4.
show vpdn l2tp configuration show vpdn l2tp configuration Description Displays the VPN L2TP tunnel configuration. Syntax No parameters. Example The output of this command shows the L2TP tunnel configuration. (host) # show vpdn l2tp configuration Enabled Hello timeout: 30 seconds DNS primary server: 10.16.15.1 DNS secondary server: 10.16.14.1 WINS primary server: 0.0.0.0 WINS secondary server: 0.0.0.0 PPP client authentication methods: PAP IP LOCAL POOLS: vpnpool: 10.16.15.150 - 10.16.15.
show vpdn pptp configuration show vpdn pptp configuration Description Displays the PPTP configuration on the controller. Syntax No parameters. Example The output of this command shows the L2TP tunnel configuration. (host) # show vpdn pptp configuration Enabled Hello timeout: 30 seconds DNS primary server: 10.15.1.1 DNS secondary server: 10.15.1.200 WINS primary server: 0.0.0.0 WINS secondary server: 0.0.0.
show vpdn pptp local pool show vpdn pptp local pool Description Displays the IP address pool for VPN users using Point-to-Point Tunneling Protocol. Syntax No parameters. Example The output of this command shows the all IP address pools for VPN users. (host) # show vpdn pptp local pool IP addresses used in pool localgroup 0 IPs used - 11 IPs free - 11 IPs configured Command History This command was available in ArubaOS 3.
show vpn-dialer show vpn-dialer Description Displays the VPN dialer configuration for users using VPN dialers. Syntax No parameters. Example The output of this command shows the VPN dialer configuration for remote Users.
show vrrp show vrrp {{[statistics]}|ipv6{|stats[all]}|stats[all]|summary} Description Displays the list of all VRRP configuration on the controller. To view a specific VRRP configuration, specify the VRID number. Syntax Parameter Description Range Default Displays the Virtual Router Id. 1-255 — ipv6 Display VRRP information for IPv6 address. — — stats Displays the operational statistics of the VRRP. — — summary Displays the number of vrrp instances for IPv4 and IPv6.
Virtual Router 1: Description Admin State DOWN, VR State INIT IPv6 Address :: MAC Address 00:00:5e:00:02:01, vlan 0 Priority 100, Advertisement 1 sec, Preemption Disable Delay 0 tracking is not enabled Virtual Router 23: Description Admin State DOWN, VR State INIT IPv6 Address :: MAC Address 00:00:5e:00:02:17, vlan 0 Priority 100, Advertisement 1 sec, Preemption Disable Delay 0 tracking is not enabled Virtual Router 255: Description Admin State UP, VR State MASTER IPv6 Address 2006::25 MAC Address 00:00:5e:
Number of exisitng VRRP IPv6 instances : 3 The output of the following command shows the configuration for all IPv6 VRRP instances.
Current time: Number times became VRRP Master: Wed Sep 25 19:55:33 2013 0 Command History Version Modification ArubaOS 1.0 Command introduced ArubaOS 3.3 The tracking interface and tracking vlan parameters were introduced. ArubaOS 3.3.2 The add option was removed from the tracking interface and tracking vlan parameters. ArubaOS 6.4 The ipv6, stats, and summary parameters were introduced.
show web-cc show web-cc categories reputation stats status global-bandwidth-contract all|{web-cc-category }|{web-cc-reputation } Description Display information about web content (web-cc) classification settings, category and reputation types, classification statistics and bandwidth contracts. Syntax Parameter Description categories Display the category index number and the category name for each category type.
web-cc-category music Downstream 20000000 music-745c 1 The output of the show web-cc command varies, depending upon the parameters specified. The following table describes the information displayed in the output of this command when that parameter is included.
Related Commands Command Description Mode web-cc This command defines global bandwidth contracts for HTTP traffic matching a predefined web content category or reputation type. Config mode Command History Version Modification ArubaOS 6.4.2.0 Command introduced. Command Information Platforms Licensing Command Mode All platforms PEF-NG license Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show web-server show web-server Description Displays the configuration of the controller’s web server. Syntax No parameters. Example The output of this command shows the web-server configuration.
show whitelist-db cpsec show whitelist-db cpsec cert-type {factory-cert|switch-cert} mac-address page start state {approved-ready-for-cert|certified-factory-cert|unapproved-factory-cert|unapprovedno-cert} Description Display the campus AP whitelist for campus APs using the control plane security feature. Syntax Parameter Description cert-type {factory-cert|switchcert} l mac-address MAC address of the campus AP you want to enter into the CPsec whitelist database.
----------00:16:CF:AF:3E:E1 Cert-Type --------switch-cert -----Enabled Description ----------- ----certified-controller-cert Revoke Text ----------- Last Updated -----------Fri Oct 16 01:21:09 2009 Whitelist Entries: 1 The output of this command includes the following parameters: Parameter Description MAC-Address MAC address of the campus AP. Enable Shows whether the campus AP has been enabled or disabled. State Shows the current state of the campus AP.
Command History Release Modification ArubaOS 5.0 Command introduced. ArubaOS 6.4.1.0 The following new parameters were introduced: l cert-type l page l start l state Command Information Platforms Licensing Command Mode All platforms Base operating system. Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show whitelist-db cpsec-local-switch-list show whitelist-db cpsec-local-switch-list [mac-address ] Description Display the list of local controllers with APs using the control plane security feature. Syntax Parameter Description mac-address MAC address of the local controller whose data you want to view.
Parameter Description Sequence Number The number of times the local controller in the whitelist received and acknowledged a campus AP whitelist change from the master controller. In the example above, both local controllers received and acknowledged three campus AP whitelist changes sent from the master controller. Remote Sequence Number The number of times that the master controller has received and acknowledged a campus AP whitelist change from the local controller in the whitelist.
show whitelist-db cpsec-master-switch-list show cpsec-master-ctlr-list-db cpsec show whitelist-db cpsec-master-switch-list [mac-address ] Description Display the master switch list whitelist on local controllers with APs using the control plane security feature. Syntax Parameter Description mac-address MAC address of the master controller.
Parameter Description Sequence Number The number of times the master controller in the whitelist received and acknowledged a campus AP whitelist change from the local controller. In the example above, the master controller received and acknowledged one campus AP whitelist change from the local controller. Remote Sequence Number The number of times that the local controller has received and acknowledged a campus AP whitelist change from the master controller in the whitelist.
show whitelist-db cpsec-seq show whitelist-db cpsec-seq Description Display the current sequence number for the master or local controller whitelists. Syntax No Parameters Usage Guidelines The current sequence number in the Sequence Number Details table shows the number of changes to the campus AP whitelist made on this controller. Each controller compares its campus AP whitelist against whitelists on other controllers every two minutes.
Related Commands Command Description Mode whitelist-db cpsec add mac-address Configure the campus AP whitelist for the control plane security feature. Config mode Command History This command was introduced in ArubaOS 5.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show whitelist-db cpsec-status show whitelist-db cpsec-status Description Display aggregate status information APs in the campus AP whitelist. Syntax No parameters.
Related Commands Command Description Mode show whitelist-db cpsec Display the campus AP whitelist for campus APs using the control plane security feature. Config mode Command History This command was introduced in ArubaOS 5.0. Command Information Platforms Licensing Command Mode All platforms Base operating system. Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show whitelist-db rap show whitelist-db rap apgroup apname export-css fullname long mac-address page start Description View detailed information for the remote AP whitelist database. Syntax Parameter Description apgroup Display specific AP-entries for this AP-group. apname Display specific AP-entry for this AP-name. export-css Export the remote AP white list to a file in the controller's /flash/config/ folder.
00:0b:86:66:02:09 AP_Authenticated ---------------Authenticated Provisioned Authenticated Authenticated Provisioned default LAB-AP Description ----------- Date-Added ---------Thu Mar 5 Thu Mar 5 Wed Mar 4 Tue May 19 Fri May 8 21:25:36 21:25:49 20:16:16 07:53:29 10:37:40 2009 2009 2009 2009 2009 Enabled ------Yes No Yes Yes Yes Remote-IP ------192.0.2.3 192.0.2.78 192.0.2.6 192.0.2.12 192.0.2.
Parameter Description Enabled This column shows if the entry in the database is enabled or disabled. Database entries can be enabled or disabled using the CLI commands: whitelist-db rap {add|modify} mac-address mode {enable|disable} and whitelist-db rap revoke mac-address Related Commands Command Description whitelist-db rap add Add, delete, modify or revoke remote AP entries in the current emote AP whitelist table. Command History Release Modification ArubaOS 5.
show whitelist-db rap-local-switch-list show whitelist-db rap-local-switch-list [mac-address ] Description Display the remote AP whitelist local switch list on a master controller. Syntax Parameter Description mac-address MAC address of the local controller whose data you want to view. Usage Guidelines When you have remote APs on a network with both master and local controllers, the master controller maintains a whitelist of local controllers with remote APs.
The output of this command includes the following information: Parameter Description Active Shows if the controller is active on the network. l l 1: Active 0: Inactive MAC-Address MAC address of the local controller. IP-Address IP address of the local controller. Sequence Number The number of times the local controller in the whitelist received and acknowledged a remote AP whitelist change from the master controller.
show whitelist-db rap-master-switch-list show whitelist-db rap-local-switch-list [mac-address ] Description Display the remote AP whitelist master switch list on local controllers with remote APs Syntax Parameter Description mac-address MAC address of the local controller whose data you want to view.
Parameter Description IP-Address IP address of the mastercontroller. Sequence Number The number of times the mastercontroller in the whitelist received and acknowledged a remote AP whitelist change from the local controller. In the example above, the master controllers received and acknowledged three remote AP whitelist changes sent from a local controller.
show whitelist-db rap-status show whitelist-db rap-status Description Display aggregate status information APs in the remote AP whitelist. Syntax No parameters.
Command Information Platforms Licensing Command Mode All platforms Base operating system. Enable mode on master or local controllers 1821 | show whitelist-db rap-status Dell Networking W-Series ArubaOS 6.4.
show wlan bcn-rpt-req-profile show wlan bcn-rpt-req-profile Description Shows configuration and other information about the parameters for the Beacon Report Request frames. Syntax Parameter Description Name of a WLAN beacon report request profile. Usage Guidelines Issue this command without the parameter to display the entire Beacon Report Request profile list, including profile status and the number of references to each profile.
Parameter Description Interface Specifies the Radio interface for transmitting the Beacon Report Request frame. It can have a value of either 0 or 1. Regulatory Class Specifies the Regulatory Class field in the Beacon Report Request frame. Channel Specifies the Channel field in the Beacon Report Request frame. Randomization Interval Specifies the Randomization Interval field in the Beacon Report Request frame.
show wlan dot11k-profile show wlan dot11k-profile [] Description Show a list of all 802.11k profiles, or display detailed configuration information for a specific 802.11k profile. Syntax Parameter Description Name of an 802.11k profile. Usage Guidelines Issue this command without the parameter to display the 802.11k profile list, including profile status and the number of references to each profile.
Parameter Description Advertise 802.11K Capability Shows if the profile has enabled or disabled the 802.11K feature. Forcefully disassociate onhook voice clients If enabled, the AP may forcefully disassociate clients that reach the maximum CAC peak capacity or call handoff reservation.
show wlan dot11r-profile show wlan dot11r-profile [] Description Show a list of all 802.11r profiles, or display detailed configuration information for a specific 802.11r profile. Syntax Parameter Description Name of an 802.11r profile. Usage Guidelines Issue this command without the parameter to display the 802.11r profile list, including profile status and the number of references to each profile.
Parameter Description 802.11r Mobility Domain ID Shows the unique ID that identifies the mobility domain. 802.11r R1 Key Duration Shows the r1 key timeout value in seconds for decrypt-tunnel or bridge mode. 802.11r R1 Key Assignment Shows if the r1 key assignment is static or dynamic. Command History This command was introduced in ArubaOS 6.3. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers.
show wlan edca-parameters-profile show wlan edca-parameters-profile ap|station [] Description Display an Enhanced Distributed Channel Access (EDCA) profile for APs or for clients (stations). EDCA profiles are specific either to APs or clients. Syntax Parameter Description Name of a EDCA Parameters profile.
