Reference Guide Dell Networking W-Series ArubaOS 6.5.
Copyright Information © Copyright 2016 Hewlett Packard Enterprise Development LP. Dell™, the DELL™ logo, and PowerConnect™ are trademarks of Dell Inc. All rights reserved. Specifications in this manual are subject to change without notice. Originated in the USA. All other trademarks are the property of their respective owners. Open Source Code This product includes code licensed under the GNU General Public License, the GNU Lesser General Public License, and/or certain other open source licenses.
Revision History The following table provides the revision history of this document. Table 1: Revision History Revision Change Description Revision 01 Dell Networking W-Series ArubaOS 6.5.x | Reference Guide Initial release.
The ArubaOS Command-Line Interface The Dell Networking W-Series ArubaOS 6.5.x command-line interface (CLI) allows you to configure and manage Dell controllers. The CLI is accessible from a local console connected to the serial port on the controllers or through a Telnet or Secure Shell (SSH) session from a remote management console or workstation. Telnet access is disabled by default.
Command Description show ucc dns-ip-learning This command displays the carrier’s evolved Packet Data Gateway (ePDG) IP address learned by the controller. This command is specific for Wi-Fi calling clients. show voice facetime This command displays the user configured pattern that is matched against the User-Agent field of the SIP messages to determine if the session is a Facetime session. show voice wificalling This command displays the Wi-Fi Calling ALG configuration on the controller.
Command Description ap wired-port-profile The portfast and portfast-trunk parameters are introduced. clear The port-security-error gigabitethernet // parameter is introduced. This clears the port-security error from a gigabit Ethernet IEEE 802.3 interface. copy The flash: parameter is introduced to copy files from an FTP server. web-server profile The excludes security headers is introduced to exclude security headers from HTTP response.
Command Description show ap arm history The Result column is introduced to the output of this command to indicate the status of the requested change in channel or EIRP by ARM. show ap debug port status The Portfast parameter is introduced. show ap port status The Portfast parameter is introduced. show ap regulatory-domainprofile The Valid 802.11a 160MHz channel group parameter is introduced.
Command show snmp trap-list Description The following parameters are introduced as part of the output of this command: l wlsxAPDown l wlsxAPUp show ucc call-info cdrs The WiFi-Calling application parameter is introduced. show ucc client-info The WiFi-Calling application parameter is introduced. show ucc statistics The WiFi-Calling application parameter is introduced. show web-server The Exclude Security Headers from HTTP Response parameter is introduced.
l Usage Guidelines—Information to help you use the command, including: prerequisites, prohibitions, and related commands. l Example—An example of how to use the command. l Command History—The version of ArubaOS in which the command was first introduced. Modifications and changes to the command are also noted. l Command Information—This table describes any licensing requirements, command modes and platforms for which this command is applicable.
(host) > User mode provides only limited access for basic operational testing such as running ping and traceroute. Certain management functions are available in enable (also called “privileged”) mode. To move from user mode to enable mode requires you to enter an additional password that you entered during the Initial Setup (the password displays as asterisks).
The indicates that the command can be entered without additional parameters. Any other parameters are optional. Command Completion To make command input easier, you can usually abbreviate each key word in the command. You need type only enough of each keyword to distinguish it from similar commands. For example: (host) # configure terminal could also be entered as: (host) # con t Three characters (con) represent the shortest abbreviation allowed for configure.
Both the startup and running configurations can also be saved to a file or sent to a TFTP server for backup or transfer to another system. Commands That Reset the Controller or AP If you use the CLI to modify a currently provisioned and running radio profile, those changes take place immediately; you do not reboot the controller or the AP for the changes to affect the current running configuration. Certain commands, however, automatically force the controller or AP to reboot.
Table 3: Text Conventions Type Style Description Italics This style is used to emphasize important terms and to mark the titles of books. Boldface This style is used to emphasize command names and parameter options when mentioned in the text. Commands This fixed-width font depicts command syntax and examples of commands and command output.
Table 4: Line Editing Keys Key Effect Description Ctrl A Home Move the cursor to the beginning of the line. Ctrl B or the left arrow Back Move the cursor one character left. Ctrl D Delete Right Delete the character to the right of the cursor. Ctrl E End Move the cursor to the end of the line. Ctrl F or the right arrow Forward Move the cursor one character right. Ctrl K Delete Right Delete all characters to the right of the cursor.
Table 5: Addresses and Identifiers Address/Identifier Description IP address For any command that requires entry of an IP address to specify a network entity, use IPv4 network address format in the conventional dotted decimal notation (for example, 10.4.1.258). Netmask address For subnet addresses, specify a netmask in dotted decimal notation (for example, 255.255.255.0).
Contacting Dell Table 6: Contact Information Web Site Support Main Website dell.com Contact Information dell.com/contactdell Support Website dell.com/support Documentation Website dell.com/support/manuals Dell Networking W-Series ArubaOS 6.5.
aaa auth-survivability aaa auth-survivability cache-lifetime enable server-cert Description This command configures Authentication Survivability on a controller. Syntax Parameter cache-lifetime Description This parameter specifies the lifetime in hours for the cached access credential in the local Survival Server. When the specified cache-lifetime expires, the cached access credential is deleted from the controller. Default 24 hours The valid range is from 1 to 72 hours.
Command Information Platforms W-7000 Series 18| aaa auth-survivability Licensing Base operating system Command Mode Enable or Config mode on controllers Dell Networking W-Series ArubaOS 6.5.
aaa authentication captive-portal aaa authentication captive-portal apple-cna-bypass auth-protocol mschapv2|pap|chap black-list clone default-guest-role default-role enable-welcome-page guest-logon ip-addr-in-redirection login-page logon-wait {cpu-threshold }|{maximum-delay }|{minimum-delay } logout-popup-window max-authentication-failures no ...
Parameter black-list Description Range Name of an existing black list on an IPv4 or IPv6 network destination. The black list contains websites (unauthenticated) that a guest cannot access. Default — — Specify a netdestination host or subnet to add that netdestination to the captive portal blacklist. If you have not yet defined a netdestination, use the CLI command netdestination to define a destination host or subnet before you add it to the blacklist.
Parameter logon-wait Description Range Default Configure parameters for the logon wait interval. 1-100 60% cpu-threshold CPU utilization percentage above which the logon wait interval is applied when presenting the user with the logon page. 1-100 60% maximum-delay Maximum time, in seconds, the user will have to wait for the logon page to pop up if the CPU load is high. This works in conjunction with the Logon wait CPU utilization threshold parameter.
Parameter Description Range Default server-group Name of the group of servers used to authenticate Captive Portal users. See aaa server-group on page 107. — — show-fqdn Allows the user to see and select the fully-qualified domain name (FQDN) on the login page. The FQDNs shown are specified when configuring individual servers for the server group used with captive portal authentication.
Parameter Description Range Default welcome-page URL of the page that appears after logon and before redirection to the web URL. This can be set to any URL. — /auth/welcome .html white-list Name of an existing white list on an IPv4 or IPv6 network destination. The white list contains authenticated websites that a guest can access.
Command Information Platforms All platforms 24| aaa authentication captive-portal Licensing Command Mode Base operating system, except for noted parameters Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
aaa authentication dot1x aaa authentication dot1x {|countermeasures} ca-cert cert-cn-lookup clear clone delete-keycache eapol-logoff enforce-suite-b-128 enforce-suite-b-192 framed-mtu heldstate-bypass-counter ignore-eap-id-match ignore-eapolstart-afterauthentication machine-authentication blacklist-on-failure|{cache-timeout }|enable| {machine-default-role }|{user-default-role } max-authentication-failures max-requests multi
Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters. — “default” clear Clear the Cached PMK, Role and VLAN entries. This command is available in enable mode only. — — countermeasures Scans for message integrity code (MIC) failures in traffic received from clients. If there are more than 2 MIC failures within 60 seconds, the AP is shut down for 60 seconds.
Parameter Description Range Default framed-mtu Sets the framed MTU attribute sent to the authentication server. 5001500 1100 heldstate-bypass-counter (This parameter is applicable when 802.1X authentication is terminated on the controller, also known as AAA FastConnect.
Parameter Description Range Default machine-default-role Default role assigned to the user after completing only machine authentication. — guest user-default-role Default role assigned to the user after 802.1X authentication. — guest max-authentication-failures Number of times a user can try to login with wrong credentials after which the user is blacklisted as a security threat.
Parameter reauthentication Description Select this option to force the client to do a 802.1X reauthentication after the expiration of the default timer for reauthentication. (The default value of the timer is 24 hours.) If the user fails to reauthenticate with valid credentials, the state of the user is cleared. Range Default — disabled — — If derivation rules are used to classify 802.1X-authenticated users, then the reauthentication timer per role overrides this setting.
Parameter Description Range Default enable-token -caching If you select EAP-GTC as the inner EAP method, you can enable the controller to cache the username and password of each authenticated user. The controller continues to reauthenticate users with the remote authentication server, however, if the authentication server is not available, the controller will inspect its cached credentials to reauthenticate users.
Parameter Description Range Default keycache-tmout Set the per BSSID PMKSA cache interval. Cache is deleted within 2 hours of the interval. 1-2000 (hours) 8 hours mkey-rotation-period Interval, in seconds, between multicast key rotation. 60864000 1800 seconds quiet-period Interval, in seconds, following failed authentication.
Parameter Description Range Default validate-pmkid This parameter instructs the controller to check the pairwise master key (PMK) ID sent by the client. When this option is enabled, the client must send a PMKID in the associate or reassociate frame to indicate that it supports OKC or PMK caching; otherwise, full 802.1X authentication takes place. (This feature is optional, since most clients that support OKC and PMK caching do not send the PMKID in their association request.
Examples The following example enables authentication of the user’s client device before user authentication. If machine authentication fails but user authentication succeeds, the user is assigned the restricted “guest” role: aaa authentication dot1x dot1x machine-authentication enable machine-authentication machine-default-role computer machine-authentication user-default-role guest The following example configures an 802.
aaa authentication mac aaa authentication mac case upper|lower clone delimiter {colon|dash|none} max-authentication-failures no ... reauthentication timer reauth period {|server} Description This command configures the MAC authentication profile. Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters.
denying access to all other devices. Users may be required to authenticate themselves using other methods, depending upon the network privileges. Example The following example configures a MAC authentication profile to blacklist client devices that fail to authenticate. aaa authentication mac mac-blacklist max-authentication-failures 3 Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3.1.8 The max-authentication-failures parameter was allowed in the base operating system.
aaa authentication mgmt aaa authentication mgmt default-role {guest-provisioning|location-api-mgmt|network-operations|no-access|readonly|root} enable no ... server-group Description This command configures authentication for administrative users.
Example The following example configures a management authentication profile that authenticates users against the controller’s internal database. Users who are successfully authenticated are assigned the read-only role. aaa authentication mgmt default-role read-only server-group internal Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 The network-operations role was introduced. ArubaOS 3.3 The location-api-mgmt role was introduced.
aaa authentication-server internal aaa authentication-server internal use-local-switch Description This command specifies that the internal database on a local controller be used for authenticating clients. Usage Guidelines By default, the internal database in the master controller is used for authentication. This command directs authentication to the internal database on the local controller where you run the command. Command History This command was available in ArubaOS 3.0.
aaa authentication-server ldap aaa authentication-server ldap admin-dn admin-passwd allow-cleartext authport base-dn clone enable filter host key-attribute max-connection no ... preferred-conn-type ldap-s|start-tls|clear-text timeout Description This command configures an LDAP server. Starting with ArubaOS 6.4, a maximum of 128 LDAP servers can be configured on the controller.
Parameter Description Range Default clone Name of an existing LDAP server configuration from which parameter values are copied. — enable Enables the LDAP server. — filter Filter that should be applied to search of the user in the LDAP database. The default filter string is (objectclass=*). — (objectclass=*) host IP address of the LDAP server, in dotteddecimal format.
host 10.1.1.243 base-dn cn=Users,dc=1m,dc=corp,dc=com admin-dn cn=corp,cn=Users,dc=1m,dc=corp,dc=com admin-passwd abc10 key-attribute sAMAccountName filter (objectclass=*) enable Command History This command was available in ArubaOS 3.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
aaa authentication-server radius aaa authentication-server radius acctport authport called-station-id type {ap-group | ap-macaddr | ap-name | ipaddr | macaddr | vlan-id} [delimiter {colon | dash | none}] [include-ssid {enable |disable}] clone cppm username password enable enable-ipv6 enable-radsec host | key mac-delimiter [colon | dash | none | oui-nic] mac-lowercase nas-identifier nas-ip nas-ip6
Parameter Description Range Default The called-station-id parameter can be configured to include AP group, AP MAC address, AP name, controller IP, controller MAC address, or user vlan. The default value is controller MAC address. clone Name of an existing RADIUS server configuration from which parameter values are copied. — — cppm username password Configure the CPPM username and password.
Parameter Description Range Default — none mac-delimiter [colon | dash | none | oui-nic] Send MAC address with userdefined delimiter. mac-lowercase Send MAC addresses as lowercase. — — nas-identifier Network Access Server (NAS) identifier to use in RADIUS packets. — — nas-ip The NAS IP address to be sent in RADIUS packets from that server.
Parameter Description service-type-framed-user Send the service-type as FRAMED-USER instead of LOGINUSER. This option is disabled by default source-interface vlan ip6addr This option associates a VLAN interface with the RADIUS server to allow the server-specific source interface to override the global configuration.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.0 RADIUS server can be identified by its qualified domain name (FQDN). ArubaOS 6.1 The source-interface parameter was added. ArubaOS 6.3 l The mac-delimiter parameter was introduced. l The enable-ipv6 and nas-ip6 parameters were introduced. An IPv6 host address can be specified for the host parameter. l The ipv6 addr parameter was added. ArubaOS 6.4 The called-station-id parameter was introduced. ArubaOS 6.4.2.
aaa authentication-server tacacs aaa authentication-server tacacs clone enable host key no ... retransmit session-authorization tcp-port timeout Description This command configures a TACACS+ server. Starting with ArubaOS 6.4, a maximum of 128 TACACS servers can be configured on the controller. Syntax Parameter Description Range Default Name that identifies the server.
Usage Guidelines You configure a server before you can add it to one or more server groups. You create a server group for a specific type of authentication (see aaa server-group on page 107). Example The following command configures, enables a TACACS+ server and enables session authorization: aaa authentication-server tacacs tacacs1 clone default host 10.1.1.245 key qwERtyuIOp enable session-authorization Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.
aaa authentication-server windows aaa authentication-server windows clone
aaa authentication stateful-dot1x aaa authentication stateful-dot1x default-role enable no ... server-group timeout Description This command configures 802.1X authentication for clients on non-Dell APs. Syntax Parameter default-role Description Role assigned to the 802.1X user upon login. Range Default — guest NOTE: The PEFNG license must be installed. enable Enables 802.1X authentication for clients on non-Dell APs. Use no enable to disable stateful 8021.
Command Information Platforms All platforms 51| aaa authentication stateful-dot1x Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
aaa authentication stateful-dot1x clear aaa authentication stateful-dot1x clear Description This command clears automatically-created control path entries for 802.1X users on non-Dell APs. Syntax No parameters. Usage Guidelines Run this command after changing the configuration of a RADIUS server in the server group configured with the aaa authentication stateful-dot1x command. This causes entries for the users to be created in the control path with the updated configuration information.
aaa authentication stateful-kerberos aaa authentication stateful-kerberos clone default-role enable server-group timeout Description This command configures stateful Kerberos authentication. Syntax Parameter Description Range Default clone Create a copy of an existing stateful Kerberos profile — — default-role Select an existing role to assign to authenticated users. — guest server-group Name of a server group.
aaa authentication stateful-ntlm aaa authentication stateful-ntlm clone default-role enable server-group timeout Description This command configures stateful NT LAN Manager (NTLM) authentication. Syntax Parameter Description Range Default clone Create a copy of an existing stateful NTLM profile — — default-role Select an existing role to assign to authenticated users. — guest no Negates any configured parameter.
Command History Command introduced in ArubaOS 3.4.1 Command Information Platforms All platforms 55| aaa authentication stateful-ntlm Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
aaa authentication via auth-profile aaa authentication via auth-profile auth-protocol {mschapv2|pap} cert-cn-lookup clone default-role desc max-authentication-failures no pan-integration radius-accounting rfc-3576-server server-group Description This command configures the VIA authentication profile.
Parameter Description Default max-authentication-failures Number of times VIA will prompt user to login due to incorrect credentials. After the maximum authenticati on attempts failures VIA will exit. pan-integration Requires IP mapping at Palo Alto Network. - radius-accounting Server group for RADIUS accounting. - rfc-3576-server Configures the RFC 3576 server.
Command History Version Description ArubaOS 5.0 Command introduced. ArubaOS 6.3 The auth-protocol parameter was added. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
aaa authentication via connection-profile aaa authentication via connection-profile admin-logoff-script admin-logon-script allow-user-disconnect allow-whitelist-traffic auth_domain_suffix auth-profile auth_doman_suffix auto-launch-supplicant auto-login auto-upgrade banner-message-reappear-timeout client-logging client-netmask client-wlan-profile position clone controllers-load-balance csec-gateway-url csec-http-ports
Syntax Parameter Description Default admin-logoff-script Enables VIA logoff script. Disabled admin-logon-script Enables VIA logon script. Disabled allow-user-disconnect Enable or disable users to disconnect their VIA sessions. Enabled allow-whitelist-traffic If enabled, this feature will block network access until the VIA VPN connection is established. Disabled auth_domain_suffix Enables a domain suffix on VIA Authentication, so client credentials are sent as domainname\username instead of j
Parameter auto-upgrade banner-message-reappear-timeout Description Enable or disable VIA client to automatically upgrade when an updated version of the client is available on the controller. Timeout value, in minutes, after which the user session will end and the VIA Login banner message reappears. Default Enabled 1440 minutes client-logging Enable or disable VIA client to auto login and establish a secure connection to the controller.
Parameter server Description l addr l internal-ip desc l Address: This is the public IP address or the DNS hostname of the VIA controller. Users will connect to remote server using this IP address or the hostname. Internal IP Address: This is the IP address of any of the VLAN interface IP addresses belongs to this controller. Description: This is a human-readable description of the controller.
Parameter Description Default enable-fips Enable the VIA (Federal Information Processing Standard) FIPS module so VIA checks for FIPS compliance during startup. Disabled enable-supplicant If enabled, VIA starts in bSec mode using L2 suite-b cryptography. This option is disabled by default. Disabled ext-download-url End users will use this URL to download VIA on their computers.
Parameter Description Default user configured settings. max-reconnect-attempts The maximum number of re-connection attempts by the VIA client due to authentication failures. 3 max-timeout value The maximum time (minutes) allowed before the VIA session is disconnected. 1440 min minimized Use this option to keep the VIA client on a Microsoft WIndows operating system minimized to system tray.
Parameter Description support-email The support e-mail address to which VIA users will send client logs. tunnel address
A list of network destination (IP address and netmask) that the VIA client will tunnel through the controller. All other network destinations will be reachable directly by the VIA client. Enter tunneled IP address and its netmask. address netmask Default None — — — user-idle-timeout The user idle timeout for this profile.Usage Guidelines Issue this command to create a VIA connection profile. A VIA connection profile contains settings required by VIA to establish a secure connection to the controller. You can configure multiple VIA connection profiles. A VIA connection profile is always associated to a user role and all users belonging to that role will use the configured settings. If you do not assign a VIA connection profile to a user role, the default connection profile is used.
Release ArubaOS 6.2 Modification The following commands were introduced: l allow-whitelist-traffic l banner-message-reappear-timeout l controllers-load-balancing l enable-fips l enable-supplicant l whitelist ArubaOS 6.3 The user-idle-timeout parameter was introduced. ArubaOS 6.5 The ocsp-responder enable sub-command was introduced. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
aaa authentication via global-config aaa authentication via global-config no ssl-fallback-enable Description The global config option allows to you to enable SSL fallback mode. If the SSL fallback mode is enabled the VIA client will use SSL to create a secure connection. Syntax Parameter Description Default no Disable SSL fallback option ssl-fallback-enable Use this option to enable an SSL fallback connection.
aaa authentication via web-auth aaa authentication via web-auth default auth-profile position clone no Description A VIA web authentication profile contains an ordered list of VIA authentication profiles. The web authentication profile is used by end users to login to the VIA download page (https:///via) for downloading the VIA client. Only one VIA web authentication profile is available.
aaa authentication vpn aaa authentication vpn cert-cn-lookup clone default-role export-route max-authentication-failures no ... pan-integration radius-accounting server-group user-idle-timeout Description This command configures VPN authentication settings. Syntax Parameter Description Default There are three VPN profiles: default, default-rap or default-cap. — This allows users to use different AAA servers for VPN, RAP and CAP clients.
Parameter max-authentication-failures Description Maximum number of authentication failures before the user is blacklisted. The supported range is 1-10 failures. A value of 0 disables blacklisting. Default 0 (disabled) NOTE: This parameter requires the RFProtect license. no Negates any configured parameter. — pan-integration Require IP mapping at Palo Alto Networks firewalls.
(host)(config) #vpdn group l2tp enable client dns 101.1.1.245 (host)(config) #ip local pool sc-clients 10.1.1.1 10.1.1.
Command Information Platforms All platforms Licensing Command Mode Base operating system, except for noted parameters. Config mode on master controllers The default-role parameter requires the Policy Enforcement Firewall for VPN Users (PEFV) license. 73| aaa authentication vpn Dell Networking W-Series ArubaOS 6.5.
aaa authentication wired aaa authentication wired no ... profile Description This command configures authentication for a client device that is directly connected to a port on the controller. Syntax Parameter Description no Negates any configured parameter. profile Name of the AAA profile that applies to wired authentication. This profile must be configured for a Layer-2 authentication, either 802.1X or MAC. See aaa profile on page 96.
aaa authentication wispr aaa authentication wispr agent string clone default-role logon-wait {cpu-threshold }|{maximum-delay }|{minimum-delay } no ...
Parameter Description maximum-delay If the controller’s CPU utilization has surpassed the CPU-threshold value, the maximum-delay parameter defines the minimum number of seconds a user will have to wait to retry a login attempt. Range: 1-10 seconds. Default: 10 seconds. minimum-delay If the controller’s CPU utilization has surpassed the CPU-threshold value, the minimum-delay parameter defines the minimum number of seconds a user will have to wait to retry a login attempt.
ArubaOS supports the following smart clients, which enable client authentication and roaming between hotspots by embedding iPass Generic Interface Specification (GIS) redirect, proxy, authentication and logoff messages within HTLM messages to the controller. l iPass l Bongo l Trustive l weRoam l AT&T A WISPr authentication profile includes parameters to define RADIUS attributes, the default role for authenticated WISPr users, maximum numbers of authenticated failures and logon wait times.
aaa bandwidth-contract aaa bandwidth-contract {kbits |mbits } Description This command configures a bandwidth contract. Syntax Parameter Description Range Name that identifies this bandwidth contract. — kbits Limit the traffic rate for this bandwidth contract to a specified number of kilobits per second. 256-2000000 mbits Limit the traffic rate for this bandwidth contract to a specified number of megabits per second.
(host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (host) (config) #aaa bandwidth-contract dw-10m-1 mbits 10 (config) #aaa bandwidth-contract dw-20m-1 mbits 20 (config) #aaa bandwidth-contract dw-50m-1 mbits 50 (config) #aaa bandwidth-contract dw-100m-1 mbits 100 (config) #aaa bandwidth-contract dw-500m-1 mbits 500 (config) #aaa bandwidth-contract dw-1000m-1 mbits 1000 (config)
aaa derivation-rules aaa derivation-rules user no ... set {aaa-profile|role|vlan} condition set-value {|} [description ][position ] Description This command configures rules which assigns a AAA profile, user role or VLAN to a client based upon the client’s association with an AP. A user role cannot be assigned by an AAA derivation rule unless the controller has an installed PEFNG license.
Parameter Description l starts-with: Check if attribute starts with the string in the parameter. set-value | Specify the user role or VLAN ID to be assigned to the client if the above condition is met. description Describes the user derivation rule. This parameter is optional and has a 128 character maximum. position Position of this rule relative to other rules that are configured.
Rule Type Condition Value l essid: Assign client to a role or VLAN based upon the ESSID to which the client is associated location: Assign client to a role or VLAN based upon the ESSID to which the client is associated macaddr: MAC address of the client One of the following: l contains l ends with l equals l does not equal l starts with l value of (does not take string; attribute value is used as role) One of the following: l equals l does not equal One of the following: l contains l
To identify DHCP strings used by an individual device, access the command-line interface in config mode and issue the following command to include DHCP option values for DHCP-DISCOVER and DHCP-REQUEST frames in the controller’s log files: logging level debugging network process dhcpd Now, connect the device you want to identify to the network, and issue the CLI command show log network. The sample below is an example of the output that may be generated by this command.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.0 Description parameter was introduced. ArubaOS 6.1 DHCP-Option rule type was introduced. Command Information Platforms All platforms Licensing Base operating system. The PEFNG license must be installed for a user role to be assigned. Dell Networking W-Series ArubaOS 6.5.
aaa dns-query-interval aaa dns-query-interval Description Configure how often the controller should generate a DNS request to cache the IP address for a RADIUS server identified via its fully qualified domain name (FQDN). Syntax Parameter Description Specify, in minutes, the interval between DNS requests sent from the controller to the DNS server. By default, DNS requests are sent every 15 minutes.
aaa inservice aaa inservice Description This command designates an “out of service” authentication server to be “in service”. Syntax Parameter Description Server group to which this server is assigned. Name of the configured authentication server.
aaa ipv6 user add aaa ipv6 user add authentication-method {dot1x|stateful-dot1x} mac name profile role Description This command manually assigns a user role or other values to a specified IPv6 client. Syntax Parameter Description IPv6 address of the user to be added. authentication-method Authentication method for the client. dot1x 802.1X authentication. stateful-dot1x Stateful 802.1X authentication.
session-acl ipv6-log-https In enable mode: aaa ipv6 user add 2002:d81f:f9f0:1000:e409:9331:1d27:ef44 role ipv6-web-debug Command History This command was available in ArubaOS 3.3. Command Information Platforms All platforms 88| aaa ipv6 user add Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
aaa ipv6 user clear-sessions aaa ipv6 user clear-sessions Description This command clears ongoing sessions for the specified IPv6 client. Syntax Parameter Description IPv6 address of the client. Usage Guidelines This command clears any ongoing sessions that the client already had before being assigned a role with the aaa ipv6 user add command.
aaa ipv6 user delete aaa ipv6 user delete {|all|mac |name |role } Description This command deletes IPv6 clients, users, or roles. Syntax Parameter Description IPv6 address of the client to be deleted. all Deletes all connected IPv6 clients. mac MAC address of the IPv6 client to be deleted. name Name of the IPv6 client to be deleted. role Role of the IPv6 client to be deleted.
aaa ipv6 user logout aaa ipv6 user logout Description This command logs out an IPv6 client. Syntax Parameter Description IPv6 address of the client to be logged out. Usage Guidelines This command logs out an authenticated IPv6 client. The client must reauthenticate. Example The following command logs out an IPv6 client: aaa user logout 2002:d81f:f9f0:1000:e409:9331:1d27:ef44 Command History This command was available in ArubaOS 3.3.
aaa log [no] aaa log Description Enable per-user log files for AAA events. Syntax No parameters Usage Guidelines By default, logging is always enabled. Issue the no aaa log command to disable per-user logging and reenable it again using the command aaa log. Controllers support 1KB of log files per user for up to 32,000 users. Example The example below enables per-user AAA log files. (host)(config) #aaa log Command History This command was introduced in ArubaOS 6.3.
aaa password-policy mgmt aaa password-policy mgmt enable no password-lock-out password-lock-out-time password-max-character-repeat. password-min-digit password-min-length password-min-lowercase-characters password-min-special-character password-min-special-character password-min-uppercase-characters password-not-username Description Define a policy for creating management user passwords.
Parameter password-min-digit Description The minimum number of numeric digits required in a management user password. Range: 0-10 digits. By default, there is no requirement for numerical digits in a password, and the parameter has a default value of 0. password-min-length The minimum number of characters required for a management user password Range: 6-64 characters. Default: 6. password-min-lowercasecharacters The minimum number of lowercase characters required in a management user password.
Related Commands Command Description show aaa password-policy mgmt Mode Use show aaa password-policy mgmt to show the current management password policy Enable mode Command History This command was available in ArubaOS 5.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
aaa profile aaa profile authentication-dot1x authentication-mac clone devtype-classification dot1x-default-role dot1x-server-group download-role enforce-dhcp initial-role l2-auth-fail-through mac-default-role mac-server-group max-ip ipv4 wireless multiple-server-accounting no ...
Parameter Description Default devtype-classification The device identification feature can automatically identify different client device types and operating systems by parsing the User-Agent strings in a client’s HTTP packets. When the devtype-classification parameter is enabled, the output of the show user and show user-table commands shows each client’s device type, if that client device can be identified. enabled dot1x-default-role Configured role assigned to the client after 802.
Parameter Description Default Range: 1-32 WARNING: Increasing the max-ip limit may prevent the system from scaling to maximum users on all master/local controllers. For more information, refer to Usage Guidelines for max-ip ipv4 wireless on page 100. multiple-server-accounting If enabled, the controller sends RADIUS accounting to all servers in RADIUS accounting server group. disabled no Negates any configured parameter.
Parameter Description Default user-derivation-rules User attribute profile from which the user role or VLAN is derived. — user-idle-timeout The user idle timeout for this profile. Specify the idle timeout value for the client in seconds. Valid range is 30-15300 in multiples of 30 seconds. A value of 0 deletes the user immediately after disassociation from the wireless network. Enabling this option overrides the global settings configured in the AAA timers.
Parameter default-dot1x defaultmac-auth defaultopen mac-server-group default default default radius-accounting N/A N/A N/A rfc-3576-server N/A N/A N/A user-derivation-rules N/A N/A N/A wired-to-wireless roam enabled enabled enabled Usage Guidelines for max-ip ipv4 wireless Changing the max-ip ipv4 wireless parameter from the default value is recommended for special deployments.
Version Description ArubaOS 6.4 The multiple-server-accounting and download-role parameters were introduced. ArubaOS 6.4.3.0 The max-ip and open ssid radius accounting parameters were introduced. ArubaOS 6.5.0.0 The username-from-dhcp-opt12 parameter was introduced. Command Information Platforms All platforms 101| aaa profile Licensing Command Mode Base operating system, except for noted parameters Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
aaa query-user aaa query-user Description Troubleshoot an LDAP authentication failure by verifying that the user exists in the ldap server database. Syntax Parameter Description Name of an LDAP server. Name of a user whose LDAP record you want to view.
Command History This command was available in ArubaOS 3.0. Command Information Platforms All platforms 103| aaa query-user Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
aaa radius-attributes aaa radius-attributes add {date|integer|ipaddr|string} [vendor ] Description This command configures RADIUS attributes for use with server derivation rules. Syntax Parameter Description add Adds the specified attribute name (alphanumeric string), associated attribute ID (integer), and type (date, integer, IP address, or string). date Adds a date attribute. integer Adds a integer attribute.
aaa rfc-3576-server aaa rfc-3576-server clone key no ... Description This command configures a RADIUS server that can send user disconnect, session timeout, and change-ofauthorization (CoA) messages, as described in RFC 3576, “Dynamic Authorization Extensions to Remote Dial In User Service (RADIUS)”. Syntax Parameter Description IP address of the server. clone Name of an existing RFC 3576 server configuration from which parameter values are copied.
Related Commands Command Description aaa profilerfc-3576-server Associate an RFC-3576 server to a AAA profile. show aaa state user View information for a user whose session timeout is altered by a RFC 3576 server. Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 6.3 Introduced support for session timeout messages from the RFC 3576 server.
aaa server-group aaa server-group allow-fail-through auth-server [match-authstring contains|equals|starts-with ] [match] [position ] [trim-fqdn] clone load-balance no ...
Parameter Description Default equals The rule matches if the user/client information exactly matches the specified string. — starts-with The rule matches if the user/client information starts with the specified string. — match-fqdn This option associates the authentication server with a specified domain.
Parameter Description Default equals The rule is applied if and only if the attribute value equals the specified string. — not-equals The rule is applied if and only if the attribute value is not equal to the specified string. — starts-with The rule is applied if and only if the attribute value begins with the specified string. — set-value User role or VLAN applied to the client when the rule is matched. — value-of Sets the user role or VLAN to the value of the attribute returned.
Command Information Platforms All platforms 110| aaa server-group Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
aaa tacacs-accounting aaa tacacs-accounting server-group command {action|all|configuration|show} mode {enable|disable} Description This command configures reporting of commands issued on the controller to a TACACS+ server group. Syntax Parameter Description Range Default server-group The TACACS server group to which the reporting is sent. — — command The types of commands that are reported to the TACACS server group. — — action Reports action commands only.
| aaa tacacs-accounting Dell Networking W-Series ArubaOS 6.5.
aaa test-server aaa test-server {mschapv2|pap} Description This command tests a configured authentication server. Syntax Parameter Description mschapv2 Use MSCHAPv2 authentication protocol. pap Use PAP authentication protocol. Name of the configured authentication server. Username to use to test the authentication server. Password to use to test the authentication server.
aaa timers aaa timers dead-time idle-timeout
Parameter stats-timeout Description Range User Interim stats timeout value. If the secondssparameter is not specified, the value defaults to minutes. 5-10 minutes ( 300 to 600 second s) Default 10 minutes (600 seconds) Usage Guidelines These parameters can be left at their default values for most implementations.
aaa trusted-ap aaa trusted-ap Description This command configures a trusted non-Dell AP. Syntax Parameter Description MAC address of the AP Usage Guidelines This command configures a non-Dell AP as a trusted AP. Example The following command configures a trusted non-Dell AP: aaa trusted-ap 00:40:96:4d:07:6e Command History This command was available in ArubaOS 3.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
aaa user add aaa user add [] [authentication-method {dot1x|mac|stateful-dot1x|vpn| web}] [mac-addr ] [name ] [profile ] [role ] Description This command manually assigns a user role or other values to a specified client or device. Syntax Parameter Description IP address of the user to be added. Number of users to create starting with . authentication-method Authentication method for the user. dot1x 802.
Example The following commands create a role that logs HTTPS traffic, then assign the role to a specific client: ip access-list session log-https any any svc-https permit log user-role web-debug session-acl log-https In enable mode: aaa user add 10.1.1.236 role web-debug Command History This command was available in ArubaOS 3.0.
aaa user clear-sessions aaa user clear-sessions Description This command clears ongoing sessions for the specified client. Syntax Parameter Description IP address of the user. Usage Guidelines This command clears any ongoing sessions that the client already had before being assigned a role with the aaa user add command. Example The following command clears ongoing sessions for a client: aaa user clear-sessions 10.1.1.236 Command History This command was available in ArubaOS 3.0.
aaa user delete aaa user delete {|all|mac |name |role } Description This command deletes clients, users, or roles. Syntax Parameter Description IP address of the client to be deleted. all Deletes all connected clients. mac MAC address of the client to be deleted. name Name of the client to be deleted. role Role of the client to be deleted. Usage Guidelines This command allows you to manually delete clients, users, or roles.
aaa user fast-age aaa user fast-age Description This command enables fast aging of user table entries. Syntax No parameters. Usage Guidelines When this feature is enabled, if a device comes up on the network with a different IP address, the device's old IP address is immediately deleted. If the user fast-age feature is not configured, the controller retains up to two IPv4 and two IPv6 addresses per device , and these IPs are aged out only when the device becomes inactive.
aaa user logout aaa user logout Description This command logs out a client. Syntax Parameter Description IP address of the client to be logged out. Usage Guidelines This command logs out an authenticated client. The client must reauthenticate. Example The following command logs out a client: aaa user logout 10.1.1.236 Command History This command was available in ArubaOS 3.0.
aaa user monitor aaa user monitor |off Description This command checks to see whether an authenticated user's attributes differ from those in the SOS. Syntax Parameter off Description IP address of the user whose attributes are being checked.
aaa user purge-log aaa user purge-log Description This clear aaa user log files Syntax No parameters Usage Guidelines Per-user log files for AAA events can be used for troubleshooting issues with a specific client or device. This command clears log information for deleted users. Example aaa user purge log Command History This command was available in ArubaOS 6.3 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
aaa user stats-poll aaa user stats-poll Description This command enables user statistics polling. If enabled, ArubaOS will poll user data verify that user information in the controller datapath is in synchronization with the data in the controller's authentication module. Syntax Parameter Description This command enables user statistics polling, and defines the time interval between polls. The supported range is 60-600 seconds.
aaa xml-api aaa xml-api server clone default-authentication-role key no ... Description This command configures an external XML API server. Syntax Parameter Description server IP address of the external XML API server. clone Name of an existing XML API server configuration from which parameter values are copied. key Preshared key to authenticate communication between the controller and the XML API server.
| aaa xml-api Dell Networking W-Series ArubaOS 6.5.
activate activate sync|{whitelist download} Description This command synchronizes a branch controller whitelist or remote AP whitelist on the controller with the Activate whitelist database. Syntax Parameter Description sync Execute the activate sync command to immediately synchronize the list of branch controllers on the Activate server with the branch controller whitelist on the master controller. By default, this list is synchronized every hour.
Command Information Platforms All platforms 129| activate Licensing Base operating system Command Mode Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
activate-service-whitelist activate-service-whitelist add-only interval no ... password whitelist-enable Description This command configures the profile that allows the controller to integrate with the Dell Activate cloud-based services to track, provision and update your remote APs. Syntax Parameter Description add-only Allow only addition or modification of entries to the Activate remote AP whitelist database. This parameter is enabled by default.
Command History This command was introduced in ArubaOS 6.3 Command Information Platforms All platforms 131| activate-service-whitelist Licensing Base operating system Command Mode Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
add ap arm client-match unsupported add ap arm client-match unsupported Description This command marks a station as unsupported by the Client Match feature. Syntax Parameter Description MAC address of the station to be ignored by Client Match. Usage Guidelines This is an internal command used to diagnose and debug client match issues, and should be used only under the supervision of customer support. Command History This command was available in ArubaOS 6.
adp adp discovery {disable|enable} igmp-join {disable|enable} igmp-vlan Description This command configures the Aruba Discovery Protocol (ADP). Syntax Parameter Description Range Default discovery Enables or disables ADP on the controller. enabled/ disabled enabled igmp-join Enables or disables sending of Internet Group Management Protocol (IGMP) join requests from the controllers. enabled/ disabled enabled igmp-vlan VLAN to which IGMP reports are sent.
airgroup airgroup server-refresh test-server active-domain active-wireless-discovery {disable|enable} cppm-server {aaa {no|rfc-3576-server |rfc3576_udp_port |server-dead-time |server-group }|enforceregistration|query-interval <1..
Parameter Description Range Default If wireless discovery is disabled, the controller sends refresh requests to wired AirGroup servers only. This parameter is available on the master controller only. The master controller pushes this AirGroup configuration to all the applicable local controllers. NOTE: This parameter is available only in Config mode.
Parameter Description Range Default queryinterval : 1 — 24 hours disable Disables AirGroup on the controller. — — — disable — — — — 15 — 15000 150 — disable NOTE: This parameter is available only in Config mode. dlna {disable|enable} Disables/Enables AirGroup DLNA support on the controller. NOTE: This parameter is available only in Config mode. domain Configures the AirGroup domain. This parameter is available on the master controller only.
Parameter location-discovery {disable|enable} Description Range Disables/Enables location discovery. Default — enable — disable — — — Services enabled by default: If enabled, an AirGroup user can see shared devices based on the proximity of the user. This parameter is available on the master controller only. The master controller pushes this AirGroup configuration to all the applicable local controllers. NOTE: This parameter is available only in Config mode.
Parameter Description Range Default Services disabled by default: static Configures static mDNS record. For more information, see airgroup static mdns-record on page 142 l iTunes l RemoteMgmt l Sharing l Chat l googlecast l allowall l DLNA Media l DLNA Print — — 1— 4049 — NOTE: This parameter is available only in Config mode. vlan {allow|disallow} Configures allowed/disallowed VLAN ID. NOTE: This parameter is available only in Config mode.
Related Commands Command show airgroup Description This command displays AirGroup global settings, domain, active-domain, and more AirGroup configuration information on the controller. Command History Release Modification ArubaOS 6.3 Command introduced. ArubaOS 6.4 The static parameter was introduced. ArubaOS 6.4.1.0 l The Chromecast service was renamed to DIAL. l The googlecast service was introduced. ArubaOS 6.4.3.0 The policy parameter was introduced.
airgroupservice airgroupservice autoassociate {apfqln|apgroup|apname} description disallow-role disallow-vlan <1..4094> id no Description This command defines an AirGroup service on the master controller. The master controller pushes this AirGroup configuration to all the applicable local controllers. Syntax Parameter Description Range Default airgroupservice Name of the AirGroup service.
Example The following example configures the iPhoto service with access to the _dpap._tcp service ID to share photos across MacBooks: (host) (config) #airgroupservice iPhoto (host) (config-airgroupservice) #description "Share Photos" (host) (config-airgroupservice) #id _dpap._tcp Related Commands Command show airgroupservice Description This command displays the service details of all AirGroup services in the controller. Command History: Release Modification ArubaOS 6.3 Command introduced. ArubaOS 6.
airgroup static mdns-record airgroup static mdns-record ptr [server_ipaddr] srv a aaaa txt no… Description This command configures group static mDNS records. Syntax Parameter Description Range Default ptr Specifies the PTR (Pointer) record that is used for DNS-Service Discovery — — Mac_addr MAC address of the server.
Parameter Description Range Default a Specifies the A (Address) record that is used for mapping a Domain Name System (DNS) domain name to an IP address that is used by a host. — — ipv4addr IPv4 address of the server. — — aaaa Specifies the AAAA (IPv6 address) record. This is used for mapping host names to an IP address of the host. — — ipv6addr IPv6 address of the server. — — text Specifies the TEXT record for human-readable text in a DNS record.
After creating a PTR, SRV, TXT, A, and AAAA static record, you can use the show airgroup cache entries command to view and verify the records created. You can view only the static records in the output of the show airgroup cache entries static command. The following example creates a PTR record: (host) (config) #airgroup static mdns-record ptr 9c:20:7b:cd:ec:41 "_airplay._tcp" "Apple TV ( 9)._airplay._tcp.local" 10.15.121.
Creating an AAAA Record Use the following command to create an AAAA record: (config-airgroup-record) #aaaa You can create/delete an AAAA record if a corresponding SRV record is available.
------------Name Type Class TTL Origin Expiry Last Update ---- ---- ----- --- ------ ------ ----------_airplay._tcp.local PTR IN 4500 10.15.121.240 static N/A 9C207BCDEC41@Apple TV mbabu._raop._tcp.local SRV/NBSTAT IN 120 10.15.121.
Apple TV mbabu (4)._airplay._tcp.local TXT IN 4500 10.15.121.240 static N/A Apple-TV-mbabu-4.local A IN 120 10.15.121.240 static N/A Apple-TV-mbabu-4.local AAAA IN 120 10.15.121.240 static N/A Num Cache Entries:5 You can delete the mDNS records by appending no at the beginning of the command. Ensure that the [server_ ipaddr] parameter is not added while deleting mDNS records. Command History Release ArubaOS 6.4 Modification Command introduced.
am am scan [bssid ] am test {suspect-rap bssid match-type match-method |wired-mac {add|remove {bssid |enet-mac } mac } Description These commands enable channel scanning or testing for the specified air monitor. Syntax Parameter Description Range scan IP address of the air monitor to be scanned. — Channel to which the scanning is tuned. Set to 0 to enable scanning of all channels.
Command History: Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3.1 Support for the wired-mac and associated parameters was introduced. Command Information Platforms All platforms 149| am Licensing Base operating system Command Mode Enable and Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
amon msg-buffer-size amon msg-buffer-size Description This command modifies the size of AMON packets on the controller. Syntax Parameter Description Range This command modifies the size of AMON packets on the controller. 1280-40960 bytes Default 1400 bytes Example The following command caps the AMON message size at 1500 bytes: (host)(config) #amon msg-buffer-size 1500 Command History Version ArubaOS 6.4.3.0 Description Command introduced.
ap authorization-profile ap authorization-profile authorization-group Description This command defines a temporary configuration profile for remote APs that are not yet authorized on the network. Syntax Parameter Description Range Default authorization-profile Name of this instance of the profile. The name must be 163 characters. — “default” authorization-group Name of a configuration profile to be assigned to the group unauthorized remote APs.
Command Information Platforms Available on all platforms 152| ap authorization-profile Licensing Base operating system Command Mode Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
ap consolidated-provision info ap consolidated-provision info Description This command generates the consolidated provision details of all APs. Syntax Parameter info Description Get consolidated provision information for all APs and store it in the ap_ provision_info.txt file. Usage Guidelines This command is executed from the controller CLI to get the consolidated provisioning details of all APs. This feature is especially useful while upgrading from ArubaOS 6.x to ArubaOS 8.0.
ap-crash-transfer ap-crash-transfer Description This command allows AP coredump files to be transferred he controller flash memory if no dumpserver is configured. Syntax No Parameters Usage Guidelines The command ap system-profile dump-server specifies a server to receive a core dump generated when an AP process crashes. If no dump server is configured, issue the ap-crash-transfer command to save dump files to the controller flash memory.
ap debug advanced-stats ap debug advanced-stats {ap-name }|{ ip-addr }|{ ip6-addr } {net80211}|{radio 1|0} enable|disable Description Issue this command under the supervision of Dell technical support to enable the collection and display of advanced AP debugging information. Syntax Parameter Description ap-name Name of the AP for which you want to record advanced debugging information.
ap debug client-trace start ap debug client-trace start {ap-name }|{ip-addr }|{ip6-addr } mac [length-range |[length-range } Description Use this command to trace management packets from a client MAC address. Syntax Parameter Description ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP. mac MAC address of the client.. length-range data packet max length.
ap debug client-trace stop ap debug client-trace stop {ap-name }|{ip-addr }|{ip6-addr } mac Description Use this command to stop tracing management packets from a client MAC address. Syntax Parameter Description ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP. mac MAC address of the client..
ap debug dot 11r remove-key ap debug dot 11r remove-key [ap-name | ip-addr ] Description This command removes the r1 key from an AP. Syntax Parameter Description MAC address of the client. ap-name Name of the AP. ip-addr IP address of the AP. Usage Guidelines Use this command to remove an r1 key from an AP when the AP does not have a cached r1 key during Fast BSS Transition roaming.
ap debug radio-event-log ap debug radio-event log [start|stop] [ap-name |ip-addr |ip6-addr ] radio <0|1> size events [all|ani|rcfind|rcupdate|rx|size|text|tx] [hex ] Description Start and stops packet log capture of radio events for debugging purposes, and sends a log file of the events to a dump server when logging stops.
Parameter Description l all: Capture all of the following types of radio events.
ap debug radio-registers dump ap debug radio-registers dump [ap-name |ip-addr |ip6-addr ] [filename {all|interrupt|qcu |radio}] Description This command allows you to collect all or specific radio register information into a separate file. Syntax Parameter Description ap-name Name of Access Point ip-addr Collect radio register information for this specific AP radio. ip6-addr Collect radio register information for the AP assigned to this ipv6 address.
ap enet-link-profile ap enet-link-profile clone dot3az duplex {auto|full|half} no ... speed {10|100|1000|auto} Description This command configures an AP Ethernet link profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “defaul t” clone Name of an existing Ethernet Link profile from which parameter values are copied. — — dot3az Enable support for the 803.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3 Support for 1000 Mbps (1 Gbps) Ethernet port speed was introduced. ArubaOS 6.2 Support for the dot3az parameter was introduced. Command Information Platforms Available on all platforms 163| ap enet-link-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ap flush-r1-on-new-r0 ap·flush- r1-on-new-r0 {enable|disable} Description Use this command to enable or disable flushing of R1 keys, when R0 is updated for d-tunnel or bridge mode. Syntax Parameter Description enable Enable flushing of R1 keys. disable Disable flushing of R1 keys. Example The following example enables flushing of R1 keys. (host) (config) #ap flush-r1-on-new-r0 enable The following command displays the status of flushing of R1 keys.
ap image-preload ap image-preload activate all-aps|specific-aps add {ap-group | ap-name } cancel clear-all delete {ap-group | ap-name } [partition ] [max-downloads ] Description Configure APs to preload a new software image from a controllerbefore the controller starts actively running the new image.
Parameter Description ap-name Remove an individual AP from the preload list partition Specify the partition from which the APs should download their images. By default, the APs will preload images from the controller’s default boot partition. max-downloads Specify the maximum number of APs that can simultaneously download their image from the controller. The default value is ten APs.
ap-lacp-striping-ip ap-lacp-striping-ip aplacp-enable no striping-ip lms Description Define an AP LACP LMS map information profile that maps a GRE striping IP address to an existing LMS-IP address. Syntax Parameter Description aplacp-enable Issue this command to enable LACP IP striping. This feature is disabled by default no ... Issue this command to negate any setting or return a configured parameter it to its default value. striping-ip Specify an IPv4 address for the 802.
Related Commands The following show commands display information about the settings defined in the AP LACP LMS map information profile: l show ap-lacp-striping-ip: displays all settings defined in AP LACP LMS map information profile. l show ap database: the output of this command displays an s flag to indicate that the AP is enabled with a striping IP address. l show ap debug lacp: the output of this command displays the AP's striping IP address, as defined in the AP LACP LMS map information profile.
ap lldp med-network-policy-profile ap lldp med-network-policy-profile application-type guest-voice|guest-voice-signaling|softphone-voice|streaming-video|videoconferencing|video-signaling|voice|voice-signaling clone dscp l2-priority no ... tagged vlan Description Define an LLDP MED network policy profile that defines DSCP values and L2 priority levels for a voice or video application.
Parameter Description Range video-signaling Use this application type if the AP is part of a network that requires a different policy for video signaling than for the video media. Do not use this application type if both the same network policies apply to both video and video signaling traffic. - voice Use this application type if the AP services IP telephones and other appliances that support interactive voice services. - NOTE: This is the default application type.
Example The following commands create a LLDP MED network policy profile for streaming video applications and marks streaming video as high-priority traffic.
ap lldp profile ap lldp profile clone dot1-tlvs port-vlan|vlan-name dot3-tlvs link-aggregation|mac|mfs|power lldp-med-network-policy-profile lldp-med-tlvs capabilities|inventory|network-policy no ...
Parameter power Description Transmit the 802.3 Power Via media dependent interface (MDI) TLV to show the power support capabilities of the AP interface. NOTE: This parameter is supported by the WIAP3WNP and W-AP130 Series only. lldp-med-network-policy-profile Specify the LLDP MED Network Policy profile to be associated with this LLDP profile. lldp-med-tlvs Specify which of the following LLDP-MED TLVs the AP will send in LLDP PDUs. The AP will not send any LLDP-MED TLVs by default.
Parameter Description transmit-hold Enter a value from 1-100. This value is multiplied by the transmit interval to determine the number of seconds to cache learned LLDP information before that information is cleared. If the transmit-hold value is at the default value of 4, and the transmit interval is at its default value of 30 seconds, then learned LLDP information will be cached for 4 x 30 seconds, or 120 seconds.
ap mesh-cluster-profile ap mesh-cluster-profile clone cluster no ... opmode [opensystem | wpa2-psk-aes] rf-band {a | g} wpa-hexkey wpa-passphrase Description This command configures a mesh cluster profile used by mesh nodes. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters.
Parameter rf-band Description Range Configures the RF band in which multiband mesh nodes should operate: a Default a g a = 5 GHz g = 2.4 GHz Best practices are to use 802.11a radios for mesh deployments. wpa-hexkey Configures a WPA pre-shared key. — — wpa-passphrase Sets the WPA password that generates the PSK. — — Usage Guidelines Mesh cluster profiles are specific to mesh nodes (APs configured for mesh) and provide the framework of the mesh network.
ap mesh-ht-ssid-profile ap mesh-ht-ssid-profile 40MHz-enableba-amsdu-enable 80MHz-enable clone high-throughput-enable ldpc legacy-stations max-rx-a-mpdu-size max-tx-a-mpdu-size max-tx-a-msdu-count-be max-tx-a-msdu-count-bg max-tx-a-msdu-count-vi max-tx-a-msdu-count-vo max-vht-mpdu-size min-mpdu-start-spacing mpdu-agg no short-guard-intvl-20Mhz short-guard-intvl-40Mhz short-guard-intvl-80Mhz stbc-rx-streams stbc-tx-streams supported-mcs-set temporal-diversity Description This command
Parameter Description Range clone Copy configuration information from a source profile into the currently selected profile high-throughput-enable Enable or disable high-throughput (802.11n) features Default enabled on this SSID. This parameter is enabled by default. ldpc If enabled, the AP will advertise Low-density Parity Check (LDPC) support. LDPC improves data transmission over radio channels with high levels of background noise.
Parameter Description min-mpdu-start-spacing Minimum time between the start of adjacent MPDUs within an aggregate MPDU, in microseconds. mpdu-agg Enable or disable MAC protocol data unit (MPDU) aggregation. Range Default 0 (No restriction on MDPU start spacing), .25 µsec, .5 µsec, 1 µsec, 2 µsec, 4 µsec 0 µsec enabled High-throughput mesh APs are able to send aggregated MAC protocol data units (MDPUs), which allow an AP to receive a single block acknowledgment instead of multiple ACK signals.
Parameter Description Range Default The 802.11n standard specifies two guard intervals: 400ns (short) and 800ns (long). Enabling a short guard interval can decrease network overhead by reducing unnecessary idle time on each AP. Some outdoor deployments, may, however require a longer guard interval. If the short guard interval does not allow enough time for reflections to settle in your mesh deployment, inter-symbol interference values may increase and degrade throughput.
Parameter supported-mcs-set Description A list of Modulation Coding Scheme (MCS) values or ranges of values to be supported on this SSID. The MCS you choose determines the channel width (20MHz vs. 40MHz) and the number of spatial streams used by the mesh node. Range 1-15 Default 1-15 The default value is 1-15; the complete set of supported values. To specify a smaller range of values, enter a hyphen between the lower and upper values.
(host) (config) #show ap mesh-ht-ssid-profile Command History Version Description ArubaOS 3.4 Command introduced ArubaOS 6.1 The short-guard-intvl-20Mhz, ldpc, stbc-rx-streams and stbc-rxstreams parameters were introduced. ArubaOS 6.3 The following parameters were introduced. ArubaOS 6.4.3 l txbf-comp-steering l txbf-delayed-feedback l txbf-explicit-enable l txbf-immediate-feedback l txbf-noncomp-steering l txbf-sounding-interval The following parameters were introduced.
ap mesh-radio-profile ap mesh-radio-profile a-tx rates [6|9|12|18|24|36|48|54] allowed-vlans children clone eapol-rate-opt g-tx rates [1|2|5|6|9|11|12|18|24|36|48|54] heartbeat-threshold hop-count link-threshold max-retries mesh-ht-ssid-profile mesh-mcast-opt mesh-survivability metric-algorithm {best-link-rssi|distributed-tree-rssi} mpv no ...
Parameter Description Range Default clone Name of an existing mesh radio profile from which parameter values are copied. eapol-rate-opt Use a more conservative rate for more reliable delivery of EAPOL frames. enabled Indicates the transmit rates for the 802.11b/g radio. 1, 2, 5, 6, 9, 11, 12, 18, 24, 36, 48, 54 1, 2, 5, 6, 9, 11, 12, 18, 24, 36, 48, 54 Mbps g-tx rates The AP attempts to use the highest transmission rate to establish a mesh link.
Parameter Description Range Default Best practices are to use the default value. mesh-survivability Allow mesh points and portals to become active even if the controller cannot be reached by bridging LAN traffic. This is a beta feature that is disabled by default; it should not be enabled unless you are instructed to do so by Dell technical suppport. — distributedtreerssi metricalgorithm Specifies the algorithm used by a mesh node to select its parent.
Parameter Description Range Default After the initial startup scan is completed, connected mesh nodes evaluate mesh links every 30 seconds. If a mesh node finds a better uplink, the mesh node connects to the new parent to create an improved path to the mesh portal. reselect-never Connected mesh nodes do not evaluate other mesh links to create an improved path to the mesh portal.
Parameter Description Range Default reselect a parent at the earlier distance (or less) with good link quality. For example, if a mesh point disconnects from a mesh parent 2 hops away and subsequently reconnects to a mesh parent 3 hops away, then the mesh point will continue to seek a connection to a mesh parent with both an acceptable link quality and a distance of two hops or less, even if the more distant parent also has an acceptable link quality.
Command History Release Modification ArubaOS 3.2 Command introduced. ArubaOS 3.2.0.x, 3.3.1.x The tx-power default increased from 14 to 30 dBm. ArubaOS 3.3 The heartbeat-threshold default increased from 5 to 10 heartbeat messages. ArubaOS 3.3.2 The mesh-mcast-opt parameter was introduced. ArubaOS 3.4 The mesh-ht-ssid-profile parameter was introduced The 11a-portal-channel, 11g-portal-channel, beacon-period and txpower parameters were deprecated.
ap provisioning-profile ap provisioning-profile ap-poe-power-optimization {disabled | enabled} apdot1x-passwd apdot1x-username cellular_nw_preference 3g-only|4g-only|advanced|auto clone link-priority-cellular link-priority-ethernet master clear|{set } no pppoe-passwd pppoe-service-name pppoe-user remote-ap reprovision uplink-vlan usb-dev usb-dial usb-init usb-modeswitch -v -p -V -P -M us
Parameter Description Default Range control the cellular network service selection; so the cellular network service failover and fallback is not interrupted by the remote AP (RAP). l 3g_only: Locks the modem to operate only in 3G. l 4g_only: Locks the modem to operate only in 4G. advanced: The RAP controls the cellular network service selection based on an Received Signal Strength Indication (RSSI) threshold-based approach. Initially the modem is set to the default auto mode.
Parameter Description Default Range no Negates any configured parameter. — — pppoe-passwd Point-to-Point Protocol over Ethernet (PPPoE) password for the AP. — — pppoe-servicename PPPoE service name for the AP. — — pppoe-user PPPoE username for the AP. — — remote-ap Specifies that the profile is to be associated with a remote AP using certificates. — — reprovision Provisions one or more APs with the values in the provisioning profile.
Parameter usb-passwd usb-power-mode auto| enable|disable Description Default A PPP password, if provided by the cellular service provider Set the USB power mode to control the power to the USB port. Range — — — — usb-tty The TTY device path for the USB modem. This parameter only needs to be specified if the default path is not correct. — — usb-tty-control The TTY device control path for the USB modem. This parameter only needs to be specified if the default path is not correct.
hardware types, but you can use the usb commands in this profile to configure a RAP to recognize and use an unknown USB modem type. Related Commands Command provision-ap Description Change provisioning parameters for an individual AP. This command does not save the provisioning parameters settings in a reusable profile.
Release Modification l 4g-usb-type ArubaOS 6.2.1.0 the cellular_nw_preference parameter was introduced for provisioning multi-mode modems, and the 4g-usb-type parameter was deprecated. Specify a 2/3G or 4G modem type using the usb-type parameter. ArubaOS 6.3 The sierrausbnet and storage usb-type parameters were introduced. ArubaOS 6.3.1 The rndis parameter was introduced. ArubaOS 6.3.1.10 The ap-power-mode parameter was introduced. ArubaOS 6.3.1.
ap packet-capture ap packet-capture clear ] radio <0|1> close-port interactive radio <0|1> channel open-port pause radio <0|1> raw-start [] radio <0|1> channel maxlen resume [] radio <0|1> stop r
Parameter Description IP address of the client running the packet analyzer. UDP port number on the client station where the captured packets are sent. radio <0-1> channel open-port pause ID of the radio sending the packets (Optional/Applicable only in Air Monitor mode) Number of a radio channel to tune into to capture packets. (CPSEC CAPs and RAPs only) Enable or allow access to this UDP port on the AP for packet capture purposes.
Parameter Description ap-name Name of the AP. ip-addr IP address of the AP. ip6-addr IPv6 address of the AP. ID of the PCAP session. radio <0-1> stop ID of the radio sending the packets Stop a packet capture session. ap-name Name of the AP. ip-addr IP address of the AP. ip6-addr IPv6 address of the AP. ID of the PCAP session.
Usage Guidelines These commands direct an AP to send WiFi packet captures to a client packet analyzer utility such as Airmagnet, Wireshark and so on, on a remote client. Before using these commands, you need to start the packet analyzer utility on the client and open a capture window for the port from which you are capturing packets. The packet analyzer cannot be used to control the flow or type of packets sent from APs. The packet analyzer processes all packets.
#show ap packet-capture status ap-name ap1 Packet Capture Sessions at ap1, IP 10.3.44.167 ---------------------------------------------pcap-id ------1 filter -----type eq all max-pkt-size -----------65536 type ---interactive num-pkts -------3759 intf ---6c:f3:7f:ba:65:70 status -----in-progress channel max-pkts ------- -------153 0 url target Radio ID ----------192.168.0.3/5555 0 Related Commands To view the status of outstanding packet capture (pcap) sessions, use show ap packet capture.
ap process restart ap process restart {ap-name }|{ip-addr }|{ip6-addr } Description Use this command to restart the AP process of a particular AP. Syntax Parameter Description ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP. Usage Guidelines This command should only be used under the guidance of Dell technical support. Command History Introduced in ArubaOS 6.3.
ap regulatory activate ap regulatory activate Description This command activates the specified Regulatory-Cert. Syntax None. Parameter Description Default Name of the Regulatory-Cert to be activated. — Usage Guidelines Use this command to activate a new Regulatory-Cert to your configuration. Related Commands To view the current Regulatory-Cert, use the show ap regulatory command. To view the supported channels, use the show ap allowed-channels country-code command.
ap regulatory-domain-profile ap regulatory-domain-profile clone country-code no ... valid-11a-160mhz-channel-group valid-11a-40mhz-channel-pair valid-11a-80mhz-channel-group valid-11a-channel valid-11g-40mhz-channel-pair valid-11g-channel Description This command configures an AP regulatory domain profile.
Parameter Description Default 52-56 Note: Changing the country code causes the valid channel lists to be reset to the defaults for the country. valid-11a-80mhz-channel-group This parameter defines which 80 MHz channels on the “a” band are available for assignment by ARM and for controller to randomly assign if the user has not specified a channel. The channel numbers below correspond to channel center frequency. — valid-11a-channel Enter a single 802.
A controller shipped to certain countries, such as the U.S. and Israel, cannot terminate APs with regulatory domain profiles that specify different country codes from the controller. For example, if a controller is designated for the U.S., then only a regulatory domain profile with the “US” country code is valid; setting APs to a regulatory domain profile with a different country code will result in the radios not coming up.
Command Information Platforms All platforms 205| ap regulatory-domain-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ap regulatory reset ap regulatory reset Description This command returns the controller to the factory default Regulatory-Cert. Syntax None. Usage Guidelines Use this command to return the controller to the .factory default regulatory information. Related Commands To view the current Regulatory-Cert, use the show ap regulatory command. To view the supported channels, use the show ap allowed-channels country-code command. Command History Release ArubaOS 6.4.
ap spectrum clear-webui-view-settings ap spectrum clear-webui-view-settings Description Clear a saved spectrum dashboard view. Syntax no parameters Usage Guidelines Saved spectrum view preferences may not be backwards compatible with the spectrum analysis dashboard in earlier versions of ArubaOS.
ap spectrum local-override no override ap-name spectrum-band 2ghz|5ghz Description Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list.
Command History Release Modification ArubaOS 6.0 Command introduced ArubaOS 6.2 The spectrum-band parameter supports a 5ghz value, allowing an AP to monitor the entire 5 Ghz radio band. Previous versions of ArubaOS supported 5ghz-lower, 5ghz-middle and 5ghz-upper settings. Command Information Platforms All platforms 209| ap spectrum local-override Licensing RF Protect license Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ap system-profile ap system-profile aeroscout-rtls-server ip-or-dns port include-unassoc-sta {disable|enable} am-scan-rf-band [a|all|g] ap-arp-attack-protection ap-console-password ap-console-protection ap-usb-power-override bkup-band all|a|g bkup-lms-ip bkup-lms-ipv6 bkup-mode static|dynamic|off bkup-passwords ble-op-mode {Beaconing | Disabled | DynamicConsole | PersistentConsole} ble-token ble-u rl lms
rtls-server ip-or-dns port key station-message-frequency include-unassoc-sta secondary-master session-acl spanning-tree syscontact telnet Description This command configures an AP system profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 163 characters.
Parameter Description Range Default ap-console-password Set the AP console password on the controller. If the user does not set any password, the controller generates a default random password which can be viewed by executing the encrypt disable command followed by the show ap system-profile command. 6-32 characters default random password ap-console-protection Enable the AP console password.
Parameter Description Range Default — — Select dynamic or static to enable this feature and select the mode by which the controller broadcasts the backup ESSID. This feature is disabled by default. bkup-passwords Set a WPA passphrase to generate PSK for backup Virtual AP. ble-op-mode Beaconing Disabled DynamicConsole PersistentConsole Determines how the built-in Bluetooth Low Energy (BLE) chip in the AP functions.
Parameter Description Range Default ble-token The Bluetooth Low Energy (BLE) endpoint authorization token is a text string of 1-255 characters used by the BLE to authorize to and securely communicate with the Beacon Management Console. This token is unique for each deployment. — — ble-url URL of the Meridian server to which the BLE sends monitoring data.
Parameter Description Range Default dns-domain Name of domain that is resolved by corporate DNS servers. Use this parameter when configuring split tunnel. — — double-encrypt This parameter applies only to remote APs. Use double encryption for traffic to and from a wireless client that is connected to a tunneled SSID. — disabled When enabled, all traffic is reencrypted in the IPsec tunnel. When disabled, the wireless frame is only encapsulated inside the IPsec tunnel.
Parameter Description Range Default heartbeat-in Set the interval between heartbeat messages between a remote or campus AP and its associated controller. An increase in the heartbeat interval increases the time it will take for an AP to detect the loss in connectivity to the controller, but can reduce internet bandwidth consumed by a remote AP. 1-60 secs 1 sec led-mode The operating mode for the AP LEDs. This option is available on all 802.11n indoor AP platforms.
Parameter lms-ipv6 Description Range In multi-controller ipv6 networks, specifies the IPv6 address of the local management switch (LMS)— the controller—which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network. This can be the IP address of the local or master controller.
Parameter Description Range Default max-request-re tries Maximum number of times to retry AP-generated requests, including keepalive messages. After the maximum number of retries, the AP either tries the IP address specified by the bkup-lms-ip (if configured) or reboots. 1-65535 10 mcast-aggr Enable multicast aggregation at AP. — disabled mcast-aggr-allowed-vlan Enable list of VLANs where AP multicast aggregation is allowed.
Parameter rap-dhcp-lease Description Range The amount of days that the assigned IP address is valid for the client. Specify the lease in . Default 0-30 0 0 indicates the IP address is always valid; the lease does not expire. rap-dhcp-poolend Configures a DHCP pool for remote APs. This is the last IP address of the DHCP pool. — 192.168.11.25 4 rap-dhcp-poolnetmask Configures a DHCP pool for remote APs. This is the netmask used for the DHCP pool. — 255.255.255.
Parameter rf-band Description Default a/g g Enables the AP to send RFID tag information to an RTLS server. — — ip-or-dns IP address or the DNS of the RTLS server to which location reports are sent. — — port Port number on the server to which location reports are sent. — — key Shared secret key. — — station-message-frequency Indicates how often packets are sent to the server.
Parameter Description Range Default syscontact SNMP system contact information. — — telnet Enable or disable telnet to the AP. — disabled Usage Guidelines The AP system profile configures AP administrative operations, such as logging levels. Example For deployments running ArubaOS 6.3.1.x-6.4.1.x, execute the following commands to configure the LACP parameters (LMS IP and the GRE striping IP) on an AP system profile.
Release ArubaOS 6.0 Modification Added support for the option to set the RF scanning band (am-scan-rf-band). The keepalive-interval parameter was deprecated. ArubaOS 6.2 The default number of IPsec retries defined by number_ipsec_retries was reduced from 360 to 85. ArubaOS 6.2.1.3 The root-ap parameter was deprecated. This parameter identifies the root AP in a hierarchy of Remote APs. ArubaOS 6.
Release Modification ArubaOS 6.4.3.3 The ble-op-mode parameter was introduced. ArubaOS 6.4.4.0 The shell-passwd parameter was enabled by default. ArubaOS 6.5 The following new parameters were introduced: l ap-console-password l ap-console-protection l console-log-lvl l disable-tftp-image-upgrade l secondary-master The shell-passwd parameter was deprecated.
ap wipe out flash ap wipe out flash ap-name ip-addr Description Overwrite the entire AP compact flash, destroying its contents (including the current image file). Syntax Parameter Description Range Default ap-name Wipe out the flash of the AP with the specified name. — — ip-addr Wipe out the flash of the AP with the specified IP address. — — Usage Guidelines Use this command only under the supervision of Dell technical support.
ap wired-ap-profile ap wired-ap-profile broadcast clone forward-mode {bridge|split-tunnel|tunnel} no ... switchport access vlan | {mode access|trunk} |trunk {allowed vlan | add | except | remove }| native vlan trusted wired-ap-enable Description This command configures a wired AP profile. Syntax Parameter Description Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description An AP in split-tunnel forwarding mode handles all 802.11 association requests and responses, encryption/decryption, and firewall enforcement. The 802.11e and 802.11k action frames are also processed by the AP, which then sends out responses as needed. NOTE: Virtual APs in split-tunnel mode using static WEP should use key slots 2-4 on the controller. Key slot 1 should only be used with Virtual APs in tunnel mode. no Negates any configured parameter.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 The split-tunnel forwarding mode was introduced. ArubaOS 6.0 Wired ports on campus APs support bridge forwarding mode. Command Information Platforms All platforms Licensing Base operating system, except for noted parameters Dell Networking W-Series ArubaOS 6.5.
ap wired-port-profile ap wired-port-profile aaa-profile authentication-timeout bridge-role clone enet-link-profile lldp-profile no portfast portfast-trunk rap-backup shutdown spanning-tree wired-ap-profile Description This command configures a wired port profile. Syntax Parameter Description aaa-profile Name of a AAA profile to be used by devices connecting to the AP’s wired port.
Parameter Description portfast-trunk Enables portfast on trunk. rap-backup Use the rap-backup parameter to use the wired port on a Remote AP for local connectivity and troubleshooting when the AP cannot reach the controller. If the AP is not connected to the controller, no firewall policies will be applied when this option is enabled. (The AAA profile will be applied when the AP is connected to controller). shutdown Disable the wired AP port. spanning-tree Enables the spanning-tree protocol.
apboot apboot {all [global|local]|ap-group [global|local]|ap-name |ip-addr |wired-mac } Description This command reboots the specified APs. Syntax Parameter Description Default all Reboot all APs. all global Reboot APs on all controllers. global local Reboot only APs registered on this controller. This is the default. local ap-group Reboot APs in a specified group. ap-group global Reboot APs on all controllers.
Command Information Platforms All platforms 231| apboot Licensing Base operating system Command Mode Enable and Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
apconnect apconnect {ap-name |bssid |ip-addr } parent-bssid Description This command instructs a mesh point to disconnect from its current parent and connect to a new parent. Syntax Parameter Description ap-name Specify the name of the mesh point to be connected to a new parent. bssid Specific the BSSID of the mesh point to be connected to a new parent. ip-addr Specific the IP address of the mesh point to be connected to a new parent.
apdisconnect apdisconnect {ap-name |bssid |ip-addr } Description This command disconnects a mesh point from its parent. Syntax Parameter Description ap-name Specifies the name of the parent AP. bssid Specifies the BSSID of the parent AP. ip-addr Specifies the IP address of the parent AP. Usage Guidelines Each mesh point learns about the mesh portal from its parent (a mesh node that is part of the path to the mesh portal).
apflash [deprecated] apflash all|{ap-group }|{ap-name }|{ip-addr }|{wired-mac } global|local [backup-partition] [server ] Description This command reflashes the specified AP. Starting with ArubaOS 6.1, this command can only be run by Dell Technical Support or users in support mode. Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 6.0 The global and local parameters were introduced. ArubaOS 6.
ap-group ap-group ap-system-profile authorization-profile clone dot11a-radio-profile dot11a-traffic-mgmt-profile dot11g-radio-profile dot11g-traffic-mgmt-profile enet0-port-profile enet1-port-profile enet2-port-profile enet3-port-profile enet4-port-profile event-thresholds-profile ids-profile mesh-cluster-profile priority mesh-radio-profile
Parameter Description Range Default dot11a-traffic-mgmt-profile Configures bandwidth allocation. See wlan traffic-management-profile on page 2352. — — dot11g-radio-profile Configures 802.11g radio settings and load balancing for the AP group; contains the ARM profile. See rf dot11a-radioprofile on page 733. — “default” dot11g-traffic-mgmt-profile Configures bandwidth allocation. See wlan traffic-management-profile on page 2352.
Parameter Description Range Default mesh-cluster-profile Configures the mesh cluster profile for mesh nodes that are members of the AP group. There is a “default” mesh cluster profile; however, it is not applied until you provision the mesh node. See ap meshcluster-profile on page 175. — “default” priority Configures the priority of the mesh cluster profile. If more than two mesh cluster profiles are configured, mesh points use this number to identify primary and backup profile(s).
Related Commands View AP group settings using the command show ap-group. Command History: Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 Support for the mesh parameters was introduced ArubaOS 3.4.1 The voip-cac-profile parameter required the PEF license. ArubaOS 5.0 The voip-cac-profile parameter requires the PEFV license. ArubaOS 6.0 The enet-port-profile parameters parameters were introduced.
ap-leds ap-leds {all | ap-group | ap-name | ip-addr | wired-mac } {global blink|normal}|{local blink|normal} Description This command allows you to set the behavior of an AP’s LEDs.
Command Information Platforms Available on all platforms 240| ap-leds Licensing Base operating system Command Mode Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
ap-move ap-move all ap-group ap-name Description When HA is enabled, use this command to move an AP or group of APs to their standby controller. Syntax Parameter Description all Move all APs. ap-group Move all APs belonging to the specified AP group. ap-name Move the specified AP.
ap-name ap-name ap-system-profile authorization-profile clone dot11a-radio-profile dot11a-traffic-mgmt-profile dot11g-radio-profile dot11g-traffic-mgmt-profile enet0-profile enet1-profile event-thresholds-profile exclude-mesh-cluster-profile-ap exclude-virtual-ap ids-profile mesh-cluster-profile priority mesh-radio-profile no ...
Parameter Description Default dot11a-traffic-mgmt-profile Configures bandwidth allocation. See wlan trafficmanagement-profile on page 2352. — dot11g-radioprofile Configures 802.11g radio settings for the AP group; contains the ARM profile. See rf dot11a-radio-profile on page 733. “default” dot11g-trafficmgmt-profile Configures bandwidth allocation. See wlan trafficmanagement-profile on page 2352. — enet0-profile Configures the duplex and speed of the Ethernet 0 interface on the AP.
Parameter Description mesh-radio-profile Configures the 802.11g and 802.11a radio settings for the AP (mesh node). See ap mesh-ht-ssid-profile on page 177. Default “default” The Secure Enterprise Mesh license must be installed. no Negates any configured parameter. — regulatory-domain-profile Configures the country code and valid channels. See ap regulatory-domain-profile on page 202. “default” rf-optimization -profile Configures load balancing and coverage hole and interference detection.
Command History: Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 Support for mesh parameters was introduced. ArubaOS 3.4 License requirements changed in ArubaOS 3.4.1, so the voip-cac-profile parameter required the PEF license instead of the Voice Services Module license required in earlier versions. Command Information Platforms All platforms 245| ap-name Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ap-regroup ap-regroup {ap-name |serial-num |service-tag |wired-mac } Description This command moves a specified AP into a group. Syntax Parameter Description Default ap-name Name of the AP. — serial-num Serial number of the AP. — service-tag Service tag of the AP. — wired-mac MAC address of the AP. — Name that identifies the AP group. The name must be 1-63 characters.
Command Information Platforms All platforms 247| ap-regroup Licensing Base operating system Command Mode Enable and Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ap-rename ap-rename {ap-name |serial-num |service-tag |wired-mac } Description This command changes the name of an AP to the specified new name. Syntax Parameter Description ap-name Current name of the AP. serial-num Serial number of the AP. service-tag Service tag of the AP. wired-mac MAC address of the AP. New name for the AP. The name must be 1-63 characters. NOTE: You cannot use quotes (“) in the AP name.
| ap-rename Dell Networking W-Series ArubaOS 6.5.
app skype4b traffic-control app skype4b traffic-control clone no ... prioritize-desktop-sharing prioritize-file-transfer prioritize-video prioritize-voice Description This command creates a traffic control profile that allows the controller to recognize and prioritize a specific type of Skype for Business (Skype4b) traffic in order to apply QoS through the Skype Application Layer Gateway (ALG).
Command History Version ArubaOS 6.4.4.0 Description Command introduced. NOTE: This command replaces the deprecated command app lync traffic-control. Command Information Platforms All platforms 251| app skype4b traffic-control Licensing This command requires the PEFNG license Command Mode Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
arm move-sta arm move-sta Description This command moves a client station to another BSSID. Syntax Parameter Description MAC address of the client to be moved to another BSSID BSSID of the AP to which the client should associate. Usage Guidelines Issue this command to manually move a client to a different BSSID Example The following command moves a client with the MAC address 00:0B:86:01:7A:C0 to the BSSID 00:1C:B3:09:85:15.
arp arp Description This command adds a static Address Resolution Protocol (ARP) entry. Syntax Parameter Description IP address of the device to be added. Hardware address of the device to be added, in the format xx:xx:xx:xx:xx:xx. Usage Guidelines If the IP address does not belong to a valid IP subnetwork, the ARP entry is not added.
audit-trail audit-trail [all] Description This command enables an audit trail. Syntax Parameter all Description Enables audit trail for all commands, including enable mode commands. The audit-trail command without this option enables audit trail for all commands in configuration mode. Usage Guidelines By default, audit trail is enabled for all commands in configuration mode. Use the show audit-trail command to display the content of the audit trail.
backup backup {flash|pcmcia} Description This command backs up compressed critical files in flash. Syntax Parameter Description flash Backs up flash directories to flashbackup.tar.gz file. pcmcia Backs up flash images to external PCMCIA flash card. This option can only be executed on controllers that have a PCMCIA slot. Usage Guidelines Use the restore flash command to untar and uncompress the flashbackup.tar.gz file. Example The following command backs up flash directories to the flashbackup.tar.
banner motd banner motd Description This command defines a text banner to be displayed at the login prompt when a user accesses the controller. Syntax Parameter Description Range Indicates the beginning and end of the banner text. — The text you want displayed. up to 1023 characters Usage Guidelines The banner you define is displayed at the login prompt to the controller. The banner is specific to the controller on which you configure it.
