Dell PowerConnect ArubaOS 6.
Copyright © 2010 Aruba Networks, Inc. AirWave®, Aruba Networks®, Aruba Mobility Management System®, and other registered marks are trademarks of Aruba Networks, Inc. Dell™, the DELL™ logo, and PowerConnect™ are trademarks of Dell Inc. All rights reserved. Specifications in this manual are subject to change without notice. Originated in the USA. Any other trademarks appearing in this manual are the property of their respective companies.
Introduction The ArubaOS command line interface (CLI) allows you to configure and manage your controllers. The CLI is accessible from a local console connected to the serial port on the controllers or through a Telnet or Secure Shell (SSH) session from a remote management console or workstation. Note: Telnet access is disabled by default on Dell controllers.
Command Description show ap spectrum debug fft Save FFT (Fast Fourier Transform) power data to a file on the spectrum monitor. show ap spectrum debug status This command shows detailed status and statistics for a spectrum monitor. show ap spectrum device-history This command shows the history of the last 256 non-Wi-Fi devices. show ap spectrum device-summary This command shows the numbers of wi-fi and non-Wi-Fi device types on each channel monitored by a spectrum monitor.
Command Description voice sip This command allows you to enable SIP session timer and associate a dial plan profile to the SIP ALG. Modified Commands The following commands were modified in ArubaOS 6.0. Command Parameter Description aaa authentication captive-portal maxauthentication-failures The max-authentication-failures parameter no longer requires a license.
Command Parameter Description show voice client-status The sta parameter was introduced. show voice trace The trace output included the BSSID parameter.
z Description—A brief description of the command. z Syntax—A description of the command parameters, including license requirements for specific parameters if needed. The applicable ranges and default values, if any, are also included. z Usage Guidelines—Information to help you use the command, including: prerequisites, prohibitions, and related commands. z Example—An example of how to use the command. z Command History—The version of ArubaOS in which the command was first introduced.
Certain management functions are available in enable (also called “privileged”) mode. To move from user mode to enable mode requires you to enter an additional password that you entered during the Initial Setup (the password displays as asterisks). For example: (host) > enable Password: ****** When you are in enable mode, the > prompt changes to a pound sign (#): (host) # Configuration commands are available in config mode.
Command Completion To make command input easier, you can usually abbreviate each key word in the command. You need type only enough of each keyword to distinguish it from similar commands. For example: (host) # configure terminal could also be entered as: (host) # con t Three characters (con) represent the shortest abbreviation allowed for configure. Typing only c or co would not work because there are other commands (like copy) which also begin with those letters.
Commands That Reset the Controller or AP If you use the CLI to modify a currently provisioned and running radio profile, those changes take place immediately; you do not reboot the controller or the AP for the changes to affect the current running configuration. Certain commands, however, automatically force the controller or AP to reboot. You may want to consider current network loads and conditions before issuing these commands, as they may cause a momentary disruption in service as the unit resets.
The command line editing feature allows you to make corrections or changes to a command without retyping. The table below lists the editing controls: To use key shortcuts, press and hold the Ctrl button while you press a letter key. Key Effect Description Ctrl A Home Move the cursor to the beginning of the line. Ctrl B or the left arrow Back Move the cursor one character left. Ctrl D Delete Right Delete the character to the right of the cursor.
Type Style Description {ap-name }|{ipaddr } Two items within curled braces indicate that both parameters must be entered together. If two or more sets of curled braces are separated by a vertical bar, like in the example to the left, enter only one choice Do not type the braces or bars. Specifying Addresses and Identifiers in Commands This section describes addresses and other identifiers that you can reference in CLI commands.
aaa authentication captive-portal aaa authentication aaa authentication captive-portal clone default-guest-role default-role enable-welcome-page guest-logon login-page logon-wait {cpu-threshold }|{maximum-delay }|{minimum-delay } logout-popup-window max-authentication-failures no ...
Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters. — “default” clone Name of an existing Captive Portal profile from which parameter values are copied. — — default-guest-role Role assigned to guest. — guest default-role Role assigned to the Captive Portal user upon login.
Parameter Description Range Default show-fqdn Allows the user to see and select the fully-qualified domain name (FQDN) on the login page. The FQDNs shown are specified when configuring individual servers for the server group used with captive portal authentication. enabled/ disabled disabled show-acceptableuse-policy Show the acceptable use policy page before the logon page. enabled/ disabled disabled single-session Allows only one active user session at a time.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.0 The max-authentication-failures parameter no longer requires a license. Command Information Platforms Licensing Command Mode All platforms Base operating system, except for noted parameters Config mode on master controllers 19 | aaa authentication captive-portal Dell PowerConnect ArubaOS 6.
aaa authentication dot1x aaa authentication dot1x {|countermeasures} ca-cert clear clone eapol-logoff framed-mtu heldstate-bypass-counter ignore-eap-id-match ignore-eapolstart-afterauthentication machine-authentication blacklist-on-failure|{cache-timeout }|enable| {machine-default-role }|{user-default-role } max-authentication-failures max-requests multicast-keyrotation no ...
Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters. — “default” clear Clear the Cached PMK, Role and VLAN entries. This command is available in enable mode only. — — countermeasures Scans for message integrity code (MIC) failures in traffic received from clients. If there are more than 2 MIC failures within 60 seconds, the AP is shut down for 60 seconds.
Parameter Description Number of times a user can try to login with wrong credentials after maxwhich the user is blacklisted as a security threat. Set to 0 to disable authenticationfailures blacklisting, otherwise enter a non-zero integer to blacklist the user after the specified number of failures. NOTE: The RF Protect license must be installed. Range Default 0-5 0 (disabled) max-requests Maximum number of times ID requests are sent to the client.
Parameter Description Range Default inner-eap-type eap-gtc|eapmschapv2 eap-gtc/ When EAP-PEAP is the EAP method, one of the following inner EAP eaptypes is used: mschapv2 EAP-Generic Token Card (GTC): Described in RFC 2284, this EAP method permits the transfer of unencrypted usernames and passwords from client to server. The main uses for EAP-GTC are onetime token cards such as SecureID and the use of LDAP or RADIUS as the user authentication server.
Parameter Description Range Default voice-aware Enables rekey and reauthentication for VoWLAN clients. NOTE: The Next Generation Policy Enforced Firewall license must be installed. — enabled wep-key-retries Number of times WPA/WPA2 key messages are retried. 1-5 3 wep-key-size Dynamic WEP key size, either 40 or 128 bits. 40 or 128 128 bits wpa-fast-hand over Enables WPA-fast-handover. This is only applicable for phones that support WPA and fast handover.
aaa authentication mac aaa authentication mac case upper|lower clone delimiter {colon|dash|none} max-authentication-failures no ... Description This command configures the MAC authentication profile. Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters. — “default” case The case (upper or lower) used in the MAC string sent in the authentication request.
Command History: Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3.1.8 The max-authentication-failures parameter was allowed in the base operating system. In earlier versions of ArubaOS, the max-authentication-failures parameter required the Wireless Intrusion Protection license Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
aaa authentication mgmt aaa authentication mgmt default-role {guest-provisioning|location-api|network-operations|no-access|readonly|root} enable no ... server-group Description This command configures authentication for administrative users.
Command History: Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 The network-operations role was introduced. ArubaOS 3.3 The location-api-mgmt role was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
aaa authentication stateful-dot1x aaa authentication stateful-dot1x default-role enable no ... server-group timeout Description This command configures 802.1x authentication for clients on non-Dell APs. Syntax Parameter Description Range Default default-role Role assigned to the 802.1x user upon login. NOTE: The PEFNG license must be installed. — guest enable Enables 802.1x authentication for clients on non-Dell APs. Use no enable to disable this authentication.
aaa authentication stateful-dot1x clear aaa authentication stateful-dot1x clear Description This command clears automatically-created control path entries for 802.1x users on non-Dell APs. Syntax No parameters. Usage Guidelines Run this command after changing the configuration of a RADIUS server in the server group configured with the aaa authentication stateful-dot1x command. This causes entries for the users to be created in the control path with the updated configuration information.
aaa authentication stateful-ntlm aaa authentication stateful-ntlm default-role enable server-group timeout Description This command configures stateful NT LAN Manager (NTLM) authentication. Syntax Parameter Description Range Default default-role Select an existing role to assign to authenticated users. — guest no Negates any configured parameter. — — server-group Name of a server group.
aaa authentication via auth-profile aaa authentication via auth-profile clone
aaa authentication via connection-profile aaa authentication via connection-profile allow-user-disconnect auth-profile auto-login auto-upgrade client-logging client-netmask client-wlan-profile position clone controller addr internal-ip desc csec-gateway-url csec-http-ports dns-suffix-list enable-csec ext-download-url force-ssl
Syntax Parameter Description Default allow-user-disconnect Enable or disable users to disconnect their VIA sessions. on auth-profile This is the list of VIA authentication profiles that will be displayed to users in the VIA client. auto-login Enable or disable VIA client to auto login and establish a secure connection to the controller. Enabled auto-upgrade Enable or disable VIA client to automatically upgrade when an updated version of the client is available on the controller.
Parameter Description Default Enable or disable split tunneling. If enabled, all traffic to the VIA tunneled networks will go through the controller and the rest is just bridged directly on the client. z If disabled, all traffic will flow through the controller. off support-email The support e-mail address to which VIA users will send client logs. None tunnel address
A list of network destination (IP address and netmask) that the VIA client will tunnel through the controller.aaa authentication via web-auth aaa authentication via web-auth default auth-profile position clone
aaa authentication vpn aaa authentication vpn clone
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 5.0 The default-cap and default-rap profiles were introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system, except for noted parameters. The default-role parameter requires the Policy Enforcement Firewall for VPN Users (PEFV) license. Config mode on master controllers Dell PowerConnect ArubaOS 6.
aaa authentication wired aaa authentication wired no ... profile Description This command configures authentication for a client device that is directly connected to a port on the controller. Syntax Parameter Description no Negates any configured parameter. profile Name of the AAA profile that applies to wired authentication. This profile must be configured for a Layer-2 authentication, either 802.1x or MAC. See “aaa profile” on page 63.
aaa authentication wispr aaa authentication wispr default-role logon-wait {cpu-threshold|maximum-delay|minimum-delay} no ...
allows the client access on the network. If, however, the client only has an account with a partner ISP, then your ISP’s WISPr AAA server will forward that client’s credentials to the partner ISP’s WISPr AAA server for authentication. Once the client has been authenticated on the partner ISP, it will be authenticated on your hotspot’s own ISP, as per their service agreements. Once your ISP sends an authentication message to the controller, the controller assigns the default WISPr user role to that client.
aaa authentication-server internal aaa authentication-server internal use-local-switch Description This command specifies that the internal database on a local controller be used for authenticating clients. Usage Guidelines By default, the internal database in the master controller is used for authentication. This command directs authentication to the internal database on the local controller where you run the command. Command History This command was available in ArubaOS 3.0.
aaa authentication-server ldap aaa authentication-server ldap admin-dn admin-passwd allow-cleartext authport base-dn clone enable filter host key-attribute no ... preferred-conn-type ldap-s|start-tls|clear-text timeout Description This command configures an LDAP server. 43 | aaa authentication-server ldap Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default Name that identifies the server. — — admin-dn Distinguished name for the admin user who has read/search privileges across all of the entries in the LDAP database (the user does not need write privileges but should be able to search the database and read attributes of other users in the database). — — admin-passwd Password for the admin user.
admin-dn cn=corp,cn=Users,dc=1m,dc=corp,dc=com admin-passwd abc10 key-attribute sAMAccountName filter (objectclass=*) enable Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 45 | aaa authentication-server ldap Dell PowerConnect ArubaOS 6.
aaa authentication-server radius aaa authentication-server radius acctport authport clone enable host | key nas-identifier nas-ip no ... retransmit timeout use-md5 Description This command configures a RADIUS server. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default Name that identifies the server. — — acctport Accounting port on the server. 1-65535 1813 authport Authentication port on the server 1-65535 1812 clone Name of an existing RADIUS server configuration from which parameter values are copied. — — enable Enables the RADIUS server. host Identify the RADIUS server either by its IP address or fully qualified domain name.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.0 RADIUS server can be identified by its qualified domain name (FQDN). Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
aaa authentication-server tacacs aaa authentication-server tacacs clone enable host key no ... retransmit session-authorization tcp-port timeout Description This command configures a TACACS+ server. Syntax Parameter Description Range Default Name that identifies the server. — — clone \ Name of an existing TACACS server configuration from which parameter values are copied. — — enable Enables the TACACS server.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.0 session-authorization parameter was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
aaa authentication-server windows aaa authentication-server windows clone
aaa bandwidth-contract aaa bandwidth-contract {kbits |mbits } Description This command configures a bandwidth contract. Syntax Parameter Description Range Name that identifies this bandwidth contract. — kbits Limit the traffic rate for this bandwidth contract to a specified number of kilobits per second. 256-2000000 mbits Limit the traffic rate for this bandwidth contract to a specified number of megabits per second.
aaa derivation-rules aaa derivation-rules user no ... set {role|vlan} condition set-value {|} [description ][position ] Description This command configures rules by which the role or VLAN assigned to a client is derived from the client’s association with an AP. The PEFNG must be installed for a user role to be assigned. Syntax Parameter Description Name that identifies this set of user derivation rules.
aaa derivation-rules user derive1 set role condition essid equals Guest set-value guest description createdforspecialcustomers Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.0 Description parameter was introduced. Command Information Platforms Licensing Command Mode All platforms Base operating system. The PEFNG license must be installed for a user role to be assigned. Config mode on master controllers Dell PowerConnect ArubaOS 6.
aaa dns-query-period aaa dns-query-period Description Configure how often the controller should generate a DNS request to cache the IP address for a RADIUS server identified via its fully qualified domain name (FQDN). Syntax. Parameter Description Specify, in minutes, the interval between DNS requests sent from the controller to the DNS server. By default, DNS requests are sent every 15 minutes.
aaa inservice aaa inservice Description This command designates an “out of service” authentication server to be “in service”. Syntax Parameter Description Server group to which this server is assigned. Name of the configured authentication server.
aaa ipv6 user add aaa ipv6 user add [authentication-method {dot1x|mac|statefuldot1x|vpn|web}][mac ] [name ] [profile ] [role ] Description This command manually assigns a user role or other values to a specified IPv6 client. Syntax Parameter Description IPv6 address of the user to be added. authentication-method Authentication method for the user. dot1x 802.1x authentication. mac MAC address of the user. stateful-dot1x Stateful 802.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers Dell PowerConnect ArubaOS 6.
aaa ipv6 user clear-sessions aaa ipv6 user clear-sessions Description This command clears ongoing sessions for the specified IPv6 client. Syntax Parameter Description IPv6 address of the user. Usage Guidelines This command clears any ongoing sessions that the client already had before being assigned a role with the aaa ipv6 user add command.
aaa ipv6 user delete aaa ipv6 user delete {|all|mac |name |role } Description This command deletes IPv6 clients, users, or roles. Syntax Parameter Description IPv6 address of the client to be deleted. all Deletes all connected IPv6 clients. mac MAC address of the IPv6 client to be deleted. name Name of the IPv6 client to be deleted. role Role of the IPv6 client to be deleted.
aaa ipv6 user logout aaa ipv6 user logout Description This command logs out an IPv6 client. Syntax Parameter Description IPv6 address of the client to be logged out. Usage Guidelines This command logs out an authenticated IPv6 client. The client must reauthenticate. Example The following command logs out an IPv6 client: aaa user logout 2002:d81f:f9f0:1000:e409:9331:1d27:ef44 Command History This command was available in ArubaOS 3.3.
aaa password-policy mgmt aaa password-policy mgmt enable no password-lock-out password-lock-out-time password-max-character-repeat. password-min-digit password-min-length password-min-lowercase-characters password-min-special-character password-min-uppercase-characters password-not-username Description Define a policy for creating management user passwords. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description enable enable the password management policy password-lock-out The number of failed attempts within a 3 minute window that causes the user to be locked out for the period of time specified by the password-lockout-time parameter. Range: 0-10 attempts. By default, the password lockout feature is disabled, and the default value of this parameter is 0 attempts.
unless your company enforces a best practices password policy for management users with root access to network equipment.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 65 | aaa password-policy mgmt Dell PowerConnect ArubaOS 6.
aaa profile aaa profile authentication-dot1x authentication-mac clone dot1x-default-role dot1x-server-group initial-role mac-default-role mac-server-group no ... radius-accounting rfc-3576-server sip-authentication-role user-derivation-rules wired-to-wireless-roam xml-api-server Description This command configures the authentication for a WLAN. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Default Name that identifies this instance of the profile. The name must be 1-63 characters. “default” authentication-dot1x Name of the 802.1x authentication profile associated with the WLAN. See “aaa authentication dot1x” on page 17. — authentication-mac Name of the MAC authentication profile associated with the WLAN. See “aaa authentication mac” on page 22.
There are predefined AAA profiles available: default-dot1x, default-mac-auth, and default-open, that have the parameter values shown in the following table.
aaa query-server aaa query-server Description Troubleshoot an LDAP authentication failure by verifying that the user exists in the ldap server database. Syntax Parameter Description Name of an LDAP server. Name of a user whose LDAP record you want to view.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers Dell PowerConnect ArubaOS 6.
aaa radius-attributes aaa radius-attributes add {date|integer|ipaddr|string} [vendor ] Description This command configures RADIUS attributes for use with server derivation rules. Syntax Parameter Description add Adds the specified attribute name (alphanumeric string), associated attribute ID (integer), and type (date, integer, IP address, or string). date Adds a date attribute. integer Adds a integer attribute.
aaa rfc-3576-server aaa rfc-3576-server clone key no ... Description This command configures a RADIUS server that can send user disconnect and change-of-authorization messages, as described in RFC 3576, “Dynamic Authorization Extensions to Remote Dial In User Service (RADIUS)”. Syntax Parameter Description IP address of the server. clone Name of an existing RFC 3576 server configuration from which parameter values are copied.
aaa server-group aaa server-group allow-fail-through auth-server [match-authstring contains|equals|starts-with ] [matchfqdn ] [position ] [trim-fqdn] clone no ...
Syntax Parameter Description Default Name that identifies the server group. The name must be 32 characters or less. — allow-fail-through When this option is configured, an authentication failure with the first server in the group causes the controller to attempt authentication with the next server in the list. The controller attempts authentication with each server in the ordered list until either there is a successful authentication or the list of servers in the group is exhausted.
Parameter Description Default ends-with The rule is applied if and only if the attribute value ends with the specified string. — equals The rule is applied if and only if the attribute value equals the specified string. — not-equals The rule is applied if and only if the attribute value is not equal to the specified string. — starts-with The rule is applied if and only if the attribute value begins with the specified string.
aaa sygate-on-demand aaa sygate-on-demand remediation-failure-role Description This command configures the user role assigned to clients that fail Sygate On-Demand Agent (SODA) remediation. Syntax Parameter Description Default User role assigned to the client upon failure of client remediation. guest Usage Guidelines When you enable SODA client remediation in a captive portal profile, you can specify a user role to clients that fail the remediation.
aaa tacacs-accounting aaa tacacs-accounting server-group [command {action|all|configuration|show}] [mode {enable|disable}] Description This command configures reporting of commands issued on the controller to a TACACS+ server group. Syntax Parameter Description Range Default server-group The TACACS server group to which the reporting is sent. — — command The types of commands that are reported to the TACACS server group. — — action Reports action commands only.
aaa test-server aaa test-server {mschapv2|pap} Description This command tests a configured authentication server. Syntax Parameter Description mschapv2 Use MSCHAPv2 authentication protocol. pap Use PAP authentication protocol. Name of the configured authentication server. Username to use to test the authentication server. Password to use to test the authentication server.
aaa timers aaa timers {dead-time |idle-timeout |logon-lifetime <0-255>} Description This command configures the timers that you can apply to clients and servers. Syntax Parameter Description Range Default dead-time Maximum period, in minutes, that the controller considers an unresponsive authentication server to be “out of service”. This timer is only applicable if there are two or more authentication servers configured on the controller.
Command History Version Description ArubaOS 3.0 available in ArubaOS 3.0 ArubaOS 3.4. Idle timeout values and defaults changed Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
aaa trusted-ap aaa trusted-ap Description This command configures a trusted non-Dell AP. Syntax Parameter Description MAC address of the AP Usage Guidelines This command configures a non-Dell AP as a trusted AP. Example The following configures a trusted non-Dell AP: aaa trusted-ap 00:40:96:4d:07:6e Command History This command was available in ArubaOS 3.0.
aaa user add aaa user add [] [authentication-method {dot1x|mac|stateful-dot1x|vpn| web}] [mac ] [name ] [profile ] [role ] Description This command manually assigns a user role or other values to a specified client or device. Syntax Parameter Description IP address of the user to be added. Number of users to create starting with . authentication-method Authentication method for the user. dot1x 802.1x authentication.
Command Information 83 | aaa user add Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers Dell PowerConnect ArubaOS 6.
aaa user clear-sessions aaa user clear-sessions Description This command clears ongoing sessions for the specified client. Syntax Parameter Description IP address of the user. Usage Guidelines This command clears any ongoing sessions that the client already had before being assigned a role with the aaa user add command. Example The following command clears ongoing sessions for a client: aaa user clear-sessions 10.1.1.236 Command History This command was available in ArubaOS 3.0.
aaa user delete aaa user delete {|all|mac |name |role } Description This command deletes clients, users, or roles. Syntax Parameter Description IP address of the client to be deleted. all Deletes all connected clients. mac MAC address of the client to be deleted. name Name of the client to be deleted. role Role of the client to be deleted. Usage Guidelines This command allows you to manually delete clients, users, or roles.
aaa user fast-age aaa user fast-age Description This command enables fast aging of user table entries. Syntax No parameters. Usage Guidelines When this feature is enabled, the controller actively sends probe packets to all users with the same MAC address but different IP addresses. The users that fail to respond are purged from the system. This command enables quick detection of multiple instances of the same MAC address in the user table and removal of an “old” IP address.
aaa user logout aaa user logout Description This command logs out a client. Syntax Parameter Description IP address of the client to be logged out. Usage Guidelines This command logs out an authenticated client. The client must reauthenticate. Example The following command logs out a client: aaa user logout 10.1.1.236 Command History This command was available in ArubaOS 3.0.
aaa xml-api aaa xml-api server clone key no ... Description This command configures an external XML API server. Syntax Parameter Description server IP address of the external XML API server. clone Name of an existing XML API server configuration from which parameter values are copied. key Preshared key to authenticate communication between the controller and the XML API server. no Negates any configured parameter.
acceleration aaa authentication acceleration head-end ip-address Description This command configures a RAP for the Application Acceleration module. The Application Acceleration module improves application performance. Syntax Parameter Description Range Default head-end Configures the head-end device. The head-end device is the Application Acceleration server. — — ip-address The IP address of the Application Acceleration server (head-end) device.
adp adp discovery {disable|enable} igmp-join {disable|enable} igmp-vlan Description This command configures the Dell Discovery Protocol (ADP). Syntax Parameter Description Range Default discovery Enables or disables ADP on the controller. enabled/ disabled enabled igmp-join Enables or disables sending of Internet Group Management Protocol (IGMP) join requests from the controllers. enabled/ disabled enabled igmp-vlan VLAN to which IGMP reports are sent.
am am scan [bssid ] am test {suspect-rap bssid match-type match-method |wired-mac {add|remove {bssid |enet-mac } mac } Description These commands enable channel scanning or testing for the specified air monitor. Syntax Parameter Description Range scan IP address of the air monitor to be scanned. — Channel to which the scanning is tuned. Set to 0 to enable scanning of all channels.
Command History: Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3.1 Support for the wired-mac and associated parameters was introduced. Command Information 88 | am Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master controllers Dell PowerConnect ArubaOS 6.
ap authorization-profile ap authorization-profile authorization-group Description This command defines a temporary configuration profile for remote APs that are not yet authorized on the network. Syntax Parameter Description Range Default authorizationprofile Name of this instance of the profile. The name must be 1-63 characters. — “default” authorization-group Name of a configuration profile to be assigned to the group unauthorized remote APs.
ap enet-link-profile ap enet-link-profile clone duplex {auto|full|half} no ... speed {10|100|1000|auto} Description This command configures an AP Ethernet link profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” clone Name of an existing Ethernet Link profile from which parameter values are copied.
ap mesh-cluster-profile ap mesh-cluster-profile clone cluster no ... opmode [opensystem | wpa2-psk-aes] rf-band {a | g} wpa-hexkey wpa-passphrase Description This command configures a mesh cluster profile used by mesh nodes. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” clone Name of an existing mesh cluster profile from which parameter values are copied. — — cluster Indicates the mesh cluster name. The name can have a maximum of 32 characters, and is used as the MSSID for the mesh cluster. When you first create a new mesh cluster profile, the profile uses the default cluster name “Dellmesh”.
Related Commands To view a complete list of mesh cluster profiles and their status, use the following command: show ap mesh-cluster-profile To view the settings of a specific mesh cluster profile, use the following command: show ap mesh-cluster-profile Command History This command was introduced in ArubaOS 3.2. Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master controllers Dell PowerConnect ArubaOS 6.
ap mesh-ht-ssid-profile ap mesh-ht-ssid-profile clone 40MHz-enable high-throughput-enable legacy-stations max-rx-a-mpdu-size max-tx-a-mpdu-size min-mpdu-start-spacing mpdu-agg no short-guard-intvl-40Mhz supported-mcs-set Description This command configures a mesh high-throughput SSID profile used by mesh nodes. 94 | ap mesh-ht-ssid-profile Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Enter the name of an existing mesh high-throughput SSID profile to modify that profile, or enter a new name or create a new mesh high-throughput profile. The mesh highthroughput profile can have a maximum of 32 characters. To view existing high-throughput SSID radio profiles, use the command show ap mesh-radio-profile.
Parameter Description Range short-guard-intvl40Mhz Enable or disable use of short (400ns) guard interval in 40 MHz mode. A guard interval is a period of time between transmissions that allows reflections from the previous data transmission to settle before an AP transmits data again. An AP identifies any signal content received inside this interval as unwanted inter-symbol interference, and rejects that data. The 802.11n standard specifies two guard intervals: 400ns (short) and 800ns (long).
ap mesh-radio-profile ap mesh-radio-profile a-tx rates [6|9|12|18|24|36|48|54] allowed-vlans children clone g-tx rates [1|2|5|6|9|11|12|18|24|36|48|54] heartbeat-threshold hop-count link-threshold mesh-ht-ssid-profile max-retries mesh-mcast-opt metric-algorithm {best-link-rssi|distributed-tree-rssi} mpv no ...
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” allowed-vlans Specify a list of VLAN IDs that can be used by a mesh link on APs associated with this mesh radio profile A comma-separated list of VLAN IDs. You can also specify a range of VLAN IDs using a dash (for example, 1–4095) a-tx rates Indicates the transmit rates for the 802.11a radio.
Parameter Description Range Default distributedtree-rssi Selects the parent based on link-RSSI and node cost based on the number of children. This option evenly distributes the mesh points over high quality uplinks. Low quality uplinks are selected as a last resort. — — mpv This parameter is experimental and reserved for future use. 0-4094 0 (disabled) no Negates any configured parameter. — — reselection-mode Specifies the method used to find a better mesh link.
Parameter Description Range Default subthreshold-only Connected mesh nodes evaluate alternative links only if the existing uplink becomes a sub-threshold link. NOTE: Starting with ArubaOS 3.4.
Command History Release Modification ArubaOS 3.2 Command introduced. ArubaOS 3.2.0.x, 3.3.1.x The tx-power default increased from 14 to 30 dBm. ArubaOS 3.3 The heartbeat-threshold default increased from 5 to 10 heartbeat messages. ArubaOS 3.3.2 The mesh-mcast-opt parameter was introduced. ArubaOS 3.4 The mesh-ht-ssid-profile parameter was introduced The 11a-portal-channel, 11g-portal-channel, beacon-period and tx-power parameters were deprecated.
ap provisioning-profile ap provisioning-profile clone domain-name link-priority-cellular link-priority-ethernet master clear|{set }} no ...
Syntax Parameter Description Range Default clone Clone an existing ap provisioning profile — — domain-name Domain name for the AP or AP group. — — link-prioritycellular Set the priority of the cellular uplink. By default, the cellular uplink is a lower priority than the wired uplink; making the wired link the primary link and the cellular link the secondary or backup link.
can be saved or assigned to an AP group via the command ap-group provisioning-profile . Related Commands Command Description provision-ap Change provisioning parameters for an individual AP. This command does not save the provisioning parameters settings in a reusable profile.
ap provisioning-profile ap provisioning-profile clone domain-name link-priority-cellular link-priority-ethernet master clear|{set }} no ...
Syntax Parameter Description Range Default clone Clone an existing ap provisioning profile — — domain-name Domain name for the AP or AP group. — — link-prioritycellular Set the priority of the cellular uplink. By default, the cellular uplink is a lower priority than the wired uplink; making the wired link the primary link and the cellular link the secondary or backup link.
The AP provisioning profile allows you to define a set of provisioning parameters to an AP group. These settings can be saved or assigned to an AP group via the command ap-group provisioning-profile . Related Commands Command Description provision-ap Change provisioning parameters for an individual AP. This command does not save the provisioning parameters settings in a reusable profile.
ap regulatory-domain-profile ap regulatory-domain-profile clone country-code no ... valid-11a-40mhz-channel-pair valid-11a-channel valid-11g-40mhz-channel-pair valid-11g-channel Description This command configures an AP regulatory domain profile. 108 | ap regulatory-domain-profile Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — — clone Name of an existing regulatory domain profile from which parameter values are copied. — — country-code Code that represents the country in which the APs will operate. The country code determines the 802.11 wireless transmission spectrum. Improper country code assignment can disrupt wireless transmissions.
In order for an AP to boot correctly, the country code configured in the AP regulatory domain profile must match the country code of the LMS. If none of the channels supported by the AP have received regulatory approval by the country whose country code you selected, the AP will revert to Air Monitor mode.
ap snmp-profile (deprecated) Description This command configures an SNMP profile for APs. Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 Command deprecated Dell PowerConnect ArubaOS 6.
ap snmp-user-profile (deprecated) ap snmp-user-profile auth-passwd auth-prot {md5|none|sha} clone no ... priv-passwd user-name Description This command configures an SNMPv3 user profile for APs. Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 Command deprecated 112 | ap snmp-user-profile (deprecated) Dell PowerConnect ArubaOS 6.
ap spectrum clear-webui-view-settings ap spectrum clear-webui-view-settings Description Clear a saved spectrum dashboard view. Syntax no parameters Usage Guidelines If your client is unable to load a saved spectrum view in the spectrum dashboard, issue the CLI command ap spectrum clear-webui-view-settings to delete the saved spectrum view. Command History Introduced in ArubaOS 6.0.
ap spectrum local-override no override ap-name spectrum-band 2ghz|5ghz-lower|5ghz-middle|5ghz-upper Description Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list.
ap system-profile ap system-profile aeroscout-rtls-server ip-addr port am-scan-rf-band [a | g | all] bkup-lms-ip bootstrap-threshold clone dns-domain double-encrypt dump-server heartbeat-dscp keepalive-interval led-mode normal|off lms-hold-down-period lms-ip lms-preemption maintenance-mode master-ip max-request-retries mtu native-vlan-id no ...
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” aeroscout-rtlsserver Enables the AP to send RFID tag information to an AeroScout real-time asset location (RTLS) server. — — am-scan-rf-band Scanning band for multiple RF radios a, g, all all a Set the scanning band to 802.11a only — all g Set the scanning band to 802.
Parameter Description Range Default lms-ip In multi-controller networks, specifies the IP address of the local management switch (LMS)—the Dell controller— which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network. This can be the IP address of the local or master controller.
Parameter Description Range Default rap-dhcp-lease The amount of days that the assigned IP address is valid for the client. Specify the lease in . 0 indicates the IP address is always valid; the lease does not expire. 0-30 0 rap-dhcp-poolend Configures a DHCP pool for remote APs. This is the last IP address of the DHCP pool. 192.168.11.254 rap-dhcp-poolnetmask Configures a DHCP pool for remote APs. This is the netmask used for the DHCP pool. 255.255.255.
Usage Guidelines The AP system profile configures AP administrative operations, such as logging levels. Example The following command sets the LMS IP address in an AP system profile: (host) (config) #ap system-profile local1 lms-ip 10.1.1.240 Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 Support for additional RTLS servers, remote AP enhancements was introduced ArubaOS 3.3.2 z z z z ArubaOS 6.0 Maintenance-mode parameter was introduced.
ap wipe out flash ap wipe out flash ap-name ip-addr Description Overwrite the entire AP compact flash, destroying its contents (including the current image file). Syntax Parameter Description Range Default ap-name Wipe out the flash of the AP with the specified name. — — ip-addr Wipe out the flash of the AP with the specified IP address. — — Usage Guidelines Use this command only under the supervision of Dell technical support.
ap wired-ap-profile ap wired-ap-profile clone forward-mode {bridge|split-tunnel|tunnel} no ... switchport access vlan | {mode access|trunk} |trunk {allowed vlan | add | except | remove }| native vlan trusted wired-ap-enable Description This command configures a wired AP profile. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Name of this instance of the profile. The name must be 1-63 characters. clone Name of an existing wired AP profile from which parameter values are copied. forward-mode This parameter controls whether data is tunneled to the controller using generic routing encapsulation (GRE), bridged into the local Ethernet LAN (for remote APs), or a combination thereof depending on the destination (corporate traffic goes to the controller, and Internet access remains local).
When configuring the Ethernet ports on APs with multiple ethernet ports, note the following requirements: z If configured as a mesh portal, connect enet0 to the controller to obtain an IP address. The wired AP profile controls enet1.Only enet1 supports secure jack operation. z If configured as a mesh point, the same wired AP profile will control both enet0 and enet1.
ap-group ap-group ap-system-profile clone dot11a-radio-profile dot11a-traffic-mgmt-profile dot11g-radio-profile dot11g-traffic-mgmt-profile enet0-profile enet1-profile event-thresholds-profile ids-profile mesh-cluster-profile priority mesh-radio-profile no ...
Syntax 120 | ap-group Parameter Description Range Default Name that identifies the AP group. The name must be 1-63 characters. NOTE: You cannot use quotes (“) in the AP group name. — “default” ap-system-profile Configures AP administrative operations, such as logging levels. See “ap system-profile” on page 116. — “default” clone Name of an existing AP group from which profile names are copied. — — dot11a-radio-profile Configures 802.
Parameter Description Range Default voip-cac-profile Configures voice over IP (VoIP) call admission control (CAC) options. See “wlan voip-cac-profile” on page 1236. This parameter requires the PEFNG license. — “default” wired-ap-profile Configures the second Ethernet port (enet1) on the AP. See “ap wipe out flash” on page 121. — “default” Usage Guidelines AP groups are at the top of the configuration hierarchy.
ap-name ap-name ap-system-profile clone dot11a-radio-profile dot11a-traffic-mgmt-profile dot11g-radio-profile dot11g-traffic-mgmt-profile enet0-profile enet1-profile event-thresholds-profile exclude-mesh-cluster-profile-ap exclude-virtual-ap ids-profile mesh-cluster-profile priority mesh-radio-profile no ...
Syntax 123 | ap-name Parameter Description Default Name that identifies the AP. By default, an AP’s name can either be the AP’s Ethernet MAC address, or if the AP has been previously provisioned with an earlier version of ArubaOS, a name in the format ... The name must be 1-63 characters. NOTE: You cannot use quotes (“) in the AP name. — ap-system-profile Configures AP administrative operations, such as logging levels. See “ap system-profile” on page 116.
Parameter Description Default virtual-ap One or more profiles, each of which configures a specified WLAN. See “wlan virtual-ap” on page 1230. “default” voip-cac-profile Configures voice over IP (VoIP) call admission control (CAC) options. See “wlan voip-cac-profile” on page 1236. This parameter requires the PEFNG license. “default” wired-ap-profile Configures the ports for APs that are directly attached to the controller. See “ap wipe out flash” on page 121.
ap-regroup ap-regroup {ap-name |serial-num |wired-mac } Description This command moves a specified AP into a group. Syntax Parameter Description Default ap-name Name of the AP. — serial-num Serial number of the AP. — wired-mac MAC address of the AP. — Name that identifies the AP group. The name must be 1-63 characters. “default” Usage Guidelines All APs discovered by the controller are assigned to the “default” AP group.
ap-rename ap-rename {ap-name |serial-num |wired-mac } Description This command changes the name of an AP to the specified new name. Syntax Parameter Description ap-name Current name of the AP. serial-num Serial number of the AP. wired-mac MAC address of the AP. New name for the AP. The name must be 1-63 characters. NOTE: You cannot use quotes (“) in the AP name. Usage Guidelines An AP name must be unique within your network.
apboot apboot {all [global|local]|ap-group [global|local]|ap-name |ip-addr |wired-mac } Description This command reboots the specified APs. Syntax Parameter Description Default all Reboot all APs. all global Reboot APs on all controllers. global local Reboot only APs registered on this controller. This is the default. local ap-group Reboot APs in a specified group. ap-group global Reboot APs on all controllers.
apflash apflash {ap-name |ip-addr |wired-mac } [backup-partition] [server ] Description This command reflashes the specified AP. Syntax Parameter Description ap-name Reflash the AP with the specified name. ip-addr Reflash the AP at the specified IP address. wired-mac Reflash the AP at the specified MAC address. server IP address of the FTP server. Usage Guidelines This command directs an AP to download its image from the controller.
apconnect apconnect {ap-name |bssid |ip-addr } parent-bssid Description This command instructs a mesh point to disconnect from its current parent and connect to a new parent. Syntax Parameter Description ap-name Specify the name of the mesh point to be connected to a new parent. bssid Specific the BSSID of the mesh point to be connected to a new parent. ip-addr Specific the IP address of the mesh point to be connected to a new parent.
apdisconnect apdisconnect {ap-name |bssid |ip-addr } Description This command disconnects a mesh point from its parent. Syntax Parameter Description ap-name Specifies the name of the parent AP. bssid Specifies the BSSID of the parent AP. ip-addr Specifies the IP address of the parent AP. Usage Guidelines Each mesh point learns about the mesh portal from its parent (a mesh node that is part of the path to the mesh portal).
arp arp Description This command adds a static Address Resolution Protocol (ARP) entry. Syntax Parameter Description IP address of the device to be added. Hardware address of the device to be added, in the format xx:xx:xx:xx:xx:xx. Usage Guidelines If the IP address does not belong to a valid IP subnetwork, the ARP entry is not added.
audit-trail audit-trail [all] Description This command enables an audit trail. Syntax Parameter Description all Enables audit trail for all commands, including enable mode commands. The audit-trail command without this option enables audit trail for all commands in configuration mode. Usage Guidelines By default, audit trail is enabled for all commands in configuration mode. Use the show audit-trail command to display the content of the audit trail.
backup backup {flash|pcmcia} Description This command backs up compressed critical files in flash. Syntax Parameter Description flash Backs up flash directories to flashbackup.tar.gz file. pcmcia Backs up flash images to external PCMCIA flash card. This option can only be executed on controllers that have a PCMCIA slot. Usage Guidelines Use the restore flash command to untar and uncompress the flashbackup.tar.gz file. Example The following command backs up flash directories to the flashbackup.tar.
banner motd banner motd Description This command defines a text banner to be displayed at the login prompt when a user accesses the controller. Syntax Parameter Description Range Indicates the beginning and end of the banner text. — The text you want displayed. up to 1023 characters Usage Guidelines The banner you define is displayed at the login prompt to the controller. The banner is specific to the controller on which you configure it.
Command History This command was introduced in ArubaOS 1.0 Command Information 135 | banner motd Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
boot boot cf-test [fast | read-only | read-write] config-file system partition [0 | 1] verbose Description Configure the boot options for the controller. Syntax Parameter Description cf-test Sets the type of compact flash test to run when booting the controller. fast Performs a fast test, which does not include media testing. read-only Performs a read-only media test. read-write Performs a read-write media test.
Command Information 137 | boot Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master controllers Dell PowerConnect ArubaOS 6.
cellular profile cellular profile dialer driver acm|hso|option|sierra import modeswitch {eject }|rezero no priority <1-255> serial tty user password vendor product Description Create new profiles to support new USB modems or to customize USB characteristics. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description cellular profile Enter the keywords cellular profile followed by your profile name. This command changes the configuration mode and the command line prompt changes to: host (config-cellular )# dialer Enter the keyword dialer followed by a group name to specify the dialing parameters for the carrier. The parameters tend to be common between service providers on the same type of network (CDMA vs.
Command Information Platforms Licensing Command Mode Aruba 600 controllers Base operating system Config mode on master and local controllers (config-cellular ) Dell PowerConnect ArubaOS 6.
cfgm cfgm {mms config {enable|disable}|set config-chunk |set heartbeat |set maximum-updates |snapshot-timer |sync-command-blocks |synctypecomplete|sync-type snapshot} Description This command configures the configuration module on the master controller.
Command Information 141 | cfgm Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
clear clear aaa acl ap arp counters crypto datapath dot1x fault gab-db ip ipc ipv6 loginsession master-local-entry master-local-session port provisioning-ap-list provisioning-params rap-wml update-counter voice vpdn wms clock Description This command clears various user-configured values from your running configuration. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description aaa Clear all values associated with authentication profile authenticationserver Provide authentication server details to clear values specific to an authentication server or all authentication server. Parameters: z all—to clear all server statistics. z internal—to clear Internal server statistics. z radius—to clear RADIUS server statistics. z tacacs—to clear TACACS server statistics. state Clear internal status of authentication modules.
Parameter datapath Description Clears all configuration values and statistics for the following datapath modules. application z bridge z bwm z crypto z dma z frame z hardware z ip-reassembly z maintenance z message-queue z route z route-cache z session z station z tunnel z user z wifi-reassembly z wmm z dot1x Clears all 802.1x specific counters and supplicant statistics. Use the following parameters: z counters z supplicant-info fault Clears all SNMP fault configuration.
Parameter Description update-counter Clear all update counter statistics. voice Clear all voice state information. Use the following parameters: call-counters z call-status z statistics z vpdn cac tspec-enforcement Clear all VPDN configuration for L2TP and PPTP tunnel. Use the following parameters: tunnel l2tp id z tunnel pptp id z wms Clear all WLAN management commands. Use the following parameters: z ap—clear all AP related commands.
clock set clock clock set
clock summer-time recurring clock summer-time [recurring] <1-4> first last <1-4> first last [<-23 - 23>] Description Set the software clock to begin and end daylight savings time on a recurring basis. Syntax Parameter Description Range WORD Enter the abbreviation for your time zone.
clock summer-time PST recurring 2 Sun Mar 2:00 first Sun Nov 3:00 -8 Command History This command was introduced in ArubaOS 1.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
clock timezone clock timezone <-23 to 23> Description This command sets the timezone on the controller. Syntax Parameter Description Range Name of the time zone. 3-5 characters -23 to 23 Hours offset from UTC. -23 to 23 Usage Guidelines The name parameter can be any alphanumeric string, but cannot start with a colon (:). A time zone name longer than five characters is not accepted.
configure terminal configure terminal Description This command allows you to enter configuration commands. Syntax No parameters. Usage Guidelines Upon entering this command, the enable mode prompt changes to: (host) (config) # To return to enable mode, enter Ctrl-Z or exit. Example The following command allows you to enter configuration commands: (host) # configure terminal Command History This command was introduced in ArubaOS 3.0.
controller-ip controller-ip [loopback|vlan ] no ... Description This command sets the controller IP to the loopback interface address or a specific VLAN interface address. Syntax Parameter Description Default loopback Sets the controller IP to the loopback interface. disabled vlan Set the controller IP to a VLAN interface. — Specifies the VLAN interface ID.
control-plane-security control-plane-security auto-cert-allowed-addrs auto-cert-allow-all auto-cert-prov cpsec-enable no ... Description Configure the control plane security profile by identifying APs to receive security certificates. Syntax Parameter Description auto-cert-allowed-addrs Use this command to define a specific range of AP IP addresses.
Related Commands Command Description Mode show control-plane-security Show the current configuration of the control plane security profile. Config mode Command History This command was introduced in ArubaOS 5.0. Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master or local controllers 153 | control-plane-security Dell PowerConnect ArubaOS 6.
copy copy flash: {flash: | scp: | tftp: } | ftp: system: partition {0|1} | running-config {flash: | ftp: [] | startup-config | tftp: } | scp: {flash: | system: partition [0|1]}| startup-config {flash: | tftp: } | system: partition {
Syntax 155 | copy Parameter Description flash: Copy the contents of the controller’s flash file system, the system image, to a specified destination. srcfilename Full name of the flash file to be copied. flash: Copy the file to the flash file system. destfilename Specify the new name of the copied file. tftp: Copy the file to a TFTP server. tftphost Specify the IP address or hostname of the TFTP server. ftp: Copy a file from the FTP server.