Parameter Description AC Name of an Access channel queue (Best-effort, Background, Video or Voice). ECWmin The exponential (n) value of the minimum contention window size, as expressed by 2n-1. A value of 4 computes to 24-1 = 15. ECWmax The exponential (n) value of the maximum contention window size, as expressed by 2n-1. A value of 4 computes to 24-1 = 15. AIFSN Arbitrary inter-frame space number. TXOP Transmission opportunity, in units of 32 microseconds.
show wlan handover-trigger-profile show wlan handover-trigger-profile [] Description Displays the current configuration settings for a handover trigger profile. Usage Guidelines Issue this command without the parameter to display a handover trigger profile profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile. For this profile to take effect, the 802.
show wlan hotspot advertisement-profile show wlan hotspot advertisement-profile [] Description The output of this command displays settings for a WLAN ANQP advertisement profile. Syntax Parameter Description Name of a wlan hotspot advertisement profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles and Hotspot 2.0 Query Protocol (H2QP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
The output of this command includes the following parameters: Parameter Description ANQP Venue Name Profile Name of the ANQP Venue Name profile associated with this WLAN advertisement profile. ANQP Network Authentication Profile Name of the ANQP Network Authentication profile associated with this WLAN advertisement profile. ANQP Roaming Consortium Profile Name of the ANQP Roaming Consortium profile associated with this WLAN advertisement profile.
show wlan hotspot anqp-3gpp-nwk-profile show wlan hotspot anqp-3gpp-nwk-profile [] Description This profile shows the configuration settings for for a 3rd Generation Partnership Project (3GPP) Cellular Network profile. Syntax Parameter Description Name of a 3GPP Cellular Network profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
Parameter Description ANQP 3GPP network profile enable Shows if this profile has been enabled ANQP 3GPP Cellular Network profiles are disabled by default. 3gpp PLMN1 The Public Land Mobile Networks (PLMN) value of the highest-priority network. The PLMN is comprised of a 12-bit Mobile Country Code (MCC) and the 12-bit Mobile Network Code (MNC). 3gpp PLMN2 The Public Land Mobile Networks (PLMN) value of the second-highest priority network.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show wlan hotspot anqp-domain-name-profile show wlan hotspot anqp-domain-name-profile [] Description The output of this command displays settings for a WLAN ANQP Domain Name profile. Syntax Parameter Description Name of a Domain Name profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
The output of this command includes the following parameters: Parameter Description Domain Name Domain name of the hotspot operator. Related Commands wlan hotspot anqp-domain-name-profile .Command History The command was introduced in ArubaOS 6.4 Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
show wlan hotspot anqp-ip-addr-avail-profile show wlan hotspot anqp-ip-addr-avail-profile [] Description The output of this command displays settings for a WLAN ANQP IP Address Availability profile. Syntax Parameter Description Name of an IP Address Availability profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
IPv4 Address Availability Type public IPv6 Address Availability Type not-available The output of this command includes the following parameters: Parameter Description IPv4 Address Availability Type Indicates the availability of an IPv4 network. This parameter can display any of the following values: l availability-unknown: Network availability cannot be determined. l not-available : Network is not available.
show wlan hotspot anqp-nai-realm-profile show wlan hotspot anqp-nai-realm-profile [] Description The output of this command displays settings for a WLAN ANQP Network Access Identifier (NAI) Realm profile. Syntax Parameter Description Name of an NAI Realm profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
NAI Realm name NAI Realm EAP Method NAI Realm Authentication Parameter Type example.com eap-ttls expanded-eap The output of this command includes the following parameters: Parameter Description NAI Realm name Name of the NAI realm. The realm name is often the domain name of the service provider. NAI Realm EAP Method The NAI Realm Authentication types sent as an ANQP IE in an GAS response NAI Realm Authentication Parameter Type The EAP authentication method supported by the hotspot realm.
show wlan hotspot anqp-nwk-auth-profile show wlan hotspot anqp-nwk-auth-profile [] Description The output of this command displays settings for a WLAN ANQP network authentication profile. Syntax Parameter Description Name of an ANQP Network Authentication profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
Parameter Description Type of Network Authentication Network Authentication Type being used by the hotspot network. This parameter can be any of the following values: l acceptance: Network requires the user to accept terms and conditions. l dns-redirection: Additional information on the network is provided through DNS redirection. l http-https-redirection : Additional information on the network is provided through HTTP/HTTPS redirection. l online-enroll : Network supports online enrollment.
show wlan hotspot anqp-roam-cons-profile show wlan hotspot anqp-roam-cons-profile [] Description The output of this command displays settings for a WLAN ANQP Roaming Consortium profile. Syntax Parameter Description Name of an ANQP Roaming Consortium profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
The output of this command includes the following parameters: Parameter Description Roaming consortium OI Len Length of the OI. The roaming consortium OI length parameter is based upon the number of octets of the Roaming consortium OI. This parameter can have the following values: l 0: 0 Octets in the OI (Null) l 3: OI length is 24-bit (3 Octets) l 5: OI length is 36-bit (5 Octets) Roaming Consortium OI The roaming consortium OI sent in a GAS query response.
show wlan hotspot anqp-venue-name-profile show wlan hotspot anqp-venue-name-profile [] Description The output of this command displays settings for a WLAN ANQP Venue Name profile. Syntax Parameter Description Name of an ANQP Venue Name profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
Venue Name Westfield_Mall The output of this command includes the following parameters: Parameter Description Venue Group The venue group to be advertised in the ANQP Information Elements (IEs) from APs associated with this profile.
show wlan hotspot hs2-profile show wlan hotspot h2-profile [] Description The output of this command displays settings for a Hotspot profile. Syntax Parameter Description Name of a Hotspot profile.
Roaming Consortium Len Entry 1 Roaming Consortium OI Entry 1 Roaming Consortium Len Entry 2 Roaming Consortium OI Entry 2 Roaming Consortium Len Entry 3 Roaming Consortium OI Entry 3 Additional Roaming Consortium OI's(displayed in Advertisement Profile) Venue Group Type Venue Type mall Type of Hotspot 2.
Parameter Description Roaming Consortium Len Entry 2 Length of the OI. This value is based upon the number of octets in the Roaming Consortium OI Entry 2 field. l 0: Zero Octets in the OI (Null) l 3: OI length is 24-bit (3 Octets) l 5: OI length is 36-bit (5 Octets) Roaming Consortium OI Entry 2 Roaming consortium OI assigned to one of the service provider’s top three roaming partners.
show wlan hotspot h2qp-conn-capability-profile show wlan hotspot h2qp-conn-capability-profile [] Description The output of this command displays settings for a WLAN Hotspot 2.0 Query Protocol (H2QP) connection capability profile. Syntax Parameter Description Name of Hotspot 2.
H2QP H2QP H2QP H2QP H2QP H2QP H2QP H2QP H2QP H2QP Connection Connection Connection Connection Connection Connection Connection Connection Connection Connection Capability Capability Capability Capability Capability Capability Capability Capability Capability Capability FTP port(TCP Protocol) SSH port(TCP Protocol) HTTP port(TCP Protocol) TLS VPN port(TCP Protocol) PPTP VPN port(TCP Protocol) VOIP port(TCP Protocol) VOIP port(UDP Protocol) IKEv2 port for IPSec VPN May be used by IKEv2 port for IPSec VPN E
show wlan hotspot h2qp-op-cl-profile show wlan hotspot h2qp-op-cl-profile [] Description The output of this command displays settings for a WLAN Hotspot 2.0 Query Protocol (H2QP) operating class profile. Syntax Parameter Description Name of Hotspot 2.0 Query Protocol (H2QP) operating class profile Usage Guidelines The values configured in this H2QP Operating Class profile list the channels on which the hotspot is capable of operating.
Related Commands wlan hotspot h2qp-op-cl-profile Command History This command was introduced in ArubaOS 6.3 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 1855 | show wlan hotspot h2qp-op-cl-profile Dell Networking W-Series ArubaOS 6.4.
show wlan hotspot h2qp-operator-friendly-name-profile show wlan hotspot h2qp-operator-friendly-name-profile [] Description The output of this command displays settings for a Hotspot 2.0 Query Protocol (H2QP) operator-friendly name profile. Syntax Parameter Description Name of H2QP operator-friendly name profile. Usage Guidelines The operator-friendly name defined in this profile is a free-form text field that can identify the operator and also something about the location.
Parameter Description Operator Friendly Name An operator-friendly name sent by devices using this profile. The name can be up to 64 alphanumeric characters, and can include special characters and spaces. If the name includes quotation marks (“), you must include a backslash character (\) before each quotation mark. (e.g. \"example\") Command History This command was introduced in ArubaOS 6.
show wlan hotspot h2qp-wan-metrics-profile show wlan hotspot h2qp-wan-metrics-profile [] Description The output of this command displays settings for a Hotspot 2.0 Query Protocol (H2QP) WAN metrics profile. Syntax Parameter Description Name of H2QP WAN metrics profile.
Parameter Description H2QP WAN metrics link status Indicates the status of the WAN Link by displaying one of the following values. The default link status is reserved, which indicates that the link status is unknown or unspecified. l link_down l link_test l link_up l reserved H2QP WAN metrics symmetric WAN link This parameter indicates if the WAN Link has same speed in both the uplink and downlink directions.
show wlan ht-ssid-profile show wlan ht-ssid-profile [] Description Show a list of all High-throughput SSID profiles, or display detailed configuration information for a specific High-throughput SSID profile. Syntax Parameter Description Name of a High-throughput SSID profile. Usage Guidelines Issue this command without the parameter to display the entire High-throughput SSID profile list, including profile status and the number of references to each profile.
Supported MCS set 0-23 . The output of this command includes the following data columns: Parameter Description 40 MHz channel usage Shows if the profile enables or disables the use of 40 MHz channels. BA AMSDU Enable Shows of the AP has enabled or disabled the ability to receive AMSDU in BA negotiation. Temporal Diversity Enable Shows if temporal diversity has been enabled or disabled. When this feature is enabled and the client is not responding to 802.
Parameter Description Short guard interval in 20 MHz mode Shows if the profile enables or disables use of short (400ns) guard interval in 20 MHz mode. Short guard interval in 20 MHz mode Shows if the profile enables or disables use of short (400ns) guard interval in 40 MHz mode. Command History Version Description ArubaOS 3.3 Command introduced ArubaOS 3.3.1 The Legacy Stations parameter was introduced ArubaOS 3.3.2 De-aggregation of MAC Service Data Units (A-MSDUs) was introduced ArubaOS 6.
show wlan ssid-profile show wlan ssid-profile [] Description Show a list of all SSID profiles, or display detailed configuration information for a specific SSID profile. Syntax Parameter Description Name of an SSID profile. Usage Guidelines Issue this command without the parameter to display the entire SSID profile list, including profile status and the number of references to each profile.
802.
Parameter Description 802.11a Basic Rates List of supported 802.11a rates, in Mbps, that are advertised in beacon frames and probe responses. 802.11a Transmit Rates Set of 802.11a rates at which the AP is allowed to send data. 802.11g Basic Rates List of supported 802.11b/g rates, in Mbps, that are advertised in beacon frames and probe responses. 802.11g Transmit Rates Set of 802.11b/g rates at which the AP is allowed to send data.
Parameter Description Deny_Broadcast Probes When a client sends a broadcast probe request frame to search for all available SSIDs, this option controls whether or not the system responds for this SSID. When enabled, no response is sent and clients have to know the SSID in order to associate to the SSID. When disabled, a probe response frame is sent for this SSID Local Probe Response Shows if the profile enables or disables local probe response on the AP.
Parameter Description BC/MC Rate Optimization Shows if the profile enables or disables scanning of all active stations currently associated to an AP to select the lowest transmission rate for broadcast and multicast frames. This option only applies to broadcast and multicast data frames; 802.
show wlan traffic-management-profile show wlan traffic-management-profile [] Description Show a list of all traffic management profiles, or display detailed configuration information for a specific traffic management profile. Syntax Parameter Description Name of a Traffic Management profile. Usage Guidelines Issue this command without the parameter to display the entire Traffic Management profile list, including profile status and the number of references to each profile.
Parameter Description Report interval Number of minutes between bandwidth usage reports. Station Shaping Policy Shows which of three possible Station Shaping policies is configured on the profile. l default-access: Traffic shaping is disabled, and client performance is dependent on MAC contention resolution. This is the default traffic shaping setting. l fair-access: Each client gets the same airtime, regardless of client capability and capacity.
show wlan tsm-req-profile show wlan tsm-req-profile Description Shows configuration and other information about the parameters for the Transmit Stream/Category Measurement Request frames. Syntax Parameter Description Name of this instance of the profile. name must be 1-63 characters. Usage Guidelines Issue this command without the parameter to display the entire TSM Request profile list, including profile status and the number of references to each profile.
Parameter Description Measurement Duration Shows the Measurement Duration field in the Transmit Stream/Category Measurement Request frame. Traffic ID Shows the Traffic Identifier field in the Transmit Stream/Category Measurement Request frame. Bin 0 Range Shows the 'Bin 0 Range' field in the Transmit Stream/Category Measurement Request frame. Command History This command is introduced in ArubaOS 6.2.
show wlan virtual-ap show wlan virtual-ap Description Show a list of all Virtual AP profiles, or display detailed configuration information for a specific Virtual AP profile. Syntax Parameter Description Name of a Virtual AP profile Usage Guidelines Issue this command without the parameter to display the entire Virtual AP profile list, including profile status and the number of references to each profile.