Welcome to my controller. This controller is in the production network, so please do not save configuration changes. Zach Jennings is awesome. Maintenance will be performed at 7:30 PM, so please log off before 7:00 PM. Command History This command was introduced in ArubaOS 1.0 Command Information Platforms All platforms 257| banner motd Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
block-redirect-url block-redirect-url Description This command redirects the user session to an external splash page when it encounters a webcc deny policy. Syntax Parameter Description Range The URL to which a session is redirected when denied. Only absolute URL, prefixed with http or https is allowed. — Default — Example The following command redirects the user session to the URL specified: (host) [mynode] (config) #block-redirect-url https://www.arubanetworks.
boot boot cf-test [fast | read-only | read-write] config-file remote-node [all|ip-address
l verbose—Print extra debugging information during boot. The information is sent to the screen at boot time. Printing the extra debugging information is disabled using the no boot verbose command. Example The following command uses the configuration file january-config.cfg the next time the controller boots: boot config-file january-config.cfg The following command uses system partition 1 the next time the controller boots: boot system partition 1 Command History Modification ArubaOS 1.
cellular profile cellular profile dialer driver acm|hso|option|sierra|ptumlusbnet import modeswitch {eject }|rezero no priority <1-255> serial tty user password vendor product Description Create new profiles to support new USB modems or to customize USB characteristics. Syntax Parameter cellular profile Description Enter the keywords cellular profile followed by your profile name.
Parameter Description Certain cellular devices must be modeswitched before the modem switches to data mode. no Enter the keyword no to negate the command and revert back to the defaults. priority <1-255> Enter the keyword priority to override the default cellular priority (100). Range: 1 to 255. Default: 100 serial Enter the keyword serial followed by the USB device serial number tty Enter the keyword tty followed by the Modem TTY port (i.e.
cfgm cfgm {set config-chunk |set heartbeat |set maximum-updates |snapshottimer |sync-command-blocks |sync-typecomplete|sync-type snapshot} Description This command configures the configuration module on the master controller. Syntax Parameter Description Range Default set config-chunk Maximum packet size, in Kilobytes, that is sent every second to the local controller whenever the master controller sends a configuration to the local.
Usage Guidelines By default, configuration updates on the controller are disabled to prevent any alterations to the controller configuration. Example The following command sets the maximum packet size as 20 KB per second whenever the master controller sends a configuration to the local : (host) (config) #cfgm set config-chunk 20 Command History This command was introduced in ArubaOS 3.1.
clear clear aaa acl airgroup {cli-policy {all}|global-credits {statistics}|server|statistics|user} ap arm arp counters crypto datapath dot1x fault gab-db ip ipc ipv6 lldp loginsession master-local-entry master-local-session port port-security-error gigabitethernet // provisioning-ap-list provisioning-params rap-wml update-counter upgrade-images voice vpdn web-cc cache web-cc stats wms Description This command clears various user-configured values from your running config
Parameter device-id-cache Description Clear all device ID cache. Parameters: load-balance l all — Clear all entries in the device ID cache. l mac — Clear entries in the device ID cache for MAC address. Clear load balance statistics. Parameters: l multiple-server-accounting statistics — Clear load balance statistics. Clear multiple server accounting statistics. Parameters: l state statistics — Clear multiple server accounting statistics. Clear internal status of authentication modules.
Parameter Description multi-controller message exchanges. user ap l query — Clears statistics maintained in the user and server table. l service — Clears statistics maintained in the AirGroup service table. l Mac Address - Clears the AirGroup server Mac addresses. l dlna - Clears the AirGroup DLNA users. l mdns - Clears the AirGroup mDNS users. l all - Removes the current AirGroup user entries from the user table. Clear all AP related information.
Parameter l client-match-summary l client-match-unsteerable arp Clear all ARP table information. You can either clear all information or enter the IP address of the ARP entry to clear a specific value. counters Clear all interface configuration values. fastethernet Clears configuration related to fastethernet ports. gigabitethernet Clears configuration related to fastethernet ports. port-channel Clears statistics related to a port-channel.
Parameter dot1x Description l maintenance {counters} l message-queue {counters} l mobility {stats} l network {ingress} l papi {counters} l route {counters} l route-cache {A.B.C.D|counters} l session {counters} l ssl {counters} l station {counters} l tcp {counters} l tunnel {counters} l user {counters} l web-cc {counters} l wifi-reassembly {counters} l wmm {counters} Clears all 802.1X specific counters and supplicant statistics.
Parameter ipv6 lldp 270| clear Description Clears all IPv6 session statistics, multicast listener discovery (MLD) group and member information, MLD statistics, counters, and DHCPv6 binding information. Use the following parameters: l datapath {session} l dhcp {binding} l mld {group|proxy-mobility-group|stats-counters} l neighbor Clears lldp information on all the interfaces.
Parameter Description upgrade-images Clear all upgrade images used by the centralized licensing feature. voice Clear all voice state information. Use the following parameters: vpdn l call-counters l call-status l statisticscac | tspec-enforcement Clear all VPDN configuration for L2TP and PPTP tunnel.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The following MLD parameters are added to the ipv6 option: l mld group l mld stats-counters l The device-id-cache, load-balance, multiple-server-accounting parameters were introduced under aaa parameter. l The airgroup parameter was introduced. l The dhcp binding parameter under ipv6 was introduced. l The proxy-mobilty-group parameter under mld was introduced.
clear aaa auth-survivability-cache clear aaa auth-survivability-cache Description This command allows you to clear the data that is currently in the local Survival Server cache. Usage Guidelines The clear...cache parameter has two sub-parameters: l all: Clears all entries in the Authentication Survivability Cache. l station: Clears the entry in the Authentication Survivability Cache for a particular station. Specify the station with its MAC address in A:B:C:D:E:F format.
clear wms wired-mac clear wms wired-mac [ all | gw-mac | monitored-ap-wm | prop-eth-mac | regap-oui | system-gw-mac | system-wired-mac | wireless-device ] Description Clear learned and collected Wired MAC information. Optionally, enter the MAC address, in nn:nn:nn:nn:nn:nn format, of the AP that has seen the Wired Mac. Syntax Description all Clear all the learned and collected wired Mac information.
clock append clock clock append Description This command enables the timestamp feature, adding a date and time to the output of show commands. Syntax No parameters. Usage Guidelines When you enable the timestamp feature, the command-line interface includes a timestamp in the output of each show command indicating when the show command was issued. Note that the output of show clock and show log do not include timestamps, even when this feature is enabled.
clock set clock clock set Description This command sets the date and time. Syntax Parameter Description Range year Sets the year. Requires all 4 digits. Numeric month Sets the month. Requires the first three letters of the month. Alphabetic day Sets the day. 1-31 time Sets the time. Specify hours, minutes, and seconds separated by spaces. Numeric Usage Guidelines You can configure the year, month, day, and time. You must configure all four parameters.
clock summer-time recurring clock summer-time [recurring] <1-4> first last <1-4> first last [<-23 - 23>] Description Set the software clock to begin and end daylight savings time on a recurring basis. Syntax Parameter Description Range WORD Enter the abbreviation for your time zone.
The start day requires the first three letters of the day. The start month requires the first three letters of the month. You also have the option to set the number of hours by which to offset the clock from UTC. This has the same effect as the clock timezone command. Example The following example sets daylight savings time to occur starting at 2:00 AM on Sunday in the second week of March, and ending at 2:00 AM on Sunday in the first week of November.
clock timezone clock timezone <-23 to 23> Description This command sets the time zone on the controller. Syntax Parameter Description Range Name of the time zone. 3-5 characters -23 to 23 Hours offset from UTC. -23 to 23 Usage Guidelines The name parameter can be any alphanumeric string, but cannot start with a colon (:). A time zone name longer than five characters is not accepted.
cluster-member-custom-cert cluster-member-custom-cert member-mac ca-cert server-cert suite-b ] Description This command sets the controller as a control plane security cluster root, and specifies a custom user-installed certificate for authenticating cluster members.
Related Commands Parameter Description Mode control-plane-security Configure the control plane security profile. Config mode show cluster-config Show the multi-master cluster configuration for the control plane security feature. Enable mode show cluster-switches Issue this command on a master controller using control plane security in a multi-master environment to show other the other controllers to which it is connected. Enable mode Command History. Introduced in ArubaOS 6.1.
cluster-member-factory-cert cluster-member-factory-cert member-mac Description This command sets the controller as a control plane security cluster root, and specifies a custom user-installed certificate for authenticating cluster members.
Parameter Description show cluster-switches Mode Issue this command on a master controller using control plane security in a multi-master environment to show other the other controllers to which it is connected. Enable mode Command History Introduced in ArubaOS 6.1. Command Information Platforms All platforms 283| cluster-member-factory-cert Licensing Base operating system Command Mode Config mode on cluster root controllers Dell Networking W-Series ArubaOS 6.5.
cluster-member-ip cluster-member-ip ipsec Description This command sets the controller as a control plane security cluster root, and specifies the IPsec key for a cluster member. Syntax Parameter Description Switch IP address of a control plane security cluster member. You can also use the IP address 0.0.0.0 to set a single IPsec key for all cluster members.
Related Commands Parameter Description Mode control-plane-security Configure the control plane security profile. Config mode show cluster-config Show the multi-master cluster configuration for the control plane security feature. Enable mode show cluster-switches Issue this command on a master controller using control plane security in a multi-master environment to show other the other controllers to which it is connected. Enable mode Command History Introduced in ArubaOS 5.0.
cluster-root-ip cluster-root-ip ipsec ipsec-custom-cert root-mac1 [root-mac2 ] ca-cert server-cert [suite-b ] ipsec-factory-cert root-mac-1 [root-mac-1 ] Description This command sets the controller as a control plane security cluster member, and defines the IPsec key or certificate for secure communication between the cluster member and the controller’s cluster root.
Usage Guidelines If your network includes multiple master controllers each with their own hierarchy of APs and local controllers, you can allow APs from one hierarchy to failover to any other hierarchy by defining a cluster of master controllers. Each cluster will have one master controller as its cluster root, and all other master controllers as cluster members.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
configure terminal configure terminal Description This command allows you to enter configuration commands. Syntax No parameters. Usage Guidelines Upon entering this command, the enable mode prompt changes to: (host) (config) # To return to enable mode, enter Ctrl-Z or exit. Example The following command allows you to enter configuration commands: (host) # configure terminal Command History This command was introduced in ArubaOS 3.0.
control-plane-security control-plane-security auto-cert-allow-all auto-cert-allowed-addrs auto-cert-prov cpsec-enable no ... Description Configure the control plane security profile by identifying APs to receive security certificates. Syntax Parameter Description auto-cert-allow-all When you issue the controlplane-security auto-cert-allowall command, the controller will send a certificate to all associated APs when auto certificate provisioning is enabled.
Parameter Description cpsec-enable Issue this command to enable control plane security. To disable this feature, use the command no cpsec-enable. Control plane security is enabled by default. Usage Guidelines Controllers enabled with control plane security will only send certificates to APs that you have identified as valid APs on the network.
controller-ip controller-ip [loopback|vlan ] no ... Description This command sets the controller IP to the loopback interface address or a specific VLAN interface address. Syntax Parameter Description Default loopback Sets the controller IP to the loopback interface. disabled vlan Set the controller IP to a VLAN interface. — Specifies the VLAN interface ID.
controller-ipv6 controller-ipv6 [loopback|{vlan }] no ... Description This command sets the default IPv6 address of the controller to the IPv6 loopback interface address or a specific VLAN interface address. Syntax Parameter Description Default loopback Sets the controller IP to the loopback interface. disabled vlan Set the controller IP to a VLAN interface. — Specifies the VLAN interface ID.
copy copy flash: {flash: | scp: tftp: | usb: partition {0|1} } ftp: {flash: | system: partition [0|1]} running-config {flash: | ftp: [] | startup-config | tftp: } scp: {flash: | system: partition [0|1]}| startup-config {flash: | tftp:
Parameter system: partition [0|1] running-config Description Specify the system partition to save the file. Copy the active, running configuration to a specified destination. flash: Copy the configuration to the flash file system. Specify the new name of the copied configuration file. ftp: Using FTP, copy the configuration to an FTP server. NOTE: Using this parameter, a password is required to access the FTP server. The password is masked, and must be entered in a separate line.
Parameter Description Specify the new name of the copied startup configuration file. tftp: Using TFTP, copy the startup configuration to a TFTP server Specify the IP address or hostname of the TFTP server. system: Copy the specified system partition Disk partition from which to copy the system data, as either 0 or 1. Disk partition to copy the system data to, as either 0 or 1.
In the following example, the password is entered on the second line, and is displayed in masked text. (host) #copy running-config ftp: 192.168.1.2 adminuser runconfig Password: ******** Usage Guidelines Use this command to save back-up copies of the configuration file to an FTP or TFTP server, or to load a saved file from an FTP or TFTP server. Three partitions reside on the file system flash.
cp-bandwidth-contract cp-bandwidth-contract {pps <1..64000>} Description This command configures a bandwidth contract traffic rate which can then be associated with a whitelist session ACL. Syntax Parameter Description Range Default Name of a bandwidth contract. — — pps Set a bandwidth rate in packets/seconds. 1–64000 — Example The following example configures a bandwidth contract named “cp-rate” with a rate of 100 pps.
crypto-local ipsec sa-cleanup crypto-local ipsec sa-cleanup Description Issue this command to clean IPsec security associations (SAs). Syntax No parameters Usage Guidelines Use this command to remove old IPsec security associations if remote APs on your network still use an old SA after upgrading to a newer version of ArubaOS. Command History This command was introduced in ArubaOS 6.1. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
crypto dynamic-map crypto dynamic-map disable no ... set pfs {group1|group2|group14|group19|group20} set security-association lifetime kilobytes set security-association lifetime seconds set transform-set [] [] [] version v1|v2 Description This command configures a new or existing dynamic map. Syntax Parameter Description Range Default Name of the map. — — Priority of the map.
Parameter kilobytes Description Range Default Lifetime for the SA in kilobytes. 1000 1000000000 — set transform-set Name of the transform set for this dynamic map. You can specify up to four transform sets. You configure transform sets with the crypto ipsec transform-set command.
Command Information Platforms All platforms Licensing The group19 and group20 PFS options requires the Advanced Cryptography (ACR) license. All other parameters are available in the base operating system. Dell Networking W-Series ArubaOS 6.5.
crypto ipsec crypto ipsec mtu transform-set esp-3des|esp-aes128|esp-aes128-gcm|esp-aes192|espaes256|esp-aes256-gcm|esp-des esp-md5-hmac|esp-null-hmac|esp-sha-hmac} Description This command configures IPsec parameters. Syntax Parameter mtu Description Configure the IPsec Maximum Transmission Unit (MTU) size. The supported range is 1024 to 1500 and the default is 1500. transform-set Create or modify a transform set.
(host) (config)# crypto ipsec transform-set set2 esp-3des esp-md5-hmac Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The esp-aes128-gcm and esp-aes256-gcm transform-set parameters were introduced. Command Information Platforms All platforms 304| crypto ipsec Licensing Command Mode The esp-aes128-gcm and esp-aes56-gcm transform-set parameters require the Advanced Cryptography (ACR) license. All other parameters are available in the base OS.
crypto isakmp crypto isakmp address netmask } disable eap-passthrough eap-mschapv2|eap-peap|eap-tls enable groupname key address netmask udpencap-behind-natdevice enable|disable packet-dump Description This command configures Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP).
Parameter address netmask udpencap-behind-natdevice Description Configure the IP address for the group key. An IP for the group key, in dotted-decimal format. Configure the netmask for the group key IP address. A subnet mask, in dotted-decimal format Configure NAT-T if controller is behind NAT device. (For Windows VPN Dialer only) enable Enable Nat-T. This is the recommended setting if the controller is behind a NAT device. disable Disable Nat-T.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
crypto isakmp block-aruba-ca crypto-local isakmp block-aruba-ca enable disable Description This command configures the controller to accept or reject Dell certified clients. Syntax Parameter enable disable Description Accept Dell certified client certificates. Reject Dell certified client certificates and use custom certificates instead. Example This command configures a CA certificate: crypto-local isakmp block-aruba-ca enable Command History This command was introduced in ArubaOS 6.3.
crypto isakmp policy crypto isakmp policy authentication pre-share|rsa-sig|ecdsa-256|ecdsa-384 disable|enable [bypass|secret] encryption 3DES|AES128|AES192|AES256|DES group 1|2|14|19|20 hash md5|sha|sha1-96|sha2-256-128|sha2-384-192 prf PRF-HMAC-MD5|PRF-HMAC-SHA1|PRF-HMAC-SHA256|PRF-HMAC-SHA384 lifetime no disable version v1|v2 Description This command configures Internet Key Exchange (IKE) policy parameters for the Internet Security Association and Key Management Protocol (ISAKMP).
Parameter Description AES192 Use 192-bit AES-CBC encryption algorithm. AES256 Use 256-bit AES-CBC encryption algorithm. DES Use 56-bit DES-CBC encryption algorithm. group Configure the IKE Diffie Hellman group. 1 Use the 768-bit Diffie Hellman prime modulus group. This is the default group setting. 2 Use the 1024-bit Diffie Hellman prime modulus group. 14 Use the 2048-bit Diffie Hellman DDH prime modulus group. 19 Use the 256-bit random Diffie Hellman ECP modulus group.
Parameter Description l v1: IKEv1 l v2: IKEv2 Usage Guidelines To define settings for a ISAKMP policy, issue the command crypto isakmp policy then press Enter. The CLI will enter config-isakmp mode, which allows you to configure the policy values. Example The following command configures an ISAKMP peer IP address and subnet mask.. After configuring an ISAKMP address and netmask, you will be prompted to enter the IKE preshared key.
Command Information Platforms All platforms Command Mode Licensing The following settings require the Advanced Cryptogram (ACR) license: l hash algorithm: SHA-256-128, SHA-384-192 l Diffie-Hellman (DH) Groups: 19 and 20 l Pseudo-Random Function (PRF): PRF-HMAC-SHA256, PRF-HMACSHA384 l Authentication: ecdsa-256 and ecdsa-384 Config mode on master controllers All other parameters are supported in the base OS. 312| crypto isakmp policy Dell Networking W-Series ArubaOS 6.5.
crypto-local ipsec-map crypto-local crypto-local ipsec-map
Parameter Description Range Default ip access-group in Attach a route access control list (ACL) to the IPsec map for a site-to-site VPN. When you associate a routing ACL to inbound traffic on a controller terminating a site-tosite VPN, that ACL can forward traffic as normal, route traffic to a nexthop router on a nexthop list, or redirect traffic over an L3 GRE tunnel or tunnel group. For more information on creating a routing ACL, see ip access-list route.
Parameter Description Range Default pre-connect Enables or disables pre-connection. enable/ disable disabled set ike1-policy Select an IKEv1 policy for the ipsec-map. Predefined policies are described in the table below. — — set ikev2-policy Select IKEv2 policy for the ipsec-map. Predefined policies are described in the table below. — — set ca-certificate User-defined name of a trusted CA certificate installed in the controller.
Parameter Description Range Default set transform-set Name of the transform set for this IPsec map. One transform set name is required, but you can specify up to four transform sets. Configure transform sets with the crypto ipsec transform-set command. — defaulttransfor m src-net IP address and netmask for the source network. — — trusted Enables or disables a trusted tunnel. enable/ disable disabled version v1|v2 Select the IKE version for the IPsec map.
Table 7: Default IKE Policy Settings Policy Name Policy Number IKE Version Encryption Algorithm Hash Algorithm Authentica -tion Method PRF Method DiffieHellman Group Default protectio n suite 10001 IKEv1 3DES-168 SHA 160 Pre-Shared Key N/A 2 (1024 bit) Default RAP Certificat e protectio n suite 10002 IKEv1 AES -256 SHA 160 RSA Signature N/A 2 (1024 bit) Default RAP PSK protectio n suite 10003 AES -256 SHA 160 Pre-Shared Key N/A 2 (1024 bit) Default RAP IKEv2 RSA protectio n su
Policy Name Policy Number IKE Version Encryption Algorithm Hash Algorithm Authentica -tion Method PRF Method DiffieHellman Group Default Suite-B 256 bit ECDSA protectio n suite 10009 IKEv2 AES -256 SHA 384192 ECDSA-384 Signature hmacsha2384 Random ECP Group (384 bit) Default Suite-B 128bit IKEv1 ECDSA protectio n suite 10010 IKEv1 AES-GCM128 SHA 256128 ECDSA-256 Signature hmacsha2256 Random ECP Group (256 bit) Default Suite-B 256-bit IKEv1 ECDSA protectio n suite 10011 IKEv1 AES-G
crypto-local isakmp key address netmask For a static IP controller that responds to IKE Aggressive-mode for Site-Site VPN: (host) (config)crypto-local ipsec-map src-net dst-net peer-ip 0.0.0.
Command Information Platforms All platforms 320| crypto-local ipsec-map Licensing Command Mode The group19 and group20 PFS options requires the Advanced Cryptography (ACR) license. All other parameters are available in the base operating system. Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
crypto-local isakmp allow-via-subnet-routes crypto-local isakmp allow-via-subnet-routes Description This command enables the controller to accept the subnets published by VIA clients. Syntax Parameter allow-via-subnet-routes Description Allows the controller to accept VIA-published subnets. Usage Guidelines By default, this feature is disabled, which means that the controller will ignore the subnets published by VIA. Enable this feature using the crypto-local isakmp allow-via-subnet-routes command.
crypto-local isakmp ca-certificate crypto-local isakmp ca-certificate Description This command assigns the Certificate Authority (CA) certificate used to authenticate VPN clients. Syntax Parameter ca-certificate Description User-defined name of a trusted CA certificate installed in the controller. Use the show crypto-local pki TrustedCA command to display the CA certificates that have been imported into the controller. Usage Guidelines You can assign multiple CA certificates.
crypto-local isakmp certificate-group crypto-local isakmp certificate-group server-certificate ca-certificate Description The command configures an IKE Certificate Group for VPN Clients. Syntax Parameter Description Range Default server-certificate The IKE server certificate name for VPN clients. 1-64 characte rs — ca-certificate The IKE CA Certificate for this server certificate.
crypto-local isakmp disable-aggressive-mode crypto-local isakmp disable-aggressive-mode Description The command disables the IKEv1 aggressive mode. Syntax No parameters. Usage Guidelines The master-local communication by default uses IPsec aggressive mode when a PSK is used for authentication between controllers. You need to convert master-local communication to certificate-based IPsec authentication before disabling aggressive mode.
crypto_local isakmp disable-ipcomp crypto-local isakmp disable-ipcomp Description This command disables IP compression on the master controller. Syntax No parameters. Usage Guidelines When this hardware-based compression feature is enabled, the quality of unencrypted traffic (such as Skype4b or Voice traffic) is not compromised by increased latency or decreased throughput. Use this command to globally disable IP compression on a master controller in a master/local topology.
crypto-local isakmp dpd crypto-local isakmp dpd idle-timeout retry-timeout retry-attempts Description This command configures IKE Dead Peer Detection (DPD) on the local controller. Syntax Parameter Description Range Default idle-timeout Idle timeout, in seconds. 10-3600 22 seconds retry-timeout Retry interval, in seconds. 2-60 2 seconds retry-attempts Number of retry attempts.
crypto-local isakmp key crypto-local isakmp key {address netmask }|{fqdn } |fqdn-any Description This command configures the IKE preshared key on the local controller for site-to-site VPN. Syntax Parameter key Description IKE preshared key value, between 6-64 characters. To configure a pre-shared key that contains non-alphanumeric characters, surround the key with quotation marks. For example: crypto-local isakmp key “key with spaces” fqdn-any.
| crypto-local isakmp key Dell Networking W-Series ArubaOS 6.5.
crypto-local isakmp permit-invalid-cert crypto-local isakmp permit-invalid-cert Description This command allows invalid or expired certificates to be used for site-to-site VPN. Syntax No parameters. Usage Guidelines This command allows invalid or expired certificates to be used for site-to-site VPN. Command History This command was introduced in ArubaOS 3.2. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
crypto-local isakmp sa-cleanup crypto-local isakmp sal-cleanup Description This command enables the cleanup of IKE SAs. Syntax No parameters. Usage Guidelines This command removes expired ISAKMP SAs from the controller. Command History This command was introduced in ArubaOS 6.1. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
crypto-local isakmp server-certificate crypto-local isakmp server-certificate Description This command assigns the server certificate used to authenticate the controller for VPN clients using IKEv1 or IKEv2 Syntax Parameter server-certificate Description User-defined name of a server certificate installed in the controller. Use the show crypto-local pki ServerCert command to display the server certificates that have been imported into the controller.
crypto-local isakmp xauth crypto-local isakmp xauth Description This command enables IKE XAuth for VPN clients. Syntax No parameters. Usage Guidelines The no crypto-local isakmp xauth command disables IKE XAuth for VPN clients. This command only applies to VPN clients that use certificates for IKE authentication. If you disable XAuth, then a VPN client that uses certificates will not be authenticated using username/password. You must disable XAuth for Cisco VPN clients using CAC Smart Cards.
crypto-local pki crypto-local pki CRL IntermediateCA OCSPResponderCert OCSPSignerCert PublicCert ServerCert TrustedCA global-oscp-signer-cert rcp Issue this command to configure a local certificate, OCSP signer or responder certificate and Certificate Revocation List (CRL). You can also list revocation checkpoints and enable the responder service.
Parameter ServerCert Description Original imported filename of the signer certificate. Server certificate. This certificate must contain both a public and a private key (the public and private keys must match). You can import a server certificate in either PKCS12 or x509 PEM format; the certificate is stored in x509 PEM DES encrypted format on the controller. Name of the signer certificate. Original imported filename of the signer certificate.
crypto-local pki rcp CARoot ocsp-signer-cert RootCA-Ocsp_signer crl-location file Security1-WIN-05PRGNGEKAO-CA-unrevoked.crl enable-ocsp-responder Related Commands Command Description Mode crypto-local pki rcp Specifies the certificates that are used to sign OCSP responses for this revocation check point Config mode show crypto-local pki This command shows local certificate, OCSP signer or responder certificate and CRL data and statistics.
crypto-local pki rcp crypto-local pki rcp [crl-location ]|[enable-ocsp-responder]|[ocsp-responder-cert ]|[ocsp-signer-cert ]| [ocsp-url ]|[revocation-check [None||]] Description Use this command to specify the certificates used to sign OCSP for the revocation check point. Syntax Parameter rcp Description Specifies the revocation check point.
Parameter Description ocsp-url Configures the OCSP Server URL. The URL has to be in the form of http://my.responder.com/path. This parameter can contain only one responder URL at time. revocation-check None Configures the revocation check methods used for this rcp. Options include: l None (default)- No revocation checks are performed for certificates being verified against this trusted CA. l CRL- CRL is used for the revocation check method.
Command History Version Modification ArubaOS 3.2 Command introduced. ArubaOS 6.1 The following parameters were introduced: l CRL l Intermediate CA l OCSPResponderCert l OCSPSignerCert l global-ocsp-signer-cert l rcp l service-ocsp-responder Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
crypto map global-map crypto map global-map ipsec-isakmp {dynamic }|{ipsec } Description This command configures the default global map. Syntax Parameter Description dynamic } ipsec Use a dynamic map. Name of the dynamic map. Use a IPsec map. Name of an IPsec map. Usage Guidelines This command identifies the dynamic or ipsec map used as the default global map.
crypto crypto pki csr {rsa key_len |{ec curve-name } common_name country state_or_province city organization unit email expirycheck Description Generate a certificate signing request (CSR) for the captive portal feature.
Usage Guidelines Use this command in enable mode to generate a CSR for the Captive Portal feature or to see all controller certificates are expiring. Display the CSR output by entering the command show crypto pki csr. Example The following command configures a CSR for a user with the email address jdoe@example.com. (host)(config) #crypto pki csr key 1024 common_name www.example.lcom country US state_or_ province ca city Sunnyvale organization engineering unit pubs email jdoe@example.
crypto pki-import crypto pki-import {der|pem|pfx|pkcs12|pkcs7} {CRL|IntermediateCA|OCSPResponderCert|OCSPSignerCert|PublicCert|ServerCert|TrustedCA} Description Import certificates for the captive portal feature. Syntax Parameter der Description Import the following certificates in DER format. CRL Import a CRL. IntermediateCA Import an intermediate CA certificate. OCSPResponderCert Import an OCSP Responder certificate.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The CRL, IntermediateCA, OCSPResponderCert, OCSPSignerCert parameters were added. Command Information Platforms All platforms 343| crypto pki-import Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
database synchronize database synchronize period |captive-portal-custom Description This command manually synchronizes the database between a pair of redundant master controllers Syntax Parameter Description captive-portal custom Includes custom captive portal files.. period Configures the interval for automatic database synchronization. Interval in minutes. Range is 1 — 25200 minutes. Usage Guidelines This command takes effect immediately.
delete delete {filename |ssh-host-addr |ssh-known-hosts} Description This command deletes a file or RSA signature entry from flash. Syntax Parameter Description filename Name of the file to be deleted. ssh-host-addr Deletes the entry stored in flash for the RSA host signature created when you run the copy scp command. ssh-known -hosts Deletes all entries stored in flash for the RSA host signatures created when you run the copy scp command.
destination destination [invert] Description This command configures the destination name and address. Syntax Parameter Description Range STRING Destination name. Alphanumeric A.B.C.D Destination IP address or subnet. — invert Specifies all destinations except this one. — Usage Guidelines You can configure the name and IP address of the destination. You can optionally configure the subnet, or invert the selection.
dialer group crypto-local dialer group dial-string init-string no ... Description Configure a dialer group with dialing parameters for a USB modem. Syntax Parameter Description dial-string The dial string column specifies the number to dial. init-string The init string can contain carrier-specific dialing options for the USB modem. You can often find these settings in online forums or from your ISP.
dir dir Description This command displays a list of files stored in the flash file system. Syntax No parameters. Usage Guidelines Use this command to view the system files associated with the controller. Output from this command includes the following: l The first column contains ten place holders that display the file permissions. n First place holder: Displays - for a file or d for directory.
Command Information Platform Available on all platforms 349| dir License Command Mode Available in the base operating system Enable and Config modes on local or master controllers Dell Networking W-Series ArubaOS 6.5.
disable-whitelist-sync disable-whitelist-sync Description This command disables whitelist synchronization with local or Cloud Services Controller on the master controller. Whitelist database synchronization is enabled by default. Syntax No parameters. Usage Guidelines By default, the whitelist database synchronization is enabled between the master and local or cloud services controller.
dot1x high-watermark <1-32000> stm-throttling percent no ... Use this command only under the supervision of Dell support. Description Use this command under the guidance of Dell support to configure the maximum and minimum thresholds of the table that contains 802.1X sessions being processed. Syntax Parameter Description high-watermark The maximum entries in the Active table.
dpi dpi custom-app global-bandwidth-contract {app [downstream |upstream][kbits|mbits }| {appcategory [downstream |upstream][kbits|mbits } Description This command configures Deep-Packet Inspection and the global bandwidth contract for an application or application category for the AppRF feature. Syntax Parameter Description custom-app The application or application category. Name of the application or application category.
To show global bandwidth contract configuration output: (host) #show dpi global-bandwidth-contract all (host) #show dpi global-bandwidth-contract app name (host) #show dpi global-bandwidth-contract appcategory name Command History Introduced in ArubaOS 6.4 Command Information Platform Available on all platforms 353| dpi License Command Mode Available in the base operating system Config mode on local or master controllers Dell Networking W-Series ArubaOS 6.5.
dynamic-ip dynamic-ip restart Description This command restarts the PPPoE or DHCP process. Syntax No parameters. Usage Guidelines This command can be used to renegotiate DHCP or PPPoE parameters. This can cause new addresses to be assigned on a VLAN where the DHCP or PPPoE client is configured. Command History This command was introduced in ArubaOS 3.0 Command Information Platform Available on all platforms License Available in the base operating system Dell Networking W-Series ArubaOS 6.5.
eject usb eject usb: Description Use this command to eject a USB device from your controller. Usage Guidelines Use this command to safely remove an external USB device, Example (host) #eject usb: Command History Command introduced in ArubaOS 6.2 Command Information Platform License Available on all platforms Dell Networking W-Series ArubaOS 6.5.x | Reference Guide Available in the base operating system Command Mode User mode on master or local controllers in enable mode.
enable enable Description This user mode command switches the controller into enable mode. The enable mode allows you to access privileged commands. Usage Guidelines To enter enable mode, you are prompted for the password configured during the controller’s initial setup. Passwords display as asterisks (*) when you enter them. To change the password, use the config mode enable secret command.
enable bypass enable bypass no enable bypass Description This config mode command allows you to bypass the enable password prompt and go directly to the privileged command mode. Usage Guidelines Use this command when you want to access the privileged mode directly after logging in to the controller and not be prompted to enter an enable mode password. To restore the enable mode password prompt, use the config mode command. no enable bypass.
enable secret enable secret Description This config mode command allows you to change the password for enable mode. Usage Guidelines Use this command to change the password for enable mode. To reset the password to the factory default of “enable”, use the no enable command. The password must not contain a space and special characters. Example The following example allows you to change the password for enable mode. (host) #configure terminal Enter Configuration commands, one per line.
encrypt encrypt {disable|enable} Description This command allows passwords and keys to be displayed in plain text or encrypted. Syntax Parameter Description Default disable Passwords and keys are displayed in plain text — enable Passwords and keys are displayed encrypted enabled Usage Guidelines Certain commands, such as show crypto isakmp key, display configured key information. Use the encrypt command to display the key information in plain text or encrypted.
esi group esi group [no]|[ping ]|[server ] Description This command configures an ESI group. Syntax Parameter Description no Negates any configured parameter. ping Specify the name of a set of ping checking attributes defined via the command esi ping. Only one set is allowed. server Specify the name of a server to be added or removed from the ESI group. You define ESI servers via the command esi server.
esi parser domain esi parser domain [no] | [peer ] | [server ] Description This command configures an ESI syslog parser domain. Syntax Parameter Description no Negates any configured parameter peer (Optional.) Specify the IP address of an another controller in this domain. These controllers are notified when the user cannot be found locally.
esi parser rule esi parser rule [condition ] | [domain ] | [enable] [match {ipaddr | mac | user }] | [no] | [position ] | [set {blacklist | role } | [test {msg | file }] Description This command creates or changes an ESI syslog parser rule. Syntax Parameter Description Range Default condition Specifies the REGEX (regular expression) pattern that uniquely identifies the syslog.
Usage Guidelines The user creates an ESI rule by using characters and special operators to specify a pattern that uniquely identifies a syslog message. This “condition” defines the type of message and the ESI domain to which this message pertains. The rule contains three major fields: l Condition: The pattern that uniquely identifies the syslog message type. l User: The username identifier. It can be in the form of a name, MAC address, or IP address.
< Oct 18 10:05:32 mobileip[499]: <500300> |mobileip| Station 00:40:96:a6:a1:a4, 10.0.100.103: DHCP FSM received event: RECEIVE_BOOTP_REPLY current: PROXY_DHCP_NO_PROXY, next: PROXY_DHCP_NO_PROXY > ========== Condition: No matching rule condition found ========== Command History Introduced in ArubaOS 3.1 Command Information Platform Available on all platforms. License Requires the PEFNG license Dell Networking W-Series ArubaOS 6.5.
esi parser rule-test esi parser rule-test [file ] | [msg ] Description This command allows you to test all of the enabled parser rules. Syntax Parameter Description file Tests against a specified file containing more than one syslog message. msg Tests against a syslog message, where is the message text. Usage Guidelines You can test the enabled parser rules against a syslog message input, or run the expression through a file system composed of syslog messages.
========== Command History Introduced in ArubaOS 3.1 Command Information Platform Available on all platforms 366| esi parser rule-test License Requires the PEFNG license Command Mode Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
esi ping esi ping [frequency ] | [no] | [retry-count ] | [timeout ] | Description This command specifies the ESI ping health check configuration. Syntax Parameter Description Range Default frequency Specifies the ping frequency in seconds. 1–65536 no Negates any configured parameter — — retry-count Specifies the ping retry count 1–65536 2 timeout Specifies the ping timeout in seconds.
esi server esi server [dport ] | [mode {bridge | nat | route}] | [no] | [trusted-ip-addr [health-check]] | [trusted-port //] | [untrusted-ip-port [health-check]] | [untrusted-port //] Description This command configures an ESI server. Syntax Parameter Description dport Specifies the NAT destination TCP/UDP port. mode Specifies the ESI server mode of operation: bridge, nat, or route no Negates any configured parameter.
Command Information Platform Available on all platforms 369| esi server License Command Mode Requires the PEFNG license Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
exit exit Description This command exits the current CLI mode. Syntax No parameters. Usage Guidelines Upon entering this command in a configuration sub-mode, you are returned to the configuration mode. Upon entering this command in configuration mode, you are returned to the enable mode. Upon entering this command in enable mode, you are returned to the user mode. Upon entering this command in user mode, you are returned to the user login.
export export gap-db Description This command exports the global AP database to the specified file. Syntax Parameter Description Name of the file to which the global AP database is exported. Usage Guidelines This command is intended for system troubleshooting. You should run this command only when directed to do so by a Dell support representative. The global AP database resides on a master controller and contains information about known APs on all controllers in the system.
file syncing profile file syncing profile file-syncing-enable no sync-time Description This command allows the user to configure the file syncing profile. Syntax Parameter Description Range Default file-syncing-enable Enables file syncing on the controller. — enabled no Negates any configured parameter. — — sync-time Configures the time, in minutes, between file syncs. 30 - 180 30 minutes Usage Guidelines This command enables or disables the file syncing.
fips fips [disable|enable] This command applies only to the FIPS version of ArubaOS. Description This command enables and disables the FIPS mode of operation. Syntax Parameter Description enable Enables the FIPS mode of operation. disable Disables the FIPS mode of operation. Usage Guidelines This command enables or disables the FIPS mode of operation. You can view the FIPS mode of operation status using the show fips command.
firewall firewall allow-stun allow-tri-session amsdu attack-rate arp <1-16384> {blacklist|drop} cp <1-16384> grat-arp <1-16384> {blacklist|drop} ping <1-16384> session <1-16384> tcp-syn <1-16384> bwcontracts-subnet-broadcast cp cp-bandwidth-contract deny-inter-user-bridging deny-inter-user-traffic deny-source-routing disable-ftp-server disable-stateful-h323 disable-stateful-sccp-processing disable-stateful-sip-processing disable-stateful-sips-processing disable-stateful-ua-processing disable-stateful-vocera
Syntax Parameter Description Range Default allow-stun Allows ICE-STUN based firewall traversal. — enabled allow-tri-session Allows three-way session when performing destination NAT. This option should be enabled when the controller is not the default gateway for wireless clients and the default gateway is behind the controller. This option is typically used for captive portal configuration.
Parameter Description Range Default deny-inter-user-bridging Prevents the forwarding of Layer2 traffic between wired or wireless users. You can configure user role policies that prevent Layer3 traffic between users or networks but this does not block Layer2 traffic. This option can be used to prevent traffic, such as Appletalk or IPX from being forwarded. If enabled, traffic (all non-IP traffic) to untrusted port or tunnel is also blocked.
Parameter Description Range Default disable-stateful-sips-processing Configure the controller to read SIP signaling messages sent by Skype4b clients on port 5061. — enabled disable-stateful-ua-processing Disables stateful UA processing. — disable d disable-stateful-vocera-processing Disables stateful VOCERA processing. — disable d dpi Enables Deep-Packet Inspection (DPI) — disable d drop-ip-fragments When enabled, all IP fragments are dropped.
Parameter Description Range Default gre-call-id-processing Creates a unique state for each PPTP tunnel. Do not enable this option unless instructed to do so by a technical support representative. — disable d imm-fb Immediately free buffers on W7200 Series controller. Do not enable this option unless instructed to do so by a technical support representative. — disable d ip-classification Enables IP (reputation/geolocation) classification. — disable d jumbo Enables jumbo frames processing.
Parameter prohibit-ip-spoofing Description Range Default Detects IP spoofing (where an intruder sends messages using the IP address of a trusted client). When this option is enabled, source and destination IP and MAC addresses are checked; possible IP spoofing attacks are logged and an SNMP trap is sent. — prohibit-rst-replay Closes a TCP connection in both directions if a TCP RST is received from either direction. You should not enable this option unless instructed to do so by a Dell representative.
Parameter Description stall-crash Triggers datapath crash on stall detection. Applies to the to W7200 Series controllers only. voip-wmm-voip-content-enforcement If traffic to or from the user is inconsistent with the associated QoS policy for voice, the traffic is reclassified to best effort and data path counters incremented. Range Default — enabled — disable d — disable d — disable d This parameter requires the PEFNG license. web-cc Enables web content classification for all HTTP traffic.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 3.2 The wmm-voip-content-enforcement parameter was introduced. ArubaOS 3.3 The session-mirror-destination parameter was modified. ArubaOS 3.3.2 The local-valid-users parameter was added. ArubaOS 3.4 The voip-proxy-arp parameter was renamed to broadcast-filter-arp and it does not require a Voice license. The prohibit-arp-spoofing parameter was added. The deny-inter-user-traffic parameter was added. ArubaOS 6.
Release ArubaOS 6.4.2.0 Modification The web-cc and web-cc-cache-miss-drop parameters were added. ArubaOS 6.4.2.5 The optimize-dad-frames parameter was introduced. ArubaOS 6.5 The ip-classification parameter was added. Command Information Platform License Available on all platforms Base operating system except the Command Mode Config mode on master controllers voip-wmm-voipcontent-enforcement parameter which requires the PEFNG license. Dell Networking W-Series ArubaOS 6.5.
firewall cp firewall cp ipv4|ipv6 deny|permit |any|{host } proto{ ports }|ftp|http|https|icmp|snmp|ssh|telnet|tftp [bandwidth-contract ] no... Description This command creates whitelist session ACLs. Whitelist ACLs consist of rules that explicitly permit or deny session traffic from being forwarded or not to the controller.
Parameter Description Range Default snmp Specifies the Simple Network Management Protocol. — — ssh Specifies the Secure Shell. — — telnet Specifies the Telnet protocol. — — tftp Specifies the Trivial File Transfer Protocol. — — Specify the name of a bandwidth contract defined via the cp-bandwidth-contract command. — — bandwidth-contract Usage Guidelines This command turns the session ACL from a blacklist to a whitelist.
Command History Modification ArubaOS 3.4 Command introduced. ArubaOS 6.2 The permit parameter was added. The deny parameter was added. The any parameter was added. The host parameter was added. The ftp, http, https, icmp, snmp, ssh, telnet and tftp parameters were added. ArubaOS 6.3 The ipv4 and ipv6 parameters were added. Command Information Platform License Available on all platforms Dell Networking W-Series ArubaOS 6.5.
firewall cp-bandwidth-contract firewall cp-bandwidth-contract {auth|route|sessmirr|trusted-mcast|trusted-ucast |untrusted-mcast|untrusted-ucast} Description This command configures bandwidth contract traffic rate limits, in packets per second, to prevent denial of service attacks. Syntax Parameter Description Range Default auth Specifies the traffic rate limit that is forwarded to the authentication process. 1-65535 pps route Specifies the traffic rate limit that needs ARP requests.
Command Information Platform Available on all platforms 387| firewall cp-bandwidth-contract License Command Mode This command requires the PEFNG license Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
firewall-visibility firewall-visibility no ... Description Enables or disables policy enforcement firewall visibility feature. Syntax No parameters. Usage Guideline When you enable this feature, the Firewall Monitoring page on the Dashboard tab of the WebUI displays the summary of all sessions in the controller aggregated by users, devices, destinations, applications, WLANs, and roles. Example The following command enables firewall visibility.
gateway health-check disable gateway health-check disable Description Disable the gateway health check. Usage Guidelines The gateway health check feature can only be enabled by Dell Technical Support. This command disables the gateway health check, and should only be issued under the guidance of the support staff.
guest-access-email guest-access-email smtp-port smtp-server no... Description This command configures the SMTP server which is used to send guest email. Guest email is generated when a guest user account is created or when the Guest Provisioning user sends guest user account email a later time. Syntax Parameter smtp-port smtp-server no Description Range Default Identifies the SMTP port through which the guestaccess email is sent. — — The SMTP port number.
Command History Modification ArubaOS 3.4 Introduced for the first time. Command Information Platform Available on all platforms 391| guest-access-email License Command Mode Available in the base operating system. Config mode on master controllers. Dell Networking W-Series ArubaOS 6.5.
ha ha group-membership group-profile ] clone controller role active|dual|standby controller-v6 role active|dual|standby heartbeat heartbeat-interval heartbeat-threshold no over-subscription pre-shared-key preemption state-sync Description This command configures the High Availability:Fast Failover feature by assigning controllers to a highavailability group, and defining the deployment role for each contr
Parameter Description heartbeat The high availability inter-controller heartbeat feature allows for faster AP failover from an active controller to a standby controller, especially in situations where the active controller reboots or loses connectivity to the network. heartbeat-interval Enter a heartbeat interval in the Heartbeat Interval field to define how often inter-controller heartbeats are sent.
controllers for that AP. This feature does not require that the active controller act the configuration master for the local standby controller . A master controller in a master-local deployment can act as an active or a standby controller . When the AP first connects to its active controller, that controller sends the AP the IP address of a standby controller, and the AP attempts to connect to the standby controller.
halt halt Description This command halts all processes on the controller. Syntax No parameters. Usage Guidelines This command gracefully stops all processes on the controller. You should issue this command before rebooting or shutting down to avoid interrupting processes. Command History Introduced in ArubaOS 3.0 Command Information Platform Available on all platforms License Available in the base operating system. Dell Networking W-Series ArubaOS 6.5.
help help Description This command displays help for the CLI. Syntax No parameters. Usage Guidelines This command displays keyboard editing commands that allow you to make corrections or changes to the command without retyping. You can also enter the question mark (?) to get various types of command help: l When typed at the beginning of a line, the question mark lists all commands available in the current mode.
hostname hostname Description This command changes the hostname of the controller. Syntax Parameter hostname Description The hostname of the controller Range 1-63 Default See below Usage Guidelines The hostname is used as the default prompt. You can use any alphanumeric character, punctuation, or symbol character. To use spaces, plus symbols (+), question marks (?), or asterisks (*), enclose the text in quotes.
iap del branch-key iap del branch-key Description This command removes a branch from the controller based on the branch key. Syntax Parameter branch-key Description Key for the branch, which is unique to each branch. Example (host) (config) #iap del branch-key b3c65c4d013836cf190566ca1afdf87c95350cffb1c782e463 Related Commands Command show iap table Description This command displays the branch details connected to the controller. Command History Release ArubaOS 6.
iap trusted-branch-db iap trusted-branch-db add {mac-address } allow-all del {mac-address } del-all Description This command is used to configure an IAP-VPN branch as trusted. Syntax Parameter Description add Configure an IAP trusted branch entry. mac-address MAC-address of an AP. allow-all Configure all branches as trusted. del Delete an IAP trusted branch entry. mac-address MAC-address of AP. Delete all trusted branch entries.
Command Information Platforms All platforms 400| iap trusted-branch-db Licensing Base operating system, except for noted parameters Command Mode Enable or Configuration mode on master and local controller Dell Networking W-Series ArubaOS 6.5.
ids ap-classification-rule change id-classification-rule check-min-discovered-aps classify-to-type [neighbor | suspected-rogue] clone conf-level-incr discovered-ap-cnt match-ssids no snr-max snr-min ssid Description Configure the AP classification rule profile. Syntax Parameter Description Range Default Enter the AP classification rule profile name.
Parameter ssid Description Range Enter the keyword ssid followed by the SSID string to be matched or excluded — Default — Usage Guidelines AP classification rule configuration is performed only on a master controller. If AMP is enabled via the mobilitymanager command, then processing of the AP classification rules is disabled on the master controller. A rule is identified by its ASCII character string name (32 characters maximum).
Command Information Platforms Available on all platforms Licensing Requires the RFprotect license Dell Networking W-Series ArubaOS 6.5.
ids ap-rule-matching no rule-name Description Configure the IDS active AP rules profile by enabling an AP classification rule. Syntax Parameter Description no Negates any configured parameter rule-name Name of the IDS AP classification rule Usage Guidelines This command activates an active AP rule created by the ids ap-classification-rule change command. You must create the rule before you can activate it.
ids dos-profile ids ids dos-profile ap-flood-inc-time ap-flood-quiet-time ap-flood-threshold assoc-rate-thresholds auth-rate-thresholds block-ack-dos-quiet-time chopchop-quiet-time client-ht-40mhz-intol-quiet-time client-flood-inc-time client-flood-quiet-time client-flood-threshold client-ht-40mhz-intolerance clone cts-rate-quiet-time cts-rate-threshold cts-rate-time-interval deauth-rate-thresholds detect-ap-flood detect-
power-save-dos-quiet-time power-save-dos-threshold probe-request-rate-thresholds probe-response-rate-thresholds rts-rate-quiet-time rts-rate-threshold rts-rate-time-interval spoofed-deauth-blacklist tkip-replay-quiet-time Description This command configures traffic anomalies for denial of service (DoS) attacks. Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters.
Parameter Description Range Default client-ht-40mhz-intol-quiettime Controls the quiet time (when to stop reporting intolerant STAs if they have not been detected), in seconds, for detection of 802.11n 40 MHz intolerance setting. 60-360000 seconds 900 second s client-flood-inc-time Number of consecutive seconds over which the client count is more than the threshold.
Parameter detect-chopchop-attack detect-client-flood detect-cts-rate-anomaly detect-disconnect-station Description Range Enable/disable detection of ChopChop attack. true Enable/disable detection of client flood attack. true Enable/disable detection of CTS rate anomaly. true In a station disconnection attack, an attacker spoofs the MAC address of either an active client or an active AP. The attacker then sends deauthenticate frames to the target device, causing it to lose its active association.
Parameter detect-malformed-htie Description Range Default Enable/disable detection of malformed HT IE true Enable/disable detection of unusually large durations in frames true Enable/disable detection of Omerta attack true Enable/disable detection of overflow EAPOL key requests true Enable/disable detection of overflow Information Elements (IE) true Enable/disable detection of Power Save DoS attack true Enable/disable detection of rate anomalies true Enable/disable detection of RTS rate an
Parameter Description Range Default disconnect-sta-quiet-time After a station disconnection attack is detected, the time, in seconds, that must elapse before another identical alarm can be generated. 60360000secon ds 900 second s eap-rate-quiet-time After an EAP rate anomaly alarm has been triggered, the time, in seconds, that must elapse before another identical alarm may be triggered.
Parameter Description Range Default malformed-large-duration-quiet-time Time to wait, in seconds, after detecting a large duration for a frame after which the check can be resumed. 60-360000 seconds 900 second s no Negates any configured parameter. — — omerta-quiet-time Time to wait, in seconds, after detecting an Omerta attack after which the check can be resumed.
Parameter Description Range Default probe-request-rate-thresholds Rate threshold for probe request frames. — — probe-response-rate-thresholds Rate threshold for probe response frames. — — rts-rate-quiet-time Time to wait, in seconds, after detecting an RTS rate anomaly after which the check can be resumed. 60-360000 seconds 900 second s rts-rate-threshold Number of RTS control packets over the time interval that constitutes an anomaly.
Command History Release Modification ArubaOS 3.0 Command Introduced. ArubaOS 3.3 Updated with support for high-throughput IEEE 802.11n standard. ArubaOS 3.4 detect-disconnect-sta and disconnect-sta-quiet-time parameters deprecated. ArubaOS 6.0 Deprecated predefined profiles and added numerous DoS profile options ArubaOS 6.1 Added the following parameter in support of Detection of the Meiners Power Save DoS attack, including event notification to the user.
ids general-profile ids general-profile adhoc-ap-inactivity-timeout adhoc-ap-max-unseen-timeout ap-inactivity-timeout ap-max-unseen-timeout clone frame-types-for-rssi [all | ba | ctrl | dhigh | dlow | dnull | mgmt | pr] ids-events [logs-and-traps | logs-only | none | traps-only] max-monitored-stations max-unassociated-stations min-pot-ap-beacon-rate min-pot-ap-monitor-time mobility-manager-rtls mon-st
Parameter Description Range Default ap-inactivity-timeout Time, in seconds, after which an AP is aged out. 536000 second s 5 second s ap-max-unseen-timeout Ageout time, in seconds, since AP was last seen. 536000 second s 600 second s clone Name of an existing IDS general profile from which parameter values are copied. — — frame-types-for-rssi all ba ctrl dhigh dlow dnull mgmt pr Select frame types to be used in AM RSSI calculation.
Parameter Description max-unassociated-stations Maximum number of unassociated stations. Range Default 2564096 256 NOTE: This parameter is currently available on W-AP220 Series access points only. NOTE: Configure this parameter under the supervision of Dell Technical Support. min-pot-ap-beacon-rate Minimum beacon rate acceptable from a potential AP, in percentage of the advertised beacon interval.
Parameter sta-inactivity-timeout Description Range Time, in seconds, after which a station is aged out. 30360000 second s sta-max-unseen-timeout Ageout time, in seconds, since station was last seen. Minimum is 5. unclass_ap_update Enables or disables classification updates for monitored APs. If this option is enabled, there is a decrease in the delay with which the devices are classified.
Parameter Description Range Default containment and suspect-rogue-conflevel parameters in the ids unauthorized-device-profile. wireless-containment deauth-only none tarpit-all-sta tarpit-non-valid-sta Enable wireless containment including Tarpit Shielding. Tarpit shielding works by steering a client to a tarpit so that the client associates with it instead of the AP that is being contained. — deaut honly true false deauth-only—Containment using deauthentication only.
Version ArubaOS 6.3 ArubaOS 6.4.2.3 ArubaOS 6.4.4.0 Description Introduced the wired-containment-susp-l3-rogue parameter.
ids impersonation-profile ids impersonation-profile ap-spoofing-quiet-time beacon-diff-threshold beacon-inc-wait-time beacon-wrong-channel-quiet-time clone detect-ap-impersonation detect-ap-spoofing detect-beacon-wrong-channel detect-hotspotter hotspotter-quiet-time no ... protect-ap-impersonation Description This command configures anomalies for impersonation attacks.
Parameter Description Range Default detect-ap-impersonation Enables detection of AP impersonation. In AP impersonation attacks, the attacker sets up an AP that assumes the BSSID and ESSID of a valid AP. AP impersonation attacks can be done for man-in-the-middle attacks, a rogue AP attempting to bypass detection, or a honeypot attack.
Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 3.4 detect-sequence-anomaly, sequence-diff, sequence-quiet-time, sequence-time-tolerance parameters deprecated. ArubaOS 6.
ids management-profile event-correlation [logs-and-traps | logs-only | none | traps-only] event-correlation-quiet-time Description Mange the event correlation. Syntax Parameter Description Range event-correlation logs-and-traps logs-only none traps-only Correlation mode for IDS event traps and syslogs (logs). Event correlation can be enabled with generation of correlated logs, traps, or both. To disable correlation, enter the keyword none.
ids profile ids profile clone dos-profile general-profile impersonation-profile no ... signature-matching-profile unauthorized-device-profile Description This command defines a set of IDS profiles. Syntax Parameter Description Default Name that identifies an instance of the profile. The name must be 1-63 characters. “default” clone Name of an existing IDS profile from which parameter values are copied.
Example The following command defines a set of IDS profiles: (host) (config) #ids profile floor2 (host) (IDS Profile "floor2") #dos-profile dos1 general-profile general1 impersonation-profile mitm1 signature-matching-profile sig1 unauthorized-device-profile unauth1 Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 6.
ids rate-thresholds-profile ids rate-thresholds-profile channel-inc-time channel-quiet-time channel-threshold clone no ... node-quiet-time node-threshold node-time-interval Description This command configures thresholds that are assigned to the different frame types for rate anomaly checking. Syntax Parameter Description Range Default Name that identifies an instance of the profile. The name must be 1-63 characters.
Usage Guidelines A profile of this type is attached to each of the following 802.
ids signature-matching-profile ids signature-matching-profile clone no ... signature Description This command contains defined signature profiles. Syntax Parameter Description Default Name that identifies an instance of the profile. The name must be 1-63 characters. “default” clone Name of an existing IDS signature matching profile from which parameter values are copied. — no Negates any configured parameter. — signature Name of a signature profile.
Command Information Platform Available on all platforms 429| ids signature-matching-profile License Command Mode Requires the RFprotect license Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ids signature-profile ids signature-profile bssid clone dst-mac frame-type {assoc|auth|beacon|control|data|deauth|disassoc|mgmt|probe-request|proberesponse no ... payload [offset ] seq-num src-mac Description This command configures signatures for wireless intrusion detection. Syntax Parameter Description Default Name that identifies an instance of the profile. The name must be 1-63 characters.
Parameter Description Default probe-request Frame type is probe request probe-response Frame type is probe response ssid For beacon, probe-request, and probe-response frame types, specify the SSID as either a string or hex pattern. — ssid-length For beacon, probe-request, and probe-response frame types, specify the length, in bytes, of the SSID. Maximum length is 32 bytes. — no Negates any configured parameter. — payload Pattern at a fixed offset in the payload of an 802.11 frame.
Signature Profile Netstumbler Generic Netstumbler Version 3.3.0x Null-Probe-Response Parameter Value payload offset=3 pattern=0x00601d payload offset=6 pattern=0x0001 payload offset=3 pattern=0x00601d payload offset=12 pattern=0x000102 frame-type probe-response ssid length = 0 Command History Version ArubaOS 3.0 Modification Command Introduced Command Information Platform Available on all platforms License Requires the RFprotect license Dell Networking W-Series ArubaOS 6.5.
ids unauthorized-device-profile ids unauthorized-device-profile adhoc-using-valid-ssid-quiet-time allow-well-known-mac [hsrp|iana|local-mac|vmware|vmware1|vmware2|vmware3] cfg-valid-11a-channel cfg-valid-11g-channel classification clone detect-adhoc-network detect-adhoc-using-valid-ssid detect-bad-wep detect-ht-greenfield detect-invalid-mac-oui detect-misconfigured-ap detect-sta-assoc-to-rogue detect-unencrypted-valid-client detect-valid-client-misassociation d
Syntax Parameter Description Range Defaul t Name that identifies an instance of the profile. The name must be 1-63 characters. — “defaul t” adhoc-using-valid-ssid-quiettime Time to wait, in seconds, after detecting an adhoc network using a valid SSID, after which the check can be resumed. 6036000 0 900 secon ds allow-well-known-mac Allows devices with known MAC addresses to classify rogues APs.
Parameter Description Range Defaul t To clear the well known MACs in the system, use the following commands: l clear wms wired-mac:This clears all of the learned wired MAC information on the controller. l reload: This reboots the controller. cfg-valid-11a-channel List of valid 802.11a channels that thirdparty APs are allowed to use. 34165 N/A cfg-valid-11g-channel List of valid 802.11b/g channels that thirdparty APs are allowed to use.
Parameter Description Range Defaul t detect-invalid-mac-oui Enables checking of the first three bytes of a MAC address, known as the organizationally unique identifier (OUI), assigned by the IEEE to known manufacturers. Often clients using a spoofed MAC address do not use a valid OUI and instead use a randomly generated MAC address. Enabling MAC OUI checking causes an alarm to be triggered if an unrecognized MAC address is in use.
Parameter Description Range Defaul t When a wireless hosted network is detected this feature sends a “Wireless Hosted Network” warning level security log message and the wlsxWirelessHostedNetworkDetected SNMP trap. If there are clients associated to the hosted network, this feature will send a “Client Associated To Hosted Network” warning level security log message and the wlsxClientAssociatedToHostedNetworkDete cted SNMP trap.
Parameter Description Range Defaul t protect-ht-40mhz Enables or disables protection of highthroughput (802.11n) devices operating in 40 MHz mode. — false protect-misconfigured-ap Enables protection of misconfigured APs. — false protect-ssid Enables use of SSID by valid APs only. — false protect-valid-sta When enabled (true), does not allow valid stations to connect to a non-valid AP.
Parameter suspect-rogue-conf-level Description Range Confidence level of suspected Rogue AP to trigger containment. Defaul t 50100% 60% When an AP is classified as a suspected rogue AP, it is assigned a 50% confidence level. If multiple APs trigger the same events that classify the AP as a suspected rogue, the confidence level increases by 5% up to 95%. In combination with suspected rogue containment, this option configures the threshold by which containment should occur.
Usage Guidelines Unauthorized device detection includes the ability to detect and disable rogue APs and other devices that can potentially disrupt network operations.
ids wms-general-profile wms general adhoc-ap-ageout-interval ap-ageout-interval collect-stats learn-ap learn-system-wired-macs no persistent-neighbor persistent-valid-sta poll-interval poll-retries propagate-wired-macs sta-ageout-interval stat-update Description This command configures the WLAN management system (WMS).
Parameter Description Range Default poll-interval Interval, in milliseconds, for communication between the controller and Dell AMs. The controller contacts the AM at this interval to download AP to station associations, update policy configuration changes, and download AP and station statistics. (any) 60000 millisecond s (1 minute) poll-retries Maximum number of failed polling attempts before the polled AM is considered to be down.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 Added parameter learned-system-wired-mac Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
ids wms-local system-profile ids wms-locals-profile max-rbtree-entries max-system-wm max-threshold system-wm-update-interval ] Description This command sets the local configuration parameters to control the size of the Wired MAC table and APs and Stations. Syntax Parameter Description max-rbtree-entries Set the max threshold for the total number of AP and Station RBTree entries.
Command History Release ArubaOS 3. ArubaOS 6.1 Modification Introduced Local configuration parameters to control the size of the Wired MAC table max-system-wm and system-wm-update-interval ArubaOS 6.1.3 The wms-local command was renamed to ids wms-local-system-profile. Command Information Platforms All platforms 445| ids wms-local system-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ifmap ifmap cppm enable no server host port username passwd Description This command is used in conjunction with ClearPass Policy Manager. It sends HTTP User Agent Strings and mDNS broadcast information to ClearPass so that it can make more accurate decisions about what types of devices are connecting to the network. Syntax Parameter Description Default enable Enables the IFMAP protocol. — server Configures the CPPM IF-MAP server.
Related Commands Command Description Mode show ifmap This command is used in conjunction with ClearPass Policy Manager. It sends HTTP User Agent Strings and mDNS broadcast information to ClearPass so that it can make more accurate decisions about what types of devices are connecting to the network Config mode Command History Version ArubaOS 6.
Interface cellular interface cellular ip access-group session Description This command allows you to specify an ingress or egress ACL to the cellular interface of an EVDO modem. Syntax Parameter Description Enter the name or number of the access group you want to apply to the EVDO modem.
interface fastethernet | gigabitethernet interface interface {fastethernet|gigabitethernet} // bandwidth-contract |{{app |appcategory } } upstream|downstream [exclude] description duplex {auto|full|half} ip access-group {in|out|session {vlan }} jumbo lacp {group|port-priority|timeout} lldp {fast-transmit-counter <1-8>|fast-transmit-interval <1-3600>|med|receive |transmit|transmit-hold <1-100>|transmit-interval <
Parameter Description Range Default Name of a bandwidth contract configured with the aaa bandwidth-contract command. If you specify a bandwidth contract name before you specify an application or application category, the bandwidth contract is applied to all downstream or upstream traffic. app Name of the application to which the bandwidth contract is applied. For a complete list of supported applications, issue the command show dpi application all.
Parameter Description Range Default in Applies ACL to interface’s inbound traffic. — — out Applies ACL to interface’s outbound traffic. — — session Applies session ACL to interface and optionally to a selected VLAN associated with this port. — — jumbo Enables or disables jumbo frame MTU configured via firewall on a port. — disabled lacp Configures an LACP functionality on an interface. — — Sets a number for the link aggregation group and the LACP mode on the interface.
Parameter Description Range Default med Enables the LLDP MED protocol. — disabled receive Enables processing of LLDP PDU received. — disabled transmit Enables LLDP PDU transmit. — disabled transmit-hold <1-100> Set the transmit hold multiplier. 1-100 4 transmit-interval <1-3600> Sets the transmit interval in seconds. 1-3600 30 no Negates any configured parameter. — — port monitor Monitors another interface on the controller.
Parameter Description Range Default port-priority Spanning tree priority of the interface. A lower setting brings the port closer to root port position (favorable for forwarding traffic) than does a higher setting. This is useful if ports may contend for root position if they are connected to an identical bridge. 0-255 128 portfast Enables forwarding of traffic from the interface. — disabled vlan Configure the vlan instance.
Parameter Description interval trunk trusted Range Default Sets the autorecovery interval time in seconds to clear off the port error. 1–65,535 — Sets the interface as a trunk port for the specified VLANs. A trunk port carries traffic for multiple VLANs using 802.1q tagging to mark frames for specific VLANs. You can include all VLANs configured on the controller, or add or remove specified VLANs. Specify native to identify the native VLAN for the trunk mode interface.
Parameter Description Range Default However, if you execute the trusted vlan command, it overrides any earlier untrusted VLANs or a range of untrusted VLANs and creates a new set of trusted VLANs. NOTE: A port supports a user VLAN range from 1-4094. If you want to set all VLANs (14094) on a port as untrusted then mark the port itself as untrusted. By default the port and all its associated VLANs are trusted. tunneled-node-port Enable or disable tunneled node capability on the port.
Interface Bandwidth Contracts W-7000 Series controllers have the ability to classify and identify applications on the network. If a W-7000 Series controller is configured as a branch controller, you can create bandwidth contracts to limit traffic for individual applications (or categories of applications) either sent from or received by a selected interface. There are two basic models for using this feature.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 The trusted VLAN and ip access-group session vlan parameters were introduced. ArubaOS 3.4.1 The trusted vlan parameter was added. ArubaOS 6.1 The parameter muxport was changed to tunneled-node-port ArubaOS 6.3 The jumbo parameter was added to enable or disable jumbo frame MTU configured via firewall on port. ArubaOS 6.4 The lldp parameter was added. ArubaOS 6.4.3.0 The bw-contract parameter was introduced.
interface loopback interface loopback ip address ipv6 address no ... Description This command configures the loopback address on the controller. Syntax Parameter Description ip address Host IP address in dotted-decimal format. This address should be routable from all external networks. ipv6 address Host IPv6 address that is routable from all external networks. no Negates any configured parameter.
Dell Networking W-Series ArubaOS 6.5.
interface port-channel interface port-channel add {fastethernet|gigabitethernet} // del {fastethernet|gigabitethernet} // description ip access-group {in|out|session {vlan }} jumbo no ...
Parameter Description Range Default firewall on a port channel. no Negates any configured parameter. — — shutdown Causes a hard shutdown of the interface. — — spanning-tree Enables spanning tree. — — Enables forwarding of traffic from the interface. — — Sets switching mode parameters for the interface. — — access vlan Sets the interface as an access port for the specified VLAN. The interface carries traffic only for the specified VLAN.
Parameter Description Range Default However, if you execute the trusted vlan command, it overrides any earlier untrusted VLANs or a range of untrusted VLANs and creates a new set of trusted VLANs. NOTE: A port supports a user VLAN range from 14094. If you want to set all VLANs (1-4094) on a port as untrusted then mark the port itself as untrusted. By default the port and all its associated VLANs are trusted. xsec Enables and configures the Extreme Security (xSec) protocol.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 The trusted VLAN and ip access-group session vlan parameters were introduced. ArubaOS 3.4.1 The trusted vlan parameter was added. ArubaOS 6.3 The jumbo parameter was added. ArubaOS 6.4.3.0 The description parameter was introduced. Command Information Platforms All plaforms 463| interface port-channel Licensing Command Mode This command is available in the base operating system.
interface-profile voip-profile interface-profile voip-profile clone no{...} voip-dot1p voip-dscp voip-mode [auto-discover | static] voip-vlan Description This command creates a VoIP profile that can be applied to any interface or an interface group. Syntax Parameter Description Range Name of the VoIP profile. 1-32 characters; cannot begin with a numeric character voip-dot1p Specifies the dot1p priority.
Command History This command was introduced in ArubaOS Release ArubaOS 6.2 Modification Command introduced. Command Information Platforms All platforms 465| interface-profile voip-profile Licensing Base operating system Command Mode Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
interface range interface range {fastethernet|gigabitethernet} - duplex {auto|full|half} ip access-group {in|out|session {vlan }} no ...
Parameter Description Range Default cost Administrative cost associated with the spanning tree. 1-65535 port-priority Spanning tree priority of the interface. A lower setting brings the port closer to root port position (favorable for forwarding traffic) than does a higher setting. This is useful if ports may contend for root position if they are connected to an identical bridge. 0-255 portfast Enables forwarding of traffic from the interface.
Parameter Description Range Default Then all VLANs in this range are trusted and all others become untrusted by default. You can also use the no trusted vlan command to explicitly make an individual VLAN untrusted. The no trusted vlan command is additive and adds given vlans to the existing untrusted vlan set. However, if you execute the trusted vlan command, it overrides any earlier untrusted VLANs or a range of untrusted VLANs and creates a new set of trusted VLANs.
interface tunnel interface tunnel description inter-tunnel-flooding ip access group in ip address { } | internal ip ospf {area }|{authentication message-digest}|{cost }|{dead-interval }|{hello-interval }|{message-digest-key }|{priority }|{retransmitinterval }|{transmit-delay } ipv6 address X:X:X:X::X mtu no ...
Parameter Description Range Default - - routable IP address. Enter the following values: l address: The interface IP address of the Layer-3 tunnel. l : An IPv4 address. NOTE: The IP address should not be part of any subnet in your network, nor does it have to be routable in your network. It is used as a gateway for routing your private subnets (i.e., non-routable VLANs) within the GRE tunnel. ipv6 l internal: IP address allocated from the Remote-Node pool.
Parameter Description Range Default IPv6: 1500 no Negates any configured parameter. — — shutdown Causes a hard shutdown of the interface. — — trusted l When Trusted is enabled: Any device can send any traffic through the GRE tunnel without having to be authenticated. — Disabled l When Trusted is disabled: Any device that is a source of traffic and is sent through the tunnel must be authenticated to be able to send the traffic.
Parameter Description Range Default Number of seconds at which keepalive frames are sent. 1-86400 10 seconds Number of consecutive times that the keepalives fail before the tunnel is considered to be down. 0-1024 3 The option enables keepalive interoperability for Layer-3 tunnels between controllers and Cisco network devices. Dell sets the keepalive packet’s GRE protocol field to 0x801; however, Cisco sets the GRE protocol field to 0.
In Layer-3 GRE tunnels, IPv6 encapsulated in IPv4 and IPv4 encapsulated in IPv6 are not supported. The only Layer-3 GRE modes supported are IPv4 encapsulated in IPv4 and IPv6 encapsulated in IPv6. You can direct traffic into the tunnel using a static route (by specifying the tunnel as the next hop for a static route) or a session-based access control list (ACL).
IPv6 Layer-3 GRE Tunnel The following CLI command examples configure a Layer-3 GRE tunnel for IPv6 between two controllers.
interface vlan interface vlan bandwidth-contract bcmc-optimization description ip {access-group in}|{address |dhcp-client client-id|internal|pppoe} |helper-address |igmp [proxy][snooping]|local-proxy-arp|nat[inside]|{ospf {area|authentication|cost|dead-interval|hello-interval|message-digestkey|priority|retransmit-interval|transmit-delay}| pppoe-max-segment-size | pppoepassword |pppoe-service-name |pppoe-username |rout
Parameter address Description Range Configures the IP address for this interface, which can be one of the following: Default — — l dhcp-client: use DHCP to obtain the IP address l internal: IP address allocated from the branch group config. l pppoe: use PPPoE to obtain the IP address helper-address IP address of the DHCP server for relaying DHCP requests for this interface.
Parameter Description Range Default address Configures the link local address or the global unicast address for this interface. — — dhcp Configures dynamic host configuration protocol for IPv6. — — — — — — server - Configures the DHCPv6 pool for the vlan. mld Enables Multicast Listener Discovery (MLD) on this interface. snooping— Configures the MLD snooping on this interface. proxy—Configures MLD proxy on the following interfaces.
Parameter Description Range Default no Negates any configured parameter. — — mtu MTU setting for the VLAN. 10241500 — multimode-auth MultiMode Authentication Support on VLAN — — operstate up Set the state of the interface to be up. — — option-82 {ap-name [essid] |mac [essid]} Allows a DHCP relay agent to insert circuit specific information into a request that is being forwarded to a DHCP server.
Related Commands Command Description ip access-list route This command configures an access control list (ACL) for policy-based routing (PBR). ip nexthop-list routing-policy-map Use this command to define a next-hop list for a routing policy This command associates a routing access control list (ACL) with a user role. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3 The ipv6 parameters were introduced. ArubaOS 3.4 The igmp snooping parameter was deprecated.
interface vlan ipv6 interface vlan ipv6 {address link-local | [/ | eui-64] ipv6 dhcp server ipv6 mld [snooping] ipv6 nd {ra [dns | enable | hop-limit | interval | life-time | managed-config-flag | mtu | other-config-flag | preference | prefix] | reachable-time | retransmit-time }} Description This command configures the IPv6 link local address or the global unicast address, and the IPv6 router advertisement parameters for this
Parameter Description Range l mtu—Configures maximum transmission unit for RA. l other-config-flag—Enables hosts to use DHCP server for other nonaddress stateful autoconfiguration. l preference—Configures a router preference. l prefix—Configures IPv6 RA prefix. reachable-time Configures the neighbor discovery reachable time in msec. 03,600,000 retransmit-time Configures the neighbor discovery retransmit time in msec.
Dell Networking W-Series ArubaOS 6.5.
interface vlan ip igmp proxy interface vlan ip igmp snooping|{proxy fastethernet|gigabitethernet // } Description This command enables IGMP and/or IGMP snooping on this interface, or configures a VLAN interface for uninterrupted streaming of multicast traffic. Syntax Parameter snooping Description Enable IGMP snooping. The IGMP protocol enables an router to discover the presence of multicast listeners on directly-attached links.
ipv6 mld snooping, and the IPv6 router will send multicast frames to only those nodes that need to receive them. Command History This command was introduced in ArubaOS 3.4 Command Information Platforms All platforms 484| interface vlan ip igmp proxy Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ip access-list eth ip ip access-list eth {|} deny { []|any} [mirror] [position} no ... permit { []|any} [mirror][position] Description This command configures an Ethertype access control list (ACL). Syntax Parameter Description Range eth Enter a name, or a number in the specified range.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3 The mirror parameter was introduced. Command Information Platform Available on all platforms 486| ip access-list eth License Requires the PEFNG license. Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ip access-list extended ip access-list extended {|} deny ipv6 no ... permit Description This command configures an extended access control list (ACL). To configure IPv6 specific rules, use the ipv6 keyword for each rule. Syntax Parameter Description Range extended Enter a name, or a number in the specified range. ipv6 Use the ipv6 keyword to add IPv6 specific rules. — deny Reject the specified packets.
Parameter Description Range Protocol, which can be one of the following: l Protocol number between 0-255 l any: any protocol l icmp: Internet Control Message Protocol l igmp: Internet Gateway Message Protocol l tcp: Transmission Control Protocol l udp: User Datagram Protocol Source, which can be one of the following: — — Source address (IPv4 or IPv6) and wildcard any: any source host: specify a single host IP address Destination, which can be one of the followi
ip access-list ip-geolocation ip access-list geolocation deny no permit Description This command configures a geolocation access list. Syntax Parameter deny no Description Range — Reject the specified packets. Specify the source of the packets.
Parameter Description Range l any - Match any location l country - Match packets from/to country l region - Match packets from/to region Example The following command denies packets from China : (host) (config-global-geolocation-acl)#deny from country china Command History This command was available in ArubaOS 6.5. Command Information Platforms All platforms 490| ip access-list ip-geolocation Licensing Base operating system. Command Mode Config mode on master or local controllers.
ip access-list mac ip access-list mac {|} deny {[]|any|host } [mirror] no ... permit {[]|any|host } [mirror] Description This command configures a MAC access control list (ACL). Syntax Parameter Description Range mac Configures a MAC access list. Enter a name, or a number in the specified range.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3 The mirror parameter was introduced. Command Information Platform Available on all platforms 492| ip access-list mac License Command Mode Requires the PEFNG license Config mode Dell Networking W-Series ArubaOS 6.5.
ip access-list route ip access-list route forward|route {ipsec-map }|{next-hoplist }|{tunnel }|{tunnel-group } [position ] Description This command configures an access control list (ACL) for policy-based routing (PBR).
Parameter Description l udp <0-65535>: UDP destination port number (0-65535) udp source<0-65535>: UDP source port number l Action if rule is applied, which can be one of the following: l forward: Explicitly define an ACL with a forward action to skip policy-based routing for traffic which would otherwise match another policy-based routing rule. l route ipsec-map : Redirected over a VPN tunnel by specifying the ipsec-map name.
Command History Release ArubaOS 6.4.3.0 Modification Command introduced. Command Information Platform All platforms License Requires the PEFNG license Dell Networking W-Series ArubaOS 6.5.
ip access-list session ip access-list session [] ipv6 [] no ... Description This command configures an access control list (ACL) session. To create IPv6 specific rules, use the ipv6 keyword. Syntax Parameter Description Name of an access control list session. ipv6 Use the ipv6 keyword to create IPv6 specific rules.
Parameter Description appcategory: application category name. (For a complete list of supported applications, issue the command show dpi application all.) tcp destination port number: specify the TCP port number (0-65535) tcp source: TCP/UDP source port number udp: specify the UDP port number (0-65535) web-cc-category: name of an a web content category. For the full list of available web content categories, issue the command show web-cc categories.
Parameter Description tunnel forwarding mode and uses implied NAT pool. src-nat: Performs source NAT on packets. Source IP changes to the outgoing interface IP address (implied NAT pool) or from the pool configured (manual NAT pool). This action functions in tunnel/decrypt-tunnel forwarding mode. Optional action if rule is applied, which can be one of the following: blacklist: blacklist user if ACL gets applied.
ip access-list any any app any any app any any any session control gmail-chat permit youtube permit deny This example shows a DPI rule along with a L3/L4 rule with forwarding action in the same ACL. ip access-list session AppRules any any app Facebook permit tos 45 any any app YouTube deny any any appcategory peer-to-peer deny any any tcp 23 permit network 40.1.0.0/16 any tcp 80 permit tos 60 network 20.1.0.0/16 any tcp 80 src-nat ! ip access-list session NetRules network 80.0.0.
Command History Release ArubaOS 3.0 Modification This command was introduced. ArubaOS 6.3 The any tcp source parameter was introduced. ArubaOS 6.4 The redirect parameter was introduced under action. The app, and appcategory parameters were introduced under service. ArubaOS 6.4.2.0 ArubaOS 6.4.4 The web-cc-category and web-cc-reputation parameters were introduced, allowing users to define an ACL for a web content category or web content reputation type. The local-override alias was introduced.
ip access-list standard ip access-list standard {|} deny { |any|host } no ... permit { |any|host } Description This command configures a standard access control list (ACL). Syntax Parameter Description standard Enter a name, or a number in the specified range. ipv6 Use the ipv6 keyword to create IPv6 specific standard rules.