Parameter Description tftphost Specify the IP address or hostname of the TFTP server. system: Copy the specified system partition srcpartition Disk partition from which to copy the system data, as either 0 or 1. destpartition Disk partition to copy the system data to, as either 0 or 1. tftp: Copy a file from the specified TFTP server to either the controller or another destination.
cp-bandwidth-contract cp-bandwidth-contract {mbits <1..2000>}|{kbits <256..2000000>} Description This command configures a bandwidth contract traffic rate which can then be associated with a whitelist session ACL. Syntax Parameter Description Name of a bandwidth contract. mbits <1..2000> Set a bandwidth rate inn mbits/seconds. kbits <256..2000000> Set a bandwidth rate in kbits/seconds.
crypto dynamic-map crypto dynamic-map no ... set puffs {group1|group2} set security-association lifetime seconds set transform-set [] [] [] Description This command configures a new or existing dynamic map. Syntax Parameter Description Range Default Name of the map. — — Priority of the map. 1-10000 10000 no Negates a configured parameter. — — pfs Enables Perfect Forward Secrecy (PFS) mode.
crypto ipsec crypto ipsec {mtu }|{transform-set esp-3des|espaes128|esp-aes192|esp-aes256|esp-des esp-md5-hmac|esp-sha-hmac} Description This command configures IPsec parameters. Syntax Parameter Description Range Default mtu Configure IPsec Maximum Transmission Unit (MTU) parameters. — — Configure IPsec MTU. 1024-1500 1500 Create or modify a transform set. — — Name of the transform set to create or modify. — — esp-3des Use ESP with 168-bit 3DES encryption.
crypto isakmp crypto isakmp {address netmask }|enable|disable|{groupname } | {key address netmask }| {udpencap-behind-natdevice enable|disable}| packet-dump Description This command configures Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Syntax Parameter Description address Configure the IP address for the global group key.
new PSK to authenticate remote APs. If you enable and then disable PSK-refresh, the remote AP attempts to authenticate with the currently configured global PSK only. To enable PSK-refresh, you must: 1. Configure the amount of time in days or hours (known as the interval), to remember the previously configured PSK used in your remote AP deployment. NOTE: Best practices is to configure a large interval to prevent remote APs from being unable to authenticate and connect to the network.
crypto isakmp policy crypto isakmp policy authentication pre-share|rsa-sig encryption 3DES|AES128|AES192|AES256|DES group 1|2 hash md5|sha lifetime Description This command configures Internet Key Exchange (IKE) policy parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Syntax Parameter Description policy Configure an IKE policy authentication Specify a number from 1 to 10,000 to define a priority level for the policy.
Example The following command configures an ISAKMP peer IP address and subnet mask. After configuring an ISAKMP address and netmask, you will be prompted to enter the IKE preshared key. (host)(config) #crypto isakmp policy1 (host)(config-isakmp) #auth rsa-sig lifetime 86400 Command History This command was introduced in ArubaOS 3.0.
crypto map global-map crypto map global-map ipsec-isakmp {dynamic }|{ipsec } Description This command configures the default global map. Syntax Parameter Description Priority of the map. dynamic Use a dynamic map. } ipsec Name of the dynamic map. Use a IPsec map. Name of an IPsec map. Usage Guidelines This command identifies the dynamic or ipsec map used as the default global map.
crypto pki crypto pki csr key common_name country state_or_province city organization unit email Description Generate a certificate signing request (CSR) for the captive portal feature. Syntax Parameter Description key Specify the CSR key length:1024, 2048, or 4096. common_name Specify a common name, e.g., www.yourcompany.com. country Specify a country name, e.g.
crypto pki-import crypto pki-import {der|pem|pfx|pkcs12|pkcs7} {PublicCert|ServerCert|TrustedCA} Description Import certificates for the captive portal feature. Syntax Parameter Description der Import a certificate in DER format. pem Import a certificate in x509 PEM format. pfx Import a certificate in PFX format. pkcs12 Import a certificate in PKCS12 format. pkcs7 Import a certificate in PKCS7 format. PublicCert Import a public certificate. ServerCert Import a server certificate.
crypto-local ipsec-map crypto-local crypto-local ipsec-map
Syntax Parameter Description Range Default
You can configure separate CA and server certificates for each site-to-site VPN. You can also configure the same CA and server certificates for site-to-site VPN and client VPN. Use the show crypto-local ipsec-map command to display the certificates associated with all configured site-to-site VPN maps; use the tag
(host) (config)crypto-local ipsec-map src-net peer-ip 0.0.0.0 peer-fqdn any-fqdn vlan trusted enable For the Pre-shared-key for All FQDNs: crypto-local isakmp key fqdn-any Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 170 | crypto-local ipsec-map Dell PowerConnect ArubaOS 6.
crypto-local isakmp ca-certificate crypto-local isakmp ca-certificate Description This command assigns the Certificate Authority (CA) certificate used to authenticate VPN clients. Syntax Parameter Description ca-certificate User-defined name of a trusted CA certificate installed in the controller. Use the show crypto-local pki TrustedCA command to display the CA certificates that have been imported into the controller. Usage Guidelines You can assign multiple CA certificates.
crypto-local isakmp dpd crypto-local isakmp dpd idle-timeout retry-timeout retry-attempts Description This command configures IKE Dead Peer Detection (DPD) on the local controller. Syntax Parameter Description Range Default idle-timeout Idle timeout, in seconds. 10-3600 22 seconds retry-timeout Retry interval, in seconds. 2-60 2 seconds retry-attempts Number of retry attempts.
crypto-local isakmp key crypto-local isakmp key {address netmask }|{fqdn }|fqdn-any Description This command configures the IKE preshared key on the local controller for site-to-site VPN. Syntax Parameter Description key IKE preshared key value, between 6-64 characters. address IP address for the preshared key. netmask Netmask for the preshared key.
crypto-local isakmp permit-invalid-cert crypto-local isakmp permit-invalid-cert Description This command allows invalid or expired certificates to be used for site-to-site VPN. Syntax No parameters. Usage Guidelines This command allows invalid or expired certificates to be used for site-to-site VPN. Command History This command was introduced in ArubaOS 3.2.
crypto-local isakmp server-certificate crypto-local isakmp server-certificate Description This command assigns the server certificate used to authenticate the controller for VPN clients. Syntax Parameter Description server-certifi cate User-defined name of a server certificate installed in the controller. Use the show cryptolocal pki ServerCert command to display the server certificates that have been imported into the controller.
crypto-local isakmp xauth crypto-local isakmp xauth Description This command enables IKE XAuth for VPN clients. Syntax No parameters. Usage Guidelines The no crypto-local isakmp xauth command disables IKE XAuth for VPN clients. This command only applies to VPN clients that use certificates for IKE authentication. If you disable XAuth, then a VPN client that uses certificates will not be authenticated using username/password. You must disable XAuth for Cisco VPN clients using CAC Smart Cards.
crypto-local pki crypto-local pki {PublicCert|ServerCert|TrustedCA} Description This command is saved in the configuration file when you import a certificate. Syntax Parameter Description PublicCert Public key of a certificate. This allows an application to identify an exact certificate. ServerCert Server certificate. This certificate must contain both a public and a private key (the public and private keys must match).
database synchronize database synchronize {[period ][rf-plan-data]} Description This command manually synchronizes the database between a pair of redundant master controllers and includes RF Plan data when synchronizing with standby. Syntax Parameter Description period Configures the interval for automatic database synchronization. rf-plan-data Interval in minutes. Range is 1 — 25200 minutes. Includes the RF Plan data when synchronizing with standby mode.
delete delete {filename |ssh-host-addr |ssh-known-hosts} Description This command deletes a file or RSA signature entry from flash. Syntax Parameter Description filename Name of the file to be deleted. ssh-host-addr Deletes the entry stored in flash for the RSA host signature created when you run the copy scp command. ssh-known -hosts Deletes all entries stored in flash for the RSA host signatures created when you run the copy scp command.
destination destination [invert] Description This command configures the destination name and address. Syntax Parameter Description Range STRING Destination name. Alphanumeric A.B.C.D Destination IP address or subnet. — invert Specifies all destinations except this one. — Usage Guidelines You can configure the name and IP address of the destination. You can optionally configure the subnet, or invert the selection.
dir dir Description This command displays a list of files stored in the flash file system. Syntax No parameters. Usage Guidelines Use this command to view the system files associated with the controller. Output from this command includes the following: z The first column contains ten place holders that display the file permissions. First place holder: Displays - for a file or d for directory.
dynamic-ip dynamic-ip restart Description This command restarts the PPPoE or DHCP process. Syntax No parameters. Usage Guidelines This command can be used to renegotiate DHCP or PPPoE parameters. This can cause new addresses to be assigned on a VLAN where the DHCP or PPPoE client is configured. Command History This command was introduced in ArubaOS 3.
enable enable Description This user mode command switches the controller into enable mode. The enable mode allows you to access privileged commands. Usage Guidelines To enter enable mode, you are prompted for the password configured during the controller’s initial setup. Passwords display as asterisks (*) when you enter them. To change the password, use the config mode “enable secret” command.
enable secret enable secret Description This config mode command allows you to change the password for enable mode. Usage Guidelines Use this command to change the password for enable mode. To reset the password to the factory default of “enable”, use the no enable command. Note: The password must not contain the space and ‘?’ special characters. Example The following example allows you to change the password for enable mode. (host) #configure terminal Enter Configuration commands, one per line.
enable bypass enable bypass no enable bypass Description This config mode command allows you to bypass the enable password prompt and go directly to the privileged command mode. Usage Guidelines Use this command when you want to access the privileged mode directly after logging in to the controller and not be prompted to enter an enable mode password. To restore the enable mode password prompt, use the config mode command. no enable bypass.
encrypt encrypt {disable|enable} Description This command allows passwords and keys to be displayed in plain text or encrypted. Syntax Parameter Description Default disable Passwords and keys are displayed in plain text — enable Passwords and keys are displayed encrypted enabled Usage Guidelines Certain commands, such as show crypto isakmp key, display configured key information. Use the encrypt command to display the key information in plain text or encrypted.
esi group esi group esi [no] | [ping ] | [server ] Description This command configures an ESI group. Syntax Parameter Description no Negates any configured parameter. ping Specify the name of a set of ping checking attributes defined via the command esi ping. Only one set is allowed. server Specify the name of a server to be added or removed from the ESI group. You define ESI servers via the command esi server.
esi parser domain esi parser domain [no] | [peer ] | [server ] Description This command configures an ESI syslog parser domain. Syntax Parameter Description no Negates any configured parameter peer (Optional.) Specify the IP address of an another controller in this domain. These controllers are notified when the user cannot be found locally.
esi parser rule esi parser rule [condition ] | [domain ] | [enable] [match {ipaddr | mac | user }] | [no] | [position ] | [set {blacklist | role } | [test {msg | file }] Description This command creates or changes an ESI syslog parser rule. Syntax Parameter Description Range Default condition Specifies the REGEX (regular expression) pattern that uniquely identifies the syslog.
Use the show esi parser rules command to show ESI parser rule information. Use the show esi parser stats command to show ESI parser rule statistical information Examples The following command sets up the Fortigate virus rule named “forti_rule.” This rule parses the virus detection syslog scanning for a condition match on the log_id value (log_id=) and a match on the IP address (src=). (host) (config) #esi parser rule forti_rule condition “log_id=[0-9]{10}[ ]” match ipaddr “src=(.
Command Information Platform License Command Mode Available on all platforms. Requires the PEFNG license Config mode on master and local controllers Dell PowerConnect ArubaOS 6.
esi parser rule-test esi parser rule-test [file ] | [msg ] Description This command allows you to test all of the enabled parser rules. Syntax Parameter Description file Tests against a specified file containing more than one syslog message. msg Tests against a syslog message, where is the message text. Usage Guidelines You can test the enabled parser rules against a syslog message input, or run the expression through a file system composed of syslog messages.
Command History Introduced in ArubaOS 3.1 Command Information Platform License Command Mode Available on all platforms Requires the PEFNG license Config mode on master and local controllers Dell PowerConnect ArubaOS 6.
esi ping esi ping [frequency ] | [no] | [retry-count ] | [timeout ] | Description This command specifies the ESI ping health check configuration. Syntax Parameter Description Range Default frequency Specifies the ping frequency in seconds. 1–65536 no Negates any configured parameter — — retry-count Specifies the ping retry count 1–65536 2 timeout Specifies the ping timeout in seconds.
esi server esi server [dport ] | [mode {bridge | nat | route}] | [no] | [trusted-ip-addr [health-check]] | [trusted-port ] | [untrusted-ip-port [health-check]] | [untrusted-port ] Description This command configures an ESI server. Syntax Parameter Description dport Specifies the NAT destination TCP/UDP port. mode Specifies the ESI server mode of operation: bridge, nat, or route no Negates any configured parameter.
exit exit Description This command exits the current CLI mode. Syntax No parameters. Usage Guidelines Upon entering this command in a configuration sub-mode, you are returned to the configuration mode. Upon entering this command in configuration mode, you are returned to the enable mode. Upon entering this command in enable mode, you are returned to the user mode. Upon entering this command in user mode, you are returned to the user login.
export export gap-db Description This command exports the global AP database to the specified file. Syntax Parameter Description Name of the file to which the global AP database is exported. Usage Guidelines This command is intended for system troubleshooting. You should run this command only when directed to do so by an Dell support representative. The global AP database resides on a master controller and contains information about known APs on all controllers in the system.
firewall firewall {allow-tri-session |attack-rate {cp |ping |session }|broadcast-filter-arp |cp|bwcontracts-subnet-broadcast|cp-bandwidthcontract|tcp-syn |bwcontracts-subnet-broadcast |deny-inter-user-bridging |deny-inter-user-traffic|disable-ftp-server |disable-ftp-server| disable-statefulh323| disable-stateful-sccp-processing|disable-stateful-sip-processing |disablestateful-ua-processing|disable-stateful-vocera-processing|drop-ip-fragments |enable-per-packet-logging |enforce-
Syntax 198 | firewall Parameter Description Range Default allow-tri-session Allows three-way session when performing destination NAT. This option should be enabled when the controller is not the default gateway for wireless clients and the default gateway is behind the controller. This option is typically used for captive portal configuration. — disabled attack-rate Sets rates which, if exceeded, can indicate a denial of service attack.
Parameter Description Range Default enable-per-packet-logging Enables logging of every packet if logging is enabled for the corresponding session rule. Normally, one event is logged per session. If you enable this option, each packet in the session is logged. You should not enable this option unless instructed to do so by an Dell representative, as doing so may create unnecessary overhead on the controller.
Parameter Description Range Default shape-mcast Enables multicast optimization and provides excellent streaming quality regardless of the amount of VLANs or IP IGMP groups that are used. — disabled voip-wmm-voip-contentenforcement If traffic to or from the user is inconsistent with the associated QoS policy for voice, the traffic is reclassified to best effort and data path counters incremented. This parameter requires the PEFNG license.
firewall cp firewall cp {deny|permit} proto ports [bandwidth-contract ] no ... Description This command creates whitelist session ACLs. Whitelist ACLs consist of rules that explicitly permit or deny session traffic from being forwarded or not to the controller. This prohibits traffic from being automatically forwarded to the controller if it was not specifically denied in a blacklist.
Related Commands Command Description Mode show firewall-cp Show Control Processor (CP) whitelist ACL info. Enable or Config modes cp-bandwidth-contract This command configures a bandwidth contract traffic rate Enable or Config modes which can then be associated with a whitelist session ACL. Command History Introduced in ArubaOS 3.
firewall cp-bandwidth-contract firewall cp-bandwidth-contract {auth|route|sessmirr|trusted-mcast|trusted-ucast |untrusted-mcast|untrusted-ucast} Description This command configures bandwidth contract traffic rate limits to prevent denial of service attacks. Syntax Parameter Description Range Default auth Specifies the traffic rate limit that is forwarded to the authentication process. 1-200 Mbps 1 route Specifies the traffic rate limit that needs ARP requests.
gateway health-check disable gateway health-check disable Description Disable the gateway health check. Usage Guidelines The gateway health check feature can only be enabled by Dell Technical Support. This command disables the gateway health check, and should only be issued under the guidance of the support staff.
guest-access-email guest-access-email smtp-port smtp-server no... Description This command configures the SMTP server which is used to send guest email. Guest email is generated when a guest user account is created or when the Guest Provisioning user sends guest user account email a later time. Syntax Parameter Description Range Default smtp-port Identifies the SMTP port through which the guest-access email is sent. — — The SMTP port number.
Command History Version Modification ArubaOS 3.4 Introduced for the first time. Command Information Platform License Command Mode Available on all platforms Available in the base operating system. Config mode on master controllers. 206 | guest-access-email Dell PowerConnect ArubaOS 6.
halt halt Description This command halts all processes on the controller. Syntax No parameters. Usage Guidelines This command gracefully stops all processes on the controller. You should issue this command before rebooting or shutting down to avoid interrupting processes. Command History Introduced in ArubaOS 3.0 Command Information Platform License Command Mode Available on all platforms Available in the base operating system. Enable mode on master and local controllers.
help help Description This command displays help for the CLI. Syntax No parameters. Usage Guidelines This command displays keyboard editing commands that allow you to make corrections or changes to the command without retyping. You can also enter the question mark (?) to get various types of command help: z When typed at the beginning of a line, the question mark lists all commands available in the current mode.
hostname hostname Description This command changes the hostname of the controller. Syntax Parameter Description Range Default hostname The hostname of the controller 1-63 See below Usage Guidelines The hostname is used as the default prompt. You can use any alphanumeric character, punctuation, or symbol character. To use spaces, plus symbols (+), question marks (?), or asterisks (*), enclose the text in quotes.
ids ap-classification-rule id-classification-rule check-min-discovered-aps classify-to-type [neighbor | suspected-rogue] clone conf-level-incr discovered-ap-cnt match-ssids no snr-max snr-min ssid Description Configure the AP classification rule profile. Syntax Parameter Description Range Default Enter the AP classification rule profile name.
Command History Release Modification ArubaOS 6.0 Command introduced Command Information Platforms Licensing Command Mode Available on all platforms Requires the RFprotect license Config mode on master controllers 211 | ids ap-classification-rule Dell PowerConnect ArubaOS 6.
ids ap-rule-matching no rule-name Description Configure the IDS active AP rules profile Syntax Parameter Description no Negates any configured parameter rule-name Enter the name of the AP to activate Usage Guidelines This command activates an active AP rule. You must create the rule before you can activate it.
ids dos-profile ids ids dos-profile ap-flood-inc-time ap-flood-quiet-time ap-flood-threshold assoc-rate-thresholds auth-rate-thresholds block-ack-dos-quiet-time chopchop-quiet-time client-ht-40mhz-intol-quiet-time client-flood-inc-time client-flood-quiet-time client-flood-threshold client-ht-40mhz-intolerance clone cts-rate-quiet-time cts-rate-threshold cts-rate-time-interval deauth-rate-thresholds detect-ap-flood detect-b
overflow-ie-quiet-time probe-request-rate-thresholds probe-response-rate-thresholds rts-rate-threshold rts-rate-time-interval spoofed-deauth-blacklist tkip-replay-quiet-time Description This command configures traffic anomalies for denial of service (DoS) attacks. Dell PowerConnect ArubaOS 6.
Syntax 215 | ids dos-profile Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters. — “default” ap-flood-inc-time Time, in seconds, during which a configured number of fake AP beacons must be received to trigger an alarm. 0-36000 3600 seconds ap-flood-quiet-time After an alarm has been triggered by a fake AP flood, the time, in seconds, that must elapse before an identical alarm may be triggered.
Parameter Description Range Default detect-client-flood Enable/disable detection of client flood attack. true false disable detect-cts-rate-anomaly Enable/disable detection of CTS rate anomaly. true false disable detect-disconnect-station In a station disconnection attack, an attacker spoofs the MAC address of either an active client or an active AP. The attacker then sends deauthenticate frames to the target device, causing it to lose its active association.
Parameter Description Range Default disconnect-sta-assoc-respthreshold The number of successful Association Response or Reassociation response frames seen in an interval of 10 seconds that should trigger this event. 1-30 5 disconnect-sta-quiet-time After a station disconnection attack is detected, the time, in seconds, that must elapse before another identical alarm can be generated.
Parameter Description Range Default rts-rate-threshold Number of RTS control packets over the time interval that constitutes an anomaly. 0-100000 5000 rts-rate-time-interval Time interval, in seconds, over which the packet count should be checked. 1-120 seconds 5 seconds spoofed-deauth-blacklist Enables detection of a deauth attack initiated against a client associated to an AP.
ids general-profile ids general-profile adhoc-ap-inactivity-timeout adhoc-ap-max-unseen-timeout ap-inactivity-timeout ap-max-unseen-timeout clone ids-events [logs-and-traps | logs-only | none | traps-only] min-pot-ap-beacon-rate min-pot-ap-monitor-time mobility-manager-rtls no ...
Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters. — “default” adhoc-ap-inactivity-timeout Ad hoc (IBSS) AP inactivity timeout in number of scans. 5-36000 seconds 5 seconds adhoc-ap-max-unseen-timeout Ageout time in seconds since ad hoc (IBSS) AP was last seen. 5-36000 seconds 5 seconds ap-inactivity-timeout Time, in seconds, after which an AP is aged out.
Parameter Description Range Default wireless-containment [deauthonly | none | tarpit-all-sta | tarpit-non-valid-sta] Enable wireless containment including Tarpit Shielding. Tarpit shielding works by steering a client to a tarpit so that the client associates with it instead of the AP that is being contained.
ids impersonation-profile ids impersonation-profile beacon-diff-threshold beacon-inc-wait-time beacon-wrong-channel-quiet-time clone detect-ap-impersonation detect-ap-spoofing detect-beacon-wrong-channel detect-hotspotter hotspotter-quiet-time no ... protect-ap-impersonation Description This command configures anomalies for impersonation attacks. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters. — “default” beacon-diff-threshold Percentage increase in beacon rates that triggers an AP impersonation event. 0-100 50% beacon-inc-wait-time Time, in seconds, after the beacon difference threshold is crossed before an AP impersonation event is generated.
Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 3.4 detect-sequence-anomaly, sequence-diff, sequence-quiet-time, sequence-time-tolerance parameters deprecated. ArubaOS 6.
ids management-profile event-correlation [logs-and-traps | logs-only | none | traps-only] event-correlation-quiet-time Description Mange the event correlation. Syntax Parameter Description Range event-correlation logs-and-traps logs-only none traps-only Correlation mode for IDS event traps and syslogs (logs). Event correlation can be enabled with generation of correlated logs, traps, or both. To disable correlation, enter the keyword none.
ids profile ids profile clone dos-profile general-profile impersonation-profile no ... signature-matching-profile unauthorized-device-profile Description This command defines a set of IDS profiles. Syntax Parameter Description Default Name that identifies an instance of the profile. The name must be 1-63 characters. “default” clone Name of an existing IDS profile from which parameter values are copied.
Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 6.0 Deprecated predefined profiles Deprecated Predefined Profile Deprecated Profile for levels: disabled, high, medium, and low z ids-disabled z ids-high-setting z ids-medium-setting z ids-high-setting Command Information 227 | ids profile Platform License Command Mode Available on all platforms Requires the RFprotect license Config mode on master controllers. Dell PowerConnect ArubaOS 6.
ids rate-thresholds-profile ids rate-thresholds-profile channel-inc-time channel-quiet-time channel-threshold clone no ... node-quiet-time node-threshold node-time-interval Description This command configures thresholds that are assigned to the different frame types for rate anomaly checking. Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1- — 63 characters.
Example The following command configures frame thresholds: (host) (config) #ids rate-thresholds-profile Lobby (host) (IDS Rate Thresholds Profile "Lobby") #channel-threshold 250 Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 6.0 Deprecated predefined profiles Deprecated Predefined Profiles Deprecated the predefined profile with probe-request-response-threshold.
ids signature-matching-profile ids signature-matching-profile clone no ... signature Description This command contains defined signature profiles. Syntax Parameter Description Default Name that identifies an instance of the profile. The name must be 1-63 characters. “default” clone Name of an existing IDS signature matching profile from which parameter values are copied. — no Negates any configured parameter. — signature Name of a signature profile.
ids signature-profile ids signature-profile bssid clone dst-mac frame-type {assoc|auth|beacon|control|data|deauth|disassoc|mgmt|probe-request| no ... payload [offset ] seq-num src-mac Description This command configures signatures for wireless intrusion detection. 231 | ids signature-profile Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Default Name that identifies an instance of the profile. The name must be 1-63 characters. “default” bssid BSSID field in the 802.11 frame header. — clone Name of an existing IDS signature profile from which parameter values are copied. — dst-mac Destination MAC address in the 802.11 frame header. — frame-type Type of 802.11 frame. For each type of frame, further parameters can be specified to filter and detect only the required frames.
Signature Profile Parameter Value ASLEAP frame-type beacon ssid = asleap Deauth-Broadcast frame-type deauth dst-mac ff:ff:ff:ff:ff:ff payload offset=3 pattern=0x00601d payload offset=6 pattern=0x0001 payload offset=3 pattern=0x00601d payload offset=12 pattern=0x000102 frame-type probe-response ssid length = 0 Netstumbler Generic Netstumbler Version 3.3.0x Null-Probe-Response Command History Version Modification ArubaOS 3.
ids unauthorized-device-profile ids unauthorized-device-profile adhoc-using-valid-ssid-quiet-time allow-well-known-mac [hsrp|iana|local-mac|vmware|vmware1|vmware2|vmware3] cfg-valid-11a-channel cfg-valid-11g-channel classification clone detect-adhoc-network detect-adhoc-using-valid-ssid detect-bad-wep detect-ht-greenfield detect-invalid-mac-oui detect-misconfigured-ap detect-unencrypted-valid-client detect-valid-client-misassociation detect-windows-bridge detec
Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters. — “default” adhoc-quiet-time DEPRECATED adhoc-using-valid-ssidquiet-time Time to wait, in seconds, after detecting an adhoc network using a valid SSID, after which the check can be resumed. 60-360000 900 seconds allow-well-known-mac Allows devices with known MAC addresses to classify rogues APs.
Parameter Description Range Default clone Name of an existing IDS rate thresholds profile from which parameter values are copied. — — detect-adhoc-network Enable detection of adhoc networks. — false detect-adhoc-using-validssid Enable/disable detection of adhoc networks using valid/protected SSIDs — enable detect-bad-wep Enables detection of WEP initialization vectors that are known to be weak and/or repeating. A primary means of cracking WEP keys is to capture 802.
Parameter Description Range Default protect-ht-40mhz Enables or disables protection of high-throughput (802.11n) devices operating in 40 MHz mode. — false protect-misconfigured-ap Enables protection of misconfigured APs. — false protect-ssid Enables use of SSID by valid APs only. — false protect-valid-sta When enabled (true), does not allow valid stations to connect to a non-valid AP.
Example The following command copies the settings from the ids-unauthorized-device-disabled profile and then enables detection and protection from adhoc networks: (host) (config) #ids unauthorized-device-profile floor7 (host) (IDS Unauthorized Device Profile "floor7") #unauth1 (host) (IDS Unauthorized Device Profile "floor7") #clone ids-unauthorized-devicedisable (host) (IDS Unauthorized Device Profile "floor7") #detect-adhoc-network (host) (IDS Unauthorized Device Profile "floor7") #protect-adhoc-network
interface fastethernet | gigabitethernet interface interface {fastethernet|gigabitethernet} / description duplex {auto|full|half} ip access-group {in|out|session {vlan }} no ...
Syntax Parameter Description Range Default is always 1. — — Number assigned to the network interface embedded in the controller. Port numbers start at 0 from the left-most position. — — description String that describes this interface. — — duplex Transmission mode on the interface: full or half-duplex or auto to automatically adjust transmission. auto/full/half auto ip access-group Applies the specified access control list (ACL) to the interface.
Parameter Description Range Default trusted Set this interface and range of VLANs to be trusted. VLANs not included in the trusted range of VLANs will be, by default, untrusted. Trusted ports and VLANs are typically connected to internal controlled networks, while untrusted ports connect to thirdparty APs, public areas, or other networks to which access controls should be applied. When Dell APs are attached directly to the controller, set the port to be trusted.
Related Commands (host) #show interface {fastethernet|gigabitethernet} / (host) #show datapath port vlan-table / Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 The trusted VLAN and ip access-group session vlan parameters were introduced. ArubaOS 3.4.1 The trusted vlan parameter was added. Command Information Platforms Licensing Command Mode All platforms This command is available in the base operating system.
interface loopback interface loopback ip address no ... Description This command configures the loopback address on the controller. Syntax Parameter Description ip address Host IP address in dotted-decimal format. This address should be routable from all external networks. no Negates any configured parameter. Usage Guidelines If configured, the loopback address is used as the controller’s IP address.
interface port-channel interface port-channel add {fastethernet|gigabitethernet} / del {fastethernet|gigabitethernet} / ip access-group {in|out|session {vlan }} no ...
Syntax Parameter Description Range Default port-channel ID number for this port channel. 0-7 — add Adds the specified FastEthernet or GigabitEthernet interface to the port channel. You cannot specify both FastEthernet and GigabitEthernet interfaces for the same port channel. — — del Deletes the specified Fastethernet or Gigabitethernet interface to the port channel. — — ip access-group Applies the specified access control list (ACL) to the interface.
Parameter Description Range Default Sets the supplied range of VLANs as trusted. All remaining become untrusted automatically. For example, if you set a VLAN range as: vlan 1-10, 100-300, 301, 305-400, 501-4094 Then all VLANs in this range are trusted and all others become untrusted by default. You can also use the no trusted vlan command to explicitly make an individual VLAN untrusted. The no trusted vlan command is additive and adds given vlans to the existing untrusted vlan set.
(host) (config) #interface port channel 7 add fastethernet 1/1 add fastethernet 1/2 Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 The trusted VLAN and ip access-group session vlan parameters were introduced. ArubaOS 3.4.1 The trusted vlan parameter was added. Command Information Platforms Licensing Command Mode W-3000 Controller Series MultiService Controller This command is available in the base operating system.
interface range interface range {fastethernet|gigabitethernet} /- duplex {auto|full|half} ip access-group {in|out|session {vlan }} no ...
Syntax Parameter Description Range Default range Range of Ethernet ports in the format /-. — — duplex Transmission mode on the interface: full- or half-duplex or auto to automatically adjust transmission. auto/full/ half auto ip access-group Applies the specified access control list (ACL) to the interface. Use the ip access-list command to configure an ACL. — — in Applies ACL to interface’s inbound traffic. — — out Applies ACL to interface’s outbound traffic.
Parameter vlan Description Range Default Sets the supplied range of VLANs as trusted. All remaining become untrusted automatically. For example, If you set a VLAN range as: vlan 1-10, 100-300, 301, 305-400, 501-4094 Then all VLANs in this range are trusted and all others become untrusted by default. You can also use the no trusted vlan command to explicitly make an individual VLAN untrusted. The no trusted vlan command is additive and adds given vlans to the existing untrusted vlan set.
interface tunnel interface tunnel description inter-tunnel-flooding ip address mtu no ... shutdown trusted tunnel checksum|destination |keepalive [ ]|key |mode gre {|ip}|source {|loopback|vlan }|vlan Description This command configures a tunnel interface. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default tunnel Identification number for the tunnel. 1-2147483647 — description String that describes this interface. — Tunnel Interface inter-tunnelflooding Enables inter-tunnel flooding. — enabled ip address IP address of the tunnel. This represents the entrance to the tunnel. — — mtu MTU size for the interface. — 1500 no Negates any configured parameter. — — shutdown Causes a hard shutdown of the interface.
tunnel type is the default (tunnel mode gre ip). You can direct traffic into the tunnel using a static route (specify the tunnel as the next hop for a static route) or a session-based access control list (ACL). Example The following command configures a tunnel interface: (host) (config) #interface tunnel 200 ip address 10.1.1.1 255.255.2550 tunnel source loopback tunnel destination 20.1.1.242 tunnel mode gre ip Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.
interface vlan interface vlan bandwidth-contract bcmc-optimization description ip address { |dhcp-client|pppoe}|helper-address |igmp|local-proxy-arp|nat inside|{ospf area }routing} ipv6 mld [snooping] mtu no ... operstate up shutdown Description This command configures a VLAN interface. 252 | interface vlan Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default vlan VLAN ID number. 1-4094 — bandwidth-contract Name of the bandwidth contract to be applied to this VLAN interface. When applied to a VLAN, the contract only limits multicast traffic and does not affect other data. Use the aaa bandwidth-contract command to configure a bandwidth contract. — — bcmc-optimization Enables broadcast and multicast traffic optimization to prevent flooding of broadcast and multicast traffic on VLANs.
Usage Guidelines All ports on the controller are assigned to VLAN 1 by default. Use the interface fastethernet|gigabitethernet command to assign a port to a configured VLAN. Example The following command configures a VLAN interface: (host) (config) #interface vlan 16 ip address 10.26.1.1 255.255.255.0 ip helper-address 10.4.1.22 Command History This command was introduced in ArubaOS 3.0 Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3 The ipv6 parameters were introduced. ArubaOS 3.
interface vlan ip igmp proxy interface vlan ip igmp snooping|{proxy fastethernet|gigabitethernet /} Description This command enables IGMP and/or IGMP snooping on this interface, or configures a VLAN interface for uninterrupted streaming of multicast traffic. Syntax Parameter Description snooping Enable IGMP snooping. The IGMP protocol enables an router to discover the presence of multicast listeners on directly-attached links.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 256 | interface vlan ip igmp proxy Dell PowerConnect ArubaOS 6.
ip access-list eth ip ip access-list eth {|} deny { []|any} [mirror] no ... permit { []|any} [mirror] Description This command configures an Ethertype access control list (ACL). Syntax Parameter Description Range eth Enter a name, or a number in the specified range.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3 The mirror parameter was introduced. Command Information Platform License Command Mode Available on all platforms Requires the PEFNG license. Config mode on master controllers 256 | ip access-list eth Dell PowerConnect ArubaOS 6.
ip access-list extended ip access-list extended {|} deny ipv6 no ... permit Description This command configures an extended access control list (ACL). To configure IPv6 specific rules, use the ipv6 keyword for each rule. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range extended Enter a name, or a number in the specified range. 100-199, 2000-2699 ipv6 Use the ipv6 keyword to add IPv6 specific rules. deny Reject the specified packets.
Command History This command was available in ArubaOS 3.0. Command Information Platform License Command Mode Available on all platforms Requires the PEFNG license Config mode on master controllers Dell PowerConnect ArubaOS 6.
ip access-list mac ip access-list mac {|} deny {[]|any|host } [mirror] no ... permit {[]|any|host } [mirror] Description This command configures a MAC access control list (ACL). Syntax Parameter Description Range mac Configures a MAC access list. Enter a name, or a number in the specified range.
Command Information Platform License Command Mode Available on all platforms Requires the PEFNG license Config Dell PowerConnect ArubaOS 6.
ip access-list session ip access-list session [] ipv6 [alias | any | host | network | user] no ... Description This command configures an access control list (ACL) session. To create IPv6 specific rules, use the ipv6 keyword. 262 | ip access-list session Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Enter a name for this ACL ipv6 Use the ipv6 keyword to create IPv6 specific rules.
Parameter Description no Negates any configured parameter. Usage Guidelines Session ACLs define traffic and firewall policies on the controller. You can configure multiple rules for each policy, with rules evaluated from top (1 is first) to bottom. The first match terminates further evaluation. Generally, you should order more specific rules at the top of the list and place less specific rules at the bottom of the list. The ACL ends with an implicit deny all.
ip access-list standard ip access-list standard {|} deny { |any|host } no ... permit { |any|host } Description This command configures a standard access control list (ACL). Syntax Parameter Description Range standard Enter a name, or a number in the specified range. 1-99, 1300-1399 ipv6 Use the ipv6 keyword to create IPv6 specific standard rules.
ip cp-redirect-address ip cp-redirect-address | disable Description This command configures a redirect address for captive portal. Syntax Parameter Description Host address with a 32-bit netmask. This address should be routable from all external networks. disable Disables automatic DNS resolution for captive portal. Usage Guidelines This command redirects wireless clients that are on different VLANs (from the controller’s IP address) to the captive portal on the controller.
ip default-gateway ip default-gateway |{import cell|dhcp|pppoe}|{ipsec } Description This command configures the default gateway for the controller. Syntax Parameter Description IP address of the default gateway. import Use a gateway IP address obtained through the cell interface, DHCP or PPPoE. The default gateway is imported into the routing table and removed when the uplink is no longer active. cell Use Cell interface when available to obtain default gateway.
ip dhcp excluded-address ip dhcp excluded-address [] Description This command configures an excluded address range for the DHCP server on the controller. Syntax Parameter Description Low end of range of IP addresses. For example, you can enter the IP address of the controller so that this address is not assigned. High end of the range of IP addresses.
ip dhcp pool ip dhcp pool default-router ... dns-server { ... |import} domain-name lease netbios-name-server { ... |import} network {|} no ... option ip Description This command configures a DHCP pool on the controller. Syntax Parameter Description default-router IP address of the default router for the DHCP client. The client should be on the same subnetwork as the default router.
lease 0 8 0 network 10.26.1.0 255.255.255.0 Command History Introduced in ArubaOS 3.0 Command Information 270 | ip dhcp pool Platform License Command Mode Available on all platforms Available in the base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
ip domain lookup ip domain lookup Description This command enables Domain Name System (DNS) hostname to address translation. Syntax There are no parameters for this command. Usage Guidelines This command is enabled by default. Use the no form of this command to disable. Example The following command enables DNS hostname translation: (host)(config) #ip domain lookup Command History This command was available in ArubaOS 3.0.
ip domain-name ip domain-name Description This command configures the default domain name. Syntax Parameter Description domain-name Name used to complete unqualified host names. Do not specify the leading dot (.). Usage Guidelines The controller uses the default domain name to complete hostnames that do not contain domain names. You must have at least one domain name server configured on the controller (see “ip name-server” on page 286).
ip igmp ip igmp last-member-query-count last-member-query-interval query-interval query-response-interval <.1 seconds> robustness-variable <2-10> startup-query-count startup-query-interval version-1-router-present-timeout Description This command configures Internet Group Management Protocol (IGMP) timers and counters.
Command Information 274 | ip igmp Platform License Command Mode Available on all platforms Available in the base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
ip local ip local pool [] Description This command configures a local IP pool for Layer-2 Tunnel Protocol (L2TP). Syntax Parameter Description pool Name for the address pool. Starting IP address for the pool. (Optional) Ending IP address for the pool. Usage Guidelines VPN clients can be assigned IP addresses from the L2TP pool. Example The following command configures an L2TP pool: (host) (config) #ip local pool 10.1.1.1 10.1.1.
ip mobile active-domain ip mobile ip mobile active-domain Description This command configures the mobility domain that is active on the controller. Syntax Parameter Description active-domain Name of the mobility domain. Usage Guidelines All controllers are initially part of the “default” mobility domain. If you use the “default” mobility domain, you do not need to specify this domain as the active domain on the controller.
ip mobile domain ip mobile domain hat no ... Description This command configures the mobility domain on the controller. Syntax Parameter Description Range domain Name of the mobility domain. — hat Configures a home agent table (HAT) entry. — Subnet that requires mobility service. — Netmask for the IP address. — VLAN ID. The VLAN ID must be the VLAN number on the home agent controller.
Command History Release Modification ArubaOS 3.0 Command available. ArubaOS 6.0 A new parameter, description is added for providing more information about a HAT entry. ArubaOS 3.4.1 vlan range parameter introduced. ArubaOS 6.0 wired aaa-profile parameter introduced. Command Information Platform License Command Mode Available on all platforms Available in the base operating system Config mode on master controllers 278 | ip mobile domain Dell PowerConnect ArubaOS 6.
ip mobile foreign-agent ip mobile foreign-agent {lifetime | max-visitors | registrations {interval | retransmits }} Description This command configures the foreign agent for IP mobility. Syntax Parameter Description Range Default lifetime Requested lifetime, in seconds, as per RFC 3344, “IP Mobility Support for IPv4”. 10-65534 180 seconds max-visitors Maximum number of active visitors.
ip mobile home-agent ip mobile home-agent {max-bindings |replay } Description This command configures the home agent for IP mobility. Syntax Parameter Description Range Default max-bindings Maximum number of mobile IP bindings. This option is an additional limitation to control the maximum number of roaming users.
ip mobile proxy ip mobile proxy auth-sta-roam-only | block-dhcp-release | dhcp {max-requests | transaction-hold |transaction-timeout }| event-threshold | log-trail | no-service-timeout | on-association |re-home | stale-timeout | stand-alone-AP | trail-length |trail-timeout Description This command configures the proxy mobile IP module in a mobility-enabled controller. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default auth-sta-roamonly Allows a client to roam only if has been authenticated. If a client has not been authenticated, no mobility service is offered if it roams to a different VLAN or controller. — enabled block-dhcp-re lease Determines whether DHCP release packets generated from the client should be dropped or forwarded to the DHCP server.
stand-alone-AP Enables support for third party or standalone APs. When this is enabled, broadcast packets are not used to trigger mobility and packets from untrusted interfaces are accepted. If mobility is enabled, you must also enable standalone AP for the client to connect to the controller’s untrusted port. If the controller learns wired users via the following methods, enable standalone AP: z Third party AP connected to the controller through the untrusted port.
ip mobile revocation ip mobile revocation {interval |retransmits Description This command configures the frequency at which registration revocation messages are sent. Syntax Parameter Description Range Default interval Retransmission interval, in milliseconds. 100-10000 ms 1000 ms retransmits Maximum number of times the home agent or foreign agent attempts mobile IP registration/revocation message exchanges before giving up.
ip mobile trail ip mobile trail {host IP address | host MAC address} Description This command configures the capture of association trail for all devices. Syntax Parameter Description Default Host IP address The IP address of the client for which the association trail is captured. disabled Host MAC address The MAC address of the client for which the association trail is captured. disabled Usage Guidelines A device can move from one home agent to another or between home agents.
ip name-server ip name-server Description This command configures servers for name and address resolution. Syntax Parameter Description IP address of the server. Usage Guidelines You can configure up to six servers using separate commands. Specify one or more servers when you configure a default domain name (see “ip domain-name” on page 272). Example The following command configures a name server: ip name-server 10.1.1.245 Command History This command was available in ArubaOS 3.0.
ip nat ip nat pool [] Description This command configures a pool of IP addresses for network address translation (NAT). Syntax Parameter Description pool Name of the NAT pool. IP address that defines the beginning of the range of source NAT addresses in the pool. IP address that defines the end of the range of source NAT addresses in the pool. Destination NAT IP address.
ip ospf ip ospf area|{authentication message-digest | cost | dead-interval | hello-interval | message-digest-key | priority | retransmit-interval |transmit-delay Description Configure OSPF on the VLAN interface. Syntax Parameter Description Range Default area Enable OSPF on a specific interface by entering the IP address of the router that will use OSPF.