Dynamic Multicast Optimization (DMO) Dynamic Multicast Optimization (DMO) Drop Broadcast and Multicast Convert Broadcast ARP requests to unicast Authentication Failure Blacklist Time Blacklist Time Deny inter user traffic Deny time range DoS Prevention HA Discovery on-association Mobile IP Preserve Client VLAN Remote-AP Operation Station Blacklisting Strict Compliance VLAN Mobility FDB Update on Assoc WMM Traffic Management Profile Enabled Threshold Disabled Enabled 3600 sec 3600 sec Disabled N/A Disabled
Parameter Description 2.4 GHz) Band Steering If enabled, ARM’s band steering feature encourages dual-band capable clients to stay on the 5GHz band on dual-band APs. This frees up resources on the 2.4GHz band for single band clients like VoIP phones. Steering Mode Band steering supports three different band steering modes. l Force-5GHz: When the AP is configured in force5GHz band steering mode, the AP will try to force 5Ghz-capable APs to use that radio band.
Parameter Description If the global setting to deny inter-user traffic is enabled, all inter-user traffic between clients will be denied, regardless of the settings configured in the virtual AP profiles. If the setting to deny inter-user traffic is disabled globally but enabled on an individual virtual ap, only the traffic between un-trusted users and the clients on that particular virtual AP will be blocked. Deny time range Time range for which the AP will deny access.
Parameter Description Multi Association If enabled, this feature allows a station to be associated to multiple APs. If this feature is disabled, when a station moves to new AP it will be de authorized by the AP to which it was previously connected, deleting station context and flushing key caching information Fast Roaming Shows if the AP has enabled or disabled fast roaming. VLAN Mobility Shows if the AP has enabled or disabled VLAN (Layer2) mobility.
show wlan voip-cac-profile show wlan voip-cac-profile [] Description Show a list of all VoIP Call Admission Control profiles, or display detailed configuration information for a specific VoIP Call Admission Control profile.
Parameter Description VoIP Call Admission Control Shows if the profile enables or disables WiFi VoIP Call Admission Control features. VoIP Bandwidth based CAC Shows the desired call admission control (CAC) Mechanism: l Disable - CAC is based on Call Counts l Enable - CAC should be based on Bandwidth. VoIP Call Capacity Number of simultaneous calls that can be handled by one radio. VoIP Bandwidth Capacity (kbps) The maximum bandwidth that can be handled by one radio, in kbps.
| show wlan voip-cac-profile Dell Networking W-Series ArubaOS 6.4.
show wlan wmm-traffic-management-profile show wlan wmm-traffic-management-profile [] Description Display a list of all WMM traffic management profiles, or display detailed configuration information for a specific WMM traffic management profile. Syntax Parameter Description Name of the WMM traffic management profile.
Parameter Description Enable Shaping Policy Displays if WMM based traffic shaping is enabled on the controller. Voice Share Displays the bandwidth allocation in percentage (%) for voice access traffic category. Viceo Share Displays the bandwidth allocation in percentage (%) for video access traffic category. Best-effort Share Displays the bandwidth allocation in percentage (%) for best effort access traffic category.
show wms ap show wms ap {}|list|{stats [mon-mac bssid } Description Display information for APs currently monitored by the ArubaOS Wireless Management System (WMS). Syntax Parameter Description Enter the AP’s BSSID number in hexadecimal format (XX:XX:XX:XX:XX:XX). list Show the AP Tree table for all APs. stats Show the AP Statistics table for all APs. mon-mac Show the AP Tree table for an AP with the specified MAC address.
Column Description BSSID Basic Service Set Identifier for the AP. This is usually the AP’s MAC address. SSID The Service Set Identifier that identifies a wireless network. Channel Channel used by the AP’s radio. Type A WMS AP type can be one of the following: soft-ap: A Dell Access Point (AP). l air-monitor: A Dell Air Monitor (AM).
00:0b:86:c1:be:56 00:0b:86:c1:be:56 00:0b:86:c2:0a:98 00:0b:86:c2:1c:08 00:0b:86:c2:1c:38 00:0b:86:c2:3e:a9 00:0b:86:c4:0f:3c 00:0b:86:c4:4d:06 00:1a:1e:c0:88:82 00:1a:1e:c0:88:82 00:1a:1e:c0:88:88 00:0b:86:9b:e5:60 00:0b:86:9b:e5:68 00:0b:86:a0:a9:80 00:0b:86:a1:c0:80 00:0b:86:a1:c3:80 00:0b:86:a3:ea:90 00:0b:86:c0:f3:d0 00:0b:86:c4:d0:70 00:1a:1e:88:88:30 00:1a:1e:88:88:20 00:1a:1e:88:88:90 12 12 48 42 42 48 48 48 18 18 36 1683013 1580152 1608023 1587097 1573040 1588204 1571202 1598423 1717310 1092023
show wms channel show wms channel stats Description Display per-channel statistics for monitored APs. Syntax No parameters. Example This example shows per-channel statistics for monitored APs.
Column Description NumAP Number of other APs seen on the specified channel. NumSta Number stations seen on the specified channel. TotalPkt Number of received packets. TotalByte Number of received bytes. Noise Current noise level. The output of this command includes the following information: Command History This command was introduced in ArubaOS 3.
show wms client show wms client |{list}|{probe }|{stats [mon-mac mac ]} Description Display a list of client information for the clients that can be seen by monitoring APs. Syntax Parameter Description Show statistics for a client with the specified MAC address, including the BSSID of the AP to which that client is currently associated, and the MAC addresses of other monitoring APs that can see that client. list Show statistics for all monitored clients.
Column Description MAC MAC address of the client Type Station type (valid, interfering, or disabled rogue client ) Status If up, the client is active. If down (or no information is shown) the client is inactive. ageout An ageout time is the time, in minutes, that the client must remain unseen by any probes before it is eliminated from the database. If this column displays a -1, the client has not yet aged out.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 1889 | show wms client Dell Networking W-Series ArubaOS 6.4.
show wms counters show wms counters [debug|event] Description Show WMS event and debug counters. If you omit the optional debug and events parameters, the show wms counters command will display wms debug and events counters in a single table. Syntax Parameter Description debug Show show debug counters only events Show events counters only. If you omit the debug and events parameters, the show wms counters will display debug and events counters in a single table.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 1891 | show wms counters Dell Networking W-Series ArubaOS 6.4.
show wms monitor-summary show wms channel stats Description Display the numbers of different AP and client types monitored over the last 5 minutes, 1 hour, and since the controller was last reset. Syntax No parameters. Usage Guidelines The WLAN management system (WMS) on the controller monitors wireless traffic to detect any new AP or wireless client station that tries to connect to the network.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 1893 | show wms monitor-summary Dell Networking W-Series ArubaOS 6.4.
show wms probe show wms probe Description Display detailed information for a list of WMS probes. Syntax No parameters. Example This example shows the Probe List table for WMS probes. The output below has been split into two tables to better fit in this document. In the actual command-line interface, this information appears in a single, long table.
Column Description Updates Number of updates the AP or AM sent to the WMS database since the controller was last reset. Reqs/Fails Number of database update requests that have not yet been added into the database. and the number of failed database requests. Stats Total number of statistics updates sent to the database. Type A WMS AP type can be one of the following: l soft-ap: A Dell Access Point (AP). l air-monitor: A Dell Air Monitor (AM).
show wms rogue-ap show wms rogue-ap Description Display statistics for APs classified as rogues APs. Syntax Parameter Description MAC address of a rogue AP. Example The output of this command shows statistics for a suspected Rogue AP, including how it was classified as a suspected rogue.
Column Description Type Indicates if the AP is a Dell AP, a Cisco AP, or an AP from any other manufacturer (generic AP). RAP Type Type of rogue AP, l Suspect-unsecure: AP has not been confirmed as a rogue AP. l unsecure: AP has been confirmed as a rogue AP Status Shows if the AP is active (up) or inactive (down). Match Type Describes how the AP was classified as a rogue.
Column Description If your controller reboots, your suspected-rogue APs are not checked against any new rules that were configured after the reboot. Without this restriction, all the mechanisms that classified your APs as suspected-rogue may trigger again causing the confidence level to surpass their cap of 100%. You can explicitly mark an AP as “interfering” to trigger all new rules to match against it. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.
show wms routers show wms routers Description Show Learned Router Mac Information for WMS APs. Syntax Parameter Description MAC address of a probe that can see the router. Usage Guidelines This command displays the MAC addresses of devices that have been determined to be routers by the listed APs. This output of this command will be blank if there is not any broadcast/multicast activity in an AP's subnet.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show wms rules show wms rules config state summary Description Display the internal state and matching information of rules created using the ids ap-classification-rule change command. Syntax Parameter Description config Display the following information for each AP classification rule.
AP Classification Rules Summary ------------------------------Parameter Value ------------Num Rules 2 Num Active-Rules 0 Num SSID-to-match 0 Num SSID-to-exclude 0 Num SNR-bounds 0 Num Probe-Count-bounds 0 Command History This command was introduced in ArubaOS 6.1 Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers Dell Networking W-Series ArubaOS 6.4.
show wms system show wms system Description Show the WMS system configuration and system state. Syntax No parameters. Example This example shows the WMS System Configuration and System State tables.
Column Description Total AP Count Total number of statistics entries for monitored APs in the AP table. Total STA Count Total number of statistics entries for monitored stations in the Station table. MAX RB-tree Count Maximum number of entries allowed in the statistics. Total Tree Count Total number of entries currently in the statistics tree.
show wms wired-mac show wms wired-mac gw-mac [] monitored-ap-wm prop-eth-mac reg-ap-oui summary system-gw-mac system-wired-mac wireless-device} Description Display a summary table of Wireless Management System (wms) wired MAC information. This command can display a list of APs aware of a specific gateway MAC address, or list the wired MAC addresses known to a single AP. Syntax Column Description gw-mac Show Gateway Wired Mac Information Collected from the APs.
Column Description wireless-device Show Routers or potential wireless devices information, including the MAC address of the device, and the MAC address of the AP or controller that saw the device. Example This example shows the wired MAC summary.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 1907 | show wms wired-mac Dell Networking W-Series ArubaOS 6.4.
show ip interface brief show ip interface brief Description View IP-related information on all interfaces in summary format. Syntax No parameters. Example (host) #show ip interface brief Interface vlan 1 vlan 2 loopback mgmt IP Address 172.16.0.254 10.4.62.9 unassigned unassigned / / / / / IP Netmask 255.255.255.0 255.255.255.0 unassigned unassigned Admin up up up down Protocol up up up down The following table details the columns and content in the show command.
shutdown shutdown all Description This command disables all interfaces on the controller. Usage Guidelines This command stops all traffic through the physical ports on the controller. The console port remains active. Use this command only when you have physical access to the controller, so that you can continue to manage using the console port. To shut down an individual interface, tunnel, or VLAN, use the shutdown option within the interface command. To restore the ports, use the no shutdown command.
snmp-server snmp-server community enable trap engine-id host IPv4/IPv6 Address|version {1 udp-port }|2c|{3 } [inform] [interval ] [retrycount ] [udp-port ]} inform queue-length source controller-ip stats trap enable|disable|{source [IPv4/IPv6 Address]} user [auth-prot {md5|sha} ] [priv-prot {AES|DES} ] Description This command configures SNMP parameters.
Parameter Description Range Default source Enter the source IPv4/IPv6 Address address for sending traps. — — udp-port The port number to which notification messages are sent. — 162 Configures an SNMPv3 user profile for the specified username. — — auth-prot Authentication protocol for the user, either HMAC-MD5-98 Digest Authentication Protocol (MD5) or HMAC-SHA-98 Digest Authentication Protocol (SHA), and the password for use with the designated protocol.
spanning-tree (Global Configuration) spanning-tree [forward-time | hello-time | max-age | priority | vlan range RSTP is backward compatible with STP and is enabled by default. For ease of use, this command uses the spanning tree keyword. Description This command is the global configuration for the Rapid Spanning Tree Protocol (RSTP) and Per VLAN Spanning Tree (PVST+). See spanning-tree (Configuration Interface) for details on the RSTP (config-if) command.