Command Information Platform Available on all platforms 502| ip access-list standard License Command Mode Requires the PEFNG license Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ip cp-redirect-address ip cp-redirect-address | disable Description This command configures a redirect address for captive portal. Syntax Parameter Description Host address with a 32-bit netmask. This address should be routable from all external networks. disable Disables automatic DNS resolution for captive portal. Usage Guidelines This command redirects wireless clients that are on different VLANs (from the controller’s IP address) to the captive portal on the controller.
ip default-gateway ip default-gateway |{import cell|dhcp|pppoe}|{ipsec } Description This command configures the default gateway for the controller. Syntax Parameter Description IP address of the default gateway. import Use a gateway IP address obtained through the cell interface, DHCP or PPPoE. The default gateway is imported into the routing table and removed when the uplink is no longer active. cell Use a gateway IP address obtained through the cell interface.
ip dhcp excluded-address ip dhcp excluded-address [] Description This command configures an excluded address range for the DHCP server on the controller. Syntax Parameter Description Low end of range of IP addresses. For example, you can enter the IP address of the controller so that this address is not assigned. High end of the range of IP addresses.
ip dhcp pool ip dhcp pool default-router ... dns-server { ... |import} domain-name lease netbios-name-server { ... |import} network {|} no ... option ip pooltype ipupsell|private|public vendor-class-identifier Description This command configures a DHCP pool on the controller. Syntax Parameter Description default-router IP address of the default router for the DHCP client.
Parameter pooltype vendor-class-identifier Description Configure one of the following DHCP Pool types l ipupsell: Configure the DHCP pool as an IP upsell pool l private: Configure the DHCP pool as private l public: Configure the DHCP pool as public Send the ArubaAP vendor ID to clients. Usage Guidelines A DHCP pool should be created for each IP subnetwork for which DHCP services should be provided. DHCP pools are not specifically tied to VLANs, as the DHCP server exists on every VLAN.
ip domain lookup ip domain lookup Description This command enables Domain Name System (DNS) hostname to address translation. Syntax There are no parameters for this command. Usage Guidelines This command is enabled by default. Use the no form of this command to disable. Example The following command enables DNS hostname translation: (host)(config) #ip domain lookup Command History This command was available in ArubaOS 3.0.
ip domain-name ip domain-name Description This command configures the default domain name. Syntax Parameter Description domain-name Name used to complete unqualified host names. Do not specify the leading dot (.). Usage Guidelines The controller uses the default domain name to complete hostnames that do not contain domain names. You must have at least one domain name server configured on the controller (see ip name-server on page 523).
ip igmp ip igmp last-member-query-count last-member-query-interval max-members-per-group query-interval query-response-interval <.1 seconds> quick-client-convergence robustness-variable <2-10> ssm-range startup-query-count startup-query-interval version-1-router-present-timeout Description This command configures Internet Group Management Protocol (IGMP) timers and counters.
Parameter Description Range Default IP address for ssm-range. startup-query-count Number of queries that the controller sends out on startup, separated by startup-query-interval. The default is the robustness-variable value. 165535 2 startup-query-interval Interval, in seconds, at which the controller sends general queries on startup. 165535 second s 1/4 of the query interval version-1-router-present-timeout Timeout, in seconds, if a version 1 IGM router is detected.
ip local ip local pool [] Description This command configures a local IP pool for Layer-2 Tunnel Protocol (L2TP). Syntax Parameter Description pool Name for the address pool. Starting IP address for the pool. (Optional) Ending IP address for the pool. Usage Guidelines VPN clients can be assigned IP addresses from the L2TP pool. Example The following command configures an L2TP pool: (host) (config) #ip local pool 10.1.1.1 10.1.1.
ip mobile active-domain ip mobile ip mobile active-domain Description This command configures the mobility domain that is active on the controller. Syntax Parameter Description active-domain Name of the mobility domain. Usage Guidelines All controllers are initially part of the “default” mobility domain. If you use the “default” mobility domain, you do not need to specify this domain as the active domain on the controller.
ip mobile domain ip mobile domain description hat description no Description This command configures the mobility domain on the controller. Syntax Parameter description hat Description Name of the mobility domain. Description of the mobility domain. The description can be a maximum of 30 characters (including spaces). Configures a home agent table (HAT) entry. The IP address of the home agent controller that requires mobility service.
Mobility Domains:, 1 domain(s) -----------------------------Domain name east_building Home Agent Table Home Agent Description --------------- ------------------------192.0.2.1 East building entries Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.0 A new parameter, description is added for providing more information about a HAT entry. ArubaOS 6.
ip mobile foreign-agent ip mobile foreign-agent {lifetime | max-visitors | registrations {interval | retransmits }} Description This command configures the foreign agent for IP mobility. Syntax Parameter Description Range Default lifetime Requested lifetime, in seconds, as per RFC 3344, “IP Mobility Support for IPv4”. 10-65534 180 seconds max-visitors Maximum number of active visitors.
ip mobile home-agent ip mobile home-agent {max-bindings |replay } Description This command configures the home agent for IP mobility. Syntax Parameter Description Range Default max-bindings Maximum number of mobile IP bindings. This option is an additional limitation to control the maximum number of roaming users.
ip mobile packet-trace ip mobile packet-trace Description This command enables packet tracing for the given mac address. Use this command with caution. It replaces the existing users with user entries from the imported file. Syntax Platform License The MAC address of the host Usage Guidelines Executing this command enables packet tracing for the given mac address. This is used for troubleshooting purposes only.
ip mobile proxy ip mobile proxy auth-sta-roam-only |event-threshold |log-trail | no-service-timeout | on-association | refresh-stale-ip stale-timeout | trail-length |trail-timeout Description This command configures the proxy mobile IP module in a mobility-enabled controller. Syntax Parameter Description Range Default auth-sta-roamonly Allows a client to roam only if has been authenticated.
Parameter Description Range Default stale-timeout Number of seconds the mobility state is retained after the loss of connectivity. This allows authentication state and mobility information to be preserved on the home agent controller. The default is 60 seconds but can be safely increased. Note that in many case a station state is deleted without waiting for the stale timeout; user delete from management, foreign agent to foreign agent handoff, etc.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.2 The re-home parameter was deprecated as the re-homing functionality is no longer available. ArubaOS 6.3 The block-dhcp-release, dhcp aggressive-transaction, dhcp ignoreoptions, dhcp max-requests <0-50>, dhcp transaction-hold <1-100>, dhcp transaction- timout <10-600>, stand-alone-AP parameters are deprecated. Command Information Platform Available on all platforms License Available in the base operating system.
ip mobile revocation ip mobile revocation {interval |retransmits Description This command configures the frequency at which registration revocation messages are sent. Syntax Parameter Description Range Default interval Retransmission interval, in milliseconds. 10010000 ms 1000 ms retransmits Maximum number of times the home agent or foreign agent attempts mobile IP registration/revocation message exchanges before giving up.
ip name-server ip name-server Description This command configures servers for name and address resolution. Syntax Parameter Description IP address of the server. Usage Guidelines You can configure up to six servers using separate commands. Specify one or more servers when you configure a default domain name (see ip domain-name on page 509). Example The following command configures a name server: ip name-server 10.1.1.245 Command History This command was available in ArubaOS 3.0.
ip nat ip nat pool [] Description This command configures a pool of IP addresses for network address translation (NAT). Syntax Parameter Description pool Name of the NAT pool. IP address that defines the beginning of the range of source NAT addresses in the pool. IP address that defines the end of the range of source NAT addresses in the pool. Destination NAT IP address.
ip nexthop-list ip nexthop-list ip {}|{dhcp vlan } priority <0-255> ipsec-map preemptive-failover Description Define a nexthop list for policy-based routing. Syntax Parameter Description Name of the nexthop list ip IP address of the nexthop device ip dhcp vlan VLAN ID of the VLAN used by the nexthop device.
used as the nexthop IP address. Branch deployments may also require policy-based redirection of traffic to different VPN tunnels. The nexthop list allows you to select an IPsec map to redirect traffic through IPsec tunnels. Example The following command configures a list of next hops. (host)(config)# ip nexthop-list list1 (host)(config-nexthop-list)#ip 10.1.1.41 priority 1 (host)(config-nexthop-list)#ip 172.21.18.170 priority 2 (host)(config-nexthop-list)#ip 192.18.140.
ip ospf ip ospf area|{authentication message-digest | cost | dead-interval | hellointerval | message-digest-key | priority | retransmitinterval |transmit-delay Description Configure OSPF on the VLAN interface. Syntax Parameter Description Range Default area Enable OSPF on a specific interface by entering the IP address of the router that will use OSPF.
Parameter Description transmit-delay Range Set the elapse time before retransmitting link state update packets on the interface. 1 to 65535 seconds Default 1 Usage Guidelines When configuring OSPF over multiple vendors, use this command to ensure that all routers use the same cost. Otherwise, OSPF may route improperly. Related Commands Command show ip ospf Description View the OSPF configuration Command History Release ArubaOS 3.
ip probe default ip probe default burst-size frequency mode ping no retries Description This command configures IP probes for the policy-based routing using a next-hop list. Syntax Parameter burst-size Description Number of probes to be sent during the probe frequency interval defined by the frequency parameter of this profile. Range: 1-16, Default 5 frequency Probe interval, in seconds.
Command History Release Modification ArubaOS 6.4.3.0 Command introduced. Command Information Platform Available on all platforms 530| ip probe default License Command Mode Available in the base operating system. Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
ip probe health-check ip probe health-check burst-size frequency mode ping|udp jitter no retries Description This command configures WAN health-check ping-probes for measuring WAN availability and latency on branch controller uplinks. Syntax Parameter burst-size Description Number of probes to be sent during the probe frequency interval defined by the frequency parameter of this profile. Range: 1-16, Default 5 frequency Probe interval, in seconds.
ip probe health-check burst-size 3 frequency 5 mode ping Related Commands Command Description ip probe default This command configures IP probes for policy-based routing using a nexthop list. Command History Release Modification ArubaOS 6.5 The jitter parameter is introduced, ArubaOS 6.4.3.0 Command introduced. Command Information Platform Available on all platforms 532| ip probe health-check License Command Mode Available in the base operating system.
ip radius ip radius {nas-ip |{nas-vlan } rfc-3576-server udp-port source-interface {loopback|vlan } Description This command configures global parameters for configured RADIUS servers. Syntax Parameter nas-ip Description Range Default A global NAS IP address to send in RADIUS packets This can be specified by an IP address or a VLAN ID — — This IP address supersedes the server-specific NAS IP configured with the aaa authentication-server radius command.
Example The following command configures a global NAS IP address sent in RADIUS packets: (host) (config) #ip radius nas-ip 192.168.1.245 Command History This command was available in ArubaOS 3.0. Command Information Platform Available on all platforms 534| ip radius License Command Mode The ip radius rfc-3576-server udpport command requires the PEFNG license. Other commands are available in the base operating system. Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
ids rap-wml-server-profile ids rap-wml-server-profile ageout cache{disable|enable clone db-name ip-addr password type mssql|mysql user Description Use this command to specify the name and attributes of a MySQL or an MSSQL server. Syntax Parameter Description Default ageout (Optional) Specifies the cache ageout period, in seconds. 0 cache (Optional) Enables the cache, or disables the cache.
ids rap-wml-table-profile table-name mysqlserver mactest_delimited mac-delimiter : timestampcolumn time lookup-time 600 This example configures an MSSQL server and sets up associated rap-wml table attributes for that server. (host) (config) # ids rap-wml-server-profile mssqlserver type mssql ip-addr 10.4.11.
ids rap-wml-table-profile ids rap-wml-table-profile clone column-name lookup-time mac-delimiter no ... timestamp-column Description Use this command to specify the name and attributes of the database table to be used for lookup.
ids rap-wml-table-profile table-name mysqlserver mactest_delimited mac-delimiter : timestampcolumn time lookup-time 600 This example configures an MSSQL server and sets up associated rap-wml table attributes for that server. (host) (config) # ids rap-wml-server-profile mssqlserver type mssql ip-addr 10.4.11.
ip reputation ip reputation {deny} inbound outbound Description This command blocks connectivity to IP addresses classified as malicious. Syntax Parameter Description deny Range Default Deny connections matching malicious IP. — — inbound Deny connections originated from outside the network. — — outbound Deny connections originated from the controller.
ip route ip route { []|ipsec |null 0} Description This command configures a static route on the controller. Syntax Parameter Description Enter the destination IP address in dotted decimal format (A.B.C.D). Enter the destination netmask in dotted decimal format (A.B.C.D). [] Enter the forwarding router address in dotted decimal format (A.B.C.D). Optionally, enter the distance metric (cost) for this route.
Command Information Platform All platforms 541| ip route License Base Operating System Command Mode Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
ipv6 cp-redirect-address ipv6 cp-redirect-address | disable Description This command configures a redirect address for captive portal. Syntax Parameter Description This address should be routable from all external networks. disable Disables automatic DNS resolution for captive portal. Usage Guidelines This command redirects wireless clients that are on different VLANs (from the controller’s IP address) to the captive portal on the controller.
ipv6 default-gateway ipv6 default-gateway Description This command configures an IPv6 default gateway. Syntax Parameter Description Specify the IPv6 address of the default gateway. cost Specify the distance metric to select the routing protocol that determines the way to learn the route. Usage Guidelines This command configures an IPv6 default gateway.
ipv6 dhcp excluded-address ipv6 dhcp excluded-address [] Description This command configures an excluded IPv6 address range for the DHCPv6 server on the controller. Syntax Parameter Description Low end of range of IPv6 addresses. For example, you can enter an IPv6 address that should not be assigned. High end of the range of IPv6 addresses.
ipv6 dhcp pool ipv6 dhcp pool dns-server domain-name lease network no ... option {ip | text } preference <1-255> Description This command configures a DHCPv6 pool on the controller. Syntax Parameter Description dns-server IPv6 address of the DNS server. domain-name Domain name to which the client belongs. lease The amount of time that the assigned IPv6 address is valid for the client.
Command History Introduced in ArubaOS 6.3. Command Information Platform Available on all platforms 546| ipv6 dhcp pool License Command Mode Available in the base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ipv6 enable ipv6 enable Description This command enables IPv6 packet processing globally. This option is disabled by default. Syntax No parameters. Usage Guidelines This command enables IPv6 packet processing globally. Command History This command was introduced in ArubaOS 6.0. Command Information Platform Available on all platforms License Available in the base operating system Dell Networking W-Series ArubaOS 6.5.
ipv6 firewall ipv6 firewall attack-rate {ping |session |tcp-syn } deny-inter-user-bridging | drop-ip-fragments | enable-per-packet-logging | enforce-tcp-handshake | prohibit-ip-spoofing | prohibit-rst-replay | session-idle-timeout | session-mirror-destination {ip-address }|{port } Description This command configures firewall options on the controller for IPv6 traffic.
Parameter Description Range Default enable-per-pac ket-logging Enables logging of every packet if logging is enabled for the corresponding session rule. Normally, one event is logged per session. If you enable this option, each packet in the session is logged. You should not enable this option unless instructed to do so by a Dell representative, as doing so may create unnecessary overhead on the controller.
Command History Version Description ArubaOS 3.3 Command introduced ArubaOS 6.1 The ipv6 firewall enable command was deprecated. Use the command ipv6 enable to enable/disable ipv6 packet/firewall processing on the controller. ArubaOS 6.3 ArubaOS 6.4.1 The session-mirror-destination parameter has been deprecated.
ipv6 neighbor ipv6 neighbor vlan Description This command configures an IPv6 static neighbor on a VLAN interface. Syntax Parameter Description Specify the IPv6 address of the neighbor entry. vlan Specify the VLAN ID. Specify the 48-bit hardware address of the neighbor entry. Usage Guidelines You can configure an IPv6 static neighbor on a VLAN interface.
ipv6 mld ipv6 mld query-interval query-response-interval robustness-variable ssm-range Description This command configures the IPv6 MLD (Multi-listener discovery) parameters. Syntax Parameter query-interval Description Specify the time interval in seconds (1-65535) between general queries sent by the querier. The default value is 125 seconds. By varying this value, you can tune the number of MLD messages on the link; larger values cause MLD queries to be sent less often.
Command History Release Modification ArubaOS 6.1 Command introduced ArubaOS 6.4 The ssm-range parameter was introduced. Command Information Platform Available on all platforms 553| ipv6 mld License Command Mode Available in the base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
ipv6 proxy-ra ipv6 proxy-ra interval Description This command configures an interval for proxy Router Advertisement. Syntax Parameter Description interval Configures proxy Router Advertisement Interval (180-1800 sec). This overrides interface Router Advertisement interval value if its value is lesser. Usage Guidelines This command configures interval for proxy Router Advertisement.
ipv6 radius ipv6 radius {nas-ip6 |source-interface {loopback|vlan } Description This command configures global parameters for configured IPv6 RADIUS servers. Syntax Parameter Description nas-ip6 A global NAS IPv6 address to send in RADIUS packets. This configuration supercedes the server-specific NAS IPv6 configured with the aaa authentication-server radius command. source-inter face Interface for all outgoing RADIUS packets.
ipv6 route ipv6 route {ipv6-prefix/prefix-length}|ipv6-next-hop|null|vlan[vlanid]|link-local-next-hop} |cost Description This command configures static IPv6 routes on the controller. Syntax Parameter Description Specify the IPv6 address and the prefix length of the destination. Specify the next-hop IPv6 address or null 0 to terminate or discard the packets. Listed below are the following options: l X:X:X:X::X-IPv6 address of next-hop.
Command Information Platform Available on all platforms 557| ipv6 route License Command Mode Available in the base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
kernel coredump [no] kernel coredump Use this command under the supervision of Dell Global Technical Support. Description This command enables the controller to capture the snapshot of the working memory of the control plane when the control plane has terminated abnormally. An additional flash memory available check is imposed on core dump. If less than 100 MB of space is left on the flash, the extra core dump chunks get discarded.
lacp group lacp group mode {active | passive} Description Enable Link Aggregation Control Protocol (LACP) and configure LACP on the interface. Parameter Description Enter the link aggregation group (LAG) number. Range: 0-7 mode {active | passive} Enter the keyword mode followed by either the keyword active or passive. l Active mode—the interface is in active negotiating state. LACP runs on any link that is configured to be in the active state.
Command Information Platform All Platforms 560| lacp group Licensing Base operating system Command Mode Configuration Interface Mode (config-if) for Master and Local controllers Dell Networking W-Series ArubaOS 6.5.
lacp port-priority lacp port-priority Description Configure the LACP port priority. Syntax Parameter Description Enter the port-priority value. The higher the value number the lower the priority. Range: 1 to 65535 Default: 255 Usage Guidelines Set the port priority for LACP.
lacp system-priority lacp system-priority Description Configure the LACP system priority. Syntax Parameter Description Enter the system priority value. The higher the value number the lower the priority. Range: 1 to 65535 Default: 32768 Usage Guidelines Set the LACP system priority.
lacp timeout lacp timeout {long | short} Description Configure the timeout period for the LACP session. Syntax Parameter Description long Enter the keyword long to set the LACP session to 90 seconds. This is the default. short Enter the keyword short to set the LACP session to 3 seconds. Usage Guidelines The timeout value is the amount of time that a port-channel interface waits for a LACPDU (Link Aggregation Control Protocol data unit) from the remote system before terminating the LACP session.
lcd-menu lcd-menu [no] disable menu [maintenance [factory-default| media-eject| qui-quick-setup | media-eject | system-halt | system-reboot | upgrade-image [parition0 | partition1]| upload-config]] Description This command allows you to enable or disable the LCD menu either completely or for specific operations. Syntax Parameter Description lcd-menu Enters the LCD menu configuration mode. no Delete the specified LCD menu option. disable Disables (or enables) the complete LCD menu.
menu menu menu menu menu menu menu menu menu menu menu maintenance maintenance maintenance maintenance maintenance maintenance maintenance maintenance maintenance maintenance system-halt halt-stack system-halt halt-local upgrade-image upload-config factory-default media-eject system-reboot system-halt gui-quick-setup enabled enabled enabled enabled enabled enabled enabled enabled enabled enabled enabled Example The following example disables the LCD menu completely: (host) #configure terminal (host) (co
license license add del export import profile centralized-licensing-enable report } server-ip server-redundancy {license-vrrp }|[peer-ip-address } Description This command allows you to install, delete, and manage software licenses on the controller. Syntax Parameter Description add Installs the software license key in the controller. The key is normally sent to you via email. This parameter is available in enable mode.
Parameter server-ip Description server-redundancy license-vrrp Enter the IP address of the licensing server. This command is available in config mode. Use this command to specify configure server redundancy for the centralized licensing feature. This command is available in config mode. Use this command to specify a VRRP instance to be used for the centralized licensing feature. This command is available in config mode.
Centralized licensing allows the primary and backup licensing server controllers share a single set of licenses. If you do not enable this feature, the master and backup master controller each require separate, identical license sets. The two controllers acting as primary and backup license servers must use the same version of ArubaOS, and must be connected on the same broadcast domain using the Virtual Router Redundancy Protocol (VRRP).
(host) (config) #license profile (host) (License provisioning profile) #centralized-licensing-enable (host) (License provisioning profile) # license server-ip Command History Version Description ArubaOS 3.0 Command introduced ArubaOS 6.
local-custom-cert local-custom-cert local-mac ca-cert server-cert suite-b Description This command configures the user-installed certificate for secure communication between a local controller and a master controller. Syntax Parameter Description MAC address of the local controller’s user-installed certificate. ca-cert User-defined name of a trusted CA certificate installed on the local controller.
Command History Introduced in ArubaOS 6.1 Command Information Platform Available on all platforms 571| local-custom-cert Command Mode License The suite-b gcm-128 and suite-b gcm-256 encryption options for IPsec custom certificates requires the Advanced Cryptography (ACR) license. All other parameters are available in the base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
local-factory-cert local-factory-cert local-mac Description This command configures the factory-installed certificate for secure communication between a local controller and a master controller. Syntax Parameter Description MAC address of the local controller’s factory-installed certificate. Usage Guidelines Use this command on a master controller to configure the factory certificate for communication with a local controller.
localip localip ipsec Description This command configures the IP address and preshared key for the local controller on a master controller. Syntax Parameter Description IP address of the local controller. Use the 0.0.0.0 address to configure a global preshared key for all inter-controller communications. ipsec To establish the master-local IPsec tunnel using IKEv1, enter a preshared key between 6-64 characters.
local-userdb add localuserdb local-userdb add {generate-username|username } {generate-password|password } [comment ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ][guest-phone ][mode disable] [opt-field-1 ][opt-field-2 ][opt-field-3 ][opt-field-4 ][[remote-ip ][role ][sponsor-dept ][sponsor-mail ][sponsor-fullname ][sponso
Parameter Description Range Default mode Enables or disables the user account, — Disable opt-field-1 This category can be used for some other purpose. For example, the optional category fields can be used for another person, such as a “Supervisor.” You can enter username, full name, department and Email information into the optional fields. — — opt-field-2 Same as opt-field-1. — — opt-field-3 Same as opt-field-1. — — opt-field-4 Same as opt-field-1.
(host) #local-userdb add generate-username generate-password expiry duration 480 The following information is displayed when you enter the command: GuestConnect Username: guest4157 Password: cDFD1675 Expiration: 480 minutes Related Commands Command Description Mode show local-userdb Use this command to show the parameters displayed in the output of this command.
local-userdb-ap del local-userdb-ap del mac-address [all] Description This command deletes a Remote AP entry from the obsolete Remote AP database. Syntax Parameter mac-address all Description MAC address of the remote AP to be removed from the Remote AP database. Remove all entries from the whitelist. Usage Guidelines When you upgrade from ArubaOS 5.0-6.1 to ArubaOS 6.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.3 The all parameter was added to delete all entries from the obsolete remote AP database 578| local-userdb-ap del Dell Networking W-Series ArubaOS 6.5.
local-userdb-branch localuserdb local-userdb-branch add|del|modify mac-address remote-node-profile Description This command adds a branch controller to the branch controller whitelist. You can also delete the whitelist entry using this command. Syntax Parameter Description Range mac-address MAC address of the branch controller in colonseparated six-octet format.
Removing an RN from the Whitelist When you remove an entry for an active RN from the RN whitelist on the RNC, that RN no longer receives configuration or license updates from the RNC, but continues to operate as previously configured. As the license server is the RNC, any operation related to the licensing does not work after it is detached.
Command Information Platform Available on W-7010, W7005, W-7024, and W7030 controllers License Available in the base operating system. Dell Networking W-Series ArubaOS 6.5.x | Reference Guide Command Mode Enable mode on master controllers.
local-userdb del local-userdb {del username |del-all} Description This command deletes entries in the controller’s internal database. Syntax Parameter Description del username Deletes the user account for the specified username. del-all Deletes all entries in the internal database. Usage Guidelines User account entries created with expirations are automatically deleted from the internal database at the specified expiration.
local-userdb export local-userdb export Description This command exports the internal database to a file. Use this command with caution. It replaces the existing users with user entries from the imported file. Syntax Parameter export Description Saves the internal database to the specified file in flash. Usage Guidelines After using this command, you can use the copy command to transfer the file from flash to another location.
local-userdb fix-database local-userdb fix-database Description This command deletes and reinitializes the internal database. Syntax No parameters. Usage Guidelines Before using this command, you can save the internal database with the local-userdb export command. Command History Introduced in ArubaOS 3.0. Command Information Platform Available on all platforms License Available in the base operating system Dell Networking W-Series ArubaOS 6.5.
local-userdb-guest add local-userdb-guest local-userdb-guest add {generate-username|username } {generate-password|password } [comment ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ][guest-phone ][mode disable][opt-field-1 ][opt-field-2 ][opt-field-3 ][opt-field-4 ] [sponsor-dept ][sponsor-mail ][sponsor-fullname ][sponsor-name ]
Parameter Description Range Default guest-phone The guest’s phone number. mode Enables or disables the user account, — Disable opt-field-1 This category can be used for some other purpose. For example, the optional category fields can be used for another person, such as a “Supervisor.” You can enter username, full name, department and Email information into the optional fields. — — opt-field-2 Same as opt-field-1. — — opt-field-3 Same as opt-field-1.
Related Commands Command Description Mode show local-userdb-guest Show the parameter configured using the local-userdb-guest command. Enable and Config modes show local-userdb Show the parameters configured using the local-userdb command. Enable and Config modes Command History Introduced in ArubaOS 3.4. Command Information Platform Available on all platforms License Available in the base operating system. The role parameter requires the PEFNG license. Dell Networking W-Series ArubaOS 6.5.
local-userdb-guest del local-userdb-guest {del username |del-all} Description This command deletes entries in the controller’s internal database. Syntax Parameter Description del username Deletes the user account for the specified username. del-all Deletes all entries in the internal database. Usage Guidelines User account entries created with expirations are automatically deleted from the internal database at the specified expiration.
local-userdb-guest modify local-userd-guest modify username [comments ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ][guest-phone ][mode disable][opt-field-1 ][opt-field-2 ][optfield-3 ][opt-field-4 ][password ][sponsor-mail ][sponsor-fullname ][sponsor-name ][start-time
Parameter Description Range Default opt-field-2 Same as opt-field-1. — — opt-field-3 Same as opt-field-1. — — opt-field-4 Same as opt-field-1. — — password User’s password 1– 6 characters — sponsor-dept The guest sponsor’s department name — — NOTE: A sponsor is the guest's primary contact for the visit. sponsor-email The sponsor’s email address. — — sponsor-fullname The sponsor’s full name. — — sponsor-name The sponsor’s name.
local-userdb-guest send-email local-userdb-guest send-email [to-guest][to-sponsor] Description This command causes the controller to send email to the guest and/or sponsor any time a guest user is created. Syntax Parameter Description Range Default Name of the guest 1 – 64 characte rs — to-guest Allows you to send email to the guest user’s address. — — to-sponsor Allows you to send email to the sponsor’s email address.
local-userdb import local-userdb import Description This command replaces the internal database with the specified file from flash. Syntax Parameter import Description Replaces the internal database with the specified file. Usage Guidelines This command replaces the contents of the internal database with the contents in the specified file. The file must be a valid internal database file saved with the local-userdb export command.
local-userdb maximum-expiration local-userdb maximum-expiration Description This command configures the maximum time, in minutes, that a guest account in the internal database can remain valid. Syntax Parameter maximum-expiration Description Range Maximum time, in minutes, that a guest account in the internal database can remain valid. 12147483647 Usage Guidelines The user in the guest-provisioning role cannot create guest accounts that expire beyond the configured maximum time.
local-userdb modify local-userdb modify username [comments ][email ] [expiry {duration |time }] [guest-company ][guest-fullname ] [guest-phone ][mode disable][opt-field-1 ][opt-field-2 ][opt-field-3 ][opt-field-4 ][remote-ip ][role ][sponsor-dept ][sponsormail ][sponsor-fullname ][sponsor-name ][start-time
Parameter Description Range Default opt-field-2 Same as opt-field-1. — — opt-field-3 Same as opt-field-1. — — opt-field-4 Same as opt-field-1. — — remote-ip IP address assigned to the remote peer. role Role for the user. — guest — — This parameter requires the PEFNG license. sponsor-dept The guest sponsor’s department name NOTE: A sponsor is the guest's primary contact for the visit. sponsor-email The sponsor’s email address. — — sponsor-fullname The sponsor’s full name.
local-userdb-branch localuserdb local-userdb-branch add|del|modify mac-address remote-node-profile Description This command adds a branch controller to the branch controller whitelist. You can also delete the whitelist entry using this command. Syntax Parameter Description Range mac-address MAC address of the branch controller in colonseparated six-octet format.
Removing an RN from the Whitelist When you remove an entry for an active RN from the RN whitelist on the RNC, that RN no longer receives configuration or license updates from the RNC, but continues to operate as previously configured. As the license server is the RNC, any operation related to the licensing does not work after it is detached.
Command Information Platform Available on W-7010, W7005, W-7024, and W7030 controllers License Available in the base operating system. Dell Networking W-Series ArubaOS 6.5.x | Reference Guide Command Mode Enable mode on master controllers.
local-userdb send-to-guest local-userdb send-to-guest Description This command automatically sends email to the guest when the guest user is created. Syntax No parameters. Usage Guidelines A guest is the person who needs guest access to the company’s Dell wireless network. Email is sent directly to the guest after the guest user is created. When configuring the guest provisioning feature, the guest user is generally created by Guest Provisioning user.
local-userdb send-to-sponsor local-userdb send-to-sponsor Description This command automatically sends email to the guest’s sponsor when the guest user is created. Syntax No parameters. Usage Guidelines The sponsor is the guest's primary contact. Email is sent directly to the guest’s sponsor after the guest user is created. When configuring the guest provisioning feature, the sponsor is generally created by the Guest Provisioning user.
location location Description This command configures the location of the controller. Syntax Parameter location Description A text string that specifies the system location. Usage Guidelines Use this command to indicate the location of the controller. You can use a combination of numbers, letters, characters, and spaces to create the name. To include a space in the name, use quotation marks to enclose the text string. To change the existing name, enter the command with a different string.
location-server-feed enable disable Description This command allows sends RSSI information from APs to a location management server. Syntax Parameter Description enable Enable the feed that sends RSSI information to a location management server. This feature is disabled by default. disable Disable the feed that sends RSSI information to a location management server. This feature is disabled by default.
logging logging [ipaddr|ipv6addr|facility|level] Description Use this command to specify the IP address of the remote logging server, facility, severity, and the type. Syntax Parameter Description ipaddr To set the remote logging server IPv4 address. A.B.C.D ipv6addr To set the remote logging server IPv6 address. X:X:X:X::X facility level Range To set the remote logging server facility. local 0 to local7 Default — To set the logging level upto which the messages are logged.
Command Information Platform Available on all platforms 604| logging License Command Mode Available in the base operating system Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
logging facility logging facility Description Use this command to set the facility to use when logging to the remote syslog server. Syntax Parameter Description Range The facility to use when logging to a remote syslog server. local0 to local7 Usage Guidelines The local use facilities (local0, local1, local2, local3, local4, local5, local6, and local7) are not reserved for specific message-generating sources, and can be used for sending syslog messages.
logging level logging level [process ] [subcat ] Description Use this command to set the categories or subcategories and the severity levels of messages that are logged. Syntax Parameter Description The message severity level, which can be one of the following (in order of severity level): emergencies (0) Panic conditions that occur when the system becomes unstable. alerts (1) Any condition requiring immediate attention and correction.
Parameter wireless process aaa activate approc armd authmgr certmgr cfgm cpsec Description Wireless messages.
Parameter ipstm Description Instant station manager process l2tp L2TP licensemgr License manager localdb Local database mdns mobileip OSPF Multicast DNS proxy Mobile IP OSPF logging packetfilter Packet filtering of messaging and control frames pim Protocol Independent Multicast pppoed PPPoE pptp PPTP processes Run-time processes profmgr Profile Manager publisher Publish subscribe service ravd Router Advertisement daemon rfm RF Troubleshooting Manager snmp SNMP spectrum Spectru
Parameter Description subcat Message subcategory, which depends upon the message category specified.
Dell Networking W-Series ArubaOS 6.5.
loginsession loginsession timeout Description This command configures the time management session (via Telnet or SSH) remains active without user activity. Syntax Parameter timeout Description Range Number of seconds or minutes that a management session remains active without any user activity. Default 5-60 minutes or 13600 seconds, 0 to disable 15 minutes Usage Guidelines The management user must re-login to the controller after a Telnet or SSH session times out.
logout logout Description This command exits the current CLI session. Syntax No parameters. Usage Guidelines Use this command to leave the current CLI session and return to the user login. Example The following command exits the CLI session: (host) >logout User: Command History This command was available in ArubaOS 3.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
mac-address-table mac-address-table static {fastethernet|gigabitethernet} // vlan Description This command adds a static entry to the MAC address table. Syntax Parameter Description Range Media Access Control (MAC) address, in the format xx:xx:xx:xx:xx:xx.
master-redundancy master-vrrp master-redundancy master-vrrp Description This command associates a VRRP instance with master controller redundancy. Syntax Parameter Description The virtual router ID for the VRRP instance configured with the vrrp command. Range 1-255 Usage Guidelines To maintain a highly redundant network, you can use a controller as a standby for the master controller. The underlying protocol used is VRRP which you configure using the vrrp command.
Command Information Platforms All platforms 615| master-redundancy master-vrrp Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
masterip masterip ipsec [interface uplink|{vlan }] [fqdn ] ipsec-custom-cert master-mac1 [master-mac2 ] ca-cert server-cert [interface uplink|{vlan }] [fqdn ] [suite-b gcm-128|gcm-256] ipsec-factory-cert master-mac1 [master-mac2 ] [interface uplink|{vlan }] [fqdn ] Description This command configures the IP address and preshared key or certificate for the master controller on a local controller.
Parameter Description fqdn Identify a dynamically addressed local controller by entering the Fully Qualified Domain Name (FQDN) of the controller. suite-b If you configure your master and local controllers to use IKEv2 and custom-installed certificates, you can optionally use Suite-B cryptographic algorithms for IPsec encryption.
Command History Release Modification ArubaOS 8.0 Command introduced. Command Information Platform Al platforms License The suite-b gcm-128 and suite-b gcm-256 encryption options for IPsec custom certificates requires the Advanced Cryptography (ACR) license. All other parameters are available in the base operating system. Dell Networking W-Series ArubaOS 6.5.
master-redundancy peer-ip master-redundancy peer-ip ipsec ipsec-custom-cert master-mac ca-cert server-cert [suite-b gcm-128|gcm256] ipsec-factory-cert master-mac Description This command configures the IP address and preshared key or certificate for a redundant master controller on another master controller. Syntax Parameter Description IP address of the redundant controller. Use the 0.0.0.
If your master controllers use a pre-shared key for authentication, they will create the IPsec tunnel using IKEv1. If your master and local controllers use certificates for authentication, the IPsec tunnel will be created using IKEv2. Example The following command configures the local controller on a master controller: (host) (config) #peer-ip 10.4.62.5 ipsec-custom-cert master-mac 00:02:2D:11:55:4D ca-cert cacert1 server-cert server1 Command History Release Modification ArubaOS 3.0 Command introduced.
mgmt-server profile wlan mgmt-server profile airgroupinfo-enable clone inline-ap-stats inline-auth-stats inline-dhcp-stats inline-dns-stats location-enable misc-enable monitored-info-del-enable monitored-info-enable monitored-info-snapshot monitored-stats-enable no sessions-enable stats-enable tag-enable uccmonitoring-enable wids-event-info-enable Description Configure a management server profile on the controller for an W-AirWave management server or for an Analytics Location Engine (ALE)
Parameter Description location-enable If enabled, Station RSSI/AP Neighbor messages will be sent to the management server. misc-enable If enabled, the AP system statistics, specifications, and station steer information will be sent to the management server. monitored-info-enable If enabled, the monitored AP or station information will be sent to the management server. monitored-stats-enable If enabled, the monitored AP or station statistics will be sent to the management server.
Command History Modification ArubaOS 6.3.1 Command introduced. ArubaOS 6.4 The uccmonitoring-enable and airgroup-enable parameters were introduced. ArubaOS 6.5 The inline-ap-stats-disable, inline-auth-disable, inline-dhcp-disable, and inline-dns-disable parameters are added. Command Information Platforms Licensing All platforms Dell Networking W-Series ArubaOS 6.5.
mgmt-server type wlan mgmt-server type ale primary-server profile amp primary-server profile Description Register a management server with the controller by specifying the IP address of an W-AirWave management server or Analytics and Location Engine that should receive messages from the controller using the Advanced Monitoring (AMON) protocol.
mgmt-user mgmt-user console-block localauth-disable ssh-pubkey client-cert [] webui-cacert [serial ] Description This command configures an administrative user. Syntax Parameter Description Name of the user. Default — You can create a maximum of 10 management users. NOTE: If you configure a root management user, you can use special characters except for double-byte characters.
Parameter Description Default console-block Enables or disables the console login. The purpose of this command is to introduce an ability to lock down all console ports, for example, micro USB, mini USB on the controller to enable high level security. This also ensures that no SSH access is allowed at the remote branch office. The SSH is only allowed from the headquarters via the IPsec tunnel.
Or, use the mgmt-user webui-cacert serial if you want the authentication process to use previously configured certificate name and serial number to derive the user role. Use the mgmt-user webui-cacert serial command if you want to configure an optional RCP for an ssh-pubkey user. Example See the web-server and ssh command descriptions for examples of certificate and public key authentication.
mobility-manager mobility-manager user [interval ] [retrycount ] [udp-port ] [rtls ] trap-version {1|2c|3} Description This command allows the controller to communicate with a server. Syntax Parameter Description Range Default IP address of the server. — — user Name and SNMP password for the server user. — — interval Round-trip time, in seconds, to trap server.
(host) (config)# mobility-manager 10.2.1.245 user mms-user my-password. Command History This command was introduced in ArubaOS 3.1. Command Information Platforms All platforms 629| mobility-manager Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
netdestination netdestination description host [position ] {vlan | offset } invert name network [position ] no ... range [position ] Description This command configures an alias for an IPv4 network host, subnetwork, or range of addresses. Syntax Parameter description Description Name for this host or domain. Maximum length is 63 characters.
Usage Aliases can simplify configuration of session ACLs, as you can use an alias when specifying the traffic source and/or destination it in multiple session ACLs. Once you configure an alias, you can use it to manage network and host destinations from a central configuration point, because all policies that reference the alias will be updated automatically when you change the alias. When using the invert option, use caution when defining multiple aliases, as entries are processed one at a time.
netdestination6 netdestination6 description host [position ] invert name network [position ] no ... range [position ] Description This command configures an alias for an IPv6 network host, subnetwork, or range of addresses. Syntax Parameter Description Name of the IPv6 destination host or subnetwork up to 63 characters long.
Usage Guidelines Aliases can simplify configuration of session ACLs, as you can use an alias when specifying the traffic source and/or destination. Once you configure an alias, you can use it in multiple session ACLs. Example The following command configures an alias for an internal network: (host) (config) #netdestination6 internal network 2016:2015:2014:2013::100/128 Command History Release ArubaOS 6.1 ArubaOS 6.
netexthdr netexthdr eh deny | permit Description This command allows you to edit the packet filter options in the extension header (EH). Syntax Parameter eh Description Default Specify the EH alias name.
Command History Release ArubaOS 6.1 Modification Command introduced Command Information Platforms All platforms 635| netexthdr Licensing Base operating system. Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
netservice netservice |tcp|udp {list ,}|{ []} [ALG ] Description This command configures an alias for network protocols. Syntax Parameter Description Range netservice Name for this alias. — IP protocol number. 0-255 tcp Configure an alias for a TCP protocol udp Configure an alias for a UDP protocol list , Specify a list of non-contiguous port numbers, by entering up to six port numbers, separated by commas.
Usage Guidelines Aliases can simplify configuration of session ACLs, as you can use an alias when specifying the network service. Once you configure an alias, you can use it in multiple session ACLs. Example The following command configures an alias for a network service: (host) (config) #netservice HTTP tcp 80 Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.0 The list parameter for defining non-contiguous ports was introduced.
ntp authenticate ntp authenticate Description This command enables or disables NTP authentication. Syntax No parameters. Usage Guidelines Network Time Protocol (NTP) authentication enables the controller to authenticate the NTP server before synchronizing local time with server. This helps identify secure servers from fradulent servers. This command has to be enabled for NTP authentication to work.
ntp authentication-key ntp authentication-key md5 Description This command configures a key identifier and secret key and adds them into the database. NTP authentication works with a symmetric key configured by user. The key is shared by the client (Dell controller) and an external NTP server. Syntax Parameter Description Default The key identifier is a string that is shared by the client (Dell controller) and an external NTP server. This value is added into the database.
ntp server #ntp server {|[iburst] [key]} Description This command configures a Network Time Protocol (NTP) server. Syntax Parameter Description Default IPv4/IPv6 Address IPv4/IPv6 Address of the Peer. — iburst (Optional) This parameter causes the controller to send up to ten queries within the first minute to the NTP server. This option is considered “aggressive” by some public NTP servers. disabled key This is the key identifier used to authenticate the NTP server.
ntp standalone ntp standalone vlan-range Description This command enables/disables controller to act as NTP server. Syntax Parameter Description Default String representing vlan range (for example, 1,2,6-7). Maximum VLANS supported is 16. — Usage Guidelines NTP standalone feature enables a controller to act as an NTP server so that the devices that do not have access to internet can synchronize their clocks.
ntp trusted-key ntp trusted-key Description This command configures an additional subset of trusted keys which can be used for NTP authentication. Syntax Parameter Description Default An additional trusted string that can be used for authentication — Usage Guidelines You can configure additional subset of keys which are trusted and can be used for NTP authentication. Example The following command configures an additional trusted key(84956) which can be used for NTP authentication.
packet-capture packet-capture controlpath [interprocess {all | }] [other] [sysmsg {all | ] [tcp {all | }] [udp {all | ]] copy-to-flash {controlpath-pcap | datapath-pcap} datapath {ipsec } [wifi-client {decrypted | encrypted | all}] destination [interface //] [ip-address ] [local-filesystem] no reset-pcap {controlpath-pcap | datapath-pcap} Description Use this command to enable or disable packet capturing and set packet cap
Parameter datapath-pcap datapath ipsec Description Default Copies datapath captures. They are saved as datapath-pcap.tar.gz. — Enables datapath packet capture. Captured packets are stored in /var/log/oslog/datapath.pcap or mirrored out of the controller. Disabled Enable or disable IPSec packet capturing. Enter the IPSec peer IP address to specify a given peer. Disabled NOTE: Capture to local-filesystem is not supported with this option.
Example The following command enables packet capturing for debugging a wireless WEP station doing VPN. This example uses the following parameters and values: l Station up/down: sysmsg opcode 30 l WEP key plumbing: sysmsg opcode 29 l DHCP: sysmsg opcode 90 l IKE: UDP port 500 and 4500 l Layer 2 Tunneling Protocol (L2TP): UDP port 1701 (host) #packet-capture sysmsg 30,29,90 (host) #packet-capture udp 500,4500,1701,1812,1645 Command History This command was introduced in ArubaOS 2.3.
packet-capture-defaults packet-capture controlpath [interprocess {all | }] [other] [sysmsg {all | ] [tcp {all | }] [udp {all | ]] datapath {ipsec } [wifi-client {decrypted | encrypted | all}] destination [interface //] [ip-address ] [local-filesystem] no Description Use this command to enable or disable packet capturing and define a set of default packet capturing options on the control path for debugging purposes.
Parameter wifi-client {decrypted | encrypted | all} Description Default Enable or disable packet capturing from a wifi client. Specify the client device by entering the device's MAC address. Disabled Additionally, you can specify what type of traffic captured: decrypted, encrypted, or all. destination Configures the capture destination. — interface // Sends packet captures to a specific interface on the controller.
2 1 Packet filtering UDP with 1 port(s) enabled: 1 Command History This command was introduced in ArubaOS 2.3. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
page page Description This command sets the number of lines of text the terminal will display when paging is enabled. Syntax Parameter length Description Range Specifies the number of lines of text displayed. 24 - 100 Usage Guidelines Use this command in conjunction with the paging command to specify the number of lines of text to display. For more information on the pause mechanism that stops the command output from printing continuously to the terminal, see paging on page 650.
paging paging Description This command stops the command output from printing continuously to the terminal. Syntax No parameters Usage Guidelines By default, paging is enabled. With paging enabled, there is a pause mechanism that stops the command output from printing continuously to the terminal. If paging is disabled, the output prints continuously to the terminal. To disable paging, use the no paging command. You must be in enable mode to disable paging.
pan active-profile pan active-profile profile Description This command makes a Palo Alto Network (PAN) profile active from a set of profiles. Syntax Parameter Description profile The name of the PAN profile to be activated. Usage Guidelines This command makes a PAN profile active from a set of profiles, if any. Only one PAN profile can be active at a time.
pan profile pan profile clone firewall host port username passwd no Description This command configures a Palo Alto Networks (PAN) profile to allow a controller to communicate with a PAN firewall. Syntax Parameter Description clone Name of an existing PAN profile configuration from which parameter values are copied. firewall Configures the information for the associated PAN firewall. host IP address or hostname of the PAN firewall.
Command Information Platforms All platforms 653| pan profile Licensing Base operating system Command Mode Enable or config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
panic panic {clear | info {file |nvram } | list {file |nvram} | save } Description This command manages information created during a system crash. Syntax Parameter Description clear Removes panic information from non-volatile random access memory (NVRAM). info Displays the content of specified panic files. list Lists panic information in the specified file in flash or in NVRAM.
pan-options pan-options portal | cert no Description This command configures options to integrate a branch controller with a Palo Alto Networks (PAN) firewall. Syntax Parameter Description The IP address of the portal The fully qualified domain name (FQDN) of the portal Specify the name of the self-signed or external certification authority (CA) certificate to establish an SSL connection to the portal.
Figure 1 Branch-office Controller and PAN Firewall Integration Configuration Prerequisites The Palo Alto Networks Large-Scale VPN (LSVPN) framework can integrate with a branch-office controller by establishing an IPsec tunnels between the firewall and the controller. Integrating a Palo Alto Networks firewall with a W-7000 Series controller requires that all user traffic is routed, so it can be managed by a policy-based routing access control list.
Next, create a policy-based routing access control list (ACL) and apply that ACL to all the roles that need redirection. Best practices is to define a default rule at the end of the policy-based routing ACL that redirects all non-corporate traffic to the PAN firewalls in the predefined next-hop list. If you use the predefined nexthop list pan-gp-ipsec-map-list in your policy-based routing ACL, multiple branch controllers can use the same ACL configuration.
papi-security papi-security {enhanced-security|key } no Description The papi-security command enforces advanced security options and provides an enhanced level of security. It allows to enable or disable the PAPI Enhanced Security configuration and to configure a new security key if required.
Command Description show ipc statistics app-name signed, validated, denied, and more based on application ID or the application name. Command History Release ArubaOS 6.5 Modification Command introduced. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
perf-test perf-test server start|stop controller|{ap [ap-name }|{ip-addr }|{ip6-addr } [tcp|udp] client start|stop controller|{ap [ap-name }|{ip-addr }|{ip6-addr } tcp|udp duration parallel window bandwidth port open|close Description Use this command under the guidance of Dell technical support to launch or halt an Iperf throughput test between the controller and the AP.
Parameter Description ip6-addr IPv6 address of the AP. TCP Run Iperf tests using the TCP protocol. UDP Run Iperf tests using the UDP protocol. bandwidth Rate at which the Iperf test data should be sent, in bits/sec. The default value is 1 Mbit/sec. This parameter supports the suffixes K (to represent Kbits/sec) and M (to represent Mbits/sec.) duration Number of seconds for which the test runs. The supported range is 10-120 seconds, and the default value is 10 seconds.
pcap (deprecated) pcap {raw-start [bssid ] [channel ] [maxlen ]}|{interactive [bssid ][channel ]}|{clear|pause|resume|stop [bssid ]} Description These commands manage packet capture (PCAP) on Dell air monitors. Syntax Parameter raw-start Description Stream raw packets to an external viewer. IP address of the air monitor collecting packets.
Parameter Description bssid channel (Optional) Specify the BSSID of the Air Monitor interface for the PCAP session. BSSID of the Air Monitor Interface, which is usually its MAC address. (Optional) Number of a radio channel to tune into to capture packets clear Clears the packet capture session. pause Pause a packet capture session. resume Resume a packet capture session. start Start a new packet capture session. stop Stop a packet capture session.
Before using these commands, you need to start the AiroPeek application on the client and open a capture window for the air monitor. The AiroPeek application cannot be used to control the flow or type of packets sent from Dell air monitors. The AiroPeek application processes all packets, however, you can apply display filters on the capture window to control the number and type of packets being displayed.
phonehome phonehome https Description This command configures the PhoneHome auto reporting feature. Syntax Parameter Description https Configure controllers running ArubaOS 6.4 send PhoneHome reports to an Activate server using HTTPS. Earlier versions of ArubaOS allow the PhoneHome feature to send reports to an SMTP server only. The email address is used to properly identify the user sending the report. Command History Version Description ArubaOS 6.
ping ping | ipv6 { | interface vlan } count df-flag packet-size source Description This command sends five ICMP echo packets to the specified ip address. You can also ping the specified IPv6 address. Syntax Parameter Description Default Range Destination IP Address — — ipv6 Specify this parameter to ping an IPv6 address. — — l l interface vlan l Specify the IPv6 global address.
The sample controller output is: Press 'q' to abort. Sending 5, 100-byte ICMPv6 Echos to 2005:d81f:f9f0:1001::14, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 0.309/0.3726/0.463 ms Command History Release Modification ArubaOS 1.0 Command introduced ArubaOS 6.1 Introduced ipv6 parameter to provide support for IPv6. ArubaOS 6.3 Introduced the following parameters: l count l df-flag l packet-size l source This command was introduced in ArubaOS 1.0.
pkt-trace pkt-trace acl {enable|disable} [trace {cptrace|pktrace} [trace-mask ]]] Description Enable packet tracing in the datapath. Use this feature only under the supervision of Dell technical support. Syntax Parameter Description Enable packet tracing for the specified access-control list. enable Enable packet tracing for the ACL. disable Disable packet tracing for the ACL. cptrace Send packet trace data into the Control Processor.
pkt-trace-global pkt-trace-global {enable|disable} [trace-mask ] Description Enable global packet tracing in the datapath. Use this feature only under the supervision of Dell technical support. Syntax Parameter Description Enable packet tracing for the specified access-control list. enable Enable global packet tracing for the ACL. disable Disable global packet tracing for the ACL. tracemask Specify a trace mask.
pptp ip local pool pptp ip local pool [] Description This command configures an IP address pool for VPN users using Point-to-Point Tunneling Protocol (PPTP). Syntax Parameter Description User-defined name for the address pool. Starting IP address for the pool. Ending IP address for the pool.
priority-map priority-map dot1p high dscp high no ... Description This command configures the Type of Service (ToS) and Class of Service (CoS) values used to map traffic into high priority queues. Syntax Parameter Description Range User-defined name of the priority map. — dot1p IEEE 802.1p priority value, or a range of values separated by a dash (-).
process monitor process monitor log|restart| Description The process monitor validates the integrity of processes every 120 seconds. If a process does not respond during three consecutive 120-second timeout intervals, that process is flagged as nonresponsive and the process monitor will create a log message, restart the process or reboot the controller Syntax Parameter Description log The process monitor creates a log message when a process fails to responding properly.
/mswitch/bin/syslogdwrap /mswitch/bin/aaa /mswitch/bin/fpapps /mswitch/bin/pim /mswitch/bin/lic PROCESS_RUNNING PROCESS_RUNNING PROCESS_RUNNING PROCESS_RUNNING 0 0 0 0 120 120 120 120 3 3 3 3 Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 3.4 The process restart command was deprecated. Command Information Platforms All platforms 673| process monitor Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
prompt prompt Description This command changes the prompt text. Syntax Parameter prompt Description Range The prompt text displayed by the controller. 1–64 Default Usage Guidelines You can use any alphanumeric character, punctuation, or symbol character. To use spaces, plus symbols (+), question marks (?), or asterisks (*), enclose the text in quotes.
provision-ap provision-ap a-ant-bearing a-ant-gain a-ant-tilt-angle a-antenna {1|2|both} altitude ap-group ap-name apdot1x-passwd apdot1x-username cellular_nw_preference 3g-only|4g-only|advanced|auto copy-provisioning-params {ap-name | ip-addr } dns-server-ip dns-server-ip6 domain-name external-antenna fqln g-ant-bearing g-ant-gain g-ant-tilt-angle g-antenna {1|2|b
usb-passwd usb-power-mode auto|enable|disable usb-tty usb-tty-control usb-type usb-user Description This command provisions or reprovisions an AP. 676| provision-ap Dell Networking W-Series ArubaOS 6.5.
Syntax Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter a a n t b e a r i n g Range Determines the horizontal coverage distance of the 802.11a (5GHz) antenna from True North. From a planning perspective, the horizontal coverage pattern does not consider the elevation or vertical antenna pattern. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. 0360 Decimal Degrees a a n t g a i n 678| provision-ap Antenna gain for 802.11a (5GHz) antenna.
ParaDescription meter a a n t t i l t a n g l e Range Directs the angle of the 802.11a (5GHz) antenna for optimum coverage. 9 0 Use a - (negative) value for downtilt and a + (positive) value for uptilt. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. t o + 9 0 D e c i m a l D e g r e e s a a n t e n n a Antenna use for 5 GHz (802.11a) frequency band.
ParaDescription meter Range — a l t i t u d e Altitude, in meters, of the AP. a p g r o u p Name of the AP group to which the AP belongs. — a p n a m e Name of the AP to be provisioned. — a p d o t 1 x p a s s w d Password of the AP to authenticate to 802.1X using PEAP. — 680| provision-ap NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter a p d o t 1 x u s e r n a m e Username of the AP to authenticate to 802.1X using PEAP. Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter c e l l u l a r _ n w _ p r e f e r e n c e Range This setting allows you to select how the modem should operate. l auto (default): In this mode, the modem firmware will control the cellular network service selection; so the cellular network service failover and fallback is not interrupted by the remote AP (RAP). l 3g_only: Locks the modem to operate only in 3G. l 4g_only: Locks the modem to operate only in 4G.
ParaDescription meter Range c o p y p r o v i s i o n i n g p a r a m s Initializes the provisioning-params workspace with the current provisioning parameters of the specified AP, The provisioning parameters of the AP must have previously been retrieved with the read-bootinfo option. d n s s e r v e r i p IP address of the DNS server for the AP. — NOTE: This parameter can only be used on the master controller. Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter Range d n s s e r v e r i p 6 IPv6 address of the DNS server for the AP. — d o m a i n n a m e Domain name for the AP. — e x t e r n a l a n t e n n a Use an external antenna with the AP. — f q l n Fully-qualified location name (FQLN) for the AP, in the format . — 684| provision-ap Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter g a n t b e a r i n g Range Determines the horizontal coverage distance of the 802.11g (2.4GHz) antenna from True North. From a planning perspective, the horizontal coverage pattern does not consider the elevation or vertical antenna pattern. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. 0360 decimal degrees g a n t g a i n Antenna gain for 802.11g (2.4GHz) antenna.
ParaDescription meter g a n t t i l t a n g l e Range Directs the angle of the 802.11g (2.4GHz) antenna for optimum coverage. Use a - (negative) value for downtilt and a + (positive) value for uptilt. NOTE: This parameter is supported on outdoor APs only. If you use this parameter to configure an indoor AP, an error message is displayed. 9 0 t o + 9 0 D e c i m a l D e g r e e s g a n t e n n a Antenna use for 2.4 GHz (802.11g) frequency band.
ParaDescription meter Range g a t e w a y 6 IPv6 address of the default gateway for the AP. — i k e p s k IKE preshared key for the AP. — i n s t a l l a t i o n Specify the type of installation (indoor or outdoor). The default parameter automatically selects an installation mode based upon the AP model type. d e f a u l t i n d o o r o u t d o o r i p 6 a d d r Static IPv6 address of the AP. Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter Range i p 6 p r e f i x The prefix of static IPv6 address of the AP. — i p a d d r Static IP address for the AP. — l a t i t u d e Latitude coordinates of the AP. Use the format: Degrees, Minutes, Seconds (DMS). For example: 37 22 00 N — 688| provision-ap Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter l i n k p r i o r i t y c e l l u l a r Range Set the priority of the cellular uplink. By default, the cellular uplink is a lower priority than the wired uplink; making the wired link the primary link and the cellular link the secondary or backup link. — Configuring the cellular link with a higher priority than your wired link priority will set your cellular link as the primary controller link. < l i n k p r i o r i t y c e l l u l a r > Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter l i n k p r i o r i t y e t h e r n e t < l i n k p r i o r i t y e t h e r n e t > 690| provision-ap Range Set the priority of the wired uplink. Each uplink type has an associated priority; wired ports having the highest priority by default. — Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter Range l o n g i t u d e Longitude coordinates of the AP. Use the DMS format. — m a s t e r Name or IP address of the master controller. — m e s h r o l e Configure the AP to operate as a mesh node. You assign one of three roles: mesh portal, mesh point or remote mesh point. If you select “none,” the AP operates as a thin AP. — m e s h s a e Enable or disable Simultaneous Authentication of Equals (SAE) on a mesh network.
ParaDescription meter Range p a p p a s s w d Password Authentication Protocol (PAP) password for the AP. p a p u s e r PAP username for the AP. p k c s 1 2 p a s s p h r a s e Passphrase in PKCS12 format. 692| provision-ap — You can use special characters in the PAP password. Following are the restrictions: l You cannot use double-byte characters l You cannot use a tilde (~) l You cannot use a tick (‘) l If you use quotes (single or double), you must use the backslash (\) before and after
ParaDescription meter Range p p p o e c h a p s e c r e t PPPoE CHAP secret key for the AP. — p p p o e p a s s w d Point-to-Point Protocol over Ethernet (PPPoE) password for the AP. — p p p o e s e r v i c e n a m e PPPoE service name for the AP. — Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter Range p p p o e u s e r PPPoE username for the AP. — r e a d b o o t i n f o Retrieves current provisioning parameters of the specified AP. — r e p r o v i s i o n Provisions one or more APs with the values in the provisioning-params workspace. To use reprovision, you must use read-bootinfo to retrieve the current values of the APs into the provisioning-ap-list. 694| provision-ap NOTE: This parameter can only be used on the master controller.
ParaDescription meter r e s e t b o o t i n f o s c h m o d e r a d i o 0 s c h m o d e r a d i o 1 Range — Restores factory default provisioning parameters to the specified AP. NOTE: This parameter can only be used on the master controller. If you are provisioning an 802.11n-capable AP, you can issue the sch-mode-radio-0 command to enable single-chain mode for the selected radio.
ParaDescription meter Range s e r v e r i p IP address of the controller from which the AP boots. s e r v e r n a m e DNS name of the controller from which the AP boots. s e t i k e p s k b y a d d r Set a IKE preshared key to correspond to a specific IP address. 696| provision-ap Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter Range s y s l o c a t i o n User-defined description of the location of the AP. u p l i n k v l a n If you configure an uplink VLAN on an AP connected to a port in trunk mode, the AP sends and receives frames tagged with this VLAN on its Ethernet uplink. By default, an AP has an uplink vlan of 0, which disables this feature. NOTE: If an AP is provisioned with an uplink VLAN, it must be connected to a trunk mode port or the AP’s frames will be dropped.
ParaDescription meter u s b d i a l 698| provision-ap Range The dial string for the USB modem. This parameter only needs to be specified if the default string is not correct. Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter Range USB cellular devices on remote APs typically register as modems, but may occasionally register as a mass-storage device. If a remote AP cannot recognize its USB cellular modem, use the usb-modeswitch command to specify the parameters for the hardware model of the USB cellular data-card. NOTE: You must enclose the entire modeswitch parameter string in quotation marks. Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter u s b i n i t Range The initialization string for the USB modem. This string configures the Access Point Name (APN) setting of the USB modem. For the USB modem to understand this string, the value entered should adhere to the following formats: l Prefix double-quotes with a backslash character. See example below: "AT+CGDCONT=1,\"IP\",\"vendor\"" l Use single-quote instead of double-quotes. AP translates single-quote into double-quotes.
ParaDescription meter u s b p o w e r m o d e Range Set the USB power mode to control the power to the USB port. a u t o | e n a b l e | d i s a b l e u s b t t y The TTY device path for the USB modem. This parameter only needs to be specified if the default path is not correct. Dell Networking W-Series ArubaOS 6.5.
ParaDescription meter Range u s b t t y c o n t r o l The TTY device control path for the USB modem. This parameter only needs to be specified if the default path is not correct. u s b t y p e Specify the USB driver type.
Usage Guidelines You do not need to provision APs before installing and using them. The exceptions are outdoor APs, which have antenna gains that you must provision before they can be used, and APs configured for mesh. You must provision the AP before you install it as a mesh node in a mesh deployment. Users less familiar with this process may prefer to use the Provisioning page in the WebUI to provision an AP. Provisioned or reprovisioned values do not take effect until the AP is rebooted.
The AP parameter values are written to the provisioning-ap-list. To reprovision multiple APs, the APs must be present in the provisioning-ap-list. Use the show provisioning-ap-list command to see the APs that will be provisioned. Use the clear provisioning-ap-list command to clear the provisioning-ap-list. 2. Use the copy-provisioning-params option to copy an AP’s parameter values to the provisioning-params workspace. 3. Use the provision-ap options to set new values.
Release Modification l link-priority-cellular l link-priority-ethernet ArubaOS 5.0 The mesh-sae parameter no longer has the sae-default option. Use the sae-disable option to return this parameter to its default disabled setting. ArubaOS 6.0 The uplink-vlan parameter was introduced. ArubaOS 6.1 The following new parameters were introduced for provisioning IPv6 APs: ArubaOS 6.
reload reload Description This command performs a reboot of the controller. Syntax No parameters. Usage Guidelines Use this command to reboot the controller if required after making configuration changes or under the guidance of Dell Networks customer support. The reload command powers down the controller, making it unavailable for configuration. After the controller reboots, you can access it via a local console connected to the serial port, or through an SSH, Telnet, or WebUI session.
Command Information Platforms All platforms 707| reload Licensing Base operating system Command Mode Enable and Config modes on master controllers Dell Networking W-Series ArubaOS 6.5.
rename rename Description This command renames an existing system file. Syntax Parameter Description filename An alphanumeric string that specifies the current name of the file on the system. newfilename An alphanumeric string that specifies the new name of the file on the system. Usage Guidelines Use this command to rename an existing system file on the controller.
restore restore flash Description This command restores flash directories backed up to the flashbackup.tar.gz file. Syntax Parameter flash Description Restores flash directories from the flashbackup.tar.gz file. Usage Guidelines Use the backup flash command to tar and compress flash directories to the flashbackup.tar.gz file. Example The following command restores flash directories from the flashbackup.tar.gz file: (host) #restore flash Command History This command was introduced in ArubaOS 3.0.
rf am-scan-profile clone dwell-time-active-channel dwell-time-other-reg-domain-channel dwell-time-rare-channel dwell-time-reg-domain-channel no scan-mode Description Configure an Air Monitor (AM) scanning profile. Syntax Parameter Description Range Default Name of this instance of the profile.
Usage Guidelines Channels are categorized into the following types: l Active Channel: This qualifier indicates that wireless activity (for example, a probe request) is detected on this channel by the presence of an AP or other 802.11 activity. l All Regulatory Domain Channels: A valid non-overlapping channel that is in the regulatory domain of at least one country.
rft rft test profile antenna-connectivity ap-name [dest-mac [phy {a|g}| radio {0|1}]] rft test profile link-quality {ap-name dest-mac [phy {a|g}| radio {0|1}] | bssid dest-mac | ip-addr dest-mac [phy {a|g}|radio {0|1}]} rft test profile raw {ap-name dest-mac [phy {a|g}|radio {0|1}] | bssid dest-mac | ip-addr dest-mac [phy {a|g}|radio {0|1}]} Description This command is used for RF tr
rf arm-rf-domain-profile rf arm-rf-domain profile arm-rf-domain-key Description This profile holds a non-editable key defined by the master controller, and used to sign over-the air (OTA) ARM updates exchanged between APs. Syntax Parameter Description Non-editable key value Command History Release ArubaOS 6.2 Modification Command introduced Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
rf arm-profile rf arm-profile 160MHz-support {Auto|contiguous-only|non-contiguous-only|none} 40MHz-allowed-bands {All|None|a-only|g-only} 80MHz support acceptable-coverage-index active-scan (not intended for use) aggressive-scan assignment {disable|maintain|multi-band|single-band} backoff-time cellular-handoff-assist channel-quality-aware-arm channel-quality-threshold channel-quality-wait-time client-aware client-match clone cm-ban
scan-interval scanning video-aware-scan voip-aware-scan Description This command configures the Adaptive Radio Management (ARM) profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 163 characters. — “default” 160MHz-support Allows ARM to determine the channel bandwidth on the 160 MHz frequency. — none auto Assigns 160 MHz channel bandwidth.
Parameter Description Range Default a-only Allows use of 40 MHz channels on the 5 GHZ (802.11a) frequency band only. — — g-only Allows use of 40 MHz channels on the 2.4 GHZ (802.11b/g) frequency band only. — — 80MHz-support If enabled, 80 MHz channels can be used in the 5 GHz frequency band on APs that support 802.11ac. — enabled acceptablecoverage-index The minimal coverage that the AP should try to achieve on its channel. The denser the AP deployment, the lower this value should be.
Parameter Description Range Default maintain Maintains existing channel assignments. — — multi-band Computes ARM assignments for both 5 GHZ (802.11a) and 2.4 GHZ (802.11b/g) frequency bands. — — single-band Computes ARM assignments for a single band. — — backoff-time Time, in seconds, an AP backs off after requesting a new channel or power.
Parameter Description Range Default client-aware If the Client Aware option is enabled, the AP does not change channels if there is active client traffic on that AP. If Client Aware is disabled, the AP may change to a more optimal channel, but this change may also disrupt current client traffic.
Parameter Description Range Default cm-lb-client-thresh <#-of-clients> If an AP radio has fewer clients than the client match load balancing threshold defined by this parameter, the AP will not participate in load balancing. 0-100 clients 30 cm-lb-signal -delta Client match will not move a client to a new radio if the signal strength of the target AP is this dB value lower than the radio to which the client is currently associated.
Parameter cm-max-steer-fails <#-of-fails> Description The controller keeps track of the number of times the client match feature failed to steer a client to a different radio, and the reason that each steer attempt was triggered. If the client match feature attempts to steer a client to a new radio multiple consecutive times for the same reason but client steering fails each time, the controller notifies the AP to mark the client as unsteerable for that specific trigger.
Parameter cm-stale-age Description Range The controller maintains client match data for up to clients showing the detected SNR values for up to 16 candidate APs per client. This table is periodically updated as APs send client probe reports to the controller. This parameter defines the amount of time that the controller should retain client match data from each client probe report. Default 0- 65535 seconds 900 secs 300 secs Different controller types support varying numbers of clients.
Parameter Description Range Default cm-sticky-min -signal <-dB> A client triggered to move to a different AP may consider an AP radio a better match if the client detects that the signal from the candidate AP radio is at or higher than the minimum signal level defined by this parameter and the candidate radio has a higher signal strength than the radio to which the client is currently associated. (The required improvement in signal strength can be defined using the cm-stickysnr-delta command.
Parameter Description Range Default The following controller types support a aggregate maximum of unsteerable clients for all APs associated to that controller.
Parameter Description Range Default dynamic-bw-clear-time Dynamic Bandwidth Switch back to 80MHz channel after the clear time in mins if currently there is no high volume of traffic. 1-300 seconds 30 dynamic-bw-wait-time Minimum time in seconds dynamic bandwidth switch indicators have to be true to trigger a 80MHz to 40MHz bandwidth change. 1-300 seconds 30 error-ratethreshold The percentage of errors in the channel that triggers a channel change. Recommended value is 50%.
Parameter load-aware-scan -threshold Description Range Load aware ARM preserves network resources during periods of high traffic by temporarily halting ARM scanning if the load for the AP gets too high. Default — 1250000 bytes/seconds 3, 6, 9, 12, 15, 18, 21, 24, 27, 30, 33, 127 In 6.4.4.0 and later releases: The Load Aware Scan Threshold is the traffic throughput level an AP must reach before it stops scanning. The supported range for this setting is 020000000 bytes/second.
Parameter Description Range Higher power level settings may be constrained by local regulatory requirements and AP capabilities. Default l default: 9 dBm mode-aware If enabled, ARM will turn APs into Air Monitors (AMs) if it detects higher coverage levels than necessary. This helps avoid higher levels of interference on the WLAN. Although this setting is disabled by default, you may want to enable this feature if your APs are deployed in close proximity (e.g. less than 60 feet apart).
Parameter scan-interval Description Range If scanning is enabled, the scan interval defines how often the AP will leave its current channel to scan other channels in the band. Off-channel scanning can impact client performance. Typically, the shorter the scan interval, the higher the impact on performance. If you are deploying a large number of new APs on the network, you may want to lower the Scan Interval to help those APs find their optimal settings more quickly.
Parameter video-aware-scan voip-aware-scan Description As long as there is at least one video frame every 100 mSec the AP will reject an ARM scanning request. Note that for each radio interface, video frames must be defined in one of two ways: l Classify the frame as video traffic via a session ACL. l Enable WMM on the WLAN’s SSID profile and define a specific DSCP value as a video stream. Next, create a session ACL to tag the video traffic with the that DSCP value.
derive channel quality values by measuring the noise floor for that channel. Client Match the ARM client match feature continually monitors a client's RF neighborhood to provide ongoing client bandsteering and load balancing, and enhanced AP reassignment for roaming mobile clients. This feature is recommended over the legacy bandsteering and spectrum load balancing features, which, unlike client match, do not trigger AP changes for clients already associated to an AP. Legacy 802.
determine the channel assigned to it, for a mesh point always uses the channel selected by its mesh portal. However, if a mesh portal uses an ARM profile enabled with a single-band or multi-band channel/power assignment and the scanning feature, the mesh portal will scan the configured channel lists and the ARM algorithm will assign the proper channel to the mesh portal. If you are using ARM in your network, is important to note that mesh points, unlike mesh portals, do not scan channels.
Release Modification l cm-max-steer-fails l cm-report-interval l cm-stale-age l cm-sticky-check-interval l cm-sticky-min-signal l cm-sticky-snr l cm-sticky-snr-delta l cm-update-interval l cm-unst-ageout-interval ArubaOS 6.3.1.0 The cellular-handoff-assist parameter was introduced. ArubaOS 6.4 The cm-lb-signal-delta parameter was introduced. ArubaOS 6.4.1.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
rf dot11a-radio-profile rf dot11a-radio-profile am-scan-profile arm-profile beacon-period beacon-regulate cap-reg-eirp cell-size-reduction channel channel-reuse {static|dynamic|disable} channel-reuse-threshold clone csa csa-count disable-arm-wids-function dot11h high-throughput-enable ht-radio-profile interference-immunity maximum-distance mgmt-frame-throttle
Parameter Description Range Default arm-profile Configures Adaptive Radio Management (ARM) feature. See rf arm-profile on page 714. — “default” beacon-period Time, in milliseconds, between successive beacon transmissions. The beacon advertises the AP’s presence, identity, and radio characteristics to wireless clients.
Parameter Description l num: Entering a channel number disables 40 MHz mode and activates 20 MHz mode for the entered channel. l num+: Entering a channel number with a plus (+) sign selects a primary and secondary channel for 40 MHz and 80 Mhz modes. The number entered becomes the primary channel and the secondary channel is determined by increasing the primary channel number by 4. Example: 157+ represents 157 as the primary channel and 161 as the secondary channel.
Parameter Description l channel-reuse-threshold Range Default Disable mode: This mode does not support the tuning of the CCA Detect Threshold. RX Sensitivity Tuning Based Channel Reuse Threshold, in - dBm. If the Rx Sensitivity Tuning Based Channel reuse feature is set to static mode, this parameter manually sets the AP’s Rx sensitivity threshold (in -dBm). The AP will filter out and ignore weak signals that are below the channel threshold signal strength.
Parameter csa Description Channel Switch Announcement (CSA), as defined by IEEE 802.11h, allows an AP to announce that it is switching to a new channel before it begins transmitting on that channel. Range Default — disabled Clients must support CSA in order to track the channel change without experiencing disruption. csa-count Number of CSA announcements that are sent before the AP begins transmitting on the new channel.
Parameter Description Range l Level-2: noise and spur immunity. This is the default setting l Level-3: level 2 and weak OFDM immunity. l Level-4: level 3 and FIR immunity. l Level-5: disable PHY reporting. Default NOTE: Do not raise the noise immunity feature’s default setting if the channelreuse-threshold on page 736 feature is also enabled. A level-3 to level-5 Noise Immunity setting is not compatible with the Channel Reuse feature.
Parameter Description Range Default ap-mode Device provides transparent, secure, highspeed data communications between wireless network devices and the wired LAN. — — am-mode Device behaves as an air monitor to collect statistics, monitor traffic, detect intrusions, enforce security policies, balance traffic load, self-heal coverage gaps, etc. — — spectrum-mode Device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client.
Parameter Description Range Default spectrum load balancing domain isalso defined, AP radios belonging to the same spectrum load balancing domain will be considered part of the same RF neighborhood for load balancing, and will not recognize RF neighborhoods defined by the ARM feature.
Parameter spur-immunity Description Spur Immunity for 5 GHz radio. This parameter fine-tunes the Cyclic Power Threshold (CPT) of a 5 GHz radio. The value specified here is the offset from the base value of 2 dB (for example, setting the CPT value to 1 corresponds to 2 + 1 = 3 dB. Similarly, setting the CPT value to 10 corresponds to 2+10 = 12 dB).
Usage Guidelines This command configures radios that operate in the 5 GHz frequency band, which includes radios utilizing the IEEE 802.11a or IEEE 802.11n standard. Channels must be valid for the country configured in the AP regulatory domain profile (see ap regulatory-domain-profile on page 202).To view the supported channels, use the show ap allowed-channels command. APs initially start up with default ack-timeout, cts-timeout and slot-time values.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 3.3.2 Introduced support for the high-throughput IEEE 802.11n standard. ArubaOS 3.4 The following parameters were introduced: l Spectrum load balancing l Spectrum load balancing domain l RX Sensitivity Tuning Based Channel Reuse l RX Sensitivity Threshold l ARM/WIDS Override ArubaOS 3.4.1 The maximum-distance parameter was introduced. ArubaOS 3.4.2 The beacon-regulate parameter was introduced. ArubaOS 6.
rf dot11g-radio-profile rf dot11g-radio-profile am-scan-profile arm-profile beacon-period beacon-regulate cap-reg-eirp cell-size-reduction channel channel-reuse {static|dynamic|disable} channel-reuse-threshold clone csa csa-count disable-arm-wids-function dot11b-protection dot11h high-throughput-enable ht-radio-profile interference-immunity maximum-distance m
Parameter Description Range Default arm-profile Configures Adaptive Radio Management (ARM) feature. See rf arm-profile on page 714. — “default” beacon-period Time, in milliseconds, between successive beacon transmissions. The beacon advertises the AP’s presence, identity, and radio characteristics to wireless clients.
Parameter Description Range Default reduce the radio’s transmission (Tx) power to match its new received (Rx) power level. Failure to match a device’s Tx power level to its Rx power level can result in a configuration that allows the radio to send messages to a device that it cannot hear. channel Channel number for the AP 802.11g/802.11n.802.11ac physical layer. The available channels depend on the regulatory domain (country).
Parameter Description Range Default the primary channel. clone Name of an existing radio profile from which parameter values are copied. — — csa Channel Switch Announcement (CSA), as defined by IEEE 802.11h, allows an AP to announce that it is switching to a new channel before it begins transmitting on that channel. — disabled Clients must support CSA in order to track the channel change without experiencing disruption.
Parameter Description Range Default 40 MHz mode. The number entered becomes the primary channel and the secondary channel is determined by decreasing the primary channel number by 4. Example: 157represents 157 as the primary channel and 153 as the secondary channel. NOTE: 20 MHz clients are allowed to associate when a primary and secondary channel are configured; however, the client will only use the primary channel. channel-reuse Dell Networking W-Series ArubaOS 6.5.
Parameter Description Range Default of the CCA Detect Threshold. channel-reuse-threshold RX Sensitivity Tuning Based Channel Reuse Threshold, in dBm. depends on regulatory domain — — OFF — enabled If the Rx Sensitivity Tuning Based Channel reuse feature is set to static mode, this parameter manually sets the AP’s Rx sensitivity threshold (in -dBm). The AP will filter out and ignore weak signals that are below the channel threshold signal strength.
Parameter Description Range Default dot11h Enable advertisement of 802.11d (Country Information) and 802.11h (TPC or Transmit Power Control) capabilities This parameter is disabled by default. — disabled high-throughput-enable Enables high-throughput (802.11n) features on a radio using the 2.4 GHz frequency band. — enabled ht-radio-profile Name of high-throughput radio profile to use for configuring high-throughput support on the 5 GHz frequency band. See rf ht-radio-profile on page 761.
Parameter Description Range Default is not compatible with the Channel Reuse feature. maximum-distance Maximum distance between a client and an AP or between a mesh point and a mesh portal, in meters. This value is used to derive ACK and CTS timeout times. A value of 0 specifies default settings for this parameter, where timeouts are only modified for outdoor mesh radios which use a distance of 16km.
Parameter Description ap-mode Device provides transparent, secure, high-speed data communications between wireless network devices and the wired LAN. am-mode Device behaves as an air monitor to collect statistics, monitor traffic, detect intrusions, enforce security policies, balance traffic load, self-heal coverage gaps, etc. spectrum-mode Device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client.
Parameter Description Range Default slb-threshold If the spectrum load balancing feature is enabled, this parameter controls the percentage difference between number of clients on a channel channel that triggers load balancing. The default value is 20%, meaning that spectrum load balancing is activated when there are 20% more clients on one channel than on another channel used by the AP radio.