Related Commands Command Description show ip ospf View the OSPF configuration Command History Release Modification ArubaOS 3.4 Command introduced Command Information Platforms Licensing Command Mode All Platforms Base operating system Configuration Interface Mode (config-subif) Dell PowerConnect ArubaOS 6.
ip pppoe-max-segment-size ip pppoe-max-segment-size Description This command configures the maximum TCP segment size (mss), in bytes, for Point-to-Point Protocol over Ethernet (PPPoE) data. Syntax Parameter Description Range Default Enter the keywords pppoe-max-segment-size followed by the TCP max segment size (mss) in bytes. 128-1452 1452 Usage Guidelines The maximum segment size for PPPoE is smaller than the normal Ethernet encapsulation size because of the PPPoE overhead.
ip pppoe-password ip pppoe-password Description This command configures the PPP over Ethernet (PPPoE) password. Syntax Parameter Description Enter the keyword ip-pppoe-password followed by the PAP password configured on the PPPoE Access Concentrator for the controller. Usage Guidelines Note the following about enabling the PPPoE client on the controller: z You cannot enable both the DHCP and PPPoE client on the controller at the same time.
ip pppoe-service-name ip pppoe-service-name Description This command configures the PPP over Ethernet (PPPoE) service name. Syntax Parameter Description Enter the keyword ip-pppoe-service-name followed by the PPPoE service name. Usage Guidelines Note the following about enabling the PPPoE client on the controller: z You cannot enable both the DHCP and PPPoE client on the controller at the same time.
ip pppoe-username ip pppoe-username Description This command configures the PPP over Ethernet (PPPoE) username. Syntax Parameter Description Enter the keywords ip pppoe-username followed by the PAP user name configured on the PPPoE Access Concentrator for the controller. Usage Guidelines Note the following about enabling the PPPoE client on the controller: z You cannot enable both the DHCP and PPPoE client on the controller at the same time.
ip radius ip radius {nas-ip |rfc-3576-server udp-port |source-interface {loopback|vlan } Description This command configures global parameters for configured RADIUS servers. Syntax Parameter Description Range Default nas-ip NAS IP address to send in RADIUS packets. A server-specific NAS IP configured with the aaa authentication-server radius command supersedes this configuration.
ip route ip route { []|ipsec |null 0} Description This command configures a static route on the controller. Syntax Parameter Description Enter the destination prefix address in dotted decimal format (A.B.C.D). Enter the destination prefix mask address in dotted decimal format (A.B.C.D). [] Enter the forwarding router address in dotted decimal format (A.B.C.D). Optionally, enter the distance metric (cost) for this route.
ipv6 enable ipv6 enable Description This command enables IPv6 packet processing globally. This option is disabled by default. Syntax No parameters. Usage Guidelines This command enables IPv6 packet processing globally. Command History This command was introduced in ArubaOS 6.0. Command Information Platform License Command Mode Available on all platforms Available in the base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
ipv6 firewall ipv6 firewall attack-rate {ping |session |tcp-syn } deny-inter-user-bridging | drop-ip-fragments | enable | enable-per-packet-logging | enforce-tcp-handshake | prohibit-ip-spoofing | prohibit-rst-replay | session-idle-timeout | session-mirror-destination {ip-address }|{port } Description This command configures firewall options on the controller for IPv6 traffic. 295 | ipv6 firewall Dell PowerConnect ArubaOS 6.
Syntax Parameter Description attack-rate Sets rates which, if exceeded, can indicate a denial of service attack. Range Default ping Number of ICMP pings per second, which if exceeded, can indicate a denial of service attack. Recommended value is 4 1-255 — session Number of TCP or UDP connection requests per second, which if exceeded, can indicate a denial of service attack. Recommended value is 32.
This command configures global firewall options on the controller for IPv6 traffic. Example The following command disallows forwarding of non-IP frames between IPv6 clients: (host) (config) #ipv6 firewall deny-inter-user-bridging Command History Introduced in ArubaOS 3.3 Command Information 297 | ipv6 firewall Platform License Command Mode Available on all platforms Available in the base operating system, except for noted parameters Config mode on master controllers Dell PowerConnect ArubaOS 6.
lacp group lacp group mode {active | passive} lacp Description Enable Link Aggregation Control Protocol (LACP) and configure LACP on the interface. Syntax Parameter Description Enter the link aggregation group (LAG) number. Range: 0-7 mode {active | passive} Enter the keyword mode followed by either the keyword active or passive. z Active mode—the interface is in active negotiating state. LACP runs on any link that is configured to be in the active state.
lacp port-priority lacp port-priority Description Configure the LACP port priority. Syntax Parameter Description Enter the port-priority value. The higher the value number the lower the priority. Range: 1 to 65535 Default: 255 Usage Guidelines Set the port priority for LACP.
lacp system-priority lacp system-priority Description Configure the LACP system priority. Syntax Parameter Description Enter the system priority value. The higher the value number the lower the priority. Range: 1 to 65535 Default: 32768 Usage Guidelines Set the LACP system priority.
lacp timeout lacp timeout {long | short} Description Configure the timeout period for the LACP session. Syntax Parameter Description long Enter the keyword long to set the LACP session to 90 seconds. This is the default. short Enter the keyword short to set the LACP session to 3 seconds. Usage Guidelines The timeout value is the amount of time that a port-channel interface waits for a LACPDU (Link Aggregation Control Protocol data unit) from the remote system before terminating the LACP session.
license license {add |del |export |import |report } Description This command allows you to install, delete, and manage software licenses on the controller. Syntax Parameter Description add Installs the software license key in the controller. The key is normally sent to you via email. del Removes the software license key from the controller. The key is normally sent to you via email.
localip localip ipsec Description This command configures the IP address and preshared key for the local controller on a master controller. Syntax Parameter Description IP address of the local controller. Use the 0.0.0.0 address to configure a global preshared key for all inter-controller communications. ipsec Preshared key, which must be between 6-64 characters.
local-userdb add localuserdb local-userdb add {generate-username|username } {generate-password|password } [comment ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ][guest-phone ][mode disable][opt-field-1 ][opt-field-2 ][opt-field-3 ][opt-field-4 ][role ][sponsor-dept ][sponsor-mail ][sponsor-fullname ][sponsor-name ] [start
Syntax Parameter Description Range Default generate-username Automatically generate and add a username. — — username Add the specified username. 1 – 64 characters — generate-password Automatically generate a password for the username. — — password Add the specified password for the username. 6 – 128 characters — comments Comments added to the user account. — — email Email address for the user account. — — expiry Expiration for the user account.
accounts in the internal database. You can modify an existing user account in the internal database with the local-userdb modify command, or delete an account with the local-userdb del command. By default, the internal database in the master controller is used for authentication. Issue the aaa authentication-server internal use-local-switch command to use the internal database in a local controller; you then need to add user accounts to the internal database in the local controller.
local-userdb del local-userdb {del username |del-all} Description This command deletes entries in the controller’s internal database. Syntax Parameter Description del username Deletes the user account for the specified username. del-all Deletes all entries in the internal database. Usage Guidelines User account entries created with expirations are automatically deleted from the internal database at the specified expiration.
local-userdb export local-userdb export Description This command exports the internal database to a file. Caution: Use this command with caution. It replaces the existing users with user entries from the imported file. Syntax Parameter Description export Saves the internal database to the specified file in flash. Usage Guidelines After using this command, you can use the copy command to transfer the file from flash to another location.
local-userdb fix-database local-userdb fix-database Description This command deletes and reinitializes the internal database. Syntax No parameters. Usage Guidelines Before using this command, you can save the internal database with the local-userdb export command. Command History Introduced in ArubaOS 3.0. Command Information Platform License Command Mode Available on all platforms Available in the base operating system Enable mode on master controllers.
local-userdb import local-userdb import Description This command replaces the internal database with the specified file from flash. Syntax Parameter Description import Replaces the internal database with the specified file. Usage Guidelines This command replaces the contents of the internal database with the contents in the specified file. The file must be a valid internal database file saved with the local-userdb export command.
local-userdb maximum-expiration local-userdb maximum-expiration Description This command configures the maximum time, in minutes, that a guest account in the internal database can remain valid. Syntax Parameter Description Range maximum-expiration Maximum time, in minutes, that a guest account in the internal database can remain valid. 1-2147483647 Usage Guidelines The user in the guest-provisioning role cannot create guest accounts that expire beyond the configured maximum time.
local-userdb modify local-userdb modify username [comments ][email ] [expiry {duration |time }] [guest-company ][guestfullname ][guest-phone ][mode disable][opt-field-1 ][optfield-2 ][opt-field-3 ][opt-field-4 ][role ][sponsor-dept ][sponsor-mail ][sponsor-fullname ][sponsor-name ][start-time
Usage Guidelines Use the show local-userdb command to view the current user account entries in the internal database. Example The following command disables an existing user account in the internal database: (host)# local-userdb modify username guest4157 mode disable Command History Version Modification ArubaOS 3.0 Introduced for the first time. ArubaOS 3.4 The guest, sponsor and optional parameters were added.
local-userdb send-to-guest local-userdb send-to-guest Description This command automatically sends email to the guest when the guest user is created. Syntax No parameters. Usage Guidelines A guest is the person who needs guest access to the company’s Dell wireless network. Email is sent directly to the guest after the guest user is created. When configuring the guest provisioning feature, the guest user is generally created by Guest Provisioning user.
local-userdb send-to-sponsor local-userdb send-to-sponsor Description This command automatically sends email to the guest’s sponsor when the guest user is created. Syntax No parameters. Usage Guidelines The sponsor is the guest's primary contact. Email is sent directly to the guest’s sponsor after the guest user is created. When configuring the guest provisioning feature, the sponsor is generally created by the Guest Provisioning user.
local-userdb-guest add local-userdb-guest local-userdb-guest add {generate-username|username } {generate-password|password } [comment ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ][guest-phone ][mode disable][opt-field-1 ][opt-field-2 ][opt-field-3 ][opt-field-4 ][sponsor-dept ][sponsor-mail ][sponsorfullname ][sponsor-name ] [
Syntax Parameter Description Range Default generate-username Automatically generate and add a guest username. — — username Add the specified guest username. 1 – 64 characters — generate-password Automatically generate a password for the username. — — password Add the specified password for the username. 6 – 128 characters — comments Comments added to the guest user account. — — email Email address for the guest user account. — — expiry Expiration for the user account.
By default, the internal database in the master controller is used for authentication. Issue the aaa authenticationserver internal use-local-switch command to use the internal database in a local controller; you then need to add user accounts to the internal database in the local controller.
local-userdb-guest del local-userdb-guest {del username |del-all} Description This command deletes entries in the controller’s internal database. Syntax Parameter Description del username Deletes the user account for the specified username. del-all Deletes all entries in the internal database. Usage Guidelines User account entries created with expirations are automatically deleted from the internal database at the specified expiration.
local-userdb-guest modify local-userd-guest modify username [comments ][email ] [expiry {duration |time }] [guest-company ][guestfullname ][guest-phone ][mode disable][opt-field-1 ][optfield-2 ][opt-field-3 ][opt-field-4 ][password ][sponsor-mail ][sponsor-fullname ][sponsor-name ][start-time
Usage Guidelines Use the show local-userdb-guest command to view the current user account entries in the internal database. Example The following command disables an guest user account in the internal database: (host)local-userdb-guest modify username guest4157 mode disable Command History Introduced in ArubaOS 3.4. Command Information Platform License Command Mode Available on all platforms Available in the base operating system Enable and config modes on master controllers.
local-userdb-guest send-email local-userdb-guest send-email [to-guest][to-sponsor] Description This command causes the controller to send email to the guest and/or sponsor any time a guest user is created. Syntax Parameter Description Range Default Name of the guest 1 – 64 characters — to-guest Allows you to send email to the guest user’s address. — — to-sponsor Allows you to send email to the sponsor’s email address.
local-userdb-remote-node localuserdb local-userdb-remote-node add mac-address remote-node-profile del mac-address Description This command adds a Remote Node to the Remote Node whitelist. You can also delete the whitelist entry using this command. Syntax Parameter Description Range Default mac-address MAC address of the Remote Node in colon-separated sixoctet format.
Related Commands Command Description Mode remote-node-localip Configures security for all Remote Node and Remote Controller control traffic Config modes remote-node-masterip Configures security for the Remote Node master IP address. Config mode remote-node-profile The remote-node-profile command lets you create a Remote Node profile. Config mode show remote-node Shows Remote Node configuration, dhcp instance, license usage and running configuration information.
location location Description This command configures the location of the controller. Syntax Parameter Description location A text string that specifies the system location. Usage Guidelines Use this command to indicate the location of the controller. You can use a combination of numbers, letters, characters, and spaces to create the name. To include a space in the name, use quotation marks to enclose the text string. To change the existing name, enter the command with a different string.
logging logging [facility] | [severity] | [type>] Description Use this command to specify the IP address of the remote logging server, facility, severity, and the type. Syntax Parameter Description Range Default facility To set the remote logging server facility. local 0 to local7 — severity To set the remote logging server severity. — — type To set the remote logging server message type.
logging facility logging facility Description Use this command to set the facility to use when logging to the remote syslog server. Syntax Parameter Description Range The facility to use when logging to a remote syslog server. local0 to local7 Usage Guidelines The local use facilities (local0, local1, local2, local3, local4, local5, local6, and local7) are not reserved for specific message-generating sources, and can be used for sending syslog messages.
logging level logging level [process ] [subcat ] Description Use this command to set the categories or subcategories and the severity levels of messages that are logged. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description The message severity level, which can be one of the following (in order of severity level): emergencies (0) Panic conditions that occur when the system becomes unstable. alerts (1) Any condition requiring immediate attention and correction. critical (2) Any critical conditions, such as hard drive errors. errors (3) Error conditions. warnings (4) Warning messages. notifications (5) Significant events of a non-critical and normal nature.
Parameter Description packetfilter Packet filtering of messaging and control frames pim Protocol Independent Multicast pppoed PPPoE pptp PPTP processes Run-time processes profmgr Profile Manager publisher Publish subscribe service rfm RF Troubleshooting Manager snmp SNMP stm Station management syslogdwrap Syslogd wrap traffic Traffic vrrpd VRRP wms Wireless management (master controller only) subcat Message subcategory, which depends upon the message category specified.
Command Information 330 | logging level Platform License Command Mode Available on all platforms Available in the base operating system Config mode on master and local controllers Dell PowerConnect ArubaOS 6.
loginsession loginsession timeout Description This command configures the time management session (via Telnet or SSH) remains active without user activity. Syntax Parameter Description Range Default timeout Number of seconds or minutes that a management session remains active without any user activity. 5-60 minutes or 1-3600 seconds, 0 to disable 15 minutes Usage Guidelines The management user must re-login to the controller after a Telnet or SSH session times out.
logout logout Description This command exits the current CLI session. Syntax No parameters. Usage Guidelines Use this command to leave the current CLI session and return to the user login. Example The following command exits the CLI session: (host) >logout User: Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system User mode on local or master controllers Dell PowerConnect ArubaOS 6.
mac-address-table mac-address-table static {fastethernet|gigabitethernet} / vlan Description This command adds a static entry to the MAC address table. Syntax Parameter Description Range Media Access Control (MAC) address, in the format xx:xx:xx:xx:xx:xx. — is always 1. — Number assigned to the network interface embedded in the controller. Port numbers start at 0 from the left-most position. vlan ID number of the VLAN.
masterip masterip ipsec [fqdn ][uplink][vlan ] Description This command configures the IP address and preshared key for the master controller on a local controller. Syntax Parameter Description IP address of the master controller. ipsec Preshared key, which must be between 6-64 characters. fqdn The local controller’s Fully Qualified Domain Name (FQDN) used in IKE. uplink Use the current active uplink to initiate IKE.
master-redundancy master-redundancy master-vrrp no ... peer-ip-address ipsec Description This command associates a VRRP instance with master controller redundancy. Syntax Parameter Description Range master-vrrp The virtual router ID for the VRRP instance configured with the vrrp command. 1-255 no Negates any configured parameter. — peer-ip-address IP address of the peer controller for master redundancy.
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 336 | master-redundancy Dell PowerConnect ArubaOS 6.
mgmt-server wlan mgmt-server type {amp|other} primary-server secondary-server Description Register a management server with the controller by specifying the IP address of an AirWave Management Server or any other server that should receive messages from the controller using the Application Monitoring (AMON) protocol. Syntax Parameter Description amp Define an AirWave Management Server. other Define any other type of management server.
mgmt-user mgmt-user mgmt-user mgmt-user mgmt-user localauth-disable ssh-pubkey client-cert webui-cacert serial Description This command configures an administrative user. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Default Name of the user. You can create a maximum of 10 management users. NOTE: If you configure a root management user, you can use special characters except for double-byte characters. — Role assigned to the user. Predefined roles include: z guest-provisioning: Allows the user to create guest accounts on a special WebUI page. z location-api-mgmt: Permits access to location API information.
Use webui-cacert command if you want an external authentication server to derive the management user role. This is helpful if there are a large number of users who need to be authenticated. Or, use the if the mgmt-user webui-cacert serial if you want the authentication process to use previously configured certificate name and serial number to derive the user role.
mobility-manager mobility-manager user [interval ] [retrycount ] [udp-port ] [rtls ] trap-version {1|2c|3} Description This command allows the controller to communicate with an Mobility Manager server. Syntax Parameter Description Range Default IP address of the Mobility Manager server. — — user Name and SNMP password for the Mobility Manager server user. — — interval Round-trip time, in seconds, to trap server.
Command History This command was introduced in ArubaOS 3.1. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 341 | mobility-manager Dell PowerConnect ArubaOS 6.
netdestination netdestination host [position ] invert network [position ] no ... range [position ] Description This command configures an alias for a network host, subnetwork, or range of addresses. Syntax Parameter Description Default Name for this alias. — host Configure a single host — invert Specifies that the inverse of the network addresses configured are used. For example, if a network of 172.16.
Command Information 343 | netdestination Platforms Licensing Command Mode All platforms Requires the Policy Enforcement Firewall license. Config mode on master controllers Dell PowerConnect ArubaOS 6.
netservice netservice |tcp|udp {list ,}|{ []} [ALG ] Description This command configures an alias for network protocols. Syntax Parameter Description Range netservice Name for this alias. — IP protocol number. 0-255 tcp Configure an alias for a TCP protocol udp Configure an alias for a UDP protocol list , Specify a list of non-contiguous port numbers, by entering up to six port numbers, separated by commas.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.0 The list parameter for defining non-contiguous ports was introduced. Command Information 345 | netservice Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
network-printer network-printer [max-clients <2-20> | max-clients-per-host <1-20> | max-jobs <1-1000>] Description This command allows you to configure client and print job for the USB printer connected to a Aruba 600 series controller. Syntax Parameter Description max-clients Specify the maximum number of clients that can use the printer. Currently, the Aruba 600 series supports a maximum of 20 concurrent clients.
network-storage network-storage [share ] share [usb: disk mode {read-only | read-write} no share Description This command allows you to perform the following operation on a network share: z Configure a file system path for the share–This allows users to access the share from their computer. z Remove the share access using the no share command. Syntax Parameter Description share Enter a name for the share on the controller.
ntp server ntp server [iburst] Description This command configures a Network Time Protocol (NTP) server. Syntax Parameter Description Default IP address of the NTP server, in dotted-decimal format. — iburst (Optional) This parameter causes the controller to send up to ten queries within the first minute to the NTP server. This option is considered “aggressive” by some public NTP servers.
packet-capture packet-capture [other {disable | enable}] [sysmsg {all | disable | ] [tcp {all | disable | }] [udp {all | disable | ]] Description Use this command to enable or disable packet capturing and set packet capturing options for a single packet capture session. Syntax Parameter Description Default other Enable or disable all other types of packets. Specify up to ten commaseparated opcodes to capture; use all to sniff all opcodes; use disable to bypass the all setting.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 350 | packet-capture Dell PowerConnect ArubaOS 6.
packet-capture-defaults packet-capture-defaults [other {disable | enable}] [sysmsg {all | disable | ] [tcp {all | disable | }] [udp {all | disable | ]] Description Use this command to enable or disable packet capturing and define a set of default packet capturing options on the control path for debugging purposes. Syntax Parameter Description Default other Enable or disable all other types of packets.
Use the show packet-capture command to show the current action and the default values. (host) show packet-capture Current Active Packet Capture Actions(current switch) ===================================================== Packet filtering TCP with 2 port(s) enabled: 2 1 Packet filtering UDP with 1 port(s) enabled: 1 Packet filtering for internal messaging opcodes disabled. Packet filtering for all other packets disabled.
page page Description This command sets the number of lines of text the terminal will display when paging is enabled. Syntax Parameter Description Range length Specifies the number of lines of text displayed. 24 - 100 Usage Guidelines Use this command in conjunction with the paging command to specify the number of lines of text to display.
paging paging Description This command stops the command output from printing continuously to the terminal. Syntax No parameters Usage Guidelines By default, paging is enabled. With paging enabled, there is a pause mechanism that stops the command output from printing continuously to the terminal. If paging is disabled, the output prints continuously to the terminal. To disable paging, use the no paging command. You must be in enable mode to disable paging.
panic panic {clear | info {file |nvram } | list {file |nvram} | save } Description This command manages information created during a system crash. Syntax Parameter Description clear Removes panic information from non-volatile random access memory (NVRAM). info Displays the content of specified panic files. list Lists panic information in the specified file in flash or in NVRAM.
papi-security papi-security key [enhanced-security] no... Description The papi-security command enforces advanced security options and provides an enhanced level of security. Caution: The best practice is to refrain from modifying these settings unless advised to do so by Dell technical support. Syntax Parameter Description Default key The key authenticates the messages between systems. — The key string. Range: 10–64 characters enhanced-security Allows you to use the enhanced security mode.
Command History This command was introduced in ArubaOS 3.4 Command Information 357 | papi-security Platform License Command Mode Available on all platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
pcap pcap {raw-start [bssid ] [channel ] [maxlen ]}|{interactive [bssid ][channel ]}|{clear|pause|resume|stop [bssid ]} Description These commands manage packet capture (PCAP) on Dell air monitors. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description raw-start Stream raw packets to an external viewer. IP address of the air monitor collecting packets. IP address of the client station running Wildpacket’s AiroPeek monitoring application. UDP port number on the client station where the captured packets are sent.
The following pcap commands are available: Command Description clear Clears the packet capture session. pause Pause a packet capture session. resume Resume a packet capture session. start Start a new packet capture session. stop Stop a packet capture session. Before using these commands, you need to start the AiroPeek application on the client and open a capture window for the air monitor.
phonehome phonehome auto-report disable enable now smtp [port ] {size ] [user pass ] Description This command configures the PhoneHome auto reporting feature. Syntax Parameter Description auto-report The controller will periodically contact Dell support once a week to report any errors or changes to the controller configuration or inventory.
configured on your local network, which then delivers the message to Dell. If your email server requires the sender to be authenticated before message delivery, the controller can connect to the SMTP by supplying the sender’s user name and password. Each PhoneHome report attachment is encrypted before it is transmitted to the SMTP server, and is decrypted by Dell support when it is received.
ping ping Description This command sends five ICMP echo packets to the specified ip address. Syntax< Parameter Description Destination IP Address Usage Guidelines You can send five ICMP echo packets to a specified IP address. The controller times out after two seconds. Example The following example pings 10.10.10.5. (host) >ping 10.10.10.5 The sample controller output is: Press 'q' to abort. Sending 5, 100-byte ICMP Echos to 10.10.10.
pkt-trace pkt-trace acl {enable|disable} [trace {cptrace|pktrace} [trace-mask ]]] Description Enable packet tracing in the datapath. Use this feature only under the supervision of Dell technical support. Syntax Parameter Description Enable packet tracing for the specified access-control list. enable Enable packet tracing for the ACL. disable Disable packet tracing for the ACL. cptrace Send packet trace data into the Control Processor.
pkt-trace-global pkt-trace-global {enable|disable} [trace-mask ] Description Enable global packet tracing in the datapath. Use this feature only under the supervision of Dell technical support. Syntax Parameter Description Enable packet tracing for the specified access-control list. enable Enable global packet tracing for the ACL. disable Disable global packet tracing for the ACL. tracemask Specify a trace mask.
pptp ip local pool pptp ip local pool [] Description This command configures an IP address pool for VPN users using Point-to-Point Tunneling Protocol (PPTP). Syntax Parameter Description User-defined name for the address pool. Starting IP address for the pool. Ending IP address for the pool.
priority-map priority-map dot1p high dscp high no ... Description This command configures the Type of Service (ToS) and Class of Service (CoS) values used to map traffic into high priority queues. Syntax Parameter Description Range User-defined name of the priority map. — dot1p IEEE 802.1p priority value, or a range of values separated by a dash (-).
process monitor process monitor log|restart| Description The process monitor validates the integrity of processes every 120 seconds. If a process does not respond during three consecutive 120-second timeout intervals, that process is flagged as nonresponsive and the process monitor will create a log message, restart the process or reboot the controller Syntax Parameter Description log The process monitor creates a log message when a process fails to responding properly.
Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 3.4 The process restart command was deprecated. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master controllers 369 | process monitor Dell PowerConnect ArubaOS 6.
prompt prompt Description This command changes the prompt text. Syntax. Parameter Description Range Default prompt The prompt text displayed by the controller. 1–64 Usage Guidelines You can use any alphanumeric character, punctuation, or symbol character. To use spaces, plus symbols (+), question marks (?), or asterisks (*), enclose the text in quotes.
provision-ap provision-ap a-ant-bearing a-ant-gain a-ant-tilt-angle a-antenna {1|2|both} altitude ap-group ap-name copy-provisioning-params {ap-name | ip-addr } dns-server-ip domain-name external-antenna fqln g-ant-bearing g-ant-gain g-ant-tilt-angle g-antenna {1|2|both} gateway ikepsk installation default|indoor|outdoor ipaddr latitude longitude mas
Syntax 372 | provision-ap Parameter Description Range Default a-ant-bearing Determines the horizontal coverage distance of the 802.11a (5GHz) antenna from True North. From a planning perspective, the horizontal coverage pattern does not consider the elevation or vertical antenna pattern. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. 0-360 Decimal Degrees — a-ant-gain Antenna gain for 802.
Parameter Description Range Default g-ant-tilt-angle Directs the angle of the 802.11g (2.4GHz) antenna for optimum coverage. Use a - (negative) value for downtilt and a + (positive) value for uptilt. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. -90 to +90 Decimal Degrees — g-antenna Antenna use for 2.4 GHz (802.11g) frequency band.
Parameter Description Range Default pppoe-user PPPoE username for the AP. — — read-bootinfo Retrieves current provisioning parameters of the specified AP. NOTE: This parameter can only be used on the master controller. — — reprovision Provisions one or more APs with the values in the provisioning-params workspace. To use reprovision, you must use read-bootinfo to retrieve the current values of the APs into the provisioning-ap-list. NOTE: This parameter can only be used on the master controller.
z APs configured for mesh. You must provision the AP before you install it as a mesh node in a mesh deployment. Note: Users less familiar with this process may prefer to use the Provisioning page in the WebUI to provision an AP. Provisioned or reprovisioned values do not take effect until the AP is rebooted. APs reboot automatically after they are successfully reprovisioned. Provisioning a Single AP To provision a single AP: 1.
4. Use the reprovision all option to provision the APs in the provisioning-ap-list with the values in provisioningparams workspace. All APs in the provisioning-ap-list automatically reboot. The following are useful commands when provisioning one or more APs: z show|clear provisioning-ap-list displays or clears the APs that will be provisioned. z show|clear provisioning-params displays or resets values in the provisioning-params workspace.
rap-wml rap-wml [ageout ] [cache {disable|enable}] [db-name ] [ip-addr ] [password ] [type {mssql|mysql}] [user ] Description Use this command to specify the name and attributes of a MySQL or an MSSQL server. Syntax Parameter Description Default ageout (Optional) Specifies the cache ageout period, in seconds. 0 cache (Optional) Enables the cache, or disables the cache.
rap-wml table rap-wml table {[delimiter ] | [timestamp-column ]} Description Use this command to specify the name and attributes of the database table to be used for lookup. Syntax Parameter Description Default server-name Specifies the database server name (created using the rap-wml command. — table-name Specifies the database table name.
reload reload Description This command performs a reboot of the controller. Syntax No parameters. Usage Guidelines Use this command to reboot the controller if required after making configuration changes or under the guidance of Dell Networks customer support. The reload command powers down the controller, making it unavailable for configuration. After the controller reboots, you can access it via a local console connected to the serial port, or through an SSH, Telnet, or WebUI session.
remote-node-localip localuserdb remote-node-localip ipsec KEY Description This command configures the switch-IP address and preshared key for the local Remote Node on a master Remote Node. Syntax Parameter Description Switch-IP address of the local remote node. Use the 0.0.0.0 address to configure a global preshared key for all inter-controller communications. ipsec Preshared key, which must be between 6-64 characters.
remote-node-masterip remote-node-masterip ipsec KEY Description This command configures the IP address and preshared key for the master Remote Node on a local Remote Node. Syntax Parameter Description IP address of the master Remote Node. ipsec Preshared key, which must be between 6-64 characters. Usage Guidelines Use this command on a local Remote Node to configure the IP address and preshared key for communication with the master Remote Node.
remote-node-profile localuserdb remote-node-profile aaa cellular clone controller-ip dialer instance interface ip logging mgmt-user model no priority-map remote-node-dhcp-pool router ospf {area |redistribute vlan [|add |remove ] |router-id |subnet exclude } spanning-tree uplink validate vlan vrrp Description The remote-node-profile command lets you create a Remote Node profile.
Syntax Parameter Description aaa Configure authentication server using an internal server. For details, see “aaa authentication-server internal” on page 39 cellular profile Cellular interface profile associated with this Remote Node profile. For details, see “cellular profile” on page 144. clone Use this command to copy a Remote Node profile to this profile. controller-ip loopback Configure the controller IP. For details on using this command, see “controller-ip” on page 158.
Parameter Description logging Set the logging level up to which messages are logged. z alerts z critical z debugging z emergencies z errors z informational z notifications z warnings For details on using this command, see “logging” on page 340 mgmt-user Configure a management user. For details on using this command, see “mgmt-user” on page 353.
Related Commands Command Description Mode remote-node-localip Configures security for all Remote Node and Remote Controller control traffic Enable and Config mode remote-node-masterip Configures security for the Remote Node master IP address. Enable and Config mode local-userdb-remotenode This command adds a Remote Node to the Remote Node whitelist. You can also delete the whitelist entry using this command.
rename rename Description This command renames an existing system file. Syntax Parameter Description filename An alphanumeric string that specifies the current name of the file on the system. newfilename An alphanumeric string that specifies the new name of the file on the system. Usage Guidelines Use this command to rename an existing system file on the controller.
restore restore flash Description This command restores flash directories backed up to the flashbackup.tar.gz file. Syntax Parameter Description flash Restores flash directories from the flashbackup.tar.gz file. Usage Guidelines Use the backup flash command to tar and compress flash directories to the flashbackup.tar.gz file. Example The following command restores flash directories from the flashbackup.tar.gz file: (host) #restore flash Command History This command was introduced in ArubaOS 3.0.
rf am-scan-profile clone dwell-time-active-channel dwell-time-other-reg-domain-channel dwell-time-other-reg-domain-channel no scan-mode Description Configure an Air Monitor (AM) scanning profile. Syntax Parameter Description Range Default Name of this instance of the profile. 1-63 characters — clone Copy data from another AM scanning profile — — dwell-time-activechannel Dwell time (in ms) for channels where there is wireless activity.
rf arm-profile rf arm-profile 40MHz-allowed-bands {All|None|a-only|g-only} acceptable-coverage-index active-scan (not intended for use) assignment {disable|maintain|multi-band|single-band} backoff-time client-aware clone error-rate-threshold error-rate-wait-time free-channel-index ideal-coverage-index load-aware-scan-threshold max-tx-power min-scan-time <# of scans> min-tx-power mode-aware multi-band-scan no ...
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” 40MHz-allowed- bands The specified setting allows ARM to determine if 40 MHz mode of operation is allowed on the 5 GHz or 2.4 GHz frequency band only, on both frequency bands, or on neither frequency band. All/None/ a-only/g-only a-only 1-6 4 All Allows 40 MHz channels on both the 5 GHZ (802.11a) and 2.4 GHZ (802.11b/g) frequency bands.
393 | rf arm-profile Parameter Description Range Default free-channelindex The difference in the interference index between the new channel and current channel must exceed this value for the AP to move to a new channel. The higher this value, the lower the chance an AP will move to the new channel. Recommended value is 25. 10-40 25 ideal-coverageindex The coverage that the AP should try to achieve on its channel. The denser the AP deployment, the lower this value should be.
Parameter Description Range Default scan-interval If Scanning is enabled, the Scan Interval defines how often the AP will leave its current channel to scan other channels in the band. Off-channel scanning can impact client performance. Typically, the shorter the scan interval, the higher the impact on performance. If you are deploying a large number of new APs on the network, you may want to lower the Scan Interval to help those APs find their optimal settings more quickly.
If you were running an earlier version of ArubaOS with ARM disabled, ARM remains disabled when you upgrade to the current release. Note: AP configuration settings related to the IEEE 802.11n standard are configurable for Dell’s W-AP120 series access points, which are IEEE 802.11n standard compliant devices. Using Adaptive Radio Management (ARM) in a Remote Network Starting in ArubaOS 3.4.1.x-rn 4.0, the ARM feature can be used by remote APs in bridge mode.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3. Support for the high-throughput IEEE 802.11n standard was introduced ArubaOS 3.3.2 Support for the wait-time parameter was removed. ArubaOS 3.4.1 The voip-aware-scan parameter no longer requires a license, and is available in the base OS. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
rf dot11a-radio-profile rf dot11a-radio-profile am-scan-profile arm-profile beacon-period beacon-regulate cap-reg-eirp channel channel-reuse {static|dynamic|disable} channel-reuse-threshold clone csa csa-count disable-arm-wids-function dot11h high-throughput-enable ht-radio-profile maximum-distance mgmt-frame-throttle-interval mgmt-frame-throttle-limit mode {ap-
Syntax Parameter Description Name of this instance of the profile. The name must be 1- — 63 characters. “default” am-scan-profile Configure an Air Monitor (AM) scanning profile — “default” arm-profile Configures Adaptive Radio Management (ARM) feature. See “rf arm-profile” on page 391. — “default” beacon-period Time, in milliseconds, between successive beacon transmissions. The beacon advertises the AP’s presence, identity, and radio characteristics to wireless clients.
Parameter Description Range Default channel-reuse When you enable the channel reuse feature, it can operate in either of the following three modes; static, dynamic or disable. (This feature is disabled by default.) z Static mode: This mode of operation is a coveragebased adaptation of the Clear Channel Assessment (CCA) thresholds.
Parameter Description Range Default maximum-distance Maximum distance between a client and an AP or between a mesh point and a mesh portal, in meters. This value is used to derive ACK and CTS timeout times. A value of 0 specifies default settings for this parameter, where timeouts are only modified for outdoor mesh radios which use a distance of 16km.
Parameter Description Range Default spectrum-load-baldomain Define a spectrum load balancing domain to manually create RF neighborhoods. Use this option to create RF neighborhood information for networks that have disabled Adaptive Radio Management (ARM) scanning and channel assignment. z If spectrum load balancing is enabled in a 802.11a radio profile but the spectrum load balancing domain is not defined, ArubaOS uses the ARM feature to calculate RF neighborhoods.
The following command configures APs to operate in high-throughput (802.
rf dot11g-radio-profile rf dot11g-radio-profile am-scan-profile arm-profile beacon-period beacon-regulate cap-reg-eirp channel channel-reuse {static|dynamic|disable} channel-reuse-threshold clone csa csa-count disable-arm-wids-function dot11b-protection dot11h high-throughput-enable ht-radio-profile interference-immunity maximum-distance mgmt-frame-throttle-interval mgmt
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” am-scan-profile Configure an Air Monitor (AM) scanning profile. — — arm-profile Configures Adaptive Radio Management (ARM) feature. See “rf arm-profile” on page 391. — “default” beacon-period Time, in milliseconds, between successive beacon transmissions.
Parameter Description Range Default channel-reuse When you enable the channel reuse feature, it can operate in either of the following three modes; static, dynamic or disable. (This feature is disabled by default.) z Static mode: This mode of operation is a coveragebased adaptation of the Clear Channel Assessment (CCA) thresholds.
Parameter Description Range Default interferenceimmunity Set a value for 802.11 Interference Immunity. This parameter sets the interference immunity on the 2.4 Ghz band. The default setting for this parameter is level 2. When performance drops due to interference from non-802.11 interferers (such as DECT or Bluetooth devices), the level can be increased up to level 5 for improved performance.
Parameter Description slb-mode channel|radio SLB Mode allows control over how to balance clients. Slect one of the following optoins z channel: Channel-based load-balancing balances clients across channels. This is the default loadbalancing mode z radio: Radio-based load-balancing balances clients across APs slb-update-interval Specify how often spectrum load balancing calculations are made (in seconds). The default value is 30 seconds.
Usage Guidelines This command configures radios that operate in the 2.4 GHz frequency band, which includes radios utilizing the IEEE 802.11b/g or IEEE 802.11n standard. Channels must be valid for the country configured in the AP regulatory domain profile (see “ap regulatory-domain-profile” on page 108). To view the supported channels, use the show ap allowed-channels command.
rf event-thresholds-profile rf event-thresholds-profile bwr-high-wm bwr-low-wm clone detect-frame-rate-anomalies fer-high-wm fer-low-wm ffr-high-wm ffr-low-wm flsr-high-wm flsr-low-wm fnur-high-wm fnur-low-wm frer-high-wm frer-low-wm frr-high-wm frr-low-wm no ... Description This command configures the event thresholds profile.
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 163 characters. — “default” bwr-high-wm If bandwidth in an AP exceeds this value, a bandwidth exceeded condition exists. The value represents the percentage of maximum for a given radio. (For 802.11b, the maximum bandwidth is 7 Mbps. For 802.11 a and g, the maximum is 30 Mbps.) The recommended value is 85%.
Parameter Description Range Default frr-high-wm If the frame retry rate (as a percentage of total frames in an AP) exceeds this value, a frame retry rate exceeded condition exists. The recommended value is 16%. 0-100 16% frr-low-wm After a frame retry rate exceeded condition exists, the condition persists until the frame retry rate drops below this value. The recommended value is 8%. 0-100 8% no Negates any configured parameter.
rf ht-radio-profile rf ht-radio-profile 40MHz-intolerance clone honor-40MHz-intolerance no single-chain-legacy Description This command configures high-throughput AP radio settings. High-throughput features use the IEEE 802.11n standard. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3.2 Support for the dsss-cck-40mhz parameter removed ArubaOS 3.4 Introduced the single-chain-legacy parameter. Command Information Platforms Licensing Command Mode All platforms, but operates with IEEE 802.11n compliant devices only Base operating system Config mode on master controllers 413 | rf ht-radio-profile Dell PowerConnect ArubaOS 6.
rf optimization-profile rf optimization-profile clone handoff-assist low-rssi-threshold no ... rssi-check-frequency rssi-falloff-wait-time Description This command configures the RF optimization profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” clone Name of an existing optimization profile from which parameter values are copied.
Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 The following parameters were deprecated: ap-lb-max-retries z ap-lb-user-high-wm z ap-lb-user-low-wm z ap-lb-util-high-wm z ap-lb-util-low-wm z ap-lb-util-wait-time
rf spectrum-profile rf spectrum-profile age-out audio|bluetooth|cordless-ff-phone|cordless-fh-base|cordless-fhnetwork|generic-ff|generic-fh|microwave|microwave-inverter|unknown|video|wifi|xbox clone no spectrum-band 2ghz|5ghz-lower|5ghz-middle|5ghz-upper Description Define the spectrum band and device ageout times used by a spectrum monitor radio. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description age-out Use the age-out parameter to define the number of seconds for which a specific device type must stop sending a signal before the spectrum monitor considers that device no longer active on the network. Range Default audio Audio devices. 5-65535 seconds 10 sec bluetooth Bluetooth devices. Note that this setting is applicable to 2.4GHz spectrum monitor radios only. 5-65535 seconds 25 sec cordless-ff-phone Cordless phone fixed frequency devices.
(host) (config) #rf spectrum-profile spectrum5 5ghz-upper Related Commands show rf spectrum-profile Command History Introduced in ArubaOS 6.0 Command Information Platforms Licensing Command Mode All platforms RF Protect license Config mode on master and local controllers Dell PowerConnect ArubaOS 6.
rft rft test profile antenna-connectivity ap-name [dest-mac [phy {a|g}| radio {0|1}]] rft test profile link-quality {ap-name dest-mac [phy {a|g}| radio {0|1}] | bssid dest-mac | ip-addr dest-mac [phy {a|g}|radio {0|1}]} rft test profile raw {ap-name dest-mac [phy {a|g}|radio {0|1}] | bssid dest-mac | ip-addr dest-mac [phy {a|g}|radio {0|1}]} Description This command is used for RF tr
router mobile router mobile Description This command enables Layer-3 (IP) mobility. Syntax No parameters. Usage Guidelines IP mobility is disabled by default on the controller. You need to use this command to enable IP mobility. This command must be executed on all controllers (master and local) that need to provide support for layer-3 roaming in a mobility domain.
router ospf router ospf area default-cost nssa [default-information no-redistribution | no-summary] stub [no-summary] default-information originate always redistribute vlan [ | add | remove ] router-id subnet exclude Description Global OSPF configuration for the upstream router. Syntax Parameter Description area Enter the keyword area followed by the area identification, in dotted decimal format, to configure an OSPF area.
With the above command, any user VLAN subnet matching 75.1/16 will not be advertised in the router LSA. To return to the default advertisement, execute the command: (host) (config) # no router ospf subnet exclude 75.1.1.0 255.255.0.0 Related Commands Command Description show ip ospf View OSPF configuration Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 6.
service service [dhcp] [network-storage] [print-server] Description This command enables the DHCP server on the controller.
show aaa authentication all show show aaa authentication all Description Show authentication statistics for your controller, including authentication methods, successes and failures. Usage Guidelines This command displays a general overview of authentication statistics. To view authentication information for specific profiles such as a captive-portal, MAC or 801.x authentication profile, issue the commands specific to those features.
show aaa authentication captive-portal show aaa authentication captive-portal [] Description This command shows configuration information for captive portal authentication profiles. Syntax Parameter Description The name of an existing captive portal authentication profile.
Include a captive portal profile name to display a complete list of configuration settings for that profile. The example below shows settings for the captive portal profile portal1.
Parameter Description Sygate-on-demandagent Shows whether the controller has enabled or disabled client remediation with Sygate-ondemand-agent. Login page URL of the page that appears for the user logon. Welcome page URL of the page that appears after logon and before the user is redirected to the web URL. Related Commands Command Description Mode aaa authentication captive-portal Use aaa authentication captive-portal to configure the parameters displayed in the output of this show command.
show aaa authentication captive-portal customization show aaa authentication captive-portal customization Description Display customization settings for a captive portal profile Syntax Parameter Description The name of an existing captive portal authentication profile. Usage Guidelines The this command shows how a captive portal profile has been customized with non-default configuration settings.
Related Commands Command Description Mode aaa authentication captive-portal If you do not yet have any captive portal profiles defined, use the command aaa authentication captive-portal to configure your captive portal profiles. Config mode Command History This command was introduced in ArubaOS 3.0.
show aaa authentication dot1x show aaa authentication dot1x [|countermeasures] Description This command shows information for 802.1x authentication profiles. Syntax Parameter Description The name of an existing 802.1x authentication profile. countermeasures Reports if WPA/WPA2 Countermeasures have been enabled for 802.1x profiles. If enabled, the AP scans for message integrity code (MIC) failures in traffic received from clients.
To display a complete list of parameters for an individual profile, include the parameter. The example below displays some of the profile details for the authentication profile pDotix. (host) #show aaa authentication dot1x pDot1x 802.
Parameter Value Number of times ID-Requests are retried Maximum number of times ID requests are sent to the client. Maximum Number of Reauthentication Attempts Maximum number of reauthentication attempts. Maximum number of times Held State can be bypassed Number of consecutive authentication failures which, when reached, causes the controller to not respond to authentication requests from a client while the controller is in a held state after the authentication failure.
Parameter Value TLS Guest Access Shows if guest access for valid EAP-TLS users is enabled or disabled. TLS Guest Role User role assigned to EAP-TLS guest. Ignore EAPOL-START after authentication If enabled, the controller ignores EAPOL-START messages after authentication. Handle EAPOL-Logoff Shows if handling of EAPOL-LOGOFF messages is enabled or disabled. Ignore EAP ID during negotiation If enabled, the controller will Ignore EAP IDs during negotiation.
show aaa authentication mac show aaa authentication mac [] Description This command shows information for MAC authentication profiles. Issue this command without the option to display the entire MAC Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed MAC authentication configuration information for that profile.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 432 | show aaa authentication mac Dell PowerConnect ArubaOS 6.
show aaa authentication mgmt show aaa authentication mgmt Description This command displays administrative user authentication information, including management authentication roles and servers. Usage Guidelines Issue this command to identify the default management role assigned to authenticated administrative users, and the name of the group of servers used to authenticate these users. Example The output of the following example displays management authentication information for your controller.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 434 | show aaa authentication mgmt Dell PowerConnect ArubaOS 6.
show aaa authentication stateful-dot1x show aaa authentication stateful-dot1x [config-entries] Description This command displays configuration settings for 802.1x authentication for clients on non-Dell APs. Syntax Parameter Description config-entries Display details for the AP Server configuration list. Usage Guidelines Issue this command to identify the default role assigned to the 802.1x user group, name of the group of RADIUS servers used to authenticate the 802.1x users, and the 802.