Examples The following command sets the time a port spends in the listening and learning state to 3 seconds: spanning-tree forward-time 3 The following command sets the time the root bridge waits to transmit BPDUs to 4 seconds: spanning-tree hello-time 4 The following command sets the time the root bridge waits to receive a hello packet to 30 seconds: spanning-tree max-age 30 The following command sets the bridge priority to 10, making it more likely to become the root bridge: spanning-tree priority 10
spanning-tree mode spanning-tree mode | Description Set the spanning tree mode to either Rapid Spanning Tree (802.1w) or PVST+ (Per VLAN Spanning Tree). Syntax Parameter Description rapid Set the spanning tree mode to RSTP (Rapid Spanning Tree Protocol). rapid-pvst Set the spanning tree mode to PVST+ (Per VLAN Spanning Tree protocol) Usage Guidelines Once the spanning tree mode is set, you can configure RSTP or PVST+. Command History Release Modification ArubaOS 6.
spanning-tree (Configuration Interface) spanning-tree cost point-to-point port-priority portfast vlan cost port-priority vlan range RSTP is backward compatible with STP and is enabled by default. For clarity, this RSTP command uses the spanning tree keyword. Description Dell’s RSTP implementation interoperates with both PVST (Per VLAN Spanning Tree 802.1D) and Rapid-PVST (802.1w) implementation on industry-standard router/switches.
Usage Guidelines Dell supports global instances of RSTP and PVST+. Therefore, the ports on industry-standard routers/switches must be on the default or untagged VLAN for interoperability with controllers. ArubaOS supports RSTP on the following interfaces: l FastEthernet IEEE 802.3—fastethernet l Gigabitethernet IEEE 802.3—gigabitethernet l Port Channel ID—port-channel In addition to port state changes, RSTP introduces port roles for all the interfaces. RSTP (802.
Command Information Platforms Licensing Command Mode All platforms Base operating system Configuration Interface (config-if) Dell Networking W-Series ArubaOS 6.4.
spanning-tree vlan range (PVST+) spanning-tree vlan range [forward-time | hello-time | max-age | priority ] Description Configure PVST+ on a range of VLANs. Syntax Parameter Description Range Default Enter a string representing the VLAN range -- -- forward-time Specifies the time, in seconds, the VLANs spends in the listening and learning state before transition to the forward state.
Command Information Platforms Licensing Command Mode All Platforms Base operating system Configuration Mode (config) Dell Networking W-Series ArubaOS 6.4.
ssh ssh disable_dsa | mgmt-auth {public-key [username/password] | username/password [public-key]} Description This command configures SSH access to the controller. Syntax Parameter Description Default disable_dsa Disables DSA authentication for SSH. Only RSA authentication is used. — mgmt-auth Configures authentication method for the management user. You can specify username/password only, public key only, or both username/password and public key.
sso idp-profile sso idp-profile clone idp no Description This command configures an SSO Identity Provider (IDP) profile for use with application Single Sign-On (SSO) with L2 Authentication. Syntax Parameter Description clone Copies the data from another SSO IDP profile idp Configures the name and URL of the controller's IDP server. no Deletes the command.
stm add-blacklist-client kick-off-sta purge-blacklist-clients remove-blacklist-client Description This command is used to manually disconnect a client from an AP or control the blacklisting of clients. Syntax Parameter Description add-blacklist-client MAC address of the client to be added to the denial of service list.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
support support Description This command, which should be used only in conjunction with Dell customer support, is for controller debugging purposes only. Syntax No parameters. Usage Guidelines This command is used by Dell customer support for debugging the controller. Do not use this command without the guidance of Dell customer support. Example The following command allows Dell customer support to debug the controller: (host) #support Command History Version Modification ArubaOS 2.
syscontact syscontact Description This command configures the name of the system contact for the controller. Syntax Parameter Description syscontact An alphanumeric string that specifies the name of the system contact. Usage Guidelines Use this command to enter the name of the person who acts as the system contact or administrator for the controller. You can use a combination of numbers, letters, characters, and spaces to create the name.
syslocation syslocation Description This command configures the name of the system location for the controller. Syntax Parameter Description syslocation An alphanumeric string that specifies the name of the system location. Usage Guidelines Use this command to indicate the location of the controller. You can use a combination of numbers, letters, characters, and spaces to create the name. To include a space in the name, use quotation marks to enclose the text string.
tar tar clean {crash|flash|logs}| crash{kernel} | flash | logs {tech-support|user}} Description This command archives a directory. Syntax Parameter Description clean Removes a tar file crash Removes crash.tar flash Removes flash.tar.gz logs Removes logs.tar crash kernel Archives the crash directory to crash.tar. A crash directory must exist. Archives the kernel crash directory to kernel_crash.tar. flash Archives and compresses the /flash directory to flash.tar.gz.
Command Information 1929 | tar Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers Dell Networking W-Series ArubaOS 6.4.
telnet telnet {cli|soe} Description Enable telnet to the controller or to an AP through the controller. Syntax Parameter Description Default cli Enable telnet using the CLI. Disabled soe Enable telnet using Serial over Ethernet (SoE). Disabled Usage Guidelines Use the cli option to enable telnet to the controller. Use the soe option to enable telnet using the SoE protocol. This allows you to remotely manage an AP directly connected to the controller.
threshold threshold controlpath-cpu controlpath-memory datapath-cpu no-of-APs no-of-locals total-tunnel-capacity user-capacity no ... Description This command configures controller capacity thresholds which, when exceeded, will trigger alerts. Syntax Parameter Description controlpath-cpu Set an alert threshold for controlpath CPU capacity.
Parameter Description total-tunnel-capacity Set an alert threshold for the controller’s tunnel capacity. The parameter is the percentage of the controller’s total tunnel capacity that must be exceeded before the alert is sent. The default threshold for this parameter is 80% user-capacity Set an alert threshold for the controller’s user capacity.
time-range time-range absolute [end ]|[start ] time-range periodic Daily to Friday to Monday to Saturday to Sunday to Thursday to Tuesday to Wednesday to Weekday to Weekend to no ... Description This command configures time ranges. Syntax Parameter Description Name of this time range.
tracepath tracepath Description Traces the path of an IPv6 host. Syntax Parameter Description The IPv6 global address of the host. Usage Guidelines Use this command to identify points of failure in your IPv6 network. Example The following command traces the path of the specified IPv6 host. (host) #tracepath 2005:d81f:f9f0:1001::14 Command History The command was introduced in ArubaOS 6.1.
traceroute traceroute source Description Trace the route to the specified IP address. Syntax Parameter Description The destination IP address. source Sets the source IP address through which packets are sent for tracing route. Usage Guidelines Use this command to identify points of failure in your network. Example The following command traces the route to the device identified by the IP address 10.1.2.3. (host) (config) #traceroute 10.1.2.
trusted trusted all Description This command makes all physical interfaces on the controller trusted ports. Syntax Parameter Description all Makes all ports on the controller trusted. Usage Guidelines Trusted ports are typically connected to internal controlled networks. Untrusted ports connect to third-party APs, public areas, or any other network to which the controller should provide access control. When APs are attached directly to the controller, set the connecting port to be trusted.
tunnel-group tunnel-group no preemptive-failover tunnel Description This command creates a tunnel-group to group a set of tunnels. Syntax Parameter Description Default no Negates any parameter configured. — preemptive-failover When enabled, this option automatically redirects the traffic upon detecting an active tunnel with a higher precedence in the tunnel-group. When disabled, the traffic gets redirected to a higher precedence tunnel only when the tunnel carrying the traffic fails.
tunnel-loop-prevention tunnel-loop-prevention Description This command prevents prevent forwarding loops between tunneled nodes on the controller. The tunneled node loop prevention function appears on the WebUI as the “Enable Wired Access Concentrator Loop Prevention” option. It is located on the Configuration > Advanced Services > Wired Access > Wired Access Concentration Configuration pane Syntax No parameters. Usage Guidelines To prevent broadcast traffic being flooded on the tunneled nodes.
tunnel-node-mtu tunnel-node-mtu Description This command configures the MTU of a tunneled node. Syntax Parameter Description tnode-mtu Value of the MTU for the tunneled nodes Range - 1024 to 9216 Usage Guidelines A Dell controller can operate as a Wi-Fi controller, terminating GRE tunnels from tunneled node switches. As a Wi-Fi controller, the controller does not perform full Wi-Fi switching functions.
tunneled-node-address tunneled-node-address Description This command configures the IP address of a tunneled node server. Syntax Parameter Description tunneled-node-address IP address of the controller. This is the loopback or IP address of the controller acting as a tunneled node controller. Usage Guidelines A Dell controller can operate as a Wi-Fi controller, terminating GRE tunnels from tunneled node switches.
upgrade upgrade verify target add|del all|{host }|{net } target purge Description Specify which local controllers using the centralized image upgrade feature should download the image from the image server, or verify the validity of an image on the upgrade server.
upgrade-profile auto-reboot filepath max-downloads <1-100> no ... password protocol tftp|ftp|scp serverip upgrade-enable username Description The settings in this centralized image upgrade profile allow the master controller to automatically upgrade its associated local controllers by sending an image from an image server to one or more local controllers.
Usage Guidelines This feature can be configured on a master controller only, and supports up to 100 simultaneous downloads. Example (host)(config)# upgrade-profile serverip 192.0.2.15 filepath /tftpboot auto-reboot upgrade-enable Command History Release Modification ArubaOS 6.3 Command introduced Command Information Platforms Licensing Command Mode all platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
uplink crypto-local uplink {cellular priority }|disable|enable|{wired priority }|{wired vlan } Description Manage and configure the uplink network connection on the W-600 Series controllers. Syntax Parameter Description Range cellular priority Set the priority of the cellular uplink. By default, the cellular uplink is a lower priority than the wired uplink; making the wired link the primary link and the cellular link the secondary or backup link.
usb-printer usb-printer [printer alias ] Description This command allows you to provide an alias to USB printers connected to W-650 series controllers. Syntax Parameter Description printer Enter the default printer name. To get the default printer name use the show network-printer status command. alias Enter a new alias name for the printer.
usb reclassify crypto-local usb reclassify
Description Disconnect and reclassify an USB device. Syntax Parameter Description USB device address from the show usb command. Usage Guidelines There's no way to power off an USB port on the W-600 Series controller, but you can re-initialize the device using the usb reclassify command. This command removes the modem from the USB device list, then detects it via the USB table. Command History Introduced in ArubaOS 3.4.user-role user-role access-list {eth|mac|session} [ap-group ] [position ] bw-contract [per-user] {downstream|upstream} bw-contract {app|appcategory}{downstream|upstream}| exclude {app|appcategory} bw-contract web-cc-category|web-cc-reputation downstream|upstream captive-portal {|check-for-accounting} dialer dpi max-sessions no ...
Parameter Description Range Default ap-group (Optional) AP group to which this ACL applies. — — position (Optional) Position of this ACL relative to other ACLs that you can configure for the user role. 1 is the top. — (last) Name of a bandwidth contract or rate limiting policy configured with the aaa bandwidth-contract command. The bandwidth contract must be applied to either downstream or upstream traffic. — — app Name of the application bandwidth contract configured for the user role.
Parameter Description Range Default exclude app|appcategory Excludes an application or application category from being configured as a bandwidth contract. — — downstream Applies the bandwidth contract to traffic from the controller to the client. — — per-user Specifies that bandwidth contract is assigned on a per-user basis instead of a per-role basis.
Parameter Description Range Default dpi Role specific DPI configuration. — — Disable role specific DPI configuration. — — max-sessions Maximum number of datapath sessions per user in this role. 0-65535 65535 no Negates any configured parameter. — — policer-profile Applies a policer profile to the user role.
Parameter Description Range Default (Optional) Position of this ACL relative to other ACLs that you can configure for the user role. 1 is the top. — (last) sso Applies an SSO profile to the user role. — — statefule-kerberos Applies a statefule Kerberos profile to the user role. — — stateful-ntlm Apply stateful NTLM authentication to the specified user role traffic-control-profile Apply the Lync traffic control priority profile to the user-role.