Parameter Description spectrum-load-balancing The Spectrum Load Balancing feature helps optimize network resources by balancing clients across channels, regardless of whether the AP or the controller is responding to the wireless clients' probe requests. Range Default — disabled — default — default If enabled, the controller compares whether or not an AP has more clients than its neighboring APs on other channels.
Parameter Description Range Default tpc-power The transmit power advertised in the TPC IE of beacons and probe responses. Range: 0-51 dBm 0-51 dBm 15 dBm tx-power Sets the initial transmit power (dBm) on which the AP operates, unless a better choice is available through calibration. 0-51 dBm, 127 dBm 14 dBm This parameter can be set from 0 to 51 in .5 dBm increments, or set to the regulatory maximum value of 127 dBm.
timeout and slot-time values may be derived, but those values are never less then the default values for an indoor AP. Mesh radios on outdoor APs have additional constraints, as mesh links may need to span long distances. For mesh radios on outdoor APs, the effect of the default maximum-distance parameter on the ack-timeout, cts-timeout and slot-time values depends on whether the APs are configured as mesh portals or mesh points.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3.2 Introduced protection for 802.11b clients and support for the highthroughput IEEE 802.11n standard. ArubaOS 3.4 The following parameters were introduced: l Spectrum load balancing l Spectrum load balancing domain l RX Sensitivity Tuning Based Channel Reuse l RX Sensitivity Threshold l ARM/WIDS Override ArubaOS 3.4.1 The maximum-distance parameter was introduced. ArubaOS 3.4.
rf event-thresholds-profile rf event-thresholds-profile bwr-high-wm bwr-low-wm clone detect-frame-rate-anomalies fer-high-wm fer-low-wm ffr-high-wm ffr-low-wm flsr-high-wm flsr-low-wm fnur-high-wm fnur-low-wm frer-high-wm frer-low-wm frr-high-wm frr-low-wm no ... Description This command configures the event thresholds profile.
Parameter Description Range Default fer-high-wm If the frame error rate (as a percentage of total frames in an AP) exceeds this value, a frame error rate exceeded condition exists. The recommended value is 16%. 0-100 0% fer-low-wm After a frame error rate exceeded condition exists, the condition persists until the frame error rate drops below this value. The recommended value is 8%.
Parameter Description Range Default frr-high-wm If the frame retry rate (as a percentage of total frames in an AP) exceeds this value, a frame retry rate exceeded condition exists. The recommended value is 16%. 0-100 16% frr-low-wm After a frame retry rate exceeded condition exists, the condition persists until the frame retry rate drops below this value. The recommended value is 8%. 0-100 8% no Negates any configured parameter.
rf ht-radio-profile rf ht-radio-profile 40MHz-intolerance clone diversity-spreading-workaround honor-40MHz-intolerance no Description This command configures high-throughput AP radio settings. High-throughput features use the IEEE 802.11n standard. Syntax Parameter Description Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description diversity-spreading-workaround Range When this feature is enabled, all legacy transmissions will be sent using a single antenna. This enables interoperability for legacy or highthroughput stations that cannot decode 802.11n cyclic shift diversity (CSD) data. Default disabled This feature is disabled by default and should be kept disabled unless necessary. Usage Guidelines The ht-radio-profile configures high-throughput settings for networks utilizing the IEEE 802.
Command Information Platforms All platforms, but operates with IEEE 802.11n compliant devices only Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
rf optimization-profile rf optimization-profile clone handoff-assist low-rssi-threshold no ... rssi-check-frequency rssi-falloff-wait-time Description This command configures the RF optimization profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” clone Name of an existing optimization profile from which parameter values are copied.
Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 The following parameters were deprecated: l ap-lb-max-retries l ap-lb-user-high-wm l ap-lb-user-low-wm l ap-lb-util-high-wm l ap-lb-util-low-wm l ap-lb-util-wait-time
rf spectrum-profile rf spectrum-profile age-out audio|bluetooth|cordless-ff-phone|cordless-fh-base|cordless-fh-network|genericff|generic-fh|microwave|microwave-inverter|unknown|video|wifi|xbox clone no ... Description Define the device ageout times used by a spectrum monitor, or hybrid AP radio.
Parameter Description Range Default generic-ff All fixed frequency devices that do not fall into one of the other categories are classified as Fixed Frequency (Other). Note that the RF signatures of the fixed frequency audio, video and cordless phone devices are very similar and that some of these devices may be occasionally classified as Fixed Frequency (Other).
Parameter Description Range Default types of devices may be used for video surveillance, TV or other video distribution, and similar applications. wifi Wi-Fi devices. 5-65535 seconds 600 sec xbox The Microsoft Xbox device uses a frequency hopping protocol in the 2.4 GHz band. These devices are classified as Frequency Hopper (Xbox). Note that this setting is applicable to 2.4GHz spectrum monitor radios only. 5-65535 seconds 25 sec clone Make a copy of an existing spectrum profile.
Command History Release Modification ArubaOS 6.0 Command introduced ArubaOS 6.2 The spectrum-band parameter was deprecated.
router mobile router mobile Description This command enables Layer-3 (IP) mobility. Syntax No parameters. Usage Guidelines Use this command to enable IP mobility on a controller. IP mobility is disabled by default on the controller. This command must be executed on all controllers(master and local) that need to provide support for layer-3 roaming in a mobility domain.
router ospf router ospf aggregate-route rapng-vpn area default-cost nssa [default-information no-redistribution | no-summary] stub [no-summary] default-information originate always redistribute loopback rapng-vpn vlan [ | add | remove ] router-id subnet exclude Description Global OSPF configuration for the upstream router. Syntax Parameter Description aggregate-route Enter the aggregate route information.
Parameter Description vlan Redistribute the vlan user subnet. add Add the user VLANs to the list remove Remove user VLANs to the list. router-id Enter the router ID in IP address format. subnet exclude Specify the subnet that OSPF will not advertise. Enter the subnet and mask address in dotted decimal format (A.B.C.D). Usage Guidelines OSPFv2 is a dynamic Interior Gateway routing Protocol (IGP) based on IETF RFC 2328.
Command Information Platforms All Platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
routing-policy-map routing-policy-map {branch }|{role } access-list Description This command associates a routing access control list (ACL) with a specific user role or a GRE tunnel on a branch controller. Syntax Parameter Description branch By default, when a branch office deployment uses IPsec maps to define the connections between each branch controller and its master controller, the global ACL master-boc-traffic is applied to those IPsec maps.
Related Commands Command Description ip access-list route Use this command to configure an access control list (ACL) for policy-based routing (PBR). ip nexthop-list Use this command to define a next-hop list for a routing policy Command History Version Description ArubaOS 6.4.3.0 Command introduced. ArubaOS 6.4.4.0 The branch parameter is introduced.
service service [dhcp] [dhcpv6] [network-storage] [print-server] Description This command enables the DHCP server on the controller.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 3.4 The network-storage and print-server options were introduced. ArubaOS 6.3 The dhcpv6 command was introduced. Command Information Platforms All platforms 777| service Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show aaa accounting tacacs show aaa accounting tacacs Description Show configuration information for TACACS+ accounting servers. Usage Guidelines This command displays TACACS+ data for your controller if you have previously configured a TACACS+ server and server group. The output includes the current TACACS+ accounting mode (enabled or disabled), and the name of the TACACS+ server group.
Command Description aaa server-group Mode Add a configured authentication server to an ordered list in a server group, and configure server rules to derive a user role, VLAN ID or VLAN name from attributes returned by the server during authentication Config mode Command History This command was introduced in ArubaOS 3.0.
show aaa authentication all show show aaa authentication all Description Show authentication statistics for your controller, including authentication methods, successes and failures. Usage Guidelines This command displays a general overview of authentication statistics. To view authentication information for specific profiles such as a captive-portal, MAC or 801.x authentication profile, issue the commands specific to those features.
show aaa authentication captive-portal show aaa authentication captive-portal [] Description This command shows configuration information for captive portal authentication profiles. Syntax Parameter Description The name of an existing captive portal authentication profile.
Use HTTP for authentication Logon wait minimum wait Logon wait maximum wait logon wait CPU utilization threshold Max Authentication failures Show FQDN Authentication Protocol Login page Welcome page Show Welcome Page Add switch IP address in the redirection URL Adding user vlan in redirection URL Add a controller interface in the redirection URL Allow only one active user session White List Black List Show the acceptable use policy page User idle timeout Redirect URL Bypass Apple Captive Network Assistant U
Parameter Description Use HTTP for authentication Shows whether the profile has enabled or disabled the ability to use the HTTP protocol to redirect users to the captive portal page. Logon wait minimum wait Minimum time, in seconds, the user will have to wait for the logon page to pop up if the CPU load is high. Logon wait maximum wait Maximum time, in seconds, the user will have to wait for the logon page to pop up if the CPU load is high.
Parameter Description Allow only one active user session If enabled, only one active user session is allowed at any time. This feature is disabled by default. White List Shows the configured white list on an IPv4 or IPv6 network destination. The white list contains authenticated websites that a guest can access. Black List Shows the configured black list on an IPv4 or IPv6 network destination. The black list contains websites (unauthenticated) that a guest cannot access.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.1 The sygate-on-demand parameter was deprecated, and the white-list and black-list parameters were added. ArubaOS 6.2 the Authentication Protocol parameter was added, and the Use CHAP parameter was deprecated. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show aaa authentication captive-portal customization show aaa authentication captive-portal customization Description Display customization settings for a captive portal profile Syntax Parameter Description The name of an existing captive portal authentication profile. Usage Guidelines The this command shows how a captive portal profile has been customized with non-default configuration settings.
Parameters Description Custom page background color Hexadecimal value for a custom background color. This option is only available if the controller has a custom login page design theme. Custom page background image Path and filename for a custom JPEG captive portal background image. This option is only available if the controller has a custom login page design theme.
show aaa authentication dot1x show aaa authentication dot1x [|countermeasures] Description This command shows information for 802.1X authentication profiles. Syntax Parameter Description The name of an existing 802.1X authentication profile. countermeasures Reports if WPA/WPA2 Countermeasures have been enabled for 802.1X profiles. If enabled, the AP scans for message integrity code (MIC) failures in traffic received from clients.
Enforce Machine Authentication Machine Authentication: Default Machine Role Machine Authentication Cache Timeout Blacklist on Machine Authentication Failure Machine Authentication: Default User Role Interval between Identity Requests Quiet Period after Failed Authentication Reauthentication Interval Use Server provided Reauthentication Interval Multicast Key Rotation Time Interval Unicast Key Rotation Time Interval ...
Parameter Value Interval between Identity Requests Interval, in seconds, between identity request retries Quiet Period after Failed Authentication Interval, in seconds, following failed authentication. Reauthentication Interval Interval, in seconds, between reauthentication attempts. Use Server provided Reauthentication Interval If enabled, 802.1X authentication will use the server-provided reauthentication period.
Parameter Value Maximum number of times Held State can be bypassed Number of consecutive authentication failures which, when reached, causes the controller to not respond to authentication requests from a client while the controller is in a held state after the authentication failure. Dynamic WEP Key Message Retry Count Number of times unicast/multicast EAPOL key messages are sent to the client. Dynamic WEP Key Size Dynamic WEP key size, either 40 or 128 bits.
Parameter Value Multicast Key Rotation Shows if multicast key rotation is enabled or disabled. Unicast Key Rotation Shows if unicast key rotation is enabled or disabled. Reauthentication If enabled, this option forces the client to do a 802.1X reauthentication after the expiration of the default timer for reauthentication. (The default value of the timer is 24 hours.
Parameter Value Termination Shows if 802.1X termination is enabled or disabled on the controller. Termination EAP-Type Shows the current Extensible Authentication Protocol (EAP) method, either EAP-PEAP or EAPTLS. Termination Inner EAP-Type When EAP-PEAP is the EAP method, this parameter displays the inner EAP type. Enforce Suite-B 128 bit or more security level Authentication Shows if Suite-B 128 bit or more security level authentication enforcement is enabled or disabled.
Parameter Value TLS Guest Role User role assigned to EAPTLS guest. Ignore EAPOL-START after authentication If enabled, the controller ignores EAPOL-START messages after authentication. Handle EAPOL-Logoff Shows if handling of EAPOL-LOGOFF messages is enabled or disabled. Ignore EAP ID during negotiation If enabled, the controller will Ignore EAP IDs during negotiation. WPA-Fast-Handover Shows if WPA-fasthandover is enabled or disabled. This feature is only applicable for phones that support WPA.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.1 The Check certificate common name against AAA server, Enforce Suite-b-128 and Enforce Suite-b-192 parameters were introduced. ArubaOS 6.3.1.2 The Delete Keycache upon user deletion parameter was introduced. Command Information Platforms All platforms 795| show aaa authentication dot1x Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.
show aaa authentication mac show aaa authentication mac [] Description This command shows information for MAC authentication profiles.Issue this command without the option to display the entire MAC Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed MAC authentication configuration information for that profile.
Related Commands Command Description aaa authentication mac Mode Configure MAC authentication values on your controller. Config mode Command History This command was introduced in ArubaOS 3.0. Command Information Platforms All platforms 797| show aaa authentication mac Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show aaa authentication mgmt show aaa authentication mgmt Description This command displays administrative user authentication information, including management authentication roles and servers. Usage Guidelines Issue this command to identify the default management role assigned to authenticated administrative users, and the name of the group of servers used to authenticate these users. Example The output of the following example displays management authentication information for your controller.
Related Commands Command aaa authentication mgmt Description Mode Configure management authentication settings. Config mode Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.1 The Mode parameter in the command output was renamed Enable. Command Information Platforms All platforms 799| show aaa authentication mgmt Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show aaa authentication stateful-dot1x show aaa authentication stateful-dot1x [config-entries] Description This command displays configuration settings for 802.1X authentication for clients on non-Dell APs. Syntax Parameter config-entries Description Display details for the AP Server configuration list. Usage Guidelines Issue this command to identify the default role assigned to the 802.1X user group, name of the group of RADIUS servers used to authenticate the 802.1X users, and the 802.
AP-Server Configuration List ---------------------------Cfg-Name AP-IP -------- ----cfg22 Parameter Server -----10.3.14.6 Shared-Secret ------------RADIUS1 secret-pwd Description Cfg-Name is a auto-generated name AP-IP IP address of the AP. Server Name of the authentication server. Shared-Secret Shared authentication secret.
show aaa authentication stateful-ntlm show aaa authentication stateful-ntlm Description This command displays configuration settings for the Stateful NTLM Authentication profile.Issue this command without the option to display the entire Stateful NTLM Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed Stateful NTLM authentication configuration information for that profile.
Parameter Description Default Role This parameter shows the role assigned to NTLM authenticated users. Server Group The name of a windows server group. Mode The Mode parameter indicates whether or not this authentication profile is enabled or disabled. Timeout Timeout period for an authentication request, in seconds.
show aaa authentication via auth-profile show aaa authentication via auth-profile [] Description This command displays configuration settings for the VIA Authentication profile. Issue this command without the option to display the entire VIA Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed VIA authentication configuration information for that profile.
Description VIA config for the MV office The output of this command includes the following parameters: Parameter Description Default Role Role assigned to the captive portal user upon login. Server Group Name of the group of servers used to authenticate captive portal users. Max Authentication failures Maximum number of authentication failures before the user is blacklisted. Description Description of the VIA authentication profile.
show aaa authentication via connection-profile show aaa authentication via connection-profile [] Description This command displays configuration settings for the VIA connection profile. Issue this command without the option to display the entire VIA Connection profile list, including profile status and the number of references to each profile. Include a profile name to display detailed VIA connection configuration information for that profile.
Allow client to auto-upgrade VIA tunneled networks Enable split tunneling VIA Client WLAN profiles Allow client side logging VIA IKE V2 Policy VIA IKE Policy Use Windows Credentials Enable IKEv2 Use Suite B Cryptography IKEv2 Authentication method VIA IPSec V2 Crypto Map VIA IPSec Crypto Map Allow user to save passwords Enable Supplicant Enable FIPS Module Auto-launch Supplicant Lockdown All Settings Domain Suffix in VIA Authentication Enable Controllers Load Balance Enable Domain Pre-connect VIA Banner Mes
Parameter Description VIA Authentication Profiles to provision This is the list of VIA authentication profiles that will be displayed to users in the VIA client. Allow client to autoupgrade Enable or disable VIA client to automatically upgrade when an updated version of the client is available on the controller. Default: Enabled VIA tunneled networks Enable split-tunneling A list of network destination (IP address and netmask) that the VIA client will tunnel through the controller.
Parameter Description VIA IPsec Crypto Map List of IPsec Crypto Map that the VIA client uses to connect to the controller. These IPsec Crypto Maps are configured in CLI using the crypto-local ipsec-map command. Allow user to save passwords Enable or disable users to save passwords entered in VIA. Enable Supplicant If enabled, VIA starts in bSec mode using L2 suite-b cryptography. This option is disabled by default.
Parameter Description Default: 1440 min VIA Logon Script Name of the logon script that must be executed after VIA establishes a secure connection. The logon script must reside in the client computer. VIA Logoff Script Name of the log-off script that must be executed after the VIA connection is disconnected. The logoff script must reside in the client computer. VIA Support E-mail Address The support e-mail address to which VIA users will send client logs.
Command Information Platforms All platforms Licensing Base operating system 811| show aaa authentication via connection-profile Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show aaa authentication via web-auth show aaa authentication via web-auth [default] Description A VIA web authentication profile contains an ordered list of VIA authentication profiles. The web authentication profile is used by end users to login to the VIA download page (https:///via) for downloading the VIA client. Only one VIA web authentication profile is available.
Command History This command was introduced in ArubaOS 5.0. Command Information Platforms All platforms 813| show aaa authentication via web-auth Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show aaa authentication vpn show aaa authentication vpn [default|default-cap|default-rap] Description This command displays VPN authentication settings, including authentication roles and servers. Usage Guidelines Issue this command to identify the default role assigned to VPN users, the name of the group of servers used to authenticate the VPN users, and the maximum number of authentication failures allowed before the user is blacklisted.
Parameter Max Authentication failures Description Number of times a user attempted to authenticate, but failed. Related Commands Command Description aaa authentication via auth-profile Mode Use the command aaa authentication via auth-profile to configure the settings displayed in the output of this show command. Config mode Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 5.0 The default-cap and default-rap profiles were introduced. ArubaOS 6.
show aaa authentication wired show aaa authentication wired Description View wired authentication settings for a client device that is directly connected to a port onthe controller. Usage Guidelines This command displays the name of the AAA profile currently used for wired authentication. Example The following example shows the current wired profile for the controller is a profile named “secure_profile_3.
show aaa authentication wispr show aaa authentication wispr option to display the entire WISPr Authentication profile list, including profile status and the number of references to each profile. Include a profile name to display detailed WISPr authentication configuration information for that profile.
Parameter --------Default Role Server Group Logon wait minimum wait Logon wait maximum wait logon wait CPU utilization threshold WISPr Location-ID ISO Country Code WISPr Location-ID E.164 Country Code WISPr Location-ID E.
Related Commands Command aaa authentication wispr Description Mode Configure WISPr authentication values on your controller. Config mode on master or local controllers. Command History This command was introduced in ArubaOS 3.4.1. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show aaa authentication-server all show aaa authentication-server all Description View authentication server settings for both external authentication servers and the internal controller database. Usage Guidelines The output of this command displays statistics for the Authentication Server Table, including the name and address of each server, server type and configured authorization and accounting ports.
Parameter Description AcctPort Accounting port on the server. Status Shows whether the Authentication server is enable or disabled. Requests Number of authentication requests received by the server. Command History This command was introduced in ArubaOS 3.0. Command Information Platforms All platforms 821| show aaa authentication-server all Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show aaa authentication-server internal show aaa authentication-server internal [statistics] Description View authentication server settings for the internal controller database. Examples The output of the command below shows that the internal authentication server has been disabled (host) #show aaa authentication-server internal Internal Server --------------Host IP addr ---------Internal 10.168.254.
Parameter Description PAP Requests Number of PAP requests received by the internal server. PAP Accepts Number of PAP requests accepted by the internal server. PAP Rejects Number of PAP requests rejected by the internal server. MSCHAPv2 Requests Number of MSCHAPv2 requests received by the internal server. MSCHAPv2 Accepts Number of MSCHAPv2 requests accepted by the internal server. MSCHAPv2 Rejects Number of MSCHAPv2 requests rejected by the internal server.
Dell Networking W-Series ArubaOS 6.5.
show aaa authentication-server ldap show aaa authentication-server ldap [] Description Display configuration settings for your LDAP servers. Syntax Parameter Description Name that identifies an LDAP server. Examples The output of the example below displays the LDAP server list with the names of all the LDAP servers.
Parameter Description host IP address of the LDAP server Admin-DN Distinguished name for the admin user who has read/search privileges across all of the entries in the LDAP database. Admin Passwd Password for the admin user. Allow Clear-Text If enabled, this parameter allows clear-text (unencrypted) communication with the LDAP server. Auth Port Port number used for authentication.
show aaa authentication-server radius show aaa authentication-server radius [|statistics] Description Displays the configuration settings of your RADIUS servers. Syntax Parameter Description Name that identifies a RADIUS server. statistics Displays the statistics for all RADIUS servers. Usage Guidelines Timeouts information in the output of this command includes RADIUS accounting requests.
NAS IP Enable IPv6 NAS IPv6 Source Interface Use MD5 Use IP address for calling station ID Mode Lowercase MAC addresses MAC address delimiter Service-type of FRAMED-USER Radsec Radsec Trusted CA Name Radsec Server Cert Name Radsec Client Cert called-station-id N/A Disabled N/A N/A Disabled Disabled Enabled Disabled none Disabled Enabled can-new N/A client-new macaddr colon disable The output of this command includes the following information: Parameter Description host IP address of the RADIUS server
Parameter Description Source Interface The source interface VLAN ID number. Use MD5 If enabled, the RADIUS server will use a MD5 hash of cleartext password. Use IP address for calling station ID If enabled, the RADIUS server will use an IP address instead of a MAC address for calling station IDs. Mode Shows whether this server is Enabled or Disabled. Lowercase MAC addresses If this feature is enabled, the server will send MAC addresses in lowercase letters.
Parameter Description Acct Rq Accounting requests. This reports of the number of accounting messages (for example, start/stop/interim update) sent by the controller to a RADIUS server. This counter increments whenever the controller sends one of these messages. Raw Rq Raw requests. Number of raw authentication requests the controller sent to a RADIUS server. PAP Rq Pap Requests. Number of PAP authentication requests the controller sent to a RADIUS server. CHAP Rq CHAP requests.
Parameter Description AvgRspTme Average response time. Time taken, on an average, for the RADIUS server to respond to a message from the controller. Tot Rq Total errors. This counter reflects the total number of requests sent to the RADIUS server (auth and accounting requests). Tot Rsp This counter reflects the total number of responses received by the RADIUS server (auth and accounting responses). Rd Err Read errors.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.1 The Source Interface parameter was introduced. ArubaOS 6.3 The enable-ipv6 and nas-ip6 fields were added to the output of this command. ArubaOS 6.4 The called-station-id and cppm credentials parameter was added to the output of this command. ArubaOS 6.4.2.5 The CPPM credentials parameter was introduced. ArubaOS 6.4.3.
show aaa authentication-server tacacs show aaa authentication-server tacacs []|statistics Description Display configuration settings for your TACACS+ servers. Syntax Parameter Description Name that identifies an TACACS+ server. statistics Displays accounting, authorization, and authentication request and response statistics for the TACACS server.
Parameter Description Key Shared secret between the controller and the authentication server. TCP Port TCP port used by the server. Retransmits Maximum number of retries sent to the server by the controller before the server is marked as down. Timeout Maximum time, in seconds, that the controller waits before timing out the request and resending it. Mode Shows whether this server is Enabled or Disabled.
show aaa authentication-server windows show aaa authentication-server windows [] Description Display configuration settings for your Windows servers. Syntax Parameter Description Name that identifies a Windows server. Examples The output of the example below displays the Windows server list with the names of all the Windows servers used for NTLM authentication.
Command History This command was introduced in ArubaOS 3.4.1. Command Information Platforms All platforms 836| show aaa authentication-server windows Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show aaa bandwidth-contracts show aaa bandwidth-contracts [] Description This command shows the contract names, ID numbers and Rate limits for your bandwidth contracts. Syntax Parameter Description (Optional) Name of a bandwidth contract. Example Specify a bandwidth contract name to view information for a specific bandwidth contract, or omit that parameter to veiw information for all configured bandwidth contracts.
show aaa debug show aaa debug age {dev-id-cache [mac ]|key-cache [mac ]|pmk-cache [mac ]} pmk bss-table [] role user {ip |ipv6 |mac } vlan user {ip |ipv6 |mac } Description Displays AAA related debug information.
1. 2. 3. 4. 5. 6. 7. 8. VLAN VLAN VLAN VLAN VLAN VLAN VLAN VLAN 1 1 0 3 1 5 5 5 for for for for for for for for Default VLAN Current VLAN updated Reset VLANs for Station up Default VLAN Initial Role Contained Dot1x Server Rule User Dot1x Role Contained Current VLAN updated Current VLAN : 5 (Dot1x Server Rule) Command History Release Modification ArubaOS 6.3 Command introduced. ArubaOS 6.4.2.6 The age key-cache | pmk-cache parameters were introduced. ArubaOS6.4.3.
show aaa derivation-rules show aaa derivation-rules [server-group |user ] Syntax Parameter Description Name of a server group Name of a user rule group Description Show derivation rules based on user information or configured for server groups. Example The output of the following command shows that the server group group1 has the internal database configured as its authentication server, and that there is a single rule assigned to that group.
Parameter Description Priority The priority in which the rules are applied. Rules at the top of the list are applied before rules at the bottom. Attribute This is the attribute returned by the authentication server that is examined for Operation and Operand match Operation This is the match method by which the string in Operand is matched with the attribute value returned by the authentication server.
Parameter Description Priority The priority in which the rules are applied. Rules at the top of the list are applied before rules at the bottom. Attribute This is the attribute returned by the authentication server that is examined for Operation and Operand match. Operation This is the match method by which the string in Operand is matched with the attribute value returned by the authentication server.
Command Information Platforms All platforms 843| show aaa derivation-rules Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show aaa dns-query-interval show aaa dns-query-interval Description View the configured interval between DNS requests sent from the controller to the DNS server. Syntax No parameters Usage Guidelines If you define a RADIUS server using the FQDN of the server rather than its IP address, the controller will periodically generate a DNS request and cache the IP address returned in the DNS response.
show aaa fqdn-server-names show aaa fqdn-server-names Description Show a table of IP addresses that have been mapped to fully qualified domain names (FQDNs). Syntax No parameters. Usage Guidelines If you define a RADIUS server using the FQDN of the server rather than its IP address, the controller will periodically generate a DNS request and cache the IP address returned in the DNS response. Issue this command to view the IP addreses that currently correlate to each RADIUS server FQDN.
show aaa load-balance statistics show aaa load-balance statistics server-group Description Display the load balancing statistics for RADIUS servers. Syntax Parameter Description Name of the server group.
Parameter Description secret or bad reply digest. Acc Access accept. Number of responses from the RADIUS server with invalid secret or bad reply digest. Rej Access reject. Number of responses from the RADIUS server that indicate that client authentication failed. Acct Rsp Accounting response. Number of responses sent from the RADIUS server in response to accounting requests sent from the controller. Chal Access challenge.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.1 The Source Interface parameter was introduced. ArubaOS 6.3 The enable-ipv6 and nas-ip6 fields were added to the output of this command. ArubaOS 6.4 The Outstanding Auths parameter was added to the output of this command. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show aaa main-profile show aaa main-profile summary Description Show a summary of all AAA profiles. Example The output of the show aaa main-profile summary command shows roles, server group settings, and wireto-wireless-roaming statistics for each AAA profile.
Parameter enforce-dhcp Description When this option is enabled, clients must complete a DHCP exchange to obtain an IP address. Best practices are to enable this option when you use the aaa derivation-rules command to create a rule with the DHCP-Option rule type. This parameter is disabled by default. Related Commands Command aaa profile Description Mode Use aaa profile define the parameters displayed in the output of this show command.
show aaa password-policy mgmt show aaa password-policy mgmt [statistics] Description Show the current password policy for management users. Syntax Parameter statistics Description Include this optional parameter to show the numbers of failed login attempts and any lockout periods for management user accounts.
Parameter Description Minimum number of Lower Case characters The maximum number of lowercase letters required for a management user password. By default, there is no requirement for lowercase letters in a password, and the parameter has a default value of 0. Minimum number of Digits Minimum number of numeric digits required in a management user password. By default, there is no requirement for digits in a password, and the parameter has a default value of 0.
Command History This command was introduced in ArubaOS 3.4.2. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show aaa profile show aaa profile Description Show configuration details for an individual AAA profile. Example The output of the following command shows roles, servers and server group settings, and wire-to-wirelessroaming statistics for each AAA profile. (host) #show aaa profile default AAA Profile "default" --------------------Parameter --------Initial role MAC Authentication Profile MAC Authentication Default Role MAC Authentication Server Group 802.1X Authentication Profile 802.
Parameter Description MAC Authentication Server Group Name of the server group used for MAC authentication. 8021.X Authentication Profile Name of the 802.1X authentication profile. 8021.X Authentication Default Role Configured role assigned to the user after 802.1X authentication. 8021.X Authentication Server Group Name of the server group used for 802.1X authentication. Download Role from CPPM L2 Authentication Fail Through Status of role download from CPPM.
Parameter Description Device Type Classification Shows if the device identification feature is enabled or disabled. When devtype-classification parameter is enabled, the output of the show user and show user-table commands shows each client’s device type, if that client device can be identified. Enforce DHCP When this option is enabled, clients must complete a DHCP exchange to obtain an IP address.
Command Information Platforms All platforms 857| show aaa profile Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show aaa radius-attributes show aaa radius-attributes Description Show RADIUS attributes recognized by the controller. Example The output of the following command shows the name, currently configured value, type, vendor and RADIUS ID for each attribute.
Command Information Platforms All platforms 859| show aaa radius-attributes Licensing Base operating system Command Mode Enable or Config mode on master or local controllers. Dell Networking W-Series ArubaOS 6.5.
show aaa rfc-3576-server show aaa rfc-3576-server statistics udp-port Description Show configuration details for an RFC-3576 server, which is a RADIUS server that can send user disconnect, session timeout and change-of-authorization (CoA) messages, as described in RFC 3576. Syntax Parameter Description IP address of an RFC-3576 server statistics View detailed connection and authentication information for all RFC 3575 servers. udp-port Show the configured RFC3576 server port.
Disconnect Rejects No Secret No Session ID Bad Authenticator Invalid Request Packets Dropped Unknown service CoA Requests CoA Accepts CoA Rejects No permission 1 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 2 0 0 0 0 0 Packets received from unknown clients: 0 Packets received with unknown request: 0 Total RFC3576 packets Received : 0 The output of the show aaa rfc-3576-server statistics command includes the following parameters: Parameter Description Disconnect Requests Number of disconnect requests sent by the ser
Related Commands Command aaa rfc-3576-server Description Mode Define RFC 3576 server profiles. Config mode Command History This command was introduced in ArubaOS 3.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show aaa server-group show aaa server-group [|summary] Description Show configuration details for your AAA server groups. Syntax Parameter Description The name of an existing AAA server group. Usage Guidelines Issue this command without the >
Parameter Description name Name of an existing AAA server group. Servers Number of servers in the group. Rules Number of rules configured for the server group. hits Number of hits for the server’s rules. Out-of-Service Indicates whether the server is active, or out of service. Active servers may not have an entry in the Out-of-Service column.
Parameter Match-Op Description This is the match method by which the string in Match-Str is matched with the attribute value returned by the authentication server. l contains – The rule is applied if and only if the attribute value contains the string in parameter Operand. l starts-with – The rule is applied if and only if the attribute value returned starts with the string in parameter Operand.
Parameter Description Action This parameter identifies whether the derivation rule sets a server group role (set role) or a VLAN (set vlan). Value Sets the user role or VLAN ID to be assigned to the client if the rule condition is met. Related Commands Command aaa server-group Description Mode Use aaa server-group to configure the settings displayed in the output of this show command. Config mode Command History This command was introduced in ArubaOS 3.0.
show aaa state ap-group show aaa state ap-group Description Show the names and ID numbers of your AP groups Example This first example shows that the selected controller has two defined AP groups. (host) #show aaa state ap-group AP Group Table -------------Name ID ---- -ap1 ap2 1 2 Related Commands Command aaa server-group Description Mode Use aaa server-group to define the AP groups displayed in the output of this show command Config mode Command History This command was introduced in ArubaOS 3.0.
show aaa state configuration show aaa state configuration Description Display authentication state configuration information, including the numbers of successful and failed authentications. Example This example shows authentication settings and values for a controller with no current users.
Ping/SYN/Session attacks = 0/0/0 The output of the show aaa state configuration command includes the following parameters: Parameter Description Switch IP IP address of the local controller. Master IP IP address of the master controller. Switch Role Role assigned to the controller on which you issued the show aaa state command.
Parameter Description Configured destinations Number of destinations configured using the netdestination command. Configured services Number of service aliases configured using the netservice command. Configured Auth servers Number of configured authentication servers. Auth server in service Number of authentication servers currently in service. Radius server timeouts Number of times the RADIUS server did not respond to the authentication request.
Parameter fast age Per-User Log Description This parameter shows if fast aging of user table entries has been enabled or disabled. When this feature is enabled, if a device comes up on the network with a different IP address, the device's old IP address is immediately deleted. If the user fast-age feature is not configured, the controller retains up to two IPv4 and two IPv6 addresses per device , and these IPs are aged out only when the device becomes inactive.
show aaa state debug-statistics show aaa state debug statistics Description show debug statistics for controller authentication, authorization and accounting. Syntax No parameters.
Parameter Description non-ip Number of non-IP type packets sent between the datapath and the controlpath. zero-ip Number of packets sent without an internet protocol (IP). loopback If 1, the controller has a defined loopback address. If 0, a loopback address has not yet been configured. mac mismatch Number of users that were not authenticated due to MAC mismatches. spoof Number of users that were not authenticated due to spoofed IP addresses.
Parameter Description by the controller. Idled users due STM deauth tunnel Number of users in tunnel forwarding mode that aged out after STM deauthentication, and timer expiration. dtunnel Number of users in decrypt tunnel forwarding mode that aged out after STM deauthentication, and timer expiration. Idled users from STM timeout tunnel Number of users in tunnel forwarding mode that aged out after the STM timer expired.
Parameter Description was received. IPv4 Number of authentication rejects for IPv4 users that were processed after the reject was received. IPv6 Number of authentication rejects for IPv6 users that were processed after the reject was received. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The Mobility Stats parameter was introduced. ArubaOS 6.2 Additional statistics for idled users and user rejects were introduced.
show aaa state log show aaa state log [info] Description Display global log files for AAA events. Syntax Parameter Description info This parameter displays debugging information for internal use only.
Command Information Platforms All platforms 877| show aaa state log Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show aaa state messages Description Display numbers of authentication messages sent and received. Syntax No parameters. Usage Guidelines This command displays a general overview of authentication statistics. To view authentication information for specific profiles such as a captive-portal, MAC or 801.x authentication profile, issue the commands specific to those features. Example The output of this command displays tables of statistics for PAPI, RAW socket and Sibyte messages.
114 126 rand eapkey 1614 1316231 1614 1316231 1612 2632462 1612 2632462 114 rand 2 2 0 0 The output of this command contains the following parameters: Parameter Description Msg ID ID number for the message type. Name Message name. Since last Read Number of messages received since the buffer was last read. Total Total number of message received since the controller was last reset. opcode Code number of the message type.
show aaa state station show aaa state station Description Display AAA statistics for a station. Syntax Parameter Description MAC address of a station. Example The example below shows statistics for a station with four associated user IP addresses. The output of this command shows station data, the AAA profiles assigned to the station, and the station’s authentication method. (host) #show aaa state station 00:21:5c:85:d0:4b Association count = 1, User count = 4 User list = 10.
show aaa state user show aaa state user Description Display statistics for an authenticated user. Syntax Parameter Description IP address of a user. Example The example below shows statics for a user with the IP address 10.1.10.11. The output of this command shows user data, the user’s authentication method. and statistics for assigned roles, timers and flags. (host) #show aaa state user 10.1.10.11 Name: MYCOMPANY\tsenter, IP: 10.1.10.
show aaa tacacs-accounting Description Show TACACS accounting configuration. Syntax No parameters. Example The example below shows that TACACS accounting has been enabled, and that the TACACS server is in the server group acct-server.
show aaa timers Description Show AAA timer values. Syntax No parameters Example The example below shows that the controller has all default timer values: (host) #show aaa timers User idle timeout = 6 minutes Auth Server dead time = 10 minutes Logon user lifetime = 5 minutes Related Commands Command aaa timers Description Mode Use aaa timers to define the settings displayed in the output of this show command. Config mode Command History This command was introduced in ArubaOS 3.0.
show aaa web admin-port show aaa web admin-port Description Show the port numbers of HTTP and HTTPS ports used for web administration. Syntax No parameters. Example The example below shows that the controller is configured to use HTTPS on port 4343 or 443, and HTTP on port 8888. (host) #show aaa web admin-port https port = 4343 http port = 8888 Command History This command was introduced in ArubaOS 3.0.
show aaa xml-api server show aaa xml-api server [] Description Show a list of XML servers used for authentication, authorization and accounting. Syntax Parameter Description IP address of an XML API server. Include this parameter to see if a secret key is configured for the specified server. Example The output of this command shows that the controller has two configured XML API servers that are each referenced by two different AAA profiles.
show aaa xml-api statistics show aaa xml-api statistics Description Display statistics for an external XML API server. Syntax Parameter Description IP address of XML API server. Usage Guidelines Issue this command to troubleshoot AAA problems and monitor usage on an XML server. Example The example below shows AAA statistics for an external XML server with the IP address 10.1.2.3. This command shows the number of times that a particular event has occurred per client.
Parameter Description user_authenticate Number of users authenticated on the XML server since the last controller reboot. user_add Number of users added to the controller’s user table. user_delete Number of users removed from the controller’s user table. user_blacklist Number of denied user association requests. user_query Number of user queries performed. unknown user Number of unknown users. unknown role Number of unknown user roles.
Parameter Description missing MAC address Number of XML commands with a missing MAC address. Packets received from unknown clients Number of packets received from unknown clients. Packets received with unknown request Number of packets received with unknown request Requests Received/Success/ Failed Total number of requests received / number of successful requests / number of failed requests Command History This command was introduced in ArubaOS 3.0.
show acl ace-table show acl ace-table {ace <0-1999>}|{acl <1-2700>} Description Show an access list entry (ACE) table for an access control list (ACL). Syntax Parameter Description ace <0-1999> Show a single ACE entry. acl <1-2700> Show all ACE entries for a single ACL. Example The following example shows that there are eighteen access control entries for ACL 1.
show acl acl-table show acl acl-table <1-2700> Description Display information for a specified access control list (ACL). Syntax Parameter Description acl-table <1-2700> Specify the number of the ACL for which you want to view information. Example The following example displays the ACL table for the controller.
Parameter Description software from other vendors. This ACL permits or denies traffic based on the source address of the packet. ACE Index Starting index entry for the ACL’s access control entries ACE count Number of access control entries in the ACL Name Name of the access control list Applied Number of times the ACL was applied to a role. Total free ACE entries The total number of free ACE entries.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show acl hits show acl hits Description Show internal ACL hit counters. Syntax No parameters. Usage Guidelines Issue this command to see the number of times an access control list defined a user’s role, or traffic and firewall policies for a user session. Example In the example below, the output of the User Role ACL Hits table is shown in two separate tables to allow the output to fit on a single page of this document.
------------ACL ACE New Hits --- --- -------5 22 Total Hits ---------- Index ----0 The output of this command includes the following information: Parameter Description Role Name of the role assigned by the ACL. Policy Name of the policy used by the ACL Src The traffic source, which can be one of the following: Dst Service Action 894| show acl hits l : Name of a user-defined alias for a network host, subnetwork, or range of addresses. l any: match any traffic.
Parameter Description Dest/Opcode The datapath destination ID. New Hits Number of ACL hits that occurred since this command was last issued. Total Hits Total number of ACL hits recorded since the controller last reset. Index Index number of the ACL. ACL ACL number ACE ACE number New Hits Number of times the ACL was applied since this command was last issued. Total Hits Number of times the ACL was applied since the controller was last reset. Index Index number of the ACL.
show activate-service-whitelist show activate-service-whitelist Description This command displays the profile that allows the controller to synchronize its remote AP whitelist with the Dell Activate cloud-based services. Syntax No parameters. Usage Guidelines Use this command to view the credentials the controlleruses to synchronize the remote AP whitelist with an Activate server.
show adp config show adp config Description Show Aruba Discovery Protocol (ADP) configuration settings. Syntax No parameters. Example The following example shows that the controller has all default settings for ADP.
show adp counters show adp counters Description Show Aruba Discovery Protocol (ADP) counters. Syntax No parameters. Example The following example shows the ADP counter table for the controller. (host) #show adp counters ADP Counters -----------key value ------IGMP Join Tx 1 IGMP Drop Tx 0 ADP Tx 0 ADP Rx 0 The output of this command includes the following parameters: Parameter Description IGMP Join Tx Number of Internet Group Management Protocol (IGMP) join requests sent by the controller.
show airgroup show airgroup active-domains aps blocked-queries {dlna|mdns} blocked-service-id {dlna|mdns} cache entries {dlna|mdns|static} cppm {entries | server-group} cppm-server {aaa | query-interval | radius statistics | rfc3576 statistics} domain global-credits internal-state statistics {dlna|mdns} multi-controller-table servers {dlna | mdns | verbose} status users {dlna|mdns|verbose} vlan Description This command displays AirGroup global settings, domain, active-domain, and more AirGroup configuratio
Parameter Description l static - This command displays the AirGroup static cache entries. For more information, see show airgroup cache entries cppm {entries|server-group} l cppm entries: This command displays information for devices registered in ClearPass Policy Manager (CPPM). l cppm server-group: This command displays AirGroup CPPM server group defined in the controller.
Parameter Description l Verbose - This command displays the AirGroup server (Apple TV, AirPrint Printer) status in the controller. For more information, see show airgroup servers on page 925 status This command displays the current status of the AirGroup configuration and AirGroup services configured on the controller. For more information, see show airgroup status on page 928 users l dlna - This command displays the DLNA users. {dlna|mdns|verbose} l mdns - This command displays the mDNS users.
----------------------------Status -----Enabled AirGroup IPV6 Support --------------------Status -----Disabled AirGroup Service Information ---------------------------Service Status -----------airplay Enabled airprint Enabled itunes Disabled remotemgmt Disabled sharing Disabled chat Disabled googlecast Disabled DIAL Enabled DLNA Media Enabled DLNA Print Disabled allowall Disabled Use the following command to display the IP address of all the controllers participating in an AirGroup multi controller environ
Command History: Release ArubaOS 6.3 ArubaOS 6.3.1 ArubaOS 6.4 Modification Command introduced. The unsolicited-responses-received parameter was deprecated.
show airgroup active-domains show airgroup active-domains Description This command displays a list of AirGroup active-domains configured. Syntax No parameters.
show airgroup blocked-queries show airgroup blocked-queries [mdns|dlna] Description This command displays the service ID that was queried but not available in the AirGroup service table. Syntax Parameter Description Range Default mdns Specifies the mDNS blocked queries. — — dlna Specifies the DLNA blocked queries.
Command History: Release ArubaOS 6.3 Modification Command introduced. Command Information Platforms All platforms 906| show airgroup blocked-queries Licensing Base operating system Command Mode Enable or Config mode Dell Networking W-Series ArubaOS 6.5.
show airgroup blocked-service-id show airgroup blocked-service-id [mdns|dlna] Description This command displays the list of blocked services. Syntax Parameter Description Range Default mdns Specifies the mDNS blocked services. — — dlna Specifies the DLNA blocked services. — — Example The airgroup service disable command disables an AirGroup service by blocking the service IDs for that service.
Command History: Release ArubaOS 6.3 Modification Command introduced. Command Information Platforms All platforms 908| show airgroup blocked-service-id Licensing Base operating system Command Mode Enable or Config mode Dell Networking W-Series ArubaOS 6.5.
show airgroup cache entries show airgroup cache [mdns|dlna|static] Description This command displays the AirGroup mDNS and DLNA resource records in cache in a controller: Syntax Parameter Description Range Displays the AirGroup mDNS and DLNA resource records in the cache. Default — — mdns Displays the mDNS cache entries. — — dlna Displays the DLNA cache entries. — — static Displays static cache entries.
Column Description Name Displays the name of the Service ID. Type Displays the type of mDNS or DLNA record. Class Displays the class of the record. This is usually IN. TTL Displays the time to live value of the service ID in seconds. Origin Displays the source IP of the AirGroup server. Expiry Displays the expiry period of the mDNS or DLNA record in seconds. Last Update Displays the time stamp of the last cache update. Command History: Release ArubaOS 6.3 Modification Command introduced.
show airgroup cppm show airgroup cppm {|} Description This command displays the information for devices registered in ClearPass Policy Manager. Syntax Parameter Description Displays the CPPM registration information. Displays the Server Group information.
Column Description Device Displays the MAC address of the AirGroup device. device-owner Displays the user name of the AirGroup device. shared location-id AP-name Displays the location ID based on an AP name. NOTE: The geographical location of AirGroup device can be tracked with respect to its RF neighbors. AirGroup devices connected to APs can be located based on nearby APs.
show airgroup cppm-server show airgroup cppm-server {||radius |rfc3576 } Description This command displays the information for devices registered in ClearPass Policy Manager. Syntax Parameter Description Range Default cppm-server Displays the ClearPass Policy Manager server information. — — Displays the data for the ClearPass Policy Manager servers.
Name ---cppm Inservice --------Yes trim-FQDN --------No match-FQDN ---------- The output of this command includes the following parameters: Column Description Device Displays the MAC address of the AirGroup device. device-owner Displays the user name of the AirGroup device. shared location-id AP-name Displays the location ID based on an AP name. NOTE: The geographical location of AirGroup device can be tracked with respect to its RF neighbors.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show airgroup domain show airgroup domain Description This command displays a list of AirGroup domains configured. Syntax No parameters. Example Use this command to view a list of AirGroup domains configured: (host) #show airgroup domain AirGroup Domains ---------------Name Description -------------Campus1 AirGroup_campus1 Campus2 AirGroup_campus2 IP-Address ---------10.15.121.240 11.11.11.1 9.9.9.1 8.8.8.
| show airgroup domain Dell Networking W-Series ArubaOS 6.5.
show airgroup internal-state statistics show airgroup internal-state [mdns|dlna] Description This command displays the statistics of packets sent and received per second by a controller: Syntax Parameter Description Range Default statistics Displays the Packets sent and received. — — dlna Displays the DLNA statistics. — — — — Displays the mDNS statistics.
------ ----------------------- ---------- -------------------- --------7 app 0 6 0 0 193 N/A 859 2985 214 619 Rx Request N/A N/A 71 318 Rx Response N/A N/A 143 301 Tx Request-Refresh 0 1 N/A N/A Tx Request-discovery 55 300 N/A N/A Tx Request-wildcard 0 0 N/A N/A Tx Response-Solicited 0 0 N/A N/A Tx Response-Solicited-Fragment 0 0 N/A N/A Tx Response-Unsolicited 0 0 N/A N/A Sibyte DLNA Messages -------------------Opcode Name Sent Since Last Read Sent Total Recv Since Last Read Recv Total ------ -------------
Query - resp pkt gen & send 453 2537 1437 1149 Query - Response packet send 4739 28569 549 552 Query 8806 40946 2162 1184 MDNS Multi-controller Cluster Messages -------------------------------------Type Sent Since Last Read Sent Total Recv Since Last Read Recv Total ----------------------- ---------- -------------------- ---------Unicast Response with tag 0 0 0 0 Request with tag 66 311 5 7 Raw Response 0 0 0 0 DLNA Multi-controller Cluster Messages -------------------------------------Type Sent Since Last
show airgroup global-credits show airgroup global credits Description This command displays the current and user configured global tokens assigned to query and response packets. Syntax No parameters. Example In an AirGroup network, AirGroup devices generate excess mDNS query and response packets. Using airgroup global-credits command, the AirGroup controller restricts these packets by assigning tokens. The controller processes these mDNS packets based on this token value.
Command History: Release ArubaOS 6.3 Modification Command introduced. Command Information Platforms All platforms 922| show airgroup global-credits Licensing Base operating system Command Mode Enable or Config mode Dell Networking W-Series ArubaOS 6.5.
show airgroup multi-controller-table show airgroup multi-controller-table [mdns|dlna] [verbose] Description This command displays the IP address of all the controllers participating in an AirGroup multi-controller environment. Syntax Parameter Description Range Default mdns Displays the mDNS statistics. — — dlna Displays the DLNA statistics. — — verbose Displays additional information in a tabular format.
Table 8: show airgroup multi-controller-table Column Description IP-Address Displays the IP address of all the controllers participating in an AirGroup multi-controller environment. Type Displays the type of record. Request with Tag Tx Displays the number of AirGroup multi-controller queries transmitted with meta-tag information by the controller to other controllers in its multi-controller domain.
show airgroup servers show airgroup servers [mdns|dlna] [verbose] Description This command displays the status of the AirGroup server (Apple TV, AirPrint Printer, Google ChromeCast, and so on) in a controller: Syntax Parameter Description Range Default mdns Displays the mDNS servers. — — dlna Displays the DLNA servers. — — verbose Displays additional information in a tabular format.
Column Description Host Name Displays the host name of the AirGroup server. Service Displays the AirGroup service hosted by the server. VLAN Displays the VLAN ID of the AirGroup server. Wired/Wireless Indicates if the AirGroup server is connected to a Wired LAN or Wireless LAN. NOTE: The column displays Wired when the server is connected to an untrusted wired port. When the server is connected to a trusted wired port, the column displays N/A. Role Displays the user role of the AirGroup server.
Command History: Release ArubaOS 6.3 Modification Command introduced. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show airgroup status show airgroup status Description This command displays the global settings of the AirGroup configuration and AirGroup services configured in the WLAN controller. Syntax No parameters. Example Issue this command to view the global settings of the AirGroup configuration and AirGroup services configured in the WLAN controller.
airprint itunes remotemgmt sharing chat googlecast DIAL DLNA Media DLNA Print allowall test airplay Enabled Disabled Disabled Disabled Disabled Disabled Enabled Enabled Disabled Enabled Enabled Enabled The output of this command includes the following parameters: Column Description AirGroup Feature Status Displays the status of AirGroup in the controller. AirGroup - MDNS Feature Displays the status of mDNS. AirGroup - DLNA Feature Displays the status of DLNA.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show airgroup users show airgroup users [mdns|dlna] [verbose] Description This command displays the user table. Syntax Parameter Description Range Default mdns Displays the mDNS users. — — dlna Displays the DLNA users. — — verbose Displays additional information in a tabular format.
Column Description AP-Name Displays the AP name to which the AirGroup user is connected. Rec-dropped Displays the number of queries dropped from the AirGroup user. Rec-filtered Displays the number of queries filtered as a result of the policies. Rec-responded Displays the number of queries responded from the AirGroup user. Last-query Displays the time stamp of the last query received.
show airgroup vlan show airgroup vlan Description This command displays the status of the disallowed AirGroup VLANs. Syntax No parameters. Example The following example displays the status of the disallowed AirGroup VLANs: (host) #show airgroup vlan VLAN Table ---------Vlan-Id IP-Address ---------------1 10.15.121.240 2 0.0.0.0 3 10.15.121.240 4 10.15.121.
show airgroupservice show airgroupservice [dlna|mdns] [verbose] Description This command displays the service details of all AirGroup services in the controller. Syntax Parameter Description Range Default airgroupservice This command displays the service details of all AirGroup services in the controller. — — mdns Displays the mDNS services. — — dlna Displays the DLNA services. — — — — Displays additional services information in a tabular format.
sharing Sharing Disabled chat googlecast DIAL Chat GoogleCast supported by Chromecast etc DIAL supported by Chromecast,FireTV,Roku etc Disabled Disabled Enabled DLNA Media Media Disabled -----text removed for brevity-------- DLNA Print Print Disabled allowall Remaining-Services Disabled Disallowed-VLAN --------------- ID -_odisk._tcp _afpovertcp._tcp _xgrid._tcp _presence._tcp _googlecast.
Command History: Release Modification ArubaOS 6.3 Command introduced. ArubaOS 6.4 mDNS and DLNA parameters were introduced. ArubaOS 6.4.1 l The Chromecast service was renamed to DIAL. l The googlecast service was introduced. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap active show ap active [ap-name |{arm-edge dot11a|dot11g|voip-only}|dot11a|dot11g|essid |ip-addr |ip6-addr |{type access-point|air-monitor|(sensor dot11a|dot11g|voip-only)}|voip-only Description Show all active APs registered to a controller. Syntax Parameter Description ap-name View data for an AP with a specified name. arm-edge Show the state of ARM edge APs. counters Show the counters. dot11a Show 802.11a radio information. dot11g Show 802.
Usage Guidelines This command displays details for all active APs on the controller. If an AP on your network does not appear in this table, it may have been classified as an inactive AP for any of the following reasons: l The AP is configured with a missing or incorrect VLAN. (For example, the AP is configured to use a tunneled SSID of VLAN 2 but the controller doesn't have a VLAN 2.) l The AP has an unknown AP group. l The AP has a duplicate AP name.
Column Description Name Name of an AP Group The AP is associated with this AP group. IP address IP address of the AP, in dotted decimal format. 11g Clients Number of 802.11g clients using the AP. 11g Ch/EIRP/MaxEIRP 802.11g radio channel used by the AP/current effective Isotropic Radiated Power (EIRP) /maximum EIRP. 11a Clients Number of 802.11a clients using the AP. 11a Ch/EIRP/MaxEIRP 802.11a radio channel used by the AP/current EIRP/maximum EIRP. AP Type AP model type.
Column Description l o = Provisioned as outdoor l r = 802.11r Enabled l Q = DFS CAC timer running Uptime Number of hours, minutes and seconds since the last controller reboot or bootstrap, in the format hours:minutes:seconds. Outer IP The outer IP address of a remote AP (RAP) is used to establish an IPsec VPN tunnel to the terminating master controller. The RAP acquires an outer IP address from the locally connected network, usually via DHCP.
show ap-group show ap-group [] Description Show settings for an AP group. Syntax Parameter Description The name of an AP group. Usage Guidelines Issue this command without the optional parameter to display the entire AP group list, including profile status for each profile. Include an AP group name to display detailed configuration information for that AP group profile. Example This first example shows that the controller has nine configured AP groups.
Ethernet interface 0 link profile Ethernet interface 1 link profile AP system profile VoIP Call Admission Control profile 802.11a Traffic Management profile 802.
Parameter Description Mesh Radio profile Mesh radio profile assigned to the AP group. Mesh Cluster profile Mesh cluster profile assigned to the AP group. Related Commands Configure AP group settings using the command ap-group. Command History This command was available in ArubaOS 3.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap-name show ap-name [] Description Show a list of AP names. Include the parameter to display detailed configuration information for that AP. Syntax Parameter Description The name of an AP. Example This first example shows that the controller has eight registered APs. The Name column lists the names of each registered AP. Note that APs are all user-defined, so they will not have an entry in the Profile Status column.
Parameter Description Virtual AP Virtual AP profile that which configures a specified WLAN. Excluded Virtual AP Excludes the specified mesh cluster profile from this AP. 802.11a radio profile Profile that defines 802.11a radio settings for the AP. 802.11g radio profile Profile that defines 802.11g radio settings for the AP. Wired AP profile Profile that defines wired port settings for APs assigned to the AP.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap allowed-channels show ap allowed-channels ap-name country-code [ap-type ] ip-addr Description This command shows the allowed channels on a specific AP or country code. Syntax Parameter Description ap-name Name of an AP. country-code [ap-type ] Specify a country code to display allowed channels for that country.
Command History Introduced in ArubaOS 3.0. Command Information Platforms All platforms 948| show ap allowed-channels Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ap ap-group show ap ap-group {ap-name |bssid |ip-addr } Description Show the AP group settings for an individual AP. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID). An AP’s BSSID is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address. Enter the IP address in dotteddecimal format.
Related Commands Command ap-group Description Mode Configure your AP groups and AP group profiles. Config mode Command History Introduced in ArubaOS 3.0. Command Information Platforms All platforms 950| show ap ap-group Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap arm client-match history show ap arm client-match history advanced client-mac Description If the client match feature is enabled, the output of this command shows the history of AP association changes triggered by the client match feature.
Parameter Description l Sticky: A mobile roaming client was staying associated (sticking) to a suboptimal AP for too long. l Band steer: A dual-band capable client was steered toward a 5Ghz radio on a dual-band AP. l Band Balance: A dual-band capable client was steered toward a different radio to balance the load between the two radios on a single AP.
2014-05-13 16:30:08 f8:f1:b6:03:0d:ff Band-steer Success/1 -35/-50/-50 35/-50/-50 21/21/21 2.4G/5G/5G 6c:f3:7f:e7:2d:40/6c:f3:7f:e7:2d:50/6c:f3:7f:e7:2d:50 ap225/ap225/ap225 jxie2/jxie2 - The output of this command includes the following additional parameters: Parameter Eff_Signal (S/T/A) EIRP (S/T/A) Essid (S/A) Description The output of this column shows the following values: l S: The relative received signal strength indicator (RSSI) of the source AP radio.
Command History Version Description ArubaOS 6.3 Command Introduced ArubaOS 6.4.3.0 The following output parameters were introduced: l Station l Status/Roam Time/Mode l Signal l Band l Radio BSSID l AP Name The advanced parameter was introduced. Command Information Platforms All platforms 954| show ap arm client-match history Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap arm client-match neighbors show ap arm client-match neighbors ap-name ip-addr ip6-addr Description If the client match feature is enabled, the output of this command displays the BSSID of other APs seen by clients in the select AP's RF neighborhood. Syntax Parameter Description ap-name View neighboring clients for an AP with a specified name ip-addr View neighboring clients for an AP with a specified IP address.
Parameter Description ted Last heard Date and time at which the AP last heard from the client Related Commands Use the following command to enable the client match feature: l rf arm-profile client-match The following commands display additional statistics for the client match feature: l show ap arm client-match probe-report l show ap arm client-match restriction-table l show ap arm virtual-beacon-report l show ap arm client-match unsupported l show ap arm client-match summary l show ap arm
show ap arm client-match Pending show ap arm client-match pending Description This parameter filters and displays only the pending client-match entries where the moves have not been completed. Example The following command displays information on the Client Match pending.
Parameter Signal (S/T/A) Band (S/T/A) Radio BSSID (S/T/A) AP Name (S/T/A) Description The output of this column shows the following values: l S: Radio signal strength of the source AP l T: Radio signal strength of the target AP l A: Radio signal strength of the AP that the client is actually associated to The output of this column shows the following values: l S: Radio frequency band of the source AP (e.g. 2.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap arm client-match probe-report show ap arm client-match probe-report ap-name ip-addr ip6-addr assoc phy-type 802.11a|802.11b|80211g Description If the client match feature is enabled, the output of this command displays the client probe report for the specified AP. Syntax Parameter ap-name Description Name of the AP for which you want to view a client report. ip-addr IPv4 address of an AP for which you want to view a client probe report.
22:33:44:55:66:77 c8:f7:33:29:82:db ac:81:12:59:5c:12 00:24:d7:40:bb:b0 00:1a:73:15:8c:5f 50 41 32 31 32 0 0 0 0 0 6 60 50 58 57 9 9 9 9 9 Wed Wed Wed Wed Wed Apr Apr Apr Apr Apr 10 10 10 10 10 01:21:29 01:20:35 01:20:45 01:20:37 01:20:38 2013 2013 2013 2013 2013 The output of this command includes the following parameters: Parameter Description Client MAC AP name of the AP from which the client can detect a signal.
show ap arm client-match restriction-table show ap arm client-match restriction-table ap-name ip-addr ip6-addr Description If the client match feature is enabled, the output of this command displays the list of clients that the client match feature has restricted from the specified AP.
Time since last restriction(sec) -------------------------------3866 Radio Bssid ----------00:1a:1e:89:c0:c0 The output of this command includes the following parameters: Parameter Description Client MAC Displays the MAC address of the client that Client Match is attempting to steer. Time last restricted Displays the date and time at which the client was last steered in the vicinity of this radio.
Command History Release ArubaOS 6.3 ArubaOS 6.4.1.0 Modification Command introduced. Following parameters were introduced: l PS deauth l Probe(home/scan/bc_ssid) l Auth(home/scan) l Radio Bssid The following parameters were modified: l Time last restricted l Restricted(Cur/Last) l Time since last restricted Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap arm client-match summary show ap arm client-match summary [client-mac ]|[advanced] Description If the client match feature is enabled, the output of this command shows the history of AP association changes triggered by the client match feature. Syntax Parameter Description client-mac MAC address of a client for which you want to view a history of AP association changes triggered by the client match feature. advanced Display advanced debugging information.
Parameter Bandsteer Moves(T/S) Load Balance Moves (T/S) VHT Steer Moves(T/S) Moves(T/S) Last Move Description The output of this column shows the following two values: l T: Total number of times the client match feature attempted to steer a dual-band client to a 5GHz radio. l S: Number of times the client match feature successfully moved a dualband client to a 5GHz radio.
Parameter Description l T: Total number of times the client match feature attempted to move an AP to a different radio using the dot11v BSS transition management request. l S: Number of times the client match feature successfully moved an AP to a different radio using the dot11v BSS transition management request. l R: Number of times the dot11v BSS transition management request was rejected. l TO: Number of times the dot11v BSS transition management request timed out.
Command History Version Description ArubaOS 6.3 Command Introduced. ArubaOS 6.4.3.0 Introduced the following output parameters: l VHT Steer Moves l Moves l 11v Moves Command Information Platforms All platforms 968| show ap arm client-match summary Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap arm client-match unsupported show ap arm client-match unsupported Description If the client match feature is enabled, the output of this command displays a list of clients that failed to be steered to a more optimal AP, and the reason the initial steering request was triggered,. Syntax No parameters. Usage Guidelines The controller also keeps track of the number of times the client match feature failed to steer a client to a different radio, and the reason that each steer attempt was triggered.
Parameter Description Last Steer Time Timestamp showing the date and time the client match feature failed to associate the client to a different AP radio. Expiry Time The amount of time before a client steer attempt expires. Total steers/successful The total number of client steer attempts, and the number of successful client steer attempts.
show ap arm history show ap arm history {ap-name }|{bssid }|{ip-addr } Description For each interface on an AP, show the history of channel and power changes due to Adaptive Radio Management (ARM). Syntax Parameter Description ap-name Show ARM history for an AP with a specific name. bssid Show ARM history for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
I: Interference, R: Radar detection, N: Noise exceeded, Q: Bad Channel Quality E: Error threshold exceeded, INV: Invalid Channel, G: Rogue AP Containment, M: Empty Channel, P+: Increase Power, P-: Decrease Power, 40INT: 40MHZ intol detected on 2.4G, NO40INT: 40MHz intol cleared on 2.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.5 The Result column was introduced to the output of this command to indicate the status of the requested change in channel or EIRP by ARM. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap arm neighbors show ap arm neighbors {ap-name }|{bssid }|{ip-addr } Description Show the ARM settings for an AP’s neighbors. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID). An AP’s BSSID is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address. Enter the IP address in dotteddecimal format.
Parameter Description BSSID BSSID of the discovered radio of the AP. ESSID ESSID of the discovered radio of the AP or source BSSID through which the neighbor is discovered. Channel Channel of operation of the discovered radio of the AP. SNR Signal to noise ratio of the discovered radio of the AP. Tx-power Transmitter power of the discovered radio of the AP (if known).
show ap arm rf-summary show ap arm rf-summary {ap-name }|{bssid }|{ip-addr } [verbose] Description Show the state and statistics for all channels being monitored by an individual AP. Syntax Parameter Description ap-name Show channel data for an AP with a specific name. bssid Show channel data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
40MHz 80MHz 80MHz 160MHz 132-136 52-64 100-112 36-64 Interface Name Current ARM Assignment Covered channels a/g Free channels a/g ARM Edge State Last check channel/pwr Last change channel/pwr Next Check channel/pwr Assignment Mode Interface Name Current ARM Assignment Covered channels a/g Free channels a/g ARM Edge State Last check channel/pwr Last change channel/pwr Next Check channel/pwr Assignment Mode 0 0 0 0 :wifi0 :161-/21 :1/0 :3/0 :disable :7m:13s/22s :32m:22s/10h:15m:40s :33s/4m:43s :Single Band
Parameter Description l Metric value “d” is the interference the AP’s neighbors see on the adjacent channel. l To calculate the total Interference Index for a channel add “a+b+c+d”. Interface Name Name of the fastethernet or gigabit Ethernet interface Current ARM Assignment Current channels assigned by the AP’s ARM profile. Target Coverage Index Ideal value of coverage index an AP tries to achieve on its channel.
show ap arm scan-times show ap arm scan-times {ap-name |bssid |ip-addr } Description Shows channel scan times for an individual AP and information on the channel being scanned. Syntax Parameter Description ap-name Show channel scan data for an AP with a specific name. bssid Show channel scan data for a specific Basic Service Set Identifier (BSSID) on an AP. ip-addr Show channel scan data for an AP with a specific IP address.
Aggressive 11 3+ 181658:0:100:100 Group Scan Time ----------------channels assign-time(ms) timer-tick ------------------------------34 113960 183544 36,40,44,48 3184390 183711 38 114070 183575 42 114070 183591 0 180855370 180855960 (163) scans-attempted scans-rejected scans-deferred group-width --------------- -------------- -------------- ----------- 1036 0 0 20MHz 28949 0 0 80MHz 1037 0 0 20MHz 1037 0 0 20MHz The output of this command includes the following parameters: Para
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.4.3.0 The following parameters were introduced under Group Scan Times: l channels l assign-time (ms) l scans-attempted l scans-rejected l scan-deferred l group-width l timer-tick Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap arm split-scan-history show ap arm split-scan-history {ap-name |bssid |ip-addr } Description Show scanning information for a "split-scan", where ARM performs an additional scans on each channel within a 40 MHz channel pair or 80 MHz channel set. Syntax Parameter Description ap-name Show scan data for an AP with a specific name. bssid Show scan data for a specific Basic Service Set Identifier (BSSID) on an AP.
Command History Introduced in ArubaOS 6.3.1 Command Information Platforms All platforms 983| show ap arm split-scan-history Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap arm state show ap arm state [ap-name |dot11a|dot11g|ip-addr ] Description Display Adaptive Radio Management (ARM) information for an individual AP’s neighbors, or show all available data for any neighboring AP using an 802.11a or 802.11g radio type. Syntax Parameter Description ap-name Show aggregate ARM Neighbor Information for a specific AP. dot11a Show aggregate ARM Neighbor Information for all APs using an 802.11a radio.
Column Description SNR Signal-to-noise (SNR) ratio. SNR is the power ratio between an information signal and the level of background noise. Assignment The AP’s current channel assignment.
show ap arm status show ap arm status {ap-name }|{bssid }|{ip-addr } Description Issue this command under the supervision of Dell support to display detailed debugging Adaptive Radio Management (ARM) information and ARM status counters for an individual AP. Syntax Parameter Description ap-name Show ARM status for an AP with a specific name. bssid Show ARM status for a specific Basic Service Set Identifier (BSSID) on an AP.
show ap arm virtual-beacon-report show ap arm virtual-beacon-report ap-name ip-addr ip6-addr phy-type 80211a|80211b|80211g Description If the client match feature is enabled, the output of this command displays the virtual beacon report for an AP with a specific IP or MAC address. Syntax Parameter Description ap-name Name of an AP for which you want to view a virtual beacon report.
9c:1c:12:fe:13:50 9c:1c:12:fe:0f:d0 9c:1c:12:fd:f7:b0 6c:f3:7f:e7:5a:b0 9c:1c:12:fd:f2:30 9c:1c:12:fd:f7:a0 9c:1c:12:fd:f2:20 9c:1c:12:fe:13:40 52 52 44 60 60 1 1 1 -73 -74 -49 -73 -69 -55 -65 -68 21 24 20 12 12 12 12 12 Y The output of this command includes the following parameters: Parameter Description AP MAC address of the AP from which the client can detect a signal Channel Channel on which the signal was deteched Signal Signal strength, in dBm, of the probe request received from Client EI
Command History Version Description ArubaOS 6.3 Command Introduced. ArubaOS 6.4.3.0 The following output parameters were introduced: l Active Voice l Steerable l Dual-Network Capable l VHT-Capable l EIRP Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap association show ap association [ap-name |ap-group |bssid |channel |client-mac |essid |ip-addr |ip6-addr |phy {a|b|g}|voip-only] Description Show the association table for an AP group or for an individual AP. Syntax Parameter Description ap-group Show AP associations for a specific AP group. You can also include the channel, essid or voip-only keywords to further filter the output of this command.
currently associated with that AP. Alternately, if the client is not currently associated, the AP with the smallest value of association time is the last AP used by the client. Example Use the show ap association client-mac command to verify that a user has associated with an AP, or to determine last AP to which the client was connected. The output of this command in the example below shows the association table for the client with the MAC address 00:13:fd:5c:7c:59.
Column Description 1-int Number of beacons in the 802.11 listen interval. There are ten beacons sent per second, so a ten-beacon listen interval indicates a listen interval time of 1 second. essid Name that uniquely identifies the AP’s Extended Service Set Identifier (ESSID). vlan-id Identification number of the AP’s VLAN. tunnel-id Identification number of the AP’s tunnel. assoc. time Amount of time the client has associated with the AP, in the format hours:minutes:seconds.
show ap association remote show ap association remote [ap-name |ap-group |bssid |channel |essid Description Display the association table for an individual AP or group of APs in bridge mode. Syntax Parameter Description ap-name Show AP associations for a specific remote AP. ap-group Show AP associations for a specific group of remote APs. bssid Show the AP associations for an specific AP Basic Service Set Identifier (BSSID).
Column Description bssid The AP Basic Service Set Identifier (BSSID) mac MAC address of the AP auth This column displays a y if the AP has been configured for 802.11 authorization frame types. Otherwise, it displays an n. assoc This column displays a y if the AP has been configured for 802.11 association frame types. Otherwise, it displays an n. aid 802.11 association ID. A client receives a unique 802.11 association ID when it associates to an AP. 1-int Number of beacons in the 802.
show ap authorization-profile show ap authorization-profile [] Description This command shows information for AP authorization profiles. Syntax Parameter Description The name of an an existing AP authorization profile. Usage Guidelines The AP authorization profile specifies which configuration should be assigned to a remote AP that has been provisioned but not yet authenticated at the remote site.
Parameter Value AP authorization group Name of a configuration profile to be assigned to the group unauthorized remote APs. Related Commands Command ap authorization-profile Description Mode This command defines a temporary configuration profile for remote APs that are not yet authorized on the network. Config mode Command History This command was introduced in ArubaOS 3.0.
show ap blacklist-clients show ap blacklist-clients Description Show a list of clients that have been denied access. Usage Guidelines Use the stm CLI command to add or remove users from a blacklist. Additionally, the dot1x authentication, VPN authentication and MAC authentication profiles allow you to automatically blacklist a client if machine authentication fails. Examples The output of this command shows that the controller has a single user-defined blacklisted client.
Column Description block-time (sec) Amount of time the client has been blocked, in seconds. remaining time(sec) Amount of time remaining before the client will be allowed access to the network again. Related Commands Command Description stm add-blacklist-client stm remove-blacklist-client Mode Manually add or remove clients from a blacklist. Config mode Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.4.1.
show ap bss-table show ap bss-table [ap-name |bssid |counters|essid |ip-addr |ip6-addr |port //|standby>] Description Show an AP’s Basic Service Set (BSS). Syntax Parameter Description ap-name Show the BSS table for a specific AP. bssid Show the BSS table for an specific AP Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Example The output of this command shows the BSS table for the seven active APs using the controller. (host) #show ap bss-table fm (forward mode): T-Tunnel, S-Split, D-Decrypt Tunnel, B-Bridge backup, a-always), n-anyspot Aruba AP BSS Table -----------------bss ess port ip phy type name in-t(s) tot-t mtu acl-state acl fm -------- ---------- ------- --------------- --- -9c:1c:12:fd:ec:e0 qa_testing N/A 172.16.10.20 g-HT ap 0 27d:21h:54m:23s 1578 58 T 9c:1c:12:fd:ec:e1 qa_testing1 N/A 172.16.10.
Column Description ap name Name of the AP. in-t(s) Number of seconds that an AP has been inactive. tot-t An AP’s total active time, in seconds. mtu Maximum Transmission Unit (MTU) size, in bytes. This value describes the greatest amount of data that can be transferred in one physical frame. acl-state An access control list (ACL) can enable or disable an AP during specific time ranges. l Disabled: An ACL with time restrictions is currently disabled (so the AP is enabled).
Command Information Platforms All platforms 1002| show ap bss-table Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap bw-report show ap bw-report {ap-name |bssid |ip-addr } Description Show the bandwidth reporting table for a specific AP. Syntax Parameter Description ap-name Show bandwidth data for an AP with a specific name. bssid Show bandwidth data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description Virtual AP Name of a Virtual AP Allocated Share Maximum percentage of total bandwidth available to that Virtual AP. Actual Share Actual percentage of total bandwidth used by a Virtual AP. Offered Load Attempted throughput for the Virtual AP, in kbps. Delivered Load Actual throughput for the Virtual AP, in kbps. This value may be less than the offered load if the Virtual AP has used all its allocated bandwidth. Average Throughput Average throughput for the virtual AP, in kbps.
show ap client status show ap client status Description Show the current status of a specific client. Syntax Parameter Description MAC address of a client Examples The output of the command shows the status of an individual client in the STA (station) table.
Column Description vlan-id VLAN ID of the VLAN used by the client tunnel-id Identification number for the tunnel state If the client has been both authorized and associated, this data column will display auth-assoc. If the client has only been authorized, this data column will display auth. Reason If the client failed to authenticate, this data column lists the reason code for 802.11 authentication failure Command History Introduced in ArubaOS 3.0.
show ap client trail-info show ap client trail-info [] Description Use this command to show client activity for debugging purposes. Syntax Parameter Description MAC address of the client. Usage Guidelines Use this command to view client activity, including reasons for client deauthentication, the history of how that client moved between different APs, and any alerts or errors encountered by that client.
The output of these commands include the following information: Column Description MAC MAC address of the client BSSID BSSID of the client ESSID ESSID to which the client associated AP-name Name of the AP to which the client associated VLAN VLAN ID of the VLAN to which the client associated. Deauth-reason Reason why the client was deauthorized.
show ap config show ap config {ap-group }|{ap-name }|{essid } Description Show a large list of configuration settings for an ap-group or an individual AP. Syntax Parameter Description ap-group Display configuration settings for an AP group. ap-name Display configuration settings for an AP with a specific name. essid Display configuration settings for an AP with a specific Extended Service Set Identifier (ESSID).
Telnet "default" FIPS enable "default" SNMP sysContact "default" RFprotect Server IP "default" RFprotect Backup Server IP "default" AeroScout RTLS Server "default" RTLS Server configuration "default" Remote-AP DHCP Server VLAN "default" Remote-AP DHCP Server Id "default" Remote-AP DHCP Default Router "default" Remote-AP DHCP Pool Start "default" Remote-AP DHCP Pool End "default" Remote-AP DHCP Pool Netmask "default" Remote-AP DHCP Lease Time "default" Heartbeat DSCP "default" Session ACL "default" Image URL
Parameter Description LMS IPv6 The IPv6 address of the local management switch (LMS)—the Dell controller which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network. Backup LMS IP For multi-controller networks, this parameter displays the IPv4 address of a backup to the IP address specified with the lms-ip parameter.
Parameter Description l off: All LEDs off Master controller IP address For multi-controller networks, this parameter displays the IP address of the master controller. RF Band For dual-band radios, this parameter displays the RF band in which the AP should operate: l g = 2.4 GHz l a = 5 GHz Double Encrypt This parameter applies only to remote APs. Double encryption is used for traffic to and from a wireless client that is connected to a tunneled SSID.
Parameter Description Request Retry Interval Interval, in seconds, between the first and second retries of APgenerated requests. If the configured interval is less than 30 seconds, the interval for subsequent retries is increased up to 30 seconds. Maximum Request Retries Maximum number of times to retry APgenerated requests, including keepalive messages. After the maximum number of retries, the AP either reboots or tries the IP address specified by the backup LMS IP address (if configured).
Parameter Description Remote-AP DHCP Server VLAN Shows the VLAN ID of the remote-AP DHCP server used when controller is unreachable. Remote-AP DHCP Server Id Shows the IP Address of the DHCP DNS Server. Remote-AP DHCP Default Router Shows the IP Address of the DHCP Default Router. Remote-AP DHCP Pool Start Shows the IP Address used as start of DHCP Pool. Remote-AP DHCP Pool End Shows the IP Address used as end of DHCP Pool. Remote-AP DHCP Pool Netmask Shows the netmask of DHCP Pool.
Parameter Description Maintenance Mode Shows if Maintenance mode is enabled or disabled. If enabled, APs stop flooding unnecessary traps and syslog messages to network management systems or network operations centers when deploying, maintaining, or upgrading the network. The controller still generates debug syslog messages if debug logging is enabled. Remote-AP Local Network Access Enable or disable local network access across VLANs in a Remote-AP.
Parameter Description High throughput enable (radio) Shows if high-throughput (802.11n) features on the 2.4 GHz frequency band are enabled or disabled. Channel Shows the channel number for the AP’s 802.11a/802.11n physical layer. Beacon Period Shows the time, in milliseconds, between successive beacon transmissions. The beacon advertises the AP’s presence, identity, and radio characteristics to wireless clients.
Parameter Description If enabled, the controller compares whether or not an AP has more clients than its neighboring APs on other channels. If an AP’s client load is at or over a predetermined threshold as compared to its immediate neighbors, or if a neighboring Dell AP on another channel does not have any clients, load balancing will be enabled on that AP. This feature is disabled by default. Spectrum Load Balancing mode Spectrum Load Balancing Mode allows control over how to balance clients.
Parameter Spectrum load balancing domain Description Define a spectrum load balancing domain to manually create RF neighborhoods. This option creates RF neighborhood information for networks that have disabled Adaptive Radio Management (ARM) scanning and channel assignment. Rx sensitivity tuning based channel reuse l If spectrum load balancing is enabled in a 802.11a radio profile but the spectrum load balancing domain is not defined, ArubaOS uses the ARM feature to calculate RF neighborhoods.
Parameter Description threshold increases, and vice versa. Rx sensitivity threshold l Dynamic mode: In this mode, the Clear Channel Assessment (CCA) thresholds are based on channel loads, and take into account the location of the associated clients. When you set the Channel Reuse This feature is automatically enabled when the wireless medium around the AP is busy greater than half the time.