The output of this command includes the following parameters: Parameter Description Cfg-Name is a auto-generated name AP-IP IP address of the AP. Server Name of the authentication server. Shared-Secret Shared authentication secret. Related Commands Command Description Mode aaa authentication statefuldot1x Use the command aaa authentication stateful-dot1x to configure the settings displayed in the output of this show command.
show aaa authentication stateful-ntlm show aaa authentication stateful-ntlm Description This command displays configuration settings for the Stateful NTLM Authentication profile. Issue this command without the option to display the entire Stateful NTLM Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed Stateful NTLM authentication configuration information for that profile.
The output of this command includes the following parameters: Parameter Description Default Role This parameter shows the role assigned to NTLM authenticated users. Server Group The name of a windows server group. Mode The Mode parameter indicates whether or not this authentication profile is enabled or disabled. Timeout Timeout period for an authentication request, in seconds.
show aaa authentication via auth-profile show aaa authentication via auth-profile [] Description This command displays configuration settings for the VIA Authentication profile. Issue this command without the option to display the entire VIA Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed VIA authentication configuration information for that profile.
The output of this command includes the following parameters: Parameter Description Default Role Role assigned to the captive portal user upon login. Server Group Name of the group of servers used to authenticate captive portal users. Max Authentication failures Maximum number of authentication failures before the user is blacklisted. Description Description of the VIA authentication profile.
show aaa authentication via connection-profile show aaa authentication via connection-profile [] Description This command displays configuration settings for the VIA connection profile. Issue this command without the option to display the entire VIA Connection profile list, including profile status and the number of references to each profile. Include a profile name to display detailed VIA connection configuration information for that profile.
Include a connection profile name to display a complete list of configuration settings for that profile. The example below shows settings for the captive portal profile connection_1.
Configuration Option Description VIA IKE Policy List of IKE policies that the VIA Client has to use to connect to the controller. Use Windows Credentials Enable or disable the use of the Windows credentials to login to VIA. If enabled, the SSO (Single Sign-on) feature can be utilized by remote users to connect to internal resources. Default: Enabled VIA IPSec Crypto Map List of IPSec Crypto Map that the VIA client uses to connect to the controller.
show aaa authentication via web-auth show aaa authentication via web-auth [default] Description A VIA web authentication profile contains an ordered list of VIA authentication profiles. The web authentication profile is used by end users to login to the VIA download page (https:///via) for downloading the VIA client. Only one VIA web authentication profile is available.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
show aaa authentication vpn show aaa authentication vpn [default|default-cap|default-rap] Description This command displays VPN authentication settings, including authentication roles and servers. Usage Guidelines Issue this command to identify the default role assigned to VPN users, the name of the group of servers used to authenticate the VPN users, and the maximum number of authentication failures allowed before the user is blacklisted.
Related Commands Command Description Mode aaa authentication via authprofile Use the command aaa authentication via auth-profile to configure the settings displayed in the output of this show command. Config mode Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 5.0 The default-cap and default-rap profiles were introduced. Command Information Platforms Licensing Command Mode All platforms The PEFV license and the base operating system.
show aaa authentication wired show aaa authentication wired Description View wired authentication settings for a client device that is directly connected to a port onthe controller. Usage Guidelines This command displays the name of the AAA profile currently used for wired authentication. Example The following example shows the current wired profile for the controller is a profile named “secure_profile_3.
show aaa authentication wispr show aaa authentication wispr option to display the entire WISPr Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed WISPr authentication configuration information for that profile.
Parameter Description Logon wait minimum wait If the controller’s CPU utilization has surpassed the Login wait CPU utilization threshold value, the Logon wait minimum wait parameter defines the minimum number of seconds a user will have to wait to retry a login attempt. Range: 1-10 seconds. Default: 5 seconds.
show aaa authentication-server all show aaa authentication-server all Description View authentication server settings for both external authentication servers and the internal controller database. Usage Guidelines The output of this command displays statistics for the Authentication Server Table, including the name and address of each server, server type and configured authorization and accounting ports.
show aaa authentication-server internal show aaa authentication-server internal [statistics] Description View authentication server settings for the internal controller database. Examples The output of the command below shows that the internal authentication server has been disabled. (host) #show aaa authentication-server internal Internal Server --------------Host IP addr ---------Internal 10.168.254.
Parameter Description MSCHAPv2 Accepts Number of MSCHAPv2 requests accepted by the internal server. MSCHAPv2 Rejects Number of MSCHAPv2 requests rejected by the internal server. Mismatch Response Number of times the server received an authentication response to a request after another request had been sent. Users Expired Number of users that were deauthenticated because they stopped responding.
show aaa authentication-server ldap show aaa authentication-server ldap [] Description Display configuration settings for your LDAP servers. Syntax Parameter Description Name that identifies an LDAP server. Examples The output of the example below displays the LDAP server list with the names of all the LDAP servers.
Parameter Description Admin Passwd Password for the admin user. Allow Clear-Text If enabled, this parameter allows clear-text (unencrypted) communication with the LDAP server. Auth Port Port number used for authentication. Port 636 will be attempted for LDAP over SSL, while port 389 will be attempted for SSL over LDAP, Start TLS operation and clear text. Base-DN Distinguished Name of the node which contains the required user database.
show aaa authentication-server radius show aaa authentication-server radius [|statistics] Description Display configuration settings for your RADIUS servers. Syntax Parameter Description Name that identifies a RADIUS server. Examples The output of the example below displays the RADIUS server list with the names of all the RADIUS servers.
Parameter Description Acct Port Accounting port on the server. auth port Authentication port on the server. Retransmits Maximum number of retries sent to the server by the controller before the server is marked as down. Timeout Maximum time, in seconds, that the controller waits before timing out the request and resending it. NAS ID Network Access Server (NAS) identifier to use in RADIUS packets. NAS IP NAS IP address to send in RADIUS packets.
show aaa authentication-server tacacs show aaa authentication-server tacacs []|statistics Description Display configuration settings for your TACACS+ servers. Syntax Parameter Description Name that identifies an TACACS+ server. statistics Displays accounting, authorization, and authentication request and response statistics for the TACACS server.
Parameter Description Retransmits Maximum number of retries sent to the server by the controller before the server is marked as down. Timeout Maximum time, in seconds, that the controller waits before timing out the request and resending it. Mode Shows whether this server is Enabled or Disabled. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.0 The Statistics parameter was introduced.
show aaa authentication-server windows show aaa authentication-server windows [] Description Display configuration settings for your Windows servers. Syntax Parameter Description Name that identifies a Windows server. Examples The output of the example below displays the Windows server list with the names of all the Windows servers used for NTLM authentication.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
show aaa tacacs-accounting show aaa tacacs-accounting Description Show configuration information for TACACS+ accounting servers. Usage Guidelines This command displays TACACS+ data for your controller if you have previously configured a TACACS+ server and server group. The output includes the current TACACS+ accounting mode (enabled or disabled), and the name of the TACACS+ server group.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
show aaa bandwidth-contracts show aaa bandwidth-contracts Description This command shows the contract names, ID numbers and Rate limits for your bandwidth contracts. Example The output of the following command shows that the bandwidth contract VLAN has a configured rate of 6 Mbps, and the contract User has a rate of 2048 Kbps.
show aaa derivation-rules show aaa derivation-rules [server-group |user ] Syntax Parameter Description Name of a server group Name of a user rule group Description Show derivation rules based on user information or configured for server groups. Example The output of the following command shows that the server group group1 has the internal database configured as its authentication server, and that there is a single rule assigned to that group.
Parameter Description Operation This is the match method by which the string in Operand is matched with the attribute value returned by the authentication server. z contains – The rule is applied if and only if the attribute value contains the string in parameter Operand. z starts-with – The rule is applied if and only if the attribute value returned starts with the string in parameter Operand.
Parameter Description Operation This is the match method by which the string in Operand is matched with the attribute value returned by the authentication server. z contains – The rule is applied if and only if the attribute value contains the string in parameter Operand. z starts-with – The rule is applied if and only if the attribute value returned starts with the string in parameter Operand.
show aaa dns-query-period show aaa dns-query-period Description View the configured interval between DNS requests sent from the controller to the DNS server. Syntax No parameters Usage Guidelines If you define a RADIUS server using the FQDN of the server rather than its IP address, the the controller will periodically generate a DNS request and cache the IP address returned in the DNS response.
show aaa fqdn-server-names show aaa fqdn-server-names Description Show a table of IP addresses that have been mapped to fully qualified domain names (FQDNs). Syntax No parameters. Usage Guidelines If you define a RADIUS server using the FQDN of the server rather than its IP address, the the controller will periodically generate a DNS request and cache the IP address returned in the DNS response. Issue this command to view the IP addreses that currently correlate to each RADIUS server FQDN.
show aaa main-profile show aaa main-profile summary Description Show a summary of all AAA profiles. Example The output of the show aaa main-profile summary command shows roles, server group settings, and wire-to-wireless-roaming statistics for each AAA profile.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
show aaa password-policy mgmt show aaa password-policy mgmt [statistics] Description Show the current password policy for management users. Syntax Parameter Description statistics Include this optional parameter to show the numbers of failed login attempts and any lockout periods for management user accounts.
Parameter Description Username or Reverse of username NOT in Password If Yes, a management user’s password cannot be the user’s username or the username spelled backwards. If No, the password can be the username or username spelled backwards. Maximum Number of failed attempts in 3 minute window to lockout user Number of times a user can unsuccessfully attempt to log in to the controller before that user gets locked out for the time period specified by the lock-out threshold below.
show aaa profile show aaa profile Description Show configuration details for an individual AAA profile. Example The output of the following command shows roles, servers and server group settings, and wire-to-wirelessroaming statistics for each AAA profile. (host) #show ap profile aaa_dot1x AAA Profile "aaa_dot1x" ----------------------Parameter --------Initial role MAC Authentication Profile MAC Authentication Default Role MAC Authentication Server Group 802.1X Authentication Profile 802.
Parameter Description SIP authentication role For controllers with an installed PEFNG license, this parameter displays the configured role assigned to a session initiation protocol (SIP) client upon registration. Related Commands Command Description Mode aaa profile Use the command aaa profile to define AAA profiles. Config mode Command History This command was introduced in ArubaOS 3.0.
show aaa radius-attributes show aaa radius-attributes Description Show RADIUS attributes recognized by the controller. Example The output of the following command shows the name, currently configured value, type, vendor and RADIUS ID for each attribute.
show aaa rfc-3576-server show aaa rfc-3576-server [statistics|] Description Show configuration details for an RFC-3576 server, which is a RADIUS server that can send user disconnect and change-of-authorization (CoA) messages, as described in RFC 3576. Example This first example shows that there are two configured servers in the RFC 3567 Server List.
Parameter Description Bad Authenticator Number of authentication requests that contained a missing or invalid authenticator field in the packet. Invalid Request Number of invalid requests. Packets Dropped Number of packets dropped. Unknown service Number of requests for an unknown service type. CoA Requests Number of requests for a Change of Authorization (CoA). CoA Accepts Number of times a CoA request was accepted. CoA Rejects Number of times a CoA request was rejected.
show aaa server-group show aaa server-group [|summary] Description Show configuration details for your AAA server groups. Syntax Parameter Description The name of an existing AAA server group. Usage Guidelines Issue this command without the or summary options to display the entire server group list, including profile status and the number of references to each profile.
Parameter Description hits Number of hits for the server’s rules. Out-of-Service Indicates whether the server is active, or out of service. Active servers may not have an entry in the Out-of-Service column. To display detailed authorization, role and vlan statistics for an individual server group, include the name of the group for which you want more information.
Parameter Description Match-Op This is the match method by which the string in Match-Str is matched with the attribute value returned by the authentication server. z contains – The rule is applied if and only if the attribute value contains the string in parameter Operand. z starts-with – The rule is applied if and only if the attribute value returned starts with the string in parameter Operand.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 482 | show aaa server-group Dell PowerConnect ArubaOS 6.
show aaa state ap-group show aaa state ap-group Description Show the names and ID numbers of your AP groups Example This first example shows that the selected controller has two defined AP groups. (host) #show aaa state ap-group AP Group Table -------------Name ID ---- -ap1 1 ap2 2 Related Commands Command Description Mode aaa server-group Use aaa server-group to define the AP groups displayed in the output of this show command Config mode Command History This command was introduced in ArubaOS 3.0.
show aaa state configuration show aaa state configuration Description Display authentication state configuration information, including the numbers of successful and failed authentications. Example This example shows authentication settings and values for a controller with no current users. (host) #show aaa state configuration Authentication State -------------------Name ---Switch IP Master IP Switch Role Current/Max/Total Users Current/Max/Total Stations Captive Portal Users 802.
The output of the show aaa state configuration command includes the following parameters: Parameter Description Switch IP IP address of the local controller. Master IP IP address of the master controller. Switch Role Role assigned to the controller on which you issued the show aaa state command.
Parameter Description Management Total number of Management user authentications or authentication failures since the last controller reset. Idled users Total number of users that are not broadcasting data to an AP. Mobility Shows whether the IP mobility feature has been enabled or disabled on the controller. fast age When the fast age feature allows the controller actively sends probe packets to all users with the same MAC address but different IP addresses.
show aaa state debug-statistics show aaa state debug statistics Description show debug statistics for controller authentication, authorization and accounting. Syntax No parameters. Example The following example displays debug statistics for a variety of authentication errors.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local or local controllers 488 | show aaa state debug-statistics Dell PowerConnect ArubaOS 6.
show aaa state messages Description Display numbers of authentication messages sent and received. Syntax No parameters. Usage Guidelines This command displays a general overview of authentication statistics. To view authentication information for specific profiles such as a captive-portal, MAC or 801.x authentication profile, issue the commands specific to those features. Example The output of this command displays tables of statistics for PAPI, RAW socket and Sibyte messages.
The output of this command contains the following parameters: Parameter Description Msg ID ID number for the message type Name Message name Since last Read Number of messages received since the buffer was last read. Total Total number of message received since the controller was last reset. opcode Code number of the message type. Sent Since last Read Number of messages sent since the buffer was last read. Sent Total Total number of message sent since the controller was last reset.
show aaa state station show aaa state station Description Display AAA statistics for a station. Syntax Parameter Description MAC address of a station/ Example The example below shows statistics for a station with four associated user IP addresses. The output of this command shows station data, the AAA profiles assigned to the station, and the station’s authentication method.
show aaa state user show aaa state user Description Display statistics for an authenticated user. Syntax Parameter Description IP address of a user. Example The example below shows statics for a user with the IP address 10.1.10.11. The output of this command shows user data, the user’s authentication method. and statistics for assigned roles, timers and flags. (host) #show aaa state user 10.1.10.11 Name: MYCOMPANY\tsenter, IP: 10.1.10.
show aaa sygate-on-demand (deprecated) show aaa sysgate-on-demand Syntax No parameters. Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 3.4 Command deprecated. Dell PowerConnect ArubaOS 6.
show aaa tacacs-accounting Description Show TACACS accounting configuration. Syntax No parameters. Example The example below shows that TACACS accounting has been enabled, and that the TACACS server is in the server group acct-server.
show aaa timers Description Show AAA timer values. Syntax No parameters Example The example below shows that the controller has all default timer values: (host) #show aaa timers User idle timeout = 6 minutes Auth Server dead time = 10 minutes Logon user lifetime = 5 minutes Related Commands Command Description Mode aaa timers Use aaa timers to define the settings displayed in the output of this show command. Config mode Command History This command was introduced in ArubaOS 3.0.
show aaa xml-api server show aaa xml-api server [] Description Show a list of XML servers used for authentication, authorization and accounting. Syntax Parameter Description IP address of an XML API server. Include this parameter to see if a secret key is configured for the specified server. Example The output of this command shows that the controller has two configured XML API servers that are each referenced by two different AAA profiles.
show aaa web admin-port show aaa web admin-port Description Show the port numbers of HTTP and HTTPS ports used for web administration. Syntax No parameters. Example The example below shows that the controller is configured to use HTTPS on port 4343, and HTTP on port 8888. (host) #show aaa web admin-port https port = 4343 http port = 8888 Command History This command was introduced in ArubaOS 3.0.
show aaa xml-api statistics show aaa xml-api statistics Description Display statistics for an external XML API server. Syntax Parameter Description IP address of XML API server. Usage Guidelines Issue this command to troubleshoot AAA problems and monitor usage on an XML server. Example The example below shows AAA statistics for an external XML server with the IP address 10.1.2.3. This command shows the number of times that a particular event has occurred per client.
Parameter Description user_blacklist Number of denied user association requests. user_query Number of user queries performed. unknown user Number of unknown users. unknown role Number of unknown user roles. unknown external agent Number of requests by an unknown external agent. authentication failed Number of failed authentication requests.
show acceleration aaa authentication show acceleration cifs {ap-name }|{ipaddr } configuration {ap-name }|{ipaddr } connections {ap-name }|{ipaddr } counters all {ap-name }|{ipaddr } debug {buffers|heap|trace-buffer}|{ap-name }|{ipaddr } mapi {ap-name }|{ipaddr } protocol{cifs|http|mapi}|{acceleration|bandwidth {ap-name }|{ipaddr }} proxy {ap-name }|{ipaddr } Descri
(A3200) #show acceleration counters all ap-name ap123 All Non-Zero Counters Heap Statistics: Current Entries: High Water Mark: Current Bytes: Socket Statistics: Current Entries: High Water Mark: Buffer Statistics: Current Entries: High Water Mark: Request Statistics: Current Entries: High Water Mark: RxQ High Water: Peer Statistics: Updates: 3 3 12324 Maximum Entries: Total Entries: Maximum Bytes: 25088 3 8388608 1 1 Maximum Entries: Total Entries: 256 12204 2 3 Maximum Entries: Total Entries: 512
show acl ace-table show acl ace-table {ace <0-1999>}|{acl <1-2700>} Description Show an access list entry (ACE) table for an access control list (ACL). Syntax Parameter Description ace <0-1999> Show a single ACE entry. acl <1-2700> Show all ACE entries for a single ACL. Example The following example shows that there are eighteen access control entries for ACL 1.
show acl acl-table show acl acl-table <1-2700> Description Display information for a specified access control list (ACL). Syntax Parameter Description acl-table <1-2700> Specify the number of the ACL for which you want to view information. Example The following example displays the ACL table for the controller.
Parameter Description Free ACE entries at the bottom The total number of free ACE entries at the bottom of the list. Next ACE entry to use Ace number of the first free entry at the bottom of the list. ACE entries reused For internal use only. ACL count Total number of defined ACLs Tunnel ACL Total number of defined tunnel ACLs. The following example displays the ACL table for ACL 1.
show acl hits show acl hits Description Show internal ACL hit counters. Syntax No parameters. Usage Guidelines Issue this command to see the number of times an access control list defined a user’s role, or traffic and firewall policies for a user session. Example In the example below, the output of the User Role ACL Hits table is shown in two separate tables to allow the output to fit on a single page of this document.
The output of this command includes the following information: Parameter Description Role Name of the role assigned by the ACL. Policy Name of the policy used by the ACL Src The traffic source, which can be one of the following: z : Name of a user-defined alias for a network host, subnetwork, or range of addresses. z any: match any traffic. z host: specify a single host IP address. z network: specify the IP address and netmask. z user: represents the IP address of the user.
Command Information 510 | show acl hits Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master controllers Dell PowerConnect ArubaOS 6.
show adp config show adp config Description Show Dell Discovery Protocol (ADP) configuration settings. Syntax No parameters. Example The following example shows that the controller has all default settings for ADP.
show adp counters show adp counters Description Show Dell Discovery Protocol (ADP) counters. Syntax No parameters. Example The following example shows the ADP counter table for the controller. (host) #show adp counters ADP Counters -----------key value ------IGMP Join Tx 1 IGMP Drop Tx 0 ADP Tx 0 ADP Rx 0 The output of this command includes the following parameters: Parameter Description IGMP Join Tx Number of Internet Group Management Protocol (IGMP) join requests sent by the controller.
show ap active show ap active [ap-name |{arm-edge dot11a|dot11g|voiponly}|dot11a|dot11g|essid |ip-addr |{type access-point|airmonitor|(sensor dot11a|dot11g|voip-only)}|voip-only Description Show all active APs registered to a controller. Syntax Parameter Description ap-name View data for an AP with a specified name. arm-edge Show the state of ARM edge APs. dot11a Show 802.11a radio information. dot11g Show 802.11g radio information.
z An AP has conflicting configuration settings. For example, if the AP system profile on a single radio dualband AP configures the radio uses 802.11g, but the virtual AP profile on the AP is set to use 802.11a, the AP might not appear to be active. z A remote AP model 5WN or 2WG attempted to connect to a controller without using IPSec. Example The output of the command in the example below shows that the controller sees six active APs.
Column Description Uptime Number of hours, minutes and seconds since the last controller reboot or bootstrap, in the format hours:minutes:seconds. Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap allowed-channels show ap allowed-channels [||] Description This command shows configuration information for Captive portal authentication profiles. Syntax Parameter Description Name of an AP. Specify a country code to display allowed channels for that country. IP address of an AP, in dotted-decimal format. Usage Guidelines Specify the country code for your controller during initial setup.
show ap ap-group show ap ap-group {ap-name |bssid |ip-addr } Description Show the AP group settings for an individual AP. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID). An AP’s BSSID is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address. Enter the IP address in dotted-decimal format.
Related Commands Command Description Mode ap-group Configure your AP groups and AP group profiles. Config mode Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 519 | show ap ap-group Dell PowerConnect ArubaOS 6.
show ap arm history show ap arm history {ap-name }|{bssid }|{ip-addr } Description For each interface on an AP, show the history of channel and power changes due to Adaptive Radio Management (ARM). Syntax Parameter Description ap-name Show ARM history for an AP with a specific name. bssid Show ARM history for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
The output of this command includes the following information: Parameter Description Reason This column displays one of the following code to indicate why the channel or power change was made. z I: Interference z R: Radar detected z N: Noise exceeded z E: Error threshold exceeded z INV: Invalid Channel z G: Rogue AP Containment z M: Empty Channel z P+: Increase Power z P-: Decrease Power z OFF: Turn off Radio z ON: Turn on Radio The Reason key appears at the bottom of the ARM History table.
show ap arm neighbors show ap arm neighbors {ap-name }|{bssid }|{ip-addr } Description Show the ARM settings for an AP’s neighbors. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID). An AP’s BSSID is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address. Enter the IP address in dotted-decimal format.
show ap arm rf-summary show ap arm rf-summary {ap-name }|{bssid }|{ip-addr } Description Show the state and statistics for all channels being monitored by an individual AP. Syntax Parameter Description ap-name Show channel data for an AP with a specific name. bssid Show channel data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
Parameter Description retry Number of 802.11 retry frames sent because a client failed to send an ACK. low-speed Number of frames sent at a data rate of 18 Mbps or slower. non-unicast The number of non-unicast frames sent on the channel. frag Number of fragmented packets bwidth Current bandwidth, in kbps. phy-err Number of PHY errors on the channel. mac-err Number of MAC errors on the channel. noise Current noise level, in -dBm. cov-idx The AP uses this metric to measure RF coverage.
show ap arm scan-times show ap arm scan-times {ap-name |bssid |ip-addr } Description Show AM channel scan times for an individual AP. Syntax Parameter Description ap-name Show channel scan data for an AP with a specific name. bssid Show channel scan data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. ip-addr Show channel scan data for an AP with a specific IP address.
The output of this command includes the following parameters: Parameter Description channel A radio channel on the specified AP. Assign-time The amount of time that an AP has been on a channel. scans-attempted The number of times an AP has attempted to scan another channel scans-rejected The number of times an AP attempted to scan a channel, but was unable to scan because the scan was halted by the power save, voice aware or load aware ARM features.
show ap arm state show ap arm state [ap-name |dot11a|dot11g|ip-addr ] Description Display Adaptive Radio Management (ARM) information for an individual AP’s neighbors, or show all available data for any neighboring AP using an 802.11a or 802.11g radio type. Syntax Parameter Description ap-name Show aggregate ARM Neighbor Information for a specific AP. dot11a Show aggregate ARM Neighbor Information for all APs using an 802.11a radio.
Column Description SNR Signal-to-noise (SNR) ratio. SNR is the power ratio between an information signal and the level of background noise. Assignment The AP’s current channel assignment. Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap association show ap association [ap-name |ap-group |bssid |channel |client-mac |essid |ip-addr |phy {a|b|g}|voiponly] Description Show the association table for an AP group or for an individual AP. Syntax Parameter Description ap-group Show AP associations for a specific AP group. You can also include the channel, essid or voip-only keywords to further filter the output of this command.
(host) #show ap association client-mac 00:13:fd:5c:7c:59 Flags: W: WMM client, A: Active, R: RRM client PHY Details: HT: High throughput; 20: 20MHz; 40: 40MHz ss: spatial streams Association Table ----------------Association Table ----------------- ----------------Name bssid ---- ----AL12 00:1a:1e:11:5f:11 AL5 00:1a:1e:88:88:31 vlan-id tunnel-id phy mac --00:21:5c:50:b1:ed 00:19:7d:d6:74:93 assoc time auth ---y y num assoc assoc ----y y aid --12 6 l-int ----10 10 essid ----ethersphere-wpa2 et
Related Commands Command Description Mode show ap debug association-failure (deprecated) If the output of this show command indicates that a client is not associating with an AP, use show ap debug associationfailure (deprecated) to determine why a client is not associated with an AP.
show ap association remote show ap association remote [ap-name |ap-group |bssid |channel |essid Description Display the association table for an individual AP or group of APs in bridge mode. Syntax Parameter Description ap-name Show AP associations for a specific remote AP. ap-group Show AP associations for a specific group of remote APs. bssid Show the AP associations for an specific AP Basic Service Set Identifier (BSSID).
Column Description essid Name that uniquely identifies the AP’s Extended Service Set Identifier (ESSID). vlan-id Identification number of the AP’s VLAN. tunnel-id Identification number of the AP’s tunnel. phy The RF band in which the AP should operate: g = 2.4 GHz a = 5 GHz assoc. time Amount of time the client has associated with the AP, in the format hours:minutes:seconds. num assoc Number of clients associated with the AP. flags This column displays any flags for this AP.
show ap authorization-profile show ap authorization-profile [] Description This command shows information for AP authorization profiles. Syntax Parameter Description The name of an an existing AP authorization profile. Usage Guidelines The AP authorization profile specifies which configuration should be assigned to a remote AP that has been provisioned but not yet authenticated at the remote site.
The output of the show ap authorization command includes the following parameters: Parameter Value AP authorization group Name of a configuration profile to be assigned to the group unauthorized remote APs. Related Commands Command Description Mode ap authorization-profile This command defines a temporary configuration profile Config mode for remote APs that are not yet authorized on the network. Command History This command was introduced in ArubaOS 3.0.
show ap blacklist-clients show ap blacklist-clients Description Show a list of clients that have been denied access. Usage Guidelines Use the stm CLI command to add or remove users from a blacklist. Additionally, the dot1x authentication, VPN authentication and MAC authentication profiles allow you to automatically blacklist a client if machine authentication fails. Examples The output of this command shows that the controller has a single user-defined blacklisted client.
Related Commands Command Description Mode stmadd-blacklist-client stmremove-blacklist-client Manually add or remove clients from a blacklist. Config mode Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 537 | show ap blacklist-clients Dell PowerConnect ArubaOS 6.
show ap bss-table show ap bss-table [ap-name |bssid |essid |ip-addr |port \] Description Show an AP’s Basic Service Set (BSS). Syntax Parameter Description ap-name Show the BSS table for a specific AP. bssid Show the BSS table for an specific AP Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address. essid Show the BSS table for an Extended Service Set Identifier (ESSID).
Column Description s/p The controller port used by the AP, in the format /. The number is always 1. The parameter refers to the network interfaces that are embedded in the front panel of the W-3000 Controller Series Multi-Service Controller. Port numbers start at 0, from the left-most position. ip IP address of an AP. phy An AP radio type. Possible values are: z a—802.11a z a-HT—802.11a high throughput z g— 802.11g z g-HT—802.
show ap bw-report show ap bw-report {ap-name |bssid |ip-addr } Description Show the bandwidth reporting table for a specific AP. Syntax Parameter Description ap-name Show bandwidth data for an AP with a specific name. bssid Show bandwidth data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 541 | show ap bw-report Dell PowerConnect ArubaOS 6.
show ap client status show ap client status Description Show the current status of a specific client. Syntax Parameter Description MAC address of a client Examples The output of the command shows the status of an individual client in the STA (station) table.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 543 | show ap client status Dell PowerConnect ArubaOS 6.
show ap config show ap config {ap-group }|{ap-name }|{essid } Description Show a large list of configuration settings for an ap-group or an individual AP. Syntax Parameter Description ap-group Display configuration settings for an AP group. ap-name Display configuration settings for an AP with a specific name. essid Display configuration settings for an AP with a specific Extended Service Set Identifier (ESSID).
The output of this command includes the following parameters. Parameter Description LMS IP The IP address of the local management switch (LMS)—the Dell controller which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network. Backup LMS IP For multi-controller networks, this parameter displays the IP address of a backup to the IP address specified with the lms-ip parameter.
Parameter Description Ortronics LED off Timeout Automatically turns off the LEDs 5 minutes after the AP boots up. Ortronics Low Temp The low-temperature threshold for the Ortronics AP. If the temperature reaches this threshold, the maximum transmit power is restored to four. Ortronics High Temp The high-temperature threshold for the Ortronics AP. The maximum transmit power range is 0— 4, with a default of 4.
Parameter Description Management Frame Throttle interval Average interval that rate limiting management frames are sent from this radio, in seconds. If this column displays a zero (0) rate limiting is disabled for this AP. Management Frame Throttle Limit Maximum number of management frames that can come from this radio in each throttle interval. ARM/WIDS Override Shows if Adaptive Radio Management (ARM) and Wireless IDS functions are enabled or disabled.
Parameter Description Acceptable Coverage Index For multi-band implementations, the Acceptable Coverage Index specifies the minimal coverage an AP it should achieve on its channel. The denser the AP deployment, the lower this value should be. Free Channel Index The current free channel index value. The Dell Interference index metric measures interference for a specified channel and its surrounding channels. This value is calculated and weighted for all APs on those channels (including 3rd-party APs).
Parameter Description RTS Threshold Wireless clients transmitting frames larger than this threshold must issue Request to Send (RTS) and wait for the AP to respond with Clear to Send (CTS). This helps prevent mid-air collisions for wireless clients that are not within wireless peer range and cannot detect when other wireless clients are transmitting. Short Preamble Shows if a short preamble for 802.11b/g radios is enabled or disabled for this AP.
Parameter Description WPA Passphrase Displays the WPA passphrase with which the AP generates a pre-shared key (PSK). Maximum Transmit Failures Display the maximum number of transmission failures allowed before the client gives up. BC/MC Rate Optimization Shows if the AP has enabled or disabled scanning of all active stations currently associated to that AP to select the lowest transmission rate for broadcast and multicast frames. This option only applies to broadcast and multicast data frames; 802.
Parameter Description Mobile IP Shows if IP mobility has been enabled or disabled for the virtual AP. HA Discovery onassociation If enabled, all clients of a virtual-ap will received mobility service on association. DoS Prevention Shows the status of the Dos Prevention option. If enabled, virtual APs ignore deauthentication frames from clients. This prevents a successful deauth attack from being carried out against the AP. This does not affect third-party APs.
Parameter Description VoIP Send SIP 100 Trying If enabled, the AP sends SIP 100 - trying messages to a call originator to indicate that the call is proceeding. This is useful when the SIP invite may be redirected through a number of servers before reaching the controller. VoIP Disconnect Extra Call If enabled, the AP disconnects calls that exceed the high capacity threshold by sending a deauthentication frame.
show ap coverage-holes show ap coverage holes Description Show information for APs that have detected coverage holes in the wireless network. Usage Guidelines This command will only display coverage hole information if you have enabled coverage hole detection using the command rf optimization-profile coverage-hole-detection. The coverage hole detection feature requires the RF Protect license.
show ap database show ap database {group |inactive|indoor|local|long|outdoor|page |sensors [disconnected]|sort-by [ap-group|ap-ip|ap-type|fqln|provisioned|status {up|down}|switch-ip]|sort-direction[ascending|descending]|start |status {up|down]|switch |unprovisioned} Description Show the list of access points in the controller’s database. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description group Show data for a specified AP group. inactive Show only local APs with no active BSSIDs or wired AP interfaces. indoor Show only APs that have an installation mode set to “indoor.” local Show only APs on this controller. long Display the following additional data columns: z Wired MAC Address, z Serial # z Slot/Port z FQLN outdoor Show only APs that have an installation mode set to “outdoor.
Usage Guidelines Many of the parameters in this command can be used together to filter a large database of information down to just the AP data you want to see. For example, you can issue the command show ap database group local status up to view a list of local APs within a specific AP group that are reporting an up status. Include the sort-by and sort-direction keywords to specify how the data is sorted in the output of this command.
show ap database-summary show ap database-summary Description Show a general summary of access point information for this controller. Usage Guidelines Use this command to show the current number of active APs and Air Monitors. This command is also useful for determining how many unprovisioned APs or duplicate APs are on the network. For full details on each AP registered to a controller, use the command show ap database.
show ap debug association-failure (deprecated) show ap debug association-failure [{ap-name }|{bssid }|{client-mac }|{essid }|{ip-addr }] Description Display association failure information that can be used to troubleshoot problems on an AP. Command History Platforms Licensing ArubaOS 3.0 Command introduced ArubaOS 5.0 Command deprecated Dell PowerConnect ArubaOS 6.
show ap debug bss-config show ap debug bss-config [ap-name |bssid ||essid |ip-addr |port /] Description Show the configuration for each BSSID of an AP. This information can be used to troubleshoot problems on an AP. Syntax Parameter Description ap-name Filter the AP Config Table by AP name. bssid Filter the AP Config Table by BSSID. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description fw-mode The configured forward mode for the AP’s virtual AP profile. z bridge: Bridge locally z split-tunnel: Tunnel to controller or NAT locally z tunnel: Tunnel to controller max-cl The maximum number of clients allowed for this BSSID. preamble Shows if short preambles are enabled for 802.11b/g radios. Network performance may be higher when short preamble is enabled. In mixed radio environments, some 802.
show ap debug bss-stats show ap debug bss-stats [bssid ] Description Show debug and troubleshooting statistics from a specific BSSID of an AP. Syntax Parameter Description bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. Examples The example below shows part of the output of the command show ap debug bss-stats bssid .
Parameter Description Tx Probe Responses Number of transmitted probe responses. Tx Data Frames Number of transmitted data frames. Multicast Data Number of multicast and broadcast frames transmitted. Tx CTS Frames Number of clear-to-sent (CTS) frames transmitted. Dropped After Retry Number of frames dropped after an attempted retry. Dropped No Buffer Number of frames dropped because the AP’s buffer was full. Missed ACKs Number of missed acknowledgements (ACKs).
Parameter Description Last SNR CTL0 The signal-to-noise ratio for the last received data packet on the primary (control) channel 0. This parameter is only displayed for APs operating in 40 Mhz mode. Last SNR CTL1 The signal-to-noise ratio for the last received data packet on the secondary (control) channel 1. This parameter is only displayed for APs operating in 40 Mhz mode. Last SNR CTL2 The signal-to-noise ratio for the last received data packet on the secondary (control) channel 2.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap debug client-mgmt-counters show ap debug client-mgmt-counters Description Show the numbers of each type of message from an AP’s clients. This information can be used to troubleshoot problems on an AP.
Parameter Description STM SAP Down (For internal use only) AP Message (For internal use only) STA On Call Message Number of counters indicating that a station has an active phone call STA Message (For internal use only) STA SIP authenticate Message Number of messages indicating that a telephone has completed SIP registration and authentication. STA Deauthenticate Number of times a station sent a message to an AP to deauthenticate a client.
show ap debug client-stats show ap debug client-stats
Parameter Description Frames Transmitted Number of frames successfully transmitted. Success With Retry Number of frames that were transmitted after being retried. Tx Mgmt Frames Number of management frames transmitted. Tx Probe Responses Number of transmitted probe responses. Tx Data Frames Number of transmitted data frames. Tx CTS Frames Number of clear-to-sent (CTS) frames transmitted. Dropped After Retry Number of frames dropped after an attempted retry.
Parameter Description Null Data Frames Number of null data frames received. Rx Mgmt Frames Number of management frames received. PS Poll Frames Number of power save poll frames received. Rx Mbps Number of frames received at Mbps, where is a value between 6 and 300. Tx WMM Number of Wifi Multimedia (WMM) packets transmitted for the following access categories. If the AP has not transmitted packets in a category type, this data row will not appear in the output of the command.
show ap debug client-table show ap debug client-table [ap-name |bssid |ip-addr ] Description Show clients associated to an AP. Syntax Parameter Description ap-name Filter the AP Config Table by AP name. bssid Filter the AP Config Table by BSSID. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address. ip-addr Filter the AP Config Table by IP address by entering an IP address in dotted-decimal format.
Parameter Description UAPSD This parameter shows the following values for Unscheduled Automatic Power Save Delivery (UAPSD) in comma-separated format: VO, VI, BK, BE, Max SP, Q Len. z z z z z z VO: If 1, UAPSD is enabled for the VoIP access category. If UAPSD is disabled for this access category, this value is 0. VI: If 1, UAPSD is enabled for the Video access category. If UAPSD is disabled for this access category, this value is 0. BK: If 1, UAPSD is enabled for the Background access category.
show ap debug counters show ap debug counters {ap-name |bssid |group |ip-addr } Description Show AP message and reboot/bootstrap counters for an individual AP or AP group. Syntax Parameter Description ap-name Show debug counters for an AP with a specified name. bssid Show debug counters for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 573 | show ap debug counters Dell PowerConnect ArubaOS 6.
show ap debug crash-info show ap debug crash-info {ap-name |ip-addr } Description Show crash log information (if it exists) for an individual AP. The stored information is cleared from the flash after the AP reboots. Syntax Parameter Description ap-name Show crash information for an AP with a specified name. ip-addr Show crash information for an AP with a specified IP address by entering an IP address in dotted-decimal format.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 575 | show ap debug crash-info Dell PowerConnect ArubaOS 6.
show ap debug datapath show ap debug datapath {ap-group |ap-name |bssid |ip-addr } Description Show datapath tunnel parameters of an AP or AP group. Syntax Parameter Description ap-group Show data path information for a specific AP group. ap-name Show data path information for an AP with a specific name. bssid Show data path information for a specific Basic Service Set Identifier (BSSID).
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 577 | show ap debug datapath Dell PowerConnect ArubaOS 6.
show ap debug driver-log show ap debug driver-log {ap-name |bssid |ip-addr } Description Show an AP’s driver logs. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug log show ap debug log {ap-group |ap-name |bssid |ip-addr } Description Show an AP’s debug log. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug mgmt-frames (deprecated) Description Show traced 802.11 management frames. Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 5.0 Command deprecated Dell PowerConnect ArubaOS 6.
show ap debug radio-stats show ap debug radio-stats {ap-name |ip-addr } radio {0|1} [advanced] Description Show aggregate radio debug statistics of an AP. Syntax Parameter Description ap-name Show log information for an AP with a specific name. ip-addr Show log information for an AP with a specific IP address by entering its IP address in dotteddecimal format. radio {0|1} Specify the ID number of the radio for which you want to view statistics.
Parameter Description Resets RF Gain Number of radio resets due to gain changes. Resets MTU Change Number of times the radio reset due to a change in the Maximum Transmission Unit (MTU) value. Resets TX Timeouts Number of radio resets due to transmission timeouts (the radio doesn’t transmit a signal within the required time frame.) POE-Related Resets If the radio power profile drops, an W-AP125 may not be able to support three transmit chains, and may drop to two chains only.
Parameter Description UAPSD SP Set The number of unique UAPSD Scheduled Period is started in response to UAPSD trigger frames. UASPD Dup Trig The number of times duplicate UAPSD trigger frames are received (i.e., retried UAPSD triggers that were received by the AP more than once). UAPSD Recv frame for TX The number of frames received for transmission over the air interface using UAPSD UAPSD Ageout Drain The number of time UAPSD queue is drained (i.e. frames are dropped) due to ageout.
Parameter Description FIFO Underrun The number of Receive FIFO overruns. Allocated Desc Number of allocated transmit descriptors. Freed Desc Number of freed transmit descriptors. Tx EAPOL Frames Number of Extensible Authentication Protocol over LAN (EAPOL) frames transmitted Tx AGGR Good Number of aggregated frames successfully transmitted. Tx AGGR Unaggr Number of non-aggregate frames transmitted due to unavailability of additional frames for aggregation at the time of transmission.
Parameter Description Last ACK SNR EXT0 Signal-to-noise ratio for the last received ACK packet on the secondary (extension) channel 0. This parameter is only displayed for APs operating in 40 Mhz mode. Last ACK SNR EXT1 Signal-to-noise ratio for the last received ACK packet on the secondary (extension) channel 1. This parameter is only displayed for APs operating in 40 Mhz mode. Last ACK SNR EXT2 Signal-to-noise ratio for the last received ACK packet on the secondary (extension) channel 2.
Parameter Description PHY Events The number of Physical Layer Events, that are not 802.11 packets, detected by radio as part of its normal receive operation. RADAR Events Number of times an AP detects a radar signature. Dell APs are DFS-compliant detects a radar signature, it will change its channel. RX Interrupts The number of receive interrupts received by the CPU from the radio. RX Overrun The number of Receive FIFO overruns. Rx Mbps Packets received at the specified rate (in Mbps).
show ap debug received-config show ap debug received-config {ap-group |ap-name |bssid |ipaddr } Description Show the configuration the AP downloaded from the controller. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
The output of this command includes the following information: Parameter Description BSSID The BSSID of the AP. LMS IP The LMS IP is the IP address of the local controller used by the AP for client data processing. Master IP For environments with multiple controllers, the master controller is the central configuration and management point for all local controllers. Mode Shows the operating modes for the AP.
Parameter Description Honor 40 MHz intolerance Shows if 40 MHz intolerance is enabled or disabled. If enabled, the radio will stop using the 40 MHz channels if the 40 MHz intolerance indication is received from another AP or station. Legacy station workaround Shows if interoperability for misbehaving legacy stations is enabled or disabled. Country Code Display the country code for the AP. The country code specifies allowed channels for that country.
Parameter Description Maximum Transmit Failures Display the maximum number of transmission failures allowed before the client gives up. BC/MC Rate Optimization Shows if the AP has enabled or disabled scanning of all active stations currently associated to that AP to select the lowest transmission rate for broadcast and multicast frames. This option only applies to broadcast and multicast data frames; 802.11 management frames are transmitted at the lowest configured rate.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 591 | show ap debug received-config Dell PowerConnect ArubaOS 6.
show ap debug remote association show ap debug remote association [ap-name |bssid |ip-addr ] Description Show the AP association table to identify the remote clients associated to each AP. Syntax Parameter Description ap-group Show remote client associations for a specific AP group. ap-name Show remote client associations for a specific AP. bssid Show remote client associations for an specific AP Basic Service Set Identifier (BSSID).
Column Description 1-int Number of beacons in the 802.11 listen interval. There are ten beacons sent per second, so a ten-beacon listen interval indicates a listen interval time of 1 second. essid Name that uniquely identifies the AP’s Extended Service Set Identifier (ESSID). vlan-id Identification number of the AP’s VLAN. tunnel-id Identification number of the AP’s tunnel. assoc. time Amount of time the client has associated with the AP, in the format hours:minutes:seconds.
show ap debug shaping-table show ap debug shaping-table {ap-name |ip-addr } Description Show shaping information for clients associated to an AP. Syntax Parameter Description ap-name Show shaping table information for a specific AP. ip-addr Show shaping table information for a specific AP IP address by entering its IP address in dotted-decimal format. Example The following command shows the shaping table the an AP named ap22.
Column Description pktqd Number of packets queued. cmn [C:O:H] (For internal use only.) drop Number of CCK (802.11b) and OFDM (802.11a/g) packets dropped. Numcl Number of CCK (802.11b) and OFDM (802.11a/g) packets dropped. TotCl Total number of clients associated with the AP Bwmgmt This data column displays a 1 if the bandwidth management feature has been enabled. Otherwise, it displays a 0. d (For internal use only.) idx Association ID.
show ap debug system-status show ap debug system-status {ap-name |bssid |ip-addr } Description Show detailed system status information for an AP. Syntax Parameter Description ap-name Show system status data for an AP with a specific name. bssid Show system status data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Command History Release Modification ArubaOS 5.0 Crash information parameter was introduced. ArubaOS 3.0 Command introduced Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 597 | show ap debug system-status Dell PowerConnect ArubaOS 6.
show ap debug trace-addr show ap debug trace-addr Description Show MAC addresses in the trace buffer. Usage Guidelines Use this command to troubleshoot wireless clients that are being traced for 802.11 communication Examples The output of the command shows the Trace List table. If no wireless clients are being traced, this table will be empty.
show ap details show ap details [advanced]{ap-name |bssid |ip-addr |installation} Description Show detailed provisioning parameters and hardware and operating information and for a specific AP.