Parameter Description Range Default — — types will not enforced unless web content classification is enabled using the firewall web-contentclassification command. Apply WISPr authentication to the specified user role. wispr Usage Guidelines Every client in a user-centric network is associated with a user role. All wireless clients start in an initial role. From the initial role, clients can be placed into other user roles as they pass authentication.
valid-network-oui-profile valid-network-oui-profile no oui Description This command allows you to add a new OUI to the controller Syntax Parameter Description Range Default no Negates any configured parameter. — — oui The new OUI to be added. Use the aa:bb:cc format to input the new OUI. — — Usage Guidelines This command adds a new OUI to the controller. The new OUI must be entered in a aa:bb:cc format. Example The following command adds a new OUI to the controller.
vlan-bwcontract-explist vlan-bwcontract-explist mac Description Use this command to add entries to or remove entries from the MAC exception list for bandwidth contracts on broadcast/multicast traffic. Syntax Parameter Description MAC address of a protocol that should be added to or removed from the exception list for bandwidth contracts. Usage Guidelines Bandwidth contracts on a VLAN can limit broadcast and multicast traffic. ArubaOS version 6.
vlan-name vlan-name [assignment {even|hash}] Description This command creates a named VLAN on the controller and given an assignment type. Syntax Parameter Description Range Name of the VLAN. 1–32 characters assignment Sets the assignment type. This determines how a VLAN assignment is handled by the controller. — even Sets the assignment type as even.The Even assignment type is based on an even distribution of VLAN pool assignments. — hash Sets the assignment type as hash.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 3.4 The pool parameter was introduced. ArubaOS 6.2 The assignment parameter was introduced along with the even and hash options. ArubaOS 6.3 The pool parameter was deprecated. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 1957 | vlan-name Dell Networking W-Series ArubaOS 6.4.
vlan vlan [] |[ ]|[range ]|[wired aaa-profile ] Description This command creates a VLAN ID or a range of VLAN IDs on the controller. Syntax Parameter Description Range Default Identification number for the VLAN. 2-4094 1 Description of a VLAN ID. 1-32 characters; cannot begin with a numeric character VLAN000x, where x is the ID number. (Optional) Identification name of the VLAN.
To enable role-based access for wired clients connected to an untrusted VLAN and/or port on the controller, you must use the wired aaa-profile parameter to specify the wired AAA profile you would like to apply to that VLAN. If you do not specify a per-VLAN wired AAA profile, traffic from clients connected to an untrusted wired port or VLAN will use the global wired AAA profile, if configured. Example The following command creates VLAN ID 27 with the description myvlan on the controller.
voice alg-based-cac voice alg-based-cac disable enable Description This command is used to enable or disable VoIP signaling based Call Admission Control (CAC). Syntax Parameter Description disable Disable VoIP signaling based CAC. enable Enable VoIP signaling based CAC.
voice dialplan-profile voice dialplan-profile clone dialplan { } no... Description This command allows you to create a dial plan profile and configure dial plans to the profile. Syntax Parameter Description Name of this instance of the dial plan profile. clone Name of the existing dial plan profile from which parameter values are copied. dialplan Configures a dialplan with the sequence, pattern, and action specified for the profile.
Command History Version Description ArubaOS 6.0 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config mode on master controller 1963 | voice dialplan-profile Dell Networking W-Series ArubaOS 6.4.
voice logging voice logging client mac no ... Description This command allows you to enable logging for a voice client. Syntax Parameter Description client mac MAC address of the voice client to be enabled for voice logging. Usage Guidelines You can enable voice logging for a specific voice client based on the MAC address of the client to troubleshoot any voice issues.
voice real-time-config voice real-time-config config-enable no... Description This command enables the controller to analyze the call quality of the voice calls based on the RTP media streams. Syntax Parameter Description Default config-enable Enables the controller to analyze the call quality of the voice calls based on the RTP media streams.
voice rtcp-inactivity voice rtcp-inactivity {enable | disable} Description This command enables or diables the RTCP inactivity timer. Syntax Parameter Description enable Enables the RTCP inactivity timer. disable Disables the RTCP inactivity timer. Usage Guidelines You can enable the RTCP inactivity timer to clear a voip session if an on-hold client moves out of the coverage area.
voice sip voice sip dialplan-profile no... session-expiry session-timer Description This command allows you to enable SIP session timer and associate a dial plan profile to the SIP ALG. Syntax Parameter Description Default dial-plan profile Name of the existing Dial plan profile to be associated to the SIP ALG. _ session-expiry Timeout value in seconds for the session timer. The range is 240 1200 seconds.
Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config mode on master controller Dell Networking W-Series ArubaOS 6.4.
voice sip-midcall-req-timeout voice sip-midcall-req-timeout {enable | disable} Description This command enables or diables the SIP mid-call request timer. Syntax Parameter Description enable Enables the SIP mid-call request timer. disable Disables the timer. Usage Guidelines You can enable the SIP mid-call request timer on the controller to clear the voip session if there is no response to a SIP mid-call request.
voice test voice test force_send_delts sta tid Description This command allows a user to manually send Delete Traffic Stream (DELTS) management frames. Syntax Parameter Description The MAC address of the client station to which the DELTS are sent The traffic stream id. The valid range for this parameter is 0 to 7. If the traffic stream ID is not specified and there are multiple live traffic streams, multiple DELTS will be sent out to the station.
vpdn group l2tp vpdn group l2tp client configuration {dns|wins} [] disable|enable l2tp tunnel hello no ... ppp authentication {CACHE-SECURID|CHAP|EAP|MSCHAP|MSCHAPv2|PAP} ppp securid cache Description This command configures an L2TP/IPsec VPN connection. Syntax Parameter Description Range Default client configuration Configures parameters for the remote clients. — — dns Configures a primary and optional secondary DNS server.
Usage Guidelines L2TP/IPsec relies on the PPP connection process to perform user authentication and protocol configuration. You specify the protocol used for PPP authentication and whether SecureID tokens are cached on the controller. Client addresses are assigned from a pool configured with the ip local pool command. Example The following command configures virtual private dial-in networking: (host) (coinfig) #vpdn group l2tp ppp authentication PAP client configuration dns 10.1.1.
vpdn group pptp vpdn group pptp client configuration {dns|wins} [] disable|enable no ... ppp authentication {MSCHAP|MSCHAPv2} pptp echo Description This command configures a PPTP VPN connection. Syntax Parameter Description Range Default client configuration Configures parameters for the remote clients. — — dns Configures a primary and optional secondary DNS server. — — wins Configures a primary and optional secondary WINS server.
Command History The command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
vpn-dialer vpn-dialer enable dnetclear|l2tp|pptp|securid_newpinmode|wirednowifi ike {authentication {pre-share |rsa-sig}|encryption {3des|des}| group {1|2}|hash {md5|sha}|lifetime []} ipsec {encryption {esp-3des|esp-des}|hash {esp-md5-hmac|esp-sha-hmac}| lifetime []|pfs {group1|group2}} no {enable...|ipsec...|ppp...} ppp authentication {cache-securid|chap|mschap|mschapv2|pap} Description This command configures the VPN dialer.
Parameter Description Range Default hash Specifies the HASH algorithm, ether SHA or MD5. md5 | sha sha lifetime Specifies how long an IKE security association lasts, in seconds. 300-86400 28800 seconds Configures IPsec. This configuration must match the IPsec parameters configured with the crypto dynamic-map and crypto ipsec commands on the controller. — — encryption Specifies the encryption type for IPsec, either DES or 3DES.
Command History The command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 1977 | vpn-dialer Dell Networking W-Series ArubaOS 6.4.
vrrp vrrp advertise authentication description ip address no... preempt priority shutdown tracking interface {fastethernet /|gigabitethernet /} {sub } tracking master-up-time add tracking vlan {sub } tracking vrrp-master-state add vlan vrrp ipv6 advertise description ipv6 address no...
Parameter Description Range Default 8 characters — Best practices are to use the default value. authentication Configure an optional password of up to eight characters to be used to authenticate VRRP peers in their advertisements. The password must be the same on both members of the redundant pair. The password is sent in plain-text and therefore should not be treated as a security measure.
Parameter Description Range Default preempt Preempt mode allows a controller to take over the role of master if it detects a lower priority controller currently acting as master. Best practices are to use the default value to avoid excessive interruption to users or “flapping” if a problematic controller is cycling up and down. — disabled Delay value in seconds. Specifying a value enables the delay timer.
Parameter Description Range Default Decreases the priority of the VRRP instance by the specified amount. When the interface comes up again, the value is restored to the previous priority level. The combined priority and tracking vales cannot exceed 255. If the priority value exceeds 255, the controller displays an error message. 0-255 — tracking master-up-time duration Monitors how long the controller has been master for the VRRP instance.
Parameter Description Range Default 1-4094 — Error: Vrrp 30 priority + tracking value exceeds 255 vlan Specifies the VLAN ID of the VLAN on which VRRP will run. Usage Guidelines Use this command to set parameters for VRRP on the controller. The default VRRP parameters can be left for most implementations. You can use a combination of numbers, letters, and characters to create the authentication password and the VRRP description.
Primary Configuration Backup Configuration vrrp 10 vlan 10 ip address 10.200.22.254 priority 105 preempt tracking vlan 20 sub 10 vrrp 10 vlan 10 ip address 10.200.22.254 priority 100 preempt tracking vlan 20 sub 10 vrrp 20 vlan 20 ip address 10.200.22.254 preempt priority 105 tracking vlan 10 sub 10 vrrp 20 vlan 20 ip address 10.200.22.254 preempt priority 100 tracking vlan 10 sub 10 vrrp 30 vlan 30 ip address 10.200.22.254 preempt priority 105 tracking vlan 20 sub 10 vrrp 30 vlan 30 ip address 10.
web-cc web-cc global-bandwidth-contract web-cc-category downstream|upstream kbits|mbits web-cc-reputation high-risk|low-risk|moderate-risk|suspicious|trustworthy downstream|upstream kbits|mbits <1-2000> Description This command defines global bandwidth contracts for HTTP traffic matching a predefined web content category or reputation type.
Command History Version Modification ArubaOS 6.4.2.0 Command introduced. Command Information Platforms Licensing Command Mode All platforms PEF-NG license Config mode on master or local controllers 1985 | web-cc Dell Networking W-Series ArubaOS 6.4.
web-server web-server captive-portal-cert ciphers {high|low|medium} idp-cert mgmt-auth [certificate] [username/password] no ... session-timeout ssl-protocol [sslv2] [sslv3] [tlsvl] switch-cert web-https-port-443 web-lync-listen-port {http }|{https } web-max-clients Description This command configures the controller’s web server.
Parameter Description Range Default ssl-protocol Specifies the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocol version used for securing communication with the web server: SSLv3 TLSv1 sslv3, tlsv1 sslv3, tlsv1 switch-cert Specifies the name of the server certificate associated with WebUI access. Use the show crypto-local pki ServerCert command to see the server certificates installed in the controller.
To specify a different server certificate, use the no command to revert back to the default certificate before you specify the new certificate: (host) (config) #web-server mgmt-auth certificate switch-cert ServerCert1 no switch-cert switch-cert ServerCert2 Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.1 The mgmt-auth parameter was introduced. ArubaOS 3.2 The captive-portal-cert parameter was introduced. ArubaOS 6.
whitelist-db cpsec add whitelist-db cpsec add mac-address state {approved-ready-for-cert|certified-factory-cert} cert-type {switch-cert|factory-cert} [description ] Description Add an AP entry to the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to enter into the cpsec whitelist database.
Command History Version Modification ArubaOS 5.0 Command introduced ArubaOS 6.0 The controller-cert parameter was modified to switch-cert. Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
whitelist-db cpsec delete whitelist-db cpsec delete mac-address Description Remove an individual AP entry to the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to remove from the campus AP whitelist. Usage Guidelines Use this command to remove an individual whitelist entries for an AP that has been either removed from the network, or is no longer a candidate for automatic certificate provisioning.
whitelist-db cpsec-local-switch-list whitelist-db cpsec-local-switch-list del mac-address purge Description Delete a local controller from the local switch whitelist. Syntax Parameter Description del mac-address Remove a single controller from the local switch whitelist.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 1993 | whitelist-db cpsec-local-switch-list Dell Networking W-Series ArubaOS 6.4.
whitelist-db cpsec-master-switch-list whitelist-db cpsec-master-switch-list del mac-address purge Description Delete a master controller from the master switch whitelist. Syntax Parameter Description del mac-address Remove a single master controller from the master switch whitelist.
Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on local controllers 1995 | whitelist-db cpsec-master-switch-list Dell Networking W-Series ArubaOS 6.4.
whitelist-db cpsec modify whitelist-db cpsec modify mac-address cert-type switch-cert|factory-cert description mode disable|enable revoke-text state approved-ready-for-cert|certified-factory-cert Description Modify an existing entry in the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to enter into the cpsec whitelist database. cert-type Identify the type of certificate to be used by the AP.
Command History Version Modification ArubaOS 5.0 Command introduced ArubaOS 6.0 The controller-cert parameter was modified to switch-cert. Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master or local controllers 1997 | whitelist-db cpsec modify Dell Networking W-Series ArubaOS 6.4.
whitelist-db cpsec purge whitelist-db cpsec purge Description Clear the campus AP whitelist. Syntax No parameters. Usage Guidelines Use this command to clear all entries in the entire campus AP whitelist. If your network includes both master and local controllers, then each campus AP whitelist is synchronized across all controllers. If you purge the entire campus AP whitelist on one controller, that action will clear the campus AP whitelist on every controller in the network.
whitelist-db cpsec revoke whitelist-db cpsec revoke mac-address revoke-text Description Revoke a certificate from an AP in the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to remove from the cpsec whitelist database. revoke-text A brief description why the AP’s certificate was revoked, up to 64 alphanumeric characters.
whitelist-db rap add whitelist-db rap add mac-addr ap-group ap-name description full-name mode enable|disable remote-ip Description Add an AP entry to the remote AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to enter into the remote AP whitelist database. ap-group AP group of the remote AP. ap-name Name of the Remote AP.