Parameter Description The default setting for this parameter is level 2. When performance drops due to interference from non-802.11 interferers (such as DECT or Bluetooth devices), the level can be increased up to level 5 for improved performance. However, increasing the level makes the AP slightly “deaf” to its surroundings, causing the AP to lose a small amount of range. The levels for this parameter are: l Level-0: no ANI adaptation. l Level-1: noise immunity only.
Parameter Description Management Frame Throttle Limit Maximum number of management frames that can come from this radio in each throttle interval. ARM/WIDS Override Shows if Adaptive Radio Management (ARM) and Wireless IDS functions are enabled or disabled. If a radio is configured to operate in Air Monitor mode, then these functions are always enabled, regardless of this option. Protection for 802.11b Clients Displays whether or not protection for 802.11b clients is enabled or disabled.
Parameter Description Spectrum Monitoring When this parameter is enabled, it turns an AP in ap-mode into a hybrid AP. An AP in hybrid AP mode will continue to serve clients as an access point while it scans and analyzes spectrum analysis data for a single radio channel. Assignment Displays whether or not ARM channel and power assignment has been enabled or disabled. Allowed bands for 40MHz channels Forty MHz channels may be used on the specified radio bands (802.11a or 802.11g).
Parameter Description Scan Interval This column indicates, in seconds, how often the AP will leave its current channel to scan other channels in the band if scanning is enabled Active Scan Displays whether or not the active scan feature is enabled. NOTE: This option elicits more information from nearby APs, but also creates additional management traffic on the network. Active Scan is disabled by default, and should not be enabled except under the direct supervision of Dell Support.
Parameter Description VoIP Aware Scan Shows if VoIP aware scanning is enabled or disabled. If you use voice handsets in the WLAN, VoIP Aware Scan should be enabled in the ARM profile so the AP will not attempt to scan a different channel if one of its clients has an active VoIP call. This option requires that Scanning is also enabled. Power Save Aware Scan Shows if the power save aware scan is enabled or disabled.
Parameter Description An AP will only move to a new channel if the new channel has a lower interference index value than the current channel. Free Channel Index specifies the required difference between the two interference index values before the AP moves to the new channel. The lower this value, the more likely it is that the AP will move to the new channel.
Parameter Description Load aware Scan Threshold The Load Aware Scan Threshold is the traffic throughput level an AP must reach before it stops scanning. Load aware ARM preserves network resources during periods of high traffic by temporarily halting ARM scanning if the load for the AP gets too high. Mode Aware Arm Shows if the mode-aware ARM feature has been enabled or disabled for this AP. If enabled, ARM will turn the AP into an Air Monitors (AMs) if it detects higher coverage levels than necessary.
Parameter Description Honor 40 MHz intolerance Shows if 40 MHz intolerance is enabled or disabled. If enabled, the radio will stop using the 40 MHz channels if the 40 MHz intolerance indication is received from another AP or station. Legacy station workaround Shows if interoperability for misbehaving legacy stations is enabled or disabled. SSID enable Shows if the SSID is enabled or disabled ESSID Name that uniquely identifies the Extended Service Set Identifier (SSID).
Parameter Description Station Ageout Time Time, in seconds, that a client is allowed to remain idle before being aged out. Max Transmit Attempts Maximum number of retries allowed for the AP to send a frame RTS Threshold Wireless clients transmitting frames larger than this threshold must issue Request to Send (RTS) and wait for the AP to respond with Clear to Send (CTS).
Parameter Description Wireless Multimedia (WMM) Shows if Wireless Multimedia (WMM) is enabled or disabled for this AP. WMM provides prioritization of specific traffic relative to other traffic in the network Wireless Multimedia U-APSD (WMM-UAPSD) Powersave Shows if Wireless Multimedia (WMM) UAPSD powersave is enabled or disabled. WMM TSPEC Min Inactivity Interval Displays the minimum inactivity time-out threshold of WMM traffic for this AP.
Parameter Description Deny_Broadcast Probes When a client sends a broadcast probe request frame to search for all available SSIDs, this option controls whether or not the system responds for this SSID. When enabled, no response is sent and clients have to know the SSID in order to associate to the SSID. When disabled, a probe response frame is sent for this SSID. Local Probe Response Shows if local probe response is enabled or disabled on the AP.
Parameter Description WEP Key 1 Displays the static WEP key (1 of 4). WEP Key 2 Displays the static WEP key (2 of 4). WEP Key 3 Displays the static WEP key (3 of 4). WEP Key 4 Displays the static WEP key (4 of 4). WEP Transmit Key Index Displays the key index that specifies which static WEP key is to be used. WPA Hexkey Displays the WPA preshared key (PSK). WPA Passphrase Displays the WPA passphrase with which the AP generates a preshared key (PSK).
Parameter Description Strict Spectralink Voice Protocol (SVP) Shows if strict Spectralink Voice Protocol (SVP) is enabled or disabled. 802.11g Beacon Rate Sets the beacon rate for 802.11g for APs use a Distributed Antenna System (DAS). Using this parameter in normal operation may cause connectivity problems. 802.11a Beacon Rate Sets the beacon rate for 802.11a for APs use a Distributed Antenna System (DAS). Using this parameter in normal operation may cause connectivity problems.
Parameter Description Min MPDU start spacing Displays the minimum time between the start of adjacent MDPUs within an aggregate MDPU, in microseconds. Supported MCS set Comma-separated list of Modulation Coding Scheme (MCS) values or ranges of values to be supported on this highthroughput SSID. Short guard interval in 20 MHz mode Shows if the AP has enabled or disabled use of short guard interval in 20 MHz mode of operation.
Parameter Legacy stations Description Shows if the AP has enabled or disabled the legacy stations option, which controls whether or not legacy (non-HT) stations are allowed to associate with the AP’s SSID. By default, legacy stations are allowed to associate. NOTE: This setting has no effect on a BSS in which HT support is not available. Allow weak encryption Shows if the AP has enabled or disabled the weak encryption option.
Parameter Forward mode Description Shows the current forward mode (tunnel, bridge, split-tunnel, or decrypttunnel) for the virtual AP. This parameter controls whether 802.11 frames are tunneled to the controller using generic routing encapsulation (GRE), bridged into the local Ethernet LAN (for remote APs), or a combination thereof depending on the destination (corporate traffic goes to the controller, and Internet access remains local).
Parameter HA Discovery on-association Description If enabled, home agent discovery is triggered on client association instead of home agent discovery based on traffic from client. Mobility on association can speed up roaming and improve connectivity for clients that do not send many uplink packets to trigger mobility (VoIP clients).Best practices is to keep this parameter disabled,r as it increases IP mobility control traffic between controllers in the same mobility domain.
Parameter Description Authentication Failure Blacklist Time Shows the time, in seconds, a client is blocked if it fails repeated authentication. If the virtual AP shows a value of 0, a blacklisted client is blocked indefinitely. Fast Roaming Shows if the AP has enabled or disabled fast roaming. Strict Compliance If enabled, the virtual AP denies client association requests if the AP and client station have no common rates defined. Some legacy client stations which are not fully 802.
Parameter Description (Open/PSK/802.1X) bridge VAPs. l standard—Enables the virtual AP when the remote AP connects to the controller. This option can be used for any (bridge/splittunnel/tunnel/d-tunnel) VAPs. Convert Broadcast ARP requests to unicast If this option is enabled, all broadcast ARP requests are converted to unicast and sent directly to the client. You can check the status of this option using the show ap active and the show datapath tunnel command.
Parameter Description VoIP Call Admission Control Shows if WiFi VoIP Call Admission Control features are enabled or disabled. VoIP Bandwidth based CAC Shows the maximum bandwidth that can be handled by one radio, in kbps. VoIP Call Capacity Show the number of simultaneous calls that can be handled by one radio. VoIP Bandwidth Capacity (kbps) Shows the maximum bandwidth that can be handled by one radio, in kbps.
Parameter Description VoIP Drop SIP Invite and send status code (client) VoIP Drop SIP Invite and send status code (server) Displays the status code sent to the client when a SIP Invite is dropped. l 480: Temporary Unavailable l 486: Busy Here l 503: Service Unavailable l none: Don't send SIP status code Displays the status code sent to the server when a SIP Invite is dropped.
show ap consolidated-provision info show ap consolidated-provision info ap-name ip-addr ip6-addr Description This command displays the consolidated provision details of an AP. Syntax Parameter Description ap-name Show consolidated provision information for the AP based on the AP name. ip-addr Show consolidated provision information for the AP based on the AP's IP address.
Parameter Description ap name The name of the AP for which consolidated provisioned information is required. ipv4 address type The IPv4 address type of the AP. ipv4 address The IPv4 address of the AP. ipv4 netmask The IPv4 subnet mask of the AP. ipv4 gateway The IPv4 gateway information of the AP. ipv4 lease The IPv4 lease information pertaining to the AP. ipv4 dhcp server The IPv4 DHCP server of the AP. ipv4 dns server The IPv4 DNS server of the AP.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap-crash-transfer show ap-crash-transfer Description This command displays info for the AP crash transfer feature, which transfers AP coredump files to the controller flash memory if no dumpserver is configured. Syntax No Parameters Usage Guidelines The command ap system-profile dump-server specifies a server to receive a core dump generated when an AP process crashes.
show ap database show ap database {flags|group |inactive|indoor|local|long|outdoor|{page }| sensors [disconnected]|sort-by [ap-flags|ap-group|ap-ip| ap-mac|ap-name|ap-serial|ap-type|fqln|provisioned|status {up|down}|switch-ip]|sort-direction [ascending|descending]|start |status {up|down]|switch |unprovisioned|usb} Description Show the list of access points in the controller’s database. Syntax Parameter Description flags Show only APs with flags set [LUDINRCc12ME] .
Parameter Description ap-ip Sort by AP group name. ap-mac Sort by AP wired MAC address . ap-name Sort by AP name. ap-serial Sort by AP serial number. ap-type Sort by AP model. fqln Sort by Fully Qualified Location Name (FQLN). provisioned Sort by provisioning statistics. status up|down If used with the sort-by keyword, status sorts the output of the command by status type (up or down.) Otherwise, use the status keyword to display APs with the specified status.
local status up to view a list of local APs within a specific AP group that are reporting an up status. Include the sort-by and sort-direction keywords to specify how the data is sorted in the output of this command. Examples The output of the command show ap database shows the controller’s database of information for APs in the group default. The output also includes a description of the flag types that may appear in the Flags column.
Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 6.2 The usb parameter was introduced ArubaOS 6.4.2.0 The LACP Striping flag was introduced to indicate of the AP is configured with a LACP striping IP address. See ap-lacp-striping-ip on page 167 The output of show ap database long command displays the service tag of an AP.
show ap database-summary show ap database-summary Description Show a general summary of access point information for this controller. Usage Guidelines Use this command to show the current number of active APs and Air Monitors. This command is also useful for determining how many unprovisioned APs or duplicate APs are on the network. For full details on each AP registered to a controller, use the command show ap database.
Command Information Platforms All platforms 1050| show ap database-summary Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap debug bandwidth-management show ap debug bandwidth-management [ap-name |ip-addr |ip6-addr ] Description This command shows bandwidth management information for clients. Syntax Parameter Description ap-name Name of the access point. ip-addr IP address of the access point. ip6-addr IPv6 address of the access point (host) (config) #show ap debug bandwidth-management ip-addr 172.16.10.
15 86235 152320 0 866/20823 idx d1 d2 d3 0 0 74698 0 1 0 0 0 2 0 0 0 3 0 0 0 4 0 0 0 5 0 0 0 6 0 0 0 7 0 0 0 8 0 0 0 9 0 0 0 10 0 0 0 11 0 0 0 12 0 0 0 13 0 0 0 14 0 0 0 15 0 0 0 Interface :wifi1 Shaping policy:Preferred-access 167662 12336 0 0 0 700 3 d4 1695206 3671 3665 3666 3665 167680 3661 167645 167659 167651 167643 167669 167635 167655 167653 167662 d5 1040977 1288 1286 1287 1289 39145 1298 39159 39149 39220 39256 167669 167635 167655 167653 167662 d6 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 d7 0 0
15 57151 866/20965 idx d1 0 0 1 0 2 0 3 0 4 0 5 0 6 0 7 0 8 0 9 0 10 0 11 0 12 0 13 0 14 0 15 0 66666 0 187254 5879 0 0 2 334 3 d2 61683 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 d3 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 d4 1893229 4100 4090 187233 4083 187253 4087 187235 4095 187205 187268 187254 187251 187236 187256 187254 d5 1319215 4100 4090 72486 4083 72469 4087 72413 4095 72425 72387 187254 187251 187236 187256 187254 d6 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 d7 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 d8 0 0 0 0 0 0 0
Column Description cmn[C:O:H:V] Common pool tokens [Complimentary Code Keying (C): Orthogonal Frequency-Division Multiplexing (O): high throughput (H): Very High Throughput (V)] Numcl[C:O:H:V] Number of clients [Complimentary Code Keying (C): Orthogonal Frequency-Division Multiplexing (O): high throughput (H): Very High Throughput (V)] TotCl Total number of clients associated to the radio BWmgmt Indicates whether bandwidth shaping is enabled idx Association ID tokens Current tokens allocated fo
show ap debug ble-config show ap debug ble-config {ap-name |ip-addr |ip6-addr } Description This command displays the Bluetooth Low Energy (BLE) configuration of the AP. In addition, the command displays the update interval to the Beacon Management Console (BMC), BLE token, AP Beacon (APB) status, the last update time to BMC, and the beacon MAC for which the last update was sent.
Command History Command ArubaOS 6.4.4.0 Description Command introduced. Command Information Platforms All platforms 1056| show ap debug ble-config Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap debug ble-counters show ap debug ble-counters {ap-name |ip-addr |ip6-addr } Description This command displays the packet counters for BLE devices seen by the AP. In addition, the command displays if any high power beacons are seen, the time at which configuration update was received for the beacons from the BMC and the updated response sent back. This command is supported in W-AP210 Series, W-AP220 Series (with external BLE USB), and W-AP320 Series.
Total Total Total Total beacons:7 serial bytes read from APB:138761 msg bytes processed:138761 serial bytes dropped:0 Command History Command ArubaOS 6.4.4.0 Description Command introduced. Command Information Platforms All platforms 1058| show ap debug ble-counters Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap debug ble-log show ap debug ble-log {ap-name |ip-addr |ip6-addr } Description This command displays the BLE debug logs of the AP. This command is supported in W-AP210 Series, W-AP220 Series (with external BLE USB), and W-AP320 Series. Syntax Parameter Description ap-name Displays the BLE debug logs of an AP for a specific AP based on the AP name. ip-addr Displays the BLE debug logs of an AP for a specific AP based on the IPv4 address.
Command History Command ArubaOS 6.4.4.0 Description Command introduced. Command Information Platforms All platforms 1060| show ap debug ble-log Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap debug ble-table show ap debug ble-table {ap-name |ip-addr |ip6-addr } Description This command displays the statistics for BLE devices seen by the AP. In addition, the command displays beacons seen by the APB, each of the beacons' attributes such as the Major-Minor numbers, Batter Level, Firmware version, time since the beacon was last heard by the APB. This command is supported in W-AP210 Series, W-AP220 Series (with external BLE USB), and W-AP320 Series.
APB UI:upg_b_status_errs-inv_upg:0x00/inv_cmd:0x00/inv_op:0x00/buf_tl:0x00/good:0x00 APB UI:acks/ka-From APB:0x00/0x00 From app:0x00,0x00/0x00 APB UI Clock:Start:1969-12-31 16:00:00 End:1969-12-31 16:00:00 Current:2015-10-27 11:48:20 Note: Battery level for LS-BT1USB devices is indicated as USB. Note: Uptime is shown as Days hour:minute:second. Note: Last Update is time in seconds since last heard update.
show ap debug ble-update-status show ap debug ble-update-status {ap-name |ip-addr |ip6-addr } Description This command displays the configuration update status for BLE devices seen by the AP. In addition, the command displays the active versus desired configuration based on the configuration received from the BMC (if any). This command is supported in W-AP210 Series, W-AP220 Series (with external BLE USB), and W-AP320 Series.
d0:39:72:d4:fa:9c c4:be:84:19:ef:99 c4:be:84:19:ef:99 c4:be:84:19:ef:99 c4:be:84:19:ef:99 A0842ACBD6E6 c4:be:84:19:ef:99 NotRequired) c4:be:84:19:ef:99 78:a5:04:15:23:35 78:a5:04:15:23:35 78:a5:04:15:23:35 78:a5:04:15:23:35 A0842ACBD6E6 78:a5:04:15:23:35 c4:be:84:19:ec:2f c4:be:84:19:ec:2f c4:be:84:19:ec:2f c4:be:84:19:ec:2f 947070693A78 c4:be:84:19:ec:2f --Tx Power Major Minor UUID Ineligible 2 1000 1374 09458C20-4586-4ED3-8D2F-A0842ACBD6E6 Reason:Missing data 2 1000 1374 09458C20-4586-4ED3-8D2F- Firmw
show ap debug bss-config show ap debug bss-config [ap-name |bssid ||essid |ip-addr |ip6-addr |port //] Description Show the configuration for each BSSID of an AP. This information can be used to troubleshoot problems on an AP. Syntax Parameter Description ap-name Filter the AP Config table by AP name. bssid Filter the AP Config table by BSSID. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
The output of this command includes the following information: Column Description bss Basic Service Set (BSS) identifier, which is usually the AP’s MAC address. ess Extended Service Set (ESS) identifier; a user-defined name for a wireless network. vlan The BSSID’s VLAN number. IP The AP’s IP address. phy One of the following 802.11 types l a l a-HT (high-throughput) l g l g-HT (high-throughput) type This column shows if the BSSID is for an access point (ap) or an air monitor (am).
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap debug bss-stats show ap debug bss-stats [bssid ] Description Show debug and troubleshooting statistics from a specific BSSID of an AP. Syntax Parameter bssid Description Show data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. Examples The example below shows part of the output of the command show ap debug bss-stats bssid .
... The output of this command includes the following information: Parameter Description Tx Frames Rcvd Number of transmitted frames that were received. Tx Bcast Frames Rcvd Number of transmitted broadcast frames that were received. Tx Frames Dropped Number of transmitted frames that were dropped. Tx Bcast Frames Dropped Number of transmitted broadcast frames that were dropped. Tx Frames Transmitted Number of frames successfully transmitted. Tx Bytes Rcvd Number of transmitted bytes received.
Parameter Description Tx Time Data dropped Total time spent transmitting dropped frames. Tx Time Data Total time spent sending frames received for transmission, including the frames that were dropped after retrying. Tx Broadcast Data Frames Sent Broadcast data frames transmitted by the AP. Tx Multicast Data Frames Multicast data frames transmitted by the AP. Tx DMO Multicast NOTE: This counter applies to APs in decrypt-tunnel or split forwarding modes only.
Parameter Description Tx Dropped After Retry Number of frames dropped after an attempted retry. Tx Dropped No Buffer Number of frames dropped because the AP’s buffer was full. Tx Missed ACKs Tx EAPOL Frames Number of retries triggered because an acknowledgement was not received. Number of EAPOL frames transmitted TX STBC Frames Number of transmitted frames with Space-time block coding (STBC) enabled. TX LDPC Frames Number of transmitted frames with Low Density Parity Check (LDPC) enabled.
Parameter Description Rx Last ACK SNR Signal-to-noise ratio for the last received ACK packet. Rx Last ACK SNR CTL0 Signal-to-noise ratio for the last received ACK packet on the primary (control) channel 0. This parameter is only displayed for APs operating in 40 Mhz mode. Rx Last ACK SNR CTL1 Signal-to-noise ratio for the last received ACK packet on the primary (control) channel 1. This parameter is only displayed for APs operating in 40 Mhz mode.
Parameter RX PS Poll Frames Description Power-Save Poll (PS-Poll) frames received. When a client exits a powersaving mode, it transmits a PS-Poll frame to the AP to retrieve any frames buffered while it was in power-saving mode. RX STBC Frames Number of received frames with STBC enabled. RX LDPC Frames Number of received frames with LDPC enabled. Rx Data Mbps Number of frames received at the specified rate, (Mbps).
show ap debug client-deauth-reason-counters show ap debug client-deauth-reason-counters Description Shows the aggregate client deauth reason counters Examples The output of the command below shows client deauth reason counters. (host) #show ap debug client-deauth-reason-counters Deauth Reason Counters ---------------------Name Value -------- Command History Introduced in ArubaOS 6.3. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap debug client-mgmt-counters show ap debug client-mgmt-counters Description Show the numbers of each type of message from an AP’s clients. This information can be used to troubleshoot problems on an AP. Examples The output of the command below shows client management counters.
Parameter Description Tunnel VLAN Membership (For internal use only) Update STA Tunnel Request (For internal use only) Update STA Tunnel Response (For internal use only) ARM Update Number of times an AP has changed its adaptive radio management (ARM) settings.
Parameter Description disassoc Number of 802.11 disassociation messages to the controller. deauth Number of 802.11 deauthorization messages from the controller. sapcp (For internal use only) Command History Introduced in ArubaOS 3.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap debug client-stats show ap debug client-stats
Rx 54 Mbps Rx WMM [BE] 1730 39 The output of this command includes the following information: Parameter Description Frames Rcvd For TX Number of frames received for transmission. Tx Frames Dropped Number of transmission frames that were dropped. Frames Transmitted Number of frames successfully transmitted. Success With Retry Number of frames that were transmitted after being retried. Tx Mgmt Frames Number of management frames transmitted.
Parameter Description Last SNR The last recorded signal-to-noise ratio. Last SNR CTL0 The signal-to-noise ratio for the last received data packet on the primary (control) channel 0. This parameter is only displayed for APs operating in 40 Mhz mode. Last SNR CTL1 The signal-to-noise ratio for the last received data packet on the secondary (control) channel 1. This parameter is only displayed for APs operating in 40 Mhz mode.
Parameter Description Tx WMM [BE]: Best Effort Tx WMM [BK]: Background Tx WMM [VO]: VoIP Tx WMM [VI]: Video Command History Introduced in ArubaOS 3.0. Command Information Platforms All platforms 1081| show ap debug client-stats Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap debug client-table show ap debug client-table [ap-name |bssid |ip-addr |ip6-addr ] Description Show clients associated to an AP. Syntax Parameter Description ap-name Filter the client table by AP name. bssid Filter the client table by BSSID. This will print clients on top from given BSSID. ip-addr Filter the client table by AP IP address. ip6-addr Filter the client table by AP IPv6 address.
Q - Static SM PS; N - A-MPDU disabled; B - TX STBC b - RX STBC; M - Max A-MSDU; I - HT40 Intolerant VHT Flags: C - 160MHz; c - 80MHz; V - Short GI 160; v - Short GI 80 E - Beamformee; e - Beamformer HT_State shows client's original capabilities (not operational capabilities) The output of this command includes the following information: Parameter Description MAC MAC address of a client. ESSID Extended Service Set identifier (ESSID) used by the client.
Parameter UAPSD Description This parameter shows the Unscheduled Automatic Power Save Delivery (UAPSD) queue statuses in the following comma-separated format: (,< VI>,< BK>, ,< Max SP>,). l VO: If 1, UAPSD is enabled for the VoIP access category. If UAPSD is disabled for this access category, this value is 0. l VI: If 1, UAPSD is enabled for the Video access category. If UAPSD is disabled for this access category, this value is 0.
Parameter Description Rx_timestamp Date and time the last packet was received from the client. MFP status Client is 802.11W capable/802.11W is enabled on Radio Idle Time Number of seconds elapsed since a packet was received from the client. Client Health This column shows the client health of the client and the AP radio, in the format /.
show ap debug client-trace show ap client-trace {ap-name }|{ip-addr }|{ip6-addr } mac Description Use this command to show counts of different types of management data frames traced from a client MAC address. Syntax Parameter Description ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP. mac MAC address of the client..
show ap debug counters show ap debug counters {ap-name |bssid |group |ip-addr |ip6addr } Description Show AP reboot/bootstrap counters, and crash information for an individual AP or AP group, or all APs referenced on the controller. Syntax Parameter Description ap-name Show debug counters for an AP with a specified name. bssid Show debug counters for a specific Basic Service Set Identifier (BSSID).
0 Total APs :6 1 (1) 0 N The output of this command includes the following information: Column Description Name Name of the AP. Group Name of the AP’s group. IP Address IP address of the AP. Configs sent Number of times configuration changes have been sent to the AP. Configs Acked Number of times that the AP has acknowledged receiving a configuration change. AP Boots Sent Number of times reboot requests have been sent to the AP.
show ap debug crash-info show ap debug crash-info {ap-name |ip-addr ip6-addr } Description Show crash log information (if it exists) for an individual AP. The stored information is cleared from the flash after the AP reboots. Syntax Parameter Description ap-name Show crash information for an AP with a specified name. ip-addr Show crash information for an AP with a specified IP address by entering an IP address in dotted-decimal format.
Command Information Platforms All platforms 1090| show ap debug crash-info Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap debug crypto show ap debug crypto {ap-name |detail|history|ip-addr } Description This command shows the debug crypto logs for an AP. Syntax Parameter Description ap-name Shows crypto logs information for an AP with a specified name. detail Specifies the crypto logs details for the following: ap-name: Specifies the name of AP. ip-addr: Specifies the IP Address of AP.
Command Information Platforms All platforms 1092| show ap debug crypto Licensing Base operating system Command Mode Enable or Config mode Dell Networking W-Series ArubaOS 6.5.
show ap debug datapath show ap debug datapath {ap-group |ap-name |bssid |ip-addr |ip6-addr } Description Show datapath tunnel parameters of an AP or AP group. Syntax Parameter Description ap-group Show data path information for a specific AP group. ap-name Show data path information for an AP with a specific name. bssid Show data path information for a specific Basic Service Set Identifier (BSSID).
Column Description client-vlan-id ID of the network VLAN tunnel-id Identification number of the AP’s tunnel. gre-type GRE tunnel type. deny-bcast If enabled, the AP will respond to broadcast probe requests. If disabled, the AP will not respond to these requests. num-clients Number of clients currently using the network. The output of the following command shows datapath tunnel parameters for an AP with the IPv6 address 11:12:11:11::2.
show ap debug dot11r show ap debug dot11r efficiency state [ap-name | ip-addr ] Description This command displays all the r1 keys that are stored in an AP and the hit/miss rate of r1 keys cached on an AP before a Fast BSS Transition roaming. Syntax Parameter Description efficiency Show the hit/miss rate of r1 keys cached on an AP before a Fast BSS Transition roaming for the specified client MAC address.
Command Information Platforms All platforms 1096| show ap debug dot11r Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap debug dot11r state show ap debug dot11r state [ap-name | ip-addr ] Description This command displays all the r1 keys that are stored in an AP. Syntax Parameter Description ap-name Show debugging information for a specific AP. ip-addr Show debugging information for an AP with a specific IP address by entering its IP address in dotted-decimal format. Examples Use this command to view all the r1 keys that are stored in an AP.
show ap debug driver-log show ap debug driver-log {ap-name |bssid |ip-addr |ip6-addr } Description Show an AP’s driver logs. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug gre-tun-stats show ap debug gre-tun-stats {ap-name | bssid |ip-addr |ip6-addr } Description Shows GRE tunnel packet statistics of an AP. Syntax Parameter Description ap-name Shows GRE tunnel packets information for an AP. bssid Shows GRE tunnel packets information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug gsm-counters show ap debug gsm-counters verbose Description Displays the GSM counters of an AP or AP group. Syntax Parameter Description verbose Displays the event statistics in a tabular format.
show ap debug ipc forwarding-statistics show ap debug ipc forwarding-statistics {ap-name |ip-addr |ip6-addr } Description Show an AP’s ipc forwarding statistics. Syntax Parameter Description ap-name Show log information for an AP with a specific name. ip-addr Show log information for an AP with a specific IP address by entering an IP address in dotted-decimal format. ip6-addr Show log information for an AP with a specific IPv6 address.
show ap debug lacp show ap debug lacp {ap-name |bssid |ip-addr |ip6-addre} Description Displays the number of GRE packets sent and received on the two Ethernet ports. Syntax Parameter Description ap-name Show LACP information for an AP with a specific name. bssid Show LACP information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
0 1 non-wifi 65 64 2 3466 0 50 The following example is only applicable to W-AP320 Series: #show ap debug lacp ap-name ap325 verbose AP LACP GRE Striping IP: 10.3.44.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap debug lldp show ap debug lldp Description Show an AP’s debug log. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address. ip-addr Show log information for an AP with a specific IP address by entering an IP address in dotted-decimal format.
show ap debug log show ap debug log {ap-name |bssid |ip-addr |ip6-addr } Description Show an AP’s debug log. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug config-msg-history show ap debug config-msg-history [ap-name |ip-addr |ip6-addr ] Description This command shows recent configuration messages sent and received by an AP. Syntax Parameter Description ap-name Name of the access point. ip-addr IP address of the access point. ip6-addr IPv6 address of the access point Examples The output of this command shows the configuration message history for the AP named "myAP-W-AP105.
show ap debug dot11r state show ap debug dot11r state [ap-name | ip-addr ] Description This command displays all the r1 keys that are stored in an AP. Syntax Parameter Description ap-name Show debugging information for a specific AP. ip-addr Show debugging information for an AP with a specific IP address by entering its IP address in dotted-decimal format. Examples Use this command to view all the r1 keys that are stored in an AP.
show ap debug port status show ap debug port status {ap-name |bssid |ip-addr |ip6-addr } Description Shows the status of the AP's wired ports. Syntax Parameter Description ap-name Name of the AP. bssid BSSID of the AP. ip-addr IP address of the AP. ip6-addr IPv6 address of the AP. Examples The output of the command displays the wired port status of an AP named LocalAP1.
Command Information Platforms All platforms 1110| show ap debug port status Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap debug radar-logs show ap debug radar-logs ap-name ip-addr ip6-addr Description Displays the latest four RADAR event logs from the AP. This command is useful for debugging false radar detection related issues. This command is applicable for APs running the Broadcom chip-set. Syntax Parameter Description ap-name Displays RADAR logs for an AP with a specific name. ip-addr Displays RADAR logs for an AP with a specific IP address.
50-8 50-9 50-10 Nepochs=1 len=27 epoch_#=1; det_idx=0 pw_delta=0 min_pw=50 max_pw=50 Type 7 Radar Detection. Detected pulse index=0 fm_min=0 fm_max=0 nconsecq_pulses=5.
17-6 17-7 17-8 17-9 17-10 Nepochs=1 len=30 epoch_#=1; det_idx=0 pw_delta=2 min_pw=16 max_pw=18 Type 7 Radar Detection. Detected pulse index=0 fm_min=0 fm_max=0 nconsecq_pulses=9.
show ap debug radio-event-log status show ap debug radio-event-log status {ap-name |ip-addr |ip6-addr } Description Show information about the radio event information captured in packet log files. Syntax Parameter Description ap-name Show log information for an AP with a specific name. ip-addr Show log information for an AP with a specific IPv4 address by entering its IPv4 address in dotted-decimal format.
Parameter Description Log File Size Size of the log file. A value of N/A indicates that the packet log feature uses the default log file size of 3145728 bytes (3MB) Status Shows if packet log capture was started or stopped on the AP radio. Related Commands ap debug radio-event-log Command History Introduced in ArubaOS 3.0.
show ap debug radio-info show ap debug radio-info ap-name radio ip-addr radio ip6-addr radio Description Displays the Wi-Fi radio debug logs from the AP driver. This command is applicable for W-AP200 Series, W-AP210 Series, W-AP220 Series, and W-AP270 Series access points. Syntax Parameter Description ap-name Displays Wi-Fi radio debug logs for an AP with a specific name.
Command Information Platforms All platforms 1117| show ap debug radio-info Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap debug radio-registers show ap debug radio-registers 0|1} {ap-name |ip-addr |ip6-addr } {radio Description This command allows you to view radio register changes. Syntax Parameter Description ap-name Name of the AP for which you want to view register changes. ip-addr IPv4 address of the AP for which you want to view register changes. ip6-addr IPv6 address of the AP for which you want to view register changes.
show ap debug radio-stats show ap debug radio-stats {ap-name |ip-addr } radio {0|1} [advanced] Description Show aggregate radio debug statistics of an AP. Syntax Parameter Description ap-name Show log information for an AP with a specific name. ip-addr Show log information for an AP with a specific IP address by entering its IP address in dotted-decimal format. ip6-addr IPv6 address of the Access Point.
Parameter Description Total Radio Resets Total number of times the radio reset. Resets Beacon Fail Number of times the radio reset due to beacon failure. BB check positives Number of times the radio checked for a base-band hang condition Resets BeacQ Stuck An AP’s radio typically sends a beacon every 100 milliseconds. If beacons are not sent at a regular interval or the radio experiences excessive noise, the beacon queue will reset. This parameter indicates the number of queue resets.
Parameter Description Noise seen by an AP is reported as -dBm. Therefore, a noise floor of -100 dBm is smaller (lower) than a noise floor of -50 dBm. For most environments, the noise floor should be no greater than -80 dBm. Anything larger may indicate an interference problem which is drowning out good signals (data) in background noise. Dummy NF pkts on home channel Number of noise floor readings on the home channel. Dummy NF pkts on scan channel Number of noise floor readings on the scan channel.
Parameter Description Voice aware Scan Rejects If you enable the VoIP Aware Scan feature in the AP’s ARM profile, the AP will not attempt to scan a different channel if one of its clients has an active VoIP call. This Voice aware scan Rejects parameter shows the number of times the AP has rejected a scan because of the Voip aware scan feature.
Parameter Description UASPD Dup Trig The number of times duplicate UAPSD trigger frames are received (i.e., retried UAPSD triggers that were received by the AP more than once). UAPSD Recv frame for TX The number of frames received for transmission over the air interface using UAPSD UAPSD Ageout Drain The number of time UAPSD queue is drained (i.e. frames are dropped) due to ageout.
Parameter Description Tx Time Frames Transmitted Number of times frames were transmitted. Tx PS Unicast Number of power save unicast frames Tx DTIM Broadcast Number of broadcast frames with DTIM values. Tx Success With Retry Number of frames that were successfully transmitted after being retried. Tx Multiple retries Number of frames that were successfully transmitted after being retried multiple times. Tx Mgmt Frames Number of management frames transmitted.
Parameter Description Tx Time Data Total time spent sending frames received for transmission, including the frames that were dropped after retrying. Tx Broadcast Data Frames Sent Broadcast data frames transmitted by the AP. Tx Broadcast Data Frames Sent (PPS) Rate of broadcast data frames transmitted by the AP, in packets per second. Tx Multicast Data Frames Multicast data frames transmitted by the AP.
Parameter Description Tx CTS Frames Number of Clear-to-Send (CTS) frames transmitted. Tx CTS Frames (PPS) Rate of CTS frames sent, in packets per second. (This parameter does not include CTS frames send in response to RTS). Tx Powersave Queue Timeouts Number of transmit frames discarded from the power save queue because the frames aged out Tx Dropped After Retry Number of frames dropped after an attempted retry. Tx Dropped No Buffer Number of frames dropped because the AP’s buffer was full.
Parameter Description Tx AGGR Unaggr Number of non-aggregate frames transmitted due to unavailability of additional frames for aggregation at the time of transmission. Tx data Mbps Number of frames transmitted at the specified rate (in Mbps). Tx Mbps [Long] Number of frames with a long preamble transmitted at the specified rate. Tx Mbps [Short] Number of frames with a short preamble transmitted at the specified rate.
Parameter Description Tx HT40 Dfs IMM WAR Number of times the HT 40 RX Clear Hang immunity workaround was employed. Tx HT40 Dfs HT20 WAR Number of times the HT 20 RX Clear Hang immunity workaround was employed. Tx MAC/BB Hang Stuck Number of times a workaround was employed for potential beacons stuck due to MAC or base-band stuck conditions. Tx Mgmt Bytes Total management frame bytes transmitted. Tx Beacons Bytes Total number of Beacon frame bytes transmitted.
Parameter Description Rx Last ACK SNR EXT1 Signal-to-noise ratio for the last received ACK packet on the secondary (extension) channel 1. This parameter is only displayed for APs operating in 40 Mhz mode. Rx Last ACK SNR EXT2 Signal-to-noise ratio for the last received ACK packet on the secondary (extension) channel 2. This parameter is only displayed for APs operating in 40 Mhz mode. Rx Frames Received Number of frames received. Rx Good Frames Number of frames received with no errors.
Parameter Description Ch Busy perct @ beacon intvl Percentage of time the channel was busy over the last 30 beacon intervals. Rx Time perct @ beacon intvl Percentage of time the AP was receiving data over the last 30 beacon intervals. Rx Discarded Events Number of non-802.11 events that were detected and discarded during normal operation. Rx ARM Scan Frames Number of scan frames sent for the adaptive radio management (ARM) feature. Rx Data Frames Number of data frames received.
Parameter Description Rx Time To Me Total time spent receiving frames sent to a specified BSSID. Rx Broadcast Frames Number of broadcast frames received. Rx Probe Requests Number of Probe requests received. Rx Probe Requests (PPS) Rate at which probe requests were received, in packets per second. Rx RTS Frames Ready To Send (RTS) frames received. These frames are sent when a computer has data to transmit. Rx RTS Frames (PPS) Rate at which RTS frames were received, in packets per second.
Parameter Description RX Overrun The number of Receive FIFO overruns. Rx undecryptable Number of non-decryptable frames received. RX STBC Frames Number of received frames with STBC enabled. RX LDPC Frames Number of received frames with LDPC enabled. Rx data Mbps Data packets received at the specified rate (in Mbps). Rx Mbps Packets received at the specified rate (in Mbps). Rx data Mbps Packets received at the specified rate (in Mbps).
Command History Command Description ArubaOS 3.0 Command Introduced ArubaOS 6.3 The output of this command was enhanced to include the following information types, when their collection is enabled using the command ap debug advanced-stats. l Advanced statistics for transmitted and received frames. l Information about packets per second statistics for different frame types. l Advanced radio driver statistics for the specified radio. The ip6-addr parameter was introduced.
show ap debug received-config show ap debug received-config ap-name [essid ] bssid [essid ] ip-addr [essid ] ip6-addr [essid ] Description Show the configuration the AP downloaded from the controller. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID).
Active Scan VoIP Aware Scan Power Save Aware Scan Load aware Scan Threshold 40 MHz intolerance Honor 40 MHz intolerance Legacy station workaround Country Code ESSID ... Disabled Enabled Enabled 1250000 Bps Disabled Enabled Disabled US guest The output of this command includes the following information: Parameter Description BSSID The BSSID of the AP. LMS IP The LMS IP is the IP address of the local controller used by the AP for client data processing.
Parameter Description Advertise TPC Capability If enabled, the AP will advertise its Transmit Power Control (TPC) capability. Enable CSA Displays whether or not the AP has enabled channel switch announcements (CSAs) for 802.11h. CSA Count Number of channel switch announcements that must be sent before the AP will switch to a new channel. Management Frame Throttle interval Average interval that rate limiting management frames are sent from this radio, in seconds.
Parameter Description Country Code Display the country code for the AP. The country code specifies allowed channels for that country. ESSID An Extended Service Set Identifier (ESSID), for the AP. Encryption Encryption type used on this AP. WPA2 Pre-Auth 802.11x settings are enabled or disabled. DTIM Interval Number of beacons that should elapse before an AP sends beacon broadcasts for power save clients. 802.11a Basic Rates Minimum data rate required for a client to associate with the AP.
Parameter Description DSCP mapping for WMM background AC Displays the DSCP value used to map WMM background traffic. Hide SSID Shows if the feature to hide a SSID name in beacon frames is enabled or disabled. Deny_Broadcast Probes When a client sends a broadcast probe request frame to search for all available SSIDs, this option controls whether or not the system responds for this SSID. When enabled, no response is sent and clients have to know the SSID in order to associate to the SSID.
Parameter Description Min MPDU start spacing Displays the minimum time between the start of adjacent MDPUs within an aggregate MDPU, in microseconds. Supported MCS set Comma-separated list of Modulation Coding Scheme (MCS) values or ranges of values to be supported on this highthroughput SSID. Short guard interval in 40 MHz mode Shows if the AP has enabled or disabled use of short guard interval in 40 MHz mode of operation. VLAN VLAN ID used by the SSID.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap debug shaping-table show ap debug shaping-table {ap-name |ip-addr } Description Show shaping information for clients associated to an AP. Syntax Parameter Description ap-name Show shaping table information for a specific AP. ip-addr Show shaping table information for a specific AP IP address by entering its IP address in dotted-decimal format. Example The following command shows the shaping table of an AP named ap22.
Column Description pktin Number of packets received by the AP. pktout Number of packets sent by the AP. pktdrop Number of packets dropped by the AP. pktqd Number of packets queued. cmn [C:O:H] (For internal use only.) drop Number of CCK (802.11b) and OFDM (802.11a/g) packets dropped. Numcl Number of CCK (802.11b) and OFDM (802.11a/g) packets dropped.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap debug spanning-tree show ap debug spanning-tree {ap-group |ap-name |bssid |ip-addr } Description Show an AP’s spanning tree statistics. Syntax Parameter Description ap-name Show log information for an AP with a specific name. bssid Show log information for a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap debug switching show ap debug switching {ap-name |ip-addr |ip6-addr } Description Show an AP’s switching statistics. Syntax Parameter Description ap-name Name of the Access Point. ip-addr IP address of the Access Point. ip6-addr IPv6 address of the Access Point. Example The following command shows the ..................................... (host) #show ap debug switching Command History Release Modification ArubaOS 3.
show ap debug system-status show ap debug system-status ap-name bssid ip-addr ip6-addr Description Show detailed system status information for an AP. Syntax Parameter Description ap-name Show system status data for an AP with a specific name. bssid Show system status data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
The following parameters are included in the output of this command, and can help troubleshoot problems on an AP or wireless network. Parameter Description The Failed column in the Descriptor Usage section This parameter can tell you if the AP is dropping packets. Interface Information table This parameter can tell you if the Ethernet network is working properly. This table should not show an excessive number of errors.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap debug trace-addr show ap debug trace-addr Description Show MAC addresses in the trace buffer. Usage Guidelines Use this command to troubleshoot wireless clients that are being traced for 802.11 communication Examples The output of the command shows the Trace List table. If no wireless clients are being traced, this table will be empty.
show ap debug usb show ap debug usb ap-name ip-addr ip6-addr Description This command displays the USB information provisioned on the RAP. Syntax Parameter Description ap-name Show system status data for an AP with a specific name. ip-addr Show system status data for an AP with a specific IP address by entering an IP address in dotted-decimal format.
Command History Release Modification ArubaOS 6.2 Command introduced ArubaOS 6.3 The ip6-addr parameter was introduced. Command Information Platforms Available on all platforms 1151| show ap debug usb Licensing Base operating system Command Mode Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ap details show ap details [advanced]{ap-name ||ip-addr |ip6-addr |wired-mac } Description Show detailed provisioning parameters, hardware, and operating information for a specific AP.
AP "AL39" Operating Information ------------------------------Item Value -------AP State Running Entry created 2008-10-23 20:04:53 Last activity 2008-10-28 08:07:48 Reboots 0 Bootstraps 1 Bootstrap Threshold 7Slot/Port 2/24 The output of this command includes the following information: Column Description AP IP Address IP address of the AP LMS IP Address The IP address of the local management switch (LMS)—the Dell controller which is responsible for terminating user traffic from the APs, and processin
Column Description Entry created Timestamp showing the time the AP registered with the controller. Last activity Timestamp showing the last time the AP communicated with the controller. An AP typically sends keepalive messages every minute. Reboots Number of times power to the AP cycled off and then on again. Reboots also known as “hard” restarts. Bootstraps Number of times the AP restarted. Bootstraps are also known as “soft” restarts.
Column Description AP Name Name of the AP. AP Group AP group to which the AP belongs. Location name Fully-qualified location name (FQLN) for the AP. SNMP sysLocation User-defined description of the location of the AP, as defined with the command provision-ap syslocation. Master Name or IP address for the master controller. Gateway IP address of the default gateway for the AP. Netmask Netmask for the AP’s IP address. IP Addr IP address for the AP. Dns IP IP address of the DNS server.
Column Description PPPOE Password PPPoE password for the AP. PPPOE Service Name PPPoE service name for the AP. USB User Name The PPP username provided by the cellular service provider. USB Password A PPP password, if provided by the cellular service provider. USB Device Type The USB driver type. USB Device Identifier The USB device identifier. USB Dial String The dial string for the USB modem. USB Initialization String The initialization string for the USB modem.
Column Description Antenna tilt angle for 802.11a The angle of the 802.11a (5GHz) antenna. This parameter can range from between -90 degrees and 0 degrees for downtilt, and between +90 degrees and 0 degrees for uptilt. Antenna tilt angle for 802.11g The angle of the 802.11g (2.4GHz) antenna. This parameter can range from between -90 degrees and 0 degrees for downtilt, and between +90 degrees and 0 degrees for uptilt.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap enet-link-profile show ap enet-link-profile [] Description Show a list of all Ethernet Link profiles. Usage Guidelines Include a profile name to display details for the specified Ethernet Link Profile, or omit the parameter to display a list of all Ethernet Link profiles.
Command Information Platforms All platforms 1160| show ap enet-link-profile Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap essid show ap essid Description Show a Extended Service Set Identifier (ESSID) summary for the controller, including the numbers of APs and clients associated with each ESSID. Examples The output of the command in the example below shows statistics for four configured ESSIDs.
show ap ht-rates show ap ht-rates bssid Description Show high-throughput rate information for a basic service set (BSS). Syntax Parameter bssid Description Show data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. Examples The output of this command shows high-throughput rates for each supported MCS value. These values are applicable to high-throughput (802.11n-capable) APs only.
Column Description 40 MHz 802.11n data rates for the MCS for 40 Mhz transmissions. 40 MHz SGI 802.11n data rates for the MCS for 40 Mhz transmissions using a short guard interval. Related Commands Command Description show ap vht-rates Show very-high-throughput rate information for a basic service set (BSS). Command History Introduced in ArubaOS 3.3.
show ap image-preload-status (deprecated) show ap image-preload-status page start Description This command displayed the list of APs that will preload a new version of software from a controller with the AP preload feature activated. Starting with ArubaOS 6.4, command was replaced by the command show ap image-preload status. Command History Release Modification ArubaOS 6.3 Command introduced ArubaOS 6.4 Command deprecated Dell Networking W-Series ArubaOS 6.5.
show ap image-preload status show ap image-preload status all list summary Description Display the list of APs that will preload a new version of software from a controller with the AP preload feature activated. Syntax Parameter Description all Display the complete status of AP image preload operation. list Displays the list of APs and their image preload statuses. summary Summarizes the status of AP image preload operation.
------------------------ --------------------------- -------------6c:f3:7f:c3:a6:56 SecureJack 10.3.90.14 135 Preloaded 11-05 15:39:58 0 ---------- ----- 2013-11-05 15:38:50 2013- (host) #show ap image-preload status list AP Image Preload AP Status -------------------------AP Name AP Group AP IP AP Type Time Failure Count Failure Reason ------------------------------------- -------------6c:f3:7f:c3:a6:56 SecureJack 10.3.90.
Column Description AP Name Name of an AP eligible to preload a new software image. AP Group AP group of an AP eligible to preload a new software image. AP IP IP address of the AP. AP Type AP model type. Preload State Current state of the AP’s preload attempt l Preloaded: The AP is finished preloading a new software image. l Preloading: The AP is currently downloading the new image. l Waiting: The AP is waiting to start preloading the new image from the controller.
show ap image version show ap image version [ap-name |ip-addr ] Description Display an AP’s image version information. Syntax Parameter Description ap-name View image version information for an AP with a specific name. ip-addr View image version information for an AP with a specific IP address. Enter the address of the AP in dotted-decimal format.
Column Description Matches If yes, the running image version matches the image version currently in the AP’s flash memory. If no, the two image versions do not match. Num Matches Number of times the running image version matched the flash image version after a reboot. Num Mismatches Number of times the running image version did not match the flash image version after a reboot. If the images do not match, the AP will upgrade to the flash image.
show ap-lacp-striping-ip show ap-lacp-striping-ip Description Profile to enable/disable AP LACP feature and to specify GRE striping IP to LMS IP mapping. Syntax No parameters Usage Guidelines Example @@@. (host) (config) #show ap-lacp-striping-ip AP LACP LMS map information --------------------------Parameter Value ------------AP LACP Striping IP Enabled GRE Striping IP 2.2.2.2 LMS 3.3.3.3 GRE Striping IP 4.4.4.4 LMS 5.5.5.5 GRE Striping IP 10.65.30.50 LMS 10.65.30.
show ap license-usage show ap license-usage Description Show AP license usage information. Examples The output of the command below shows that controller has 13 associated campus APs using licenses, with 3 unused campus AP licenses remaining.
Parameter Description RAPs Number of remote APs currently using a license on the controller. Remote-Node APs Number of APs currently using a license on the branch controller. Tunneled Nodes Number of tunneled nodes currently using a license on the controller. CAPs Number of unused campus APs licenses remaining on the controller. RAPs Number of unused remote APs licenses remaining on the controller. Command History Release Modification ArubaOS 3.0 Command Introduced. ArubaOS 3.
show ap lldp show ap lldp [] Description Display a list of LLDP-MED Network Policy profiles, or display the current configuration settings of an individual profile. Syntax Parameter Description Specify a LLDP profile name to view configuration settings for that profile. Examples The following example lists all LLDP profile profiles.
Parameter Description PDU transmission Shows if LLDP PDU transmission is enabled on the AP. Reception of LLDP PDUs Shows if LLDP PDU reception is enabled on the AP. Transmit interval (seconds) The interval between LLDP TLV transmission seconds. The supported range is 1-3600 seconds and the default value is 30 seconds. Transmit hold multiplier This value is multiplied by the transmit interval to determine the number of seconds to cache learned LLDP information before that information is cleared.
show ap lldp counters show ap lldp counters ap-name ip-addr ip6-addr (ipv6-addr> Description Show LLDP counters for a specific AP, or all APs sending or receiving LLDP Protocol Data Units (PDUs). Syntax Parameter Description ap-name Show counter statistics for an AP with a specific name. ip-addr View counter statistics for an AP with a specific IP address. Enter the IP address of the AP in dotted-decimal format.
Parameter Description Transmitted Number of packets transmitted from that interface Command History Command introduced in ArubaOS 6.2. Command Information Platforms All platforms 1176| show ap lldp counters Licensing Base operating system. Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ap lldp med-network-policy-profile show ap lldp med-network-policy-profile [] Description Display a list of LLDP-MED Network Policy profiles, or display the current configuration settings of an individual profile. Syntax Parameter Description Specify a LLDP-MED Network Policy profile name to view configuration settings for that profile.
The output of this command includes the following information: Parameter LLDP-MED application type 1178| show ap lldp med-network-policy-profile Description Type of application that this profile manages. This profile supports the following options: l guest-voice : The AP services a separate voice network for guest users and visitors. l guest-voice-signaling : The AP is part of a network that requires a different policy for guest voice signaling than for guest voice media.
Parameter Description application type if both the same network policies apply to both voice and voice signaling traffic. LLDP-MED application VLAN Indicates the VLAN ID (0-4094) or VLAN name of the VLAN used by the application. LLDP-MED application VLAN tagging Indicates if the policy applies to a to a VLAN that is tagged with a VLAN ID or untagged. The default value is untagged.
show ap lldp neighbors show ap lldp neighbors ap-name ip-addr ip6-addr (ipv6-addr> Description Show LLDP neighbors for a specific AP, or all APs sending or receiving LLDP Protocol Data Units (PDUs). Syntax Parameter Description ap-name Show LLDP neighbor statistics for an AP with a specific name. ip-addr View LLDP neighbor statistics for an AP with a specific IP address. Enter the IP address of the AP in dotted-decimal format.
Parameter Description Chassis Name/ID The name of the LLDP neighbor AP Port Name/ID Port name or ID if the interface sending LLDP PDUs. Mgmt. Address Management address of the LLDP neighbor Capabilities This data column can list any of the following data codes to indicate LLDP neighbor capabilities. l R: Router l B: Bridge l A: Access Point l P: Phone l O: Other Command History Command introduced in ArubaOS 6.2.
show ap load-balancing show ap load balancing Description Show the load-balancing information for each AP with load balancing enabled. Examples The output of the command in the example below shows details for a single AP enabled with the loadbalancing feature. (host) #show ap load-balancing Load Balance Enabled Access Point Table --------------------------------------bss ess name -------00:0b:86:cc:8e:4e Wireless_1 mp22 Port --0/0/4 ip phy chan ------10.3.148.
Command Information Platforms All platforms 1183| show ap load-balancing Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap mesh active show ap mesh active [|{page }|{start }] Description Show active mesh cluster APs currently registered on this controller. Syntax Parameter Description Name of a mesh cluster profile. page Limit the output of this command to a specific number of entries by entering the number of entries you want to display.
Column Description IP Address IP address of the AP. BSSID Basic Service Set Identifier (BSSID) for the AP. This is usually the AP’s MAC address. Band/Ch/EIRP/MaxEIRP The RF band in which the AP should operate (a or g)/ Radio channel used by the AP/Current effective Isotropic Radiated Power (EIRP) /maximum EIRP MTU Maximum Transmission Unit (MTU) size, in bytes. This value describes the greatest amount of data that can be transferred in one physical frame.
Command Information Platforms All platforms Licensing This show command is available in the base operating system. Commands to configure the secure enterprise mesh solution for outdoor APs require the Outdoor Mesh license. Dell Networking W-Series ArubaOS 6.5.
show ap mesh-cluster-profile show ap mesh-cluster-profile [] Description Show configuration settings for a mesh cluster profile. Syntax Parameter Description Name of a mesh cluster profile Usage Guidelines The command show ap mesh-cluster-profile displays a list of all mesh cluster profiles configured on the controller, including the number of references to each profile and each profile’s status.
Parameter Description WPA Hexkey The WPA pre-shared key (only for mesh cluster profiles using WPA2 with AES encryption). WPA Passphrase The WPA password that generates the preshared key (only for mesh cluster profiles using WPA2 with AES encryption). Command History Introduced in ArubaOS 3.2. Command Information Platforms All platforms 1188| show ap mesh-cluster-profile Licensing Command Mode This show command is available in the base operating system.
show ap mesh debug counters show ap mesh debug counters {ap-name }|{bssid }|{ip-addr } Description Show counters statistics for a mesh node. Syntax Parameter Description ap-name Show counter statistics for an AP with a specific name. bssid Show counter statistics for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. ip-addr View counter statistics for an AP with a specific IP address.
Column Description Interface Indicates whether the mesh interface connects to a Parent AP or a Child AP. Each row of data in the Mesh Packet Counters table shows counter values for an individual interface. Echo Sent Number of echo packets sent. Echo Recv Number of echo packets received. Probe Req Number of probe request packets sent from the interface specified in the Mesh-IF parameter. Probe Resp Number of probe response packets sent to the interface specified in the Interface parameter.
show ap mesh debug current-cluster show ap mesh debug current-cluster {ap-name }|{bssid }|{ip-addr } Description Display information for the mesh cluster currently used by a mesh point or mesh portal. Syntax Parameter Description ap-name Show mesh cluster data for an AP with a specific name. bssid Show mesh cluster data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address.
Column Description WPA Hexkey The WPA pre-shared key (only for mesh cluster profiles using WPA2 with AES encryption). WPA Passphrase The WPA password that generates the preshared key (only for mesh cluster profiles using WPA2 with AES encryption). Command History Introduced in ArubaOS 3.0. Command Information Platforms All platforms 1192| show ap mesh debug current-cluster Licensing This show command is available in the base operating system.
show ap mesh debug forwarding-table show ap mesh forwarding-table {ap-name }|{ip-addr } Description Show the forwarding table for a remote mesh point or remote mesh portal. Syntax Parameter Description ap-name Show data for a remote mesh node with a specific name. ip-addr Show data for a remote mesh node with a specific IP address by entering its IP address in dotted-decimal format. Usage Guidelines This is an internal technical support command.
show ap mesh debug hostapd-log show ap mesh debug hostapd-log {ap-name }|{bssid }|{ip-addr } Description Show the debug log messages for the hostapd process. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap mesh debug meshd-log show ap mesh debug meshd-log {ap-name }|{bssid }|{ip-addr } [] Description Show the debug log messages for the meshd process. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap mesh debug provisioned-clusters show ap mesh debug provisioned-clusters {ap-name }|{bssid }|{ip-addr } Description Show cluster profiles provisioned on a mesh portal or mesh point. Syntax Parameter Description ap-name Show data for a mesh node with a specific name. bssid Show data for a mesh node with a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description Cluster Name Name of the mesh cluster using this profile RF band The RF band in which the AP should operate: Encryption l g = 2.4 GHz l a = 5 GHz Data encryption setting for the mesh cluster profile. l opensystem—No authentication and encryption. l wpa2-psk-aes—WPA2 with AES encryption using a preshared key. WPA Hexkey The WPA pre-shared key (only for mesh cluster profiles using WPA2 with AES encryption).
show ap mesh-ht-ssid-profile show ap mesh-ht-ssid-profile [] Description Show configuration settings for a mesh high-throughput Service Set Identifier (SSID) profile. Syntax Parameter Description Name of a mesh high-throughput SSID profile. Usage Guidelines High-throughput APs support additional settings not available in legacy APs. A mesh high-throughput SSID profile can enable or disable high-throughput (802.
Column Description 40 MHz channel usage This parameter shows if the profile enables or disables the use of 40 MHz channels. BA AMSDU Enable Shows of the AP has enabled or disabled the ability to receive AMSDU in BA negotiation. Temporal Diversity Enable Shows if temporal diversity has been enabled or disabled. When this feature is enabled and the client is not responding to 802.
Column Description MPDU Aggregation Shows if the profile enables or disables MAC protocol data unit (MPDU) aggregation. Max received A-MPDU size Configured maximum size of a received aggregate MPDU, in bytes. Max transmitted A-MPDU size Configured maximum size of a transmitted aggregate MPDU, in bytes. Min MPDU start spacing Configured minimum time between the start of adjacent MPDUs within an aggregate MPDU, in microseconds.
Column Description Transmit Beamforming immediate feedback support Shows if the AP has enabled or disabled immediate feedback/report support in Transmit Beamforming. (For W-AP130 Series only) Transmit Beamforming Sounding Interval Time interval in seconds between updates of Transmit Beamforming channel estimation. (For W-AP130 Series only) Command History Version Description ArubaOS 3.4 Command introduced ArubaOS 6.1 The allow weak encryption parameter was deprecated.
show ap mesh neighbors show ap mesh neighbors {ap-name }|{bssid }|{ip-addr } [names] Description Show all mesh neighbors for an AP. Syntax Parameter Description ap-name Show mesh neighbors for an AP with a specific name. bssid Show mesh neighbors for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
0 0 0 HT-40MHzsgi-2ss sw-ad-GB32 Total count: 5, Children: 2 Relation: P = Parent; C = Child; N = Neighbor; B = Blacklisted-neighbor Flags: R = Recovery-mode; S = Sub-threshold link; D = Reselection backoff; F = Auth-failure; H = High Throughput; L = Legacy allowed The output of this command includes the following information: Column Description MAC MAC address of the mesh node. Portal By default, this column displays the BSSID of the mesh point.
Column Description A-Req Number of association requests from clients A-Resp Number of association responses from the mesh node A-Fail Number of association failures Cluster Name of the Mesh cluster that includes the specified AP or BSSID. Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4.1 The names parameter was introduced. The output of this command was also modified to include the Rate Tx/Rx column.
show ap mesh-radio-profile show ap mesh-radio-profile [] Description Show configuration settings for a mesh radio profile. Syntax Parameter Description Name of a mesh radio profile. Usage Guidelines The radio profile determines the radio frequency/channel used only by mesh nodes to establish mesh links. Mesh nodes operating in different cluster profiles can share the same radio profile.
Parameter Description 802.11a Transmit Rates Indicates the transmit rates for the 802.11a radio. The AP attempts to use the highest transmission rate to establish a mesh link. If a rate is unavailable, the AP goes through the list and uses the next highest rate. 802.11g Transmit Rates Indicates the transmit rates for the 802.11g radio. The AP attempts to use the highest transmission rate to establish a mesh link. If a rate is unavailable, the AP goes through the list and uses the next highest rate.
Parameter Description each mesh node evaluates alternative links only if the existing uplink falls below the configured threshold level (the link becomes a sub-threshold link). The reselection process is canceled if the average RSSI rises on the existing uplink rises above the configured link threshold. l reselect-any-time: Connected mesh nodes evaluate alternative mesh links every 30 seconds.
show ap mesh tech-support show ap mesh tech-support ap-name Description Display all information for an AP, and save that information in a file on the controller Syntax Parameter Description Name of an AP for which you want to create a report Filename for the report created by this command. The file can only be saved in the flash directory. If desired, you can use FTP or TFTP to copy the file to another destination.
show ap mesh topology show ap mesh topology [long] [page ] [start ] Description Show the mesh topology tree. Syntax Parameter Description long Include the names of a mesh portal’s children in the output of this command page Limit the output of this command to a specific number of entries by entering the number of entries you want to display.
Column Description Parent If the AP is operating as a mesh point, this parameter displays the name of its parent mesh portal. Path Cost A relative measure of the quality of the path from the AP to the controller. A lower number indicates a better quality path, where a higher number indicates a less favorable path (e.g, a path which may be longer or more congested than a path with a lower value.
Command Information Platforms All platforms Licensing This show command is available in the base operating system. Commands to configure the mesh feature require the Mesh license. Dell Networking W-Series ArubaOS 6.5.
show ap monitor show ap monitor active-laser-beams|ap-list|channel|client-list|containment-info|debug|idsstate|mesh-list|pot-ap-list|pot-client-list|routers|wired-mac {ap-name }|{bssid }|{ip-addr } {ap-bssid }|{enet-mac } Description Show information for Dell Air Monitors. Syntax Parameter active-laser-beams Description Show active laser beam generators.
Parameter Description l Enhanced Adhoc Containment: Replay Response Wired Containment Counters: debug counters l Last Wired Containment Timer Tick l Last Tagged Wired Containment Timer Tick l Spoof frames sent l Spoof frames sent on tagged VLAN Show the Air Monitor debugging information.
Parameter pot-client-list Description l num-frames: Total number of frames seen since the last rest. l mt: Monitor time; the number of timer ticks elapsed since the controller first recognized the AP. l at: Active time, in timer ticks. l ibss: Shows if ad-hoc BSS is enabled or disabled. It will be enabled if the bssid has detected an ad-hoc BSS (an ibss bit in an 802.11 frame).
bssid dt/mt ut/it -----------24:de:c6:be:c3:fa 33633/17957 0/0 24:de:c6:8e:aa:86 33633/33633 0/0 24:de:c6:be:b7:3a 33633/17065 8/4 24:de:c6:be:bf:fa 33633/17404 0/0 24:de:c6:8e:9a:85 33633/33633 0/0 9c:1c:12:89:e2:95 33633/33633 1/0 24:de:c6:be:bd:f8 33633/17914 0/0 24:de:c6:be:bd:f9 33633/17800 0/0 24:de:c6:8e:9a:86 33633/33633 0/0 9c:1c:12:89:e2:93 33633/33633 0/0 encr ---wpa2-psk-aes open wpa2-psk-aes wpa2-psk-aes wpa2-psk-aes wpa2-psk-aes wpa2-psk-aes wpa2-8021x-aes open wpa-psk-tkip essid chan ap-ty
Parameter Description dos Shows if the feature to contain DoS attacks has been enabled or disabled. dt/mt dt—Detected time: the number of timer ticks since the AP was last detected. mt—Monitor time; the number of elapsed timer ticks since the AP first recognized the monitored AP. ut/it ut—Unseen time: the number elapsed timer ticks the monitored AP was not seen when scanning a channel of the device. it—AP idle time, the number of timer ticks since the AP last saw any frames from the monitored AP.
Version Modification ap-name bssid ip-addr ArubaOS 6.4.4.0 The cl-delay column was added to ap-list parameter. The cl-delay and valid-exempt columns were added to client-list parameter. Command Information Platforms All platforms 1217| show ap monitor Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap monitor association show ap monitor association {ap-name }|{bssid }|{ip-addr } Description Show the association table for an Air Monitor (AM). Syntax Parameter Description ap-name Show data for an AM with a specific name. bssid Show data for an AM with a specific Basic Service Set Identifier (BSSID). The Basic Service Set Identifier (BSSID) is usually the AM’s MAC address.
Column phy-type Description The RF band in which the AP should operate: 802.11g = 2.4 GHz 802.11a = 5 GHz Command History Introduced in ArubaOS 3.0. Command Information Platforms All platforms 1219| show ap monitor association Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap monitor debug show ap monitor debug counters|status {ap-name }|{bssid }|{ip-addr } show ap monitor debug profile-config {ap-name }|{bssid }|{ip-addr } ap-radio|ap-system|arm|event-thresholds|ids-dos|ids-general|ids-impersonation|ids-signaturematching|ids-unauthorized-device|interference|regulatory-domain|rf-behavior Description Show information for an Air Monitor’s current status, message counters, or profile settings.
Parameter Description ids-impersonation Show an Air Monitor IDS Impersonation Configuration settings, as defined in its IDS Impersonation profile. ids-signature-matching Show an Air Monitor IDS Signature Matching configuration settings, as defined in its IDS Signature Matching profile ids-unauthorized-device Show an Air Monitor IDS Unauthorized Device configuration settings, as defined in its IDS Unauthorized Device profile.
Data Structures ---------------ap sta pap psta -- --- --- ---20 40 17 55 ch -24 Other Parameters ----------------key --WMS on Master Stats Update Interval Poll Interval Num Switches Collect Stats msg-hash -------21 ap-l ---20 value ----disabled 60 174000 1 enabled WLAN Interface Switch Status ----------------------------Bssid Type Status ack -------------00:1a:1e:11:5f:10 local up 3322965 00:1a:1e:11:5f:00 local up 3322965 Last-reg N-reg Last-update Next-update N-updates Last- -------- -----
Column Description l task m-point: AP is configured as a Mesh point. This parameter displays one of the following options to show the radio’s current task: l scan: AP is scanning other channels. l tuned: AP is tuned on one channel. l locate: AP has been asked to locate a specific AP or client. l pcap: The AP is enabled with the Packet Capture feature. channel The radio channel currently used by an AP’s WLAN interface. pkts Number of packets seen on the interface.
Column Description Cur PPS Current throughput rate seen on the interface, in packets per second. Max PPI Maximum interrupt rate seen on the interface, in interrupts per second. Cur PPI Current interrupt rate seen on the interface, in interrupts per second. Uptime Number of seconds since the AP was last reset. LMS IP IP address of the AP’s local controller. Master IP IP address of the AP’s master controller. AP type AP model type. Country Code The AP’s country code.
Column Description Num Switches Number of controllers to which this AP has access. If the value is 1, the AP has access to a master or a local controller. If the value is 2, the AP has access to a master and a local controller. Collect Stats If enabled, the AP will collect statistics to send the WMS process on its controller. Bssid BSSID of the radio. Type Indicates whether the controller type is master or local. Status If up, the AP can reach the controller.
Column Description Incl-Unassoc-Sta Displays whether unassociated stations are included in station reporting or not. Sta-Sent Displays cumulative count of station reports sent to server. Cmpd-Msgs-Sent Displays cumulative count of compound messages containing station reports sent to server. Command History Version Modification ArubaOS 3.0. Command introduced. ArubaOS 3.4.
show ap monitor stats show ap monitor stats advanced {ap-name }|{bssid }|{ip-addr } clientmac show ap monitor stats {ap-name }|{bssid }|{ip-addr } mac Description Show packet, signal and channel statistics for an AP or a client. Syntax Parameter Description advanced Show advanced statistics for an AP or client. ap-name Show statistics for an AP with a specific name.
0 0 0 0 Interference Baseline --------------------FRR FRER --- ---17 4 Handoff Assist -------------rssi-index cur-signal old-cur-signal ---------- ---------- -------------0 51 0 High Throughput Parameters -------------------------ht-type primary-channel sec-channel gf-supported ------- --------------- ----------- -----------none 0 0 0 40mhz-intolerance ----------------0 The output of this command includes the following information: Column Description retry Percent of 802.
Column Description old-rx The total number of deauthorization frames sent to this MAC address for containment until the previous timer tick. FRR Frame retry rate, in frames per second. FRER Frame error retry rate, in frames per second. rssi-index This value indicates the number of consecutive timer ticks over which the value of the Receive Signal Strength Indicator (RSSI) of the client has reduced by more than 3 units.
| show ap monitor stats Dell Networking W-Series ArubaOS 6.5.
show ap packet capture show ap pcap status {ap-name }|{bssid }|{ip-addr } Description Show the status of outstanding packet capture (pcap) sessions. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Column Description intf BSSID of the interface for the PCAP session. channel Channel used by AP to capture packets. max-pkt-size Maximum size of all captured packets. num-pkts Number of packets captured during the session. status Shows the current status of the packet-capture session. url Packet capture data can be downloaded to this URL target IP address of the client station running Wildpacket’s AiroPeek monitoring application Command History Introduced in ArubaOS 3.0.
show ap papi-err show ap papi-err {ap-name |bssid |ip-addr |ip6-addr } Description Show PAPI error messages. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap port status ap-name bssid ip-addr ip6-addr wired-mac Description Shows the status of the AP's wired ports. The status is updated every 60 seconds. Syntax Parameter Description ap-name Name of the AP. bssid BSSID of the AP. ip-addr IP address of the AP. ip6-addr IPv6 address of the AP. wired-mac MAC address of the AP.
Command Information Platforms All platforms 1235| show ap port status Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap profile-usage show ap profile-usage {ap-name |bssid |ip-addr } Description Show a complete list of all profiles referenced by an individual AP or an AP BSSID. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
show ap provisioning show ap provisioning {ap-name }|{bssid }|{ip-addr } Description Show provisioning parameters currently used by an AP. Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. An AP’s BSSID is usually the AP’s MAC address. ip-addr Show data for an AP with a specific IP address.
IKE PSK PAP User Name PAP Password PPPOE User Name PPPOE Password PPPOE Service Name PPPOE CHAP Secret USB User Name USB Password USB Device Type ... ... ... N/A N/A N/A N/A N/A N/A N/A N/A N/A any The output of this command includes the following information: Column Description AP Name Name of the AP. AP Group AP group to which the AP belongs. Location name Fully-qualified location name (FQLN) for the AP.
Column Description Antenna gain for 802.11g Antenna gain for 802.11g (2.4GHz) antenna. Antenna for 802.11a Antenna use for 5 GHz (802.11a) frequency band. Antenna for 802.11g l 1: AP uses antenna 1 l 2: AP uses antenna 2 l both: AP uses both antennas Antenna use for 2.4 GHz (802.11g) frequency band. l 1: AP uses antenna 1 l 2: AP uses antenna 2 l both: AP uses both antennas Single chain mode for Radio 0 If this parameter is set to 1 for an 802.
Column Description USB Dial String The dial string for the USB modem. This parameter only needs to be specified if the default string is not correct. USB Initialization String The initialization string for the USB modem. This parameter only needs to be specified if the default string is not correct. USB TTY device data path The TTY device path for the USB modem. This parameter only needs to be specified if the default path is not correct.
Column Description Antenna bearing for 802.11g Horizontal coverage distance of the 802.11g (2.4GHz) antenna from true north, from 0-360 degrees. NOTE: This parameter is supported on outdoor APs only. The horizontal coverage pattern does not consider the elevation or vertical antenna pattern. Antenna tilt angle for 802.11a The angle of the 802.11a (5GHz) antenna. This parameter can range from between -90 degrees and 0 degrees for downtilt, and between +90 degrees and 0 degrees for uptilt.
Release ArubaOS 5.0 Modification The mesh-sae parameter no longer displays the sae-default setting if the parameter is disabled. Only the sae-disable option indicates that this parameter is currently in its default disabled state. Command Information Platforms All platforms 1242| show ap provisioning Licensing Base operating system Command Mode Enable or Config mode on the controller where the AP is terminating. Dell Networking W-Series ArubaOS 6.5.
show ap provisioning-profile ap provisioning-profile [] Description This command shows information for AP provisioning profiles. Syntax Parameter Description The name of an an existing AP provisioning profile. Usage Guidelines The AP provisioning profile allows you to define a set of provisioning parameters to an AP group. These settings can be saved or assigned to an AP group via the command ap-group provisioning-profile .
USB Initialization String USB TTY device data path USB TTY device control path USB modeswitch parameters Link Priority Ethernet Link Priority Cellular Cellular modem network preference Username of AP so that AP can authenticate to 802.1X using PEAP Password of AP so that AP can authenticate to 802.1X using PEAP Uplink VLAN USB power mode AP POE Power optimization N/A N/A N/A N/A 0 0 auto N/A N/A 0 auto disabled Description This command defines a provisioning profile for an AP or group of APs.
Parameter Description USB modeswitch parameters All the parameters that is required to be passed to the USB mode switch utility. Link Priority Ethernet Set the priority of the wired uplink, from 0-255. Each uplink type has an associated priority; wired ports having the highest priority by default. Link Priority Cellular The priority of the cellular uplink, from 0-255.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.0 The uplink-vlan parameter was introduced. ArubaOS 6.3.1.10 The AP power mode parameter was introduced. ArubaOS 6.3.1.11 The AP power mode parameter was renamed to AP POE Power optimization. Command Information Platforms All platforms 1246| show ap provisioning-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap radio-database show ap radio-database [band a|g] [group ] [mode access-point|airmonitor|disabled|ht|ht-40mhz|legacy|sap-monitor] [sort-by ap-group|ap-ip|ap-name|aptype|switch-ip] [sort-direction ascending|descending] [start ] [switch ] Description Show radio information for Access Points visible to this controller. Syntax Parameter band Description Show only APs with a radio operating in the specified band. a Show only APs with a radio operating in the 802.
Parameter switch-ip sort-direction Description Sort the output of this command by controller ip address. Select a sort direction for the output of this command. ascending Sort the output in ascending order. descending Sort the output in descending order. start Start displaying the output of this command at a chosen index number by entering the index number of the AP at which command output should start.
Column Description Status Current AP status. If the AP is currently up, this data column also shows the amount of time for which the AP has been active. Flags This column displays a letter that corresponds to some type of additional information for the AP. The key to the list of possible flags appears at the bottom of the output of this command. Switch IP IP address of the AP’s controller. 11g Mode/Chan/EIRP/Cli 802.1g radio type and mode/802.
show ap radio-summary show ap radio-summary ap-group ap-name dot11a dot11g ip-addr ip6-addr Description Show AP radios registered to this controller. Syntax Parameter Description ap-group Allows you to filter radio information by AP group. ap-name Allows you to filter radio information by AP name. dot11a Allows you to filter 802.11a radio information. dot11g Allows you to filter 802.11g radio information.
28/29.5 -96/ 70/ 4 0/0/0/0/0/0 27 NF: Noise Floor(dBm); U: Utilization(%); I: Interference(%) TD: Time used by data frames (%); TM: time used by mgnt frames(%); time used by ctrl frames (%) Total Radios:6 The output of this command includes the following information: Parameter Description Name Name of the AP. Group Group to which AP radio is assigned. AP Type AP model. IP Address Radio IP address. Band Band on which radio is operating on (2.4 or 5 GHz).
show ap regulatory show ap regulatory Description Shows the currently active Regulatory Cert. Syntax None. Usage Guidelines Issue this command to view the currently active Regulatory Cert Examples The example below shows the version of Regulatory Cert currently active on the controller. (host) #show ap regulatory Regulatory Version :1.0_43859 Command History Introduced in ArubaOS 6.4.1. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap regulatory-domain-profile show ap regulatory-domain-profile [] Description Show the list of regulatory domain profiles, or the settings in an individual regulatory domain profile Syntax Parameter Description Show data for a specific regulatory domain profile Usage Guidelines Issue this command without the parameter to display the entire regulatory domain profile list, including profile status and the number of references to each profile.
Valid Valid Valid Valid Valid Valid 802.11a 802.11a 802.11a 802.11a 802.11a 802.11a 80MHz channel group 80MHz channel group 80MHz channel group 80MHz channel group 80MHz channel group 160MHz channel group 52-64 100-112 116-128 132-144 149-161 36-64 The output of this command includes the following information: Column Description Country Code Code that represents the country in which the APs will operate. The country code determines the 802.11 wireless transmission spectrum. Valid 802.
show ap remote counters show ap remote counters {ap-name }|{bssid }|{ip-addr } Description Show the numbers of message counters for Remote APs Syntax Parameter Description ap-name Show data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. You must specify an AP’s BSSID, which is usually the AP’s MAC address ip-addr Show data for an AP with a specific IP address.
show ap remote debug anul-sta-entries show ap remote debug anul-sta-entries {ap-name |ip-addr } Description Displays a list of VAPs and stations stored in the AP’s datapath. Syntax Parameter ap-name radio ip-addr Description Show LACP information for an AP with a specific name. Shows the radio ID. Valid values are 0 and 1. Show LACP information for an AP with a specific IPv4 address.
Parameter Description aid The association ID of the station. data ready Indicates if the client has completed authentication. bss Indicates if a client is associated to a BSS or not. The B flag indicates that the client is associated to a BSS. The F flag indicates that the entry is free and not attached to any BSS. Drops Indicates the number of data packets received and dropped before data ready is set to yes.
show ap remote debug association show ap remote debug association [ap-name |bssid |ip-addr ] Description Show the association table of the AP to identify the clients associated to each AP. Syntax Parameter Description ap-name Show client associations for a specific AP name. bssid Show client associations for an specific AP Basic Service Set Identifier (BSSID). The BSSID is usually the AP’s MAC address.
Column Description bssid The AP Basic Service Set Identifier (BSSID). mac MAC address of the client. auth This column displays a y if the AP has been configured for 802.11 authorization frame types. Otherwise, it displays an n. assoc This column displays a y if the AP has been configured for 802.11 association frame types. Otherwise, it displays an n. aid 802.11 association ID. A client receives a unique 802.11 association ID when it associates to an AP. 1-int Number of beacons in the 802.
show ap remote debug association show ap remote debug association [ap-name |bssid |ip-addr Description Show the association table for an AP. Syntax Parameter Description ap-name Show AP associations for a specific AP. You can also include the essid, phy or voip-only keywords to further filter the output of this command. bssid Show the AP associations for an specific AP Basic Service Set Identifier (BSSID).
------65 --------0x10c4 --a-HT-40sgi-2ss ----------35m:41s --------1 ----WA65 0x1072 24m:29s 1 a WA The output of this command includes the following information: Column Description Name Name of an AP bssid The AP Basic Service Set Identifier (BSSID) mac MAC address of the AP auth This column displays a y if the AP has been configured for 802.11 authorization frame types. Otherwise, it displays an n. assoc This column displays a y if the AP has been configured for 802.
show ap remote debug association-failure show ap remote debug association-failure [{ap-name }|{bssid }{essid }] Description Display association failure information that can be used to troubleshoot problems on an AP. Syntax Parameter Description ap-name Filter the Association Failure Table by AP name. bssid Filter the Association Failure Table by Basic Service Set Identifier (BSSID). The BSSID is usually the AP’s MAC address.