The output of this command includes the following information: Column Description AP IP Address IP address of the AP LMS IP Address The IP address of the local management switch (LMS)—the Dell controller which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network. Group Name of the AP’s AP group. Location Name Location of the AP. Status Current status of the AP, either Up or Down.
Column Description Band The RF band in which the AP should operate: z 802.11g = 2.4 GHz z 802.11a = 5 GHz Channel Channel number for the AP 802.11a/802.11n physical layer. The available channels depend on the regulatory domain (country). Secondary Channel The secondary channel number for the AP. The secondary channel is a 20 MHz channel used in conjunction with the primary channel to create a 40 MHz channel for highthroughput clients.
Column Description USB Device Type The USB driver type. USB Device Identifier The USB device identifier. USB Dial String The dial string for the USB modem. USB Initialization String The initialization string for the USB modem. USB TTY device path The TTY device path for the USB modem. Mesh Role If the mesh role is “none,” the AP is operating as a thin AP. An AP operating as a mesh node can have one of two roles: mesh portal or mesh point.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 Introduced support for mesh parameters, additional antenna parameters, and AP location parameters. ArubaOS 3.4 Introduced support for the following parameters: installation z mesh-sae z set-ikepsk-by-addr z usb-dev z usb-dial z usb-init z usb-passwd z usb-tty z usb-type z usb-user z ArubaOS 5.0 The mesh-sae parameter no longer displays the sae-default setting if the parameter is disabled.
show ap enet-link-profile show ap enet-link-profile [] Description Show a list of all Ethernet Link profiles. Usage Guidelines Include a profile name to display details for the specified Ethernet Link Profile, or omit the parameter to display a list of all Ethernet Link profiles.
show ap essid show ap essid Description Show a Extended Service Set Identifier (ESSID) summary for the controller, including the numbers of APs and clients associated with each ESSID. Examples The output of the command in the example below shows statistics for four configured ESSIDs.
show ap ht-rates show ap ht-rates bssid Description Show high-throughput rate information for a basic service set (BSS). Syntax Parameter Description bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. Examples The output of this command shows high-throughput rates for each supported MCS value. These values are applicable to high-throughput (802.11n-capable) APs only.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 607 | show ap ht-rates Dell PowerConnect ArubaOS 6.
show ap image version show ap image version [ap-name |ip-addr ] Description Display an AP’s image version information. Syntax Parameter Description ap-name View image version information for an AP with a specific name. ip-addr View image version information for an AP with a specific IP address. Enter the address of the AP in dotted-decimal format.
Column Description Image Load Status Current status of the AP following an upgrade. Done: This status indicates that the controller reset after the upgrade was performed, or the upgrade was performed after the AP first registered with the controller. Completed: The AP was updated after it was registered to the controller, and after the controller’s last reset. If AP shows a status of completed, it will also display the time it took it update that AP. In progress: The AP is currently updating its image.
show ap license-usage show ap license-usage Description Show AP license usage information. Examples The output of the command below shows that controller has 82 remaining unused AP licenses.
Parameter Description Total 802.11n-120abg Licenses Total number of high-throughput (802.11n-capable) licenses available for 120abg APs. 802.11n-120abg Licenses Used Number of high-throughput (802.11n-capable) licenses currently used by 120abg APs Total 802.11n-121abg Licenses Total number of high-throughput (802.11n-capable) licenses available for 121abg APs. 802.11n-121abg Licenses Used Number of high-throughput (802.11n-capable) licenses currently used by 121abg APs Total 802.
show ap load-balancing show ap load balancing Description Show the load-balancing information for each AP with load balancing enabled. Examples The output of the command in the example below shows details for a single AP enabled with the load-balancing feature. (host) #show ap load-balancing Load Balance Enabled Access Point Table --------------------------------------bss ess name s/p ip phy chan cur-cl util(kbps) -------- --- ---- ---- ------ ---------00:0b:86:cc:8e:4e Wireless_1 mp22 2/24 10.3.148.
show ap mesh active show ap mesh active [|{page }|{start }] Description Show active mesh cluster APs currently registered on this controller. Syntax Parameter Description Name of a mesh cluster profile. page Limit the output of this command to a specific number of entries by entering the number of entries you want to display.
Column Enet 0/1 Description Shows the current mode of each wired interface. Bridge: 802.11 frames are bridged into the local Ethernet LAN. z Tunnel: 802.11 frames are tunneled to the controller using generic routing encapsulation (GRE). z Split-tunnel: 802.11 frames are either bridged into the local Ethernet LAN or tunneled to the controller, depending upon their destination. z Off: Interface is not available for serving clients.
show ap mesh debug counters show ap mesh debug counters {ap-name }|{bssid }|{ip-addr } Description Show counters statistics for a mesh node. Syntax Parameter Description ap-name Show counter statistics for an AP with a specific name. bssid Show counter statistics for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. ip-addr View counter statistics for an AP with a specific IP address.
Column Description Assoc Resp Number of association response packets from the interface specified in the Interface parameter. This number includes valid responses and fail responses. Assoc Fail Number of fail responses received from the interface specified in the Interface parameter. Link up/down Number of times the link up or link down state has changed. Resel. Number of times a mesh point attempted to reselect a different mesh portal.
show ap mesh debug current-cluster show ap mesh debug current-cluster {ap-name }|{bssid }|{ip-addr } Description Display information for the mesh cluster currently used by a mesh point or mesh portal. Syntax Parameter Description ap-name Show mesh cluster data for an AP with a specific name. bssid Show mesh cluster data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
Command Information Platforms Licensing Command Mode All platforms This show command is available in the base operating system. Commands to configure the mesh feature require the Mesh license. Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap mesh debug forwarding-table show ap mesh forwarding-table {ap-name }|{ip-addr } Description Show the forwarding table for a remote mesh point or remote mesh portal. Syntax Parameter Description ap-name Show data for a remote mesh node with a specific name. ip-addr Show data for a remote mesh node with a specific IP address by entering its IP address in dotted-decimal format. Usage Guidelines This is an internal technical support command.
show ap mesh debug hostapd-log show ap mesh debug hostapd-log {ap-name }|{bssid }|{ip-addr } Description Show the debug log messages for the hostapd process. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap mesh debug meshd-log show ap mesh debug meshd-log {ap-name }|{bssid }|{ip-addr } [] Description Show the debug log messages for the meshd process. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap mesh debug provisioned-clusters show ap mesh debug provisioned-clusters {ap-name }|{bssid }|{ip-addr } Description Show cluster profiles provisioned on a mesh portal or mesh point. Syntax Parameter Description ap-name Show data for a mesh node with a specific name. bssid Show data for a mesh node with a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description Encryption Data encryption setting for the mesh cluster profile. z opensystem—No authentication and encryption. z wpa2-psk-aes—WPA2 with AES encryption using a preshared key. WPA Hexkey The WPA pre-shared key (only for mesh cluster profiles using WPA2 with AES encryption). WPA Passphrase The WPA password that generates the preshared key (only for mesh cluster profiles using WPA2 with AES encryption). Command History Introduced in ArubaOS 3.0.
show ap mesh neighbors show ap mesh neighbors {ap-name }|{bssid }|{ip-addr } [names] Description Show all mesh neighbors for an AP. Syntax Parameter Description ap-name Show mesh neighbors for an AP with a specific name. bssid Show mesh neighbors for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description Portal By default, this column displays the BSSID of the mesh point. If you include the optional names parameter, this column will display AP names, if available. The AP names will include [p] (parent), or [c] (child) suffixes to indicate the role of the mesh BSSID. Channel Number of a radio channel used by the AP. Age Number of seconds elapsed since the AP heard from the neighbor. Hops Indicates the number of hops it takes traffic from the mesh node to get to the mesh portal.
show ap mesh tech-support show ap mesh tech-support ap-name Description Display all information for an AP, and save that information in a file on the controller Syntax Parameter Description Name of an AP for which you want to create a report Filename for the report created by this command. The file can only be saved in the flash directory. If desired, you can use FTP or TFTP to copy the file to another destination.
show ap mesh topology show ap mesh topology [long] [page ] [start ] Description Show the mesh topology tree. Syntax Parameter Description long Include the names of a mesh portal’s children in the output of this command page Limit the output of this command to a specific number of entries by entering the number of entries you want to display.
Column Description RSSI The Receive Signal Strength Indicator (RSSI) value displayed in the output of this command represents signal strength as a signal to noise ratio. For example, a value of 30 would indicate that the power of the received signal is 30 dBm above the signal noise threshold. Rate Tx/Rx The rate, in Mbps, that a mesh point transmits and receives at on its uplink. Note that the rate information is only as current as indicated in the Last Update column.
show ap mesh-cluster-profile show ap mesh-cluster-profile [] Description Show configuration settings for a mesh cluster profile. Syntax Parameter Description Name of a mesh cluster profile Usage Guidelines The command show ap mesh-cluster-profile displays a list of all mesh cluster profiles configured on the controller, including the number of references to each profile and each profile’s status.
Command Information Platforms Licensing Command Mode All platforms This show command is available in the base operating system. Commands to configure the mesh feature require the Mesh license. Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap mesh-ht-ssid-profile show ap mesh-ht-ssid-profile [] Description Show configuration settings for a mesh high-throughput Service Set Identifier (SSID) profile. Syntax Parameter Description Name of a mesh high-throughput SSID profile. Usage Guidelines High-throughput APs support additional settings not available in legacy APs. A mesh high-throughput SSID profile can enable or disable high-throughput (802.
Column Description Max transmitted A-MPDU size Maximum size of a transmitted aggregate MPDU, in bytes. Max received A-MPDU size Maximum size of a received aggregate MPDU, in bytes. Min MPDU start spacing Minimum time between the start of adjacent MPDUs within an aggregate MPDU, in microseconds. Supported MCS set A list of Modulation Coding Scheme (MCS) values or ranges of values to be supported on this SSID. The MCS you choose determines the channel width (20MHz vs.
show ap mesh-radio-profile show ap mesh-radio-profile [] Description Show configuration settings for a mesh radio profile. Syntax Parameter Description Name of a mesh radio profile. Usage Guidelines The radio profile determines the radio frequency/channel used only by mesh nodes to establish mesh links. Mesh nodes operating in different cluster profiles can share the same radio profile.
Parameter Description Reselection Mode Specifies the one of the following methods used to find a better mesh link. z startup-sub-threshold: When bringing up the mesh network, mesh nodes have 3 minutes to find a better uplink. After that time, each mesh node evaluates alternative links only if the existing uplink falls below the configured threshold level (the link becomes a subthreshold link).
show ap monitor show ap monitor active-laser-beams|ap-list|channel|client-list|ids-state|mesh-list|potap-list|pot-client-list|routers|wired-mac {ap-name }|{bssid }|{ip-addr } {ap-bssid }|{enet-mac } Description Show information for Dell Air Monitors. 635 | show ap monitor Dell PowerConnect ArubaOS 6.
Syntax Parameter Description active-laser-beams Show active laser beam generators. The output of this command shows a list of all APs that are actively performing policy enforcement containment such as rogue containment. This command can tell us which AP is sending out deauthorization frames, although it does not specify which AP is being contained. ap-list Show list of APs being monitored. arp-cache Show ARP Cache of learned IP to MAC binding channel Show state and stats of a specific channel.
Examples The output of the command displays the Monitored AP Table, which lists all the APs monitored by a specified AP or BSSID.
Version Modification ArubaOS 3.4. The ap-bssid and enet-mac parameters were added to the show ap monitor wired-mac command. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap monitor association show ap monitor association {ap-name }|{bssid }|{ip-addr } Description Show the association table for an Air Monitor (AM). Syntax Parameter Description ap-name Show data for an AM with a specific name. bssid Show data for an AM with a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AM’s MAC address.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap monitor debug show ap monitor debug counters|status {ap-name }|{bssid }|{ip-addr } show ap monitor debug profile-config {ap-name }|{bssid }|{ip-addr } ap-radio|ap-system|arm|event-thresholds|ids-dos|ids-general|idsimpersonation|ids-signature-matching|ids-unauthorized-device|interference|regulatorydomain|rf-behavior Description Show information for an Air Monitor’s current status, message counters, or profile settings.
Syntax Parameter Description counters Show Air Monitor (AM) message counters. status Show the status of an Air Monitor. ap-name Show data for an AM with a specific name. bssid Show data for an AM with a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address. ip-addr Show data for an AM with a specific IP address by entering its IP address in dotted-decimal format.
(host) #show ap monitor debug status ap-name ap12 WLAN Interface -------------bssid scan monitor probe-type -------------- ---------00:1a:1e:11:5f:10 enable enable sap 00:1a:1e:11:5f:00 enable enable sap Wired Interface --------------mac ip tagged-pkts vlan -------------- ---00:1a:1e:c9:15:f0 192.0.2.32.
The output of this command includes the following information: Column Description bssid The Basic Service Set Identifier (BSSID) for the AP. This is usually the AP’s MAC address. scan Indicates whether or not if active scanning is enabled on this AP. monitor Indicates whether the AP radio is currently enabled or disabled. probe-type This parameter displays one of the following options to show the AP is configured. sap: Default AP setting. z am: AP is configured as an Air Monitor.
Column Description Country Code The AP’s country code. Valid radio channels for your wireless network are based on your country code. If you change the AP’s country code, the valid channels will be reset to the defaults for the new country. ap Number of other APs monitored by this AP. sta Number of clients and APs seen by this AP. pap Number of potential APs; APs which have transmitted a beacon, but have not yet been registered.
Command History Version Modification ArubaOS 3.0. Command introduced ArubaOS 3.4. The tagged-pkts and vlan parameters were added to the Wired Interface table in the output of the show ap monitor debug status command. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap monitor stats show ap monitor stats advanced {ap-name }|{bssid }|{ip-addr } client-mac show ap monitor stats {ap-name }|{bssid }|{ip-addr } mac Description Show packet, signal and channel statistics for an AP or a client. 647 | show ap monitor stats Dell PowerConnect ArubaOS 6.
Syntax Parameter Description advanced Show advanced statistics for an AP or client. ap-name Show statistics for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address by entering its IP address in dotteddecimal format.
The output of this command includes the following information: Column Description retry Percent of 802.11 retry frames sent because a client failed to send an ACK. Low-speed Percent of frames sent at a data rate of 18 Mbps or slower. non-unicast Percent of non-unicast frames recev-error Percent of error frames of all frames seen in the last second. frag Rate of fragmented packets, in frames per second bwth Current bandwidth, in bps.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap pcap status show ap pcap status {ap-name }|{bssid }|{ip-addr } Description Show the status of outstanding packet capture (pcap) sessions. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap profile-usage show ap profile-usage {ap-name |bssid |ip-addr } Description Show a complete list of all profiles referenced by an individual AP or an AP BSSID. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap provisioning show ap provisioning {ap-name }|{bssid }|{ip-addr } Description Show provisioning parameters currently used by an AP Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address.
The output of this command includes the following information: Column Description AP Name Name of the AP. AP Group AP group to which the AP belongs. Location name Fully-qualified location name (FQLN) for the AP. SNMP sysLocation User-defined description of the location of the AP, as defined with the command provision-ap syslocation. Master Name or IP address for the master controller. Gateway IP address of the default gateway for the AP. Netmask Netmask for the AP’s IP address.
Column Description Antenna bearing for 802.11g Horizontal coverage distance of the 802.11g (2.4GHz) antenna from true north, from 0-360 degrees. NOTE: This parameter is supported on outdoor APs only. The horizontal coverage pattern does not consider the elevation or vertical antenna pattern. Antenna tilt angle for 802.11a The angle of the 802.11a (5GHz) antenna. This parameter can range from between -90 degrees and 0 degrees for downtilt, and between +90 degrees and 0 degrees for uptilt.
show ap radio-database show ap radio-database [band a|g] [group ] [mode access-point|airmonitor|disabled|ht|ht-40mhz|legacy|sap-monitor] [sort-by ap-group|ap-ip|ap-name|aptype|switch-ip] [sort-direction ascending|descending] [start ] [switch ] Description Show radio information for Access Points visible to this controller. Syntax Parameter Description band Show only APs with a radio operating in the specified band. a Show only APs with a radio operating in the 802.
Example The output of the command shows that the AP is aware of five other access points, three of which are active. (host) #show ap radio-database AP Radio Database ----------------Name Group AP Type IP Address Status EIRP/Cli 11a Mode/Chan/EIRP/Cli -------------- --------------------- ---------------------mp3 default 125 10.3.129.96 Up 14h:45m:0s M AP(HT)/100/4/0 sw-ad-ap124-11 default 124 10.3.129.99 Up 14h:43m:18s M AP(HT)/100+/2/0 sw-ad-ap125-13 default 125 10.3.129.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers 659 | show ap radio-database Dell PowerConnect ArubaOS 6.
show ap regulatory-domain-profile show ap regulatory-domain-profile [] Description Show the list of regulatory domain profiles, or the settings in an individual regulatory domain profile Syntax Parameter Description Show data for a specific regulatory domain profile Usage Guidelines Issue this command without the parameter to display the entire regulatory domain profile list, including profile status and the number of references to each profile.
The output of this command includes the following information: Column Description Country Code Code that represents the country in which the APs will operate. The country code determines the 802.11 wireless transmission spectrum. Valid 802.11g channel Selected 802.11b/g channel available for use by an AP using the specified regulatory domain profile. These channels are limited to those valid for the profile’s country code. Valid 802.11a channel Selected 802.
show ap remote counters show ap remote counters {ap-name }|{bssid }|{ip-addr } Description Show the numbers of message counters for Remote APs Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. You must specify an AP’s BSSID, which is usually the AP’s MAC address ip-addr Show data for an AP with a specific IP address.
show ap remote debug flash-config show ap remote debug flash-config {ap-name |bssid |ip-addr } acls|{vap |vaps Description Show the remote AP configuration stored in flash memory. Syntax Parameter Description ap-name Show debugging data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
The output of this command includes the following information: Column Description Native VLAN VLAN ID of the native VLAN. DHCP VLAN VLAN ID of Remote AP DHCP server used when the controller is unreachable. DHCP ADDR IP Address used as DHCP Server Identifier. DHCP POOL NETMASK Netmask of the DHCP server pool. DHCP POOL START IP Address used as the start of a range of addresses for a DHCP pool. DHCP POOL END IP Address used as the end of a range of addresses for a DHCP pool.
show ap remote debug mgmt-frames show ap remote debug mgmt-frames {ap-name }|{bssid |{ip-addr } [client-mac ] [count ] Description Show traced 802.11 management frames for a remote AP. Syntax Parameter Description ap-name Show debugging information for a specific AP. bssid Show debugging information for a specific Basic Service Set Identifier (BSSID).
Column Description signal Signal strength as a signal to noise ratio. For example, a value of 30 would indicate that the power of the received signal is 30 dBm above the signal noise threshold. Misc Additional information describing the client’s action. Command History Introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap spectrum ap-list show ap spectrum ap-list {ap-name }|{ip-addr } ap-bssid channel essid limit or page freq-band 2.4ghz|5ghz sort start Description This command shows spectrum data seen by an access point that has been converted to a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information.
Examples The output of this example shows spectrum data seen by spectrum monitor ap123. The output in the example below has been divided into two tables to better fit this document. In the ArubaOS CLI, the output appears as a single, long table.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum channel-metrics show ap spectrum channel-metrics {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command shows channel quality, availability and utilization metrics as seen by a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor. freq-band 2.4ghz|5ghz View information for a specific radio type, either 2.
Examples The output of this example shows part of the channel metrics table for channels seen by the spectrum monitor ap123,. (host)# show ap spectrum channel-metrics ap-name ap123 freq-band 2.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum channel-summary show ap spectrum channel-summary {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command displays a summary of the 802.11a or 802.11g channels seen by a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor for which you want to view spectrum information. freq-band 2.
Column Description Max Interference(dBm) Signal strength of the non-Wi-Fi device that has the highest signal strength. SNIR (db) The ratio of signal strength to the combined levels of interference and noise on that channel. This value is calculated by determining the maximum noise-floor and interference-signal levels, and then calculating how strong the desired signal is above this maximum.
show ap spectrum client-list show ap spectrum client-list {ap-name }|{ip-addr } ap-bssid channel essid limit mac or page freq-band 2.4ghz|5ghz start Description This command shows details for clients seen by a specified spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information.
Examples The example shows that the spectrum monitor ap999 sees eight different clients on channel 149. The output in the example below has been divided into two tables to better fit this document. In the ArubaOS CLI, the output appears as a single, long table.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum debug show ap spectrum debug {channel-info|channel-quality|classify|classify-fft|devicedetails|device-info|devices-seen} {ap-name }|{ip-addr } freq-band {2.4ghz|5ghz} Description This command saves spectrum analysis channel information to a file on the spectrum monitor. Syntax Parameter Description channel-info Save channel information for later analysis.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 679 | show ap spectrum debug Dell PowerConnect ArubaOS 6.
show ap spectrum debug fft show ap spectrum debug fft {ap-name }|{ip-addr } freq-band {2.4ghz|5ghz} avg duty-cycle fft-to-controller max normalized raw raw-normalized Description Save FFT (Fast Fourier Transform) power data to a file on the spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor. freq-band 2.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 681 | show ap spectrum debug fft Dell PowerConnect ArubaOS 6.
show ap spectrum debug monitors show ap spectrum debug monitors Description Show a detailed description of all spectrum monitors on the controller. Syntax No parameters Examples The output of this command shows a list of available spectrum monitors, a list of spectrum monitors currently subscribed to a spectrum client, message counters for subscribed spectrum monitors and the subscription history.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum debug status show ap spectrum debug status {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command shows detailed status and statistics for a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view status information. ip-addr IP address of the spectrum monitor for which you want to view status information. freq-band 2.
show ap spectrum device-duty-cycle show ap spectrum device-duty-cycle {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description Shows the current duty cycle for devices on all channels being monitored by the spectrum monitor radio. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor for which you want to view spectrum information. freq-band 2.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum device-history show ap spectrum device-history {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [type audio-ff|bluetooth|cordless-base-fh|cordless-network-fh|cordless-phoneff|generic-ff|generic-fh|generic-interferer|microwave|microwave-inverter|video|xbox] Description This command shows the history of the last 256 non-Wi-Fi devices. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information.
Non-Wi-Fi Interferers The following table describes each type of of non-Wi-Fi interferer detected by a spectrum monitor. Non-Wi-Fi Interferer Type Description Bluetooth Any device that uses the Bluetooth protocol to communicate in the 2.4 GHz band is classified as a Bluetooth device. Bluetooth uses a frequency hopping protocol. Fixed Frequency (Audio) Some audio devices such as wireless speakers and microphones also use fixed frequency to continuously transmit audio.
Example The output of this example shows details for fixed-frequency video devices seen by the spectrum monitor.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum device-list show ap spectrum device-list {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [type audio-ff|bluetooth|cordless-base-fh|cordless-network-fh|cordless-phoneff|generic-ff|generic-fh|generic-interferer|microwave|microwave-inverter|video|xbox] Description Show a device summary table and channel information for non-Wi-Fi devices currently seen by the spectrum monitor.
(host) #show ap spectrum device-list ap-name ap123 freq-band 5ghz Non-Wifi Device List Table -------------------------Type ID Cfreq Bandwidth Channels-affected Signal-strength ----- ------------- ----------------- --------------Cordless Phone FH 3 5826093 80000 149 157 161 165 49 Duty-cycle Add-time Update-time ---------- -----------------5 2010-05-17 10:04:53 2010-05-17 10:04:55 Total:1 Current Time:2010-05-17 10:04:56 The output of this command includes the following information: Column Description Ty
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum device-log show ap spectrum device-log {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [type audio-ff|bluetooth|cordless-phone-ff|cordless-phone-fh| generic-ff|generic-fh|generic-interferer|microwave|microwave-inverter|video|xbox] Description This command shows a time log of add and delete events for non-Wi-Fi devices. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information.
(host) #show ap spectrum device-log ap-name ap123 freq-band 5ghz cordless-base-fh Non-Wifi Device Log Table ------------------------Device Type ID Added/Deleted ------------ ------------Cordless Base FH 1 Added Cordless Base FH 1 Deleted Cordless Base FH 2 Added Cordless Base FH 2 Deleted Cordless Base FH 3 Added Cordless Base FH 3 Deleted Cordless Base FH 4 Added Start Freq ---------5733281 5707343 5717656 5720469 5762813 5762813 5730781 End Freq -------5813281 5787343 5797656 5800469 5842813 5842813 5810
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum device-summary show ap spectrum device-summary {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command shows the numbers of wi-fi and non-Wi-Fi device types on each channel monitored by a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor for which you want to view spectrum information. freq-band 2.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum interference-power show ap spectrum interference-power {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [] Description This command shows the interference power detected by a 802.11a or 80211g radio on a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor for which you want to view spectrum information. freq-band 2.
Examples The output of this example shows interference power levels for each channel seen by the spectrum monitor ap123.
show ap spectrum local-override show ap spectrum local-override Description This command shows a list of AP radios currently converted to spectrum monitors via the spectrum local-override list Syntax No parameters Examples The output of this example shows that three APs each have two radios defined as spectrum monitors.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profile mode spectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profile mode spectrum-mode Set a 802.
show ap spectrum monitors show ap spectrum monitors Description This command shows a list of APs terminating on the controller that are currently configured as spectrum monitors. Syntax No parameters Examples The output of this example shows that the 802.11a radio on a spectrum monitor named ap123 is sending spectrum analysis data to a client with the IP address 10.240.16.177.
show ap spectrum technical-support show ap spectrum technical-support ap-name Description Save spectrum data for later analysis by technical support. Syntax Parameter Description Save technical support information for a specific spectrum monitor. Name of the file to which this data should be saved. This file does not have to already exist on the controller, the show ap spectrum technical-support command will create this file.
show ap spectrum-load-balancing show ap spectrum-load-balancing [group ] Description Show spectrum load balancing information for an AP with this feature enabled. Syntax Parameter Description group Filter this information to show only data for the specified spectrum load balancing domain. Examples The output of the command below shows the APs currently using the spectrum load-balancing domain default-1.
show ap system-profile show ap system-profile Description Show an AP’s system profile settings. Syntax Parameter Description Name of a system profile. Examples The output of the command below shows the current configuration settings for the default system profile.
Column Description LMS Hold-down Period Time, in seconds, that the primary LMS must be available before an AP returns to that LMS after failover. Master controller IP address For multi-controller networks, this parameter displays the IP address of the master controller. LED operating mode (AP-12x only) Displays the LED operating mode for W-AP120 series APs. LEDs display as usual in the default normal operating mode, but are all turned off in off mode.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap tech-support show ap tech-support ap-name [] Description Display all information for an AP, or save that information to a file on the controller. This information can be used by Dell technical support to diagnose a problem with an AP. Syntax Parameter Description Name of the AP for which you want to view tech support data. Save the output of this command into a file on the controller with the specified filename.
show ap vlan-usage show ap vlan-usage [{ap-name }|{bssid |{essid |{ip-addr }] Description Show the numbers of clients on each vlan. Syntax Parameter Description ap-name Show VLAN data for an AP with a specific name. bssid Show VLAN data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap wired stats show ap wired stats {ap-name } | {ip-addr }|{client-ip } | {client-mac } Description Shows statistics for RAP wired clients. Syntax Parameter Description ap-name Show wired RAP statistics for a specified AP name. ip-addr Show wired RAP statistics for a specified AP by entering an IP address in dotted-decimal format. client-ip Show wired RAP statistics for a specified client IP address.
Column Description TX Broadcast Packets Number of broadcast packets sent TX Broadcast Bytes Number of broadcast bytes sent TX Multicast Packets Number of multicast packets sent TX Multicast Bytes Number of multicast bytes sent Command History Introduced in ArubaOS 5.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap wired-ap-profile show ap wired-ap-profile [] Description Show a list of all wired AP profiles, or display the configuration parameters in a specific wired AP profile. Syntax Parameter Description Name of a wired AP profile. Usage Guidelines The command show ap wired-ap-profile displays a list of all wired AP profiles, including the number of references to each profile and the profile status.
Column Description Trusted Shows if the wired port on an AP using this profile is a trusted port. Possible values are Trusted or Not Trusted. Broadcast If set to broadcast, the wired AP port will forward broadcast traffic. If the parameter displays Do Not Broadcast, broadcast traffic will not be forwarded. Command History Introduced in ArubaOS 3.0.
show ap wired-port-profile show ap wired-port-profile Description Shows all AP wired port profiles and their status. Syntax No parameters.
show ap wmm-flow show ap wmm-flow [{ap-name }|{bssid }|{essid }|{ip-addr }] dotlla|dotllg Description Show the Wireless Multimedia (WMM) flow table. Syntax Parameter Description ap-name View an AP with a specified name. bssid View data for an AP with a specific BSSID (Basic Service Set Identifier). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address. essid View data for a specific ESSID (Extended Service Set Identifier).
Column Description Description The description is a long string that includes the following information. z TSID: The transmitting subscriber identification number. The TSID should match the priority level for each flow. z Priority: One of the following IEEE 802.1p priority values: z z z z z z z z 0-1 = Best Effort 2-3 = Background 4-5 = Video 6-7 = Voice Inactivity: Tspec inactivity threshold, in microseconds. : AP country code, e.g. US. bdir: flow is bidirectional.
show ap-group show ap-group [] Description Show settings for an AP group. Syntax Parameter Description The name of an AP group. Usage Guidelines Issue this command without the optional parameter to display the entire AP group list, including profile status for each profile. Include an AP group name to display detailed configuration information for that AP group profile. Example This first example shows that the controller has nine configured AP groups.
Include an AP group name to display a complete list of configuration settings for that profile. The example below shows settings for the AP group corp1. (host) #show ap-group corp1 AP group "corp1" ------------------Parameter --------Virtual AP Virtual AP 802.11a radio profile 802.11g radio profile Wired AP profile Ethernet interface 0 link profile Ethernet interface 1 link profile AP system profile VoIP Call Admission Control profile 802.11a Traffic Management profile 802.
Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master controllers Dell PowerConnect ArubaOS 6.
show ap-name show ap-name [] Description Show a list of AP names. Include the parameter to display detailed configuration information for that AP. Syntax Parameter Description The name of an AP. Example This first example shows that the controller has eight registered APs. The Name column lists the names of each registered AP. Note that APs are all user-defined, so they will not have an entry in the Profile Status column.
Include an AP name to display a complete list of configuration settings for that AP. If the AP has default settings, the value may appear as N/A. The AP in the example below has all default profile settings (host) #show ap-group corp1 AP name "mp3" ------------Parameter --------Virtual AP Excluded Virtual AP 802.11a radio profile 802.11g radio profile Wired AP profile Ethernet interface 0 link profile Ethernet interface 1 link profile AP system profile VoIP Call Admission Control profile 802.
Parameter Description Excluded Mesh Cluster profile Excludes the specified mesh cluster profile from this AP. Related Commands Configure AP settings using the command ap-name. Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers Dell PowerConnect ArubaOS 6.
show arp show arp Description Show Address Resolution Protocol (ARP) entries for the controller. Syntax No parameters Example This example shows configured static ARP entries for the controller. (host) #show arp Protocol Address Internet 10.3.129.98 Internet 10.3.129.253 Internet 10.3.129.250 Internet 10.3.129.99 Internet 10.3.129.96 Internet 10.3.129.
show audit-trail show audit-trail {] Description Show the controller’s audit trail log. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. Example By default, the audit trail feature is enabled for all commands in configuration mode. The example below shows the most recent ten audit log entries for the controller. (host) # show audit-trail 10 Feb 5 06:13:17 cli[1239]: USER: admin has logged in from 10.240.16.118.
show auth-tracebuf show auth-tracebuf [count <1-250] [failures] [mac
] Description Show the trace buffer for authentication events. Syntax Parameter Description count <1-250> limit the output of the command to the specified number of packets. failures Filter the output of this command to display only authentication failures mac Filter the output of this command to display only information for a specified MAC address.z Additional information (if available), e.g.username, encryption and WPA type, or reason for failure. Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Enable or Config modes on master or local controllers 730 | show auth-tracebuf Dell PowerConnect ArubaOS 6.
show banner show banner Description Show the current login banner Syntax No parameters Usage Guidelines Issue this command to review the banner message that appears when you first log in to the controller’s commandline or browser interfaces. Example (host) # show banner This testlab controller is scheduled for maintenance starting Saturday night at 11 p.m. Related Commands Configure a banner message using the command banner motd. Command History This command was available in ArubaOS 3.0.
show boot show boot Description Display boot parameters, including the boot partition and the configuration file to use when booting the controller. Syntax No parameters. Example (host) # show boot Config File: default.cfg Boot Partition: PARTITION 1 Related Commands Configure boot parameters using the command boot. Command History This command was available in ArubaOS 1.0.
show cellular profile show cellular profile [] | [factory] Description Display the cellular profiles and profile settings. Syntax Parameter Description Enter the name of an existing cellular profile factory Display a list of factory supported cellular profiles. Usage Guidelines Issue this command without the parameter to display configuration parameters for the entire list of available cellular profiles.
Parameters Description Driver One of the following cellular modem drivers: z acm: Linux ACM driver. z hso: Option High Speed driver. z option: Option USB data card driver (default). z sierra: Sierra Wireless driver. Priority Displays the cellular profile priority; profiles with the default priority of 100 will display the word default in the Priority column Range: 1 to 255. Default: 100 Modeswitch One of two USB device modeswitch settings: z eject: Eject the CDROM device.
show clock show clock [summer-time|timezone] Description Display the system clock. Syntax Parameter Description summer-time Show summer (daylight savings) time settings. timezone Show the configured timezone for the controller. Usage Guidelines Include the optional summer-time parameter to display configured daylight savings time settings. The timezone parameter shows the current timezone, with its time offset from Greenwich Mean Time.
show command-mapping show command-mapping [reverse] Description Show the mapping new commands to deprecated commands. Syntax Parameter Description reverse Sort the command map by deprecated command syntax. This command is useful to find the current command syntax for a deprecated command. Usage Guidelines The syntax of many commands changed after the release of ArubaOS 3.0. Use this command to display a list of current commands and their deprecated command equivalents.
show configuration show configuration Description Show the saved configuration on the controller. Syntax No parameters. Usage Guidelines Issue this command to view the entire configuration saved on the controller, including all profiles, ACLs, and interface settings. Example The example below shows part of the output for this command. (host) # show configuration version 3.
show controller-ip show controller-ip Description Show controller’s country and domain upgrade trail. Syntax No parameters. Example The output of this command shows the controller’s IP address and VLAN interface ID. (host) # show controller-ip Switch IP Address: 10.168.254.221 Switch IP is configured to be Vlan Interface: 1 Command History This command was available in ArubaOS 3.
show country show country [trail] Description Show controller’s country and domain upgrade trail. Syntax Parameter Description trail Display the record showing how the switch was reconfigured for it’s current country domain when the controller hardware was upgraded. Usage Guidelines A controller’s country code sets the regulatory domain for the radio frequencies that the APs use. This value is typically set during the controller’s initial setup procedure.
show cp-bwcontracts show cp-bwcontract Description Display a list of Control Processor (CP) bandwidth contracts for whitelist ACLs. Syntax No parameters. Example The CP bw contracts table lists the contract names, the ID number assigned to each contract, and its defined traffic rate in bits per second.
show cpuload show cpuload [current] Description Display the controller CPU load for application and system processes. Syntax Parameter Description current Include this optional parameter at the request of Dell technical support to display additional CPU troubleshooting statistics. Example This example shows that the majority of the controller’s CPU resources are not being used by either application (user) or system processes. (host) #show cpuload user 6.9%, system 7.7%, idle 85.
show crypto dp show show crypto dp [peer ] Descriptions Displays crypto data packets. Syntax Parameter Description dp Shows crypto latest datapath packets. The output is sent to crypto logs. peer Clears crypto ISAKMP state for this IP. Usage Guidelines Use this command to send crypto data packet information to the controller log files, or to clear a crypto ISAKMP state associated with a specific IP address.
show crypto dynamic-map show crypto dynamic-map [tag ] Descriptions Displays IPsec dynamic map configurations. Syntax Parameter Description dynamic-map IPsec dynamic maps configuration. tag A specific dynamic map. Usage Guidelines Dynamic maps enable IPsec SA negotiations from dynamically addressed IPsec peers. Once you have defined a dynamic map, you can associate that map with the default global map using the command crypto map globalmap.
show crypto ipsec show crypto ipsec {mtu|sa[peer ]|transform-set [tag ]} Descriptions Displays the current IPsec configuration on the controller. Syntax Parameter Description mtu IPsec maximum mtu. sa Security associations. peer transform-set tag IPsec security associations for a peer. IPsec transform sets. A specific transform set.
show crypto isakmp show crypto isakmp {groupname}|{key}|{policy}|{sa[peer ]|stats} Descriptions This command displays Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Syntax Parameter Description groupname Show the IKE Aggressive group name. key Show the IKE pre-shared keys. policy Show the IKE configured policies.
Related Commands Command Description Mode crypto isakmp Use this command to configure Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Config mode Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
show crypto map show crypto ipsec map Descriptions This command displays the IPsec map configurations. Syntax Parameter Description map Show the IKE Aggressive group name. Usage Guidelines Use the show crypto map command to view configuration for global, dynamic and default map configurations. Examples The command show crypto map shows statistics for the global, dynamic and default maps.
Related Commands Command Description Mode crypto map global-map Use this command to configure the default global map. Config mode crypto dynamic-map Use this command to configure an existing dynamic map. Config mode crypto map global-map Use this command to configure the default global map. Config mode Command History This command was introduced in ArubaOS 3.0.
show crypto pki show crypto pki csr Descriptions This command displays the certificate signing request (CSR) for the captive portal feature. Syntax Parameter Description csr The certificate signing request. Usage Guidelines Use the show crypto pki command to view the CSR output. 749 | show crypto pki Dell PowerConnect ArubaOS 6.
Examples The command show crypto pki shows output from the crypto pki csr command. (host) #show crypto pki csr Certificate Request: Data: Version: 0 (0x0) Subject: C=US, ST=CA, L=Sunnyvale, O=sales, OU=EMEA, CN=www.mycompany.com/emailAddress=myname@mycompany.
Related Commands Command Description Mode crypto pki Use this command to generate a certificate signing request (CSR) for the captive portal feature. Enable mode crypto pki-import Use this command to import certificates for the captive portal feature. Enable mode Command History This command was introduced in ArubaOS 3.0.
show crypto-local ipsec-map show crypto-local ipsec [tag ] Description Displays the current IPsec map configuration on the controller. Syntax Parameter tag Description Display a specific IPsec map. Usage Guidelines The command show crypto-local ipsec displays the current IPsec configuration on the controller. Examples The command show crypto-local ipsec-map shows the default map configuration along with any specific IPsec map configurations.
Related Commands Command Description Mode crypto-local ipsec-map Use this command to configure IPsec mapping for site-tosite VPN. Config mode Command History This command was introduced in ArubaOS 3.4. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master or local controllers 753 | show crypto-local ipsec-map Dell PowerConnect ArubaOS 6.
show crypto-local isakmp show crypto isakmp {ca-certificates}|{dpd}|{key}|{server-certificate}|{xauth} Descriptions This command displays Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Syntax Parameter Description ca-certificates Shows all the Certificate Authority (CA) certificate associated with VPN clients. dpd Shows the IKE Dead Peer Detection (DPD) configuration on the local controller.
Examples This example shows sample output for the show crypto-local ca-certificate, show crypto-local dpd, show cryptolocal key, show crypto-local server-certificate and show crypto-local xauth commands .
Related Commands Command Description Mode crypto-local isakmp cacertificate Use this command to assign the Certificate Authority (CA) certificate used to authenticate VPN clients. Config mode crypto-local isakmp dpd Use this command to configure IKE Dead Peer Detection (DPD) on the local controller. Config mode crypto-local isakmp key Use this command to configure the IKE preshared key on the local controller for site-to-site VPN.
show crypto-local pki show crypto pki {PublicCert|ServerCert|TrustedCA} Descriptions This command displays imported certificate information. Syntax Parameter Description PublicCert Shows Public key information of a certificate. This certificate allows an application to identify an exact certificate. ServerCert Shows Server certificate information. This certificate must contain both a public and a private key (the public and private keys must match).
show database show database synchronization Description Shows database synchronization status. Syntax No parameters. Usage Guidelines Issue this command to show the status database synchronization status. Example This example shows a database synchronization status.
show datapath show acl id {ap-name }|{ip-addr } application {ap-name |counters|ip-addr } bridge {ap-name |counters|ip-addr |table} bwm table crypto counters debug {dma counters|trace-buffers} esi table frame {ap-name |counters|ip-addr } hardware {counters|statistics} ip-reassembly {ap-name |counters|ip-addr } lag table maintenance counters message-queue counters nat {ap-name |counters|
Syntax Parameter Description acl id Displays datapath statistics associated with a specified ACL. The ACL index is found in the show rights command. ap-name Name of the AP. ip-addr IP address of the AP application counters Shows application counters and errors generated by applications running on a particular AP. These include stateful firewall application layer statistics. ap-name Name of the AP. ip-addr IP address of the AP.
Parameter Description maintenance counters Displays datapath maintenance statistics. message-queue counters Displays statistics of messages received by a CPU from other datapath CPUs (only CPUs that receive messages and non-zero statistics are shown). nat Displays the contents of the datapath NAT entries table. It displays NAT pools as configured in the datapath. Statistics include pool, SITP start, SIP end and DIP. ap-name Name of AP. counters Nat counters.
Parameter Description counters Display the current and high water mark amount of 802.11 associated wireless devices on an Dell controller. Values output from this command represent the water-marks since the last boot of the controller. This is the same value obtainable from the Num Associations output from the show stm connectivity command. mac Hardware address, in hexadecimal format. tcp Displays contents of the tcp tunnel table.
Example In this example, the show datapath user counters command displays datapath user table statistics. . (host) #show datapath user counters Datapath User Table Statistics -----------------------------Current Entries 2 Pending Deletes 0 High Water Mark 2 Maximum Entries 8191 Total Entries 143 Allocation Failures 0 Invalid Users 0 Max link length 1 Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 5.0 The tcp parameter was introduced.
show destination show destination Description Display the aliases for default and user-defined network destinations. Syntax Parameter Description string Optional parameter to view details of a specific destination alias. Example This example displays the network destinations configured in the controller. (host) #show destination controller ---------Position Type IP addr -------- ---- ------1 host 10.16.15.
Command Information Platforms Licensing Command Mode All platforms You must have a PEFNG license to configure or view a destination. Enable or Config mode on master and local controllers 765 | show destination Dell PowerConnect ArubaOS 6.
show dialer group crypto-local show dialer group Description Display dialer group information. Syntax No parameters. Usage Guidelines Displays the Dialer Group Table with the current dialing parameters. Example. (host) #show dialer group Dialer Group Table -----------------Name Init String -------------evdo_us ATQ0V1E0 gsm_us AT+CGDCONT=1,"IP","ISP.CINGULAR" Dial String ----------ATDT#777 ATD*99# Command History Introduced in ArubaOS 3.4.
show dir crypto-local show dir usb: disk Description Display the list of directories in the specified disk and the filesystem path. Syntax Parameter Description Name of the USB device. If you do not know the name of the USB disk, issue the command show usb-storage to view a list of device names. The USB file system path. Example The command below displays the USB directory list for a device named SEGATE-HJ1235_p1.
show dot1x ap-table show dot1x ap-table Description Shows the 802.1x AP table. Syntax No parameters. Example Issue this command to display details from the AP table. AP Table -------MAC IP Essid Mode Profile Acl --------------------00:1a:1e:87:ff:c0 10.3.9.
show dot1x ap-table aes show dot1x ap-table aes Description Shows the AES keys of all APs. Syntax No parameters. Example Issue this command to display AES keys of all APs.
show dot1x ap-table dynamic-wep show dot1x ap-table dynamic-wep Description Shows the dynamic WEP keys of all APs. Syntax No parameters. Example Issue this command to display dynamic keys of all APs.
show dot1x ap-table static-wep show dot1x ap-table static-wep Description Shows the static WEP keys of all APs. Syntax No parameters.
show dot1x ap-table tkip show dot1x ap-table tkip Description Displays a table of TKIP keys on the controller. Syntax No parameters. Example Issue this command to display all TKIP keys.
show dot1x counters show dot1x counters Description Displays a table of dot1x counters. Example Issue this command to display all dot1x count information. 802.1x Counters AP Sync Request...................4 Sync Response..................3 Up.............................4 Down...........................1 Resps..........................4 Acl............................53 Station Sync Request...................9 Sync Response..................9 Up.............................2321 Down.......................