Command Description Mode show whitelist-db rapmaster-switch-list Display the list of master controllers with remote APs managed using the remote AP whitelist Enable or Config mode show whitelist-db raplocal-switch-list Display the list of local controllers with remote APs managed using the remote AP whitelist Enable or Config mode show whitelist-db rap View detailed information for the remote AP whitelist database. Enable or Config mode Command History This command was introduced in ArubaOS 6.3.
whitelist-db rap del whitelist-db rap del mac-addr Description Remove an AP entry from the remote AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to remove from the remote AP whitelist database. Usage Guidelines You can manually remove entries from the remote AP whitelist to revoke a remote AP’s secure access to the network.
whitelist-db rap modify whitelist-db rap modify mac-addr ap-group ap-name description full-name mode enable|disable remote-ip Description Remove an AP entry from the remote AP whitelist. Syntax Parameter Description mac-address MAC address of the remote AP whose whitelist database entry you want to modify. ap-group AP group of the remote AP. ap-name Name of the Remote AP.
Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
whitelist-db rap revoke whitelist-db rap revoke mac-address revoke-comment Description Revoke a certificate from an AP in the remote AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to remove from the remote AP whitelist database. revoke-comment A brief description why the AP’s certificate was revoked, up to 64 alphanumeric characters. If this comment includes spaces, you must enclose the comment in quotation marks.
whitelist-db rap-local-switch-list whitelist-db rap-local-switch-list del mac-addr purge Description Delete a local controller from the local switch table used by the remote AP whitelist Syntax Parameter Description del mac-address Remove a single controller from the local switch table.
Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master or local controllers 2007 | whitelist-db rap-local-switch-list Dell Networking W-Series ArubaOS 6.4.
whitelist-db rap-master-switch-list whitelist-db rap-master-switch-list del mac-addr purge Description Delete a master controller from the master switch table used by the remote AP whitelist. Syntax Parameter Description del mac-address Remove a single master controller from the master switch whitelist. purge Clear all controllersfrom the Registered Master Switch table.
whoami whoami Description This command displays information about the current user logged into the controller. Syntax No parameters. Usage Guidelines Use this command to display the name and role of the user who is logged into the controller for this session. Example The following command displays information about the user logged into the controller: (host) #whoami Command History This command was available in ArubaOS 1.0.
wlan bcn-rpt-req-profile wlan bcn-rpt-req-profile channel clone interface measure-dur-mandatory measure-duration measure-mode no random-interval reg-class {1|12} request-info rpt-condition rpt-detail ssid Description Configures a Beacon Report Request Profile to provide the parameters for the Beacon Report Request frames.
Parameter Description Range Default measure-dur-mandatory This value is used to set the "Duration Mandatory" bit of the Measurement Request Mode field of the Beacon Report Request frame. — Disabled measure-duration This value is used to set the Measurement Duration field in the Beacon Report Request frame. The Measurement Duration is set to the duration of the requested measurement. It is expressed in units of TUs.
Parameter Description Range Default rpt-condtion This option is used to indicate the value for the "Reporting Condition" field in the Beacon Reporting Information subelement present in the Beacon Report Request frame. 0 - 255 0 rpt-detail This option is used to indicate the value for the "Detail" field in the Reporting Detail sub-element present in the Beacon Report Request frame.
wlan client-wlan-profile wlan client-wlan-profile auth-as-computer auth-as-guest clone eap-cert eap-cert-connect-only-to eap-peap eap-peap-connect-only-to eap-type enable-8021x ieap-cert-connect-only inner-eap inner-eap-type no non-broadcasting-connection range-connect ssid-profile Description You can push WLAN profiles to users computers that use the Microsoft Windows Wireless Zero Config (WZC) service to configure and maintain their wireless networks.
Parameter Description Default ieap-cert-connectonly Command separated list of servers inner-eap Enter the inner EAP type.
wlan dot11k-profile wlan dotllk ap-chan-rpt-11a ap-chan-rpt-11bg bcn-measurement-mode {active|beacon-table|passive} bcn-req-chan-11a bcn-req-chan-11bg bcn-req-time clone dot11k-enable force-disassoc handover-trigger-profile lm-req-time no ... rrm-ie-profile tsm-req-profile tsm-req-time Description Configure a 802.11k radio profile. Syntax Parameter Description Default Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description Default NOTE: If a station doesn't support beacon-table able measurement mode, it returns a Beacon Measurement Report with the Incapable bit set in the Measurement Report Mode field. Enables passive beacon measurement mode. In this mode, the client sets a measurement duration timer, and, at the end of the measurement duration, compiles all received beacons or probe response with the requested SSID and BSSID into a measurement report.
Parameter Description Default lm-req-time This option configures the time duration between two consecutive link measurement requests sent to an dot11K client. By default, link measurement requests are sent to a dot11K client every 61 seconds. However, you can use the lm-req-time option to specify different time interval. This permits values in the range from 10 seconds to 200 seconds.
Command History Version Description ArubaOS 3.4 Command introduced ArubaOS 6.2 The following parameters were introduced: l bcn-req-chan-11a l bcn-req-chan-11bg l ap-chan-rpt-11a l ap-chan-rpt-11bg l handover-trigger-profile l rrm-ie-profile l bcn-rpt-req-profile l tsm-req-profile The handover trigger threshold parameter was deprecated, as the handover trigger settings are now configured using the handover trigger profile.
wlan dot11r-profile wlan dotllr-profile clone mob-domain-id <1-65535> dot11r no key-duration <60-86400> key-assignment Description This command configures an 802.11r radio profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” clone Name of an existing dot11r-profile from which the parameter values are copied. — — mob-domain-id An ID that uniquely identifies the mobility domain.
Command History This command was introduced in ArubaOS 6.3. Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
wlan edca-parameters-profile wlan wlan edca-parameters-profile {ap|station} {background | best-effort | video | voice} [acm][aifsn ] [ecw-max [ecw-min ] [txop ] [clone Description This command configures an enhanced distributed channel access (EDCA) profile for APs or for clients (stations). Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 163 characters.
Access Category ecw-min ecw-max aifsn txop acm best-effort 4 6 3 0 No background 4 10 7 0 No video 3 4 1 94 No voice 2 3 1 47 No The following are the default values configured for clients: Access Category ecw-min ecw-max aifsn txop acm best-effort 4 10 3 0 No background 4 10 7 0 No video 3 4 2 94 No voice 2 3 2 47 No Example The following command configures an EDCA profile for APs: (host) (config) #wlan edca-parameters-profile ap edca1 best-effor
wlan handover-trigger-profile wlan handover-trigger-profile clone handover-threshold handover-trigger no Description Configure a handover trigger profile to ensure QoS for voice calls. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — "default" clone Creates a copy of the Handover Trigger Profile specified as the .
Command History This command was introduced in ArubaOS 6.2. Command Information Platforms Licensing Command Mode All platforms Base operating system Configuration mode on master or local controllers Dell Networking W-Series ArubaOS 6.4.
wlan hotspot advertisement-profile wlan hotspot advertisement profile anqp-3gpp-nwk-profile anqp-domain-name-profile anqp-ip-addr-avail-profile anqp-nai-realm-profile anqp-nwk-auth-profile anqp-roam-cons-profile anqp-venue-name-profile clone h2qp-conn-cap-profile h2qp-op-cl-profile h2qp-operator-friendly-profile h2qp-wan-metrics-p
Parameter Description anqp-roam-cons-profile Name of the ANQP Roaming Consortium profile to be associated with this WLAN advertisement profile. For more information on configuring this profile, refer to wlan hotspot anqp-roam-consprofile on page 2041. anqp-venue-name-profile Name of the ANQP Venue Name profile to be associated with this WLAN advertisement profile. For more information on configuring this profile, refer to wlan hotspot anqp-venue-name-profile on page 2043.
2. Enable the hotspot feature within that Hotspot profile (wlan hotspot h2-profile hotspot-enable) Example The following command associates the ANQP domain name profile anqp-dom-1 to the advertisement profile network1. wlan hotspot advertisement-profile network1 anqp-domain-name-profile anqp-dom-1 Related Commands Use the following commands to configure the Hotspot feature.
Command Description l wlan hotspot h2qp-operatorfriendly-name-profile This command defines a Hotspot 2.0 Query Protocol (H2QP) operatorfriendly name profile. l wlan hotspot h2qp-wanmetrics-profile This command creates a Hotspot 2.0 Query Protocol (H2QP) profile that specifies the hotspot WAN status and link metrics. l wlan hotspot hs2-profile This command configures a hotspot profile for an 802.11u public access service provider. Command History This command was introduced in ArubaOS 6.
wlan hotspot anqp-3gpp-nwk-profile wlan hotspot anqp-3gpp-nwk-profile 3gpp_plmn1 <3GPP PLMN1 data> 3gpp_plmn2 <3GPP PLMN2 data> 3gpp_plmn3 <3GPP PLMN3 data> 3gpp_plmn4 <3GPP PLMN4 data> 3gpp_plmn5 <3GPP PLMN5 data> 3gpp_plmn6 <3GPP PLMN6 data> clone enable no ... Description This profile defines information for a 3rd Generation Partnership Project (3GPP) Cellular Network for hotspots that have roaming relationships with cellular operators.
operator. The 3GPP Mobile Country Code (MCC) and the 12-bit Mobile Network Code data in the IE can help the client select a 3GPP network. Values configured in this profile will not be sent to clients unless you: 1. Associate the 3GPP Cellular Network profile with an ANQP advertisement profile. (wlan hotspot advertisement profile anqp-3gpp-nwk-profile ) 2. Associate the ANQP advertisement profile with a Hotspot profile.
wlan hotspot anqp-domain-name-profile wlan hotspot anqp-domain-name-profile clone domain-name no ... Description This command defines the domain name to be sent in an Access Network Query Protocol (ANQP) information element in a Generic Advertisement Service (GAS) query response. Syntax Parameter Description clone Make a copy of an existing ANQP domain name profile. domain-name Domain name of the hotspot operator.
wlan hotspot anqp-ip-addr-avail-profile wlan hotspot anqp-ip-addr-avail-profile clone ipv4-addr-avail availability-unknown|not-available|port-restricted|port-restricted-oublenated|port-restricted-single-nated|private-double-nated|private-single-nated ipv6-addr-avail available|availability-unknown|not-available no ...
the hotspot AP. Values configured in this profile will not be sent to clients unless you: 1. Associate the ANQP IP Address Availability profile with an ANQP advertisement profile. (wlan hotspot advertisement profile anqp-ip-addr-avail-profile ) 2. Associate the ANQP advertisement profile with a Hotspot profile. (wlan hotspot h2-profile advertisement-profile ) 3. Enable the hotspot feature within that Hotspot profile.
wlan hotspot anqp-nai-realm-profile wlan hotspot anqp-nai-realm-profile clone nai-home-realm nai-realm-auth-id-1|nai-realm-auth-id-2 {credential-type|expanded-eap|expanded-innereap|inner-auth-eap|non-eap-inner-auth|tunneled-eap-credential-type} nai-realm-auth-value-1|nai-realm-auth-value-2 {cred-cert|cred-hw-token|cred-nfc|crednone|cred-rsvd|cred-sim|cred-soft-token|cred-user-pass|cred-usim|cred-vendor-spec|eapcrypto-card|eap-generic-token-card|eap-identity|eap-method-aka|eap-m
Parameter tunneled-eap-credential-type nai-realm-auth-value-1|nai-realm-auth-value-2 Description The specified authentication ID uses the tunneled EAP credential type. Use the nai-ream-auth-value-1 command to select an authentication value for the authentication method specified by nai-realmauth-id-1. Use the nai-ream-auth-value-2 command to select the authentication value for the authentication method specified by nai-realmauth-id-2.
Parameter Description non-eap-mschapv2 Non-EAP Method - MSCHAPv2 non-eap-pap Non-EAP Method - PAP non-eap-rsvd Non-EAP Method - Reserved for future use reserved Reserved for future use. nai-realm-eap-method Select one of the options below to identify the EAP authentication method supported by the hotspot realm.