Column Description BSSID Basic Service Set Identifier of an AP. ESSID Extended Service Set Identifier of an AP. State This data column shows if the client is currently authorized or both authorized and associated with an AP. Radio The AP radio type. Idle Time Amount of time that the client has been idle, in the format hours:minutes:seconds. Reason A brief description of the reason why the client failed to associate. Command History Introduced in ArubaOS 5.0.
show ap remote debug bss-config show ap remote debug bss-config [ap-name |bssid |ip-addr Description Show the configuration for each BSSID of an AP. This information can be used to troubleshoot problems on an AP. Syntax Parameter Description ap-name Filter the AP Config Table by AP name. ip-addr Filter the AP Config Table by IP address by entering an IP address in dotteddecimal format.
Column Description l a l a-HT (high-throughput) l g l g-HT (high-throughput) type This column shows if the BSSID is for an access point (ap) or an air monitor (am). fw-mode The configured forward mode for the AP’s virtual AP profile. l bridge: Bridge locally l split-tunnel: Tunnel to controller or NAT locally l tunnel: Tunnel to controller max-cl The maximum number of clients allowed for this BSSID. preamble Shows if short preambles are enabled for 802.11b/g radios.
show ap remote debug client-mgmt-counters show ap remote debug client-mgmt-counters Description Show the numbers of each type of message from an AP’s clients. This information can be used to troubleshoot problems on an AP.
Parameter Description Tunnel VLAN Membership (For internal use only) Update STA Tunnel Request (For internal use only) Update STA Tunnel Response (For internal use only) ARM Update Number of times an AP has changed its adaptive radio management (ARM) settings.
Parameter Description disassoc Number of 802.11 disassociation messages to the controller. deauth Number of 802.11 deauthorization messages from the controller. sapcp (For internal use only) Command History Introduced in ArubaOS 5.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap remote debug flash-config show ap remote debug flash-config {ap-name |bssid |ip-addr |ip6-addr } acls|vap |vaps Description Show the remote AP configuration stored in flash memory. Syntax Parameter Description ap-name Show debugging data for an AP with a specific name. bssid Show data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
ACL 1 ACL 1 Name ACL 1 Count Aces 1 ... 1 logon 21 16 1 4294 The output of this command includes the following information: Column Description Native VLAN VLAN ID of the native VLAN. DHCP VLAN VLAN ID of Remote AP DHCP server used when the controller is unreachable. DHCP ADDR IP Address used as DHCP Server Identifier. DHCP POOL NETMASK Netmask of the DHCP server pool. DHCP POOL START IP Address used as the start of a range of addresses for a DHCP pool.
Command History Release Modification ArubaOS 3.0 Command was introduced ArubaOS 6.3 The ip6-addr parameter was introduced. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap remote debug mgmt-frames show ap remote debug mgmt-frames {ap-name }|{bssid |{ip-addr } [client-mac ] [count ] Description Show traced 802.11 management frames for a remote AP. Syntax Parameter Description ap-name Show debugging information for a specific AP. bssid Show debugging information for a specific Basic Service Set Identifier (BSSID).
Column stype Description One of the following 802.11 frame types: auth: Authorization frame deauth: Deauthorization frame assoc-resp: Association response assoc-req: Association request SA Source MAC address. DA Destination MAC address. BSS Basic Service Set Identifier (BSSID) of the AP signal Signal strength as a signal to noise ratio. For example, a value of 30 would indicate that the power of the received signal is 30 dBm above the signal noise threshold.
show ap snmp show ap snmp wlsxSwitchStationMgmtTable wlsxSwitchStationStatsTable wlsxWlanAPBssidTable wlsxWlanAPTable wlsxWlanRadioTable Description This command displays the AP-related SNMP tables. Syntax Parameter Description wlsxSwitchStationMgmtTable Display user tree. wlsxSwitchStationStatsTable Display user statistics tree. wlsxWlanAPBssidTable Display BSSID SNMP tree. wlsxWlanAPTable Display SNMP tree wlsxWlanRadioTable Display radio table SNMP tree.
| show ap snmp Dell Networking W-Series ArubaOS 6.5.
show ap spectrum ap-list show ap spectrum ap-list {ap-name }|{ip-addr } ap-bssid channel essid limit or page freq-band 2.4ghz|5ghz sort start Description This command shows spectrum data seen by an access point that has been converted to a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information.
spectrum monitor. Examples The output of this example shows spectrum data seen by spectrum monitor ap123. The output in the example below has been divided into two tables to better fit this document. In the ArubaOS CLI, the output appears as a single, long table.
Column Description last-seen Time when the AP was last seen by the spectrum monitor. Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client.
show ap spectrum channel-metrics show ap spectrum channel-metrics {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command shows channel quality, availability and utilization metrics as seen by a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor. freq-band 2.4ghz|5ghz View information for a specific radio type, either 2.
(host)# show ap spectrum channel-metrics ap-name ap123 freq-band 2.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum local-override list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.
show ap spectrum channel-summary show ap spectrum channel-summary {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command displays a summary of the 802.11a or 802.11g channels seen by a spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor for which you want to view spectrum information. freq-band 2.
Column Description Channel An 802.11a or 802.11g radio channel. Known APs Number of valid APs identified on the radio channel. UnKnown APs Number of invalid or rogue APs identified on the radio channel. Channel Util (%) Percentage of the channel currently in use. Max AP Signal (dBm) Signal strength of the AP that has the maximum signal strength on a channel. Max Interference (dBm) Signal strength of the non-Wi-Fi device that has the highest signal strength.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap spectrum client-list show ap spectrum client-list {ap-name }|{ip-addr } |{ip6-addr } ap-bssid channel essid mac or page freq-band 2.4ghz|5ghz Description This command shows details for clients seen by a specified spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information.
Examples The example shows that the spectrum monitor ap999 sees eight different clients on channel 149. The output in the example below has been divided into two tables to better fit this document. In the ArubaOS CLI, the output appears as a single, long table.
Column Description l 802.11b/g-HT-20 signal(dBm) Client signal strength, in dBm. add-time Time when the client was first detected by the spectrum monitor. last-seen Time when the spectrum monitor last detected that the client was active. Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.
show ap spectrum debug show ap spectrum debug {channel-info|channel-quality|classify|classify-fft|devicedetails|device-info|devices-seen} {ap-name }|{ip-addr } freq-band {2.4ghz|5ghz} Description This command saves spectrum analysis channel information to a file on the spectrum monitor. Syntax Parameter Description channel-info Save channel information for later analysis.
Command Description Mode rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.11g radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers Command History Introduced in ArubaOS 6.0.
show ap spectrum debug fft show ap spectrum debug fft {ap-name }|{ip-addr } freq-band {2.4ghz|5ghz} avg duty-cycle fft-to-controller max normalized raw raw-normalized Description Save FFT (Fast Fourier Transform) power data to a file on the spectrum monitor. Syntax Parameter Description ap-name Name of the spectrum monitor for which you want to view spectrum information. ip-addr IP address of the spectrum monitor. freq-band 2.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.
show ap spectrum debug monitors show ap spectrum debug monitors Description Show a detailed description of all spectrum monitors on the controller. Syntax No parameters Examples The output of this command shows a list of available spectrum monitor or hybrid AP devices, a list of spectrum devices currently subscribed to a spectrum client, message counters for subscribed spectrum devices and the subscription history.
Usage Guidelines Use this command under the guidance of a Dell technical support representative to troubleshoot spectrum analysis errors. Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.
show ap spectrum debug status show ap spectrum debug status {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command shows detailed status and statistics for a spectrum monitor or hybrid AP. Syntax Parameter Description ap-name Name of the spectrum device for which you want to view status information. ip-addr IP address of the spectrum device for which you want to view status information. freq-band 2.
Command Information Platforms All platforms 1295| show ap spectrum debug status Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ap spectrum device-duty-cycle show ap spectrum device-duty-cycle {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description Shows the current duty cycle for devices on all channels being monitored by the spectrum monitor or hybrid AP radio. Syntax Parameter Description ap-name Name of the spectrum device for which you want to view spectrum information. ip-addr IP address of the spectrum device for which you want to view spectrum information. freq-band 2.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.
show ap spectrum device-history show ap spectrum device-history {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [type audio-ff|bluetooth|cordless-base-fh|cordless-network-fh|cordless-phone-ff|genericff|generic-fh|generic-interferer|microwave|microwave-inverter|video|xbox] Description This command shows the history of the last 256 non-Wi-Fi devices. Syntax Parameter Description ap-name Name of the spectrum monitor or hybrid AP for which you want to view spectrum information.
Parameter Description microwave-inverter View information for inverter microwave devices seen by the spectrum device. NOTE: This option is available only for 2.4 GHz spectrum devices. video View information for video devices seen by the spectrum device. xbox View information for Xbox devices seen by the spectrum device. NOTE: This option is available only for 2.4 GHz spectrum devices.
Non-Wi-Fi Interferer Type Description Frequency Hopper (Cordless Network) When there is an active phone call and one or more handsets are part of the phone conversation, the device is classified as Frequency Hopper (Cordless Network). Cordless phones may operate in 2.4 GHz or 5 GHz bands. Some phones use both 2.4 GHz and 5 GHz bands (for example, 5 GHz for Base-to-handset and 2.4 GHz for Handset-to-base). These phones may be classified as unique Frequency Hopper devices on both bands.
Video 4 2010-05-16 Video 5 2010-05-16 Video 6 2010-05-16 5745312 20:32:44 5742031 20:33:43 5745312 20:34:08 6000 149 2010-05-16 20:33:07 6000 149 2010-05-16 20:33:53 6000 149 2010-05-16 20:34:20 76 99 79 99 75 99 The output of this command includes the following information: Column Type Description Device type.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.
show ap spectrum device-list show ap spectrum device-list {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [type audio-ff|bluetooth|cordless-base-fh|cordless-network-fh|cordless-phone-ff|genericff|generic-fh|generic-interferer|microwave|microwave-inverter|video|xbox] Description Show a device summary table and channel information for non-Wi-Fi devices currently seen by a spectrum monitor or hybrid AP radio.
Parameter microwave-inverter Description Show only microwave inverter devices. NOTE: This option is available only for 2.4 GHz spectrum devices. video Show only video fixed frequency devices. xbox Show only xbox frequency hopper devices. NOTE: This option is available only for 2.4 GHz spectrum devices. Usage Guidelines Issue this command to view detailed information about currently active non-Wi-Fi devices on the network.
Column Description l generic interferer l microwave l microwave inverter l video l xbox NOTE: For additional details about non-Wi-Fi device types shown in this table, see Non-Wi-Fi Interferers on page 1299 ID ID number assigned to the device by the spectrum monitor or hybrid AP radio. Spectrum monitors and hybrid APs assign a unique spectrum ID per device type. Cfreq Center frequency of the signal sent from the device. Bandwidth Channel bandwidth used by the device.
Command History Introduced in ArubaOS 6.0. Command Information Platforms All platforms 1306| show ap spectrum device-list Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ap spectrum device-log show ap spectrum device-log {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [type audio-ff|bluetooth|cordless-phone-ff|cordless-phone-fh| generic-ff|generic-fh|generic-interferer|microwave|microwave-inverter|video|xbox] Description This command shows a time log of add and delete events for non-Wi-Fi devices. Syntax Parameter Description ap-name Name of the spectrum monitor for hybrid AP or which you want to view spectrum information.
Parameter Description microwave-inverter Show only microwave inverter devices. NOTE: This option is available only for 2.4 GHz spectrum device radios. video Show only video fixed frequency devices. xbox Show only xbox frequency hopper devices. NOTE: This option is available only for 2.4 GHz spectrum device radios. Usage Guidelines Use this table to show a time log of when non-Wi-Fi devices were added to and deleted from the Wi-fi Device log table.
Column Description Device Type Type of non-Wi-Fi device detected by the spectrum monitor or hybrid AP ID The spectrum ID number assigned to that device. Spectrum monitors and hybrid APs assign a unique spectrum ID per device type. Added/Deleted The non-Wi-Fi Device Log table can show signal data for a device when that device was added or removed from the log table. Signal Strength Strength of the signal sent by the device. Duty Cycle Device duty cycle.
Command Information Platforms All platforms 1310| show ap spectrum device-log Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ap spectrum device-summary show ap spectrum device-summary {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz Description This command shows the numbers of wi-fi and non-Wi-Fi device types on each channel monitored by a spectrum monitor or hybrid AP Syntax Parameter Description ap-name Name of the spectrum monitor or hybrid AP for which you want to view spectrum information.
Related Commands Command Description Mode ap spectrum local-override Convert an AP or AM into a spectrum monitor by adding it to the spectrum localoverride list. Config mode on master or local controllers rf dot11a-radio-profilemodespectrum-mode Set a 802.11a radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers rf dot11g-radio-profilemodespectrum-mode Set a 802.
show ap spectrum interference-power show ap spectrum interference-power {ap-name }|{ip-addr } freq-band 2.4ghz|5ghz [] Description This command shows the interference power detected by a 802.11a or 80211g radio on a spectrum monitor or hybrid AP. Syntax Parameter Description ap-name Name of the spectrum monitor or hybrid AP for which you want to view spectrum information.
Interference Power Table -----------------------Channel Noise Floor(dBm) Max Interference(dBm) ------- -----------------------------------149 -91 -71 153 -63 -58 157 -92 -60 161 -94 -70 165 -93 -69 149+ -60 -58 157+ -89 -60 Max AP Signal(dBm) Max AP SSID Max AP BSSID ACI(dBm) ------------------ ----------- ------------ -------- -40 ethersphere-wpa2 00:24:6c:80:7b:c9 -77 -42 guest 00:1a:1e:87:c1:90 -63 -48 alpha 00:1a:1e:50:01:30 -74 -39 00:24:6C:C0:15:EB 00:24:6c:81:57:c8 -61 -26 s
show ap spectrum-load-balancing show ap spectrum-load-balancing [group ] Description Show spectrum load balancing information for an AP with this feature enabled. Syntax Parameter group Description Filter this information to show only data for the specified spectrum load balancing domain. Examples The output of the command below shows the APs currently using the spectrum load-balancing domain default-1.
Command Information Platforms All platforms 1316| show ap spectrum-load-balancing Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap spectrum local-override show ap spectrum local-override Description This command shows a list of AP radios currently converted to spectrum monitors via the spectrum localoverride list Syntax No parameters Examples The output of this example shows that three APs each have two radios defined as spectrum monitors.
Command Description rf dot11g-radio-profilemode spectrum-mode Mode Set a 802.11g radio so the device operates as an spectrum monitor, and can send spectrum analysis data to a desktop or laptop client. Config mode on master or local controllers Command History Introduced in ArubaOS 6.0.
show ap spectrum monitors show ap spectrum monitors Description This command shows a list of APs terminating on the controller that are currently configured as spectrum monitors or hybrid APs Syntax No parameters Examples The output of this example shows that the 802.11a radio on a spectrum monitor named ap123 is sending spectrum analysis data to a client with the IP address 10.240.16.177.
Column Subscribe time Description Time at which the spectrum monitor or hybrid AP was connected to the client. Command History Introduced in ArubaOS 6.0. Command Information Platforms All platforms 1320| show ap spectrum monitors Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ap spectrum technical-support show ap spectrum technical-support ap-name Description Save spectrum data for later analysis by technical support. Syntax Parameter Description Save technical support information for a specific spectrum monitor. Name of the file to which this data should be saved. This file does not have to already exist on the controller, the show ap spectrum technical-support command will create this file.
show ap standby show ap active [ap-name |{arm-edge dot11a|dot11g|voip-only}|dot11a|dot11g|essid |ip-addr |ip6-addr |{type access-point|air-monitor|(sensor dot11a|dot11g|voip-only)}|voip-only Description Show all APs in standby mode currently registered to a controller. Syntax Parameter Description ap-name View data for an AP with a specified name. bssid View data for a specific BSSID.
Column Description Group The AP is associated with this AP group. IP address IP address of the AP, in dotted decimal format. 11g Clients Number of 802.11g clients using the AP. 11g Ch/EIRP/MaxEIRP 802.11g radio channel used by the AP/current effective Isotropic Radiated Power (EIRP) /maximum EIRP. 11a Clients Number of 802.11a clients using the AP. 11a Ch/EIRP/MaxEIRP 802.11a radio channel used by the AP/current EIRP/maximum EIRP. AP Type AP model type.
Column Uptime Outer IP Description Number of hours, minutes and seconds since the last controller reboot or bootstrap, in the format hours:minutes:seconds. The outer IP address of a remote AP (RAP) is used to establish an IPsec VPN tunnel to the terminating master controller. The RAP acquires an outer IP address from the locally connected network, usually via DHCP. (A RAP is typically behind a NAT device whose public IPis seen as the outer ip for the RAP).
show ap system-profile show ap system-profile Description Show an AP’s system profile settings. Syntax Parameter Description Name of a system profile. Examples The output of the command below shows the current configuration settings for the default system profile.
Dump Server Heartbeat DSCP Maintenance Mode Maximum Request Retries Request Retry Interval Number of IPSEC retries Secondary Master IP/FQDN AeroScout RTLS Server RTLS Server configuration RTLS Server Compatibility Mode Slow Timer Recovery by rebooting itself Telnet Disable RAP Tftp Image Upgrade Spanning Tree AP multicast aggregation AP ARP attack protection AP multicast aggregation allowed VLANs Console enable AP Console Protection AP Console Password Password for Backup AP USB Power override RF Band for B
Column Description Corporate DNS Domain DNS name used by the corporate network. SNMP sysContact SNMP system contact information. SAP MTU Maximum Transmission Unit (MTU) size, in bytes. This value describes the greatest amount of data that can be transferred in one physical frame. LMS IP The IP address of the local management switch (LMS) —the Dell controller which is responsible for terminating user traffic from the APs, and processing and forwarding the traffic to the wired network.
Column Description Remote-AP DHCP Server ID IP address used as the DHCP server identifier. Remote-AP DNS Server IP address of the DNS server. Remote-AP DHCP Default Router IP address for the default DHCP router. Remote-AP DHCP Pool Start This parameter defines the starting IP address in the DHCP pool for remote APs. Remote-AP DHCP PoolEnd This parameter defines the last IP address in the DHCP pool for remote APs. Remote-AP DHCP PoolNetmask Configures a DHCP pool for remote APs.
Column Description Heartbeat DSCP DSCP value of AP heartbeats (0-63). Maintenance Mode Shows if Maintenance mode is enabled or disabled. If enabled, APs stop flooding unnecessary traps and syslog messages to network management systems or network operations centers when deploying, maintaining, or upgrading the network. The controller still generates debug syslog messages if debug logging is enabled.
Column Description AP multicast aggregation Displays the status of multicast aggregation at AP. AP ARP attack protection Drop ARP packets coming from wired or wireless clients with AP gateway IP address. In other words, disallow ARP attack from un-trusted ports. AP multicast aggregation allowed VLANs Displays a list of VLANs where AP multicast aggregation is allowed. Console enable Displays if the console port of the AP is enabled.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.2 Support for additional RTLS servers and remote AP enhancements was introduced. ArubaOS 3.3.2 l Maintenance-mode parameter was introduced. l Multiple remote AP DHCP server enhancements were introduced. l Support for RFprotect server and backup server configuration was introduced. l The mms-rtls-server parameter was deprecated in ArubaOS 3.3.2. ArubaOS 5.
Release ArubaOS 6.4.3.0 Modification The following new parameters were introduced: l AP ARP attack protection l AP multicast aggregation l AP multicast aggregation allowed VLANs l AP USB Power override l Shell Password l RF Band for Backup l Operation for Backup l Password for Backup l BLE Endpoint URL l BLE Auth Token ArubaOS 6.4.3.3 The BLE Operation Mode parameter was introduced as part of the output of this command. ArubaOS 6.
show ap tech-support show ap tech-support ap-name [] Description Display all information for an AP, or save that information to a file on the controller. This information can be used by Dell technical support to diagnose a problem with an AP. Syntax Parameter Description Name of the AP for which you want to view tech support data. Save the output of this command into a file on the controller with the specified filename.
show ap vht-rates show ap vht-rates bssid Description Show very-high-throughput (VHT) rates for an AP that supports 802.11ac. Syntax Parameter bssid Description Show VHT rates for a specific Basic Service Set Identifier (BSSID) on an 802.11ac-capable AP. The Basic Service Set Identifier (BSSID) is usually the AP’s radio's MAC address.
Range for 40 MHz: Range for 80 MHz: 13.5 - 600.0 Mbps 29.3 - 1300.0 Mbps The output of this command includes the following information: Column Description MCS A Modulation Coding Scheme (MCS) values supported on this high-throughput SSID. Streams Number of spatial streams used by the MCS index value. 20 MHz 802.11n data rates for the MCS for 20 Mhz transmissions. 20 MHz SGI 802.11n data rates for the MCS for 20 Mhz transmissions using a short guard interval. 40 MHz 802.
show ap virtual-beacon-report show ap virtual-beacon-report all ap-name client-mac ip-addr ip6-addr Description If the client match feature is enabled, the output of this command displays the virtual beacon report for an AP or a client with a specific IP or MAC address. Syntax Parameter Description all Virtual beacon report for all clients on the controller. ap-name Name of the AP for which you want to view a virtual beacon report.
1310-205 10.100.66.102 9c:1c:12:fd:f7:b0 ethersphere-wpa2 Oct 29 09:21:56 44/20/38 1248-205 10.100.66.128 9c:1c:12:fe:19:f0 ethersphere-wpa2 Oct 29 09:22:08 60/24/15 1263-205 10.100.66.126 9c:1c:12:fd:d2:10 ethersphere-wpa2 Oct 29 09:22:12 52/12/0 1263-205 10.100.66.126 9c:1c:12:fd:d2:00 ethersphere-wpa2 Oct 29 09:22:12 1/12/1 1362-205 10.100.66.127 9c:1c:12:fd:f2:30 ethersphere-wpa2 Oct 29 15:23:35 52/12/5 1263-ac 10.100.66.121 6c:f3:7f:e7:5a:b0 ethersphere-wpa2 Oct 29 09:22:17 60/18/7 AP205-TE 10.100.66.
Parameter Description Current State Indicates whether the client is currently steerable Client Supported Channels Lists the channels that support client use Current Time Timestamp showing the current date and time AP Name of the AP from which the client can detect a signal IP address IP address of the AP from which the client can detect a signal Radio MAC address of the AP radio from which the client can detect a signal ESSID Identifying name of the wireless network for each AP Signal (dBm)
1372-205 10.100.66.120 9c:1c:12:fe:13:50 Oct 29 07:19:33 52/21/10 1260-205 10.100.66.100 9c:1c:12:fe:0f:d0 Oct 29 07:19:44 52/24/15 * 1263-ac 10.100.66.121 6c:f3:7f:e7:5a:b0 Oct 29 07:19:49 52/12/5 S 1362-205 10.100.66.127 9c:1c:12:fd:f2:30 Oct 29 07:52:31 60/12/12 S 1310-205 10.100.66.102 9c:1c:12:fd:f7:b0 Oct 29 07:52:51 44/20/34 S 1263-205 10.100.66.
Dell Networking W-Series ArubaOS 6.5.
show ap vlan-usage show ap vlan-usage [{ap-name }|{bssid |{essid |{ip-addr }| {virtual-ap Show VLAN data for an AP with a specific name. bssid Show VLAN data for a specific Basic Service Set Identifier (BSSID) on an AP. The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address.
Command History Introduced in ArubaOS 3.0. Command Information Platforms All platforms 1342| show ap vlan-usage Licensing Base operating system Command Mode Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ap wired-ap-profile show ap wired-ap-profile [] Description Show a list of all wired AP profiles, or display the configuration parameters in a specific wired AP profile. Syntax Parameter Description Name of a wired AP profile. Usage Guidelines The command show ap wired-ap-profile displays a list of all wired AP profiles, including the number of references to each profile and the profile status.
Column Description l mode: Set trunking mode of the interface. l trunk: Set trunk mode characteristics of the interface. Access mode VLAN VLAN ID of the access mode VLAN. Trunk mode native VLAN VLAN ID of the native VLAN. Trunk mode allowed VLANs Range of allowed VLAN IDs for the native VLAN. Trusted Shows if the wired port on an AP using this profile is a trusted port. Possible values are Trusted or Not Trusted. Broadcast If set to broadcast, the wired AP port will forward broadcast traffic.
show ap wired-port-profile show ap wired-port-profile Description Shows all AP wired port profiles and their status. Syntax No parameters. Example The example below shows that the controller has three wired port profiles. The References column lists the number of other profiles with references to the wired port profile, and the Profile Status column indicates whether the profile is predefined. User-defined profiles will not have an entry in the Profile Status column.
Parameter Description Wired AP profile Name of a wired AP profile to be used by devices connecting the AP’s wired port. The wired AP profile defines the forwarding mode and switchport values used by the port. Ethernet interface link profile An Ethernet Link profile to be used by devices connecting to the AP’s wired port profile. This profile defines the duplex value and speed to be used by the port. AP LLDP Profile Name of an LLDP Profile associated with this wired port.
show ap wired stats show ap wired stats {ip-addr } | {ap-name }|{client-ip } | {client-mac } Description Shows statistics for campus and remote AP wired clients. Syntax Parameter Description ap-name Show wired AP statistics for a specified AP name. ip-addr Show wired AP statistics for a specified AP by entering an IP address in dotted-decimal format. client-ip Show wired AP statistics for a specified client IP address.
Column Description TX Packets Number of packets sent TX Bytes Number of bytes sent RX Packets Number of packets received RX Bytes Number of bytes received TX Broadcast Packets Number of broadcast packets sent TX Broadcast Bytes Number of broadcast bytes sent TX Multicast Packets Number of multicast packets sent TX Multicast Bytes Number of multicast bytes sent Command History Version Description ArubaOS 5.0 Command Introduced. ArubaOS 6.4.3.
show ap wmm-flow show ap wmm-flow [{ap-name }|{bssid }|{essid }|{ip-addr }] dotlla|dotllg Description Show the Wireless Multimedia (WMM) flow table. Syntax Parameter Description ap-name View an AP with a specified name. bssid View data for an AP with a specific BSSID (Basic Service Set Identifier). The Basic Service Set Identifier (BSSID) is usually the AP’s MAC address. essid View data for a specific ESSID (Extended Service Set Identifier).
Column Description AP name Name of an AP with recorded WMM flows ESSID Extended Service Set Identifier (ESSID) of a wireless network. Client MAC address of the client. Description The description is a long string that includes the following information. TSID: Traffic Stream Identifier. The TSID should match the priority level for each flow. Priority: One of the following IEEE 802.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show app skype4b call-cdrs show app skype4b prioritized-calls [all] Description This command displays the Call Detail Record (CDR) for prioritized Skype for Business (Skype4b) calls in the controller. Syntax Parameter Description all Displays CDR information for all Skype calls. Example In this example, the output is divided into multiple sections to better fit on the pages of this document. In the actual command-line interface, it appears in a single, long table.
Column Description Client Name Displays the user name of the Skype4b client. ALG Displays the Application Layer Gateway protocol for Skype4b clients. Dir Displays the following call direction: l OG — outgoing l IC — incoming Called To Displays the user name of the Skype4b client being called. Status Displays the following call status: l CONNECTED — active call l SUCC — successful terminated call l ABORTED — aborted call Dur(sec) Displays the time duration of the Skype4b call.
Column Src Port Dest Port Description l Desktop-sharing conference l File-transfer l Video l Voice l Video conference l Voice conference Displays the source port of the Real-Time Protocol (RTP) session or file transfer session. Displays the destination port of the RTP session or file transfer session. DSCP Displays the DSCP value for the session. WMM AC Displays the value of the Wi-Fi Multimedia Access Category. The controller sends the packet with this value.
show app skype4b call-quality show app skype4b call-quality [all] Description This command displays the call quality information for Skype for Business (Skype4b) voice and video calls. Syntax Parameter Description all Displays call quality information for all voice and video Skype4bcalls. Example In this example, the output is divided into multiple sections to better fit on the pages of this document. In the actual command-line interface, it appears in a single, long table.
Column Direction Description Displays the call direction. l OG — Outgoing l IC — Incoming Called To Displays the user name of the Skype4b client being called. Duration Displays the time duration of the Skype4b call. Codec Displays the voice compression protocol used for the Skype4b call. Delay Displays the average delay in milli seconds. Jitter Displays the jitter in milli seconds. Pkt Loss Displays the loss of packet in percentage.
Related Commands Command Description show ucc call-info cdrs This command displays the Call Detailed Records (CDR) statistics for Unified Communication and Collaboration (UCC). Command History Version ArubaOS 6.4.4.0 Description Command introduced. NOTE: This command replaces the deprecated command show app lync call-cdrs. Command Information Platforms All platforms Licensing This command requires the PEFNG license Dell Networking W-Series ArubaOS 6.5.
show app skype4b client-status show app skype4b client-status active-only bssid essid extn ip sta Description Displays details of clients that are actively using Skype for Business (Skype4b). An entry is created for clients that have actively participated in voice, video, desktop-sharing or file-sharing sessions.
The output of this command includes the following parameters: Column Description Client(IP) Displays the IP address of the Skype4b client. Client(MAC) Displays the MAC address of the Skype4b client. Client Name Displays the user name of the Skype4b client. Registration State Displays the following registration state of the Skype4b client with Skype4b server: Call Status l UNKNOWN: The Skype4b client is connected to the controller.
Command Information Platforms All platforms Licensing This command requires the PEFNG license Dell Networking W-Series ArubaOS 6.5.
show app skype4b tracebuf show app skype4b tracebuf Description This command displays the Skype for Business (Skype4b) message trace buffer for the first 256 events. Events such as establishing voice, video, desktop sharing, and file transfer are recorded. Syntax No parameters. Example The output is divided into multiple sections to better fit on the pages of this document, however, in the actual command-line interface, data appears in a single, long table.
Column Description BSSID Displays the BSSID of the access point to which the Skype4b client is connected. CACStatus Displays if call admission control limit is reached. The values are: l PASS l FAIL l NA NOTE: When the call status for the Skype4B client is Call quality update, the value of the CACStatus for the Skype4b client is NA. Media Type Displays the type of Skype4B call: l Desktop-sharing l File-transfer l Video l Voice DSCP Displays the DSCP value for the session.
Command History Version ArubaOS 6.4.4.0 Description Command introduced. This command replaces the deprecated command show app lync tracebuf. Command Information Platforms All platforms Licensing This command requires the PEFNG license Dell Networking W-Series ArubaOS 6.5.
show app skype4b traffic-control show app skype4b traffic-control [] Description This command displays the types of Skype for Business (Skype4b) traffic prioritized through the Skype4b Application Layer Gateway (ALG) QoS. Syntax Parameter Description profile-name Skype4b traffic control profile name.
Command Information Platforms All platforms 1365| show app skype4b traffic-control Licensing This command requires the PEFNG license Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ap-group show ap-group [] Description Show settings for an AP group. Syntax Parameter Description The name of an AP group. Usage Guidelines Issue this command without the optional parameter to display the entire AP group list, including profile status for each profile. Include an AP group name to display detailed configuration information for that AP group profile. Example This first example shows that the controller has nine configured AP groups.
Ethernet interface 0 link profile Ethernet interface 1 link profile AP system profile VoIP Call Admission Control profile 802.11a Traffic Management profile 802.
Parameter Description Mesh Radio profile Mesh radio profile assigned to the AP group. Mesh Cluster profile Mesh cluster profile assigned to the AP group. Related Commands Configure AP group settings using the command ap-group. Command History This command was available in ArubaOS 3.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ap-name show ap-name [] Description Show a list of AP names. Include the parameter to display detailed configuration information for that AP. Syntax Parameter Description The name of an AP. Example This first example shows that the controller has eight registered APs. The Name column lists the names of each registered AP. Note that APs are all user-defined, so they will not have an entry in the Profile Status column.
Parameter Description Virtual AP Virtual AP profile that which configures a specified WLAN. Excluded Virtual AP Excludes the specified mesh cluster profile from this AP. 802.11a radio profile Profile that defines 802.11a radio settings for the AP. 802.11g radio profile Profile that defines 802.11g radio settings for the AP. Wired AP profile Profile that defines wired port settings for APs assigned to the AP.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show arp show arp Description Show Address Resolution Protocol (ARP) entries for the controller. Syntax No parameters Example This example shows configured static ARP entries for the controller. (host) #show arp Protocol Address Internet 10.3.129.98 Internet 10.3.129.253 Internet 10.3.129.250 Internet 10.3.129.99 Internet 10.3.129.96 Internet 10.3.129.
| show arp Dell Networking W-Series ArubaOS 6.5.
show audit-trail show audit-trail { | login ] Description Show the controller’s audit trail log. Syntax Parameter login Description Start displaying the log output from the specified number of lines from the end of the log. Start displaying the log output from the specified number of lines from the end of the login/logout log. Example By default, the audit trail feature is enabled for all commands in configuration mode.
Command Information Platforms All platforms 1375| show audit-trail Licensing Base operating system Command Mode Available in Enable and Config modes. Audit trails can only be enabled on master controllers Dell Networking W-Series ArubaOS 6.5.
show auth-survivability show auth-survivability Description This command displays the auth-survivability parameters that are configured in the local controller. Example host # show auth-survivability Auth-Survivability: Enabled (Running) Survival-Server Server-Cert: dot1x2k-server Survival-Server Cache lifetime: 48 hours Command History Version ArubaOS 6.4.3.0 Description Command introduced.
show auth-survivability-cache show auth-survivability-cache Description This command displays the data currently in the local Survival Server cache. Example host(config) # show auth-survivability-cache Figure 2 Displaying the Local Survival Server Cache Command History Version ArubaOS 6.4 Description Command introduced. Platform Support Platforms W-7000 Series controllers Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show auth-tracebuf show auth-tracebuf [count <1-250] [failures] [mac
] Description Show the trace buffer for authentication events. Syntax Parameter Description count <1-250> limit the output of the command to the specified number of packets. failures Filter the output of this command to display only authentication failures mac Filter the output of this command to display only information for a specified MAC address.Feb 5 08:08:35 Feb 5 08:08:35 psk aes Feb 5 08:08:35 station-down station-up * * 00:09:ef:05:1e:b2 00:09:ef:05:1e:b2 00:1a:1e:97:e5:42 00:1a:1e:97:e5:42 - - station-data-ready * 00:09:ef:05:1e:b2 00:00:00:00:00:00 66 - wpa2 Each row in the output of this table may include some or all of the following information: l A timestamp that indicates when the entry was created. l The type of exchange that was made. l The direction the packet was sent. l The source MAC address.
show banner show banner Description Show the current login banner Syntax No parameters Usage Guidelines Issue this command to review the banner message that appears when you first log in to the controller’s command-line or browser interfaces. Example (host) # show banner This testlab controller is scheduled for maintenance starting Saturday night at 11 p.m. Related Commands Configure a banner message using the command banner motd. Command History This command was available in ArubaOS 3.0.
show ble_relay show ble_relay jobs Description Displays Bluetooth Low Energy (BLE) relay status. Syntax Parameter jobs Description Displays the BLE relay job queue status Example The output of the example below displays the VLAN derivation debug information of an user with IPv4 address. (host) #show ble_relay jobs Pending Jobs -----------Slot AP IP Payload Size ------------------All Slots Unused Status ------ Last updated ------------ Command History Release ArubaOS 6.5.0.
show boot show boot history Description Display boot parameters, including the boot partition and the configuration file to use when booting the controller. Syntax Parameter history Description Displays the controller's reloads and upgrade history. Example (host) #show boot history Reboot History Table -------------------No Description User Role IP Timestamp -- ----------- ---- ---- -- --------- 1 Centralized Upgrade to 6.3.1.0 for target 192.168.89.2 Successful.
Command Information Platforms All platforms 1383| show boot Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show branch show branch config {mac-address }|{name } dhcp-instance {mac-address }|{name } master-l3redundancy status running-config Description Shows configuration and DHCP address settings on a branch controller.
interface fastethernet "1/1" switchport access vlan 2 interface fastethernet "1/1" trusted interface vlan 3 interface vlan 3 ip address 10.3.29.79 255.255.255.0 interface vlan 2 interface vlan 2 ip address 192.167.1.1 255.255.255.240 uplink wired vlan 4 interface tunnel 1 interface tunnel 1 tunnel destination remote-node-master-ip ip route 10.100.102.217 255.255.255.255 10.3.29.254 ip route 10.100.102.173 255.255.255.255 10.3.29.254 ip route 10.1.1.41 255.255.255.255 10.3.29.
show branch-config-group show branch-config-group [] Description The output of this command shows configuration settings for a branch config group. Syntax Parameter Description (Optional) Name of the branch config group. Usage Guidelines When this command includes the optional branch config group name, the output of the command shows the configuration status of that specific branch config group.
! uplink wired vlan 1 priority 102 uplink enable interface gigabitethernet "0/0/0" bandwidth-contract app "vox" "test" downstream ! remote-node-dhcp-pool Pool1 pool-type vlan 1 domain-name example.com dns-server 10.1.1.91 range startip 5.5.5.16 endip 6.6.6.6 hosts 16 ! ! Command History Release ArubaOS 6.4.3.0 Modification Command introduced. Command Information Platforms Available on W-7010, W7005, W-7024, W-7030 , and W-7200 Series controllers.
show branch-dhcp-pool show branch-dhcp-pool config-group [pool-name ] Description The output of this command shows a summary of DHCP pool information for branch controllers. Syntax Parameter Description config-group Name of the branch config group pool-name (Optional) include the name of the DHCP pool in this command to view information only for the selected DHCP pool.
Parameter Description Pool Name Name of the new DHCP pool. Type Type of pool. This can be tunnel or vlan. Start IP Address IP addresses at the start of the branch controller’s address range, in dotted-decimal format. End IP Address IP address at the end of the branch controller’s address range, in dotted-decimal format. Domain Name The DHCP domain name. Num Hosts Maximum number of hosts allocated by a branch controller using this pool. Command History Release Modification ArubaOS 6.
show branch master-l3redundancy show branch master-l3redundancy status switchover-timeout Description A redundant secondary master controller in a branch controller deployment prevents a scenario in which a master controller acts as a single point of failure if the link to the master controller goes down, or a co-located Master-Standby VRRP controller pair fail due to a network failure or local natural disaster. This command displays the status of both the primary and secondary (backup) master controllers.
Examples The following examples show the CLI output for both parameters of the show branch masterl3redundancy command: (host) #show branch master-l3redundancy status (host) #show branch master-l3redundancy switchover-timeout Command History Release ArubaOS 6.4.4.0 Modification This command is introduced. Command Information Platforms Available on all Dell branch controllers.
show cellular profile show cellular profile [] | [factory] Description Display the cellular profiles and profile settings. Syntax Parameter Description Enter the name of an existing cellular profile factory Display a list of factory supported cellular profiles. Usage Guidelines Issue this command without the parameter to display configuration parameters for the entire list of available cellular profiles.
Parameters Description Prod USB product ID in hexadecimal Serial USB device serial number. Dialer Name of a dialer group profile. TTY Modem TTY port. Driver One of the following cellular modem drivers: Priority l acm: Linux ACM driver. l hso: Option High Speed driver. l option: Option USB data card driver (default). l sierra: Sierra Wireless driver.
show clock show clock [summer-time|timezone|append] Description Display the system clock. Syntax Parameter Description summer-time Show summer (daylight savings) time settings. timezone Show the configured timezone for the controller. append If the timestamp feature is enabled, including a timestamp in show command output. Usage Guidelines Include the optional summer-time parameter to display configured daylight savings time settings.
show cluster-config show cluster-config Description Show the multi-master cluster configuration for the control plane security feature. Usage Guidelines When you issue this command from the cluster root, the output of this command shows the cluster role of the controller, and the IP address of each member controller in the cluster. When you issue this command from a cluster member, the output of this command shows the cluster role of the controller, and the IP address of the cluster root.
Command Information Platforms All platforms 1396| show cluster-config Licensing Base operating system Command Mode Enable mode on cluster member or cluster root controllers Dell Networking W-Series ArubaOS 6.5.
show cluster-switches show cluster-switches Description Issue this command on a master controller using control plane security in a multi-master environment to show other the other controllers to which it is connected. Usage Guidelines When you issue this command from the cluster root, the output of this command displays the IP address of the VLAN used by the cluster member to connect to the cluster root.
Command History This command was introduced in ArubaOS 5.0. Command Information Platforms All platforms 1398| show cluster-switches Licensing Base operating system Command Mode Enable mode on cluster member or cluster root controllers Dell Networking W-Series ArubaOS 6.5.
show command-mapping show command-mapping [reverse] Description Show the mapping new commands to deprecated commands. Syntax Parameter reverse Description Sort the command map by deprecated command syntax. This command is useful to find the current command syntax for a deprecated command. Usage Guidelines The syntax of many commands changed after the release of ArubaOS 3.0. Use this command to display a list of current commands and their deprecated command equivalents.
Command Information Platforms All platforms 1400| show command-mapping Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show configuration show configuration diff Description Show the saved configuration on the controller. Syntax Parameter Description diff Displays a list of successfully executed configuration commands since the last write memory. The configuration differences are cleared whenever a write memory is performed. Usage Guidelines Issue this command to view the entire configuration saved on the controller, including all profiles, ACLs, and interface settings.
show controller-ip show controller-ip Description Show controller’s country and domain upgrade trail. Syntax No parameters. Example The output of this command shows the controller’s IP address and VLAN interface ID. (host) # show controller-ip Switch IP Address: 10.168.254.221 Switch IP is configured to be Vlan Interface: 1 Command History This command was available in ArubaOS 3.4 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show controller-ipv6 show controller-ipv6 Description Show controller’s IPv6 address and VLAN interface ID. Syntax No parameters. Example (host) # show controller-ipv6 Switch IPv6 Address: 2005:d81f:f9f0:1001::14 Switch IPv6 address is from Vlan Interface: 1 The output of this command shows the controller’s IPv6 address and VLAN interface ID. Command History This command is introduced in ArubaOS 6.
show control-plane-security show control-plane-security Description Show the current configuration of the control plane security profile. Syntax No parameters. Usage Guidelines The control plane security profile enables and disables the control plane security feature and identifies campus APs to receive security certificates. Issue this command to view current control plane security settings.
show country show country [trail] Description Show controller’s country and domain upgrade trail. Syntax Parameter trail Description Display the record showing how the switch was reconfigured for it’s current country domain when the controller hardware was upgraded. Usage Guidelines A controller’s country code sets the regulatory domain for the radio frequencies that the APs use. This value is typically set during the controller’s initial setup procedure.
show cp-bwcontracts show cp-bwcontract Description Displays a list of Control Processor (CP) bandwidth contracts for whitelist ACLs. Syntax No parameters. Example The CP bw contracts table lists the contract names, the ID number assigned to each contract, and its defined traffic rate in packets per second.
show cpuload show cpuload [current] Description Display the controller CPU load for application and system processes. Syntax Parameter current Description Include this optional parameter at the request of Dell technical support to display additional CPU troubleshooting statistics. Example This example shows that the majority of the controller’s CPU resources are not being used by either application (user) or system processes. (host) #show cpuload user 6.9%, system 7.7%, idle 85.
show crypto-local ipsec-map show crypto-local ipsec [tag ] Description Displays the current IPsec map configuration on the controller. Syntax Parameter tag Description Display a specific IPsec map. Usage Guidelines The command show crypto-local ipsec displays the current IPsec configuration on the controller. Examples The command show crypto-local ipsec-map shows the default map configuration along with any specific IPsec map configurations.
Command History Version Modification ArubaOS 3.4 Command introduced. ArubaOS 6.1 The output of this command displays the configured IKE version. ArubaOS 6.3 The output of this command displays the Security association lifetime kilobytes parameter. ArubaOS 6.4.4.0 The output of this command indicates if the Uplink Failover and IP Compression features are enabled.
show crypto dp show show crypto dp [peer ] Descriptions Displays crypto data packets. Syntax Parameter dp Description Shows crypto latest datapath packets. The output is sent to crypto logs. peer Clears crypto ISAKMP state for this IP. Usage Guidelines Use this command to send crypto data packet information to the controller log files, or to clear a crypto ISAKMP state associated with a specific IP address.
show crypto dynamic-map show crypto dynamic-map [tag ] Descriptions Displays IPsec dynamic map configurations. Syntax Parameter Description dynamic-map IPsec dynamic maps configuration. tag A specific dynamic map. Usage Guidelines Dynamic maps enable IPsec SA negotiations from dynamically addressed IPsec peers. Once you have defined a dynamic map, you can associate that map with the default global map using the command crypto map globalmap.
Command Information Platforms All platforms 1412| show crypto dynamic-map Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show crypto ipsec show crypto ipsec {mtu|sa[peer ]|transform-set [tag ]} Descriptions Displays the current IPsec configuration on the controller. Syntax Parameter Description mtu IPsec maximum mtu. sa Security associations. peer transform-set tag IPsec security associations for a peer. IPsec transform sets. A specific transform set.
Transform set will Transform set will Transform set will default-aes: { esp-aes256 esp-sha-hmac } negotiate = { Transport, Tunnel } newset: { esp-3des esp-sha-hmac } negotiate = { Transport, Tunnel } name: { esp-aes256-gcm esp-sha-hmac } negotiate = { Transport, Tunnel } Use the peer parameter to view details about an IPsec connection (host) #show crypto ipsec sa peer 80.254.65.210 Initiator IP: 80.254.65.210 Responder IP: 10.69.69.
show crypto isakmp show crypto isakmp eap-passthrough groupname ipsecSPI key log ap packet-dump policy sa stats transports udpencap-behind-natdevice Descriptions This command displays Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Syntax Parameter Description eap-passthrough Display configured IKEv2 EAP Methods. groupname Show the IKE Aggressive group name. ipsecSPI key Show IPSEC spi hash table entries.
Parameter stats Description Show detailed IKE statistics. This information can be very useful for troubleshooting problems with ISAKMP. transports Show IKE Transports. udpencap-behind-natdevice Show the Configuration if NAT-T is enabled if controller is behind a NAT device . Usage Guidelines Use the show crypto isakmp command to view ISAKMP settings, statistics and policies. Examples The command show crypto isakmp stats shows the IKE statistics.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The eap-passthrough parameter was introduced. The output of the show crypto isakmp policy command displays the configured IKE version. This command was introduced in ArubaOS 3.0. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show crypto-local isakmp show crypto-local isakmp allow-via-subnet-routes ca-certificate certificate-group disable-aggressive-mode dpd key [peer | fqdn ] server-certificate xauth Descriptions This command displays Internet Key Exchange (IKE) parameters for the Internet Security Association and Key Management Protocol (ISAKMP). Syntax Parameter Description allow-via-subnet-routes Shows if the controller is configured to accept subnet routes from VIA clients.
certificate and show crypto-local xauth commands: (host) #show crypto-local isakmp allow-via-subnet-routes Controller will accept subnet routes from via client (host) #show crypto-local isakmp ca-certificate ISAKMP CA Certificates ----------------------CA certificate name Client-VPN # of Site-Site-Maps ------------------- ---------- ------------------Dell-Factory-CA Y 0 (host) #show crypto-local isakmp certificate-group ISAKMP Certificate Groups -------------------------Server certificate name CA certifica
Related Commands Command Description Mode crypto-local isakmp allow-viasubnet-routes Use this command to allow a controller to accept VIA-published subnets. Config mode crypto-local isakmp ca-certificate Use this command to assign the Certificate Authority (CA) certificate used to authenticate VPN clients. Config mode crypto-local isakmp certificategroup Use this command to assign a certificate group so you can access multiple types of certificates on the same controller.
Command Information Platforms All platforms 1421| show crypto-local isakmp Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show crypto-local pki show crypto-local pki CRL [ ALL|crlnumber|fingerprint|hash|issuer|lastupdate|nextupdate] IntermediateCA [ALL|alias|dates|fingerprint|hash|issuer|modulus|purpose|serial|subject] OCSPResponderCert [ALL|alias|dates|fingerprint|hash|issuer|modulus|purpose|serial|subject] OCSPSignerCert [ALL|alias|dates|fingerprint|hash|issuer|modulus|purpose|serial|subject] PublicCert [ALL|alias|dates|fingerprint|hash|issuer|modulus|purpose|serial|subject] ServerCert [AL
Parameter nextupdate IntermediateCA Description Shows the next date and time (date and time) where the responder retrieves updated status information for this certificate. If this information is not present, then the responder always holds up to date status information. Shows the name, original filename, reference count and expiration status of this certificate. NOTE: IntermediateCA has the identical sub-parameters as those listed under the TrustedCA parameter in this table.
Parameter Description hash Shows the hash number of this certificate. issuer Shows the certificate issuer. modulus Shows the modulus which is part of the public key of the certificate. purpose Shows the certificate’s purposes such as if this is an SSL server, SSL server CA and so on. serial Shows the certificate’s serial number. subject Shows the certificate’s subject identification number. crl-stats Shows the CRL request statistics.
Parameter Description Original Filename Name of the original certificate when it was added to the controller. Reference Count Number of RCPs that reference this OCSP responder certificate, signer certificate or CRL. Expired Shows whether the controller has enabled or disabled client remediation with Sygate-on-demand-agent. This example shows the dates for which this OCSP responder certificate is valid.
Related Commands Command Description Mode crypto-local pki This command is saved in the configuration file and verifies the presence of the certificate in the controller’s internal directory structure. Config mode crypto-local pki rcp Specifies the certificates that are used to sign OCSP responses for this revocation check point Config mode Command History Version Modification ArubaOS 3.2 Command introduced. ArubaOS 6.
show crypto map show crypto ipsec map Descriptions This command displays the IPsec map configurations. Syntax Parameter Description map Usage Guidelines Use the show crypto map command to view configuration for global, dynamic and default map configurations. Examples The command show crypto map shows statistics for the global, dynamic and default maps.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The output of this command displays the configured IKE version for the map. ArubaOS 6.3 The output of this command displays the Security association lifetime kilobytes parameter. Command Information Platforms All platforms 1428| show crypto map Licensing Base operating system Command Mode Enable or Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show crypto pki show crypto pki csr Descriptions This command displays the certificate signing request (CSR) for the captive portal feature. Syntax Parameter Description csr Usage Guidelines Use the show crypto pki command to view the CSR output. Examples The command show crypto pki shows output from the crypto pki csr command. (host) #show crypto pki csr Certificate Request: Data: Version: 0 (0x0) Subject: C=US, ST=CA, L=Sunnyvale, O=sales, OU=EMEA, CN=www.mycompany.com/emailAddress=myname@mycompany.
YXJ1YmFuZXR3b3Jrcy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOaw 8pU30BjE7ve9XZaFSaNWY3bumYL+SzFsgCXE7ceejl4+oh+QYreRaXUn6Cm60XY8 CxTdgzoMYvIvSZBH9S/mTtzDBn7SUSnsUoxAJt6uxqAhG+5GsXqb3QtnREhmGezH 9CS9KJiix2v7to5DqsciOrjsmgpQwCm3hEZwpT8JAgMBAAGgADANBgkqhkiG9w0B AQUFAAOBgQAlzg8pkXPpzSiF6nR8RLq30F0tU2TcrQf97Qmvt0p/FJpfwwqK+P9A JZz0l3NbU80OnNJjuFWlvSB0WPhwvrmCStAe/I1xoDO7m/mh7tnoYuQ05PeLf208 cExMGOB//ovyAaIPAEmB995CuQVZfOSJ7Y/hO1BafpE7nAmPt2uYgA== -----END CERTIFICATE REQUEST----- Related Commands Command Des
show database show database synchronization Description Shows database synchronization status. Syntax No parameters. Usage Guidelines Issue this command to show the status database synchronization status. Example This example shows a database synchronization status.
show datapath acl id acl {[ap-name | ip-addr ] name type } amsdu tx application {ap-name |counters|ip-addr } bridge [ap-name |counters|ip-addr |table |verbose] bwm table compression cp-bwm crypto debug {dma counters|epa|eth1info|opcode|performance|pkttrace-buffer| trace-buffer|trace-route} dhcp {vm-mac} dpi error [counters] esi table exthdr firewall-agg-sess [counters] fqdn frame {ap-name |counter
utilization vlan {ap-name }|{ip-addr |table} vlan-mcast web-cc [counters] wifi-reassembly counters wmm counters Descriptions Displays system statistics for your controller. Syntax Parameter Description acl id Displays datapath statistics associated with a specified ACL. The ACL index is found in the show rights command. amsdu tx Shows datapath AMSDU TX queue statistics ap-name Name of the AP.
Parameter bwm Description Displays the following bandwidth management table entry statistics: l Type: Indicates whether the contract is a control plane denial-of-service contract (0), a contract configured through the bandwidth management WebUI or CLI Interfaces (1), or a contract for multicast traffic generated by the controller(2). l Cont ID: An ID number unique to each contract. l Rate: Contract traffic rate, in 256-byte packets/second.
Parameter Description dma counters DMA statistics are displayed. eap counters EAP termination statistics are displayed. eth1info Displays IPv4 fragment table statistics. memory Displays SOS memory statistics. opcode Displays datapath debugging information. NOTE: Use this command only under the supervision of Dell technical support. performance all Displays datapath debug performance statistics including the SUM/CPU, addr, and description.
Parameter exthdr firewall-agg-sess counters Description Displays the datapath default IPv6 Extended Header Map. Displays the datapath firewall aggregated sessions table. Displays the datapath aggregate session statistics. fqdn Displays datapath fully qualified domain name (FQDN) entries. frame counters Displays frame statistics that are received and transmitted from the data path of the controller.
Parameter Description counters Hardware counters. statistics Hardware packet statistics. ip-geolocation counters ip-mcast Datapath IP geolocation table entries. Displays IP geolocation statistics. Displays the Datapath IP Multicast Entries table statistics. client Datapath Layer 3 groups for specified client. destination Datapath tunnel and port membership. group Datapath Layer 3 groups. station Datapath station membership.
Parameter Description lag table Displays contents of the datapath link aggregation group (LAG) or port channel table. message-queue counters Displays statistics of messages received by a CPU from other datapath CPUs (only CPUs that receive messages and non-zero statistics are shown). maintenance counters Displays datapath maintenance statistics. mobility Displays datapath IP mobility information.
Parameter port Description Displays the datapath port table information. This includes the port number, PVID, Ingress ACL, Egress ACL, Session ACL, and the following flags: l B: Blocked by the Spanning Tree protocol l L: LSG l M: Tunneled node l Q: Trunk l T: Trusted l X: xSec l Z: QinQ link-event Displays port link up and link down event counters. monitor Displays the monitor port configuration. stats // Displays the physical port statistics.
Parameter Description counters Displays route table statistics such as current entries, high water mark, maximum entries, total entries, allocation failures and max link length. ip-addr IP address of the AP. ipv4 Displays datapath IPv4 routing table. ipv6 Displays datapath IPv6 routing table. table Displays route table entries such as IP, mask, gateway, cost, VLAN and flags.
Parameter Description counters Displays counters statistics including current entries, high water mark, maximum entries, total entries, allocation failures, duplicate entries, cross linked entries, number of reverse entries and maximum link length. dpi Displays Deep Packet Information for this session. The output includes: l AclVersion: This is used to store the current version number of the ACL that is used at session creation time and is used for troubleshooting purposes.
Parameter Description l l station WebCCID: Web content category ID. To see the name of the category associated with that category ID, issue the command show web-cc category. WebCCU: URL for that session entry. Displays datapath station association table statistics. counters Display the current and high water mark amount of 802.11 associated wireless devices on a controller. Values output from this command represent the water-marks since the last boot of the controller.
Parameter Description l ipv4 l ipv6 l station-list l table l tunnel-id l verbose counters Tunnel counters. heartbeat Displays the datapath heartbeat tunnel details. ipv4 Displays the TCP tunnel table filtered on IPv4 entries. ipv6 Displays the TCP tunnel table filtered on IPv6 entries. station-list Displays the list of stations on the tunnel. table Tunnel table statistics. tunnel-group Displays the tunnel group, active status and members.
Parameter Description utilization Displays the current CPU utilization of all datapath CPUs. vlan Displays VLAN table information such as VLAN memberships inside the datapath including Layer 2 tunnels which tunnel L2 traffic. ap-name Name of the AP. ip-addr IP address of AP. table Displays VLAN number, flag, port and datapath VLAN multicast entries. vlan-mcast Displays the datapath VLAN multicast table. ap-name Name of the AP.
Example The following example displays the discovery count table that keeps track of per client home agent discovery: (host) #show datapath mobility discovery-table Datapath Mobility Discovery Count Table ------------------------------------------------Index Valid Version Retry# No-Response --------------------------------1 1 2 1 a Ack -----0 Mac -------------10:78:D2:FA:7D:38 Vlan ----74 The following example displays the datapath HA table information: (host) #show datapath mobility home-agent-table Da
| | [04] | Tunnel FIB stale 37368 | +----+------+-----------------------------------------------------+ | | | | | G | [00] | Current Entries 15 | | G | [02] | High Water Mark 15 | | G | [03] | Maximum Entries 49152 | | G | [04] | Total Entries 29 | | G | [06] | Max link length 1 | | G | [07] | Current Tunnel FIB 4294967295 | | G | [08] | Tunnel FIB recompute 37368 | +----+------+-----------------------------------------------------+ Datapath Tunnel Table Entries ----------------------------Flags: E - Ether
-------------------------Crypto Accelerator Crypto Cores In Use Crypto Cores Total Crypto Requests Total Crypto Requests Queued Crypto Requests Failed Crypto Timeouts Crypto NoCoreFree Crypto BadNPlus Crypto SendNPlusFailed IPSec Encryption Failures IPSec Decryption Failures IPSec Decryption Loops IPSec Decryption BufFail IPSec Decr SPI(client) ERR IPSec Decrypt SA Not Ready IPSec Frag Failures IPSec Bad Pad Length IPSec Invalid TCP Index IPSec Invalid Length IPSec Invalid Head-Room IPSec Invalid Protocol P
+----+------+-----------------------------------------------------+ |SUM/| | | | |CPU | Addr | Description Value | +----+------+-----------------------------------------------------+ | | [00] | Compression Engine Present True | | | [01] | Comp Response received 150 | | | [02] | Comp Response failed 0 | | | [03] | Decomp Requests 80 | | | [04] | Decomp Response received 80 | | | [05] | Decomp Requests queued 75 | | G | [06] | Compression Engine Total 4 | +----+------+-----------------------------------------
Version ArubaOS 6.4.1.0 Description l dpi l session dpi l session ipv6 dpi l session session-id dpi The following parameters were introduced as part of the show datapath frame command output: l Excessive ARP Requests l Excessive Gratuitous ARP Requests The acl id parameter was added. ArubaOS 6.4.2.0 ArubaOS 6.4.3.0 ArubaOS 6.5 l The session web-cc parameter was introduced. This command displays web-content category information about the session.
show destination show destination Description Display the aliases for default and user-defined network destinations. Syntax Parameter Description string Optional parameter to view details of a specific destination alias. Example This example displays the network destinations configured in the controller. (host) #show destination controller ---------Position Type IP addr -------- ---- ------1 host 10.16.15.
Parameter Description IP addr The IP address configured in the alias. This can be a network address, host address or a range. Mask/Range Network mark or the IP address range. Command History This command was available in ArubaOS 1.0. Replaced with netdestination in 3.0. Command Information Platforms All platforms 1451| show destination Licensing You must have a PEFNG license to configure or view a destination.
show dialer group crypto-local show dialer group Description Display dialer group information. Syntax No parameters. Usage Guidelines Displays the Dialer Group Table with the current dialing parameters. Example (host) #show dialer group Dialer Group Table -----------------Name Init String -------------evdo_us ATQ0V1E0 gsm_us AT+CGDCONT=1,"IP","ISP.CINGULAR" Dial String ----------ATDT#777 ATD*99# Command History Introduced in ArubaOS 3.4.
show dir (deprecated) crypto-local show dir usb: disk Description Display the list of directories in the specified disk and the filesystem path. Command History This command was introduced in ArubaOS 3.4. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show dot1x ap-table show dot1x ap-table Description Shows the 802.1X AP table. Syntax No parameters. Example Issue this command to display details from the AP table. AP Table -------MAC IP Essid Type Forwarding-Mode Profile Acl -----------------------------00:1a:1e:87:ff:c0 10.3.9.242 AP FORWARD_TUNNEL_80211 default/ 1 00:1a:1e:87:ff:d0 10.3.9.242 sw-pn-nokia AP FORWARD_TUNNEL_80211 default/default 1 00:1a:1e:82:ab:a0 10.3.9.220 AP FORWARD_TUNNEL_80211 default/ 1 00:1a:1e:82:ab:b0 10.3.9.
Parameter Description Forwarding Mode Forwarding mode used by the specified AP Profile AP profile Acl Number of ACLs this AP belongs to Command History This command was introduced in ArubaOS 3.0. Command Information Platforms All platforms 1455| show dot1x ap-table Licensing Base operating system Command Mode Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show dot1x ap-table aes show dot1x ap-table aes Description Shows the AES keys of all APs. Syntax No parameters. Example Issue this command to display AES keys of all APs.
show dot1x ap-table dynamic-wep show dot1x ap-table dynamic-wep Description Shows the dynamic WEP keys of all APs. Syntax No parameters. Example Issue this command to display dynamic keys of all APs.
show dot1x ap-table static-wep show dot1x ap-table static-wep Description Shows the static WEP keys of all APs. Syntax No parameters. Example Issue this command to display the static WEP keys of all APs.
show dot1x ap-table tkip show dot1x ap-table tkip Description Displays a table of TKIP keys on the controller. Syntax No parameters. Example Issue this command to display all TKIP keys.
show dot1x counters show dot1x counters Description Displays a table of dot1x counters. Example Issue this command to display all 802.1X counter information. 802.1X Counters AP Sync Request...................4 Sync Response..................3 Up.............................4 Down...........................1 Resps..........................4 Acl............................53 Station Sync Request...................9 Sync Response..................9 Up.............................2321 Down....................
Parameter Description AP l Sync Request l Sync Response l l Number of sync requests sent l Number of sync responses sent Up l Number of times an AP has come up l Down l Number of times an has gone down l Resps l Number of response messages sent to the AP due to an AP up message l Acl l Number of access control lists l Number of sync requests sent to find all APs and stations that are connected l Number of sync responses received l Number of times a station (any station) connec
Parameter Description l Message-3 l Number of WPA2 message-3s sent l Message-4 l Number of WPA2 message-4s sent l Rx Failed l Number of WPA2 related EAP packets dropped for any reason l IE Mismatches l Number of WPA2 related EAP packets dropped because the station and controller have a different perception of what the connection details are l Key Exchange Failures l Number of key exchange failures Radius Accept Station Deauths Number of RADIUS accepts Number of stations deaths Comma
show dot1x supplicant-info show dot1x supplicant-info Description Shows the details about a specific supplicant. Example Issue this command to display the details about a supplicant.
Parameter Description Name Supplicant name. MAC Address Supplicant MAC address. AP MAC Address AP MAC address. Status Supplicant’s status. Unicast Cipher Supplicant’s unicast cipher. Multicast Cipher Supplicant’s multicast cipher. EAP-Type Supplicant’s EAP-Type. EAPOL Starts Number of EAPOL starts. EAP ID Requests Number of EAP ID requests. EAP ID Responses Number of EAP ID responses. EAPOL Logoffs from station Number of EAPOL logoffs from the station.
Parameter Description WPA/WPA2-Key Message1 Number of WPA message-1s sent. WPA/WPA2-Key Message2 Number of WPA message-2s sent. WPA/WPA2-Key Message3 Number of WPA message-3s sent. WPA/WPA2-Key Message4 Number of WPA message-4s sent. WPA-GKey Message1 Number of WPA group message-1s sent. WPA-GKey Message2 Number of WPA group message-2s sent. ID of the last EAP request The ID of the last EAP request. Length of the last EAP request The length of the last EAP request.
show dot1x supplicant-info list-all show dot1x supplicant-info list all Description Shows all 802.1X supplicants. Syntax No parameters. Example Issue this command to display all 802.1X supplicants as well as additional relevant information. 802.
Command Information Platforms All platforms 1467| show dot1x supplicant-info list-all Licensing Base operating system Command Mode Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show dot1x supplicant-info pmkid show dot1x supplicant-info pmkid Description Shows the PMKIDs of the various stations on the controller. Syntax No parameters. Example Issue this command to display the PMKIDs of the various stations on the controller.
show dot1x supplicant-info statistics show dot1x supplicant-info statistics Description Shows the 802.1X statistics of the users. Syntax No parameters. Example Issue this command to display the 802.1X statistics of the users. 802.
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms All platforms 1470| show dot1x supplicant-info statistics Licensing Base operating system Command Mode Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show dot1x watermark crypto-local show dot1x watermark history table {active|pending} Description Use this command under the guidance of Dell support to view information about the table that contains 802.1X sessions being processed. Syntax Parameter Description Range Default history Displays all historical sessions in the 802.1X session queue. — — table {active|pending} Table types: — — l active: Displays all current active sessions in the 802.1X queue and the corresponding userage.
show dpi show dpi application name all category custom-app global-bandwidth-contract all category custom-app Description Shows applications and application categories that are configured for deep-packet inspection. It also shows DPI global bandwidth contracts by application or application category. Syntax Parameter Description name Name of the application all Shows all applications category Shows all applications within a category.
118114cn 952 web tcp 80 0 11st 1191 web tcp 80 0 Related Commands Command dpi Description Mode Use this command to configurs Deep-Packet Inspection and the global bandwidth contract for an application or application categories for the AppRF feature. Config mode Command History This command was introduced in ArubaOS 6.4.
show esi groups show esi groups [{group-name |{ping-name }] Description Show ESI group information. Syntax Parameter Description group-name View the facility used when logging messages into the remote syslog server. ping-name Enter the name of a set of ping values to how the names of ESI groups using that set of ping attributes. Define a set of ESI ping values using the command esi ping. server Show the IP address of a remote logging server.
Platforms esi parser rule-test Licensing Command Mode This command allows you to test all of the enabled parser rules. Config mode on master or local controllers. Command History This command was introduced in ArubaOS 2.5. Command Information Platforms All platforms 1475| show esi groups Licensing Base operating system Command Mode Enable and Config mode on master or local controllers. Dell Networking W-Series ArubaOS 6.5.
show esi parser show esi parser domains|rules|stats Description Show ESI parser information. Syntax Parameter Description domains Show ESI parser domain information. rules Show ESI parser rule information. stats Show ESI parser rule stats. Usage Guidelines The ESI parser is a generic syslog parser on the controller that accepts syslog messages from external thirdparty appliances such as anti-virus gateways, content filters, and intrusion detection systems.
Platforms Licensing Command Mode esi parser rule This command creates or changes an ESI syslog parser rule. Config mode on master or local controllers. esi parser rule-test This command allows you to test all of the enabled parser rules. Config mode on master or local controllers. Command History This command was introduced in ArubaOS 3.1.
show esi ping show esi ping [ping-name ] Description Show settings for ESI ping health check attributes. Syntax Parameter Description Include the optional ping-name parameters to display settings for one specified set of ping settings. ping-name Example This example below shows that the controller has three defined sets of ping attributes.
Related Commands Platforms Licensing esi ping Command Mode This command specifies the ESI ping health check configuration. Config mode on master or local controllers. Command History This command was introduced in ArubaOS 2.5. Command Information Platforms All platforms 1479| show esi ping Licensing Base operating system Command Mode Enable and Config mode on master or local controllers. Dell Networking W-Series ArubaOS 6.5.
show esi servers show esi servers [{group-name |{server-name }] Description Show configuration information for ESI servers. Syntax Parameter Description group-name Include this optional parameter to display information for all ESI servers assigned to a specific ESI group. server-name Specify an ESI server name to view configuration information for just that server.
Column Description Name Name of the ESI server. Trusted IP Displays the server IP address on the trusted network. As an option, you can also enable a health check on the specified address Untrusted IP Displays the server IP address on the untrusted network. As an option, you can also enable a health check on the specified address Trusted port Shows the slot, module and port connected to the trusted side of the ESI server; slot/port format.
show faults show fault [history] Description Display a list of faults, which are any problematic conditions of the ArubaOS software or hardware. Syntax Parameter history Description Include this parameter to display a history of faults cleared by the controller or the operator. Usage Guidelines A controller can maintain a list of up to 100 faults. Once 100 faults have been logged, any faults arising after that are dropped. The controller maintains a history of the last 100 faults that have cleared.
2009-03-02 18:13:09 111 Authentication Server corp1-supersvr 2009-03-02 18:13:09 112 All authentication servers in server back in service. 2009-03-02 18:13:09 113 Authentication Server corp1-supersvr 2009-03-02 18:13:09 114 All authentication servers in server back in service. 2009-03-02 18:13:09 115 Authentication Server corp1-supersvr Total number of entries in the queue :23 is down. group sg-auth2 are brought is down. group sg-auth2 are brought is down.
show file syncing profile show file syncing profile Description This command displays the configuration the file syncing profile. Syntax None. Usage Guidelines Execute this command to view the file syncing profile. Example The following example shows the output of show file syncing profile. (host) #show file syncing profile File syncing profile -------------------Parameter Value ------------File syncing Enabled sync time 30 Command History This command was introduced in ArubaOS 6.4.1.
show fips show fips This command applies only to the FIPS version of ArubaOS. Description Displays FIPS mode of operation status as enabled or disabled. Syntax No parameters. Example The output of this command shows that the FIPS mode of operation is currently enabled. (host) # show fips FIPS Settings: -------------Mode Enabled Command History This command was introduced in ArubaOS-FIPS 2.4.
show firewall show firewall [debug-route][dns-names] Description Display a list of global firewall policies and policy details. Syntax Parameter Description debug-route Show global route debug settings, including the route protocol (IPv4/IPv6) and IP address. dns-names Display a list of DNS names and IP addresses used in firewall commands. Examples Include the optional dns-names parameter to list the DNS names used in firewall policies currently configured on the controller.
Stateful SIP Processing Allow tri-session with DNAT Disable FTP server Blacklist ARP attack client Monitor ARP attack Monitor Gratuitous ARP attack GRE call id processing Session Idle Timeout WMM content enforcement Session VOIP Timeout Stateful H.
Parameter Description Deny all IP Fragments If enabled, all IP fragments are dropped. Prohibit IP Spoofing When this option is enabled, source and destination IP and MAC addresses are checked; possible IP spoofing attacks are logged and an SNMP trap is sent. Monitor ping attack If enabled, the controller monitors the number of ICMP pings per second. If this value exceeds the maximum configured rate, the controller will register a denial of service attack.
Parameter Description Blacklist ARP attack client If enabled, blacklist clients exceeding the ARP attack rate. Monitor ARP attack Shows the status of the ARP attack monitor. Monitor Gratuitous ARP attack Shows the status of the Gratuitous ARP attack monitor. GRE call id processing If active the controller creates a unique state for each PPTP tunnel. Session Idle Timeout Shows if a session idle timeout interval has been defined.
Parameter Description Rate limit CP session mirror traffic Displays the traffic rate limit for session mirrored traffic forwarded to the controller. Rate limit CP auth process traffic Displays the traffic rate limit for traffic forwarded to the authentication process. Deny inter user traffic If enabled, this setting disables traffic between all untrused users. You can configure user role policies that prevent Layer-3 traffic between users or networks but this does not block Layer-2 traffic.
Parameter Description Prevent DHCP Exhaustion If enabled, this option checks for DHCP client hardware address against the packet source MAC address. This command checks the frame's source-MAC against the DHCPv4 client hardware address and drops the packet if it does not match. This feature prevents a client from submitting multiple DHCP requests with different hardware addresses, thereby preventing DHCP pool depletion.
Parameter Description IP classification If enabled, supports IP (reputation/geolocation) classification. This helps in rejecting traffic sent or received from those IP addresses classified as malicious based on the policy configured. Using the geolocation IP database the geographical location of the malicious IP address is also determined, and traffic is permitted or denied after scanning the geographic based rules configured by the administrator.
Release ArubaOS 6.4.2.0 Modification The following parameters were introduced as part of the show firewall command: l Web Content Classification l Web Content Cache Miss Drop ArubaOS 6.4.2.5 The Optimize Duplicate Address Detection frames parameter was introduced. ArubaOS 6.5 The IP classification parameter was introduced.
show firewall-cp show firewall-cp [internal] Description Displays the captive-portal (CP) firewall policies on the controller. Syntax No Parameters Example The output of this command shows the CP firewall policies. (host) #show firewall-cp CP firewall policies -------------------IP Version Source IP contract ---------- ----------ipv4 any ipv4 10.10.10.
show firewall-visibility show firewall-visibility {debug|status} Description Displays the policy enforcement firewall visibility process state and status information. Syntax Parameter Description debug Displays process state information for debugging firewall visibility. status Displays the status of firewall visibility as enabled or disabled. Example The output of this command shows the status of firewall visibility.
show flush-r1-on-new-r0 ap·flush- r1-on-new-r0 {enable|disable} Description Use this command to view the status of flushing r1 keys on new r0. Syntax No parameters. Example The following example displays the status of flushing r1 keys on new r0: (host) (config) #show flush-r1-on-new-r0 Fast Roaming flush-r1-on-new-r0:enable Command History Release ArubaOS 6.
show gap-debug show gap-debug Description Displays the troubleshooting information for the global AP database. Usage Guidelines Use this command to identify any issues with the global AP database. This command displays the troubleshooting information for the global AP database.
Column Description tracks the number of times the LMS has communicated with the master controller. Activity The time at which the last activity happened on the LMS. Status Indicates if the status of the LMS is up or down. Msg in Prog Indicates if an active communication is happening between the LMS and the master controller. It can be Yes or No. If it is yes, then the Msg Len and Attempt fields are set. Msg Len The length of the message that the master controller is syncing with the LMS.
show gateway health-check show gateway health-check Description Display the current status of the gateway health-check feature. Syntax No parameters. Usage Guidelines The gateway health check feature can only be enabled by Dell Technical Support. Example This example below shows that the gateway health-check feature has not been enabled on the controller.
show global-user-table count show global-user-table show global-user-table count [current-switch] [authentication-method] {dot1x | mac | stateful-dot1x | vpn | web} [role] [bssid] [essid] [ap-name] [phy-type] {a | b | g} [age] Description This command displays a count of global user based on the specified criteria.
Command History This command was introduced in ArubaOS 3.4. Command Information Platforms All platforms Master controller only 1501| show global-user-table count Licensing Base operating system Command Mode Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show-global-user-table list show global-user-table list current-switch] authentication-method] {dot1x | mac | stateful-dot1x | vpn | web} role bssid devtype essid ap-name phy-type a|b|g age not or rows sort {sort_by_ap-name | sort_by_authtype | sort_by_bssid | sort_by_current-switch | sort_ by_essid | sort_by_ip | sort_by_mac | sort_by_name | sort_by_phy-type | sort_by_role}{asc | desc} start Des
Parameter Description not Show users that do not satisfy the given criteria or Show users that satisfy any of the given criteria rows Number of rows to show sort Sort the list based on a specified criteria, in ascending or descending order start Show user table starting from a specific row Example Issue this command to display a global user count. The output of this command is split into two tables in this document, however it appears in one table in the CLI.
Parameter Description Role User role. Age User age, displayed as days:hours:minutes. Auth Authentication method used by user. VPN Link IP address of the client VPN gateway. AP name AP name. Roaming Roaming status. Essid User’s extended service set identifier (ESSID). Bssid User’s basic service set identifier (BSSID). Phy User Phy type (a, b or g). Profile Profile name Forward mode Forwarding mode assigned to the user (tunnel, split-tunnel, decrypt-tunnel or bridge).
show guest-access-email show guest-access-email Description This command shows a guest access email profile configuration. The guest access email process sends email to either the guest or the sponsor whenever a guest user account is created or when the Guest Provisioning user manually sends email from the Guest Provisioning page. Syntax No parameters. Usage Guidelines Issue this command to show the current guest access email profile parameters.
show ha ap show ha ap information {ip-addr |ip6-addr } table Description This command displays information about APs using the High Availability feature. Syntax Parameter Description information ip-addr ip6-addr Issue this command under the supervision of Dell support to troubleshoot the High Availability feature. table Display the High Availability AP table to view information about APs configured to use the High Availability feature.
Command Information Platform Available on all platforms 1507| show ha ap License Command Mode Available in the base operating system. Enable mode on master and local controllers. Dell Networking W-Series ArubaOS 6.5.
show ha group show ha group-membership group-profile []} Description This command displays High Availability profile settings and shows the high availability group to which the controller is currently assigned. Syntax Parameter Description group-membership
Command Information Platform Available on all platforms 1509| show ha group License Command Mode Available in the base operating system. Enable mode on master and local controllers. Dell Networking W-Series ArubaOS 6.5.
show ha heartbeat counters show ha heartbeat counters Description This command displays statistics for the High Availability extended controller capacity feature. Syntax No parameters. Usage Guidelines The high availability inter-controller heartbeat feature allows for faster AP failover from an active controller to a standby controller, especially in situations where the active controller reboots or loses connectivity to the network.
Parameter Description Controller IP IP address of the controller from which this command was issued. Active Reference Count Number of APs that are using that standby controller as their active controller. Total HeartBeat Sent Total number of heartbeats sent by the controller. Total Heartbeat REceived Total nunmber of heartbeats received by the controller.
show ha oversubscription statistics show ha oversubscription statistics Description This command displays statistics for the High Availability extended controller capacity feature Syntax No parameters. Usage Guidelines Starting with ArubaOS 6.4.0.0, a controller acting as a standby controller can oversubscribe to standby APs by up to four times that controller's rated AP capacity, as long as the tunnels consumed the standby APs do not exceed the maximum tunnel capacity for that standby controller.
AP Failover If a standby controller reaches its AP oversubscription capacity or exceeds its maximum BSSID limit, the standby controller drops any subsequent standby AP connections. A dropped AP attempts to reconnect to the standby controller, but after it exceeds the maximum number of request retries, the AP informs the active controller that it is unable to connect to the standby controller.
Parameter Description Maximum BSS tunnels The maximum number of BSS tunnels supported by the controller. Average BSS/AP The average number of BSS tunnels per AP using the controller as a standby controller. BSS tunnels in use Number of BSS tunnels currently in use by the controller. BSS tunnels available Number of BSS tunnels not currently in use by the controller. Command History Introduced in ArubaOS 6.
show hostname show hostname Description Show the hostname of the controller. Syntax No parameters. Example The output of this command shows the hostname configured for the controller. A hostname can contain alphanumeric characters, spaces, punctuation, and symbol characters. (host) # show hostname hostname is SampleHost Related Commands Configure the controller’s hostname using the command hostname. Command History This command was available in ArubaOS 1.0.
show iap detailed-table show iap detailed-table branch-key long Description Displays the details of all the branches terminating at the controller. Syntax Parameter Description branch-key Key for the branch, which is unique to each branch. long Displays the branches connected to the controller in detailed view.