Parameter Station z Sync Request z Sync Response z Up z Down z Unknown EAP RX Pkts z Dropped Pkts z TX Pkts z Description z z z z z z z z WPA Message-1 z Message-2 z Message-3 z Message-4 z Group Message-1 z Group Message-2 z Rx Failed z IE Mismatches z Key Exchange Failures z WPA2 Message-1 z Message-2 z Message-3 z Message-4 z Rx Failed z IE Mismatches z Key Exchange Failures z z z z z z z z z Number of sync requests sent to find all APs and stations that are connected Number of sync responses rece
show dot1x supplicant-info show dot1x supplicant-info Description Shows the details about a specific supplicant. Example Issue this command to display the details about a supplicant Name MAC Address AP MAC Address Status Unicast Cipher Multicast Cipher EAP-Type MYCORPNETWORKS\ccutler 00:19:7e:a9:8e:b0 00:1a:1e:11:5f:11 Authentication Success WPA2-AES WPA2-AES EAP-PEAP Packet Statistics: EAPOL Starts EAP ID Requests EAP ID Responses EAPOL Logoffs from station EAP pkts to the st
Parameter Description EAP-Type Supplicant’s EAP-Type. EAPOL Starts Number of EAPOL starts. EAP ID Requests Number of EAP ID requests. EAP ID Responses Number of EAP ID responses. EAPOL Logoffs from station Number of EAPOL logoffs from the station. EAP pkts to the station Number of EAP packets sent to the station. EAP pkts from station Number of EAP packets sent from the station. Unknown EAP pkts from station Number of unknown EAP packets sent from the station.
Parameter Description ID of the last radius response The ID of the last radius response. Length of the last radius response The length of the last radius response. Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers 777 | show dot1x supplicant-info Dell PowerConnect ArubaOS 6.
show dot1x supplicant-info list-all show dot1x supplicant-info list all Description Shows all 802.1x supplicants. Syntax No parameters. Example Issue this command to display all 802.1x supplicants as well as additional relevant information. 802.
show dot1x supplicant-info pmkid show dot1x supplicant-info pmkid Description Shows the PMKIDs of the various stations on the controller. Syntax No parameters. Example Issue this command to display the PMKIDs of the various stations on the controller.
show dot1x supplicant-info statistics show dot1x supplicant-info statistics Description Shows the 802.1x statistics of the users. Syntax No parameters. Example Issue this command to display the 802.1x statistics of the users. 802.
show esi groups show esi groups [{group-name |{ping-name }] Description Show ESI group information. Syntax Parameter Description group-name View the facility used when logging messages into the remote syslog server. ping-name Enter the name of a set of ping values to how the names of ESI groups using that set of ping attributes. Define a set of ESI ping values using the command esi ping. server Show the IP address of a remote logging server.
show esi parser show esi parser domains|rules|stats Description Show ESI parser information. Syntax Parameter Description domains Show ESI parser domain information. rules Show ESI parser rule information. stats Show ESI parser rule stats. Usage Guidelines The ESI parser is a generic syslog parser on the controller that accepts syslog messages from external third-party appliances such as anti-virus gateways, content filters, and intrusion detection systems.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers. Dell PowerConnect ArubaOS 6.
show esi ping show esi ping [ping-name ] Description Show settings for ESI ping health check attributes. Syntax Parameter Description ping-name Include the optional ping-name parameters to display settings for one specified set of ping settings. Example This example below shows that the controller has three defined sets of ping attributes.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers. Dell PowerConnect ArubaOS 6.
show esi servers show esi servers [{group-name |{server-name }] Description Show configuration information for ESI servers. Syntax Parameter Description group-name Include this optional parameter to display information for all ESI servers assigned to a specific ESI group. server-name Specify an ESI server name to view configuration information for just that server.
Column Description Nat Port Displays the NAT destination TCP/UDP port. ID ID number assigned to the server when it was first defined. Flags This data column displays any flags associated with this server. The flag key appears below the ESI Server Table. Related Commands Platforms Licensing Command Mode esi server This command configures an ESI server. Config mode on master or local controllers. Command History This command was introduced in ArubaOS 2.5.
show faults show fault [history] Description Display a list of faults, which are any problematic conditions of the ArubaOS software or hardware. Syntax Parameter Description history Include this parameter to display a history of faults cleared by the controller or the operator. Usage Guidelines A controller can maintain a list of up to 100 faults. Once 100 faults have been logged, any faults arising after that are dropped. The controller maintains a history of the last 100 faults that have cleared.
Related Commands Command Description Mode clear fault |all Manually clear a single fault by specifying the fault ID number, or clear all faults by including the all parameter. Config mode Command History This command was introduced in ArubaOS 3.0. Command Information 790 | show faults Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers. Dell PowerConnect ArubaOS 6.
show firewall show firewall Description Display a list of global firewall policies. Syntax No parameters Example This example below shows all firewall policies currently configured on the controller.
792 | show firewall Parameter Description Deny all IP fragments If enabled, all IP fragments are dropped. Prohibit IP Spoofing When this option is enabled, IP and MAC addresses are checked; possible IP spoofing attacks are logged and an SNMP trap is sent. Monitor ping attack If enabled, the controller monitors the number of ICMP pings per second. If this value exceeds the maximum configured rate, the controller will register a denial of service attack.
Parameter Description Rate limit CP trusted ucast traffic Displays the trusted unicast traffic rate limit. Rate limit CP trusted mcast traffic Displays the trusted multicast traffic rate limit. Rate limit CP route traffic Displays the traffic rate limit for traffic that needs generated ARP requests. Rate limit CP session mirror traffic Displays the traffic rate limit for session mirrored traffic forwarded to the controller.
show firewall-cp show firewall-cp [internal] Description Displays the captive-portal (CP) firewall policies on the controller. Syntax No Parameters Example The output of this command shows the CP firewall policies.
show gateway health-check show gateway health-check Description Display the current status of the gateway health-check feature. Syntax No parameters. Usage Guidelines The gateway health check feature can only be enabled by Dell Technical Support. Example This example below shows that the gateway health-check feature has not been enabled on the controller.
show global-user-table count show global-user-table show global-user-table count [current-switch] [authentication-method] {dot1x | mac | stateful-dot1x | vpn | web} [role] [bssid] [essid] [ap-name] [phy-type] {a | b | g} [age] Description This command displays a count of global user based on the specified criteria.
Command Information Platforms Licensing Command Mode All platforms Master controller only Base operating system Enable or config mode on master controllers 797 | show global-user-table count Dell PowerConnect ArubaOS 6.
show-global-user-table list show global-user-table list [current-switch] [authentication-method] {dot1x | mac | stateful-dot1x | vpn | web} [role] [bssid] [essid] [ap-name] [phy-type] {a | b | g} [age] [not] [or] [rows] [sort] {sort_by_ap-name | sort_by_authtype | sort_by_bssid | sort_by_current-switch | sort_by_essid | sort_by_ip | sort_by_mac | sort_by_name | sort_by_phy-type | sort_by_role}{asc | desc}
Syntax Parameter Description current-switch Match IP address of the switch where the user is currently associated authentication-method Count users matching the specified authentication method role Count users matching the specified role bssid Count users matching the specified BSSID essid Count users matching the specified ESSID. If the ESSID includes spaces, you must enclose it in quotation marks.
Parameter Description VPN Link IP address of the client VPN gateway. AP name AP name. Roaming Roaming status. Essid User’s extended service set identifier (ESSID). Bssid User’s basic service set identifier (BSSID). Phy User Phy type (a, b or g). Profile Profile name Command History This command was introduced in ArubaOS 3.4.
show guest-access-email show guest-access-email Description This command shows a guest access email profile configuration.The guest access email process sends email to either the guest or the sponsor whenever a guest user account is created or when the Guest Provisioning user manually sends email from the Guest Provisioning page. Syntax No parameters. Usage Guidelines Issue this command to show the current guest access email profile parameters.
show hostname show hostname Description Show the hostname of the controller. Syntax No parameters. Example The output of this command shows the hostname configured for the controller. A hostname can contain alphanumeric characters, spaces, punctuation, and symbol characters. (host) # show hostname hostname is SampleHost. Related Commands Configure the controller’s hostname using the command hostname. Command History This command was available in ArubaOS 1.0.
show ids dos-profile show ids dos-profile Description Show an IDS Denial Of Service (DoS) Profile Syntax Parameter Description Name of an IDS DoS profile. Usage Guidelines Issue this command without the parameter to display the entire IDS DoS profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
The output of this command includes the following parameters: Parameter Description Spoofed Deauth Blacklist Shows if the profile has enabled or disabled detection of a deauth attack initiated against a client associated to an Dell AP. When such an attack is detected, the client is quarantined from the network to prevent a man-in-themiddle attack from being successful.
Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Enable and Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
show ids general-profile show ids general-profile Description Show an IDS General profile. Syntax Parameter Description Name of an IDS General profile. Usage Guidelines Issue this command without the parameter to display the entire IDS General profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Parameter Description STA Inactivity Timeout Time, in seconds, after which a station is aged out. Min Potential AP Beacon Rate Minimum beacon rate acceptable from a potential AP, in percentage of the advertised beacon interval. Min Potential AP Monitor Time Minimum time, in seconds, a potential AP has to be up before it is classified as a real AP. Signature Quiet Time After a signature match is detected, the time to wait, in seconds, to resume checking.
show ids impersonation-profile show ids impersonation-profile Description Show an IDS Impersonation Profile. Syntax Parameter Description Name of an IDS Impersonation profile. Usage Guidelines Issue this command without the parameter to display the entire IDS Impersonation profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Related Commands Configure IDS impersonation profiles using the command ids impersonation-profile. Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Enable and Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
show ids profile show ids profile Description Show an IDS profile. Syntax Parameter Description Name of an IDS profile. Usage Guidelines Issue this command without the parameter to display the entire IDS profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile. Examples The example below shows that the controller has five configured IDS Profiles.
Parameter Description IDS Impersonation profile Name of a IDS Impersonation profile to be applied to an AP or AP group. IDS Unauthorized Device profile Name of a IDS Unauthorized Device profile to be applied to an AP or AP group. Related Commands Configure the IDS profile using the command ids profile. Command History This command was available in ArubaOS 3.0.
show ids rate-thresholds-profile show ids rate-thresholds-profile Description Show an IDS Rate Thresholds profile. Syntax Parameter Description Name of an IDS Rate Threshold profile. Usage Guidelines Issue this command without the parameter to display the entire IDS Rate Threshold profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Parameter Description Channel Threshold Number of a specific type of frame that must be exceeded within a specific interval in an entire channel to trigger an alarm. Node Time Interval Time, in seconds, in which the threshold must be exceeded in order to trigger an alarm. Node Quiet Time The time that must elapse after a node rate alarm before another identical alarm may be triggered. This option prevents excessive messages in the log file.
show ids signature-matching-profile show ids signature-matching-profile Description Show an IDS Signature Matching profile. Syntax Parameter Description Name of an IDS Signature Matching profile. Usage Guidelines Issue this command without the parameter to display the entire IDS Signature Matching profile list, including profile status and the number of references to each profile.
Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Enable and Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
show ids signature-profile show ids signature-profile Description Show an IDS signature profile. Syntax Parameter Description Name of an IDS Signature profile. Usage Guidelines Issue this command without the parameter to display the entire IDS Signature profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
The output of this command includes the following parameters: Parameter Description Frame Type Type of 802.11 frame. For each type of frame, further parameters may be included to filter and detect only the required frames. z assoc: Association frame type. z auth: Authentication frame type. z beacon: Beacon frame type. z control: All control frames. z data: All data frames. z deauth: Deauthentication frame type. z disassoc: Disassociation frame type. z mgmt: Management frame type.
show ids unauthorized-device-profile show ids unauthorized-device-profile Description Show an IDS Unauthorized Device Profile. Syntax Parameter Description Name of an IDS Unauthorized Device profile Usage Guidelines Issue this command without the parameter to display the entire IDS Unauthorized Device profile list, including profile status and the number of references to each profile.
This example displays the configuration settings for the profile ids-unauthorized-device-disabled.
Parameter Description Valid Wired MACs List of valid and protected SSIDs. Allow Well Known MAC Shows if the profile allows devices with known MAC addresses to classify rogue APs. Rogue Containment Shows if the controller will automatically shut down rogue APs. Suspected Rogue Containment Shows if the controller will automatically treat suspected rogue APs as interfering APs.
Command Information Platforms Licensing Command Mode All platforms Base operating system Available in Enable and Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
show image version Description Display the current system image version on both partition 0 and 1. Syntax No parameters. Example The following example shows that the controller is running ArubaOS 3.4 and booting off partition 0:0. (host) #show image version ---------------------------------Partition : 0:0 (/dev/hda1) **Default boot** Software Version : AOS-W 3.3.2.
show interface counters show interface counters Description Displays a table of L2 interfaces counters. Syntax No parameters Example The example below shows the output of show interface counters on an W-600 Series Controller controller.
show interface gigabitethernet show interface gigabitethernet Description Displays information about a specified Gigabit ethernet port. Syntax Parameter Description counters Displays L2 interface counters for the specified interface. switchport Displays L2 interface information. untrusted-vlan Displays port member vlan untrusted status. xsec Displays xsec configuration. Examples The example below shows the output of show interface gigabitethernet 1/0.
Parameter Description BW is... Bandwidth of the link. Last clearing of “show interface counters” Time since “show interface counters” was cleared. link status last changed... Time since “show interface counters” was cleared. Below the time, all current counters related to the specified port are listed. This port is... Whether or not this port is trusted. POE status of the port is... The POE status of the specified port.
The output of this command includes the following parameters: Parameter Description Name Port name. Switchport Whether or not switchport is enabled. Administrative mode Administrative mode . Operational mode Operational mode. Administrative Trunking Encapsulation Encapsulation method used for administrative trunking. Operational Trunking Encapsulation Encapsulation method used for operational trunking. Access Mode VLAN The access mode VLAN for the specified port.
show interface fastethernet show interface fastethernet Description Displays information about a specified fast ethernet port. Syntax Parameter Description access-group Displays access groups configured on this interface. counters Displays L2 interface counters for the specified interface. switchport Displays L2 interface information. untrusted-vlan Displays port member vlan untrusted status. xsec Displays xsec configuration.
Parameter Description BW is... Bandwidth of the link. Last clearing of “show interface counters” Time since “show interface counters” was cleared. This port is... Whether or not this port is trusted. POE status of the port is... The POE status of the specified port. Below the time, all current counters related to the specified port are listed.
#show interface fastethernet 1/0 switchport Name: FE1/0 Switchport: Enabled Administrative mode: trunk Operational mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Access Mode VLAN: 0 ((Inactive)) Trunking Native Mode VLAN: 1 (Default) The output of this command includes the following parameters: Parameter Description Name Port name. Switchport Whether or not switchport is enabled. Administrative mode Administrative mode.
The output of this command includes the following parameters: Parameter Description xsec vlan 7 is ACTIVE This states that xsec is active on the specified port as well as the associated VLAN. Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers 829 | show interface fastethernet Dell PowerConnect ArubaOS 6.
show interface loopback show interface loopback Description Displays information about the loopback IP interface. Syntax No parameters Example The example below shows the output of show interface loopback on a W-600 Series Controller controller. #show interface loopback loopback interface is up line protocol is up Hardware is Ethernet, address is 00:0B:86:51:14:D0 Internet address is 10.3.49.100 255.255.255.
show interface port-channel show interface port-channel Description Displays information about a specified port-channel interface. Syntax Parameter Description access-group Displays access groups configured on this interface. counters Displays L2 interface counters for the specified interface. untrusted-vlan Displays port member vlan untrusted status. xsec Displays xsec configuration. Example The example below shows the output of show interface port-channel 0 on a controller.
Parameter Description Last clearing of “show interface counters” Time since “show interface counters” was cleared. Port-channel 0 is... Whether or not this port-channel is trusted. Below the time, all current counters related to the specified port are listed.
#show interface port-channel 0 untrusted-vlan Name: FE1/0 Untrusted Vlan(s) The output of this command includes the following parameters: Parameter Description Name Name of the specified port. Untrusted Vlan(s) List of untrusted VLANs. #show interface port-channel 0 xsec xsec vlan 7 is ACTIVE The output of this command includes the following parameters: Parameter Description xsec vlan 7 is ACTIVE This states that xsec is active on the specified port as well as the associated VLAN.
show interface tunnel show interface tunnel Description Displays information about tunnel interfaces. Syntax No parameters Example The example below shows the output of show interface tunnel. #show interface tunnel 2000 Tunnel 2000 is up line protocol is up Description: Tunnel Interface Internet address is 3.3.3.1 255.255.255.0 Source 192.168.203.1 Destination 192.168.202.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers 835 | show interface tunnel Dell PowerConnect ArubaOS 6.
show interface vlan show interface vlan Description Displays information about a specified VLAN interface. Syntax No parameters Example The example below shows the output of show interface vlan 1on a W-600 Series Controller controller. #show interface vlan 1 VLAN1 is up line protocol is up Hardware is CPU Interface, Interface address is 00:0B:86:51:14:D0 (bia 00:0B:86:51:14:D0) Description: 802.1Q VLAN Internet address is 10.3.49.50 255.255.255.
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or config mode on master controllers 837 | show interface vlan Dell PowerConnect ArubaOS 6.
show inventory show inventory Description Displays hardware inventory of the controller. Syntax No parameters Example Issue this command to display the hardware component inventory of the controller.
The output includes the following parameters: Note: The output of this command will vary between controllers Parameter Description Supervisor Card Slot Supervisor card slot number Mobility Processor Revision of the image downloaded to the FPGA. This can change if a newer image is included in a newer release. SC Assembly# Assembly number of the supervisor card. SC Serial# Serial number of the supervisor card. SC Model# Model number of the supervisor card.
Parameter Description FAN Status of the specified fan Fan Tray Assembly# Assembly number of the fan tray Fan Tray Serial# Serial number of fan tray Back Plane Assembly# Assembly number of the back plane Back Plane Serial# Serial number of the back plane Power Supply Type Power supply type Power Supply Power supply status M3mk1 Card Temperatures z M3mk1 card z CPU AMP Card Temperatures Processor Card z Mobility Processor z M3mk1 Card Voltages z z z z The
show ip access-group show ip access-group Description Display access control lists (ACLs) configured for each port on the controller. Syntax No parameters. Examples The example below shows part of the output of this command. If a port does not have a defined session ACL, the Port-Vlan Session ACL table will be blank.
show ip access-list show ip access-list {brief|} Description Display a table of all configured access control lists (ACLs), or show details for a specific ACL. Syntax Parameter Description brief Display a table of information for all ACLs. Specify the name of a single ACL to display detailed information on that ACL. Examples The example below shows general information for all ACLs in the Access List table.
Include the name of a specific ACL to show detailed configuration information for that ACL. (Host)# show ip access-list stateful-dot1x ip access-list session stateful-dot1x stateful-dot1x -------------Priority Source Destination Service -------- ------ ----------- ------1 any any svc-dns 2 any any svc-dhcp 3 any 127.0.0.
Parameter Description Queue Shows if the rule assigns a matching flow to a priority queue (high/low). Tos Specifies the configured ToS value (0-63) 8021.p 802.11p priority level applied by the rule (0-7). Blacklist Shows if the rule should blacklist any matching user. Mirror Shows if the rule was configured to mirror all session packets to datapath or remote destination. DisScan Shows if the rule was configured to pause ARM scanning while traffic is present.
show ip cp-redirect-address show ip cp-redirect-address Description Show the captive portal automatic redirect IP address. Syntax No parameters. Examples The example below shows the IP address to which captive portal users are automatically directed. (host) # show ip cp-redirect-address Captive Portal redirect Address... 10.3.63.11 Related Commands Command Description ip cp-redirect-address This command configures a redirect address for captive portal. Command History Introduced in ArubaOS 3.0.
show ip dhcp show ip dhcp {binding|database|statistics} Description Show DHCP Server Settings. Syntax Parameter Description binding Show DHCP server bindings. database Show DHCP server settings. statistics Show DHCP pool statistics. Examples The example below shows DHCP statistics for two configured networks. (host) # show ip dhcp statistics Network Name Free leases Active leases Expired leases Abandoned leases 172.19.42.
show ip domain-name show ip domain-name Description Show the full domain name and server. Syntax No parameters. Examples The example below shows that the IP domain lookup feature is enabled, but that no DNS server has been configured on the controller. (host) #show ip domain-name IP domain lookup: IP Host.Domain name: Enabled MyCompany2400. No DNS server configured Related Commands Command Description ip domain lookup This command enables Domain Name System (DNS) hostname to address translation.
show ip igmp show ip igmp config|counters|{group maddr }|{interface [vlan ]}|{proxygroup vlan }|{proxy-mobility-group maddr }|proxy-mobiity-stats|proxy-stats Description Display Internet Group Management Protocol (IGMP) timers and counters.
The output of this command includes the following parameters: Parameter Description VLAN A VLAN ID number. Addr IP address of a VLAN router. Netmask Subnet mask for the IP address. MAC Address MAC destination address. IGMP Shows if IGMP proxy is enabled or disabled. Snooping Shows if IGMP snooping is enabled or disabled. Querier IP address of an IGMP querier. Destination Traffic destination. IGMP Proxy Shows if IGMP proxy.
Parameter Description version-1-router-present-timeout Timeout, in seconds, if the controller detects a version 1 IGM router. Related Commands Command Description ip igmp This command configures Internet Group Management Protocol (IGMP) timers and counters. Command History Introduced in ArubaOS 3.0. Command Information 851 | show ip igmp Platforms Licensing Command Mode All platforms Base operating system Available in Config or Enable mode on master controllers. Dell PowerConnect ArubaOS 6.
show ip mobile show ip mobile active-domains binding [||brief] domain [] global hat host [||brief] packet-trace [] remote | trace ||{force |} traffic dropped|foreign-agent|home-agent|proxy|proxy-dhcp trail | tunnel visitor [||brief] Description Display statistics and configuration information for the mobile protocol.
Syntax Parameter Description active domains IP mobility domains active on this switch binding Display a list of Home Agent Bindings [] Filter the Home Agent Bindings list to display data for a specific host IP address. [] Filter the Home Agent Bindings list to display data for a specific host MAC address. [brief] Limit the output of this command to show just two lines of data.
Parameter Description visitor Display a list of mobile nodes visiting a foreign agent. [] Filter the Foreign Agent Visitor list to display data for a specific host IP adddress. [] Filter the Foreign Agent Visitor list to display data for a specific host MAC adddress. [brief] Limit the output of this command to show just two lines of data.
Parameter Description DHCP lease Displays the amount of time the station has had its current DHCP lease. Related Commands Command Description ip mobile active-domain This command configures the mobility domain that is active on the controller. ip mobile domain This command configures the mobility domain on the controller. ip mobile foreign-agent This command configures the foreign agent for IP mobility. ip mobile home-agent This command configures the home agent for IP mobility.
show ip nat pool show ip nat pool Description Display pools of IP addresses for network address translation (NAT. Syntax No parameters Examples The example below shows the current NAT pool configuration on the controller. (host) # show ip nat pools NAT Pools --------Name Start IP End IP ---- -------- --------2net 2.1.1.1 2.1.1.125 DNAT IP ------- The output of this command includes the following parameters: Parameter Description Name Name of the NAT pool.
show ip ospf show ip ospf [database]|[debug route]|[interface tunnel|vlan ]|[neighbor]| [redistribute]|[subnet] Description Display statistics and configuration information for the Open Shortest Path First (OSPF) routing protocol. Syntax Parameter Description database Show database information for the OSPF protocol. debug route Show debugging information for OSPF routes. interface tunnel|vlan Display the status of OSPF on an individual interface by specifying a tunnel or VLAN ID number.
To display OSPF settings for an individual interface, you must specify a VLAN or tunnel ID number. The example below displays part of the output of the show ip ospf interface vlan command. (host) # show ip ospf interface vlan 10 Vlan 3 is up, line protocol is up Internet Address 3.3.3.1, Mask 255.255.255.0, Area 10.1.1.1 Router ID 10.4.131.227, Network Type BROADCAST, Cost: 1 Transmit Delay is 1 sec, State WAIT, Priority 1 Designated Router id 0.0.0.0, Interface Address 3.3.3.
Parameter Description BadAuType Number of received packets that have different authentication type than the local interface. BadAuth Number of received packets where authentication failed. BadNeigh Number of received packets which didn’t have a valid neighbor. BadPckType Number of received packets that have wrong OSPF packet type. BadVirtLink Number of received packets that didn’t match have a valid virtual link.
show ip pppoe-info show ip pppoe-info Description Display configuration settings for Point-to-Point Protocol over Ethernet (PPPoE). Syntax No parameters. Examples The example below shows the current PPPoE configuration. (host) #show ip pppoe-info PPPoE PPPoE PPPoE PPPoE username: rudolph123 password: service name: ppp2056 VLAN: 22 The output of this command includes the following parameters: Parameter Description PPPoE username PAP username configured on the PPPoE access concentrator.
show ip radius show ip radius nas-ip|source-interface Description Display global parameters for configured RADIUS servers. Syntax Command Description nas-ip Show the Network Access Server (NAS) IP address attribute sent in outgoing RADIUS requests source-interface Show the source address of outgoing RADIUS requests Examples The example below shows the RADIUS client NAS IP address. (host) #show ip radius nas-ip RADIUS client NAS IP address = 10.168.254.
show ip route show ip route [static] Description View the Dell controller routing table. Syntax Command Description static Include this optional parameter to display only static routes. Usage Guidelines This command displays static routes configured on the controller via the ip route command. Use the ip defaultgateway command to set the default gateway to the IP address of the interface on the upstream router or switch to which you connect the controller.
show ipc statistics app-ap show ipc statistics app-ap {am|sapd|sta} {ap-name }|{bssid }|{ip-addr } Description Display Inter Process Communication (IPC) statistics for a specific AP or BSSID. Syntax Parameter Description am Show IPC statistics for an air monitor. sapd Show IPC statistics for the SAPD process. stm Show IPC statistics for station management communications. ap-name Show IPC statistics for an AP with a specific name.
Parameter Description Rx Msg Number of received messages. Rx Drop Number of received messages that were dropped. Rx Err Number of received messages with errors. Tx Ack Number of transmitted acknowledgements. Allocated Buffers Number of allocated buffers for IPC messages. Static Buffers Number of static buffers for IPC messages. Static Buffer Size Size of the static buffer. Command History This command was available in ArubaOS 1.0.
show ipc statistics app-id show ipc statistics app-id Description Display Inter Process Communication (IPC) statistics for a specific AP or BSSID. Syntax Parameter Description Application ID number. This number must be obtained from Dell support. Usage Guidelines Issue this command at the request of Dell support to troubleshoot application errors. Command History This command was available in ArubaOS 1.0.
show ipc statistics app-name show ipc statistics app-name Description Display Inter Process Communication (IPC) statistics for a specific application.
The output of this command includes the following data columns: Parameter Description Tx Msg Number of transmitted messages. Tx Blk Number of blocking messages transmitted. Tx Ret Number of transmitted messages that were returned. Tx Fail Number of failure messages that were transmitted. Rx Ack Number of received acknowledgements. Rx Msg Number of received messages. Rx Drop Number of received messages that were dropped. Rx Err Number of received messages with errors.
show ipv6 access-list show ipv6 access-list [ | brief] Description Displays IPv6 access list configured in the controller. Syntax Parameter Description string To view details of a specific ACL. brief To view a summary of all IPv6 ACLs. Example This example displays the session access control list details.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers 868 | show ipv6 access-list Dell PowerConnect ArubaOS 6.
show ipv6 datapath session counters show ipv6 datapath session counters Description Displays datapath session table statistics. Example This example displays the session counter statistics.
show ipv6 datapath session table show ipv6 datapath session table Description Displays current IPv6 session on the controller. Syntax Parameter Description Optional parameter. If specified, displays IPv6 datapath session table for that IP address. By defaults, displays session table for all IPv6 addresses. Example This example displays the session access control list details.
Parameter Description Age Age of the session in seconds. Destination Destination slot of the controller. Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers Dell PowerConnect ArubaOS 6.
show ipv6 datapath user counters show ipv6 datapath user counters Description Displays datapath user table statistics. Example This example displays the user table statistics for IPv6 users. (host) #show ipv6 datapath user counters Datapath User Table Statistics -----------------------------Current Entries 0 Pending Deletes 0 High Water Mark 0 Maximum Entries 2047 Total Entries 0 Allocation Failures 0 Invalid Users 0 Max link length 0 Command History This command was available in ArubaOS 3.0.
show ipv6 datapath user table show ipv6 datapath user table Description Displays ipv6 datapath user table entries. Example This example displays the user table entries in the datapath.
show ipv6 firewall show ipv6 firewall Example This example displays the status of all firewall configurations.
Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers Dell PowerConnect ArubaOS 6.
show ipv6 mld config show ipv6 mld config Description Displays Multicast Listener Discover (MLD) configuration details. Example This example displays the current MLD configuration values.
show ipv6 mld counters show ipv6 mld counters Description Displays the statistics of MLD. Example This example displays the MLD statistics for the following values.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable or Config mode on master and local controllers 878 | show ipv6 mld counters Dell PowerConnect ArubaOS 6.
show ipv6 mld group show ipv6 mld group Example This example displays MLD group details. (host) #show ipv6 mld group MLD Group Table --------------Group Members ----- ------- The output of this command includes the following parameters: Parameter Description Group Name of MLD groups. Members Number of members in an MLD group. Command History This command was available in ArubaOS 3.3.
show ipv6 mld interface show ipv6 mld interface Example This example displays MLD status on VLANs. To view details for a specific VLAN, you can specify the VLAN ID. (host) #show ipv6 mld interface MLD Interface Table ------------------VLAN Addr ---- ---224 10.224.224.1 1 10.15.44.10 50 156.1.50.1 211 211.1.1.1 51 156.1.51.1 999 99.1.1.2 7 7.7.7.1 170 192.170.1.1 Netmask ------255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.
show ipv6 user-table show ipv6 user-table [authentication-method {dot1x | mac | stateful-dot1x | vpn | web} | bssid | debug {rows | unique} | essid | internal {rows} | ip | location | mac | mobile {bindings | rows | unique | visitors} | name | phy-type {a | b} | role | rows | station | verbose ] Description Displays IPv6 user table entries. You can filter the output based on various parameters are described in table.
Syntax Parameter Description authentication-method Displays entries in the IPv6 user-table that matches the following authentication methods: z dot1x z mac z stateful-mac z vpn z web bssid Displays entries in the IPv6 user-table that are associated to the specified BSSID. debug Displays entries in the IPv6 user-table that are in debug mode. essid Displays entries in the IPv6 user-table that are associated to the specified ESSID. If the ESSID includes spaces, you must enclose it in quotation marks.
The output of this command includes the following parameters: Parameter Description IP IP address of the client in that row that authenticating using dot1x MAC MAC address of the client. Name Name of the client. Role The role assigned to the client. Age (d:h:m) Total time that client is connected to controller. Auth Authentication type. AP name Name of the AP associated with the client. Roaming Current roaming status of the client.
show keys show keys [all] Description Show whether optional keys and features are enabled or disabled on the controller. Syntax Parameter Description all Include this optional parameter to display the status of all optional keys and features. If this parameter is omitted, the output displays the status of the most commonly used features and keys. Example The following example displays the status of the most commonly used keys and features on the controller.
Command Information 884 | show keys Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers Dell PowerConnect ArubaOS 6.
show lacp show lacp {counters | internal | neighbor} Description View the LACP configuration status. Syntax Parameter Description Enter the Link aggregation group number. Range: 0-7 counters Enter the keyword counters to view the LACP traffic. internal Enter the keyword internal to view the LACP internal information. neighbor Enter the keyword neighbor to view the LACP neighbor information. Example The port uses the group number +1 as its “actor admin key”.
Related Command Command Description lacp group Enable LACP and configure on the interface show interface port-channel View information on a specified port-channel interface show lacp sys-id View the LACP system ID information Command History Release Modification ArubaOS 3.4.1 Command introduced Command Information 886 | show lacp Platform Licensing Command Mode All Platforms Base operating system Enable and Configuration modes for Master and Local controllers Dell PowerConnect ArubaOS 6.
show lacp sys-id show lacp sys-id Description View the LACP system MAC address and port priority. Example This command returns the port priority and the MAC address (comma separated).
show license show license [limits] Description Displays the license table. Syntax Parameter Description limits Enter the keyword limit to display the current license limits. Example An example output of the show license command.
Parameter Description Flags This column displays some status about your license. The legend for this column appears at the bottom of the display output. They are: A: The license is auto-generated. E: The license if fully enabled. R: You must reboot your controller to fully enable this license. Service Type The license name (feature). Related Commands To view additional statistics for license key usage, use the command show keys. Command History Release Modification ArubaOS1.0 Command introduced.
show license-usage show license-usage ap|user|xsec Description Display license usage information. Syntax Parameter Description ap Show AP license usage information. user Show Policy Enforcement Firewall (PEF) user license usage. vpn Deprecated xsec Show Extreme Security (xSec) user and tunnel license usage. Example The following example displays the AP license usage.
Command History Release Modification ArubaOS 3.0 Command Introduced. ArubaOS 3.3 The following parameters were introduced in the output of show license-usage ap. Total 802.11n-120abg Licenses z 802.11n-120abg Licenses Used z Total 802.11n-121abg Licenses z 802.11n-121abg Licenses Used z Total 802.11n-124abg Licenses z 802.11n-124abg Licenses Used z Total 802.11n-125abg Licenses z 802.11n-125abg Licenses Used z ArubaOS 5.
show localip show localip Description Displays the IP address and VPN shared key between master and local. Syntax No parameters. Example The output of this command shows the controller’s IP address and shared key between master and local controllers. (host) # show localip Local Switches configured by Local Switch IP --------------------------------------------Switch IP address of the Local Key ------------------------------ --0.0.0.0 ******** Command History This command was available in ArubaOS 3.
show local-userdb show local-userdb {[maximum-expiration][start page The user account record’s location (by number) as it is listed in the database. The number of user account records that display on one page.
Parameter Description Status Shows whether the profile has enabled or disabled the ability to use the HTTP protocol to redirect users to the captive portal page. Sponsor-Name Shows the sponsor’s name. Grantor-Name Shows the grantor’s name. User Entries Shows the number of user accounts in the database. Related Commands Command Description Mode local-userdb add Use this command to configure the parameters displayed in the output of this show command.
show local-userdb username show local-userdb username Description Shows information about specific user account in the internal controller database. Usage Guidelines Issue this command to display an overview of a particular user account in the database. Example This example shows the basic summary of a user account Paula in the database.
show local-userdb-remote-node show local-userdb-remote-node mac-address start Description The output of this command lists the MAC address and assigned Remote Node profile for of each Remote Node Controller associated with that Remote Node Controller master. Syntax Parameter Description mac-address How long the account is valid, in minutes, in the internal database. start The user account record’s location (by number) as it is listed in the database.
Related Commands Command Description Mode remote-node-profile The remote-node-profile command lets you create a Remote Node Controller profile. Config mode Command History Release Modification ArubaOS 6.0 Command introduced Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master and local controllers 897 | show local-userdb-remote-node Dell PowerConnect ArubaOS 6.
show log all show log all [] Description Show the controller’s full log. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. Example This example shows the most ten recent log entries for the controller.
show log ap-debug show log ap-debug{[][all]} Description Show the controller’s AP debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the AP debug logs for the controller. Example This example shows the ten most recent AP debug logs for the controller.
show log bssid-debug show log bssid-debug{[][all]} Description A Basic Service Set Identifier (BSSID) uniquely defines each wireless client and Wireless Broadband Router. This command shows the controller’s BSSID debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the BSSID debug logs for the controller. Command History This command was available in ArubaOS 3.0.
show log errorlog show log errorlog{[][all]} Description Show the controller’s system errors and other critical information. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the error logs for the controller. Example This example shows the ten most recent system log errors. (host) #show log errorlog 10 Mar 5 10:30:34 |AP 1.1.1@10.3.49.
show log essid-debug show log essid-debug{[][all]} Description Show the controller’s ESSID debug logs. An Extended Service Set Identifier (ESSID) is used to identify the wireless clients and Wireless Broadband Routers in a WLAN. All wireless clients and Wireless Broadband Routers in the WLAN must use the same ESSID. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log.
show log network show log network{[][all]} Description Show the controller’s system network errors. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the network logs for the controller. Example This example shows the controller’s recent network log errors.
show log security show log security{[][all]} Description Show the controller’s security logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the security logs for the controller. Example This example shows the controller’s last seven security logs.
show log system show log system{[][all]} Description Show the controller’s system logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the system logs for the controller. Example This example shows the controller’s last ten system logs.
show log user show log user{[][all]} Description Show the controller’s user logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the user logs for the controller. Example This example shows the controller’s last ten user logs. (host) #show log user 10 Mar 5 13:29:57 :501083: 00:0b:86:a2:e7:40-1.1.1 Mar 5 13:32:08 :501083: 00:0b:86:a2:e7:40-1.1.1 Mar 5 13:36:41 :501083: 00:0b:86:a2:e7:40-1.1.
show log user-debug show log user-debug{[][all]} Description Show the controller’s user debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the user debug logs for the controller. Example This example shows the controller’s last ten user debug logs.
show log wireless show log wireless{[][all]} Description Show the controller’s wireless logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the wireless logs for the controller. Example This example shows the controller’s last ten wireless logs. (host) #show log wireless 10 Mar 5 13:59:31 :404003: |AP 1.1.1@10.3.49.
show logging show logging facility|server|{level [verbose]} Description the IP address of the remote logging server, as well as facility log types and their associated facility levels. Syntax Parameter Description facility View the facility used when logging messages into the remote syslog server. server Show the IP address of a remote logging server. level [verbose] Show logging levels at which the messages are logged.
This example below displays the IP address of a remote log server. If a remote log server has not yet been defined, this command will not display any output. (host) #show logging server Remote Server: 1.1.1.
show loginsessions show loginsessions Description Displays the current administrator login sessions statistics. Syntax No parameters. Example Issue this command to display the admin login session statistics.
show mac-address-table show mac-address-table Description Displays a MAC forwarding table. Syntax No parameters. Example Issue this command to display the MAC forwarding table.
show master-configpending show master-configpending Description Displays the list of global commands which are not saved and are not sent to the local controller. Syntax No parameters. Example This example below displays the commands which are not saved and are not sent to the local controller. (host) #show master-configpending aaa profile "default-xml-api" aaa xml-api server "10.17.93.2" aaa xml-api server "10.17.93.2" aaa xml-api server "10.17.93.
show master-local stats show master-local stats [] [] Description Display statistics for communication between master and local controllers. Syntax Parameter Description Include the IP address of a controller to display statistics that controller only. Start displaying the output of this command at the specified page number. Usage Guidelines By default, master and Local controllers exchange heartbeat messages every 10 seconds.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on master or local controllers. 916 | show master-local stats Dell PowerConnect ArubaOS 6.
show master-redundancy show master-redundancy Description Display the master controller redundancy configuration. Syntax No parameters. Example This example below shows the current master redundancy configuration, including the ID number of the master VRRP virtual router and the IP address of the peer controller for master redundancy. (host) #show master-redundancy Master redundancy configuration: VRRP Id 2 current state is MASTER Peer's IP Address is 2.1.1.
show memory show memory [ap {meshd|rfd|sapd} {ap-name }|{bssid }|{ip-addr }] |[auth | cfgm |debug [[verbose]]|dbsync |fpapps | fpcli| isakmpd | l2tpd | mobileip | ospf | pim | pptpd | profmgr | slb| snmpd | stm | udbserver |wms] Description Show the amounts of free and available memory on the controller, or include a process name to show memory information for a process on the AP or controller. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description ap Show memory information for a process running on a specific AP. meshd Display memory information for the meshd process on the specified AP. rfd Display memory information for the rfd process on the specified AP. sapd Display memory information for the rfd process on the specified AP. ap-name Display memory information for an AP with the specified AP name. bssid Display memory information for an AP with the specified BSSID.
Example The command show memory displays, in Kilobytes, the total memory on the controller, the amount of memory currently being used, and the amount of free memory. (host) # show memory Memory (Kb): total: 256128, used: 162757, free: 93371 Include the name of a process to show memory statistics for that process. The example below shows memory statistics for mobileip.
Command Information 921 | show memory Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show mgmt-role show mgmt-role Description This command allows the user to view a list of management role configurations. Syntax No parameters. Example Issue this command to display a list of management user roles.
show mgmt-users show mgmt-users [ | local-authentication-mode | ssh-pubkey | webui-cacert ] Description Displays list of management users on the controller and also details of each management users. Syntax Parameter Description username To view details of a specific management user. local-authentication-mode Status of local-authentication mode. ssh-pubkey Number of management users using the ssh-pubkey.
show netdestination show netdestination Description Displays network destination information. Syntax No parameters. Example Issue this command to display all netdestination configured on this controller. The output shown displays information for all configuration netdestinations. To display additional detailed information for an individual netdestinations, include the name of the netdestination at the end of the command.
Command Information Platforms Licensing Command Mode All platforms You must have a PEFNG license to configure or view a netdestination. Enable or config mode on master controllers 924 | show netdestination Dell PowerConnect ArubaOS 6.
show netservice show netservice [] Description Show network services Syntax Parameter Description Name of a network service. Usage guidelines Issue this command without the optional parameter to view a complete table of network services on the controller. Include the parameter to display settings for a single network service only. Example The following example shows the protocol type, ports and application-level gateway (ALG) for the DHCP service.
show netstat show netstat [stats] Description Show current active network connections. Syntax Parameter Description Show network statistics, filtered by protocol type. Usage guidelines Issue this command without the optional stats parameter to view a complete table of active network connections. Include the stats parameter to display aggregate statistics for IP, ICMP, TCP and UDP protocols. Dell PowerConnect ArubaOS 6.
Example The following example shows incoming and outgoing packet statistics for the controller.
show network-printer show network-printer [config | job | status] Description Displays configuration, job status details, and printer status of USB printers connected to a Aruba 600 series controller. Syntax Parameter Description config Displays the configuration details of the printer service on the controller. job Displays the list of job in queue in all printers connected to the controller. status Displays the status of all printers connected to the controller.
show network-storage show network-storage [ files opened | shares { | disk | status | users {disk } ] Description Displays details about the USB storage device connect to a Aruba 600 series controller. Syntax Parameter Description files opened Displays the list of opened files in the USB storage device connected to the controller. shares Displays the list of shares that are created in the USB storage device.
show ntp peer show ntp peer Description Show NTP peer information. Syntax Parameter Description IP address of an NTP peer Usage guidelines The show ntp peer command is used for NTP server troubleshooting, and should only be used under the supervision of Dell technical support. Issue the show ntp servers command to view basic settings for currently configured NTP servers. Related Commands To configure an NTP server, use the command ntp server.
show ntp servers show rft servers [brief] Description Show information for Network TIme Protocol (NTP) servers. Syntax Parameter Description brief Display only the IP address of the defined NTP servers. Example The following example shows values for the primary and backup NTP servers. The primary server is marked with an asterisk (*) and the backup server is marked with an equals sign (=). Note that a backup server will not display delay, offset or dispersion data, as it is not currently in use.
Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers Dell PowerConnect ArubaOS 6.
show ntp status show ntp status Description Show information for a NTP server. Syntax No parameters. Example The following example shows values for the primary NTP server.
Parameter Description packets rejected Number of NTP packets rejected because they had an invalid format. system peer The IP address of the peer NTP server. system peer mode The peer mode of this remote association: z Symmetric Active z Symmetric Passive z Client z Server z Broadcast leap indicator This parameter indicates whether or not a leap-second should be inserted or removed at the end of the last day of the current month.
show packet-capture show packet-capture Description Displays packet capture status on the controller. Syntax No parameters. Example The output of this command shows the packet capture configuration details. (host) # show packet-capture Current Active Packet Capture Actions(current switch) ===================================================== Packet filtering TCP with 1 port(s) enabled: 2 Packet filtering UDP with 1 port(s) enabled: 5 Packet filtering for internal messaging opcodes disabled.
show packet-capture-defaults show packet-capture-defaults Description Displays the status of default packet capture options. Syntax No parameters. Example The output of this command shows packet capture status. (host) # show packet-capture-defaults Current Active Packet Capture Actions(current switch) ===================================================== Packet filtering for TCP ports disabled. Packet filtering for UDP ports disabled. Packet filtering for internal messaging opcodes disabled.
show papi-security show papi-security Description This command shows a configured papi-security profile. Syntax Parameter Description Range Default PAPI Key The key string. The key authenticates the messages between systems. Range: 10–64 characters — Enhanced security mode Indicates if the enhanced security mode is enabled or disabled. This mode causes the system to reject messages when an incorrect key is used.
show phonehome show phonehome global history report-status stats Description Use this command to view current configuration settings and debugging statistics for the phonehome automatic reporting feature. Syntax Parameter Description global Show whether the phonehome service and auto-reporting is enabled or disabled, and display current SMTP settings for this feature. history Issue this command under the guidance of Dell support troubleshoot phonehome automatic reporting.