2. Associate the ANQP advertisement profile with a Hotspot profile. (wlan hotspot h2profileadvertisement-profile ) 3. Enable the hotspot feature within that Hotspot profile. (wlan hotspot h2-profile hotspot-enable) Example wlan hotspot anqp-nai-realm-profile home enable nai-realm-name corp-hotspot.com nai-realm-auth-id-1 credential-type nai-realm-auth-value-1 cred-cert nai-home-realm ! wlan hotspot anqp-nai-realm-profile non-home nai-realm-name corp-hotspot-roam.
wlan hotspot anqp-nwk-auth-profile wlan hotspot anqp-nwk-auth-profile clone no ... nwk-auth-type acceptance|dns-redirection|http-https-redirection|online-enroll url Description This command configures an ANQP Network Authentication profile to define authentication type being used by the hotspot network. Syntax Parameter Description clone Make a copy of an existing ANQP Network Authentication profile. no Negate any existing parameter.
wlan hotspot anqp-nwk-auth-profile default nwk-auth-type dns-redirection redirect-url http://www.example.com/redirect.html Command History This command was introduced in ArubaOS 6.4 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
wlan hotspot anqp-roam-cons-profile wlan hotspot anqp-roam-cons-profile clone no ... roam-cons-oi roam-cons-oi-len Description This command configures the Roaming Consortium OI information to be sent in an Access network Query Protocol (ANQP) information element in a Generic Advertisement Service (GAS) query response. Syntax Parameter Description clone Make a copy of an existing ANQP Roaming Consortium profile.
Example The following command defines the roaming consortium OI and OI length in the ANQP roaming consortium profile: wlan hotspot anqp-roam-cons-profile profile1 roam-cons-oi 506F9A roam-cons-oi-len 3 Command History This command was introduced in ArubaOS 6.4 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
wlan hotspot anqp-venue-name-profile wlan hotspot anqp-venue-name-profile clone no venue-group outdoor|reserved|utility-misc|vehicular|assembly|business educational|factoryor-industrial|institutional|mercantile|residential| storage|unspecified venue-language venue-name venue-type Description This command defines venue information be sent in an Access network Query Protocol (ANQP) information element in a Generic Advertisement Service (GAS) query response.
Values configured in this profile will not be sent to clients unless you: 1. Associate the ANQP Venue Name profile with an ANQP Advertisement profile. (wlan hotspot advertisement profile anqp-venue-name-profile ) 2. Associate the ANQP advertisement profile with a Hotspot profile. (wlan hotspot h2-profile advertisement-profile ) 3. Enable the hotspot feature within that Hotspot profile.
This command was introduced in ArubaOS 6.4 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 2045 | wlan hotspot anqp-venue-name-profile Dell Networking W-Series ArubaOS 6.4.
wlan hotspot h2qp-conn-capability-profile wlan hotspot h2qp-conn-capability-profile clone esp icmp no tcp-ftp tcp-http tcp-pptp-vpn tcp-ssh tcp-tls-vpn tcp-voip udp-ike2-4500 udp-ike2-500 udp-ipsec-vpn udp-voip Description Define a Hotspot 2.0 Query Protocol (H2QP) profile that advertises hotspot protocol and port capabilities. Syntax Parameter Description clone Make a copy of an existing hotspot connection capability profile.
Usage Guidelines The values configured in this profile can be sent in an ANQP IE to provide hotspot clients information about the IP protocols and associated port numbers that are available and open for communication. Values configured in this profile will not be sent to clients unless you: 1. Associate the H2QP profile with an ANQP advertisement profile. (wlan hotspot advertisement profile h2qp-conn-cap-profile ) 2.
wlan hotspot h2qp-op-cl-profile wlan hotspot h2qp-op-cl-profile clone no op-cl <1-255> Description This command defines a Hotspot 2.0 Query Protocol (H2QP) profile that defines the Operating Class to be sent in the ANQP IE. Syntax Parameter Description clone Makes a copy of an existing hotspot operating class profile. no Negates any existing parameter, returning it to its default disabled value. op-cl Configures the operating class for the devices’ BSS.
wlan hotspot h2qp-operator-friendly-name-profile wlan hotspot h2qp-operator-friendly-name-profile clone no op-fr-name op-lang-code Description This command defines a Hotspot 2.0 Query Protocol (H2QP) operator-friendly name profile. Syntax Parameter Description clone Makes a copy of an existing operator-friendly name profile. no Negates any existing parameter. An operator-friendly name sent by devices using this profile.
Command History This command was introduced in ArubaOS 6.4 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
wlan hotspot h2qp-wan-metrics-profile wlan hotspot h2qp-wan-metrics-profile at-capacity clone downlink-load downlink-speed load-dur no symm-link uplink-load uplink-speed wan-metrics-link-status link_down|link_test|link_up|reserved Description Create a Hotspot 2.0 Query Protocol (H2QP) profile that specifies the hotspot WAN status and link metrics.
Parameter Description Range Default uplink_load The percentage of the WAN uplink that is currently utilized. If no value is set, this parameter will show a default value of 0 to indicate that the downlink speed is unknown or unspecified. 1-100 0 (unspecified) uplink_speed Use the uplink parameter to indicate the current WAN backhaul uplink speed in Kbps.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 2053 | wlan hotspot h2qp-wan-metrics-profile Dell Networking W-Series ArubaOS 6.4.
wlan hotspot hs2-profile wlan hotspot hs2-profile access-network-type emergency-services|personal-device|private|private-guest|publicchargeable|public-free|test|wildcard addtl-roam-cons-ois advertisement-profile advertisement-protocol anqp|eas|mih-cmd-event|mih-info|rsvd asra clone comeback-mode gas-comeback-delay grp-frame-block hessid hotspot-enable internet no ..
Parameter Description advertisement-profile Advertisement profile associated with this hotspot profile. If this parameter is not changed, the hotspot profile uses with the default advertisement profile. advertisement-protocol Select one of the following advertisement protocol types to be used by the AP.
Parameter Description internet If you issue the internet parameter, the AP sends an Information Element (IE) indicating that the network allows internet access. By default, a hotspot profile does not advertise network internet access. no Negates or removes any configured parameter. p2p-cross-connect Issue this command to advertise support for P2P Cross Connections. This setting is disabled by default. p2p-dev-mgmt Issue this command to advertise support for P2P device management.
Parameter Description configured using the wlan hotspot anqp-roam-cons-profile command. roam-cons-oi-2 Roaming consortium OI assigned to one of the service provider’s top three roaming partners. This additional OI will only be sent to a client if the addtl-roam-cons-ois parameter is set to 2 or higher. NOTE: The service provider’s own roaming consortium OI is configured using the wlan hotspot anqp-roam-cons-profile command.
Parameter Description venue-type Specify a venue type to be advertised in the IEs from APs associated with this hotspot profile. The complete list of supported venue types is described in Venue Types on page 2059 NOTE: This parameter only defines the venue type advertised in the IEs from hotspot APs. To define the venue type to be included in ANQP responses, use anqp-venue-name-profile . Usage Guidelines Hotspot 2.0 is a Wi-Fi Alliance specification based upon the 802.
query using the addtl-roam-cons-ois <1-3> parameter, then define those elements using the following parameters: l roam-cons-oi-1 and roam-cons-len 1 l roam-cons-oi-2 and roam-cons-len 2 l roam-cons-oi-3 and roam-cons-len 3 The configurable values for each additional OI include the Organization Identifier itself, the OI length, and the venue group and venue type associated with those OIs.
Related Commands Use the following commands to configure the Hotspot feature.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 2061 | wlan hotspot hs2-profile Dell Networking W-Series ArubaOS 6.4.
wlan ht-ssid-profile wlan ht-ssid-profile 40MHz-enable 80MHz-enable ba-amsdu-enable clone high-throughput-enable ldpc legacy-stations max-rx-a-mpdu-size {8191|16383|32767|65535} max-tx-a-mpdu-size max-tx-a-msdu-count-be {0-15} max-tx-a-msdu-count-bk {0-15} max-tx-a-msdu-count-vi {0-15} max-tx-a-msdu-count-vo {0-15} max-vht-mpdu-size min-mpdu-start-spacing {0|.25|.5|1|2|4|8|16} mpdu-agg no...
Parameter Description Range Default Enabling high-throughput in an ht-ssid-profile enables Wi-Fi Multimedia (WMM) base features for the associated SSID. ldpc If enabled, the AP will advertise Low-density Parity Check (LDPC) support. LDPC improves data transmission over radio channels with high levels of background noise. — enabled legacy-stations Controls whether or not legacy (non-HT) stations are allowed to associate with this SSID. By default, legacy stations are allowed to associate.
Parameter Description Range Default 1 Minimum time of 1 µsec. — — 2 Minimum time of 2 µsec. — — 4 Minimum time of 4 µsec. — — 8 Minimum time of 8 µsec. — — 16 Minimum time of 16 µsec. — — mpdu-agg Enables or disables MAC protocol data unit (MDPU) aggregation. High-throughput APs are able to send aggregated MAC protocol data units (MDPUs), which allow an AP to receive a single block acknowledgment instead of multiple ACK signals.
Parameter Description Range Default not responding to 802.11 packets, the AP will launch two hardware retries; if the hardware retries are not successful then it attempts software retries. very-high-throughputenable Enable or disable support for Very High Throughput (802.11ac ) on the SSID. — enabled vht-supported-mcs-map Modulation Coding Scheme (MCS) values or ranges of values for spatial streams 1 through 3.
max-rx-a-mpdu-size 8191 Command History Version Description ArubaOS 3.3 Command introduced ArubaOS 3.3.1 The legacy-stations parameter was introduced ArubaOS 3.3.2 De-aggregation of MAC Service Data Units (A-MSDUs) was introduced. ArubaOS 6.1 The short-guard-intvl-20Mhz, ldpc, stbc-rx-streams and stbc-rx-streams parameters were introduced. The allow-weak-encryption parameter was deprecated. ArubaOS 6.3 The following parameters were introduced.
wlan rrm-ie-profile wlan rrm-ie-profile bss-aac-ie clone country-ie enabled-capabilities-ie no pwr-constraint-ie qbss-load-ie quiet-ie tpc-report-ie Description Configure an radio resource management RRM IE profile to define the information elements advertised by an AP with 802.11k support enabled.
Example The following command prevents the AP from advertising the country IE. (host) (config) #wlan rrm-ie-profile default (host) (Handover Trigger Profile) #no country-ie Related commands wlan dot11k-profile dot11k-enable Command History Version Description ArubaOS 6.2 Command introduced Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.4.
wlan ssid-profile wlan ssid-profile 902il-compatibility-mode a-basic-rates a-beacon-rate a-tx-rates advertise-ap-name advertise-location ageout battery-boost clone deny-bcast disable-probe-retry dot11r-profile dtim-period eapol-rate-opt edca-parameters-profile {ap|station} enforce-user-vlan essid g-basic-rates g-beacon-rate g-tx-rates hide-ssid ht-ssid-profile local-probe-req-thresh max-cl
Description This command configures an SSID profile. Dell Networking W-Series ArubaOS 6.4.
Syntax Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” 902il-compatibility-mode (For clients using NTT DoCoMo 902iL phones only) When enabled, the controller does not drop packets from the client if a small or old initialization vector value is received. (When TKIP or AES is used for encryption and TSPEC is enabled, the phone resets the value of the initialization vector after add/delete TSPEC.
Description Range Default Push-To-Talk feature for Polycom SpectraLink devices. clone Name of an existing SSID profile from which parameter values are copied. — — deny-bcast When a client sends a broadcast probe request frame to search for all available SSIDs, this option controls whether or not the system responds for this SSID. When enabled, no response is sent and clients have to know the SSID in order to associate to the SSID. When disabled, a probe response frame is sent for this SSID.
Description Range Default g-basic-rates List of supported 802.11b/g rates that are advertised in beacon frames and probe responses. 1, 2, 5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbps 1, 2 Mbps g-beacon-rate Sets the beacon rate for 802.11g (use for Distributed Antenna System (DAS) only). Using this parameter in normal operation may cause connectivity problems. default, 1,2,5, 6 9, 11, 12, 18, 24, 36, 48, 54 Mbps minimum valid rate g-tx-rates Set of 802.
Description Range Default mfp-required When enabled, the SSID only supports MFP capable clients. — disabled multicast-rate When configured, chooses the rate for video multicast frames. default, 6, 9, 12, 18, 24, 36, 48, 54 Mbps default no Negates any configured parameter. — — opmode The layer-2 authentication and encryption to be used on this ESSID to protect access and ensure the privacy of the data transmitted to and from the network.