Parameter Description Key Key for the branch, which is unique to each branch Flags This column displays any flags for the branch subnet l P = Primary Tunnel l B = Backup Tunnel l C = Centralized l D = Distributed l L = Local l U = Unassigned l 3 = Routed(L3) l 2 = Bridged(L2) Branch (Subnet/Vlan) Subnet mask or VLAN assigned to the branch BID Branch ID IP Address Range Allocated branch subnet IP address range Client Count Number of client terminating on this controller Command H
show iap table show iap table branch-key long Description Displays the branch details connected to the controller. Syntax Parameter Description branch-key Key for the branch, which is unique to each branch. Displays the branches connected to the controller in detailed view.
Parameter Description VC MAC Address MAC address of the Virtual Controller of the branch. Status Current status of the branch (UP/DOWN). Inner IP Internal VPN IP of the branch. Assigned Subnet Subnet mask assigned to the branch. Assigned Vlan VLAN ID assigned to the branch. Key Key for the branch, which is unique to each branch. Bid(Subnet Name) Branch ID (BID) of the subnet. l In the example above, the controller displays bid-per-subnet-per-branch i.e.
Command Information Platforms All platforms Licensing Base operating system, except for noted parameters Dell Networking W-Series ArubaOS 6.5.
show iap trusted-branch-db show iap trusted-branch-db Description Displays the details of IAP trusted branch database information.
Command Information Platforms All platforms 1522| show iap trusted-branch-db Licensing Command Mode Base operating system, except for noted parameters Enable or Configuration mode on master and local controller Dell Networking W-Series ArubaOS 6.5.
show ids ap-classification-rule id-classification-rule Description Display the IDS AP classification rule profile. Syntax Parameter Description Enter the AP classification rule profile name. Usage Guidelines Issue this command without the option to view the AP Classification Rule Profile list. Add the rule name option to display values for the rule.
Command Information Platforms Available on all platforms 1524| show ids ap-classification-rule Licensing Command Mode Requires the RFprotect license Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ids ap-rule-matching Description Display the IDS active AP rules profile. Example (host) (config) #show ids ap-rule-matching IDS Active AP Rules Profile --------------------------Parameter Value ------------AP Rule name snr0 AP Rule name rule1 AP Rule name rule2 AP Rule name exclude-ssid-rule In the above example, the rule names in the Value column have been activated by the ids ap-rule-matching command. Command History Release ArubaOS 6.
show ids dos-profile show ids dos-profile Description Show an IDS Denial Of Service (DoS) Profile Syntax Parameter Description Name of an IDS DoS profile. Usage Guidelines Issue this command without the parameter to display an IDS DoS profile. Examples The example below shows that the controller has four configured DoS profiles.
EAP Rate Threshold EAP Rate Time Interval EAP Rate Quiet Time Detect CTS Rate Anomaly CTS Rate Threshold CTS Rate Time Interval CTS Rate Quiet Time Detect RTS Rate Anomaly RTS Rate Threshold RTS Rate Time Interval RTS Rate Quiet Time Detect Rate Anomalies Rate Thresholds for Assoc Frames Rate Thresholds for Disassoc Frames Rate Thresholds for Deauth Frames ...
show ids general-profile show ids general-profile Description Display an IDS General profile. Syntax Parameter Description Name of an IDS General profile. Usage Guidelines Issue this command without the parameter to display the IDS General profile list. Include a profile name to display detailed configuration information for that profile. Examples The example below shows that the controller has four configured General profiles.
Send Adhoc Info to Controller Signature Quiet Time STA Inactivity Timeout STA Max Unseen Timeout Stats Update Interval Wired Containment Wired Containment of AP's Adj MACs Wired Containment of Suspected L3 Rogue Wireless Containment Debug Wireless Containment WMS Client Monitoring true 900 sec 60 sec 600 sec 60 sec true true false deauth-only false all The output of this command includes the following parameters: Parameter Description Adhoc AP Max Unseen Timeout Ageout time in seconds since adhoc (IBSS
Parameter Description Send Adhoc Info to Controller Enable or disable sending adhoc information to the controller from the AP. Signature Quiet Time After a signature match is detected, the time to wait, in seconds, to resume checking. STA Inactivity Timeout Time, in seconds, after which a station is aged out. STA Max Unseen Timeout Time, in seconds, after which an AP is aged out. Stats Update Interval Interval, in seconds, for the AP to update the controller with statistics.
Command History Version Description ArubaOS 3.0 Command Introduced ArubaOS 5.0 Mobility Manager RTLS parameter introduced ArubaOS 6.0 Refreshed show output ArubaOS 6.3 Introduced the Wired Containment of Suspected L3 Rogue parameter. ArubaOS 6.4.2.
show ids impersonation-profile show ids impersonation-profile Description Display an IDS Impersonation Profile. Syntax Parameter Description Name of an IDS Impersonation profile. Usage Guidelines Issue this command without the parameter to display the IDS Impersonation profile list. Include a profile name to display detailed configuration information for that profile.
Parameter Description Detect AP Impersonation Shows of the profile has enabled or disabled detection of AP impersonation. Protect from AP Impersonation Shows if AP impersonation is enabled or disabled for the profile. When AP impersonation is detected, both the legitimate and impersonating AP are disabled using a denial of service attack. Beacon Diff Threshold Percentage increase in beacon rates that triggers an AP impersonation event.
show ids management-profile Description Displays the management event correlation for IDS event traps and sylogs (logs). Example The following example displays the current management status.
show ids profile show ids profile Description Display all ids profiles or display a specific profile name. Syntax Parameter Description Name of an IDS profile. Usage Guidelines Issue this command without the parameter to display the list of IDS profiles. Include a profile name to display detailed information for that profile. Examples The example below shows that the controller has seven configured IDS Profiles.
Parameter Description IDS General profile Name of a IDS General profile to be applied to an AP or AP group. IDS Signature Matching profile Name of a IDS Signature Matching profile to be applied to an AP or AP group. IDS DOS profile Name of a IDS Denial of Service profile to be applied to an AP or AP group. IDS Impersonation profile Name of a IDS Impersonation profile to be applied to an AP or AP group.
show ids rate-thresholds-profile show ids rate-thresholds-profile Description Show an IDS Rate Thresholds profile. Syntax Parameter Description Name of an IDS Rate Threshold profile. Usage Guidelines Issue this command without the parameter to display the IDS Rate Threshold profile list. Include a profile name to display detailed configuration information for that profile.
Parameter Description Channel Increase Time Time, in seconds, in which the threshold must be exceeded in order to trigger an alarm. Channel Quiet Time The time that must elapse after a channel rate alarm before another identical alarm may be triggered. This option prevents excessive messages in the log file. Channel Threshold Number of a specific type of frame that must be exceeded within a specific interval in an entire channel to trigger an alarm.
show ids signature-matching-profile show ids signature-matching-profile Description Show an IDS Signature Matching profile. Syntax Parameter Description Name of an IDS Signature Matching profile. Usage Guidelines Issue this command without the parameter to display the entire IDS Signature Matching profile list. Include a profile name to display detailed configuration information for that profile.
Related Commands Configure the Signature Matching profile using the command ids signature-matching-profile. Command History Version Description ArubaOS 3.0 Command Introduced ArubaOS 6.0 Refreshed show output Command Information Platforms Available on all platforms 1540| show ids signature-matching-profile Licensing Command Mode Requires the RFprotect license Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ids signature-profile show ids signature-profile Description Show an IDS signature profile. Syntax Parameter Description Name of an IDS Signature profile. Usage Guidelines Issue this command without the parameter to display the entire IDS Signature profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Parameter Frame Type Description Type of 802.11 frame. For each type of frame, further parameters may be included to filter and detect only the required frames. l assoc: Association frame type. l auth: Authentication frame type. l beacon: Beacon frame type. l control: All control frames. l data: All data frames. l deauth: Deauthentication frame type. l disassoc: Disassociation frame type. l mgmt: Management frame type. l probe-request: Probe request frame type.
show ids unauthorized-device-profile show ids unauthorized-device-profile Description Show an IDS Unauthorized Device Profile. Syntax Parameter Description Name of an IDS Unauthorized Device profile Usage Guidelines Issue this command without the parameter to display the IDS Unauthorized Device profile list. Include a profile name to display detailed configuration information for that profile.
Detect Devices with an Invalid MAC OUI MAC OUI detection Quiet Time Detect Misconfigured AP Protect Misconfigured AP Detect Bad WEP Privacy Require WPA Valid 802.11g channel for policy enforcement Valid 802.
Parameter Description Protect from Adhoc Networks-Enhanced Shows if the profile has enabled or disabled protection from WEP/Open adhoc networks. Detect Valid SSID Misuse Shows if the detect valid SSID minuse is enabled (true) or disabled (false). Adhoc Network Using Valid SSID Quiet Time Allow Well Known MAC Shows time to wait, in seconds, after detecting an adhoc network using a valid SSID, after which the check can be resumed.
Parameter Description Valid MAC OUIs A list of valid MAC Organizationally Unique Identifiers (OUIs). Rogue AP Classification Shows if the profile has enabled or disabled rogue AP classification. Overlay Rogue AP Classification Shows if the controller allows APs that are plugged into the wired side of the network to be classified as “suspected rogue” instead of “rogue”. OUI-based Rogue AP Classification Shows if OUI-based rogue AP classification is enabled or disabled.
Parameter Description Valid Wired MACs List of valid and protected SSIDs. Detect Windows Bridge Shows if the profile has enabled or disabled detection of Windows station bridging. Protect Windows Bridge Shows if the profile has enabled or disabled protection of Windows station bridging. Detect Wireless Bridge Shows if the profile has enabled or disabled detection of wireless bridging.
Version Description l Protect From Wireless Hosted Networks l Wireless Hosted Network Quiet Time l Protect From Wireless Hosted Networks l Protect from Adhoc Networks-Enhanced Command Information Platforms Available on all platforms 1548| show ids unauthorized-device-profile Licensing Command Mode Requires the RFprotect license Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ids wms-general-profile show ids wms-general-profile Description Display general statistics for the wms configuration. Syntax No parameters. Example This example shows per-channel statistics for all monitored APs.
Column Description Statistics update Shows the status of the statistics updates in the database. Persistent Neighbor APs Shows the status of known AP neighbors. Persistent Valid STAs Shows the status of known AP neighbors. AP learning Shows the status of “learning” of non-Dell APs. Propagate Wired Macs Shows if the controller has enabled or disabled the propagation of the gateway wired MACs.
show ifmap show ifmap cppm state cppm Descriptions Issue this command to show the CPPM IF-MAP configuration profile and the IP-MAP connection state. Syntax Parameter Description cppm Shows the CPPM IF-MAP profile parameters and their values. state cppm Shows the CPPM IF-MAP connection state including if it is enabled, and the servers and their state.
Related Commands Command Description Mode ifmap This command is used in conjunction with ClearPass Policy Manager. It sends HTTP User Agent Strings and mDNS broadcast information to ClearPass so that it can make more accurate decisions about what types of devices are connecting to the network Config mode Command History Version ArubaOS 6.3 Modification Command introduced.
show ip interface brief show ip interface brief Description View IP-related information on all interfaces in summary format. Syntax No parameters. Example (host) #show ip interface brief Interface vlan 1 vlan 2 loopback mgmt IP Address 172.16.0.254 10.4.62.9 unassigned unassigned / / / / / IP Netmask 255.255.255.0 255.255.255.0 unassigned unassigned Admin up up up down Protocol up up up down The following table details the columns and content in the show command.
show image version Description Display the current system image version on both partition 0 and 1. Syntax No parameters. Example The following example shows that the controller is running ArubaOS 3.4 and booting off partition 0:0. (host) #show image version ---------------------------------Partition : 0:0 (/dev/hda1) **Default boot** Software Version : AOS-W 3.3.2.
| show image version Dell Networking W-Series ArubaOS 6.5.
show interface cellular access-group show interface cellular access-group Description List the Access groups configured on the cellular interface. Example (host) (config-cell)#show interface cellular access-group Cell Interface: session access list 3 is configured Command History Release ArubaOS 5.0 Modification Command introduced Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show interface counters show interface counters Description Displays a table of L2 interfaces counters. Syntax No parameters Example The example below shows the output of show interface counters.
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms All platforms 1558| show interface counters Licensing Base operating system Command Mode Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show interface fastethernet show interface fastethernet // Description Displays information about a specified fast Ethernet port. Syntax Parameter Description access-group Displays access groups configured on this interface. counters Displays L2 interface counters for the specified interface. switchport Displays L2 interface information. untrusted-vlan Displays port member vlan untrusted status. xsec Displays xsec configuration.
Parameter Description line protocol is... Displays the status of the line protocol on the specified port. Hardware is.... Describes the hardware interface type. address is... Displays the MAC address of the hardware interface. Description The port type, name, and connector type. Encapsulation Encapsulation method assigned to this port. loopback... Displays whether or not loopback is set. Configured Configured transfer operation and speed. Negotiated Negotiated transfer operation and speed.
#show interface fastethernet 1/0 counters Port FE1/0 InOctets 196310364 InUcastPkts 460655 InMcastPkts 661932 InBcastPkts 15 Port FE1/0 OutOctets 97074242 OutUcastPkts 191401 OutMcastPkts 3 OutBcastPkts 72 The output of this command includes the following parameters: Parameter Description Port Port number. InOctets Number of octets received through the port. InUcastPkts Number of unicast packets received through the port.
Parameter Description Operational Trunking Encapsulation Encapsulation method used for operational trunking. Access Mode VLAN The access mode VLAN for the specified port. Trunking Native Mode VLAN The trunking native mode VLAN for the specified port. Trunking Vlans Enabled Number of trunking VLANs currently enabled. Trunking Vlans Active Number of trunking VLANs currently active.
show interface gigabitethernet show interface gigabitethernet // Description Displays information about a specified Gigabit Ethernet port. Syntax Parameter Description counters Displays L2 interface counters for the specified interface. switchport Displays L2 interface information. untrusted-vlan Displays port member vlan untrusted status. xsec Displays xsec configuration. Examples The example below shows the output of show interface gigabitethernet 0/0/1.
Parameter Description Hardware is.... Describes the hardware interface type. address is... Displays the MAC address of the hardware interface. Description The port type, name, and connector type. Encapsulation Encapsulation method assigned to this port. loopback... Displays whether or not loopback is set. Configured Configured transfer operation and speed. Jumbo frame support is enabled. Jumbo support... Negotiated Negotiated transfer operation and speed.
Parameter Description Port Port number. InOctets Number of octets received through the port. InUcastPkts Number of unicast packets received through the port. InMcastPkts Number of multicast packets received through the port. InBcastPkts Number of broadcast packets received through the port. OutOctets Number of octets sent through the port. OutUcastPkts Number of unicast packets sent through the port. OutMcastPkts Number of multicast packets sent through the port.
Parameter Description Trunking Vlans Enabled Number of trunking VLANs currently enabled. Trunking Vlans Active Number of trunking VLANs currently active. (host) #show interface gigabitethernet 1/0 untrusted-vlan Name: GE1/0 Untrusted Vlan(s) The output of this command includes the following parameters: Parameter Description Name Name of the specified port. Untrusted Vlan(s) List of untrusted VLANs.
show interface loopback show interface loopback Description Displays information about the loopback IP interface. Syntax No parameters Example The example below shows the output of show interface loopback. #show interface loopback loopback interface is up line protocol is up Hardware is Ethernet, address is 00:0B:86:51:14:D0 Internet address is 10.3.49.100 255.255.255.255 The output of this command includes the following parameters: Parameter Description loopback interface is...
Dell Networking W-Series ArubaOS 6.5.
show interface port-channel show interface port-channel Description Displays information about a specified port-channel interface. Syntax Parameter Description access-group Displays access groups configured on this interface. counters Displays L2 interface counters for the specified interface. untrusted-vlan Displays port member vlan untrusted status. xsec Displays xsec configuration. Example The example below shows the output of show interface port-channel 0 on a controller.
Parameter Description Hardware is.... Hardware interface type. address is... MAC address of the hardware interface. Description The port type, name, and connector type. If the LAG is created by LACP, it is indicated as shown in the display output above. If the LAG is created by LACP, you can not statically add or delete any ports under that port channel. All other commands are allowed. If LACP is not shown, then the LAG is created by static configuration. Spanning Tree is...
PC 0: 0 0 0 0 The output of this command includes the following parameters: Parameter Description PC Port number. InOctets Number of octets received through the port. InUcastPkts Number of unicast packets received through the port. InMcastPkts Number of multicast packets received through the port. InBcastPkts Number of broadcast packets received through the port. OutOctets Number of octets sent through the port. OutUcastPkts Number of unicast packets sent through the port.
Command History Release Modification ArubaOS 3.4.1 Modified to display LACP when applicable. ArubaOS 3.0. Command introduced. Command Information Platforms All platforms 1572| show interface port-channel Licensing Base operating system Command Mode Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show interface-profile voip-profile show interface-profile voip-profile Description This command displays the specified VoIP profile configuration information. Syntax Parameter Description Name of the VoIP profile. Examples The following example shows configuration details for the VoIP profile: (host) #show interface-profile voip-profile profile1 VOIP profile "profile1" ----------------------Parameter Value --------- ----VOIP VLAN 1 DSCP 0 802.
show interface tunnel show interface tunnel Description Displays information about tunnel interfaces. Syntax Parameter id Description Tunnel interface number. Example The example below shows the output of show interface tunnel for IPv4. #show interface tunnel 2000 Tunnel 64001 is up line protocol is up Description: Internal Tunnel created for Branch controller communication Internet address is 14.14.14.2 255.255.255.252 Source 10.4.251.65 Destination 12.12.12.
Parameter Description Internet address is... IP address of the specified interface. Source IP address of the tunnel’s source. Destination IP address of the tunnel’s destination. Tunnel mtu is set to... Size of the specified tunnel’s MTU. Tunnel is an... Description of the specified tunnel. Tunnel is... Whether or not the specified tunnel is trusted. Inter tunnel flooding is... Status of inter tunnel flooding on the specified tunnel. Tunnel keepalive is...
show interface vlan show interface vlan Description Displays information about a specified VLAN interface. Syntax No parameters Example The example below shows the output of show interface vlan 1. #show interface vlan 1 VLAN1 is up line protocol is down Hardware is CPU Interface, Interface address is 00:0B:86:61:82:40 (bia 00:0B:86:61:82:40) Description: 802.1Q VLAN Internet address is 10.3.49.50 255.255.255.
Parameter Description Directed broadcast is... Displays whether or not directed broadcast is enabled Encapsulation Encapsulation type loopback... Loopback status MTU MTU size of the specified port in bytes Last clearing of “show interface counters” Time since “show interface counters” was cleared link status last changed Time since link status last changed Proxy ARP is... Status of proxy ARP on the specified interface DHCP Option-82 is...
show inventory show inventory Description Displays hardware inventory of the controller. Syntax No parameters. Example Issue this command to display the hardware component inventory of the controller. The output of this command will vary, depending upon controller type.
Fan Tray Serial# Back Plane Assembly# Back Plane Serial# Power Supply type Power Supply 0 Power Supply 1 Power Supply 2 M3mk1 Card Temperatures AMP Card Temperatures M3mk1 Card Voltages : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : C00013879 (Date:12/18/04) 2000006B (Rev:01.
Parameter Description Line Card States whether or not a line card is present in the specified slot Line Card FPGA Name/type of FPGA associated with the specified line card slot Line Card Switch Chip Name/type of switch card associated with the specified line card slot Line Card Mez Card States whether or not a mezzanine card is present in the specified slot Line Card SPOE States whether or not a SPOE card is present in the spec
Parameter Description Power Supply Power supply status M3mk1 Card Temperatures l M3mk1 card l CPU l The temperature from the sensor on the supervisor card l The temperature from the CPU die l The temperature from the sensor on the Mobility Processor card l The temperature from the FPGA die AMP Card Temperatures l Processor Card l Mobility Processor M3mk1 Card Voltages This parameter displays to columns of voltages for many components displayed previously by this co
show iostat show iostat Description Displays IO statistics information. This command reports Central Processing Unit (CPU) statistics and input/output statistics for devices and partitions. Syntax No parameters. Example Issue this command to display the IO statistics of the controller.
Parameter Description btime The boot time, in seconds. processes The number of forks since boot. Command History This command was introduced in ArubaOS 1.0. Command Information Platforms All platforms 1583| show iostat Licensing Base operating system Command Mode Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show ip access-group show ip access-group Description Display access control lists (ACLs) configured for each port on the controller. Syntax No parameters. Examples The example below shows part of the output of this command. If a port does not have a defined session ACL, the Port-Vlan Session ACL table will be blank.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.4 The VLAN output parameters was introduced. Command Information Platforms All platforms 1585| show ip access-group Licensing Base operating system Command Mode Available in Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ip access-list show ip access-list {brief|} Description Display a table of all configured access control lists (ACLs), or show details for a specific ACL. Syntax Parameter Description brief Display a table of information for all ACLs. Specify the name of a single ACL to display detailed information on that ACL. Examples The example below shows general information for all ACLs in the Access List table.
Parameter Description l Session l MAC l Extended l Geolocation Use Count Number of rules defined in the ACL. Roles Names of user roles associated with the ACL. Include the name of a specific ACL to show detailed configuration information for that ACL. The output in the example below has been divided into two sections to better fit int this document. The output in the commandline interface will appear in a single, long table.
Parameter Destination Service Application Action Description l any: Matches any traffic. l host: A single host IP address. l network: The IP address and netmask. l user: The IP address of the user. l localip : The set of all local IP addresses on the system, on which the ACL is applied.
Parameter Description src-nat: Perform source NAT on packets. IpsecMap Packets can be redirected over a VPN tunnel by specifying the name of an IPsec map in the access control list. This column specifies the name of an IPsec map used by a router ACL. For more information on IPsec maps, see crypto-local ipsec-map. Timerange Any defined time range for this rule.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.5 The global-geolocation-acl was introduced. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ip cp-redirect-address show ip cp-redirect-address Description Show the captive portal automatic redirect IP address. Syntax No parameters. Examples The example below shows the IP address to which captive portal users are automatically directed. (host) # show ip cp-redirect-address Captive Portal redirect Address... 10.3.63.11 Related Commands Command ip cp-redirect-address Description This command configures a redirect address for captive portal. Command History Introduced in ArubaOS 3.0.
show ip dhcp show ip dhcp {binding|database|statistics} Description Show DHCP Server Settings. Syntax Parameter Description binding Show DHCP server bindings. database Show DHCP server settings. statistics Show DHCP pool statistics. Examples The example below shows DHCP statistics for two configured networks.
Parameter Description Free leases Number of available DHCP leases. Expired leases Number of leases that have expired because they have extended past their valid lease period. Abandoned leases Number of abandoned leases. Abandoned leases will not be reassigned unless there are no free leases available. Related Commands Command ip dhcp pool ipv6 dhcp pool Description This command configures a DHCP pool on the controller. This command configures a DHCPv6 pool on the controller.
show ip domain-name show ip domain-name Description Show the full domain name and server. Syntax No parameters. Examples The example below shows that the IP domain lookup feature is enabled, but that no DNS server has been configured on the controller. (host) #show ip domain-name IP domain lookup: IP Host.Domain name: Enabled MyCompany2400. No DNS server configured Related Commands Command Description ip domain lookup This command enables Domain Name System (DNS) hostname to address translation.
show ip health-check Description Display the health-check status of the uplink interfaces of a branch-office controller. Syntax No parameters. Example The following example displays the status of two uplinks on a branch controller. (host) #show ip health-check IP Health-Check Entries ----------------------Probe IP Src Interface -------------------192.168.100.1 vlan 4094 State -----Up Probe-Profile -------------health-check Avg Delay(ms) ------------0.237 Jitter -----0.
Command Information Platforms All platforms 1596| show ip health-check Licensing Base operating system Command Mode Available in Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ip igmp show ip igmp config|counters|{group maddr [ ]}|{interface [vlan ]}| {proxy-group vlan }|{proxy-mobility-group maddr }|proxy-mobiity-stats|proxy-stats Description Display Internet Group Management Protocol (IGMP) timers and counters.
Examples The example below displays the IGMP interface table for all VLANs on the controller. (host) # show ip igmp interface vlan 2 IGMP Interface Table -------------------VLAN Addr Netmask MAC Address Destination IGMP Proxy ---- -------------------- ----------64 10.6.4.252 255.255.255.0 00:0b:86:01:99:00 IGMP Snooping Querier ---- -------- ------- disabled disabled 10.6.4.252 disabled disabled 10.6.5.252 disabled disabled 10.6.2.252 disabled disabled 10.6.6.252 disabled disabled 10.6.3.
last-member-query-count version-1-router-present-timeout version-2-router-present-timeout max-members-per-group quick-client-convergence ssm-range 2 400 400 300 enabled IANA standard range. 232.0.0.0/8 The output of this command includes the following parameters: Parameter Description robustness-variable This variable is increased from its default level of 2 to allow for expected packet loss on a subnetwork.
---------------------------------------Member MAC Vlan ----------172.13.0.4 00:00:00:00:00:00 13 172.12.255.252 98:fc:11:c6:20:04 13 Destination ----------0/0/0 Tunnel 9 Version ------0 3 Age --4 4 Related Commands Command ip igmp Description This command configures Internet Group Management Protocol (IGMP) timers and counters. Command History Introduced in ArubaOS 3.0.
show ip mobile show ip mobile active-domains binding [|||brief] domain [] global hat host [|||brief] multicast-vlan-table [client-macaddr] packet-trace [] remote || trace |||{force |} traffic dropped|foreign-agent|home-agent|proxy trail | tunnel visitor [|||brief] Description Di
Parameter host Description Display a list of Mobile IP hosts. [] Filter the Mobile Host List to display data for a specific host IPv4 address. [] Filter the Mobile Host List to display data for a specific host IPv6 address. [] Filter the Mobile Host List to display data for a specific host MAC address. [brief] Limit the output of this command to show just two lines of data. multicast-vlan-table mac Displays mobility multicast VLAN table information.
Parameter Description dropped Show only counters for dropped mobility traffic. foreign-agent Show only mobile IP foreign agent statistics. A foreign agent is the controller which handles all mobile IP communication with a home agent on behalf of a roaming client. home-agent Show only mobile IP home agent statistics. A home agent for a mobile client is the controller where the client first appears when it joins the mobility domain. proxy Show only counters for mobile IP proxy traffic.
The output of this command includes the following parameters: Parameter Description Home Agent IP address of the home agent or mobility agent. Description Description of the HAT entry. Use the show ip mobile host command to track mobile users. (host) # show ip mobile host Mobile Host List, 1 host(s) --------------------------9c:b7:0d:3f:a6:dd 10.16.23.219 mob1 IPv4: 10.16.23.
Command History Release ArubaOS 3.0 ArubaOS 6.4 Modification Command introduced. The multicast-vlan-table, ipv6, mac-address, parameters were introduced. The proxy-dhcp parameter was deprecated. ArubaOS 6.5 The ip-mobile-trail parameter was deprecated. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ip nat pool show ip nat pool Description Display pools of IP addresses for network address translation (NAT. Syntax No parameters Examples The example below shows the current NAT pool configuration on the controller. (host) # show ip nat pools NAT Pools --------Name Start IP End IP ---- ---------------2net 2.1.1.1 DNAT IP ------2.1.1.125 The output of this command includes the following parameters: Parameter Description Name Name of the NAT pool.
| show ip nat pool Dell Networking W-Series ArubaOS 6.5.
show ip nexthop-list Description Display nexthop list settings for policy-based routing. Syntax No parameters. Usage Guidelines A nexthop IP is the IP address of a adjacent router or device with layer-2 connectivity to the controller. The Nexthop list provides redundancy for the nexthop devices by forwarding the traffic to a backup nexthop device in case of failures.
Related Commands Command Description ip route This command configures a static route on the controller. (These routes can use a nexthop list.) ip nexthop-list Configure nexthop list settings for policy-based routing. Command History Version Description ArubaOS 6.4.3.0 Command introduced. Command Information Platform Available on all platforms 1609| show ip nexthop-list License Command Mode Available in the base operating system.
show ip ospf show ip ospf database debug route interface [tunnel|vlan] neighbor rapng-vpn aggregate-routes redistribute subnet Description Display statistics and configuration information for the Open Shortest Path First (OSPF) routing protocol. Syntax Parameter Description database Show database information for the OSPF protocol. debug route Show debugging information for OSPF routes.
Parameter Description OSPF Router ID Verifies that OSPF is running and the router ID that OSPF is running on. Number of areas List the number of areas configured in the router. Area Displays the Area ID followed by: l number of interfaces in the area l indicates if the area is a totally stub area l number of times the SPF algorithm has been executed To display OSPF settings for an individual interface, you must specify a VLAN or tunnel ID number.
Parameter Description Neighbor Count Details the number of neighbors and adjacent neighbors. Tx Stat Counters and statistics for transmitted data. Rx Stat l Hellos: Number of transmitted hello packets. These packets are sent every hello interval. l DbDescr: Number of transmitted database description packets. l LsReq: Number of transmitted link state request packets. l LsUpdate: Number of transmitted link state update packets.
Related Commands Command Description ip ospf Configure OSPF on the interface router ospf Configure OSPF on the router Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 6.0 Added the options: area, default-cost, nssa, and default-information originate always Dell Networking W-Series ArubaOS 6.5.x The redistribute and rapng-vpn aggregate-routes parameters were introduced. ArubaOS 6.3.
show ip pppoe-info show ip pppoe-info Description Display configuration settings for Point-to-Point Protocol over Ethernet (PPPoE). Syntax No parameters. Examples The example below shows the current PPPoE configuration. (host) #show ip pppoe-info PPPoE PPPoE PPPoE PPPoE username: rudolph123 password: service name: ppp2056 VLAN: 22 The output of this command includes the following parameters: Parameter Description PPPoE username PAP username configured on the PPPoE access concentrator.
show ip probe show ip probe Description This command displays the health-check profile settings for measuring WAN reachability and latency on a branch controller uplink, and the default probe profile settings for policy-based routing using next-hop lists. Syntax No parameters Usage Guidelines The health-check feature uses ping or UDP probes for measuring WAN reachability and latency. Policy-based routing uses ping probes to determine the reachability of devices on a next-hop list.
Related Commands Command Description ip probe default This command configures IP probes for policy-based routing using a nexthop list. ip probe health-check This command configures WAN health-check probes for measuring WAN availability and latency on branch controller uplinks. Command Information Platform Available on all platforms License Command Mode Available in the base operating system. Config and Enable mode on master and local controllers Command History Release ArubaOS 6.4.
show ip radius show ip radius nas-ip|source-interface Description Display global parameters for configured RADIUS servers. Syntax Command Description nas-ip Show the Network Access Server (NAS) IP address attribute sent in outgoing RADIUS requests source-interface Show the source address of outgoing RADIUS requests Examples The example below shows the RADIUS client NAS IP address. (host) #show ip radius nas-ip RADIUS client NAS IP address = 10.168.254.
show ip-reputation show ip-reputation Description This command displays the status of ip-reputation and related configuration. Examples The example below shows the status of inbound and outbound services.
show ip route show ip route counters static stats Description View the Dell controller routing table. Syntax Command Description counters Displays the number of routes present, categorized by type. static stats Include this optional parameter to display only static routes. Displays route statistics. Usage Guidelines This command displays static routes configured on the controller via the ip route command.
Related Commands Command ip radius Description This command configures global parameters for configured RADIUS servers. Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.3 Introduced counters parameter. . Command Information Platforms All platforms 1620| show ip route Licensing Base operating system Command Mode Available in Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ipc statistics app-ap show ipc statistics app-ap {am|sapd|sta} {ap-name }|{bssid }|{ip-addr } Description Display Inter Process Communication (IPC) statistics for a specific AP or BSSID. Syntax Parameter Description am Show IPC statistics for an air monitor. sapd Show IPC statistics for the SAPD process. stm Show IPC statistics for station management communications. ap-name Show IPC statistics for an AP with a specific name.
Allocated Buffers Static Buffers Static Buffer Size 0 1 1444 The output of this command includes the following data columns: Parameter Description Tx Msg Number of transmitted messages. Tx Blk Number of blocking messages transmitted. Tx Ret Number of transmitted messages that were returned. Tx Fail Number of failure messages that were transmitted. Rx Ack Number of received acknowledgements. Rx Msg Number of received messages. Rx Drop Number of received messages that were dropped.
show ipc statistics app-id show ipc statistics app-id Description Display Inter Process Communication (IPC) statistics for a specific AP or BSSID. Syntax Parameter Description Application ID number. This number must be obtained from Dell support. Usage Guidelines Issue this command at the request of Dell support to troubleshoot application errors. Command History This command was available in ArubaOS 1.0.
show ipc statistics app-name show ipc statistics app-name Description Display Inter Process Communication (IPC) statistics for a specific application.
To application Ack AMAPI Web Client 34405 Layer2/3 12 Authentication Se 0 Authentication 0 Publisher 2 AMAPI CLI Client 702 Profile Manager 0 Mobile IP 0 Syslog Manager 0 WMS 19 PIM 1 Configuration Man 12 License Manager 0 Datapath 0 Nanny 0 Remote Statistics To application Ack WMS 0 STM 0 Allocated Buffers Static Buffers Static Buffer Size Tx Msg Tx Blk Tx Ret Tx Fail Rx Ack Rx Msg Rx Drop Rx Err 0 0 0 0 0 34405 0 0 233098 1 0 0 233095 12 0 0 1076236 0 0 0 1076236 0 0 0 544
Parameter Description Rx Ack Number of received acknowledgements. Rx Msg Number of received messages. Rx Drop Number of received messages that were dropped. Rx Err Number of received messages with errors. Tx Ack Number of transmitted acknowledgements. Allocated Buffers Number of allocated buffers for IPC messages. Static Buffers Number of static buffers for IPC messages. Static Buffer Size Size of the static buffer. Command History This command was available in ArubaOS 3.0.
show ipv4 user-table show ipv4 user-table ap-group ap-name authentication-method dot1x|mac|opensystem|psk|stateful-dot1x|via-vpn|vpn|web bssid debug essid internal ip [log] mac mobile {[bindings][visitors]} name phy-type {[a]|[b]} role rows station verbose Description Displays IPv4 user table entries. You can filter the output based on various parameters are described in table.
Parameter web Description Show data for devices using captive portal authentication. bssid Displays entries in the IPv4 user-table that are associated to the specified BSSID. debug Displays entries in the IPv4 user-table that are in debug mode. essid Displays entries in the IPv4 user-table that are associated to the specified ESSID. If the ESSID includes spaces, you must enclose it in quotation marks. internal Displays internal IPv4 users. ip
------------------------------------------------ -------------------------------------------- -----------10.20.102.175 08:70:45:43:b5:e5 iakasapu employee 00:01:11 802.1X SH-1F-11 Wireless alpha-voip/d8:c7:c8:44:31:40/g-HT aplha-india tunnel iPhone 10.20.102.176 58:94:6b:79:7b:ec ALCATEL-LUCENT\john employee 00:01:20 802.1X SH-1F-06 Wireless alpha-wpa2/6c:f3:7f:4a:47:91/a-HT aplha-india tunnel Win 7 10.16.82.1 24:77:03:d1:07:ac ALCATEL-LUCENT\jerry employee 00:01:42 802.
Parameter Description IP IP address of the client in that row that authenticating using dot1x MAC MAC address of the client. Name Name of the client. Role The role assigned to the client. Age (d:h:m) Total time that client is connected to controller. Auth Authentication type. AP name Name of the AP associated with the client. Roaming Current roaming status of the client. Essid/Bssid/Phy ESSID/BSSID/Phy to which the client is associated. Profile Displays the AAA profile.
show ipv6 dhcp show ipv6 dhcp binding database [pool] Description Shows DHCPv6 server settings. Syntax Parameter Description binding Show DHCPv6 server bindings. database Show DHCPv6 server settings. statistics Show DHCPv6 pool statistics. Examples The example below shows the DHCPv6 database: (host)#show ipv6 dhcp database DHCPv6 enabled # 2001-feed-64-nw subnet6 2001:feed::/120 { option vendor-class-identifier "ArubaAP"; option dhcp6.
The example below shows the DHCPv6 database for a specific pool: (host) (config) #show ipv6 dhcp database [pool ] (host) (config) #show ipv6 dhcp database pool DHCPv6 # DHCPv6 subnet6 2001:470:faca:4::/120 { default-lease-time 43200; max-lease-time 43200; option dhcp6.domain-search "test.org"; option vendor-class-identifier "ArubaAP"; option dhcp6.vendor-opts "2001:feed::235"; option dhcp6.name-servers 2001:470:20::2; option dhcp6.preference 25; option dhcp6.
show ipv6 firewall show ipv6 firewall Example This example displays the status of all firewall configurations.
Parameter Description Per-packet logging If active, and logging is enabled for the corresponding session rule, this feature logs every packet. Enforce TCP handshake before allowing data If enabled, this feature prevents data from passing between two clients until the three-way TCP handshake has been performed. Enabling this option causes mobility to fail. So, disable this option if you have mobile clients on the network as.
show ipv6 interface show ipv6 interface [brief] Description View IPv6-related information on all interfaces. Syntax Parameter Description brief Optional parameter. If specified, displays the IPv6-related information on all the interfaces in a summary format.
vlan 50 fe80::b:8600:326d:863c/64 2050:3::50:1/64 loopback fe80::b:860f:ff6d:863c/64 mgmt unassigned tunnel 2 unassigned [ up/down] [ up/up ] [down/down] [ up/up ] The following table details the columns and content in the show command. Column Description Interface List the interface and interface identification with the IPv6 address and netmask for the interface, if configured. Status/Protocol States the administrative status and the IPv6 status on the interface.
show ipv6 mld config show ipv6 mld config Description Displays Multicast Listener Discover (MLD) configuration details. Example This example displays the current MLD configuration values.
Command Information Platforms All platforms 1638| show ipv6 mld config Licensing Base operating system Command Mode Enable or Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
show ipv6 mld counters show ipv6 mld counters Description Displays the statistics of MLD. Example This example displays the MLD statistics for the following values.
Parameter forwarded Description The total number of MLD messages forwarded. Command History This command was available in ArubaOS 3.3. Command Information Platforms All platforms 1640| show ipv6 mld counters Licensing Base operating system Command Mode Enable or Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
show ipv6 mld group show ipv6 mld group Example This example displays MLD group details.
The output of the show ipv6 mld group command includes the following parameters: Parameter Description Source IP address of the multicast source. Age This parameter specifies the aging time. Command History Release Modification ArubaOS 3.3 Command introduced ArubaOS 6.
show ipv6 mld interface show ipv6 mld interface Example This example displays MLD status on VLANs. To view details for a specific VLAN, you can specify the VLAN ID.
show ipv6 mld proxy-group show ipv6 mld proxy-group [vlan ] Example This example displays MLD proxy-group details.
show ipv6 mld proxy-stats show ipv6 mld proxy-stats Example This example displays the status of the MLD proxy. (host) #show ipv6 mld proxy-stats MLD Proxy Statistics(Upstream) -----------------------------Name Sent Received ------- -------Queries 39 Joins 51 112 Leaves 9 0 The output of this command includes the following parameters: Parameter Description Name Type of packet. Sent Number of packets sent. Received Number of packets received. Command History This command was available in ArubaOS 6.
show ipv6 mld proxy-mobility-group show ipv6 mld proxy-mobility-group [maddr ] Example This example displays MLD proxy-mobility-group details. (host) #show ipv6 mld proxy-mobility-group MLD MIP Group Table ------------------Group Members ----- ------ff1e::2 1 ff02::1:3 2 ff02::c 1 The output of this command includes the following parameters: Parameter Description Group Name of MLD mobility group. Members Number of members in an MLD mobility group.
show ipv6 mld proxy-mobility-stats show ipv6 mld proxy-mobility-stats Example This example displays the details of MLD proxy-mobility statistics.
show ipv6 neighbors show ipv6 neighbors Description Displays the IPv6 neighbors configured on a VLAN interface. Usage Guidelines This command displays the IPv6 neighbors configured on a VLAN interface via the ipv6 neighbor command. Examples The example below shows the ipv6 neighbors configured on VLAN 1 .
show ipv6 ra status show ipv6 ra status Description Displays the IPv6 RA status on the VLAN interfaces. Usage Guidelines This command displays the IPv6 RA status on the VLAN interfaces. Examples The example below shows the IPv6 RA status on the VLAN interfaces .
show ipv6 route show ipv6 route [counters | static] Description Displays the Dell controller IPv6 routing table. Syntax Command Description counters Displays the number of routes present, categorized by type. static Include this optional parameter to display only static IPv6 routes. Usage Guidelines This command displays static IPv6 routes configured on the controller via the ipv6 route command.
Command Information Platforms All platforms 1651| show ipv6 route Licensing Base operating system Command Mode Available in Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show ipv6 user-table show ipv6 user-table ap-group ap-name authentication-method dot1x|mac|opensystem|psk|stateful-dot1x|via-vpn|vpn|web bssid debug essid internal ip [log] mac mobile {[bindings][visitors]} name phy-type {[a]|[b]} role rows station verbose Description Displays IPv6 user table entries. You can filter the output based on various parameters are described in table.
Parameter web Description Show data for devices using captive portal authentication. bssid Displays entries in the IPv6 user-table that are associated to the specified BSSID. debug Displays entries in the IPv6 user-table that are in debug mode. essid Displays entries in the IPv6 user-table that are associated to the specified ESSID. If the ESSID includes spaces, you must enclose it in quotation marks. internal Displays internal IPv6 users. ip
-------------------------------------- ---------- ------- ------- --------------------- ------------ -----------2010:eab::59ee:264a:a702:ca57 c0:14:3d:d9:e2:1b salz guest 00:04:30 802.1X AP-105 Away IPv6-dot1x-7220/00:24:6c:11:88:40/g-HT default tunnel Win 7 User Entries: 1/1 This example displays 802.1X authenticated users in the IPv6 user table.
Command Information Platforms All platforms 1655| show ipv6 user-table Licensing Base operating system Command Mode Enable or Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
show keys show keys [all] Description Show whether optional keys and features are enabled or disabled on the controller. Syntax Parameter all Description Include this optional parameter to display the status of all optional keys and features. If this parameter is omitted, the output displays the status of the most commonly used features and keys. Example The following example displays the status of the most commonly used keys and features on the controller.
Related Commands To view the license usage database (including the license key strings) use the command show license on page 1662. Command History This command was available in ArubaOS 1.0. Command Information Platforms All platforms 1657| show keys Licensing Base operating system Command Mode Enable and Config mode on local and master controllers Dell Networking W-Series ArubaOS 6.5.
show lacp show lacp {counters | internal | neighbor} Description View the LACP configuration status. Syntax Parameter Description Enter the Link aggregation group number. Range: 0-7 counters Enter the keyword counters to view the LACP traffic. internal Enter the keyword internal to view the LACP internal information. neighbor Enter the keyword neighbor to view the LACP neighbor information. Example The port uses the group number +1 as its “actor admin key”.
(Host)#show lacp 0 counters Port LACPDUTx LACPDURx ----------- -------FE 1/1 10 10 FE 1/2 12 12 MarkrTx ------0 0 MarkrRx -------0 0 MrkrRspTx --------0 0 MrkrRspRx --------0 0 Related Command Command Description lacp group Enable LACP and configure on the interface show interface port-channel View information on a specified port-channel interface show lacp sys-id View the LACP system ID information Command History Release Modification ArubaOS 3.4.
show lacp sys-id show lacp sys-id Description View the LACP system MAC address and port priority. Example This command returns the port priority and the MAC address (comma separated). In the example below, the port priority is the default value 32768 followed by the MAC address 00:0B:86:40:37:C0.
show lcd-menu show lcd-menu Description Displays the current LCD Menu configuration. Syntax None. Example An example output of the show lcd-menu command.
show license show license [limits] Description Displays the license table. Syntax Parameter limits Description Enter the keyword limit to display the current license limits. Example An example output of the show license command.
The output of this command includes the following data columns: Parameter Description Key The license key. Installed The license installation date and time. Expires The date that your evaluation license expires is listed in this column. Permanent license will always have a “Never” in this column. Expired evaluation licenses will also be indicated in this column. Flags This column displays some status about your license. The legend for this column appears at the bottom of the display output.
show license aggregate show license aggregate Description Display the license limits sent from centralized licensing clients to the licensing server. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, you can issue this command from the command-line interface of the centralized licensing server controller to view license limits sent by licensing clients.
Parameter Description ACR Total number of advanced Cryptography (ACR) licenses sent from licensing clients associated with this controller. Last update (secs. ago Time, in seconds, that has elapsed since the licensing table on the master licensing controller was updated. Total License Count These rows display the total numbers of licenses available for each license type. These numbers include licenses sent from licensing clients and any licenses currently installed on the licensing master.
show license client-table show license client-table Description Display the centralized license limits applied to each licensing client. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing client to view license limits applied to that licensing client from the licensing table. Example The following example displays output of the show license client-table command.
Parameter Description Contributed Lic. Total number of licenses of each license type contributed by the licensing client controller. Remaining Lic. Total number of remaining licensing available on this controller. This number is also limited by the total license capacity of the controller platform. Related Commands To view additional statistics for license usage on the licensing server, use the command show license aggregate. Command History Release ArubaOS 6.3 Modification Command introduced.
show license debug show license debug Description Displays a summary of the current settings of the centralized licensing feature. Syntax No parameters Example The following example shows the output of the show license debug command. (host) # show license debug Summary of licensing state Centralized Licensing: Enabled Switch Role: Master License Role: License Server Master IP: 192.0.2.100 Switch IP: 192.0.1.103 License Server IP: 0.0.0.
Command History Release ArubaOS 6.3 Modification Command introduced. Command Information Platforms All platforms 1669| show license debug Licensing Base operating system Command Mode Enable mode on local and master controllers. Dell Networking W-Series ArubaOS 6.5.
show license heartbeat stats show license heartbeat stats Description Display the license heartbeat statistics between the centralized licensing server and the license client. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing server to view heartbeat requests to and responses from each licensing client associated to that licensing server.
Command History Release ArubaOS 6.3 Modification Command introduced. Command Information Platforms All platforms 1671| show license heartbeat stats Licensing Base operating system Command Mode Enable mode on centralized licensing master or licensing client controllers. Dell Networking W-Series ArubaOS 6.5.
show license profile show license profile Description Display the license profile to determine if centralized licensing is enabled on the controller. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing master or client to determine if centralized licensing is enabled on that controller. Note that each controller supports only one licensing profile.
show license server-table show license server-table Description Display the license table as it appears on the centralized licensing server. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing server to view to view licensing counts for each supported license type..
Command History Release ArubaOS 6.3 Modification Command introduced. Command Information Platforms All platforms 1674| show license server-table Licensing Base operating system Command Mode Enable mode on centralized licensing master or licensing client controllers. Dell Networking W-Series ArubaOS 6.5.
show license server-redundancy show license server-redundancy Description Display information about a redundant server used by the centralized licensing feature. Syntax No Parameters. Usage Guidelines If your deployment uses the centralized licensing feature, issue this command from the command-line interface of a centralized licensing server to view to information for the redundant server.
show license-usage show license-usage acr | ap | user | xsec |client Description Display license usage information. Syntax Parameter Description acr Show ACR license usage ap Show AP license usage information. user Show Policy Enforcement Firewall (PEF) user license usage. xsec client Show Extreme Security (xSec) user and tunnel license usage. For deployments using centralized licensing, show the license usage by centralized licensing clients.
AP Licenses ----------Type ---AP Licenses RF Protect Licenses PEF Licenses Overall AP License Limit AP Usage -------Type ---Active CAPs Standby CAPs RAPs Remote-node APs Tunneled nodes Total APs Number -----512 512 512 512 Count ----3 0 0 0 0 3 Remaining AP Capacity --------------------Type Number ---- -----CAPs 509 RAPs 509 When you issue the show license-usage client command from the command-line interface of a controller configured as a centralized licensing server, the output displays license usage
Parameter Description PEF Total number of Policy Enforcement Firewall (PEF) licenses used by a licensing client associated with this controller. RF Protect Total number of RFprotect licenses used by a licensing client associated with this controller. xSec Module Total number of Extreme Security (xSec) licenses used by a licensing client associated with this controller. ACR Total number of advanced Cryptography (ACR) licenses used by a licensing client associated with this controller.
Command Information Platforms All platforms 1679| show license-usage Licensing Command Mode Base operating system. The output of this command varies, according to the licenses currently installed on the controller. Enable or Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show lldp interface show lldp interface [fastethernet // | gigabitethernet // Description This command displays the LLDP interfaces information. Syntax Parameter Description fastethernet // Displays LLDP information on a fastethernet port. gigabitethernet // .Displays LLDP information on a gigabitethernet interface. Example The example shows two commands.
Command History Release Modification ArubaOS 6.4 Command Introduced. Command Information Platforms All platforms 1681| show lldp interface Licensing Base operating system Command Mode Enable or Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
show lldp neighbor show lldp neighbor interfaces [fastethernet // | gigabitethernet // [detail]] Description This command displays information about LLDP peers. Syntax Parameter Description fastethernet // Displays LLDP information on a fastethernet port. gigabitethernet // Displays LLDP information on a gigabitethernet interface. detail Include details.
MAC: 7c:d1:c3:d1:02:c8: Blacklist The output of the show lldp neighbor command includes the following information: Parameter Description Local Intf Slot and port number. Chassis ID MAC address of the LLDP Peer. Capability Shows the capabilities of the peer to operate as a router, bridge, access point, phone or other network device. Remote Intf Remote interface. Expiry-time Expiry time. System Name Name of the peer system, as supplied by the peer.
Parameter Description System capabilities This column shows the capabilities of the peer to operate as a router, bridge, access point, phone or other network device. Enabled capabilities This column if the peer has been actively configured to operate as a router, bridge, access point, phone or other network device. System name Name of the peer system, as supplied by the peer. System description Description of the peer system, as supplied by the peer.
show lldp statistics show lldp statistics [interface fastethernet // | gigabitethernet //] Description This command displays the LLDP statistics information. Syntax Parameter Description fastethernet // Displays LLDP information on a fastethernet port. gigabitethernet // Displays LLDP information on a gigabitethernet interface.
Command History Release Modification ArubaOS 6.4 Command Introduced. Command Information Platforms All platforms 1686| show lldp statistics Licensing Base operating system Command Mode Enable or Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
show local-cert-mac show local-cert-mac tag Description Display the IP, MAC address and certificate configuration of local controllers in a master-local configuration. Syntax Parameter tag Description IP address of the local controller or MAC address of the local controller certificate. Usage Guidelines By default the output of this command shows each local controller’s IP and MAC address and the type of certificate used by those local controllers (Custom or Factory).
Related Commands Command Description Mode local-factory-cert This command configures the factory-installed certificate for secure communication between a local controller and a master controller. Enable or Config mode on master controllers. local-custom-cert This command configures a custom certificate for secure communication between a local controller and a master controller. Enable or Config mode on master or local controllers. Command History Available in ArubaOS 6.
show localip show localip Description Displays the IP address and VPN shared key between master and local. Syntax No parameters. Example The output of this command shows the controller’s IP address and shared key between master and local controllers. (host) # show localip Local Switches configured by Local Switch IP --------------------------------------------Switch IP address of the Local Key ------------------------------ --0.0.0.0 ******** Command History This command was available in ArubaOS 3.
show local-userdb show local-userdb {[maximum-expiration][start page The user account record’s location (by number) as it is listed in the database. The number of user account records that display on one page.
Parameter Description Role Role for the user. This role takes effect when the internal database is specified in a server group profile with a server derivation rule. If there is no server derivation rule configured, then the user is assigned the default role for the authentication method. E-mail Shows the email address of the user account. Enabled Shows whether the account is enabled or disabled. Expiry Shows the expiration date for the user account. If this is not set, the account does not expire.
show local-userdb-ap local-userdb-ap mac-address start Description View detailed information for the obsolete RAP whitelist database used in ArubaOS 6.1 and earlier. Syntax Parameter Description mac-address MAC address of the remote AP to be removed from the Remote AP Whitelist table. start Start displaying the table at the specified record in the database Usage Guidlines When you upgrade from ArubaOS 5.0-6.1 to ArubaOS 6.
Parameter Description Name MAC address of the AP. AP-Group Name of the AP group to which the AP has been assigned. AP-name Name of the AP. If no name has been specified, this column will display the AP’s MAC address Full-name Text string used to identify the AP. This field often describes the AP’s user, and corresponds to the User Name field in the RAP whitelist in the WebUI. Authen-Username User name of the user who authenticated the remote AP.
Related Commands Command Description local-userdb-ap del Delete Remote AP entries from the obsolete remote AP whitelist table. whitelist-db rap add Add, delete, modify or revoke remote AP entries in the current emote AP whitelist table. Command History Modification ArubaOS 5.0 Command introduced. ArubaOS 6.2 Command replaced by show whitelist-db rap on page 2044. Dell Networking W-Series ArubaOS 6.5.
show local-userdb-branch show local-userdb-branch mac-address start Description The output of this command lists the MAC address and assigned branch config group for branch controllers associated with that master. Syntax Parameter mac-address Description Branch controller's MAC address in the local user database. start The user account record’s location (by number) as it is listed in the database. The number of user account records that display on one page.
Command History Release Modification ArubaOS 6.0 Command introduced. ArubaOS 6.2 Command deprecated. ArubaOS 6.4.3.0 Command reinstated. Command Information Platforms All platforms 1696| show local-userdb-branch Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show local-userdb-guest show local-userdb-guest Description Shows information about guest accounts in the local user database. Syntax Parameter maximum-expiration Description How long the account is valid, in minutes, in the internal database. The user account record’s location (by number) as it is listed in the database. The number of user account records that display on one page.
Parameter Description Role Role for the user. This role takes effect when the internal database is specified in a server group profile with a server derivation rule. If there is no server derivation rule configured, then the user is assigned the default role for the authentication method. E-mail Shows the email address of the user account. Enabled Shows whether the account is enabled or disabled. Expiry Shows the expiration date for the user account. If this is not set, the account does not expire.
show local-userdb username show local-userdb username Description Shows information about specific user account in the internal controller database. Usage Guidelines Issue this command to display an overview of a particular user account in the database. Example This example shows the basic summary of a user account Paula in the database.
show local-userdb username show local-userdb username Description Shows information about specific user account in the internal controller database. Usage Guidelines Issue this command to display an overview of a particular user account in the database. Example This example shows the basic summary of a user account Paula in the database.
show localip show localip Description Displays the IP address and VPN shared key between master and local. Syntax No parameters. Example The output of this command shows the controller’s IP address and shared key between master and local controllers. (host) # show localip Local Switches configured by Local Switch IP --------------------------------------------Switch IP address of the Local Key ------------------------------ --0.0.0.0 ******** Command History This command was available in ArubaOS 3.
show log all show log all [] Description Show the controller’s full log. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. Example This example shows the most ten recent log entries for the controller.
show log ap-debug show log ap-debug{[][all]} Description Show the controller’s AP debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the AP debug logs for the controller. Example This example shows the ten most recent AP debug logs for the controller. (host) #show log ap-debug 10 Nov 24 20:54:24 KERNEL(AP39@10.6.1.21): All Rights Reserved Nov 24 20:54:24 KERNEL(AP39@10.6.1.
show log arm-user-debug show log arm-user-debug{[][all]} Description Show the controller’s ARM user debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the ARM user debug logs for the controller. Example This example shows the controller’s last ten ARM user debug logs.
Command Information Platforms All platforms 1705| show log arm-user-debug Licensing Base operating system Command Mode Available in Enable and Config modes. Dell Networking W-Series ArubaOS 6.5.
show log bssid-debug show log bssid-debug{[][all]} Description A Basic Service Set Identifier (BSSID) uniquely defines each wireless client and Wireless Broadband Router. This command shows the controller’s BSSID debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the BSSID debug logs for the controller. Command History This command was available in ArubaOS 3.0.
show log errorlog show log errorlog{[][all]} Description Show the controller’s system errors and other critical information. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the error logs for the controller. Example This example shows the ten most recent system log errors. (host) #show log errorlog 10 Mar 5 10:30:34 |AP 1.1.1@10.3.49.
Command Information Platforms All platforms 1708| show log errorlog Licensing Base operating system Command Mode Available in Enable and Config modes. Dell Networking W-Series ArubaOS 6.5.
show log essid-debug show log essid-debug{[][all]} Description Show the controller’s ESSID debug logs. An Extended Service Set Identifier (ESSID) is used to identify the wireless clients and Wireless Broadband Routers in a WLAN. All wireless clients and Wireless Broadband Routers in the WLAN must use the same ESSID. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log.
show log network show log network{[][all]} Description Show the controller’s system network errors. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the network logs for the controller.
show log security show log security{[][all]} Description Show the controller’s security logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the security logs for the controller. Example This example shows the controller’s last seven security logs.
show log system show log system{[][all]} Description Show the controller’s system logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the system logs for the controller. Example This example shows the controller’s last ten system logs.
show log user show log user{[][all]} Description Show the controller’s user logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the user logs for the controller. Example This example shows the controller’s last ten user logs. (host) #show log user 10 Mar 5 13:29:57 :501083: |stm| Probe request: address from AP 10.3.49.253-00:0b:86:a2:e7:40-1.1.
show log user-debug show log user-debug{[][all]} Description Show the controller’s user debug logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the user debug logs for the controller. Example This example shows the controller’s last ten user debug logs. (host) #show log user-debug 10 Mar 5 13:57:24 :501090: 00:0b:86:a2:e7:40-1.1.1 Mar 5 13:57:24 :501090: 00:0b:86:a2:e7:41-1.1.
show log wireless show log wireless{[][all]} Description Show the controller’s wireless logs. Syntax Parameter Description Start displaying the log output from the specified number of lines from the end of the log. all Shows all the wireless logs for the controller. Example This example shows the controller’s last ten wireless logs. (host) #show log wireless 10 Mar 5 13:59:31 :404003: |AP 1.1.1@10.3.49.
| show log wireless Dell Networking W-Series ArubaOS 6.5.
show logging show logging facility|server|{level [verbose]} Description the IP address of the remote logging server, as well as facility log types and their associated facility levels. Syntax Parameter Description facility View the facility used when logging messages into the remote syslog server. server Show the IP address of a remote logging server. level [verbose] Show logging levels at which the messages are logged.
This example below displays the IP address of a remote log server. If a remote log server has not yet been defined, this command will not display any output. (host) #show logging server Remote Server: 1.1.1.
show loginsessions show loginsessions Description Displays the current administrator login sessions statistics. Syntax No parameters. Example Issue this command to display the admin login session statistics. Session Table ------------ID User Name -- --------1 admin User Role --------root Connection From --------------10.100.102.
show mac-address-table show mac-address-table Description Displays a MAC forwarding table. Syntax No parameters. Example Issue this command to display the MAC forwarding table.
Parameter Description VLAN Associated VLAN Destination Port Destination port Command History This command was introduced in ArubaOS 1.0. Command Information Platforms All platforms 1721| show mac-address-table Licensing Base operating system Command Mode Enable or config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show master-configpending show master-configpending Description Displays the list of global commands which are not saved and are not sent to the local controller. Syntax No parameters. Example This example below displays the commands which are not saved and are not sent to the local controller. (host) #show master-configpending aaa profile "default-xml-api" aaa xml-api server "10.17.93.2" aaa xml-api server "10.17.93.2" aaa xml-api server "10.17.93.
Command Information Platforms All platforms 1723| show master-configpending Licensing Base operating system Command Mode Enable and Config mode on master controllers. Dell Networking W-Series ArubaOS 6.5.
show master-local stats show master-local stats [] [] Description Display statistics for communication between master and local controllers. Syntax Parameter Description Include the IP address of a controller to display statistics that controller only. Start displaying the output of this command at the specified page number. Usage Guidelines By default, master and Local controllers exchange heartbeat messages every 10 seconds.
Parameter Description Last Sent Missed This counter will increment if controller misses the last heartbeat from the peer controller. This counter will keep on incrementing until the heartbeat message is received from peer. Peer Reset The number of times the connection to peer is been reset. The connection could reset due to network connectivity problems or when the peer switch reboots.
show master-redundancy show master-redundancy Description Display the master controller redundancy configuration. Syntax No parameters. Example This example below shows the current master redundancy configuration, including the ID number of the master VRRP virtual router and the IP address of the peer controller for master redundancy. (host) #show master-redundancy Master redundancy configuration: VRRP Id 2 current state is MASTER Peer's IP Address is 2.1.1.
show memory show memory aaa ap {meshd|rfd|sapd}|{ap-name }|{bssid }|{ip-addr } auth certmgr cfgm cpsec dbsync debug [verbose] dhcpd ecc fpapps fpcli isakmpd l2tpd mdns mobileip ospf pim pptpd profmgr slb snmpd stm udbserver wms Description Show the amounts of free and available memory on the controller, or include a process name to show memory information for a process on the AP or controller.
Parameter ip-addr auth certmgr cfgm cpsec Description Display memory information for an AP with the specified IP address. Display memory information for the auth process on the controller. Display the memory information for certmgr process. Display memory information for the cfgm process on the controller. Displays memory information for the Control Plane Security process on the controller. dbsync Display memory information for the dbsync process on the controller.
Parameter Description udbserver Display memory information for the udbserver process on the controller. wms Display memory information for the wms process on the controller. Usage Guidelines Include the name of a process to show memory information for that process. Use this command under the supervision of Dell technical support to help debug process errors.
Column Description Num Alloc Current number of memory allocations. Size Allocs Total size of all memory allocations, in bytes. Total Allocs Maximum number of allocations used throughout in the life of the process. Total Size Maximum size of allocations used throughout in the life of the process, in bytes. PC Program counter: the address of a memory allocation. (For internal use only.) Allocs Number of memory allocations at that program counter. (For internal use only.
show mgmt-role show mgmt-role Description This command allows the user to view a list of management role configurations. Syntax No parameters. Example Issue this command to display a list of management user roles.
show mgmt-server show mgmt-server message-counters process {auth | fw_visibility | spectrum | stm | wms} profile Description Displays the message counter information of management server. Syntax Parameter Description message-counters Message counter in the recent past.
Mgmt Config profile "default-amp" (Predefined (editable)) --------------------------------------------------------Parameter Value ------------Stats Enabled Tag Enabled Sessions Enabled Monitored Info Disabled Monitored Stats Disabled Misc Enabled Location Enabled Voice Info Disabled Command History Release Modification ArubaOS 3.4 Command introduced. ArubaOS 6.3 The wms process is introduced to track the Advanced Monitoring (AMON) message counters. ArubaOS 6.3.1 The profile parameter was introduced.
show mgmt-servers show mgmt-servers Description Displays list of management servers that receive Advanced Monitoring (AMON) messages from the controller. Syntax Parameter mgmt-servers Description Management Servers. This could be W-AirWave Management Server or any other server that receive messages from the controller using AMON protocol. Example The output of this command shows list of management servers in the controller.
show mgmt-users show mgmt-users [ | local-authentication-mode | ssh-pubkey | webui-cacert ] Description Displays list of management users on the controller and also details of each management users. Syntax Parameter Description username To view details of a specific management user. local-authentication-mode Status of local-authentication mode. ssh-pubkey Number of management users using the ssh-pubkey.
Command Information Platforms All platforms 1736| show mgmt-users Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show tunneled-node config show tunneled-node config Description Displays wired tunneled node configuration details. Syntax No parameters. Example The output of this command shows the tunneled node configuration details. (host) # show tunneled-node config Tunneled Node:Enabled Tunneled Node Server:4.4.4.1 Tunnel Loop Prevention:Disabled Tunnel Node MTU:5000 Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The command name was changed to show tunneled-node config.
show netdestination show netdestination Description Displays IPv4 and IPv6 network destination information. Syntax No parameters. Example Issue this command to display all netdestination configured on this controller. The output below displays information for all configured IPv4 and IPv6 netdestinations. To display additional detailed information for an individual netdestinations, include the name of the netdestination at the end of the command.
Related commands Command Description netdestination This command configures an alias for an IPv4 network host, subnetwork, or range of addresses. netdestination6 This command configures an alias for an IPv6 network host, subnetwork, or range of addresses. Command History This command was introduced in ArubaOS 3.0. Command Information Platforms All platforms 1739| show netdestination Licensing Command Mode You must have a PEFNG license to configure or view a netdestination.
show netexthdr show netexthdr Description This command displays the IPv6 extension header (EH) types that are denied. Syntax Parameter Description Default default Specify the EH alias name. Usage Guidelines Example The following command displays the denied extended header types in the default EH: (host) #show netexthdr default Extended Header type(s) Denied -----------------------------51, Command History Release ArubaOS 6.
show netservice show netservice [] Description Show network services Syntax Parameter Description Name of a network service. Usage guidelines Issue this command without the optional parameter to view a complete table of network services on the controller. Include the parameter to display settings for a single network service only. Example The following example shows the protocol type, ports and application-level gateway (ALG) for the DHCP service.
show netstat stats show netstat stats Description Show network statistics for current active network connections, filtered by protocol type. Syntax No parameters Usage guidelines Issue this command to display aggregate statistics for IP, ICMP, TCP and UDP protocols, and extended TCP statistics Example The following example shows incoming and outgoing packet statistics for the controller.
2568 resets sent Udp: 928478757 packets received 40767 packets to unknown port received. 426937 packet receive errors 910267627 packets sent Related Commands To configure an alias for network protocols, use the command netservice. Command History Release Modification ArubaOS 6.4.0 The stats parameter, which was optional in earlier version of ArubaOS was made a required part of the command syntax. ArubaOS 1.
show network-printer (deprecated) show network-printer [config | job | status] Description Displays configuration, job status details, and printer status of USB printers connected to older controllers not supported by this version of ArubaOS Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 6.5 Command deprecated Dell Networking W-Series ArubaOS 6.5.
show network-storage (deprecated) show network-storage [ files opened | shares { | disk | status | users {disk } ] Description Displays details about the USB storage device connect connected to older controllers not supported by this version of ArubaOS Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 6.5 Command deprecated Dell Networking W-Series ArubaOS 6.5.
show ntp trusted-keys show ntp trusted-keys Description Show information for the NTP trusted key Syntax No parameters. Example The following example shows values for the NTP authentication keys, Key ID and Md5 secret key. (host) #show ntp authentication-keys Key Id -----12345 md5 secret ---------4567 The output of this command includes the following parameters: Parameter Description Key ID The key identifier used to when you configured the NTP authentication key.
show ntp peer show ntp peer Description Show NTP peer information. Syntax Parameter Description IPv4/IPv6 Address of the peer. Example The output of this commands shows IPv4 and IPv6 address of the peer. (host) #show ntp peer 2008::2 remote 2008::2, local 2008::1 hmode client, pmode sym_active, stratum 16, precision -20 leap 11, refid [73.78.73.84], rootdistance 0.00000, rootdispersion 0.
reach 001, unreach 2, flash 0x0400, boffset 0.00113, ttl/mode 0 timer 0s, flags config, bclient reference time: d6186d7e.c99ed7ba Sun, Oct 27 2013 20:58:38.787 originate timestamp: 00000000.00000000 Wed, Feb 6 2036 22:28:16.000 receive timestamp: d6186e24.f02d3f57 Sun, Oct 27 2013 21:01:24.938 transmit timestamp: d6186e24.f02d3f57 Sun, Oct 27 2013 21:01:24.938 filter delay: 0.00113 0.00000 0.00000 0.00000 0.00000 0.00000 0.00000 0.00000 filter offset: 0.398620 0.000000 0.000000 0.000000 0.000000 0.000000 0.
show ntp servers show ntp servers [brief] Description Show information for Network Time Protocol (NTP) servers. Syntax Parameter brief Description Display the IP address of the defined NTP servers, iburst and key settings. Examples The following example shows values for the primary and backup NTP servers. The primary server is marked with an asterisk (*) and the backup server is marked with an equals sign (=).
Parameter Description delay Delay, in seconds, between the time that the local clock polls the NTP server and the NTP server returns a reply. offset The difference in time, in seconds, between the local clock and the NTP server. disp Dispersion represents the maximum error of the local clock relative to the reference clock, and is a measurement of the time server and network quality. Lower dispersion values are preferred over higher dispersion values.
show ntp status show ntp status Description Show information for a NTP server. Syntax No parameters. Example The following example shows values for the primary NTP server.
Parameter Description packets processed Number of packets received in response to previous packets sent. current version Number of packets matching the current NTP version. previous version Number of packets matching the previous NTP version. declined Number of packets declined. access denied Number of packets for which access has been denied. bad length or format Number of packets with invalid length, format or port number. packets received Total number of packets received.
Parameter Description Note: When NTP server is reachable through IPv4 address, use the address as is. If done through IPv6 address, the Reference ID is calculated instead of directly taking the IPV6 address on the NTP Server. The controller performs a MD5 checksum and the last 4 bytes are considered as the reference ID. reference time Time when the local system clock was last set or corrected, in NTP timestamp format. system flags This parameter displays any flags configured for this NTP entity.
Command Information Platforms All platforms 1754| show ntp status Licensing Base operating system Command Mode Enable and Config mode on local and master controllers Dell Networking W-Series ArubaOS 6.5.
show packet-capture show packet-capture controlpath-pcap [hex] datapath-pcap [hex] Description Displays packet capture status on the controller. Syntax Parameter Description controlpath-pcap [hex] Displays controlpath packets captured in the local-filesystem. datapath-pcap [hex] Displays datapath packets captured in the local-filesystem. Example The output of this command shows the packet capture configuration details.
Command History Release Modification ArubaOS 3.3.2 Command introduced. ArubaOS 6.3 Controlpath-pcap and datapath-pcap parameters added. Command Information Platforms All platforms 1756| show packet-capture Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show packet-capture-defaults show packet-capture-defaults Description Displays the status of default packet capture options. Syntax No parameters. Example The output of this command shows packet capture status. (host) # show packet-capture-defaults Current Active Packet Capture Actions(current switch) ===================================================== Packet filtering for TCP ports disabled. Packet filtering for UDP ports disabled. Packet filtering for internal messaging opcodes disabled.
show pan active-profile show pan active-profile Description This command shows the active PAN firewall profile at the local controller level. Syntax No syntax. Usage Guidelines Issue this command to show the current active PAN firewall profile running on the controller. (host) #show pan active-profile Palo Alto Networks Active Profile --------------------------------Parameter --------Active Palo Alto Networks profile Value ----PAN-Group-1 Command History Modification ArubaOS 6.4 Command introduced.
show pan-options show pan-options Description This command displays configured settings for integrating a branch controller with a Palo Alto Networks (PAN) firewall. Syntax No syntax. Usage Guidelines Issue this command to see the connection status of the PAN firewalls associated with the controller. (host)#show pan profile PAN-Group-1 Palo Alto Networks Servers Profile "PAN-Group-1" -----------------------------------------------Parameter Value ------------Palo Alto Networks Firewall 1.2.3.
show pan state show pan state Description This command shows the current connection status of PAN firewalls. Syntax No syntax. Usage Guidelines Issue this command to see the connection status of the PAN firewalls associated with the controller. (host) #show pan state Palo Alto Networks Servers Connection State[PAN-Group-1] -------------------------------------------------------Firewalls State ------------1.2.3.4:443 DOWN 2.2.2.2:123 UP[11/25/13 12:45:49]Established 3.3.3.
show pan statistics show pan statistics Description This command shows PAN firewall interface statistics. Syntax No syntax. Usage Guidelines Issue this command to see PAN firewall interface statistics.
Command History Modification ArubaOS 6.4 Command introduced. Command Information Platforms All platforms 1762| show pan statistics Licensing Base operating system Command Mode Enable or config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show pan-gp show pan-options Description This command displays Palo Alto Networks portal or gateway settings on a branch or local controller. Syntax No parameters. Usage Guidelines Issue this command to view GlobalProtect protocol settings for a Palo Alto Networks portal or gateway on a on a branch controller using the Palo Alto Networks firewall integration feature. Examples The following example displays the portal information seen by a branch controller connected to a Palo Alto Networks portal.
Interval.......... 3 secs Action............ 0 Threshold......... 5 Source Address.... 192.168.100.254 Dest Address...... 192.168.100.87 Key Information Authentication.... sha1 Encryption........ aes256 C2S SPI........... 45735d16 S2C SPI........... 366f1987 SA Lifetime Lifetime.......... 3 mins Lifetime Secs..... 180 Delayed Timer Armed....... NO Refresh Timer Armed....... YES SA Lifetime Timer Armed... YES Failure Timer Armed....... NO Name...................... PAN-GW-2 Description...............
Modification files. pan profile This command configures a Palo Alto Networks (PAN) profile to allow a controller to communicate with a PAN firewall. uplink Manage and configure the uplink network connection. Command History Modification ArubaOS 6.4.3.0 Command introduced. Command Information Platforms W-7000 Series controllers, when configured as a branch controller, or any controller model when used in conjunction with uplink manager feature.
show pan-options show pan-options Description This command displays configured options to integrate a branch controller with a Palo Alto Networks (PAN) firewall. Syntax No parameters. Usage Guidelines Issue this command to view Palo Alto Networks firewall integration settings for branch, standalone or local controllers.
Modification pan profile This command configures a Palo Alto Networks (PAN) profile to allow a controller to communicate with a PAN firewall. uplink Manage and configure the uplink network connection. Command History Modification ArubaOS 6.4.3.0 Command introduced. Command Information Platforms W-7000 Series controllers, when configured as a branch controller, or any controller model when used in conjunction with uplink manager feature.
show papi kernel-socket-stats show papi kernel-socket-stats Description This command shows the state of UDP PAPI sockets in the kernel. Syntax No syntax. Usage Guidelines Issue this command to show the state of the UDP PAPI sockets in the kernel. The following example shows partial output of this command.
Command Information Platforms All platforms 1769| show papi kernel-socket-stats Licensing Base operating system Command Mode Enable or config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show papi-security show papi-security Description This command shows the status of the PAPI enhanced security mode. Syntax Parameter Description Range Default PAPI Key The key string. The key authenticates the messages between systems. Range: 10– 64 characters — Enhanced security mode Indicates if the enhanced security mode is enabled or disabled. This mode causes the system to reject messages when an incorrect key is used.
Command History Modification ArubaOS 3.4 Command introduced. ArubaOS 6.2 Command deprecated. ArubaOS 6.5 Command is reintroduced. Command Information Platforms All platforms 1771| show papi-security Licensing Base operating system Command Mode Enable or config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show perf-test reports show perf-test reports ap {ap-name }|{ip-addr }|{ip6-addr } controller Description Use this command under the guidance of Dell technical support to view the results of an Iperf throughput test launched from an AP or controller. Syntax Parameter Description ap Display the results of an Iperf throughput test launched from an AP. ap-name Name of the AP. ip-addr IPv4 address of the AP. ip6-addr IPv6 address of the AP.
show poe show poe [slot/port] Description Displays the PoE status of all or a specific port on the controller. Syntax No parameters. Example The output of this command shows the PoE status of port 10 in slot 1. (host) # show poe 1/10 PoE Status ---------Port Status --------FE 1/10 Off Voltage(mV) ----------N/A Current(mA) ----------N/A Power (mW) ---------N/A Command History This command was available in ArubaOS 3.
show port link-event show port link-event Description Displays the link status on each of the port on the controller. Syntax No parameters. Example The output of this command shows the link status on all ports in the controller.
show port monitor show port monitor Description Displays the list of ports that are configured to be monitored. Syntax No parameters. Example The output of this command shows the link status on all ports in the controller. (host) # show port monitor Monitor Port -----------FE 1/10 Port being Monitored -------------------FE 1/20 Command History This command was available in ArubaOS 3.3.2 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
Dell Networking W-Series ArubaOS 6.5.
show port stats show port status [//] Description Displays the activity statistics on each of the port on the controller. Syntax Parameter Description // Physical port in // format. Example The output of this command shows the link status on all ports in the controller.
Command History Release Modification ArubaOS 3.3.2 Command introduced. ArubaOS 6.4.3.0 The PC # (port-channel) value was introduced under the Port column. Command Information Platforms All platforms 1778| show port stats Licensing Base operating system Command Mode Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show port status show port status [//] Description Displays the status of all ports on the controller. Syntax Parameter Description // Physical port in // format. Example The output of this command shows the status of all ports in the controller.
Parameter Description AdminState Indicates if the physical port is enabled or disabled. OperState Indicates if the current status of the physical port is up or down. PoE Indicates if the physical port is Power over Ethernet (PoE) enabled. Trusted Indicates if the physical port is trusted. SpanningTree Indicates the state of spanning tree. PortMode Indicates the port mode of the physical port. Speed Indicates the port speed. Duplex Indicates the direction of traffic.
show port trusted show port trusted Description Displays the list of ports configured with trusted profiles. Syntax No parameters. Example The output of this command shows the list of ports with trusted profile. (host) # show port trusted FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE GE GE 1/0 1/1 1/2 1/3 1/4 1/5 1/6 1/7 1/8 1/9 1/10 1/11 1/12 1/13 1/14 1/15 1/16 1/17 1/18 1/19 1/20 1/21 1/22 1/23 1/24 1/25 Command History This command was available in ArubaOS 3.3.
show port xsec show port xsec Description Displays the list of xSec enabled ports. Syntax No parameters. Example The output of this command shows the list of xSec enabled ports. (host) #show port xsec Xsec Ports ---------Interface xsec vlan state --------- --------- ----- Command History This command was available in ArubaOS 3.3.2 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show priority-map show priority-map Description Displays the list of priority maps on a interface. Syntax No parameters. Example The output of this command shows the priority maps configured on all interfaces. (host) # show priority-map Priority Map ------------ID Name DSCP-TOS -- ----------1 my-map 4-20,60 DOT1P-COS --------4-7 Command History This command was available in ArubaOS 3.0 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show processes show processes [sort-by {cpu | memory}] Description Displays the list of all system process running on the controller. You can sort the list either by CPU intensive or memory intensive processes. Syntax Parameter sort-by Description Add a sort filter to the output cpu This will sort output based on CPU usage. memory This will sort output based on memory usage. Example The output of this command shows list of system processes sorted by CPU usage.
Command Information Platformss All platforms 1785| show processes Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show profile-errors show profile-errors Description Displays the list of invalid user-created profiles. Syntax No parameters. Example The output of this command shows list of profiles that are invalid and also displays the error in those profiles. In this example, the VLAN 1000 that is mapped to a virtual-ap that does not exist.
Error Description WARNING: if weptxkey = [x], wepkey[x] must be set in order to use static WEP This message is displayed if a SSID profile is configured to use a static WEP and the WEP is not configured. Command History This command was available in ArubaOS 3.0 Command Information Platforms All platforms 1787| show profile-errors Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show profile-hierarchy show profile-hierarchy Description Displays the profile hierarchy template. Syntax No parameters. Usage Guidelines The output of this command shows how profiles relate to each other, and how some higher-level profiles reference other lower-level profiles. The output of this command will vary, depending upon controller configuration and licenses. Command History This command was available in ArubaOS 3.
show profile-list aaa show profile-list aaa [{alias-group [page | start]} | {authentication [captive-portal | dot1x | mac | stateful-ntlm | wispr]} |{authentication-server [ldap | radius | tacacs | windows]} | {profile} | {rfc-3576-server} | {server-group} | {xml-api}] Description Displays the list of AAA profiles. Syntax Parameter Description alias-group Lists all alias-groups.