Example The following command turns on the PhoneHome feature, enables weekly auto-reports, and identifies the SMTP server to be used by this feature: (host) #show phonehome global PhoneHome information: PhoneHome Service: PhoneHome Auto-Report: Local SMTP server: SMTP From Email: Max Attachment Size: Disabled Disabled 172.21.18.170:25 admin@mycorp.com 10 MB Command History This command was introduced in ArubaOS 6.0.
show poe show poe [slot/port] Description Displays the PoE status of all or a specific port on the controller. Syntax No parameters. Example The output of this command shows the PoE status of port 10 in slot 1. (host) # show poe 1/10 PoE Status ---------Port Status --------FE 1/10 Off Voltage(mV) ----------N/A Current(mA) ----------N/A Power (mW) ---------N/A Command History This command was available in ArubaOS 3.
show port link-event show port link-event Description Displays the link status on each of the port on the controller. Syntax No parameters. Example The output of this command shows the link status on all ports in the controller.
show port monitor show port monitor Description Displays the list of ports that are configured to be monitored. Syntax No parameters. Example The output of this command shows the link status on all ports in the controller. (host) # show port monitor Monitor Port -----------FE 1/10 Port being Monitored -------------------FE 1/20 Command History This command was available in ArubaOS 3.3.
show port stats show port status Description Displays the activity statistics on each of the port on the controller. Syntax No parameters. Example The output of this command shows the link status on all ports in the controller. (host) # #show port stats Port Statistics --------------Port PacketsIn -----------...
show port status show port status Description Displays the status of all ports on the controller. Syntax No parameters. Example The output of this command shows the status of all ports in the controller. (host) # show port status Port Status ----------Slot-Port PortType --------- -------1/0 FE 1/1 FE 1/2 FE 1/3 FE 1/4 FE 1/5 FE 1/6 FE 1/7 FE 1/8 FE 1/9 FE 1/10 FE 1/11 FE 1/12 FE 1/13 FE 1/14 FE 1/15 FE 1/16 FE ...
show port trusted show port trusted Description Displays the list of ports configured with trusted profiles. Syntax No parameters. Example The output of this command shows the list of ports with trusted profile. (host) # show port trusted FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE GE GE 1/0 1/1 1/2 1/3 1/4 1/5 1/6 1/7 1/8 1/9 1/10 1/11 1/12 1/13 1/14 1/15 1/16 1/17 1/18 1/19 1/20 1/21 1/22 1/23 1/24 1/25 Command History This command was available in ArubaOS 3.3.
show port xsec show port xsec Description Displays the list of xSec enabled ports. Syntax No parameters. Example The output of this command shows the list of xSec enabled ports. (host) # #show port xsec Xsec Ports ---------Interface xsec vlan --------- --------- state ----- Command History This command was available in ArubaOS 3.3.
show priority-map show priority-map Description Displays the list of priority maps on a interface. Syntax No parameters. Example The output of this command shows the priority maps configured on all interfaces. (host) # show priority-map Priority Map ------------ID Name DSCP-TOS -- ----------1 my-map 4-20,60 DOT1P-COS --------4-7 Command History This command was available in ArubaOS 3.
show processes show processes [sort-by {cpu | memory}] Description Displays the list of all process running on the controller. You can sort the list either by CPU intensive or memory intensive processes. Syntax Parameter Description sort-by To add sort filter to the output cpu This will sort output based on CPU usage. memory This will sort output based on memory usage. Example The output of this command shows list of processes sorted by CPU usage.
show profile-errors show profile-errors Description Displays the list of invalid user-created profiles. Syntax No parameters. Example The output of this command shows list of profiles that are invalid and also displays the error in those profiles. In this example, the VLAN 1000 that is mapped to virtual-ap test-vap does not exist.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 951 | show profile-errors Dell PowerConnect ArubaOS 6.
show profile-hierarchy show profile-hierarchy Description Displays the profile hierarchy template. Syntax No parameters. Example The output of this command shows how profiles relate to each other, and how some higher-level profiles reference other lower-level profiles.
Command History This command was available in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 953 | show profile-hierarchy Dell PowerConnect ArubaOS 6.
show provisioning-params show provisioning-params Description Displays the list of parameters and the values used to provision the APs. Syntax No parameters. Example The output of this command shows list of all provisioning parameters and their values.
Command History This command was available in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 955 | show provisioning-params Dell PowerConnect ArubaOS 6.
show profile-list aaa show profile-list aaa [{authentication [captive-portal | dot1x | mac | stateful-ntlm | wispr]} |{authentication-server [ldap | radius | tacacs | windows]} | {profile} | {rfc3576-server} | {server-group} | {xml-api}] Description Displays the list of AAA profiles. Syntax Parameter Description authentication List of aaa authentication profiles. captive-portal Captive portal authentication profiles. dot1x 802.1x authentication profiles. mac MAC authentication profiles.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers 957 | show profile-list aaa Dell PowerConnect ArubaOS 6.
show profile-list ap show profile-list ap [ enet-link-profile | mesh-cluster-profile | mesh-ht-ssid-profile | mesh-radio-profile | regulatory-domain-profile | snmp-profile | snmp-user-profile | system-profile | wired-ap-profile ] Description Displays the list of AP profiles. Syntax Parameter Description enet-link-profile Display a list of AP ethernet link profiles. mesh-cluster-profile Display a list of mesh cluster profiles used by mesh nodes.
show profile-list ap-group show profile-list ap-group Description Displays the status of AP groups profiles in the controller. Syntax No parameters. Example The output of this command shows the status of AP group profiles in the controller. (host) # show profile-list ap-group AP group List ------------Name Profile Status ----------------default Total:1 Command History This command was available in ArubaOS 3.
show profile-list ap-name show profile-list ap-name Description Displays the status of AP profiles in the controller. Syntax No parameters. Example The output of this command shows status of AP profiles in the controller. (host) # show profile-list ap-name AP name List -----------Name Profile Status ---- -------------Total:0 Command History This command was available in ArubaOS 3.
show profile-list ids show profile-list ids [dos-profile | general-profile | impersonation-profile | profile | rate-thresholds-profile | signature-matching-profile | signature-profile | unauthorized-device-profile ] Description Displays the status of all IDS profiles in the controller. Syntax Parameter Description dos-profile Display a list of IDS DoS profiles. general-profile Display a list of IDS generate profiles. impersonation-profile Display a list IDS impersonation profile.
show profile-list rf show profile-list rf [ arm-profile | dot11a-radio-profile | dot11g-radio-profile | event-thresholds-profile | ht-radio-profile | optimization-profile ] Description Displays the status of all radio profiles. Syntax Parameter Description arm-profile Details of Adaptive Radio Management (ARM) Profile. dot11a-radio-profile Details of AP radio settings for the 5GHz frequency band, including the ARM profile and the high-throughput (802.11n) radio profile.
show profile-list wlan show profile-list wlan [ dotllk-profile | edca-parameters-profile | ht-ssid-profile | ssid-profile | traffic-management-profile | virtual-ap | voip-cac-profile | wmmtraffic-management-profile] Description Displays the status of WLAN profiles on the controller. Syntax Parameter Description dot11k-profile Show a list of all 802.
show provisioning-ap-list show provisioning-ap-list Description Displays the list of all APs that are in queue to be provisioned by the admin. Syntax No parameters. Command History This command was available in ArubaOS 3.4 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show rap-wml show rap-wml [cache | server | wired-mac ] Description Displays the name and attributes of a MySQL database or a MySQL server. Syntax Parameter Description cache Displays the cache of all lookups for a database server. servers Displays the database server state. wired-mac Displays the wired MAC discovered on traffic through the AP. Example The output of this command shows status of all database servers.
show references aaa authentication crypto-local show references aaa authentication {captive-portal }|{dot1x }|{mac }|mgmt|stateful-dot1x|{stateful-ntlm }|vpn|wired|{wispr {profile-name>} [page ] [start ] Description Show AAA profile references. Syntax Parameter Description captive-portal Show the number of references to a captive-portal profile. dot1x Show the number of references to a 802.
Command History. Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4.1 The stateful-ntlm and wispr parameters were introduced. Command Information Platforms Licensing Command Mode Available on all platforms Base operating system Config mode on master and local controllers 967 | show references aaa authentication Dell PowerConnect ArubaOS 6.
show references aaa authentication-server crypto-local show references aaa authentication-server {ldap }|{radius }|{tacacs } [page ] [start ] Description Display information about AAA authentication servers. Syntax Parameter Description ldap Show the number of server groups that include references to the specified LDAP server.
show references aaa profile crypto-local show references aaa profile Description Show references to an AAA Profile. Syntax Parameter Description profile Name of an AAA profile for which you want to view references. Example Issue this command to show the wlan virtual AP profiles that include references to the specified AAA profile. The example below shows that seven different virtual AP profiles include a single reference to the AAA profile default.
show references aaa server-group crypto-local show references aaa server-group [page] [start]} Description Show references to a server group. Syntax Parameter Description server-group Name of the server group for which you want to show references page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references ap crypto-local show references ap enet-link-profile mesh-cluster-profile mesh-ht-ssid-profile mesh-radio-profile regulatory-domain-profile system-profile wired-ap-profile page start Description Show the number of references to a specific AP profile.
(host)#show references ap enet-link-profile default References to AP Ethernet Link profile "default" -----------------------------------------------Referrer Count -----------ap-group "10.0.0" enet0-profile 1 ap-group "10.0.
show references guest-access-email crypto-local show references guest-access-email [page ] [start ] Description Show references to the global guest access email profile. Syntax Parameter Description page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references ids crypto-local show references ids dos-profilegeneral-profile general-profile impersonation-profile profile rate-thresholds-profile signature-matching-profile signature-profile unauthorized-device-profile Description Displays IDS profile references.
show references papi-security crypto-local show references papi-security [page ] [start ] Description Show references to a PAPI security profile. Syntax Parameter Description page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references rf crypto-local show references rf dot11a-radio-profile dot11g-radio-profile event-thresholds-prof ht-radio-profile optimization-profile Description Show RF profile references. Syntax Parameter Description dot11a-radio-profile Show references to a 802.11a radio profile dot11g-radio-profile Show references to a 802.
show references user-role crypto-local show references user-role Description Show access rights for user role. Syntax Parameter Description The role name assigned to a user.
show references web-server crypto-local show references web-server [page ] [start ] Description Show the Web server configuration references. Syntax Parameter Description page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references wlan crypto-local show references wlan dot11k-profile edca-parameters-profile ht-ssid-profile ssid-profile traffic-management-pr virtual-ap voip-cac-profile Description Shows WLAN profile references. Syntax Parameter Description dot11k-profile Shows references to a 802.11K profile. edca-parameters-profile Shows references to an EDCA parameters profile.
show remote-node Description Shows configuration and other information about the remote node. Syntax Parameter Description config Shows configuration information for the remote node. dhcp-instance Shows the remote node address pool information including pool name, DHCP pool start IP address, DHCP pool mask, DHCP pool broadcast IP address, and the DHCP pool gateway IP address.
Examples This example shows a remote node configuration.
Related Commands Command Description Mode remote-node-profile Use this command to create a Remote Node profile. Enable and Config modes remote-node-localip Use this command to configure the switch-IP address and preshared key for the local Remote Node on a master Remote Node. Enable and Config modes remote-node-masterip Use this command to configure the IP address and preshared key for the master Remote Node on a local Remote Node.
show remote-node-dhcp-pool show remote-node-dhcp-pool Description The output of this command lists shows Remote Node DHCP pool summary information. Syntax Parameter Description remote-node-profilename Name of the Remote Node profile Usage Guidelines Each Remote Node profile contains a Remote Node DHCP address pool, which defines a range of IP addresses allocated for Remote Node controllers at a remote site, and the VLAN to be associated with those addresses.
Related Commands Command Description Mode remote-node-profile The remote-node-profile command lets you create a Remote Node profile. Config mode Command History Release Modification ArubaOS 6.0 Command introduced Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master and local controllers 985 | show remote-node-dhcp-pool Dell PowerConnect ArubaOS 6.
show remote-node-profile show remote-node-profile Description The output of this command shows Remote Node profile configuration information. Syntax Parameter Description remote-node-profilename Name of the Remote Node profile Usage Guidelines This show remote-node-profile command shows the configuration status of a Remote Node profile. To create a Remote Node profile, use the remote-node-profile command to create a Remote Node profile.
Related Commands Command Description Mode remote-node-profile The remote-node-profile command lets you create a Remote Node profile. Config mode Command History Release Modification ArubaOS 6.0 Command introduced Command Information Platforms Licensing Command Mode All platforms Base operating system Enable mode on master and local controllers 987 | show remote-node-profile Dell PowerConnect ArubaOS 6.
show rf arm-profile show rf arm-profile [] Description Show an Adaptive Radio Management (ARM) profile. Syntax Parameter Description Name of an ARM profile. Usage Guidelines Issue this command without the parameter to display the entire ARM profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
This example displays the configuration settings for the profile Wireless_rf_profile.
Parameter Description Scan Interval If Scanning is enabled, the Scan Interval defines how often the AP will leave its current channel to scan other channels in the band. Off-channel scanning can impact client performance. Typically, the shorter the scan interval, the higher the impact on performance. If you are deploying a large number of new APs on the network, you may want to lower the Scan Interval to help those APs find their optimal settings more quickly.
Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers 991 | show rf arm-profile Dell PowerConnect ArubaOS 6.
show rf dot11a-radio-profile show rf dot11a-radio-profile [] Description Show an 802.11a Radio profile. Syntax Parameter Description Name of an 802.11a profile. Usage Guidelines Issue this command without the parameter to display the entire 802.11a Radio profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
This example displays the configuration settings for the profile default. (host) # show rf dot11a-radio-profile default Parameter --------Radio enable Mode High throughput enable (radio) Channel Beacon Period Beacon Regulate Transmit EIRP Advertise 802.11d and 802.
Parameter Description Spectrum Load balancing mode SLB Mode allows control over how to balance clients. Channel-based load-balancing balances clients across channels. Radio-based load-balancing distributes clients across radios on the same band, independent of channels. Spectrum Load balancing mode update interval This parameter specifies how often spectrum load balancing calculations are made (in seconds). The default value is 30 seconds.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 3.3.2 Introduced support for the high-throughput IEEE 802.11n standard. ArubaOS 3.4.0 Support for the following parameters: Spectrum load balancing z RX Sensitivity Tuning Based Channel Reuse z RX Sensitivity Threshold z ARM/WIDS Override z ArubaOS 3.4.
show rf dot11g-radio-profile show rf dot11g-radio-profile [] Description Show an 802.11g Radio profile. Syntax Parameter Description Name of a 802.11g profile. Usage Guidelines Issue this command without the parameter to display the entire 802.11g profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
This example displays the configuration settings for the profile airwave. (host) # show rf dot11g-radio-profile default 802.11g radio profile "default" ------------------------------Parameter --------Radio enable Mode High throughput enable (radio) Channel Beacon Period Beacon Regulate Transmit EIRP Advertise 802.11d and 802.
Parameter Description Advertise 802.11d and 802.11h Capabilities If enabled, the radio advertises its 802.11d (Country Information) and 802.11h (Transmit Power Control) capabilities. TPC Power The transmit power advertised in the TPC IE of beacons and probe responses. Spectrum Load balancing mode SLB Mode allows control over how to balance clients. Channel-based load-balancing balances clients across channels.
Parameter Description Management Frame Throttle Limit Maximum number of management frames that can come in from this radio in each throttle interval. ARM/WIDS Override If enabled, this option disables Adaptive Radio Management (ARM) and Wireless IDS functions and slightly increases packet processing performance. If a radio is configured to operate in Air Monitor mode, then the ARM/WIDS override functions are always enabled, regardless of whether or not this check box is selected. Protection for 802.
show rf event-thresholds-profile show rf event-thresholds-profile [] Description Show an Event Thresholds profile. Syntax Parameter Description name of an Event Thresholds profile Usage Guidelines Issue this command without the parameter to display the entire Event Thresholds profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
The output of this command includes the following parameters: Parameter Description Detect Frame Rate Anomalies Shows of the profile enables or disables detection of frame rate anomalies. Bandwidth Rate High Watermark If bandwidth in an AP exceeds this value, it triggers a bandwidth exceeded condition. The value represents the percentage of maximum for a given radio. (For 802.11b, the maximum bandwidth is 7 Mbps. For 802.11 a and g, the maximum is 30 Mbps.) The recommended value is 85%.
show rf ht-radio-profile show rf ht-radio-profile [] Description Show a High-throughput Radio profile. Syntax Parameter Description Name of a High-throughput Radio profile. Usage Guidelines Issue this command without the parameter to display the entire High-throughput Radio profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Parameter Description Legacy station workaround Shows if the profile enables interoperability for misbehaving legacy stations. This parameter is disabled by default. Command History This command was available in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Enable and Config mode on local and master controllers 1003 | show rf ht-radio-profile Dell PowerConnect ArubaOS 6.
show rf optimization-profile show rf optimization-profile [] Description Show an Optimization profile. Syntax Parameter Description name of an ARM profile Usage Guidelines Issue this command without the parameter to display the entire Optimization profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
The output of this command includes the following parameters: Parameter Description Station Handoff Assist If enabled, this parameter allows the controller to force a client off an AP when the RSSI drops below a defined minimum threshold. Detect Association Failure Shows if the profile enables or disables STA association failure detection. Coverage Hole Detection Shows if the profile enables or disables coverage hole detection.
show rf spectrum-profile rf spectrum-profile Description Show a spectrum profile used by the spectrum analysis feature. Syntax Parameter Description Name of a spectrum profile. Usage Guidelines Issue this command without the parameter to display the entire spectrum profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
The output of this command includes the following information: Parameter Description spectrum-band Radio band or portion a radio band monitored by a spectrum monitor radio using that profile. Age Out: WIFI The number of seconds for which a wifi device must stop sending a signal before the spectrum monitor considers that device no longer active on the network. The default value is 600 seconds.
Command History Introduced in ArubaOS 6.0 Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master and local controllers Dell PowerConnect ArubaOS 6.
show rft profile show rft profile {all|antenna-connectivity|link-quality|raw} Description Show parameters for the predefined RF test profiles. Syntax Parameter Description all Show all predefined profiles. antenna-connectivity Show configured parameters for the predefined Antenna Connectivity test profile. link-quality Show configured parameters for the predefined Link Quality test profile. raw Show configured parameters for the predefined RAW test profile.
show rft result show rft result all|{trans-id } Description Show the results of an RF test. Syntax Parameter Description all Show the most recent test result for each test type (antenna-connectivity, link-quality or raw). trans-id Each RF test is assigned a transaction ID. Include the trans-id parameters to show the test result for a specific transaction ID.
show rft transactions show rft transactions Description Show transaction IDs of RF tests. Syntax No parameters. Usage guidelines The rft command is used for RF troubleshooting, and should only be used under the supervision of Dell technical support. Issue the show rft transaction command to view the transaction IDs for the most recent test of each test type. Example The following example shows the transaction IDs for the latest RAW, link-quality and antenna-connectivity tests.
show rights show rights [] Description Displays the list of user roles in the roles table with high level details of role policies. To view role policies of a specific role specify the role name. Syntax Parameter Description name-of-a-role Enter the role name to view its policy details. Example The output of this command shows the list of roles in the role table.
show roleinfo show roleinfo Description Displays the role of the controller. Syntax No parameters. Example The output of this command shows the role of the controller. (host) # show roleinfo switchrole:master Command History This command was available in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show rrm dot11k admission-capacity show rrm dot11k admission-capacity Description Displays the available admission capacity for voice traffic on an AP. Syntax No parameters. Example The output of this command shows the available admission capacity for voice traffic on all APs. (host) # show rrm dot11k admission-capacity 802.
show rrm dot11k ap-channel-report show rrm dot11k ap-channel-report [ap-name | bssid | ip-addr ] Description Displays the channel information gathered by the AP. You can either specify an ap-name, bssid or ip-address of an AP to see more details. Syntax Parameter Description ap-name Enter the name of the AP. bssid Enter the BSSID address of the AP. ip-addr Enter the IP address of the AP.
show rrm dot11k beacon-report show rrm dot11k beacon-report Description Displays the beacon report information sent by a client to its AP. Syntax No parameters. Example The output of this command shows the beacon report for the client 00:1f:6c:7a:d4:fd. (host) # show rrm dot11k beacon-report station-mac 00:1f:6c:7a:d4:fd 802.11K Beacon Report Details -------------------------------------------------Channel ---------1 BSSID ------00:0b:86:6d:3e:40 Reg Class -----------0 Antenna ID ------------1 Meas.
show rrm dot11k neighbor-report show rrm dot11k neighbor-report [ap-name | bssid | ip-addr ] Description Displays the neighbor information for a particular AP. If the AP name or the AP’s IP address is specified, the user should specify the ESSID to get the neighbor information. If the ESSID is not specified, the command will display the neighbor information for all the Virtual AP's configured on the AP.
Dell PowerConnect ArubaOS 6.
show rrm dot11k transmit-stream-report station-mac show rrm dot11k transmit-stream-report station-mac Description This is a diagnostic option for quick verification of received transmit stream measurement reports. Displays the contents of the transmit stream measurement reports received from a client. Syntax Parameter Description mac-addr MAC address of the client. Command History This command is introduced in ArubaOS 5.
show running-config show running-config Description Displays the current controller configuration, including all pending changes which are yet to be saved. Syntax No parameters. Example The output of this command shows the running configuration on the controller. (host) # show running-config version 5.0 enable secret "******" telnet soe loginsession timeout 0 hostname "vjoshi-2400" clock timezone PST -8 location "Building1.
show session-acl-list show session-acl-list Description Displays the list of configured session ACLs in the controller. Syntax No parameters. Example The output of this command shows the session ACLs in the controller. (host) # show session-access-list v6-icmp-acl allow-diskservices control validuser v6-https-acl vocera-acl icmp-acl v6-dhcp-acl captiveportal v6-dns-acl allowall test sip-acl https-acl ... ... ...
show slots show slots Description Displays the list of slots in the controller, including the status and card type. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show slots Slots -----Slot Status ---- -----1 Present Card Type --------A2400 Command History This command was available in ArubaOS 3.
show snmp community show snmp community Description Displays the SNMP community string details. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show snmp community SNMP COMMUNITIES ---------------COMMUNITY ACCESS --------- -----public READ_ONLY VERSION ------V1, V2c Command History This command was available in ArubaOS 3.
show snmp inform show snmp inform Description Displays the length of SNMP inform queue. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show snmp inform stats Inform queue size is 100 SNMP INFORM STATS ----------------HOST PORT INFORMS-INQUEUE ---- ---- --------------- OVERFLOW -------- TOTAL INFORMS ------------- Command History This command was available in ArubaOS 3.
show snmp trap-host show snmp trap-host Description Displays the configured SNMP trap hosts. Syntax No parameters. Example The output of this command shows details of a SNMP trap host. (host) # show snmp trap-hosts SNMP TRAP HOSTS --------------HOST VERSION ---------10.16.14.1 SNMPv2c SECURITY NAME ------------public PORT ---162 TYPE ---Trap TIMEOUT ------N/A RETRY ----N/A Command History This command was available in ArubaOS 3.
show snmp trap-list show snmp trap-list Description Displays the list of SNMP traps. Syntax No parameters. Example The output of this command shows the list of SNMP traps and the status.
show snmp trap-queue show snmp trap-queue Description Displays the list of SNMP traps in queue. Syntax No parameters. Example The output of this command shows the list of SNMP traps sent to host. (host) # show snmp trap-queue 2009-04-29 00:47:40 An AP/AM 00:0b:86:cd:cc:14, radio 2 at Location 00:0b:86:cd:cc:14 and channel 1, det interfering access point (BSSID 00:e0:fc:18:b5:35, SSID WA1003A). More information can be obtained from 10.16.15.1/screens/wmsi/reports.html?mode=ap&bssid=00:e0:fc:18:b5:35.
show snmp user-table show snmp user-table [user auth-prot [sha | md5] priv-prot [aes | des] ] Description Displays the list of SNMP user profile for a specified username. Syntax Parameter Description auth-prot Authentication protocol for the user, either HMAC-MD5-98 Digest Authentication Protocol (MD5) or HMACSHA-98 Digest Authentication Protocol (SHA), and the password for use with the designated protocol.
show spanning-tree show spanning-tree Description View the RSTP and PVST+ configuration.
Command History Release Modification 6.0 PVST+ added 3.4 Upgraded STP to RSTP with full backward compatibility. Command Information Platform Licensing Command Mode All platforms Base operating system Enable mode and Configuration mode (config) on master controllers 1029 | show spanning-tree Dell PowerConnect ArubaOS 6.
show spantree show spantree | | | | Description View the global RSTP and PVST+ topology. Syntax Parameter Description blocking View the spanning tree ports in the Blocking state. enable View the spanning tree ports in the Enable state. forwarding View the spanning tree ports in the Forwarding state. off View the ports with spanning tree disabled vlan View the spanning tree instance for the VLAN.
Designated Root MAC 00:0b:86:f0:20:20 Designated Root Priority 32768 Root Cost 11 Root Max Age 20 sec Hello Time 2 sec Forward Delay 15 sec Bridge MAC 00:0b:86:f0:20:30 Bridge Priority 32768 Configured Max Age 20 sec Hello Time 2 sec Forward Delay 15 Rapid Spanning Tree port configuration -------------------------------------Port State Cost Prio PortFast P-to-P Role ---- ----- ---- ---- -------- ------ ---- FE 1/3 Discarding 0 128 Disable Enable Disabled FE 1/1 Forwardi
show ssh show ssh Description Displays the SSH configuration details. Syntax No parameters. Example The output of this command shows SSH configuration details. (host) # show ssh SSH Settings: ------------DSA Mgmt User Authentication Method Enabled username/password Command History This command was available in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show startup-config show startup-config Description Displays the configuration which will be used the next time the controller is rebooted. It contains all the options last saved using the write memory command. Any unsaved changes are not included. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show startup-config version 3.
show station-table show station-table [mac ] Description Displays the internal station table entries and also details of a station table entry. Syntax No parameters. Example The output of this command shows details of an entry in the station table. (host) # show station-table mac 00:1f:6c:7a:d4:fd Association Table ----------------BSSID --------------00:0b:86:6d:3e:30 IP ----------10.15.20.
show storage show storage Description Displays the storage information on the controller. Syntax No parameters. Example The output of this command shows the storage details on the controller. (host) # show storage Filesystem /dev/root none /dev/hda3 Size 57.0M 70.0M 149.7M Used Available Use% Mounted on 54.6M 2.3M 96% / 2.0M 68.0M 3% /tmp 9.3M 132.6M 7% /flash Command History This command was available in ArubaOS 3.
show switch ip show switch ip Description Displays the IP address of the controller and VLAN ID. Syntax No parameters. Example The output of this command shows the IP address and VLAN ID of the controller. (host) # show switch ip Switch IP Address: 10.16.15.1 Switch IP is from Vlan Interface: 1 Command History This command was available in ArubaOS 3.
show switch software show switch software Description Displays the details of the software running in the controller. Syntax No parameters. Example The output of this command shows the details of software running in the controller. (host) # show switch software Command History This command was available in ArubaOS 3.
show switches show switches [all | state {complete | incomplete | inprogress | required} | summary ] Description Displays the details of switches connected to the master controller, including the master controller itself. Syntax Parameter Description all List of all switches. state Configuration status of all switches. summary Status of all switches connected to the master. Example The output of this command shows that there is a single local controller connected to the master controller.
show switchinfo show switchinfo Description Displays the latest and complete summary of controller details including role, last configuration change, hostname, reason for last reboot. Syntax No parameters. Example The output of this command lists all controllers connected to the master controller including the master controller. (host) # show switchinfo Command History This command was available in ArubaOS 3.
show syscontact show syscontact Description Displays the contact information for support. Syntax No parameters. Example The output of this command shows the contact information for technical support. (host) # show syscontact admin@mycompany.com Command History This command was available in ArubaOS 3.1 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show syslocation show syslocation Description Displays the location details of the controller. Syntax No parameters. Example The output of this command location of the controller. (host) # show syslocation Building 1, Floor 1 Command History This command was available in ArubaOS 3.1 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show tech-support show tech-support Description Displays all information about the controller required for technical support purposes. Syntax No parameters. Command History This command was available in ArubaOS 3.1 Command Information Platforms Licensing Command Mode All platforms Base operating system Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show telnet show telnet Description Displays the status of telnet access using command line interface (CLI) or serial over ethernet (SOE) to the controller. Syntax No parameters. Example The output of this command shows the status of CLI and SOE access to the controller. (host) # show telnet telnet cli is enabled telnet soe is enabled Command History This command was available in ArubaOS 3.
show time-range show time-range [|summary] Description Displays the list of time range configured in the system and rules affected by the time range. Syntax No parameters.
show tpm cert-info show tpm cert-info Description Displays the TPM and Factory Certificate information on MIPS controllers (W-3000, W-600 Series Controller). Syntax No parameters. Usage Guidelines Use this command to verify that TPM and factory certificates are installed as expected. This command should be executed before enabling CPSec on MIPS controllers (W-3000, W-600 Series Controller). Example In the example below, the TPM and certificates are installed.
show trunk show trunk Description Displays the list of trunk ports on the controller. Syntax No parameters. Example The output of this command shows details of a trunk port. (host) # show trunk Trunk Port Table ----------------Port Vlans Allowed ---------------FE2/12 1,613,615-617,632-633,636-640,667-668 Vlans Active -----------1,613,615-617,632-633,636-640,667-668 Native Vlan ----------1 Command History This command was available in ArubaOS 3.
show uplink crypto-local show uplink [config|{connection }|signal|{stats
show usb crypto-local show usb [cellular|ports|test|verbose] Description Display detailed USB device information. Syntax Parameter Description cellular Enter the keyword cellular to display cellular devices. ports Enter the keyword ports to display detailed TTY port information such as signal strength. test Enter the keyword test to test the USB TTY ports. NOTE: Testing an invalid modem port may cause the controller to “hang”. To resolve this, unplug and re-plug the modem.
show user show user authentication-method {[dot1x][mac][stateful-dot1x][vpn][web]}[rows ] bssid rows essid rows internal rows ip rows location b.f.
Syntax Parameter Description authentication-method Authentication method used for the device. dot1x Number of users to create starting with . mac Authentication method. stateful-dot1x 802.1x authentication. vpn MAC authentication. web Stateful 802.1x authentication. rows Displays the log output from the specified number of rows from the end of the log and the total number of rows to display. bssid BSSID address of the device.
Example This example displays users currently in the employee role. The output of this command is split into two tables in this document, however it appears in one table in the CLI. (host) (config) Users ----IP ---------192.168.160.1 10.100.105.100 10.100.105.102 10.100.105.97 10.100.105.
Command Information 1052 | show user Platforms Licensing Command Mode All platforms Base operating system Available in Enable and Config modes. Dell PowerConnect ArubaOS 6.
show user_session_count (deprecated) show user_session_count Description Show the number of users using an ESSID for different time intervals. Syntax No parameters Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 6.0 Command deprecated Dell PowerConnect ArubaOS 6.
show util_proc show util_proc guest-email counters Description Show counters for the guest email process. Syntax No parameters. Usage Guidelines As part of guest provisioning, the guest access email feature allows you to define the SMTP port and server that processes guest provisioning email. This server sends email to the guest or the sponsor when a guest user manually sends email from the Guest Provisioning page, or when a user creates a guest account.
show valid-network-oui-profile show valid-network-oui-profile Description This command displays the Valid Equipment OUI Profile table Syntax No parameters Usage Guidelines If you used the valid-networkoui-profile to add a new OUI to the controller, issue the show valid-network-ouiprofile command to see a list of current OUIs.
show version show version Description Show the system software version. Syntax No parameters. Example The output of this command in this example shows that the controller is an W-3200 model running ArubaOS version 6.0.0. (host) #show version Aruba Operating System Software. ArubaOS (MODEL: Aruba3200-US), Version 6.0.0.0 Website: http://www.arubanetworks.com Copyright (c) 2002-2010, Aruba Networks, Inc.
show vlan show vlan Description This command shows a configured VLAN interface number, description and associated ports. Syntax Parameter Description Range Default Identification number for the VLAN. 1-4094 1 Usage Guidelines Issue this command to show the selected VLAN configuration. The VLAN column lists the VLAN ID. The Description column provides the VLAN name or number and the Ports column shows the VLAN’s associated ports.
show vlan mapping show vlan mapping Description This command shows a configured VLAN name, its pool status and the VLAN IDs assigned to the pool. Syntax Parameter Description Range Default Identification number for the VLAN. 1-4094 1 Usage Guidelines Issue this command to show the selected VLAN configuration. The VLAN Name column displays the name of the VLAN pool. The Pool Status column indicates if the pool is enabled or disabled.
show vlan status show vlan status Description This command shows the current status of all VLANs on the controller. Syntax No parameters. Usage Guidelines Issue this command to show the status of VLANs on the controller.The VLAN ID column displays the VLAN ID name or number. The IP Address column provides the VLAN’s IP address. The Adminstate column indicates if the VLAN is enabled or disabled. The Operstate column indicates if the VLAN is currently up and running.
show vlan summary show vlan summary Description This command shows the number of existing VLANs. Syntax Parameter Description Number of existing VLANs The number of existing VLANs on the controller. Usage Guidelines Issue this command to show the number of existing VLANs on the controller. (host) #show vlan summary Number of existing VLANs :13 Related Commands (host) (config) #vlan (host) (config) #vlan-name Command History This command was introduced in ArubaOS 3.0.
show vlan-bwcontract-explist show vlan-bwcontract-explist [internal] Description Show entries in the VLAN bandwidth contracts MAC exception lists. Syntax Parameter Description internal Include the optional internal parameter to display the MAC addresses in the internal, preconfigured VLAN bandwidth contracts MAC exception list. Example The following command displays the MAC addresses in the internal MAC exception list.
tar tar clean {crash|flash|logs}| crash | flash | logs [tech-support] Description This command archives a directory. Syntax Parameter Description clean Removes a tar file crash Removes crash.tar flash Removes flash.tar.gz logs Removes logs.tar crash Archives the crash directory to crash.tar. A crash directory must exist. flash Archives and compresses the /flash directory to flash.tar.gz. logs Archives the logs directory to log.tar. Optionally, technical support information can be included.
show voice call-cdrs show voice call-cdrs [bssid | cid | count | detail | essid | extn | ip | proto {sip | svp | noe | sccp | vocera | h323} | rtpa | sta ] Description Displays detailed call records of voice client. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. cid View the detailed records filtered on the CDR Id. count Specify the number of records to be displayed by entering a number.
Example The output of this command shows detailed call records filtered by SIP protocol and limited to 5 entries.
show voice call-counters show voice call-counters Description Displays outgoing, incoming and terminated call counter details. The total calls equals the sum of the calls originated and terminated. It also equals the sum of the active, success, failed, blocked, aborted, and forwarded calls. Syntax No parameters. Example The output of this command shows call counter statitics.
show voice call-density show voice call-density [bssid | essid | extn | ip | proto ] Description Displays call density report for voice calls. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. essid Filter records based on ESSID of voice clients. extn Filter records based on the extension of a voice client. ip Filter records based on the IP address of an AP.
Command History Version Description ArubaOS 3.0 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show voice call-perf show voice call-perf [bssid | essid | extn | ip | proto Description Displays the performance of voice calls of all clients connected to the controller. You can filter the report based on BSSID, ESSID, extension, IP address or the VOIP protocol type. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. essid Filter records based on ESSID of voice clients.
Command History Version Description ArubaOS 3.3.1 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show voice call-quality show voice call-quality [bssid | essid | extn | ip | proto | rtpa | sta Description Displays voice call quality for each call over a period of time. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. essid Filter records based on ESSID of voice clients. extn Filter records based on the extension of a voice client.
Command History Version Description ArubaOS 3.3.1 Command introduced. ArubaOS 6.0 The rtpa and sta parameters were introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show voice call-stats show voice call-stats [bssid | cip | essid | extn | ip | proto | sta ] Description Displays voice call statistics for each client. Syntax Parameter Description bssid Filter records based on BSSID of a voice client. cip Filter records based on a client’s IP address. essid Filter records based on ESSID of a voice client. extn Filter records based on the extension of a voice client.
Command History Version Description ArubaOS 3.3.1 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show voice client-status show voice client-status [active-only | bssid | essid | extn | ip | proto | sta ] Description Displays list of voice clients and their status. You can also view details of a specifc voice client. Syntax Parameter Description active-only Filter records based on active voice clients bssid Filter records based on BSSID of a voice client. essid Filter records based on ESSID of a voice client.
Command History Version Description ArubaOS 3.3.1 Command introduced. ArubaOS 6.0 The sta parameter was introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show voice configurations show voice configurations Description Displays the details of the voice related configurations on your controller. Syntax No parameters. Example The output of this command shows details about all voice configurations on a controller.
Command History Version Description ArubaOS 6.0 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show voice dialplan-profile show voice dialplan-profile Description Displays list of SIP voice dialplan. You can also specify a dialplan to view configuration. Syntax No parameter. Example The output of this command shows list of all dialplans and the configuration of long distance dialplan.
show voice logging show voice logging Description Displays the MAC address of the voice client that has logging enabled. Syntax No parameters. Example The output of this command shows the MAC address of the voice client that has logging enabled. (host) #show voice logging VoIP Logging -----------Parameter --------Client's MAC Address for Logging Value ----11:22:33:44:55:67 Command History Version Description ArubaOS 6.0 Command introduced.
show voice msg-stats show voice msg-stats [sccp { bssid | cip | essid | ip | sta } ] [sip { bssid | cip | essid | ip | sta } ] Description Displays voice message counters for each call using either the SCCP or SIP protocol. Syntax Parameter Description bssid Filter records based on BSSID of a voice client. cip Filter records based on a client’s IP address.
Command History Version Description ArubaOS 3.3.1 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config or Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
show voice real-time-analysis show voice real-time-analysis [sta ] Description Displays the call quality parameters based on the call quality analysis on the RTP media streams for voice calls. Syntax Parameter Description sta View the detailed Real Time Call Quality analysis report for a voice client based on the MAC address. You can also view the average call quality values for all the clients without passing the MAC address.
show voice real-time-analysis-config show voice real-time-analysis-config Description Displays the status of Real Time Call Quality Analysis configuration. Syntax No parameters. Example The output of this command shows the status of Real Time Call Quality Analysis configuration on a controller. (host) #show voice real-time-config Configure Real-Time Analysis ---------------------------Parameter --------Real-Time Analysis of voice calls Value ----Enabled Command History Version Description ArubaOS 6.
show voice rtcp-inactivity show voice rtcp-inactivity Description Displays the status of RTCP protocol. Syntax No parameters. Example The output of this command shows the status of RTCP protocol. (host) #show voice rtcp-inactivity Voice rtcp-inactivity:disable Command History Version Description ArubaOS 3.3.1 Command introduced.
show voice sip show voice sip Description Displays the SIP settings on the controller. Syntax No parameters. Example The output of this command shows the SIP settings on a controller. (host) #show voice sip SIP settings -----------Parameter --------Session Timer Session Expiry Dialplan Profile Value ----Enabled 300 sec N/A Command History Version Description ArubaOS 6.0 Command introduced.
show voice sip-midcall-req-timeout show voice sip-midcall-req-timeout Description Displays the status of the SIP mid-call request timeout configuration on the controller. Syntax No parameters. Example The output of this command shows the status of the SIP mid-call request timeout configuration on a controller. (host) #show voice sip-midcall-req-timeout Voice sip-midcall-req-timeout:disable Command History Version Description ArubaOS 6.0 Command introduced.
show voice statistics show voice statistics [ cac | sip-dialplan-hits | tspec-enforcement ] Description Displays the CAC, UDP SIP dial plan hits, and TSPEC enforced voice statistics. Syntax Parameter Description cac Displays the dropped SIP Invites and SIP Status Code for both server and the client side. Note: This filter supports only the SIP protocol and will work only if CAC is enabled for the parameters. sip-dialplan-hits Displays the statistics of SIP dialplan hits.
show voice trace show voice trace [ sccp {count | ip | mac } ] [ sip {count | ip | mac } ] Description Displays the signalling message trace details for all clients. Syntax Parameter Description count View the specified number of the latest SIP or SCCP voice client messages. Specify an integer value. ip Specify the IP address of a client to display its SIP or SCCP voice client messages.
show vpdn l2tp configuration show vpdn l2tp configuration Description Displays the VPN L2TP tunnel configuration. Syntax No parameters. Example The output of this command shows the L2TP tunnel configuration. (host) # show vpdn l2tp configuration Enabled Hello timeout: 30 seconds DNS primary server: 10.16.15.1 DNS secondary server: 10.16.14.1 WINS primary server: 0.0.0.0 WINS secondary server: 0.0.0.0 PPP client authentication methods: PAP IP LOCAL POOLS: vpnpool: 10.16.15.150 - 10.16.15.
show vpdn pptp configuration show vpdn pptp configuration Description Displays the PPTP configuration on the controller. Syntax No parameters. Example The output of this command shows the L2TP tunnel configuration. (host) # show vpdn pptp configuration Enabled Hello timeout: 30 seconds DNS primary server: 10.15.1.1 DNS secondary server: 10.15.1.200 WINS primary server: 0.0.0.0 WINS secondary server: 0.0.0.
show vpdn pptp local pool show vpdn pptp local pool Description Displays the IP address pool for VPN users using Point-to-Point Tunneling Protocol. Syntax No parameters. Example The output of this command shows the all IP address pools for VPN users. (host) # show vpdn pptp local pool IP addresses used in pool localgroup 0 IPs used - 11 IPs free - 11 IPs configured Command History This command was available in ArubaOS 3.
show via show via version websessions Description Displays VIA version and web session details. Syntax Parameter Description Range Default version Displays the version of VIA client available on the controller. — — websessions Displays the list of users connected to the VIA controller using the VIA client. — — Example The following example displays the version of VIA client available on the controller.
show vpn-dialer show vpn-dialer Description Displays the VPN dialer configuration for users using VPN dialers. Syntax No parameters. Example The output of this command shows the VPN dialer configuration for remoteUsers.
show vrrp show vrrp Description Displays the list of all VRRP configuration on the controller. To view a specific VRRP configuration, specify the VRID number. Syntax No parameters. Example The output of this command shows the VRRP configuration enabled in one of the floors of the building. (host) # show vrrp Virtual Router 2: Description Floor-1 Settings Admin State DOWN, VR State INIT IP Address 10.15.1.
show web-server show web-server Description Displays the configuration of the controller’s web server. Syntax No parameters. Example The output of this command shows the web-server configuration.
show wlan dot11k-profile show wlan dot11k-profile [] Description Show a list of all 802.11k profiles, or display detailed configuration information for a specific 802.11k profile. Syntax Parameter Description Name of an 802.11k profile. Usage Guidelines Issue this command without the parameter to display the 802.11k profile list, including profile status and the number of references to each profile.
Parameter Description Measurement Mode for Beacon Reports Shows the profile’s beacon measurement mode: z active: In this mode, the client sends a probe request to the broadcast destination address on all supported channels, sets a measurement duration timer, and, at the end of the measurement duration, compiles all received beacons or probe response with the requested SSID and BSSID into a measurement report.
show wlan edca-parameters-profile show wlan edca-parameters-profile ap|station [] Description Display an Enhanced Distributed Channel Access (EDCA) profile for APs or for clients (stations). EDCA profiles are specific either to APs or clients. Syntax Parameter Description Name of a EDCA Parameters profile.