Description Range Default wpa2-tkip WPA2 with TKIP encryption and dynamic keys using 802.1x. — — wpa-psk-aes WPA with AES encryption using a preshared key. — — wpa2-psk-tkip WPA2 with TKIP encryption using a preshared key. — — wpa2-tkip WPA2 with TKIP encryption and dynamic keys using 802.1x. — — xSec Encryption and tunneling of Layer-2 traffic between the controller and wired or wireless clients, or between controllers.
Description Range Default short-preamble Enables or disables short preamble for 802.11b/g radios. Network performance may be higher when short preamble is enabled. In mixed radio environments, some 802.11b wireless client stations may experience difficulty associating with the AP using short preamble. To use only long preamble, disable short preamble. Legacy client devices that use only long preamble generally can be updated to support short preamble.
Usage Guidelines The SSID profile configures the SSID.Default WMM mappings exist for all SSIDs. After you customize an WMM mapping and apply it to the SSID, the controller overwrites the default mapping values and uses the userconfigured values. Suite-B cryptography The opmode parameters for Suite-B encryption, wpa2-aes-gcm-128 and wpa2-aes-gcm-256, require the ACR license. Note, however, that not all controllers support Suite-B encryption.
Example The following command configures an SSID for WPA2 AES authentication: (host) (config) #wlan ssid-profile corpnet essid Corpnet opmode wpa2-aes Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 The wmm-ts-min-inact-int parameter was introduced. The wpa2-preauth parameter was removed, ArubaOS 3.3 Support for the high-throughput IEEE 802.11n standard was introduced including the ht-ssid-profile parameter and various rate changes. ArubaOS 3.3.
wlan traffic-management-profile wlan traffic-management-profile bw-alloc virtual-ap share clone no ... report-interval shaping-policy default-access|fair-access|preferred-access Description This command configures a traffic management profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description l Range Default there is congestion on the wireless network.You must set traffic shaping to fair-access to use this bandwidth allocation value for an individual virtual AP. preferred-access: High-throughput (802.11n) clients do not get penalized because of slower 802.11a/g or 802.11b transmissions that take more air time due to lower rates. Similarly, faster 802.11a/g clients get more access than 802.11b clients.
Command Information Platforms Licensing Command Mode All platforms Base operating system on master controllers Config mode on master controllers 2081 | wlan traffic-management-profile Dell Networking W-Series ArubaOS 6.4.
wlan tsm-req-profile wlan tsm-req-profile bin0-range clone dur-mandatory measure-duration no num-repeats random-interval request-mode {normal | triggered} traffic-id Description This command configures a TSM Report Request Profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description Range Default no Negates any configured parameter — — num-repeats This parameter is used to set the "Number of Repetitions" field in the Transmit Stream/Category Measurement Request frame. The Number of Repetitions field contains the requested number of repetitions for all the Measurement Request elements in this frame. A value of zero in the Number of Repetitions field indicates Measurement Request elements are executed once without repetition.
(host) (host) (host) (host) (host) (host) (TSM (TSM (TSM (TSM (TSM (TSM Report Report Report Report Report Report Request Request Request Request Request Request Profile Profile Profile Profile Profile Profile "default") "default") "default") "default") "default") "default") #dur-mandatory #measure-duration 25 #num-repeats 0 #random-interval 0 #request-mode normal #traffic-id 96 Command History This command is introduced in ArubaOS 6.2.
wlan virtual-ap wlan virtual-ap aaa-profile allowed-band ... auth-failure-blacklist-time band-steering blacklist blacklist-time broadcast-filter all|arp clone deny-inter-user-traffic deny-time-range dos-prevention dot11k-profile dynamic-mcast-optimization dynamic-mcast-optimization-threshold fdb-update-on-assoc forward-mode {tunnel|bridge|split-tunnel|decrypt-tunnel} ha-disc-onassoc hs2-profile mobile-ip no ...
Parameter Description Range Default auth-failureblacklist-time Time, in seconds, a client is blocked if it fails repeated authentication. A value of 0 blocks a client indefinitely. 02,147,483,647 seconds 0 band-steering ARM’s band steering feature can encourage or require dual-band capable clients to stay on the 5GHz band on dual-band APs. This frees up resources on the 2.4GHz band for single band clients like VoIP phones.
Parameter Description Range Default blacklist Enables detection of denial of service (DoS) attacks, such as ping or SYN floods, that are not spoofed deauth attacks. — enabled blacklist-time Number of seconds that a client is quarantined from the network after being blacklisted. 02,147,483,647 seconds 3600 seconds (1 hour) broadcast-filter Filter out broadcast and multicast traffic in the air. — disabled all Filter out broadcast and multicast traffic in the air.
Parameter Description Range Default If enabled, all broadcast ARP requests are converted to unicast and sent directly to the client. You can check the status of this option using the show ap active and the show datapath tunnel command. If enabled, the output will display the letter a in the flags column. Do not enable this option for virtual APs configured in bridge forwarding mode. This configuration parameter is only intended for use for virual APs in tunnel mode.
Parameter Description Range Default deny-time-range Specify the name of the time range for which the AP will deny access. Time ranges can be defined using the CLI command time-range. — — dos-prevention If enabled, APs ignore deauthentication frames from clients. This prevents a successful deauth attack from being carried out against the AP. This does not affect third-party APs. — disabled dot11k-profile Name of an 802.11k profile to be associated with this VAP.
Parameter Description l l l Dell Networking W-Series ArubaOS 6.4.x | Reference Guide Range Default all 802.11 data packets, action frames and EAPOL frames over a GRE tunnel to the controller for processing. The controller removes or adds the GRE headers, decrypts or encrypts 802.11 frames and applies firewall rules to the user traffic as usual. Bridge: When an AP is in bridge mode, data is bridged onto the local Ethernet LAN. When in bridge mode, the AP handles all 802.
Parameter Description Range Default which then applies firewall policies to the user traffic. This mode allows a network to utilize the encryption/decryption capacity the AP while reducing the demand for processing resources on the controller. APs in decrypt-tunnel forwarding mode also manage all 802.11 association requests and responses, and process all 802.11e and 802.11k action frames. NOTE: Virtual APs in bridge or split-tunnel mode using static WEP should use key slots 2-4 on the controller.
Parameter Description Range Default multi-association Enables or disables multiassociation for this virtual AP. When enabled, this feature allows a station to be associated to multiple APs. If this feature is disabled, when a station moves to new AP it will be de authorized by the AP to which it was previously connected, deleting station context and flushing key caching information. — disabled no Negates any configured parameter.
Parameter Description Range Default mode, the AP will try to force 5Ghz-capable APs to use that radio band. l Prefer-5GHz (Default): If you configure the AP to use prefer-5GHz band steering mode, the AP will try to steer the client to 5G band (if the client is 5G capable) but will let the client connect on the 2.4G band if the client persists in 2.4G association attempts.
Parameter Description Range Default vlan The VLAN(s) into which users are placed in order to obtain an IP address. Enter VLANs as a comma-separated list of existing VLAN IDs or VLAN names. A mixture of names and numeric IDs are not allowed. vlan-mobility VLAN mobility retains the client VLAN on roaming irrespective of the VAP VLAN, provided the user VLANs are extended. VLAN mobility and mobile IP are mutually exclusive.
Example The following command configures a virtual AP: wlan virtual-ap corpnet vlan 1 aaa-profile corpnet Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 Support for the split tunneling option and the rap-operation parameter was introduced. ArubaOS 3.3 In support of the IEEE 802.11n standard, a change to the allowed-band parameter was introduced. ArubaOS 3.3.2 l l l Support for the ha-disc-onassoc parameter was introduced.
wlan voip-cac-profile wlan voip-cac-profile bandwidth-cac bandwidth-capacity call-admission-control call-capacity call-handoff-reservation clone disconnect-extra-call no ... send-sip-100-trying send-sip-status-code client|server wmm_tspec_enforcement wmm_tspec_enforcement_period Description This command configures a Voice over IP (VoIP) call admission control (CAC) profile.
Parameter Description Range Default clone Name of an existing VoIP CAC profile from which parameter values are copied. — — disconnect-ex tra-call Disconnects calls that exceed the high capacity threshold by sending a deauthentication frame. — disabled no Negates any configured parameter. — — send-sip-100trying Enables sending of SIP 100 trying messages to a call originator to indicate that the call is proceeding.
Command History Version Change ArubaOS 3.0 Command introduced ArubaOS 3.4 The following parameters were deprecated: l active-load-balancing l high-threshold-capacity l noe-call-capacity l sccp-call-capacity l svp-call-capacity l vocera-call-capacity The following parameters were introduced: l bandwidth-cac l bandwidth-capacity l call-capacity ArubaOS 3.4.1 License requirements changed in ArubaOS 3.4.
wlan wmm-traffic-management-profile wlan wmm-traffic-management-profile background best-effort clone enable-shaping no video voice Description This command configures bandwidth shaping for WMM access categories. The bandwidth shaping is applied on down-link traffic only. Syntax Parameter Description Range Default background Bandwidth allocation in percentage (%) for WMM background access traffic category.
(host) (WMM Traffic management profile "test") #voice 40 (host) (WMM Traffic management profile "test") #video 43 Apply the WMM traffic management profile to the virtual AP profile. (host) (config) #wlan virtual-ap employee (host) (Virtual AP profile "employee") #wmm-traffic-management-profile test Enable the fair-access or preferred access parameter under wlan traffic-management-profile.
wms ap wms ap mode {interfering|manually-contained|neighbor|rogue|suspected-rogue|valid} Description This command allows you to classify an AP into one of several categories. Syntax Parameter Description BSSID of the AP. mode Classify the AP into one of the following categories. interfering An AP seen in the RF environment but is not connected to the wired network. manually-contained Manually enable denial of service from this AP neighbor An neighboring AP whose BSSID is known.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers Dell Networking W-Series ArubaOS 6.4.
wms clean-db wms clean-db Description This command deletes the WMS database. Syntax Parameter Description clean-db Cleans the WMS database. Usage Guidelines This command deletes all entries from the WMS database. Do not use this command unless instructed to do so by a Dell representative. Example The following command cleans the WMS database: (host) #wms clean-db WMS Database will be deleted. Do you want to proceed with this action [y/n]: Command History This command was introduced in ArubaOS 3.0.
wms client wms client mode {manually-contain|interfering|valid} Description This command allows you to classify a wireless client into one of several categories. Syntax Parameter Description client MAC address of the client. mode Classify the client into one of the following categories: manually-contain Manualy enable denial of service to this client.
wms export-class wms export-class Description This command exports classification information into a file. Syntax Parameter Description Name of the file into which you want to export classification information Usage Guidelines This command writes classification data into comma separated values (CSV) files—one for APs and one for clients. You can import these files into the Dell Mobility Manager system.
wms export-db wms export-db Description This command exports the WMS database to a specified file. Syntax Parameter Description Name of the file into which you want to export the database. The filename plus any extensions must be no longer than 32 characters and may contain only keyboard characters. Usage Guidelines The file is exported as an ASCII text file. If you have configured the controller for operation with DellMMS, this command will fail and an error will be returned.
wms import-db wms import-db Description This command imports the specified file into the WMS database. Syntax Parameter Description Name of the file into which you want to import into the database. The filename plus any extensions must be no longer than 32 characters and may contain only keyboard characters. Usage Guidelines The imported file replaces the WMS database.
wms reinit-db wms reinit-db Description This command reinitializes the WMS database to its factory defaults. Syntax No parameters. Usage Guidelines When you use this command, there is no automatic backup of the current database. If an MMS server is configured on the controller (See mobility-manager on page 564), this command will fail and return an error. Example The following command reinitializes the WMS database: (host) #wms reinit-db WMS Database will be re-initialized.
write write {erase [all] | memory | terminal} Description This command saves the running configuration to memory or displays the running configuration on the screen. This command can also be used to erase the running configuration and return the controller to factory defaults. Syntax Parameter Description erase Erases the running system configuration file. Rebooting the controller resets it to the factory default configuration.
Example The following command saves your changes so they are retained after a reboot: (host) #write memory The following command deletes the running configuration and databases and returns the controller to the factory default settings: (host) #write erase Command History This command was introduced in ArubaOS 1.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config modes Dell Networking W-Series ArubaOS 6.4.
Appendix A: Command Modes The Dell Networking W-Series ArubaOS command-line interface offers different levels of user access by differentiating between different command modes. When you first log in to the CLI, you start your session in User mode, which provides only limited access for basic operational testing. You must enter an additional password to access Enable mode, which allows you to issue show commands run certain management functions.
(host) #aaa ? authentication inservice ipv6 query-user test-server user Authentication Bring authentication server into service Internet Protocol Version 6 Query User Test authentication server User commands Config Mode To move from enable mode to config mode, enter the command config terminal. Users in config mode may return to enable mode at any time by entering the command exit.