Parameter Description AIFSN Arbitrary inter-frame space number. TXOP Transmission opportunity, in units of 32 microseconds. ACM If this column displays a 1, the profile has enabled mandatory admission control. If this column displays a 0, the profile has disabled this feature. Command History This command was introduced in ArubaOS 3.1.
show wlan ht-ssid-profile show wlan ht-ssid-profile [] Description Show a list of all High-throughput SSID profiles, or display detailed configuration information for a specific High-throughput SSID profile. Syntax Parameter Description Name of a High-throughput SSID profile. Usage Guidelines Issue this command without the parameter to display the entire High-throughput SSID profile list, including profile status and the number of references to each profile.
Parameter Description MPDU Aggregation Shows if the profile enables or disables MAC protocol data unit (MPDU) aggregation. Max transmitted A-MPDU size Configured maximum size of a transmitted aggregate MPDU, in bytes. Max received A-MPDU size Configured maximum size of a received aggregate MPDU, in bytes. Min MPDU start spacing Configured minimum time between the start of adjacent MPDUs within an aggregate MPDU, in microseconds.
show wlan ssid-profile show wlan ssid-profile [] Description Show a list of all SSID profiles, or display detailed configuration information for a specific SSID profile. Syntax Parameter Description Name of an SSID profile. Usage Guidelines Issue this command without the parameter to display the entire SSID profile list, including profile status and the number of references to each profile.
The following example shows configuration settings defined for the SSID Profile Remote. (host) #show wlan ssid-profile remote SSID Profile "Remote" --------------------Parameter --------SSID enable ESSID Encryption DTIM Interval 802.11a Basic Rates 802.11a Transmit Rates 802.11g Basic Rates 802.
Parameter Description 802.11g Basic Rates List of supported 802.11b/g rates, in Mbps, that are advertised in beacon frames and probe responses. 802.11g Transmit Rates Set of 802.11b/g rates at which the AP is allowed to send data. Station Ageout Time Time, in seconds, that a client is allowed to remain idle before being aged out. Max Transmit Attempts Maximum transmission failures allowed before the client gives up.
Parameter Description WPA Hexkey WPA pre-shared key (PSK). WPA Passphrase WPA passphrase used to generate a pre-shared key (PSK). Maximum Transmit Failures Maximum transmission failures allowed before the client gives up. EDCA Parameters Station profile Name of the enhanced distributed channel access (EDCA) Station profile that applies to this SSID. EDCA Parameters AP profile Name of the enhanced distributed channel access (EDCA) AP profile that applies to this SSID.
show wlan traffic-management-profile show wlan traffic-management-profile [] Description Show a list of all traffic management profiles, or display detailed configuration information for a specific traffic management profile. Syntax Parameter Description Name of a Traffic Management profile. Usage Guidelines Issue this command without the parameter to display the entire Traffic Management profile list, including profile status and the number of references to each profile.
Parameter Description Station Shaping Policy Shows which of three possible Station Shaping policies is configured on the profile. z default-access: Traffic shaping is disabled, and client performance is dependent on MAC contention resolution. This is the default traffic shaping setting. z fair-access: Each client gets the same airtime, regardless of client capability and capacity. This option is useful in environments like a training facility or exam hall, where a mix of 802.11a/g, 802.11g and 802.
show wlan virtual-ap show wlan virtual-ap [] Description Show a list of all Virtual AP profiles, or display detailed configuration information for a specific Virtual AP profile. Syntax Parameter Description Name of a Virtual AP profile Usage Guidelines Issue this command without the parameter to display the entire Virtual AP profile list, including profile status and the number of references to each profile.
The following example shows configuration settings defined for the profile wizardtest-vap-profile. (host) #show wlan virtual-ap test-vap-profile Virtual AP profile "wizardtest-vap-profile" ---------------------------Parameter Value ------------Virtual AP enable Enabled Allowed band all AAA Profile default 802.
Parameter Description Mobile IP Shows if the profile has enabled or disabled IP mobility. HA Discovery onassociation If enabled, all clients of a virtual-ap will received mobility service on association. DoS Prevention If enabled, APs ignore deauthentication frames from clients. This prevents a successful deauth attack from being carried out against the AP. This does not affect third-party APs.
show wlan voip-cac-profile show wlan voip-cac-profile [] Description Show a list of all VoIP Call Admission Control profiles, or display detailed configuration information for a specific VoIP Call Admission Control profile.
The output of this command includes the following data columns: Parameter Description VoIP Call Admission Control Shows if the profile enables or disables WiFi VoIP Call Admission Control features. VoIP Bandwidth based CAC Shows the desired call admission control (CAC) Mechanism: z Disable - CAC is based on Call Counts z Enable - CAC should be based on Bandwidth. VoIP Call Capacity Number of simultaneous calls that can be handled by one radio.
show wms ap show wms ap {}|{list [mon-mac bssid }|{stats [mon-mac bssid } Description Display information for APs currently monitored by the ArubaOS Wireless Management System (WMS). Syntax Parameter Description Enter the AP’s BSSID number in hexadecimal format (XX:XX:XX:XX:XX:XX). list Show the AP Tree Table for all APs. mon-mac Show the AP Tree Table for an AP with the specified MAC address.
Column Type Description A WMS AP type can be one of the following: soft-ap: an Dell Access Point (AP). z air-monitor: An Dell Air Monitor (AM). z RAP_Type Indicates one of the following Rogue AP types: z Valid (not a rogue AP) z Interfering z Rogue z Suspected Rogue z Disabled Rogue z Unclassified z Known Interfering Status If up, the AP is active. If down (or no information is shown) the AP is inactive. Match MAC MAC address of a wired device that helped identify the AP as a rogue.
The output of this command includes the following information: Column Description Monitor-MAC MAC address of an AP. BSSID Basic Service Set Identifier of a station. RSSI Received Signal Strength Indicator for the station, as seen by the AP. txPkt Number of transmitted packets. RxPkt Number of received packets. TxByte Number of transmitted bytes. RxByte Number of received bytes. HTRates-Rx Number of bytes received at high-throughput rates.
show wms channel show wms channel stats Description Display per-channel statistics for monitored APs. Syntax No parameters. Example This example shows per-channel statistics for monitored APs.
Command History This command was introduced in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
show wms client show wms client |{list}|{probe }|{stats [mon-mac mac ]} Description Display a list of client information for the clients that can be seen by monitoring APs. Syntax Parameter Description Show statistics for a client with the specified MAC address, including the BSSID of the AP to which that client is currently associated, and the MAC addresses of other monitoring APs that can see that client. list Show statistics for all monitored clients.
Column Description ageout An ageout time is the time, in minutes, that the client must remain unseen by any probes before it is eliminated from the database. If this column displays a -1, the client has not yet aged out. Any other number indicates the number of minutes since the client has passed its ageout interval. BSSID BSSID of the AP to which the client is associated. SSID Extended service set identifier (ESSID) of the BSSID.
show wms counters show wms counters [debug|event] Description Show WMS event and debug counters. If you omit the optional debug and events parameters, the show wms counters command will display wms debug and events counters in a single table. Syntax Parameter Description debug Show show debug counters only events Show events counters only. If you omit the debug and events parameters, the show wms counters will display debug and events counters in a single table.
show wms general show wms general Description Display general statistics for the wms configuration. Syntax No parameters. Example This example shows per-channel statistics for all monitored APs.
Column Description classificationserver-ip IP address of an AMP (Airwave Management Platform) that will perform Rogue AP classification. If there is a classification server defined, the wms-on-master and use-db parameters will be disabled. rtls-port Port number on the RTLS server to which WMS statistics should be sent. wms-on-master The WMS process is enabled on the master controller. use-db Shows if WMS data is updated to the database on the master controller.
show wms monitor-summary show wms channel stats Description Display the numbers of different AP and client types monitored over the last 5 minutes, 1 hour, and since the controller was last reset. Syntax No parameters. Usage Guidelines The WLAN management system (WMS) on the controller monitors wireless traffic to detect any new AP or wireless client station that tries to connect to the network.
show wms probe show wms probe Description Display detailed information for a list of WMS probes. Syntax No parameters. Example This example shows the Probe List table for WMS probes. (host) #show wms probe Probe List ---------Monitor Eth MAC --------------00:0b:86:cd:11:64 ap 00:1a:1e:c2:2c:c4 monitor 00:0b:86:c1:be:56 ap 00:0b:86:c4:4d:06 ap 00:1a:1e:c2:30:80 monitor 00:1a:1e:c2:2c:ba monitor 00:1a:1e:c9:16:f0 BSSID ----00:0b:86:51:16:48 PHY Type -------80211A IP -10.13.11.19 LMS IP -----10.6.2.
Column Type Description A WMS AP type can be one of the following: soft-ap: an Dell Access Point (AP). z air-monitor: An Dell Air Monitor (AM). z Command History This command was introduced in ArubaOS 3.0 Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
show wms rogue-ap show wms rogue-ap Description Display statistics for APs classified as rogues APs. Syntax Parameter Description MAC address of a rogue AP. Example The output of this command shows statistics for a suspected Rogue AP, including how it was classified as a suspected rogue.
Column Description Status Shows if the AP is active (up) or inactive (down). Match Type Describes how the AP was classified as a rogue. z Eth-Wired-MAC: An Dell AP or AM detected that a single MAC address was in both the Ethernet Wired-Mac table and a non-valid AP wired-Mac table. z AP-Wired-MAC: An interfering AP is marked as rogue when the Dell AP finds a MAC address in one of its valid AP wired-mac table and in an interfering AP wired-mac table.
show wms routers show wms routers Description Show Learned Router Mac Information for WMS APs. Syntax Column Description MAC address of a probe that can see the router. Usage Guidelines This command displays the MAC addresses of devices that have been determined to be routers by the listed APs. This output of this command will be blank if there is not any broadcast/multicast activity in an AP's subnet.
show wms system show wms system Description Show the WMS system configuration and system state. Syntax No parameters. Example This example shows the WMS System Configuration and System State tables.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 1132 | show wms system Dell PowerConnect ArubaOS 6.
show wms wired-mac show wms wired-mac [{}|{ap-name }] Description Show a table of gateway wired addresses. This command can display a list of APs aware of a specific gateway MAC address, or list the wired MAC addresses known to a single AP. Syntax Column Description Specify a wired MAC address to display a list of APs that are aware of this wired MAC. ap-name Specify the IP address of an AP to list the wired MAC addresses of which it is aware.
shutdown shutdown all Description This command disables all interfaces on the controller. Usage Guidelines This command stops all traffic through the physical ports on the controller. The console port remains active. Use this command only when you have physical access to the controller, so that you can continue to manage using the console port. To shut down an individual interface, tunnel, or VLAN, use the shutdown option within the interface command. To restore the ports, use the no shutdown command.
snmp-server snmp-server community enable trap engine-id host version {1 udp-port }|2c|{3 } [inform] [interval ] [retrycount ] [udp-port ]} inform queue-length stats trap enable|disable|{source } user [auth-prot {md5|sha} ] [priv-prot {AES|DES} ] Description This command configures SNMP parameters. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default community Sets the read-only community string. — — enable trap Enables sending of SNMP traps to the configured host. — disabled engine-id Sets the SNMP server engine ID as a hexadecimal number. 24 characters maximum — host Configures the IP address of the host to which SNMP traps are sent. This host needs to be running a trap receiver to receive and interpret the traps sent by the controller.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3.1 The stats parameter was introduced Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
spanning-tree (Global Configuration) spanning-tree [forward-time | hello-time | max-age | priority | vlan range Note: RSTP is backward compatible with STP and is enabled by default. For ease of use, this command uses the spanning tree keyword. Description This command is the global configuration for the Rapid Spanning Tree Protocol (RSTP) and Per VLAN Spanning Tree (PVST+). See spanning-tree (Configuration Interface) for details on the RSTP (config-if) command.
spanning-tree max-age 30 The following command sets the bridge priority to 10, making it more likely to become the root bridge: spanning-tree priority 10 The follow command sets a spanning-tree VLAN range spanning-tree vlan range 2-8,11 Command History Release Modification ArubaOS 6.0 Added support for PVST+ and VLAN and VLAN Range ArubaOS 3.4 Upgraded STP to RSTP with full backward compatibility ArubaOS 1.
spanning-tree (Configuration Interface) spanning-tree cost point-to-point port-priority portfast vlan cost port-priority vlan range Note: RSTP is backward compatible with STP and is enabled by default. For clarity, this RSTP command uses the spanning tree keyword. Description Dell’s RSTP implementation interoperates with both PVST (Per VLAN Spanning Tree 802.1D) and Rapid-PVST (802.1w) implementation on industry-standard router/switches.
In addition to port state changes, RSTP introduces port roles for all the interfaces. RSTP (802.1w) Port Role Description Root The port that receives the best BPDU on a bridge. Designated The port can send the best BPDU on the segment to which it is connected. Alternate The port offers an alternate path, in the direction of root bridge, to that provided by bridge’s root port. Backup The port acts as a backup for the path provided by a designated port in the direction of the spanning tree.
spanning-tree mode spanning-tree mode | Description Set the spanning tree mode to either Rapid Spanning Tree (802.1w) or PVST+ (Per VLAN Spanning Tree). Syntax Parameter Description rapid Set the spanning tree mode to RSTP (Rapid Spanning Tree Protocol). rapid-pvst Set the spanning tree mode to PVST+ (Per VLAN Spanning Tree protocol) Usage Guidelines Once the spanning tree mode is set, you can configure RSTP or PVST+. Command History Release Modification 6.0 PVST+ added 3.
spanning-tree vlan (PVST+) spanning-tree vlan [forward-time | hello-time | max-age | priority ] Note: For ease of use, this command uses the spanning tree keyword to represent PVST+ Description Configure PVST+ on a VLAN. Syntax Parameter Description Range Default forward-time Specifies the time, in seconds, the VLAN spends in the listening and learning state before transitions to the forward state.
spanning-tree vlan 2 priority 10 Command History Release Modification ArubaOS 6.0 Command introduced Command Information Platforms Licensing Command Mode All Platforms Base operating system Configuration Mode (config) 1143 | spanning-tree vlan (PVST+) Dell PowerConnect ArubaOS 6.
spanning-tree vlan range (PVST+) spanning-tree vlan range [forward-time | hello-time | max-age | priority ] Note: For ease of use, this command uses the spanning tree keyword to represent PVST+ Description Configure PVST+ on a range of VLANs.
spanning-tree vlan range 2-3 priority 10 Command History Release Modification ArubaOS 6.0 Command introduced Command Information Platforms Licensing Command Mode All Platforms Base operating system Configuration Mode (config) 1145 | spanning-tree vlan range (PVST+) Dell PowerConnect ArubaOS 6.
ssh ssh disable_dsa | mgmt-auth {public-key [username/password] | username/password [public-key]} Description This command configures SSH access to the controller. Syntax Parameter Description Default disable_dsa Disables DSA authentication for SSH. Only RSA authentication is used. — mgmt-auth Configures authentication method for the management user. You can specify username/password only, public key only, or both username/ password and public key.
stm add-blacklist-client kick-off-sta purge-blacklist-clients remove-blacklist-client Description This command is used to manually disconnect a client from an AP or control the blacklisting of clients. Syntax Parameter Description add-blacklist-client MAC address of the client to be added to the denial of service list.
(host) #stm add-blacklist-client 00:01:6C:CC:8A:6D Command History Version Modification ArubaOS 1.0 Command introduced. ArubaOS 6.0 The purge-client-blacklist parameter was introduced. The start-trace and stop-trace parameters are no longer functional. Command Information 1148 | stm Platforms Licensing Command Mode All platforms Base operating system Enable mode on master or local controllers Dell PowerConnect ArubaOS 6.
support support Description This command, which should be used only in conjunction with Dell customer support, is for controller debugging purposes only. Syntax No parameters. Usage Guidelines This command is used by Dell customer support for debugging the controller. Do not use this command without the guidance of Dell customer support. Example The following command allows Dell customer support to debug the controller: (host) #support Command History Version Modification ArubaOS 2.
syscontact syscontact Description This command configures the name of the system contact for the controller. Syntax Parameter Description syscontact An alphanumeric string that specifies the name of the system contact. Usage Guidelines Use this command to enter the name of the person who acts as the system contact or administrator for the controller. You can use a combination of numbers, letters, characters, and spaces to create the name.
syslocation syslocation Description This command configures the name of the system location for the controller. Syntax Parameter Description syslocation An alphanumeric string that specifies the name of the system location. Usage Guidelines Use this command to indicate the location of the controller. You can use a combination of numbers, letters, characters, and spaces to create the name. To include a space in the name, use quotation marks to enclose the text string.
telnet telnet {cli|soe} Description Enable telnet to the controller or to an AP through the controller. Syntax Parameter Description Default cli Enable telnet using the CLI. Disabled soe Enable telnet using Serial over Ethernet (SoE). Disabled Usage Guidelines Use the cli option to enable telnet to the controller. Use the soe option to enable telnet using the SoE protocol. This allows you to remotely manage an AP directly connected to the controller.
time-range time-range absolute [end ]|[start ] time-range periodic Daily to Friday to Monday to Saturday to Sunday to Thursday to Tuesday to Wednesday to Weekday to Weekend to no ... Description This command configures time ranges. Syntax Parameter Description Name of this time range.
traceroute traceroute Description Trace the route to the specified IP address. Syntax Parameter Description The destination IP address. Usage Guidelines Use this command to identify points of failure in your network. Example The following command traces the route to the device identified by the IP address 10.1.2.3. (host) (config) #traceroute 10.1.2.3 Command History The command was introduced in ArubaOS 2.0.
trusted trusted all Description This command makes all physical interfaces on the controller trusted ports. Syntax Parameter Description all Makes all ports on the controller trusted. Usage Guidelines Trusted ports are typically connected to internal controlled networks. Untrusted ports connect to third-party APs, public areas, or any other network to which the controller should provide access control. When APs are attached directly to the controller, set the connecting port to be trusted.
uplink crypto-local uplink {cellular priority }|disable|enable|{wired priority }|{wired vlan } Description Manage and configure the uplink network connection on the Aruba 600 controllers. Syntax Parameter Description Range cellular priority Set the priority of the cellular uplink. By default, the cellular uplink is a lower priority than the wired uplink; making the wired link the primary link and the cellular link the secondary or backup link.
usb reclassify crypto-local usb reclassify
Description Disconnect and reclassify an USB device. Syntax Parameter Description USB device address from the show usb command. Usage Guidelines There's no way to power off an USB port on the Aruba 600 controller, but you can re-initialize the device using the usb reclassify command. This command removes the modem from the USB device list, then detects it via the USB table. Command History Introduced in ArubaOS 3.4.usb-printer usb-printer [printer alias ] Description This command allows you to provide an alias to USB printers connected to W-600 Series Controller series controllers. Syntax Parameter Description printer Enter the default printer name. To get the default printer name use the show networkprinter status command. alias Enter a new alias name for the printer.
user-role user-role access-list {eth|mac|session} [ap-group ] [position ] bw-contract [per-user] {downstream|upstream} captive-portal dialer ipv6 session-acl max-sessions no ... pool {l2tp|pptp} reauthentication-interval session-acl [ap-group ] [position ] stateful-ntlm vlan {VLAN ID|VLAN name} wispr Description This command configures a user role.
Syntax Parameter Description Range Default Name of the user role. — — access-list Type of access control list (ACL) to be applied: eth: Ethertype ACL, configured with the ip access-list eth command. mac: MAC ACL, configured with the ip access-list mac command. session: Session ACL, configured with the ip access-list session command. — — Name of the configured ACL. ap-group (Optional) AP group to which this ACL applies.
Parameter Description Range Default vlan Identifies the VLAN ID or VLAN name to which the user role is mapped. This parameters works only when using Layer-2 authentication such as 802.1x or MAC address, ESSID, or encryption type role mapping because these authentications occur before an IP address is assigned. If a user authenticates using a Layer-3 mechanism such as VPN or captive portal this parameter has no effect. NOTE: VLAN IDs and VLAN names cannot be listed together.
valid-network-oui-profile valid-network-oui-profile no oui Description This command allows you to add a new OUI to the controller Syntax Parameter Description Range Default no Negates any configured parameter. — — oui The new OUI to be added. Use the aa:bb:cc format to input the new OUI. — — Usage Guidelines This command adds a new OUI to the controller. The new OUI must be entered in a aa:bb:cc format. Example The following command adds a new OUI to the controller.
vlan vlan [] |[ ]|[range ]|[wired aaaprofile ] Description This command creates a VLAN ID or a range of VLAN IDs on the controller. Syntax Parameter Description Range Default Identification number for the VLAN. 2-4094 1 Description of a VLAN ID. 1-32 characters; cannot begin with a numeric character VLAN000x, where x is the ID number. (Optional) Identification name of the VLAN.
(host) (config) #vlan range 200-300,302, 303-400 Related Commands Command Description show vlan This command shows a configured VLAN interface number, description and associated ports aaa authentication wired This command configures authentication for a client device that is directly connected to a port on the controller. Command History Release Modification ArubaOS 3.0 Command available. ArubaOS 3.4 vlan-ids parameter introduced. ArubaOS 3.4.1 vlan range parameter introduced. ArubaOS 6.
vlan-bwcontract-explist vlan-bwcontract-explist mac Description Use this command to add entries to or remove entries from the MAC exception list for bandwidth contracts on broadcast/multicast traffic. Syntax Parameter Description MAC address of a protocol that should be added to or removed from the exception list for bandwidth contracts. Usage Guidelines Bandwidth contracts on a VLAN can limit broadcast and multicast traffic. ArubaOS version 6.
vlan-name vlan-name [pool] Description This command creates a named VLAN on the controller and can enable it as a pool. A named VLAN needs to be first created to assign one or a pool of VLAN IDs to that name. Syntax Parameter Description Range Name for the VLAN. 1–32 characters [pool] (Optional) Sets the named VLAN to be a pool. — Usage Guidelines Create a named VLAN so you can set up a VLAN pool.
voice dialplan-profile voice dialplan-profile clone dialplan { } no... Description This command allows you to create a dial plan profile and configure dial plans to the profile. Syntax Parameter Description Name of this instance of the dial plan profile. clone Name of the existing dial plan profile from which parameter values are copied. dialplan Configures a dialplan with the sequence, pattern, and action specified for the profile.
Command History Version Description ArubaOS 6.0 Command introduced. Command Information Platforms Licensing Command Mode All platforms This command requires the PEFNG license Config mode on master controller 1168 | voice dialplan-profile Dell PowerConnect ArubaOS 6.
voice logging voice logging client mac no ... Description This command allows you to enable logging for a voice client. Syntax Parameter Description client mac MAC address of the voice client to be enabled for voice logging. Usage Guidelines You can enable voice logging for a specific voice client based on the MAC address of the client to troubleshoot any voice issues.
voice rtcp-inactivity voice rtcp-inactivity {enable | disable} Description This command enables or diables the RTCP inactivity timer. Syntax Parameter Description enable Enables the RTCP inactivity timer. disable Disables the RTCP inactivity timer. Usage Guidelines You can enable the RTCP inactivity timer to clear a voip session if an on-hold client moves out of the coverage area.
voice real-time-config voice real-time-config config-enable no... Description This command enables the controller to analyze the call quality of the voice calls based on the RTP media streams. Syntax Parameter Description Default config-enable Enables the controller to analyze the call quality of the voice calls based on the RTP media streams.
voice sip voice sip dialplan-profile no... session-expiry session-timer Description This command allows you to enable SIP session timer and associate a dial plan profile to the SIP ALG. Syntax Parameter Description Default dial-plan profile Name of the existing Dial plan profile to be associated to the SIP ALG. _ session-expiry Timeout value in seconds for the session timer. The range is 240 - 1200 seconds.
voice sip-midcall-req-timeout voice sip-midcall-req-timeout {enable | disable} Description This command enables or diables the SIP mid-call request timer. Syntax Parameter Description enable Enables the SIP mid-call request timer. disable Disables the timer. Usage Guidelines You can enable the SIP mid-call request timer on the controller to clear the voip session if there is no response to a SIP mid-call request.
vpdn group l2tp vpdn group l2tp client configuration {dns|wins} [] disable|enable l2tp tunnel hello no ... ppp authentication {CACHE-SECURID|CHAP|EAP|MSCHAP|MSCHAPv2|PAP} ppp securid cache Description This command configures an L2TP/IPsec VPN connection. Syntax Parameter Description Range Default client configuration Configures parameters for the remote clients. — — dns Configures a primary and optional secondary DNS server.
(host) (coinfig) #vpdn group l2tp ppp authentication PAP client configuration dns 10.1.1.2 client configuration wins 10.1.1.2 Command History The command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 1175 | vpdn group l2tp Dell PowerConnect ArubaOS 6.
vpdn group pptp vpdn group pptp client configuration {dns|wins} [] disable|enable no ... ppp authentication {MSCHAP|MSCHAPv2} pptp echo Description This command configures a PPTP VPN connection. Syntax Parameter Description Range Default client configuration Configures parameters for the remote clients. — — dns Configures a primary and optional secondary DNS server. — — wins Configures a primary and optional secondary WINS server.
Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers 1177 | vpdn group pptp Dell PowerConnect ArubaOS 6.
vpn-dialer vpn-dialer enable dnetclear|l2tp|pptp|securid_newpinmode|wirednowifi ike {authentication {pre-share |rsa-sig}|encryption {3des|des}| group {1|2}|hash {md5|sha}|lifetime []} ipsec {encryption {esp-3des|esp-des}|hash {esp-md5-hmac|esp-sha-hmac}| lifetime []|pfs {group1|group2}} no {enable...|ipsec...|ppp...} ppp authentication {cache-securid|chap|mschap|mschapv2|pap} Description This command configures the VPN dialer.
Parameter Description Range Default lifetime Specifies how long an IPsec security association lasts, in seconds. 300-86400 7200 seconds pfs Specifies the IPsec Perfect Forward Secrecy (PFS) mode, either group 1 or group 2. group1 | group2 group2 no Negates any configured parameter. — — ppp authentica tion Enables the protocols for PPP authentication. This list should match the L2TP or PPTP configuration configured with the vpdn command on the controller.
vrrp vrrp advertise authentication description ip address no... preempt priority shutdown tracking interface {fastethernet /|gigabitethernet /} {sub } tracking master-up-time add tracking vlan {sub } tracking vrrp-master-state add vlan Description This command configures the Virtual Router Redundancy Protocol (VRRP). Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default id Number that uniquely identifies the VRRP instance, also known as the VRID. This number should match the VRID on the other member of the redundant pair. For ease in administration, you should configure this with the same value as the VLAN ID. After you configure the VRID, the command platform enters VRRP mode. From here, you can access the remaining VRRP commands.
Parameter Description Range Default Number assigned to the network interface embedded in the controller. Port numbers start at 0 from the left-most position. — — sub Decreases the priority of the VRRP instance by the specified amount. When the interface comes up again, the value is restored to the previous priority level. The combined priority and tracking vales cannot exceed 255. If the priority value exceeds 255, the controller displays an error message.
the state of a particular VLAN or Layer-2 interface. The priority of the VRRP instance can increase or decrease based on the operational state of the specified interface. For example, interface transitions (up/down events) can trigger a recomputation of the VRRP priority, which can change the VRRP master depending on the resulting priority. You can track a combined maximum of 16 interfaces.
Command History Version Modification ArubaOS 1.0 Command introduced ArubaOS 3.3 The tracking interface and tracking vlan parameters were introduced. ArubaOS 3.3.2 The add option was removed from the tracking interface and tracking vlan parameters. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master and local controllers Dell PowerConnect ArubaOS 6.
web-server web-server captive-portal-cert ciphers {high|low|medium} mgmt-auth [certificate] [username/password] no ... ssl-protocol [sslv2] [sslv3] [tlsvl] session-timeout switch-cert web-max-clients Description This command configures the controller’s web server. Syntax Parameter Description Range Default captive-portalcert Name of the server certificate associated with captive portal.
You can use client certificates to authenticate management users. If you specify certificate authentication, you need to configure certificate authentication for the management user with the mgmt-user webui-cacert command.
whitelist-db cpsec add whitelist-db whitelist-db cpsec whitelist-db cpsec add mac-address state {approved-ready-for-cert|certified-factory-cert} cert-type {switchcert|factory-cert} [description ] Description Add an AP entry to the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to enter into the cpsec whitelist database.
Related Commands Command Description Mode show whitelist-db cpsec Show the campus AP whitelist for the control plane feature. Enable mode Command History Version Modification ArubaOS 5.0 Command introduced ArubaOS 6.0 The controller-cert parameter was modified to switch-cert. Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master or local controllers 1187 | whitelist-db cpsec add Dell PowerConnect ArubaOS 6.
whitelist-db cpsec delete whitelist-db cpsec delete mac-address Description Remove an individual AP entry to the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to remove from the campus AP whitelist. Usage Guidelines Use this command to remove an individual whitelist entries for an AP that has been either removed from the network, or is no longer a candidate for automatic certificate provisioning.
whitelist-db cpsec modify whitelist-db cpsec modify mac-address cert-type switch-cert|factory-cert description mode disable|enable revoke-text state approved-ready-for-cert|certified-factory-cert Description Modify an existing entry in the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to enter into the cpsec whitelist database. cert-type Identify the type of certificate to be used by the AP.
Related Commands Command Description Mode show whitelist-db cpsec Show the campus AP whitelist for the control plane feature. Enable mode Command History Version Modification ArubaOS 5.0 Command introduced ArubaOS 6.0 The controller-cert parameter was modified to switch-cert. Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master or local controllers Dell PowerConnect ArubaOS 6.
whitelist-db cpsec revoke whitelist-db cpsec revoke mac-address revoke-text Description Revoke a certificate from an AP in the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to remove from the cpsec whitelist database. revoke-text A brief description why the AP’s certificate was revoked, up to 64 alphanumeric characters.
whitelist-db cpsec purge whitelist-db cpsec purge Description Clear the campus AP whitelist. Syntax No parameters. Usage Guidelines Use this command to clear all entries in the entire campus AP whitelist. If your network includes both master and local controllers, then each campus AP whitelist is synchronized across all controllers. If you purge the entire campus AP whitelist on one controller, that action will clear the campus AP whitelist on every controller in the network.
whitelist-db cpsec-local-switch-list whitelist-db cpsec-local-switch-list del mac-address purge Description Delete a local controller from the local switch whitelist. Syntax Parameter Description del mac-address Remove a single controller from the local switch whitelist.
Related Commands Command Description Mode show whitelist-db cpseclocal-switch-list Show the local switch whitelist for the control plane feature. Enable mode Command History Version Modification ArubaOS 5.0 Command introduced ArubaOS 6.0 The cpsec-local-ctlr-list parameter was modified to cpsec-local-switch-list Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
whitelist-db cpsec-master-switch-list whitelist-db cpsec-master-switch-list del mac-address purge Description Delete a master controller from the master switch whitelist. Syntax Parameter Description del mac-address Remove a single master controller from the master switch whitelist.
whoami whoami Description This command displays information about the current user logged into the controller. Syntax No parameters. Usage Guidelines Use this command to display the name and role of the user who is logged into the controller for this session. Example The following command displays information about the user logged into the controller: (host) #whoami Command History This command was available in ArubaOS 1.0.
wlan dot11k-profile wlan wlan dotllk bcn-measurement-mode {active|beacon-table|passive} clone dot11k-enable force-disassoc bcn-req-time lm-req-time tsm-req-time channel-enable bcn-req-chan-11a bcn-req-chan-11bg handover-threshold handover-trigger no ... Description Configure a 802.11k radio profile. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Default Name of this instance of the profile. The name must be 1-63 characters. “default” bcn-measurement-mode Configures an active, beacon-table or passive beacon measurement mode for the profile. active Enables active beacon measurement mode.
Parameter Description Default tsm-req-time This option configures the time duration between two consecutive transmit stream measurement requests sent to a dot11K client. By default, the transmit stream measurement requests are sent to a dot11K client every 90 seconds. However, you can use the tsm-req time option to specify a different time interval. This permits values in the range from 10 seconds to 200 seconds. 90 seconds channel-enable A Beacon Request sent to a client contains a "Channel" field.
Command Information Platforms Licensing Command Mode All platforms Base operating system. Config mode on master controllers 1201 | wlan dot11k-profile Dell PowerConnect ArubaOS 6.
wlan client-wlan-profile wlan client-wlan-profile auth-as-computer auth-as-guest clone eap-cert eap-cert-connect-only-to eap-peap eap-peap-connect-only-to eap-type enable-8021x ieap-cert-connect-only inner-eap inner-eap-type no non-broadcasting-connection range-connect ssid-profile Description You can push WLAN profiles to users computers that use the Microsoft Windows Wireless Zero Config (WZC) service to configure and maintain their wireless networks.
Syntax Parameter Description Default auth-as-computer Authenticate with domain credentials. auth-as-guest Authenticate as a guest user. clone Copy settings from another WLAN client profile. eap-cert If you select EAP type as certificate, you can use one of the following options: z mschapv2-use-windows-credentials z use-smartcard z simple-certificate-selection z use-different-name z validate-server-certificate eap-cert-connect-onlyto Comma separated list of servers.
wlan edca-parameters-profile wlan wlan edca-parameters-profile {ap|station} {background | best-effort | video | voice} [acm][aifsn ] [ecw-max [ecw-min ] [txop ] [clone Description This command configures an enhanced distributed channel access (EDCA) profile for APs or for clients (stations). Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters.
The following are the default values configured for clients: Access Category ecw-min ecw-max aifsn txop acm best-effort 4 10 3 0 No background 4 10 7 0 No video 3 4 2 94 No voice 2 3 2 47 No Example The following command configures an EDCA profile for APs: (host) (config) #wlan edca-parameters-profile ap edca1 best-effort ecw-min 15 ecw-max 15 aifsn 15 txop 100 acm 1 Command History Version Description ArubaOS 3.1 Command introduced. ArubaOS 3.4.
wlan ht-ssid-profile wlan ht-ssid-profile 40MHz-enable allow-weak-encryption clone high-throughput-enable legacy-stations max-rx-a-mpdu-size {8191|16383|32767|65535} max-tx-a-mpdu-size min-mpdu-start-spacing {0|.25|.5|1|2|4|8|16} mpdu-agg no... short-guard-intvl-40MHz supported-mcs-set Description This command configures a high-throughput SSID profile. Dell PowerConnect ArubaOS 6.
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” 40MHzenable Enables or disables the use of this high-throughput SSID in 40 MHz mode. — enabled allow-weakencryption Enabling the use of TKIP or WEP for unicast traffic disables A-MPDU aggregation but allows the association to proceed. Disabling this prevents stations using TKIP or WEP for unicast traffic from associating at all. It is disabled by default.
Parameter Description Range Default supportedmcsset Comma-separated list of Modulation Coding Scheme (MCS) values or ranges of values to be supported on this high-throughput SSID. 0-15 0-15 Usage Guidelines The ht-ssid-profile configures the high-throughput SSID. Note: AP configuration settings related to the IEEE 802.11n standard are configurable for Dell W-AP120 series access points, which are IEEE 802.11n standard compliant devices.
wlan ssid-profile wlan ssid-profile 902il-compatibility-mode a-basic-rates a-beacon-rate a-tx-rates ageout battery-boost clone deny-bcast disable-probe-retry dtim-period edca-parameters-profile {ap|station} essid g-basic-rates g-beacon-rate g-tx-rates hide-ssid ht-ssid-profile local-probe-response max-clients max-retries max-tx-fail mcast-rate-opt no ...
Parameter Description Range Default 902ilcompatibilitymode (For clients using NTT DoCoMo 902iL phones only) When enabled, the controller does not drop packets from the client if a small or old initialization vector value is received. (When TKIP or AES is used for encryption and TSPEC is enabled, the phone resets the value of the initialization vector after add/delete TSPEC.) NOTE: This parameter requires the PEFNG license. — disabled a-basic-rates List of supported 802.
Parameter Description Range Default g-beacon-rate Sets the beacon rate for 802.11g (use for Distributed Antenna System (DAS) only). Using this parameter in normal operation may cause connectivity problems. default, 1,2,5, 6 9, 11, 12, 18, 24, 36, 48, 54 Mbps minimum valid rate g-tx-rates Set of 802.11b/g rates at which the AP is allowed to send data.
Parameter Description wpa2-tkip WPA2 with TKIP encryption and dynamic keys using 802.1x. xSec Encryption and tunneling of Layer-2 traffic between the controller and wired or wireless clients, or between controllers. To use xSec encryption, you must use a RADIUS authentication server. For clients, you must install the Funk Odyssey client software. Requires installation of the xSec license. For xSec between controllers, you must install an xSec license in each controller.
Multicast Rate Optimization The Multicast Rate Optimization feature dynamically selects the rate for sending broadcast/multicast frames on any BSS. This feature determines the optimal rate for sending broadcast and multicast frames based on the lowest of the unicast rates across all associated clients.
wlan traffic-management-profile wlan traffic-management-profile bw-alloc virtual-ap share clone no ... report-interval shaping-policy default-access|fair-access|preferred-access Description This command configures a traffic management profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters.
opportunity to get and receive traffic. The specific amount of airtime given to an individual client is determined by; z Client capabilities (802.11a/g, 802.11b or 802.
wlan virtual-ap wlan virtual-ap aaa-profile allowed-band ... auth-failure-blacklist-time band-steering blacklist blacklist-time broadcast-filter all|arp clone deny-time-range dos-prevention dot11k-profile fast-roaming forward-mode {tunnel|bridge|split-tunnel|decrypt-tunnel} ha-disc-onassoc mobile-ip no ...
Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” aaa-profile Name of the AAA profile that applies to this virtual AP. — “default” allowed-band The band(s) on which to use the virtual AP: a—802.11a band only (5 GHz) g—802.11b/g band only (2.4 GHz) all—both 802.11a and 802.11b/g bands (5 GHz and 2.
Parameter Description Range Default all — Filter out broadcast and multicast traffic in the air. NOTE: Do not enable this option for virtual APs configured in bridge forwarding mode. This configuration parameter is only intended for use for virtual APs in tunnel mode. In tunnel mode, all packets travel to the controller, so the controller is able to drop all broadcast traffic.
Parameter Description Range Default forward-mode Controls whether 802.11 frames are tunneled to the controller using generic routing encapsulation (GRE), bridged into the local Ethernet LAN (for remote APs), or a combination thereof depending on the destination (corporate traffic goes to the controller, and Internet access remains local). Select one of the following forward modes: z Tunnel: When an AP is in tunnel forwarding mode, the AP handles all 802.11 association requests and responses.
Parameter Description Range Default rap-operation Configures when the virtual AP operates on a remote AP: always—Permanently enables the virtual AP. backup—Enables the virtual AP if the remote AP cannot connect to the controller. persistent—Permanently enables the virtual AP after the remote AP initially connects to the controller. standard—Enables the virtual AP when the remote AP connects to the controller. Use always and backup for bridge SSIDs. Use persistent and standard for 802.
A named VLAN can be deleted although it is configured in a virtual AP profile. If this occurs the virtual AP profiles becomes invalid. If the named VLAN is added back later the virtual AP becomes valid again. Example The following command configures a virtual AP: wlan virtual-ap corpnet vlan 1 aaa-profile corpnet Command History. Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 Support for the split tunneling option and the rap-operation parameter was introduced. ArubaOS 3.
wlan voip-cac-profile wlan voip-cac-profile bandwidth-cac bandwidth-capacity call-admission-control call-capacity call-handoff-reservation clone disconnect-extra-call no ... send-sip-100-trying send-sip-status-code client|server wmm_tspec_enforcement wmm_tspec_enforcement_period Description This command configures a voice over iP (VoIP) call admission control (CAC) profile.
Parameter Description Range Default send-sip-status-code client|server Use this parameter with the client or server options to drop a SIP Invite and send status code back to the client or server. You must also include one of the following codes: z 480: Temporary Unavailable z 486: Busy Here z 503: Ser vice Unavailable z none: Don't send SIP status code — 486 wmm_tspec_en forcement Enables validation of TSPEC requests for CAC.
wms ap wms ap mode {interfering|manually-contained|neighbor|rogue|valid} Description This command allows you to classify an AP into one of several categories. Syntax Parameter Description BSSID of the AP. mode Classify the AP into one of the following categories. interfering An AP seen in the RF environment but is not connected to the wired network. manuallycontained Manually enable denial of service from this AP neighbor An neighboring AP whose BSSID is known.
wms clean-db wms clean-db Description This command deletes the WMS database. Syntax Parameter Description clean-db Cleans the WMS database. Usage Guidelines This command deletes all entries from the WMS database. Do not use this command unless instructed to do so by an Dell representative. Example The following command cleans the WMS database: (host) #wms clean-db WMS Database will be deleted. Do you want to proceed with this action [y/n]: Command History This command was introduced in ArubaOS 3.0.
wms client wms client mode {dos|interfering|valid} Description This command allows you to classify a wireless client into one of several categories. Syntax Parameter Description client MAC address of the client. mode Classify the client into one of the following categories: dos Enables denial of service to this client. neighbor A client seen in the RF environment that is outside of the enterprise. valid A client that is part of the enterprise.
wms export-class wms export-class Description This command exports classification information into a file. Syntax Parameter Description Name of the file into which you want to export classification information Usage Guidelines This command writes classification data into comma separated values (CSV) files—one for APs and one for clients. You can import these files into the Dell Mobility Manager system.
wms export-db wms export-db Description This command exports the WMS database to a specified file. Syntax Parameter Description Name of the file into which you want to export the database. The filename plus any extensions must be no longer than 32 characters and may contain only keyboard characters. Usage Guidelines The file is exported as an ASCII text file.
wms general wms general ap-ageout-interval | collect-stats {disable|enable} | learn-ap {enable|disable} | persistent-known-interfering {enable|disable} | poll-interval |poll-retries | propagate-wired-macs {enable|disable} | sta-ageout-interval | stat-update {enable|disable} Description This command configures the WLAN management system (WMS).
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms Licensing Command Mode All platforms Base operating system Config mode on master controllers Dell PowerConnect ArubaOS 6.
wms import-db wms import-db Description This command imports the specified file into the WMS database. Syntax Parameter Description Name of the file into which you want to import into the database. The filename plus any extensions must be no longer than 32 characters and may contain only keyboard characters. Usage Guidelines The imported file replaces the WMS database.
wms reinit-db wms reinit-db Description This command reinitializes the WMS database to its factory defaults. Syntax No parameters. Usage Guidelines When you use this command, there is no automatic backup of the current database. If an Mobility Manager server is configured on the controller (see “mobility-manager” on page 356), this command will fail and return an error. Example The following command reinitializes the WMS database: (host) #wms reinit-db WMS Database will be re-initialized.
wms-local system wms-local system max-threshold Description This command defines local WMS system settings for the maximum number of APs and client stations. Syntax Parameter Description Set the max threshold for the total number of APs and Stations. This value can be any 32-bit number. Usage Guidelines Use this command with caution. Increasing the limit will cause an increase in usage in the memory by WMS. In general, each entry will consume about 500 bytes of memory.
write write {erase [all] | memory | terminal} Description This command saves the running configuration to memory or displays the running configuration on the screen. This command can also be used to erase the running configuration and return the controller to factory defaults. Syntax Parameter Description erase Erases the running system configuration file. Rebooting the controller resets it to the factory default configuration.
(host) #write erase Command History This command was introduced in ArubaOS 1.0. Command Information 1236 | write Platforms Licensing Command Mode All platforms Base operating system Enable and Config modes Dell PowerConnect ArubaOS 6.
Appendix A: Command Modes The ArubaOS command-line interface offers different levels of user access by differentiating between different command modes. When you first log in to the CLI, you start your session in User mode, which provides only limited access for basic operational testing. You must enter an additional password to access Enable mode, which allows you to issue show commands run certain management functions. Configuration commands can only be issued in Config mode.
Enable Mode To move from user mode to enable mode, you must enter the command enable, press Enter, then enter config mode password that was defined during the controller’s initial setup process. (The default password is enable.) Users in enable mode may return to user mode at any time by entering the command exit. The command prompt for a CLI session in enable mode is a pound (#) symbol: (host) # The following commands are available in enable mode.
z aaa authentication z cluster-root-ip z process monitor z aaa bandwidth-contract z controller-ip z prompt z aaa derivation-rules z control-plane-security z provision-ap z aaa inservice z crypto dynamic-map z rap-wml z aaa ipv6 user add z crypto ipsec z rf arm-profile z aaa derivation-rules z crypto isakmp z router mobile z aaa derivation-rules z crypto map global-map z service z aaa profile z crypto-local z shutdown z aaa radius-attributes z destination z
Configuration Sub-modes Some config mode commands can enter you into a sub-mode with a limited number of available commands specific to that mode. When you are in a configuration sub-mode, the (config) that appears before the command prompt will change to indicate your current mode; e.g (config-if) for config-interface mode, and (config-tunnel) for config-tunnel mode. You can exit a sub-command mode and return to the basic configuration mode at any time by entering the exit command.