Example The output of this command shows list of AAA profiles that use captive-portal authentication. (host) # show profile-list aaa authentication captive-portal Captive Portal Authentication Profile List -----------------------------------------Name References Profile Status ------------- -------------default 1 Command History This command was available in ArubaOS 3.
show profile-list ap show profile-list ap [ enet-link-profile | mesh-cluster-profile | mesh-ht-ssid-profile | mesh-radio-profile | regulatory-domain-profile | snmp-profile | snmp-user-profile | system-profile | wired-ap-profile ] Description Displays the list of AP profiles. Syntax Parameter Description enet-link-profile Display a list of AP Ethernet link profiles. mesh-cluster-profile Display a list of mesh cluster profiles used by mesh nodes.
Command Information Platforms All platforms 1792| show profile-list ap Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show profile-list app show profile-list app skype4b traffic-control Description Displays the list of AP Skype4b traffic control profiles. Syntax Parameter skype4b traffic-control Description Display a list of Skype4b traffic control profiles. page Specify the number of items to display start Specify the first item to display Example The output of this command shows a list of the Skype4b traffic control prioritization profiles.
show profile-list ap-group show profile-list ap-group Description Displays the status of AP groups profiles in the controller. Syntax No parameters. Example The output of this command shows the status of AP group profiles in the controller. (host) # show profile-list ap-group AP group List ------------Name Profile Status ----------------default Total:1 Command History This command was available in ArubaOS 3.
show profile-list ap-name show profile-list ap-name Description Displays the status of AP profiles in the controller. Syntax No parameters. Example The output of this command shows status of AP profiles in the controller. (host) # show profile-list ap-name AP name List -----------Name Profile Status ---- -------------Total:0 Command History This command was available in ArubaOS 3.0 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show profile-list ha show profile-list ha group-profile [page | start] Description Displays the list of HA profiles. Syntax Parameter Description group-profile Lists all HA group information. page Specify the number of items to display start Specify the first item to display Example The output of this command shows list of HA group profile information.
show profile-list ids show profile-list ids [dos-profile | general-profile | impersonation-profile | profile | rate-thresholds-profile | signature-matching-profile | signature-profile | unauthorized-device-profile ] Description Displays the status of all IDS profiles in the controller. Syntax Parameter Description dos-profile Display a list of IDS DoS profiles. general-profile Display a list of IDS generate profiles. impersonation-profile Display a list IDS impersonation profile.
Command Information Platforms All platforms 1798| show profile-list ids Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show profile-list mgmt-server show profile-list mgmt-server {profile } [page ] [start ] Description Displays all the Mgmt Config profiles in the controller. Syntax Parameter Description mgmt-server {profile Specifies the name of the management server profile. page Include this optional parameter to limit output of this command to the specified number of items.
show profile-list rf show profile-list rf [ arm-profile | dot11a-radio-profile | dot11g-radio-profile | event-thresholds-profile | ht-radio-profile | optimization-profile ] Description Displays the status of all radio profiles. Syntax Parameter Description arm-profile Details of Adaptive Radio Management (ARM) Profile. dot11a-radio-profile Details of AP radio settings for the 5GHz frequency band, including the ARM profile and the high-throughput (802.11n) radio profile.
| show profile-list rf Dell Networking W-Series ArubaOS 6.5.
show profile-list wlan show profile-list wlan bcn-rpt-req-profile client-wlan-profile dotllk-profile dot11r-profile edca-parameters-profile handover-trigger-profile hotspot ht-ssid-profile ssid-profile traffic-management-profile virtual-ap voip-cac-profile wmm-traffic-management-profile] Description Displays the status of WLAN profiles on the controller.
Parameter Description anqp-venue-name-profile Shows a list of all ANQP Venue Name profiles h2qp-conn-capability-profile Shows a list of all H2QP Connection Capability profiles h2qp-op-cl-profile Shows a list of all H2QP Operating Class Indication profiles h2qp-operator-friendly-profile Shows a list of all H2QP Operator Friendly Name profiles h2qp-wan-metrics-profile Shows a list of all H2QP WAN Metrics profiles hs2-profile Shows a list of all Hotspot 2.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show provisioning-ap-list show provisioning-ap-list Description Displays the list of all APs that are in queue to be provisioned by the admin. Syntax No parameters. Command History Release ArubaOS 3.4 ArubaOS 6.4.2.0 Modification Command introduced The output of this command displays the service tag of an AP. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show provisioning-params show provisioning-params Description Displays the list of parameters and the values used to provision the APs. Syntax No parameters. Example The output of this command shows list of all provisioning parameters and their values.
Antenna tilt angle for 802.11g Mesh SAE N/A sae-default Command History This command was available in ArubaOS 3.0 Command Information Platforms All platforms 1807| show provisioning-params Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show rap-wml show rap-wml [cache | server | wired-mac ] Description Displays the name and attributes of a MySQL database or a MySQL server. Syntax Parameter Description cache Displays the cache of all lookups for a database server. servers Displays the database server state. wired-mac Displays the wired MAC discovered on traffic through the AP. Example The output of this command shows status of all database servers.
show references aaa authentication crypto-local show references aaa authentication {captive-portal }|{dot1x }|{mac }|mgmt|stateful-dot1x|{stateful-ntlm }|vpn|wired|{wispr {profilename>} [page ] [start ] Description Show AAA profile references. Syntax Parameter Description captive-portal Show the number of references to a captive-portal profile. dot1x Show the number of references to a 802.
References to 802.1X Authentication Profile "default" ----------------------------------------------------Referrer Count -----------aaa profile "default-dot1x" authentication-dot1x 1 Total References:1 Command History Version Modification ArubaOS 3.0 Command introduced ArubaOS 3.4.1 The stateful-ntlm and wispr parameters were introduced.
show references aaa authentication-server crypto-local show references aaa authentication-server {ldap }|{radius }|{tacacs } [page ] [start ] Description Display information about AAA authentication servers. Syntax Parameter Description ldap Show the number of server groups that include references to the specified LDAP server.
Command Information Platforms Available on all platforms Licensing Base operating system 1812| show references aaa authentication-server Command Mode Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
show references aaa profile crypto-local show references aaa profile Description Show references to an AAA Profile. Syntax Parameter Description profile Name of an AAA profile for which you want to view references. Example Issue this command to show the wlan virtual AP profiles that include references to the specified AAA profile. The example below shows that seven different virtual AP profiles include a single reference to the AAA profile default.
show references aaa rfc-3576-server show references aaa rfc-3576-server {page start} Description Show information about the configuration profiles that reference a specific RFC 3576 server. Syntax Parameter Description IP address of an RFC-3576 server page Include this parameter to limit output of this command to the specified number of items.
show references aaa server-group crypto-local show references aaa server-group {[page][start]} Description Show references to a server group. Syntax Parameter Description server-group Name of the server group for which you want to show references page Include this parameter to limit output of this command to the specified number of items. start Include this parameter to start displaying the output of this command at the specified index number.
Command Information Platforms Available on all platforms 1816| show references aaa server-group Licensing Base operating system Command Mode Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
show references activate-service-whitelist crypto-local show references activate-service-whitelist {page start} Description Displays activate service whitelist profile references. Syntax Parameter Description activate-service-whitelist Name of the activate service whitelist profile for which you want to show references page Include this parameter to limit output of this command to the specified number of items.
show references airgroup crypto-local show references airgroup cppm-server aaa [page ] [start ] Description Display information about AAA authentication servers. Syntax Parameter Description cppm-server Specifies the ClearPass Policy Server information. aaa Specifies the AAA parameters for AirGroup. page Include this optional parameter to limit output of this command to the specified number of items.
show references ap crypto-local show references ap enet-link-profile mesh-cluster-profile mesh-ht-ssid-profile mesh-radio-profile regulatory-domain-profile system-profile wired-ap-profile page start Description Show the number of references to a specific AP profile.
Example The example below shows that 10 different AP groups include links to the AP Ethernet link profile Default. These 10 AP groups reference the Default Ethernet link profile for both their Ethernet 0 and Ethernet 1 interfaces, for a total of 20 references altogether. (host)#show references ap enet-link-profile default References to AP Ethernet Link profile "default" -----------------------------------------------Referrer Count -----------ap-group "10.0.0" enet0-profile 1 ap-group "10.0.
show references app show references app skype4b traffic-control Description Show the number of references to a specific Skype4b traffic control prioritization profile. Syntax Parameter Description skype4b traffic-control Show the number of references to a specific Skype4b traffic control prioritization profile. page Include this optional parameter to limit output of this command to the specified number of items.
show references guest-access-email crypto-local show references guest-access-email [page ] [start ] Description Show references to the global guest access email profile. Syntax Parameter Description page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references ha crypto-local show references ha group-profile {page start} Description Displays HA group profile references. Syntax Parameter Description group-profile Name of the HA group profile for which you want to show references page Include this parameter to limit output of this command to the specified number of items. start Include this parameter to start displaying the output of this command at the specified index number.
show references ids crypto-local show references ids dos-profilegeneral-profile general-profile impersonation-profile profile rate-thresholds-profile signature-matching-profile signature-profile unauthorized-device-profile Description Displays IDS profile references.
show references ifmap cppm crypto-local show references ifmap cppm {page start} Description Displays the CPPM IF-MAP references. Syntax Parameter Description ifmap cppm Shows references to the CPPM IF-MAP profile. page Include this parameter to limit output of this command to the specified number of items. start Include this parameter to start displaying the output of this command at the specified index number.
show references license profile crypto-local show references license profile {page start} Description Displays the license provisioning profile references. Syntax Parameter Description license Shows references to the license provisioning profile. profile Enables or disables centralized licensing. page Include this parameter to limit output of this command to the specified number of items.
show references mgmt-server profile crypto-local show references mgmt-server profile Description Shows the management server configuration profiles. Syntax Parameter Description mgmt-server profile Specifies the management profile name. page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references papi-security crypto-local show references papi-security [page ] [start ] Description Show references to a PAPI security profile. Syntax Parameter Description page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references rf crypto-local show references rf dot11a-radio-profile dot11g-radio-profile event-thresholds-prof ht-radio-profile optimization-profile Description Show RF profile references. Syntax Parameter Description dot11a-radio-profile Show references to a 802.11a radio profile dot11g-radio-profile Show references to a 802.
show references upgrade-profile crypto-local show references upgrade-profile {page start} Description Displays the upgrade profile references. Syntax Parameter Description upgrade-profile Shows references to the upgrade profile. page Include this parameter to limit output of this command to the specified number of items. start Include this parameter to start displaying the output of this command at the specified index number.
show references user-role crypto-local show references user-role Description Show access rights for user role. Syntax Parameter Description The role name assigned to a user.
show references web-server crypto-local show references web-server [page ] [start ] Description Show the Web server configuration references. Syntax Parameter Description page Include this optional parameter to limit output of this command to the specified number of items. start Include this optional parameter to start displaying the output of this command at the specified index number.
show references wlan crypto-local show references wlan bcn-rpt-req-profile client-wlan-profile dot11k-profile dot11r-profile edca-parameters-profile handover-trigger-profile hotspot {advertisement-profile}|{anqp-3gpp-nwk-profile }|{anqp-domain-nameprofile }|{anqp-ip-addr-avail-profile }|{anqp-nai-realmprofile }|{anqp-nwk-auth-profile }|{anqp-roam-cons-profile }|{anqp-venue-name-pr
Parameter Description l advertisement-profile l anqp-3gpp-nwk-profile l anqp-domain-name-profile l anqp-ip-addr-avail-profile l anqp-nai-realm-profile l anqp-nwk-auth-profile l anqp-roam-cons-profile l anqp-venue-name-profile l h2qp-conn-capability-profile l h2qp-op-cl-profile l h2qp-operator-friendly-name-profile l h2qp-wan-metrics-profile l hs2-profile ht-ssid-profile Shows references to a high-throughput SSID profile.
Total References:2 Command History Modification ArubaOS 3.0 Command introduced. ArubaOS 6.4 The hotspot parameter was added. Command Information Platforms Available on all platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show rf am-scan-profile show rf am-scan-profile [] Description Display the Air Monitor (AM) scanning profile list. Optionally display parameter and values of a specified Air Monitor profile. Syntax Parameter Description Name of this instance of the profile. Usage Guidelines Enter the basic show command to view a list of profiles, the number of profiles and the profile status.
Parameter Description Scan-mode The scanning mode for the radio all-reg-domain Scan channels in all regulatory domain rare Scan all channels (all regulatory domains and rare channels) reg-domain Scan channels in the APs regulatory domain Dwell time: Active channels Dwell time (in ms) for channels where there is wireless activity Dwell time: Regulatory Domain channels Dwell time (in ms) for AP's Regulatory domain channels Dwell time: non-Regulatory Domain channels Dwell time (in ms) for channe
show rf arm-rf-domain-profile show rf arm-rf-domain profile Description This profile contains a non-editable key defined by the master controller, and used to sign over-the air (OTA) ARM updates exchanged between APs. Syntax No parameters Example The output of this command displays the OTA key defined by the master controller.
show rf arm-profile show rf arm-profile [] Description Show an Adaptive Radio Management (ARM) profile. Syntax Parameter Description Name of an ARM profile. Usage Guidelines Issue this command without the parameter to display the entire ARM profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Scan Interval Aggressive scanning Active Scan ARM Over the Air Updates Scanning Multi Band Scan VoIP Aware Scan Power Save Aware Scan Video Aware Scan Ideal Coverage Index Acceptable Coverage Index Free Channel Index Interfering AP Weight Backoff Time Error Rate Threshold Error Rate Wait Time Channel Quality Aware Arm Channel Quality Threshold Channel Quality Wait Time Minimum Scan Time Load aware Scan Threshold Mode Aware Arm Scan Mode Client Match Client Match report interval (sec) Allows Client Match to
Parameter Description Allowed bands for 40MHz channels Shows if 40 MHz mode of operation is allowed on the 5 GHz (802.11a) or 2.4 GHz (802.11b/g) frequency band only, on all frequency bands, or on neither frequency band. 80MHz support Displays the status if 80 MHz channels can be used in the 5 GHz frequency band on APs that support 802.11ac. 160MHz-support Displays the channel bandwidth mode on the 160 MHz frequency. Client Aware Shows if the client aware feature is enabled or disabled.
Parameter Description Scanning Shows if the AP has enabled or disabled AP scanning of other channels. Scan Time The amount of time, in milliseconds, an AP will drift out of the current channel to scan another channel. VoIP Aware Scan Shows if Dell’s VoIP Call Admission Control (CAC) prevents any single AP from becoming congested with voice calls.
Parameter Description Minimum Scan Time Time, in seconds, that a channel must be scanned before it is considered for assignment. Load aware Scan Threshold The traffic throughput level an AP must reach before it stops scanning, in bytes/second. A value of 0 to disables this feature. Mode Aware Arm If enabled, ARM will turn APs into Air Monitors (AMs) if it detects higher coverage levels than necessary. This helps avoid higher levels of interference on the WLAN.
Parameter Client Match Sticky Client Check SNR (dB) Description If the client's received signal strength indicator (RSSI) is above this signalto-noise ratio (SNR) threshold, that client will be allowed to stay associated to its current AP. If the client's received signal strength is below this threshold, it may be moved to a different AP.
Parameter Description Client Match Load Balancing SNR Threshold (dB) Clients must detect a SNR from an underutilized AP radio at or above this threshold before the client match feature considers load balancing a client to that radio. Client Match Load Balancing Signal Delta Bound (dB) Client match will not move a client to a new radio if the signal strength of the target AP is this dB value lower than the radio to which the client is currently associated.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.3 The noise-wait-time, and noise-threshold parameters were deprecated, and the support for the following parameters were introduced. ArubaOS 6.
show rf dot11a-radio-profile show rf dot11a-radio-profile [] Description Show an 802.11a Radio profile. Syntax Parameter Description Name of an 802.11a profile. Usage Guidelines Issue this command without the parameter to display the entire 802.11a Radio profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Spectrum Load Balancing Mode Spectrum Load Balancing Update Interval (sec) Spectrum Load Balancing Threshold (%) Spectrum Load Balancing Domain Beacon Period Beacon Regulate Advertized regulatory max EIRP ARM/WIDS Override Reduce Cell Size (Rx Sensitivity) Management Frame Throttle interval Management Frame Throttle Limit Maximum Distance RX Sensitivity Threshold RX Sensitivity Tuning Based Channel Reuse Adaptive Radio Management (ARM) Profile High-throughput Radio Profile AM Scanning Profile channel 30 se
Parameter Spur Immunity Description Displays the spur immunity value for 802.11a radio. NOTE: This parameter is applicable for W-AP130 Series access points only. The controller ignores this parameter if configured for non-W-AP130 Series access points. Advertise 802.11d and 802.11h Capabilities If enabled, the radio advertises its 802.11d (Country Information) and 802.11h (Transmit Power Control) capabilities.
Parameter Description l RX Sensitivity Tuning Based Channel Reuse If spectrum load balancing is enabled in a 802.11a radio profile and a spectrum load balancing domain isalso defined, AP radios belonging to the same spectrum load balancing domain will be considered part of the same RF neighborhood for load balancing, and will not recognize RF neighborhoods defined by the ARM feature. Shows if the channel reuse feature’s current operating mode, static, dynamic or disable.
Parameter Description ARM/WIDS Override If enabled, this option disables Adaptive Radio Management (ARM) and Wireless IDS functions and slightly increases packet processing performance. If a radio is configured to operate in Air Monitor mode, then the ARM/WIDS override functions are always enabled, regardless of whether or not this check box is selected.
Release Modification ArubaOS 3.4.2 Support for the Beacon Regulate parameter ArubaOS 6.0 Support for the following parameters: ArubaOS 6.1 l AM Scanning Profile l Advertised regulatory max EIRP l Spectrum Load balancing mode l Spectrum load balancing update interval (sec) Support for the following parameters: l Spectrum Monitoring l Spectrum load balancing threshold (%) ArubaOS 6.2.1.0 The Reduce Cell Size (Rx Sensitivity) parameter was introduced. ArubaOS 6.
show rf dot11g-radio-profile show rf dot11g-radio-profile [] Description Show an 802.11g Radio profile. Syntax Parameter Description Name of a 802.11g profile. Usage Guidelines Issue this command without the parameter to display the entire 802.11g profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
RX Sensitivity Tuning Based Channel Reuse RX Sensitivity Threshold Non 802.11 Interference Immunity Enable CSA CSA Count Management Frame Throttle interval Management Frame Throttle Limit ARM/WIDS Override Reduce Cell Size (Rx Sensitivity) Protection for 802.
Parameter Description TPC Power The transmit power advertised in the TPC IE of beacons and probe responses Spectrum load balancing The Spectrum load balancing feature helps optimize network resources by balancing clients across channels, regardless of whether the AP or the controller is responding to the wireless clients' probe requests. If enabled, the controller compares whether or not an AP has more clients than its neighboring APs on other channels.
Parameter Description l Static: This mode of operation is a coverage-based adaptation of the Clear Channel Assessment (CCA) thresholds. In the static mode of operation, the CCA is adjusted according to the configured transmission power level on the AP, so as the AP transmit power decreases as the CCA threshold increases, and vice versa. l Dynamic: In this mode, the Clear Channel Assessment (CCA) thresholds are based on channel loads, and take into account the location of the associated clients.
Parameter Description Management Frame Throttle Interval Averaging interval for rate limiting mgmt frames from this radio, in seconds. A management frame throttle interval of 0 seconds disables rate limiting. Management Frame Throttle Limit Maximum number of management frames that can come in from this radio in each throttle interval. ARM/WIDS Override If enabled, this option disables Adaptive Radio Management (ARM) and Wireless IDS functions and slightly increases packet processing performance.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 3.3.2 Introduced protection for 802.11b clients and support for the highthroughput IEEE 802.11n standard ArubaOS 3.4 Support for the following parameters: l Spectrum load balancing l RX Sensitivity Tuning Based Channel Reuse l RX Sensitivity Threshold l ARM/WIDS Override ArubaOS 3.4.2 Support for the Beacon Regulate parameter ArubaOS 6.0 Support for the following parameters: ArubaOS 6.1 ArubaOS 6.2.1.
show rf event-thresholds-profile show rf event-thresholds-profile [] Description Show an Event Thresholds profile. Syntax Parameter Description name of an Event Thresholds profile Usage Guidelines Issue this command without the parameter to display the entire Event Thresholds profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Frame Retry Rate High Watermark Frame Retry Rate Low Watermark 16 % 8 % The output of this command includes the following parameters: Parameter Description Detect Frame Rate Anomalies Shows of the profile enables or disables detection of frame rate anomalies. Bandwidth Rate High Watermark If bandwidth in an AP exceeds this value, it triggers a bandwidth exceeded condition. The value represents the percentage of maximum for a given radio. (For 802.11b, the maximum bandwidth is 7 Mbps. For 802.
Parameter Description Frame Retry Rate High Watermark If the frame retry rate (as a percentage of total frames in an AP) exceeds this value, it triggers a frame retry rate exceeded condition. Frame Retry Rate Low Watermark If an AP triggers a frame retry rate exceeded condition exists, the condition persists until the frame retry rate drops below this value. Command History This command was available in ArubaOS 3.0.
show rf ht-radio-profile show rf ht-radio-profile [] Description Show a High-throughput Radio profile. Syntax Parameter Description Name of a High-throughput Radio profile. Usage Guidelines Issue this command without the parameter to display the entire High-throughput Radio profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
Parameter Description 40 MHz intolerance Shows whether or not APs using this radio profile will advertise intolerance of 40 MHz operation. By default, 40 MHz operation is allowed. Honor 40 MHz intolerance If this parameter is enabled, the radio will stop using the 40 MHz channels if the 40 MHz intolerance indication is received from another AP or station. CSD Override Diversity Spreading Workaround When this feature is enabled, all legacy transmissions will be sent using a single antenna.
show rf optimization-profile show rf optimization-profile [] Description Show an Optimization profile. Syntax Parameter Description name of an ARM profile Usage Guidelines Issue this command without the parameter to display the entire Optimization profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
RSSI Check Frequency 3 sec The output of this command includes the following parameters: Parameter Description Station Handoff Assist If enabled, this parameter allows the controller to force a client off an AP when the RSSI drops below a defined minimum threshold. Detect Association Failure Shows if the profile enables or disables STA association failure detection. Coverage Hole Detection Shows if the profile enables or disables coverage hole detection.
Parameter RSSI Check Frequency Description Interval, in seconds, to sample RSSI. Command History Version Modification ArubaOS 3.0 Base operating system ArubaOS 3.4 Output parameters displaying load balancing status were removed. You can now view the status of the load balancing feature via the commands show rf dot11a-radio-profile and show rf dot11g-radio-profile. This command was available in ArubaOS 3.0.
show rf spectrum-profile rf spectrum-profile Description Show a spectrum profile used by the spectrum analysis feature. Syntax Parameter Description Name of a spectrum profile. Usage Guidelines Issue this command without the parameter to display the entire spectrum profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile.
The output of this command includes the following information: Parameter Description Age Out: WIFI The number of seconds for which a wifi device must stop sending a signal before the spectrum monitor considers that device no longer active on the network. The default value is 600 seconds. Age Out: Generic Interferer The number of seconds for which an unknown device must stop sending a signal before the spectrum monitor considers that device no longer active on the network.
Parameter Age Out: Xbox Description The number of seconds for which an Xbox device must stop sending a signal before the spectrum monitor considers that device no longer active on the network. The default value is 25 seconds. Note that this parameter is applicable to 2.4GHz spectrum monitor radios only. Age Out: Bluetooth The number of seconds for which a bluetooth device must stop sending a signal before the spectrum monitor considers that device no longer active on the network.
Command History Release Modification ArubaOS 6.0 Command introduced ArubaOS 6.2 The spectrum-band parameter was deprecated. The following default ageout times were changed: l cordless-fh-base default timeout is 240 seconds (was 25 seconds in previous releases). l cordless-fh-network default timeout is 60 seconds (was 10 seconds in previous releases). l generic-interferer default timeout is 30 seconds (was 25 seconds in previous releases).
show rft profile show rft profile {all|antenna-connectivity|link-quality|raw} Description Show parameters for the predefined RF test profiles. Syntax Parameter Description all Show all predefined profiles. antenna-connectivity Show configured parameters for the predefined Antenna Connectivity test profile. link-quality Show configured parameters for the predefined Link Quality test profile. raw Show configured parameters for the predefined RAW test profile.
Command Information Platforms All platforms 1872| show rft profile Licensing Base operating system Command Mode Enable and Config mode on local and master controllers Dell Networking W-Series ArubaOS 6.5.
show rft result show rft result all|{trans-id } Description Show the results of an RF test. Syntax Parameter Description all Show the most recent test result for each test type (antenna-connectivity, linkquality or raw). trans-id Each RF test is assigned a transaction ID. Include the trans-id parameters to show the test result for a specific transaction ID.
show rft transactions show rft transactions Description Show transaction IDs of RF tests. Syntax No parameters. Usage guidelines The rft command is used for RF troubleshooting, and should only be used under the supervision of Dell technical support. Issue the show rft transaction command to view the transaction IDs for the most recent test of each test type. Example The following example shows the transaction IDs for the latest RAW, link-quality and antenna-connectivity tests.
show rights show rights [] Description Displays the list of user roles in the roles table with high level details of role policies. To view role policies of a specific role specify the role name. Syntax Parameter Description name-of-a-role Enter the role name to view its policy details. Example The output of this command shows the list of roles in the role table.
show roleinfo show roleinfo Description Displays the role of the controller. Syntax No parameters. Example The output of this command shows the role of the controller. (host) # show roleinfo switchrole:master Command History This command was available in ArubaOS 3.0 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show route-access-list show route-access-list Description This command displays information about access control lists (ACLs) for policy-based routing (PBR). Syntax No Parameters Usage Guidelines Policy-based routing is an optional feature that allows allows packets to be routed based on access control lists (ACLs) configured by the administrator. By default, when a controller receives a packet for routing, it looks up the destination IP in the routing table and forwards the packet to the nexthop router.
Related Commands Command Description ip access-list route This command configures an access control list (ACL) for policy-based routing (PBR). ip nexthop-list routing-policy-map Use this command to define a next-hop list for a routing policy This command associates a routing access control list (ACL) with a user role. Command History Release ArubaOS 6.4.3 Modification Command introduced.
show rrm dot11k admission-capacity show rrm dot11k admission-capacity Description Displays the available admission capacity for voice traffic on an AP. Syntax No parameters. Example The output of this command shows the available admission capacity for voice traffic on all APs. (host) # show rrm dot11k admission-capacity 802.
show rrm dot11k ap-channel-report show rrm dot11k ap-channel-report [ap-name | bssid | ip-addr | ip6-addr | essid ] Description Displays the channel information gathered by the AP. You can either specify an ap-name, bssid or ip-address of an AP to see more details. Syntax Parameter Description ap-name Enter the name of the AP. bssid Enter the BSSID address of the AP. ip-addr Enter the IP address of the AP.
show rrm dot11k beacon-report show rrm dot11k beacon-report Description Displays the beacon report information sent by a client to its AP. Syntax No parameters. Example The output of this command shows the beacon report for the client 00:1f:6c:7a:d4:fd. (host) # show rrm dot11k beacon-report station-mac 00:1f:6c:7a:d4:fd 802.11K Beacon Report Details -------------------------------------------------Channel ---------1 BSSID ------00:0b:86:6d:3e:40 Reg Class -----------0 Antenna ID ------------1 Meas.
show rrm dot11k neighbor-report show rrm dot11k neighbor-report [ap-name | bssid | ip-addr ] Description Displays the neighbor information for a particular AP. If the AP name or the AP’s IP address is specified, the user should specify the ESSID to get the neighbor information. If the ESSID is not specified, the command will display the neighbor information for all the Virtual AP's configured on the AP.
Command Information Platforms All platforms 1883| show rrm dot11k neighbor-report Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show rrm dot11k transmit-stream-report station-mac show rrm dot11k transmit-stream-report station-mac Description This is a diagnostic option for quick verification of received transmit stream measurement reports. Displays the contents of the transmit stream measurement reports received from a client. Syntax Parameter mac-addr Description MAC address of the client. Command History This command is introduced in ArubaOS 5.
show running-config show running-config Description Displays the current controller configuration, including all pending changes which are yet to be saved. Syntax No parameters. Example The output of this command shows the running configuration on the controller. (host) # show running-config version 5.0 enable secret "******" telnet soe loginsession timeout 0 hostname "vjoshi-2400" clock timezone PST -8 location "Building1.
Command Information Platforms All platforms 1886| show running-config Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show session-acl-list show session-acl-list Description Displays the list of configured session ACLs in the controller. Syntax No parameters. Example The output of this command shows the session ACLs in the controller. (host) # show session-access-list v6-icmp-acl allow-diskservices control validuser v6-https-acl vocera-acl icmp-acl v6-dhcp-acl captiveportal v6-dns-acl allowall test sip-acl https-acl ... ... ...
show slots show slots Description Displays the list of slots in the controller, including the status and card type. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show slots Slots -----Slot Status ---- -----1 Present Card Type --------A2400 Command History This command was available in ArubaOS 3.4 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show snmp community show snmp community Description Displays the SNMP community string details. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show snmp community SNMP COMMUNITIES ---------------COMMUNITY ACCESS --------- -----public READ_ONLY VERSION ------V1, V2c Command History This command was available in ArubaOS 3.0 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show snmp inform show snmp inform Description Displays the length of SNMP inform queue. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show snmp inform stats Inform queue size is 100 SNMP INFORM STATS ----------------HOST PORT INFORMS-INQUEUE ---- ---- --------------- OVERFLOW -------- TOTAL INFORMS ------------- Command History This command was available in ArubaOS 3.
show snmp trap-hosts show snmp trap-hosts Description Displays the configured SNMP trap hosts. Syntax No parameters. Example The output of this command shows details of a SNMP trap host. (host) # show snmp trap-hosts SNMP TRAP HOSTS --------------HOST VERSION ---------10.16.14.1 SNMPv2c SECURITY NAME ------------public PORT ---162 TYPE ---Trap TIMEOUT ------N/A RETRY ----N/A Command History This command was available in ArubaOS 3.
show snmp trap-list show snmp trap-list Description Displays the list of SNMP traps. Syntax No parameters. Example The output of this command shows the list of SNMP traps and the status.
Release ArubaOS 3.0 ArubaOS 6.5.0.0 Modification Command introduced Two new fields, wlsxAPDown and wlsxAPUp have been introduced to provide MAC address, AP name, and IP address of access point when access point comes up or goes down. Command Information Platforms All platforms 1893| show snmp trap-list Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show snmp trap-queue show snmp trap-queue Description Displays the list of SNMP traps in queue. Syntax No parameters. Example The output of this command shows the list of SNMP traps sent to host. (host) # show snmp trap-queue a)wlsxMgmtUserAuthenticationFailed The trap indicates that a management user authentication failed. 2013-10-29 08:08:10 Management user authentication failed for user commonuser1 with IP address 10.20.102.79 usermac 00:00:00:00:00:00 server name CiscoACS-2 serverip 10.15.28.
Command Information Platforms All platforms 1895| show snmp trap-queue Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show snmp user-table show snmp user-table [user auth-prot [sha | md5] priv-prot [aes | des] ] Description Displays the list of SNMP user profile for a specified username. Syntax Parameter auth-prot Description Authentication protocol for the user, either HMAC-MD5-98 Digest Authentication Protocol (MD5) or HMAC-SHA-98 Digest Authentication Protocol (SHA), and the password for use with the designated protocol.
show spanning-tree show spanning-tree Description View the RSTP and PVST+ configuration.
Spanning Tree is executing the IEEE compatible Rapid Spanning Tree protocol Bridge Identifier has priority 32768, address 00:0b:86:f0:20:00 Configured hello time 2, max age 20, forward delay 15 We are the root of the spanning tree Topology change flag is not set, detected flag not set, changes 1 Times: hold 1, topology change 35 hello 2, max age 20, forward delay 15 Timers: hello 0, notification 0 Last topology change: 2 days, 0 hours, 31 mins, 21 secs Example—show spanning-tree interface fastethernet (hos
show spantree show spantree | | | | Description View the global RSTP and PVST+ topology. Syntax Parameter Description blocking View the spanning tree ports in the Blocking state. enable View the spanning tree ports in the Enable state. forwarding View the spanning tree ports in the Forwarding state. off View the ports with spanning tree disabled vlan View the spanning tree instance for the VLAN.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.0 The PVST+ parameter added. ArubaOS 6.3 Upgraded STP to RSTP with full backward compatibility. ArubaOS 6.4.3.0 The BpduGuard field was introduced as part of this command output. Command Information Platform All platforms 1900| show spantree Licensing Base operating system Command Mode Enable mode and Configuration mode (config) on master controllers Dell Networking W-Series ArubaOS 6.5.
show ssh show ssh Description Displays the SSH configuration details. Syntax No parameters. Example The output of this command shows SSH configuration details. (host) # show ssh SSH Settings: ------------DSA Mgmt User Authentication Method Enabled username/password Command History This command was available in ArubaOS 3.0 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show sso idp-profile show sso idp-profile Description Displays all SSO IDP profiles. Syntax No parameters. Example The output of this command lists all SSO IDP profiles on the controller. ((host) (config) #show sso idp-profile SSO Profile List ---------------Name References Profile Status ------------- -------------sso-example 0 Command History This command was available in ArubaOS 6.4 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show startup-config show startup-config Description Displays the configuration which will be used the next time the controller is rebooted. It contains all the options last saved using the write memory command. Any unsaved changes are not included. Syntax No parameters. Example The output of this command shows slot details on the controller. (host) # show startup-config version 3.
Command Information Platforms All platforms 1904| show startup-config Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show station-table show station-table [mac | verbose ] Description Displays the internal station table entries and also details of a station table entry. Syntax Parameter Description mac Displays the details of the AP that matches the specified MAC address. verbose Displays the details of all the APs in a table format. Example The output of this command shows details of an entry in the station table.
show storage show storage Description Displays the storage information on the controller. Syntax No parameters. Example The output of this command shows the storage details on the controller. (host) # show storage Filesystem /dev/root none /dev/hda3 /dev/usb/flash3 /dev/usbdisk/2 /dev/usbdisk/1 Size 57.0M 70.0M 149.7M 1.5G 3.5G 3.9G Used Available Use% Mounted on 54.6M 2.3M 96% / 2.0M 68.0M 3% /tmp 9.3M 132.6M 7% /flash 168.6M 1.3G 12% /flash 71.4M 3.2G 2% /mnt/usbdisk/2 131.0M 3.
show switch ip show switch ip Description Displays the IP address of the controller and VLAN ID. Syntax No parameters. Example The output of this command shows the IP address and VLAN ID of the controller. (host) # show switch ip Switch IP Address: 10.16.15.1 Switch IP is from Vlan Interface: 1 Command History This command was available in ArubaOS 3.0 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show switch software show switch software Description Displays the details of the software running in the controller. Syntax No parameters. Example The output of this command shows the details of software running in the controller. (host) # show switch software Command History This command was available in ArubaOS 3.0 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show switches show switches [all | regulatory | state {complete | incomplete | inprogress | required} | summary ] Description Displays the details of controllers connected to the master controller, including the master controller itself. Syntax Description Parameter all List of all controllers. Displays information about the currently active regulatory file. regulatory state Configuration status of all controllers. summary Status of all controllers connected to the master.
Parameter Description IP address IP address of the controller MAC MAC address of the controller Hostname hostname of the master controller Model Controller model type. Version Software version running on the controller Status A status of up indicates that the controller is active on the network. A status of down indicates that the controller is inactive or unreachable by the master controller Branch Group Name of the branch config group assigned to the branch controller.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show switchinfo show switchinfo Description Displays the latest and complete summary of controller details including role, last configuration change, hostname, reason for last reboot. Syntax No parameters. Example The output of this command lists all controllers connected to the master controller including the master controller.
show syscontact show syscontact Description Displays the contact information for support. Syntax No parameters. Example The output of this command shows the contact information for technical support. (host) # show syscontact admin@mycompany.com Command History This command was available in ArubaOS 3.1 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show syslocation show syslocation Description Displays the location details of the controller. Syntax No parameters. Example The output of this command location of the controller. (host) # show syslocation Building 1, Floor 1 Command History This command was available in ArubaOS 3.1 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show tech-support show tech-support user Description Displays all information about the controller required for technical support purposes. Syntax Parameter Description Stores the output in specified file name. Maximum length of the file name is 127 characters user Run a user specific tech-support command. Command History Release Modification ArubaOS 3.1 Command available. ArubaOS 6.2 User and parameters added.
show telnet show telnet Description Displays the status of telnet access using the command line interface (CLI) or Serial over Ethernet (SOE) to the controller. Syntax No parameters. Example The output of this command shows the status of CLI and SOE access to the controller. (host) # show telnet telnet cli is enabled telnet soe is enabled Command History This command was available in ArubaOS 3.
show threshold show threshold all|controlpath-cpu|controlpath-memory|datapath-cpu| no-of-aps|no-of-locals|total-tunnel-capacity|user-capacity| Description This command shows controller capacity thresholds which, when exceeded, will trigger alerts. Syntax Parameter Description all Display all alert thresholds. controlpath-cpu Display the alert threshold for controlpath CPU capacity.
Parameter Description user-capacity Display the alert threshold for the controller’s user capacity. The output of this command shows the percentage of the total resource capacity that must be exceeded before the alert is sent. The default threshold for this parameter is 80%. Usage Guidelines The controller will send a wlsxThresholdAbove SNMP trap and a syslog error message when the controller has exceeded a set percentage of the total capacity for that resource.
show threshold-limits show threshold-limits controlpath-memory|fan-speed|no-of-aps|no-of-locals|total-tunnel-capacity|user-capacity Description This command shows current values of the different resources monitored by the controller. Syntax Parameter Description controlpath-memory The output of this command displays the default memory threshold which, when exceeded, will trigger an alert, the current configured threshold, the total memory (in MB) and the currently available memory (in MB).
Example The following command shows the current alert thresholds for controlpath memory resources: (host) (config) #show threshold-limits controlpath-memory Threshold Values For Controlpath Memory ---------------------------------------Default(%) Current(%) Total Memory (MB) Available Memory (MB) ---------- ---------- ----------------- --------------------85 77 679 225 The following command shows the current alert thresholds for all monitored controller resources: Command History The command was introduc
show time-range show time-range [|summary] Description Displays the list of time range configured in the system and rules affected by the time range. Syntax No parameters. Example The output of this command shows the absolute time range details.
show timer debug statistics app-name show ipc statistics app-name Description Displaytimer debugging statistics for a specific application.
Cancelled timers=4425 Timer info SI TV RC Recurring RT Callback 0 3600000 30 Yes 1575400 0x2ad41c84 0 3600000 30 Yes 1575400 0x2ad4a200 0 3600000 30 Yes 1575400 0x2ad41c84 0 3600000 30 Yes 1575400 0x2ad4a200 0 3600000 30 Yes 1575400 0x2ad41c84 0 3600000 30 Yes 1575400 0x2ad4a200 0 3600000 30 Yes 1575400 0x2ad41c84 0 3600000 30 Yes 1575400 0x2ad4a200 0 3600000 30 Yes 1575400 0x2ad41c84 0 3600000 30 Yes 1575400 0x2ad4a200 360 300000 0 Yes 3400 0x57d564 360 60000 0 Yes 3400 0x46942c 360 60000 0 Yes 3400 0x2b23
show tpm cert-info (deprecated) show tpm cert-info Description Displays the TPM and Factory Certificate information on older MIPS controllersnot supported by this version of ArubaOS Command History Release Modification ArubaOS 5.0 Command introduced ArubaOS 6.5 Command deprecated Dell Networking W-Series ArubaOS 6.5.
show trunk show trunk Description Displays the list of trunk ports on the controller. Syntax No parameters. Example The output of this command shows details of a trunk port. (host) # show trunk Trunk Port Table ----------------Port Vlans Allowed Vlan -----------------FE2/12 1,613,615-617,632-633,636-640,667-668 Vlans Active Native ------------ -------- 1,613,615-617,632-633,636-640,667-668 1 Command History This command was available in ArubaOS 3.
show tunnel-group show tunnel-group Description Displays the operational status of the tunnel-groups configured on the controller. Syntax Parameter Description Displays the operational status of the specified tunnel-group.
Command Information Platforms All platforms 1927| show tunnel-group Licensing Base operating system Command Mode Config or Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show tunneled-node show tunneled-node [state|database] Description Displays the state of the tunneled node and lists all tunneled nodes connected to the controller. Syntax No parameters. Example The output of this command shows the tunneled node state. (host) # show tunneled-node state Tunneled Node State --------IP MAC port state vlan tunnel inactive-time -- --- --- ----- ---- ------ ------------192.168.123.14 00:0b:86:40:32:40 0/0/3 complete 10 9 1 192.168.123.
show ucc call-info cdrs show ucc call-info cdrs ap [app [WiFi-Calling | h323 | skhype4b| noe | sccp | sip | svp | vocera]] app {WiFi-Calling [detail] | h323 [detail] | skype4b [detail] | noe [detail] | sccp [detail] | sip [detail] | svp [detail] | vocera [detail]} cid detail Description This command displays the Call Detailed Records (CDR) statistics for Unified Communication and Collaboration (UCC).
Jan Jan Jan 8 06:18:27 8 06:18:27 8 06:16:49 MOS --4.17 4.15 4.19 SUCC SUCC SUCC Terminated Terminated Terminated Video/Conf Call Voice Voice/Conf Call 81 82 86 81.52 79.53 86.34 Good Good Good MOS-Band -------Good Good Good The output of this command includes the following information: Column Description CDR ID Displays the Call Detail Record ID of a particular voice and video calls, desktop sharing, or file transfer session.
Column Reason Call Type Description Displays the reason code for call termination.
Column Description l File Transfer l Voice/Conf Call l Video/Conf Call l Desktop-Sharing/Conf Call l File-Transfer/Conf Call Client Health Displays the ratio of ideal air time required for transmitting a packet from an AP to a client to the actual air time taken for the packet transmission in percentage. Ideal air time assumes highest data rate without any retransmission. UCC Score Displays the UCC score based on the quality of the voice call or desktop sharing session.
Column Description UCC Call ID Displays the unique identifier for all call legs of a particular voice and video calls, desktop sharing, or file transfer session. AP Name Displays the name that uniquely identifies the AP. Re-Assoc Displays the number of times the client re-associated while on an active call. CAC-Denied Displays the status of the Call Admission Control (CAC).
48 46 53 45.19 532.39 58.79 MOS --3.50 2.64 4.07 MOS-Band -------Good Fair Good 0.27 0.00 57.52 23.99 1.42 10.30 53.70 355.00 107.92 0.01 0.01 End-to-End Delay(ms)/Jitter(ms)/PktLoss(%) -----------------------------------------11.00/11.00/0.24 5.00/4.00/NA 5.00/2.00/0.46 The output of this command includes the following information: Column Description CDR ID Displays the Call Detail Record ID of a particular voice and video calls, desktop sharing, or file transfer session.
Column Description MOS-Band Displays the quality band of the VoIP call based on the Mean Opinion Score. End-to-End Delay(ms) /Jitter(ms)/PktLoss(%) Displays the end-to-end delay (in milliseconds), jitter (in milliseconds), and packet loss (in percentage). NOTE: This field takes the wired and wireless network QoS parameters into consideration. Command History Version Description ArubaOS 6.4 Command introduced. ArubaOS 6.4.3.
Command Information Platforms All platforms 1936| show ucc call-info cdrs Licensing This command requires the PEFNG license. Command Mode Config or Enable mode on master or local controllers. Dell Networking W-Series ArubaOS 6.5.
show ucc client-info show ucc client-info app {WiFi-Calling [detail] | h323 [detail] | skype4b [detail] | noe [detail] | sccp [detail] | sip [detail] | svp [detail] | vocera [detail]} detail sta Description This command displays the UCC client status and CDR statistics. When VoIP calls are prioritized using media classification, the Client Name value is not available.
Column Description Client IP Displays the IP address of the VoIP client. Client MAC Displays the MAC address of the VoIP client. Client Name Displays the username of the VoIP client. ALG Displays the Application Layer Gateway protocol used by the VoIP client. Server(IP) Displays the IP address of call server the client is registered to. Registration State Displays the registration status of the VoIP call.
Column Description Client IP Displays the IP address of the VoIP client. Client MAC Displays the MAC address of the VoIP client. Client Name Displays the username of the VoIP client. WLAN Delay(ms)/Jitter(ms)/PktLoss(%) Displays the WLAN delay (in milliseconds), jitter (in milliseconds), and packet loss (in percentage). NOTE: This field takes only the wireless network QoS parameters into consideration.
Status -----ACTIVE Call Type --------Voice Client Health ------------62 Call History: ------------CDR ID UCC Call ID ------ ----------54 23 02:45:22 53 22 06:53:41 Status -----SUCC SUCC Reason -----Terminated Terminated UCC Score --------81.52 UCC-Band -------Good MOS --4.17 MOS-Band -------Good Client IP --------10.15.88.245 Client Name ----------Alex ALG Dir ----skype4b OG Called To --------Mike Dur(sec) -------847 Orig-Time --------Jan 16 10.15.88.
Column Description l (IOS) l NA Active Calls CDR ID Displays the Call Detail Record ID of a particular voice and video calls, desktop sharing, or file transfer session. UCC Call ID Displays the unique identifier for all call legs of a particular voice and video calls, desktop sharing, or file transfer session. Client IP Displays the IP address of the VoIP client. Client Name Displays the username of the VoIP client. ALG Displays the Application Layer Gateway protocol used by the VoIP client.
Column Description l File Transfer l Voice/Conf Call l Video/Conf Call l Desktop-Sharing/Conf Call l File-Transfer/Conf Call Client Health Displays the ratio of ideal air time required for transmitting a packet from an AP to a client to the actual air time taken for the packet transmission in percentage. Ideal air time assumes highest data rate without any retransmission. UCC Score Displays the UCC score based on the quality of the voice call or desktop sharing session.
Column Description l Client reset l No answer l Missed l Parked l Invalid number l Tunnel down l Moved temporarily l 4xx error l 5xx error l Call leg does not exist l DELTS request l TCLAS flow deleted l No reason NOTE: For information on additional field descriptions, refer the field descriptions under the Active Calls heading. Dell Networking W-Series ArubaOS 6.5.
Command History Version Description ArubaOS 6.4 Command introduced. ArubaOS 6.4.3.0 Following changes were made as part of the show ucc client-info details command output: l Renamed the Client Status Details section heading to Client Status Details(Average) and removed the Avg word from all field headings. l Added the Client Name field. l Merged the Avg Delay(msec), Avg Jitter(msec), and Avg Packet Loss (%) fields to WLAN Delay(ms)/Jitter(ms)/PktLoss(%).
show ucc configuration show ucc configuration cac-alg dialplan-profile [] logging midcall-timeout realtime-analysis rtcp-inactivity sip traffic-control skype4b[] Description This command displays the UCC configuration in the controller. Syntax Parameter Description cac-alg Displays the CAC profiles configured in the controller. dialplan-profile [] Displays the dialplan profile configured in the controller.
Stateful VOCERA Processing Stateful UA Processing SSID Profiles ------------Profile Name -----------AP01-SSID-PROFILE-WPA2 default DSCP-vi ------40 34 DSCP-be ------24 24 AP Group Profiles ----------------Profile Name -----------default employee DSCP-bk ------8 8 Enabled Enabled WMM --Disabled Disabled Battery Boost ------------Disabled Disabled WMM-UAPSD --------Enabled Enabled TSPEC Min Inactivity(msec) -------------------------0 0 EDCA STA prof ------------N/A N/A EDCA AP prof -----------N/A N/A
prioritize desktop-sharing prioritize file-transfer Enabled Enabled Command History Version Description ArubaOS 6.4 Command introduced. ArubaOS 6.4.4.0 The lync parameter is deprecated, and is replaced by the skype4b parameter Command Information Platforms All platforms Licensing This command requires the PEFNG license. Dell Networking W-Series ArubaOS 6.5.x | Reference Guide Command Mode Config or Enable mode on master or local controllers.
show ucc dns-ip-learning show ucc dns-ip-learning Description This command displays the carrier’s evolved Packet Data Gateway (ePDG) IP address learned by the controller. This command is specific for Wi-Fi calling clients. Syntax No parameters. Example The following command displays the carrier’s evolved Packet Data Gateway (ePDG) IP address learned by the controller: (host) #show ucc dns-ip-learning DNS IP Learning: ---------------IP Address Service Provider ------------------------208.54.85.
show ucc statistics show ucc statistics counter cac | call {client [app {WiFi-Calling | h323 | skype4b| noe | sccp | sip | svp | vocera}]| global [app {WiFi-Calling | h323 | skype4b| noe | sccp | sip | svp | vocera}]} dialplan-hits remote wmm-flow {ap-name | bssid | ip-addr } tspec-enforcement wmm-flow Description This command displays the UCC call statistics in the controller.
Device Type Allocations: -----------------------Device Type WMM AC-VI WMM AC-VO ----------- --------- --------Windows 19 0 Win 7 18 0 WMM-BK -----0 0 WMM-BE -----4 4 WMM (VI, VO, BK, BE):total calls with received priority The following command displays the client call counters: (host) #show ucc statistics counter call client Per Client Call Counters: ------------------------Client IP Client MAC -----------------192.0.2.22 00:23:33:41:c8:b8 192.0.2.26 24:77:03:9a:6c:dc 192.0.2.
Column Description WMM AC-VO Displays the number of calls where the client sent RTP with WMM AC set to Voice (VO). WMM-BK Displays the number of calls where the client sent RTP with WMM AC set to Background (BK). WMM-BE Displays the number of calls where the client sent RTP with WMM AC set to Best Effort (BE). Command History Version Description ArubaOS 6.4 Command introduced. ArubaOS 6.4.4.0 The lync parameter was deprecated, and is replaced by the skype4b parameter ArubaOS 6.
show ucc trace-buffer show ucc trace-buffer skype4b[count ] sccp [count ] sip [count ] Description This command displays the UCC call message trace buffer for Skype4b, SCCP, and SIP ALGs. Call signaling events such as establishing voice, video, desktop sharing, and file transfer are recorded. Syntax Parameter Description skype4b [count ] Displays Skype4b call message trace buffer. sccp [count ] Displays SCCP call message trace buffer.
Column Direction Description Displays the call direction. l OG — Outgoing l IC — Incoming Event Time Displays the time stamp when the VoIP call originated. BSSID Displays the BSSID of the AP to which the VoIP client is connected. Called To Displays the user name of the VoIP client being called. CAC-Status Displays if call admission control limit is reached.
Command History Version Description ArubaOS 6.4 Command introduced. ArubaOS 6.4.3.0 The InCallQuality Update value was added under the Call Status field. ArubaOS 6.4.4.0 The lync parameter is deprecated, and is replaced by the skype4b parameter. Command Information Platforms All platforms Licensing This command requires the PEFNG license. Dell Networking W-Series ArubaOS 6.5.x | Reference Guide Command Mode Config or Enable mode on master or local controllers.
show upgrade configuration show upgrade configuration Description The output of this command shows the current upgrade configuration, including profile settings, image files and targets. Syntax No parameters Usage Guidelines The centralized image upgrade feature allows a master controller to automatically upgrade its associated local controllers by sending an image from an image server to one or more local controllers.
Parameter Description Range Default Password If the protocol parameter is set to FTP or SCP, this parameter displays the password that ArubaOS will use to connect to the image server - - File path Location on the image server where the image file(s) are located - - Max downloads Maximum number of local controllers that can simultaneously download a file from a file server. The centralized image downloading feature supports up to 100 simultaneous downloads.
show upgrade status show upgrade status[summary] Description The output of this command shows the status of controllers using the centralized upgrade feature. Syntax Parameter Description summary Display a summary of all local controllers using the centralized image upgrade, including the numbers of controllers currently in each upgrade state.
Parameter Description Range Default File path File path to the location on the image server where the image file(s) reside. - - Max downloads Maximum number of local controllers that can simultaneously download a file from a file server. The centralized image downloading feature supports up to 100 simultaneous downloads. If this field is left blank, ArubaOS will use its default value of 10 downloads.
Parameter Description Not supported The local controller is running a version of ArubaOS that does not support centralized image downloads. Waiting, image not verified The image must be verified as valid before the local controller can download that image. Not part of target The local controller is associated with a master controller using the centralized image upgrade feature, but is not part of the upgrade target.
show upgrade-profile Description The settings in this centralized image upgrade profile allow the master controller to automatically upgrade its associated local controllers by sending an image from an image server to one or more local controllers. Syntax No parameters Usage Guidelines The centralized image upgrade feature is enabled and configured on a master controller only, and supports up to 100 simultaneous image downloads.
Parameter Description Range Default upgrade from the image server to the local controller. l TFTP l FTP l SCP Server IP address IP address of the image server. - - Username If the protocol parameter is set to FTP or SCP, this parameter displays the user name that ArubaOS uses to connect to the image server. - - Password If the protocol parameter is set to FTP or SCP, this parameter displays the password that ArubaOS will use to connect to the image server.
show uplink crypto-local show uplink [config|{connection }|signal|{stats
Command History Release Modification ArubaOS 3.4 Command introduced. ArubaOS 6.4.4.0 The output of this command was enhanced to display Uplink Healthcheck settings and the ability of the controller to contact the health check FQDN or IP address using each of these uplinks. The output of the show uplink config command was enhanced to display the Default Cellular PID,APN settings.
show usb crypto-local show usb [cellular|ports|test|verbose] Description Display detailed USB device information. Syntax Parameter Description cellular Enter the keyword cellular to display cellular devices. ports Enter the keyword ports to display detailed TTY port information such as signal strength. test Enter the keyword test to test the USB TTY ports. NOTE: Testing an invalid modem port may cause the controller to “hang”. To resolve this, unplug and re-plug the modem.
Command Information Platforms All platforms 1965| show usb Licensing Base operating system Command Mode Config mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
show user show user ap-group ap-name authentication-method dot1x|mac|opensystem|psk|stateful-dot1x|via-vpn|vpn|web bssid devtype essid internal ip [log] location b.f.l mac [log] mobile {[bindings][visitors]} name phy-type {[a]|[b]} role rows Description Displays detailed information about user in terms of AP group, authentication method, role and so on.
Parameter web Description Show data for devices using captive portal authentication. bssid Show user data for a specific device BSSID. devtype Show output for a specified device type, if identified. If the device name includes spaces, you must enclose it in quotation marks. essid Show user data for a specific ESSID. If the ESSID includes spaces, you must enclose it in quotation marks. internal Display internal user entries only.
Example (host) #show user Users ----IP MAC Name Role Age(d:h:m) Auth VPN link AP name Roaming Essid/Bssid/Phy Profile Forward mode Type Host Name ---------- ------------ ------ ---- ---------- ---- -------- ------- ------------- ------- ------------ ---- --------User Entries: 0/0 Curr/Cum Alloc:0/0 Free:0/0 Dyn:0 AllocErr:0 FreeErr:0 -------- Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.
show user-table show user-table ap-group ap-name authentication-method dot1x|mac|opensystem|psk|stateful-dot1x|via-vpn|vpn|web bssid devtype debug essid internal ip
Parameter Description stateful-dot1x Show data for devices using stateful 802.1X authentication. via-vpn Show data for devices that authenticate using Dell VIA. vpn Show data for devices using VPN authentication. web Show data for devices using captive portal authentication. bssid debug Show user data for a specific device BSSID. Show all user data for debugging purposes. devtype Show output for a specified device type, if identified.
Parameter Description a Matches PHY type a. g Matches PHY type b or g. role User role such as employee, visitor and so on. rows Filter the output of the show user command by specifying the number of rows from the end of the output and the total number of rows to display/ station For internal use only. summary Shows the authentication and encryption type used by wired or wireless clients. unique Displays only information for users with a valid IP address.
Associated ethersphere-wpa2/00:1a:1e:85:c2:11/a-HT default tunnel ipad The output of the show user mac and show user ip commands include the following information. (host) # show user-table ip 5.5.5.2 Name: 98:0c:82:45:d6:7b, IP: 5.5.5.
Role Derivation Code Description 7 Dot1X profile role 8 Dot1X server derived role 9 Dot1X role derived from Dell VSA 10 Dot1X role derived from CPPM VSA 11 Role derived from DHCP option 12 Change of authorization role 13 Forced role set by Extended Service Interface (ESI) 14 Role derived from mobility 15 Role assigned by external/internal captive portal 16 Role assigned by SIP 17 SDR derived role during L3 authentication 18 VSA derived role during L3 authentication 19 CPPM VSA der
VLAN Derivation Code Description 5 DHCP Option 77 role contained 6 Matched DHCP Option 77 7 MBA role contained 8 MBA server rule role contained 9 MBA server rule 10 MBA Dell VSA role contained 11 MBA Dell VSA 12 MBA MSFT attributes 13 User Dot1X role contained 14 Dot1X server rule role contained 15 Dot1X server rule 16 Dot1X Dell VSA role contained 17 Dot1X Dell VSA 18 Dot1X MSFT attributes 19 VLAN from pmk-cache 20 DHCP options user rule role contained 21 DHCP options use
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 6.1 The devtype parameter was introduced, and the output of this command expanded to include the Type column. ArubaOS 6.2 Output for the IP address shows if it is derived using DHCP. ArubaOS 6.3 The optional log parameter was introduced to display log files for events triggered by a specific user. All controllers support per-user logging. ArubaOS 6.4.3.
show util_proc show util_proc guest-email counters Description Show counters for the guest email process. Syntax No parameters. Usage Guidelines As part of guest provisioning, the guest access email feature allows you to define the SMTP port and server that processes guest provisioning email. This server sends email to the guest or the sponsor when a guest user manually sends email from the Guest Provisioning page, or when a user creates a guest account.
show valid-network-oui-profile show valid-network-oui-profile Description This command displays the Valid Equipment OUI Profile table Syntax No parameters Usage Guidelines If you used the valid-networkoui-profile to add a new OUI to the controller, issue the show valid-network-ouiprofile command to see a list of current OUIs.
show version show version Description Show the system software version. Syntax No parameters. Example (host) #show version Aruba Operating System Software. ArubaOS (MODEL: Dell Networking W-650 Controller-US), Version 6.1.0.0 Website: http://www.dell.com Copyright (c) 2002-2011, Aruba Networks, Inc. Compiled on 2011-04-28 at 00:18:36 PDT (build 28106) by p4build ROM: System Bootstrap, Version CPBoot 1.0.0.
Command Information Platforms All platforms 1979| show version Licensing Base operating system Command Mode Enable and Config mode on local and master controllers Dell Networking W-Series ArubaOS 6.5.
show via show via version websessions Description Displays VIA version and web session details. Syntax Parameter Description Range Default version Displays the version of VIA client available on the controller. — — websessions Displays the list of users connected to the VIA controller using the VIA client. — — Example The following example displays the version of VIA client available on the controller.
show vlan show vlan Description This command shows a configured VLAN interface number, description and associated ports. Syntax Parameter Description Identification number for the VLAN. Range 1-4094 Default 1 Usage Guidelines Issue this command to show the selected VLAN configuration. The VLAN column lists the VLAN ID. The Description column provides the VLAN name or number and the Ports column shows the VLAN’s associated ports.
Command Information Platforms All platforms 1982| show vlan Licensing Base operating system Command Mode Enable or config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show vlan-assignment show vlan-assignment Description This command shows the number of clients assigned to a VLAN. Syntax No parameters. Usage Guidelines Issue this command to show the number of clients that are assigned to a VLAN. (host) #show vlan-assignment VLAN Assignment --------------VLAN #CLIENTS ---- -------10 0 Related Commands (host) (config) #vlan (host) (config) #vlan-name Command History This command was introduced in ArubaOS 6.2.
show vlan-assignment-auth show vlan-assignment-auth Description This command shows the VLAN usage in the user authentication module. Syntax No parameters. Usage Guidelines Issue this command to view all the VLAN IDs that are configured along with the current client count that uses that VLAN ID. (host) #show vlan-assignment-auth Vlan usage in AUTH -----------------VLAN ID Usage ------- ----10 0 Related Commands (host) (config) #vlan Command History This command was introduced in ArubaOS 6.3.
show vlan mapping show vlan mapping Description This command shows a configured VLAN name, its pool status, assignment type and the VLAN IDs assigned to the pool. Syntax Parameter Description Identification number for the VLAN. Range 1-4094 Default 1 Usage Guidelines Issue this command to show the selected VLAN configuration. The VLAN Name column displays the name of the VLAN pool. The VLAN IDs column lists the VLANs that are part of the pool.
show vlan status show vlan status Description This command shows the current status of all VLANs on the controller. Syntax No parameters. Usage Guidelines Issue this command to show the status of VLANs on the controller. The VLANID column displays the VLAN ID name or number. The IP Address column provides the VLAN’s IP address. The Adminstate column indicates if the VLAN is enabled or disabled. The Operstate column indicates if the VLAN is currently up and running.
Command History This command was introduced in ArubaOS 3.0. Command Information Platforms All platforms 1987| show vlan status Licensing Base operating system Command Mode Enable or config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show vlan summary show vlan summary Description This command shows the number of existing VLANs. Syntax Parameter Description Number of existing VLANs The number of existing VLANs on the controller. Usage Guidelines Issue this command to show the number of existing VLANs on the controller. (host) #show vlan summary Number of existing VLANs :13 Related Commands (host) (config) #vlan (host) (config) #vlan-name Command History This command was introduced in ArubaOS 3.0.
show vlan-bwcontract-explist show vlan-bwcontract-explist [internal] Description Show entries in the VLAN bandwidth contracts MAC exception lists. Syntax Parameter internal Description Include the optional internal parameter to display the MAC addresses in the internal, preconfigured VLAN bandwidth contracts MAC exception list. Example The following command displays the MAC addresses in the internal MAC exception list.
show voice alg-based-cac (deprecated) show voice alg-based-cac Description Displays the status of the VoIP signaling based Call Admission Control (CAC). Syntax No parameters. Command History Version Description ArubaOS 6.2.0.0 Command introduced. ArubaOS 6.4.0.0 Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice call-cdrs (deprecated) show voice call-cdrs bssid cid count detail essid extn ip proto rtpa sta Description Displays detailed call records of voice client. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. cid View the detailed call records for a specific client based on the Call Detail Record (CDR) ID.
Parameter Description extn Filter records based on the extension of a voice client. ip Filter records based on the IP address of a voice client. proto View detailed records filtered on protocol including all of the following: rtpa l sip l svp l noe l sccp l vocera l h323 l lync Include this parameter to view the voice call quality reports based on the call quality analysis from the RTP media streams.
show voice call-counters (deprecated) show voice call-counters Description Displays outgoing, incoming and terminated call counter details. The total calls equals the sum of the calls originated and terminated. It also equals the sum of the active, success, failed, blocked, aborted, and forwarded calls. Syntax No parameters. Command History Version Description ArubaOS 3.3.1.0 Command introduced. ArubaOS 6.4.0.0 Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice call-density (deprecated) show voice call-density bssid essid extn ip proto Description Displays call density report for voice calls. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. essid Filter records based on ESSID of voice clients. extn Filter records based on the extension of a voice client.
show voice call-perf (deprecated) show voice call-perf bssid essid extn ip proto Description Displays the performance of voice calls of all clients connected to the controller. You can filter the report based on BSSID, ESSID, extension, IP address or the VOIP protocol type. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. essid Filter records based on ESSID of voice clients.
show voice call-quality (deprecated) show voice call-quality bssid essid extn ip proto rtpa sta Description Displays voice call quality for each call over a period of time. Syntax Parameter Description bssid Filter records based on BSSID of voice clients. essid Filter records based on ESSID of voice clients. extn Filter records based on the extension of a voice client.
Command History Version Description ArubaOS 3.3.1.0 Command introduced. ArubaOS 6.0.0.0 The rtpa and sta parameters were introduced. ArubaOS 6.3.0.0 Under the proto parameter, the lync protocol is introduced. ArubaOS 6.4.0.0 Command deprecated. 1997| show voice call-quality (deprecated) Dell Networking W-Series ArubaOS 6.5.
show voice call-stats (deprecated) show voice call-stats bssid cip essid extn ip proto sta Description Displays voice call statistics for each client. Syntax Parameter Description bssid Filter records based on BSSID of a voice client. cip Filter records based on a client’s IP address. essid Filter records based on ESSID of a voice client.
Command History Version Description ArubaOS 3.3.1.0 Command introduced. ArubaOS 6.3.0.0 Under the proto parameter, the lync protocol is introduced. ArubaOS 6.4.0.0 Command deprecated. 1999| show voice call-stats (deprecated) Dell Networking W-Series ArubaOS 6.5.
show voice client-status (deprecated) show voice client-status active-only bssid essid extn ip proto sta Description Displays list of voice clients and their status. You can also view details of a specific voice client. Syntax Parameter Description active-only Filter records based on active voice clients bssid Filter records based on BSSID of a voice client.
Command History Version Description ArubaOS 3.3.1.0 Command introduced. ArubaOS 6.0.0.0 The sta para\meter was introduced. ArubaOS 6.3.0.0 l Under the proto parameter, the lync protocol is introduced. l b — Best Effort flag is introduced. l Using the ip or mac parameter now displays Handoff Notification for the Lync client moving from one AP to another. ArubaOS 6.4.0.0 2001| show voice client-status (deprecated) Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice configurations (deprecated) show voice configurations Description Displays the details of the voice related configurations on your controller. Syntax No parameters. Command History Version Description ArubaOS 6.0.0.0 Command introduced. ArubaOS 6.4.0.0 Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice dialplan-profile (deprecated) show voice dialplan-profile Description Displays list of SIP voice dialplan. You can also specify a dialplan to view configuration. Syntax No parameter. Command History Version Description ArubaOS 5.0.0.0 Command introduced. ArubaOS 6.4.0.0 Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice facetime show voice facetime Description This command displays the user configured pattern that is matched against the User-Agent field of the SIP messages to determine if the session is a Facetime session. Syntax No parameters.
show voice logging (deprecated) show voice logging Description Displays the MAC address of the voice client that has logging enabled. Syntax No parameters. Command History Version Description ArubaOS 6.0.0.0 Command introduced. ArubaOS 6.4.0.0 Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice msg-stats show voice msg-stats skype4b {bssid | cip | essid | ip | sta } sccp {bssid | cip | essid | ip | sta } sip {bssid | cip | essid | ip | sta } Description Displays voice client message statistics for each client using either Skype4b ALG, Signaling Connection Control Part (SCCP), or Session Initiation Protocol (SIP).
---------7 7 Transfer -------0 0 ---------------6 6 --------5 4 ------17 18 -----2 3 ------8 4 --------0 0 ---0 0 ---0 0 Invalid ------- Num Clients:2 The output of the command in the second example shows voice message statistics for a Skype4b client with a MAC address. (host) #show voice msg-stats skype4b sta 00:24:d7:40:ca:88 Skype4b Voice Client(s) Msg Statistics ----------------------------------Client Name Client IP AP Name BSSID ----------- ----------------1001 10.16.33.
show voice real-time-analysis (deprecated) show voice real-time-analysis [sta ] Description Displays the call quality parameters based on the call quality analysis on the RTP media streams for voice calls. Syntax Parameter sta Description View the detailed real time call quality analysis report for a voice client based on the MAC address. You can also view the average call quality values for all the clients without passing the MAC address.
show voice real-time-analysis-config (deprecated) show voice real-time-analysis-config Description Displays the status of Real Time Call Quality Analysis configuration. Syntax No parameters. Command History Version Description ArubaOS 6.0.0.0 Command introduced. ArubaOS 6.4.0.0 Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice rtcp-inactivity (deprecated) show voice rtcp-inactivity Description Displays the status of RTCP protocol. Syntax Command History Version Description ArubaOS 3.3.1.0 Command introduced. ArubaOS 6.4.0.0 Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice sip (deprecated) show voice sip Description Displays the SIP settings on the controller. Syntax No parameters. Command History Version Description ArubaOS 6.0.0.0 Command introduced. ArubaOS 6.4.0.0 Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice sip-midcall-req-timeout (deprecated) show voice sip-midcall-req-timeout Description Displays the status of the SIP mid-call request timeout configuration on the controller. Syntax No parameters. Command History Version Description ArubaOS 6.0.0.0 Command introduced. ArubaOS 6.4.0.0 Command deprecated. Dell Networking W-Series ArubaOS 6.5.
show voice statistics (deprecated) show voice statistics [ cac | sip-dialplan-hits | tspec-enforcement ] Description Displays the CAC, UDP SIP dial plan hits, and TSPEC enforced voice statistics. Syntax Parameter cac Description Displays the dropped SIP Invites and SIP Status Code for both server and the client side. Note: This filter supports only the SIP protocol and will work only if CAC is enabled for the parameters. sip-dialplan-hits Displays the statistics of SIP dialplan hits.
show voice trace show voice trace skype4b[count | ip | mac ] sccp [count | ip | mac ] sip [count | ip | mac ] Description Displays the signaling message trace details for either Skype4b ALG, Signaling Connection Control Part (SCCP), or Session Initiation Protocol (SIP) clients. Syntax Parameter Description skype4b Show Skype4b trace details. sccp Show SCCP trace details. sip Show SIP trace details.
The second example shown is for the Skype4b ALG, displaying the exchange between a Skype4b server and Skype4b client. The output is divided into multiple sections to better fit on the pages of this document. In the actual command-line interface, it appears in a single, long table.
Command History Version Description ArubaOS 3.3.1.0 Command introduced. ArubaOS 6.0.0.0 The trace output included the BSSID parameter. ArubaOS 6.3.0.0 The lync parameter is introduced. ArubaOS 6.4.4.0 The lync parameter is deprecated, and is replaced by the skype4b parameter. Command Information Platforms All platforms Licensing This command requires the PEFNG license Dell Networking W-Series ArubaOS 6.5.
show voice wificalling show voice wificalling Description This command displays the Wi-Fi Calling ALG configuration on the controller. Syntax No parameters. Example The following commands display the Wi-Fi Calling ALG configuration on the controller. (host) #show voice wificalling WiFiCalling Configuration ------------------------Parameter Value ------------WiFiCalling Support Enabled dns pattern att.net ATT Command History Version ArubaOS 6.5 Description Command introduced.
show vpdn l2tp configuration show vpdn l2tp configuration Description Displays the VPN L2TP tunnel configuration. Syntax No parameters. Example The output of this command shows the L2TP tunnel configuration. (host) # show vpdn l2tp configuration Enabled Hello timeout: 30 seconds DNS primary server: 10.16.15.1 DNS secondary server: 10.16.14.1 WINS primary server: 0.0.0.0 WINS secondary server: 0.0.0.0 PPP client authentication methods: PAP IP LOCAL POOLS: vpnpool: 10.16.15.150 - 10.16.15.
show vpdn pptp configuration show vpdn pptp configuration Description Displays the PPTP configuration on the controller. Syntax No parameters. Example The output of this command shows the L2TP tunnel configuration. (host) # show vpdn pptp configuration Enabled Hello timeout: 30 seconds DNS primary server: 10.15.1.1 DNS secondary server: 10.15.1.200 WINS primary server: 0.0.0.0 WINS secondary server: 0.0.0.
show vpdn pptp local pool show vpdn pptp local pool Description Displays the IP address pool for VPN users using Point-to-Point Tunneling Protocol. Syntax No parameters. Example The output of this command shows the all IP address pools for VPN users. (host) # show vpdn pptp local pool IP addresses used in pool localgroup 0 IPs used - 11 IPs free - 11 IPs configured Command History This command was available in ArubaOS 3.
show vpn-dialer show vpn-dialer Description Displays the VPN dialer configuration for users using VPN dialers. Syntax No parameters. Example The output of this command shows the VPN dialer configuration for remote Users.
show vrrp show vrrp {{[statistics]}|ipv6{|stats[all]}|stats[all]|summary} Description Displays the list of all VRRP configuration on the controller. To view a specific VRRP configuration, specify the VRID number. Syntax Parameter Description Range Default Displays the Virtual Router Id. 1-255 — ipv6 Display VRRP information for IPv6 address. — — stats Displays the operational statistics of the VRRP. — — summary Displays the number of vrrp instances for IPv4 and IPv6.
(host) (config) # show vrrp ipv6 Virtual Router 1: Description Admin State DOWN, VR State INIT IPv6 Address :: MAC Address 00:00:5e:00:02:01, vlan 0 Priority 100, Advertisement 1 sec, Preemption Disable Delay 0 tracking is not enabled Virtual Router 23: Description Admin State DOWN, VR State INIT IPv6 Address :: MAC Address 00:00:5e:00:02:17, vlan 0 Priority 100, Advertisement 1 sec, Preemption Disable Delay 0 tracking is not enabled Virtual Router 255: Description Admin State UP, VR State MASTER IPv6 Addre
Number of exisitng VRRP IPv4 instances : Number of exisitng VRRP IPv6 instances : 2 3 The output of the following command shows the configuration for all IPv6 VRRP instances.
Last advertisement received timestamp: Current time: Number times became VRRP Master: never Wed Sep 25 19:55:33 2013 0 Command History Version Modification ArubaOS 1.0 Command introduced ArubaOS 3.3 The tracking interface and tracking vlan parameters were introduced. ArubaOS 3.3.2 The add option was removed from the tracking interface and tracking vlan parameters. ArubaOS 6.4 The ipv6, stats, and summary parameters were introduced. ArubaOS 6.4.2.6, ArubaOS 6.4.3.
show web-cc show web-cc categories reputation stats status global-bandwidth-contract all|{web-cc-category }|{web-cc-reputation } Description Display information about web content (web-cc) classification settings, category and reputation types, classification statistics and bandwidth contracts. Syntax Parameter categories Description Display the category index number and the category name for each category type.
web-cc-category music web-cc-category music Upstream Downstream 55000000 20000000 music-2126 music-745c 2 1 The output of the show web-cc command varies, depending upon the parameters specified. The following table describes the information displayed in the output of this command when that parameter is included.
Parameter Description l l Direction: indicates whether the contract applies to upstream or downstream traffic. Rate (bits/second) : bandwidth contract rate, in bits/second. l Contract: unique name assigned to the web-cc global bandwidth contract. l Id: identification number assigned to the web-cc global bandwidth contract. Related Commands Command web-cc Description Mode This command defines global bandwidth contracts for HTTP traffic matching a predefined web content category or reputation type.
show web-server show web-server profile statistics Description Displays the configuration and statistics of the controller’s web server. Syntax Parameter Description Range Default profile Displays the web server configuration profile. — — statistics Displays the web server statistics. This command helps to troubleshoot Captive Portal scale issues. — — Example The output of this command shows the web-server configuration.
Scoreboard Key: _ - Waiting for Connection, s - Starting up R - Reading Request, W - Sending Reply K - Keepalive, D - DNS Lookup C - Closing connection, L - Logging G - Gracefully finishing, I - Idle cleanup of worker . - Open slot with no current process The output of the show web-server statistics command includes the following parameters. Parameter Description Current Request Rate HTTP/HTTPS request rate measured immediately within the last one second.
Version Description ArubaOS 6.4.2.5 The Enable bypass captive portal landing page parameter was introduced. ArubaOS 6.4.4.0 The User absolute session timeout <30-3600> (seconds) parameter was introduced as part of the show web-server profile command output. The Web Skype4b Listen Port parameter was introduced, replacing the Web Lync Listen Port parameter introduced in ArubaOSS 6.3. ArubaOS 6.5 The Exclude Security Headers from HTTP Response parameter was introduced.
show web-proxy show web-proxy Description Displays information about the port and server configured for the web-proxy. Example The following command shows the port configured for the web-proxy server. (host)#show web-proxy Server: arubaproxy.com port: 8080 Related Commands Command web-proxy server Description Mode This command configures the web-proxy server related information. Config mode Command History Version ArubaOS 6.5 Modification Command introduced.
show whitelist-db cpsec show whitelist-db cpsec cert-type {factory-cert|switch-cert} mac-address page start state {approved-ready-for-cert|certified-factory-cert|unapproved-factory-cert|unapprovedno-cert} Description Display the campus AP whitelist for campus APs using the control plane security feature. Syntax Parameter cert-type factory-cert|switch-cert Description l factory-cert: Use this parameter if AP is using a factory certificate.
Control-Plane Security Whitelist-entry Details ---------------------------------------------MAC-Address AP-Group AP-Name -----------------------00:16:CF:AF:3E:E1 employee ap-office1 Cert-Type --------switch-cert Description ----------- Revoke Text ----------- Enable -----Enabled State ----cert-cont-cert Last Updated -----------Fri Oct 16 01:21:09 2009 Whitelist Entries: 1 The output of this command includes the following parameters: Parameter Description MAC-Address MAC address of the campus AP.
Related Commands Command Description whitelist-db cpsec add mac-address Mode Configure the campus AP whitelist for the control plane security feature. Config mode Command History Release Modification ArubaOS 5.0 Command introduced. ArubaOS 6.4.1.0 The following new parameters were introduced: ArubaOS 6.4.3.0 l cert-type l page l start l state The ap-group and ap-name parameters were introduced as part of this command output.
show whitelist-db cpsec-local-switch-list show whitelist-db cpsec-local-switch-list [mac-address ] Description Display the list of local controllers with APs using the control plane security feature. Syntax Parameter Description mac-address MAC address of the local controller whose data you want to view.
Parameter Description Sequence Number The number of times the local controller in the whitelist received and acknowledged a campus AP whitelist change from the master controller. In the example above, both local controllers received and acknowledged three campus AP whitelist changes sent from the master controller. Remote Sequence Number The number of times that the master controller has received and acknowledged a campus AP whitelist change from the local controller in the whitelist.
show whitelist-db cpsec-master-switch-list show cpsec-master-ctlr-list-db cpsec show whitelist-db cpsec-master-switch-list [mac-address ] Description Display the master switch list whitelist on local controllers with APs using the control plane security feature. Syntax Parameter Description mac-address MAC address of the master controller.
Parameter Description Sequence Number The number of times the master controller in the whitelist received and acknowledged a campus AP whitelist change from the local controller. In the example above, the master controller received and acknowledged one campus AP whitelist change from the local controller. Remote Sequence Number The number of times that the local controller has received and acknowledged a campus AP whitelist change from the master controller in the whitelist.
show whitelist-db cpsec-seq show whitelist-db cpsec-seq Description Display the current sequence number for the master or local controller whitelists. Syntax No Parameters Usage Guidelines The current sequence number in the Sequence Number Details table shows the number of changes to the campus AP whitelist made on this controller. Each controller compares its campus AP whitelist against whitelists on other controllers every two minutes.
Related Commands Command Description whitelist-db cpsec add mac-address Configure the campus AP whitelist for the control plane security feature. Mode Config mode Command History This command was introduced in ArubaOS 5.0. Command Information Platforms All platforms 2041| show whitelist-db cpsec-seq Licensing Base operating system Command Mode Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show whitelist-db cpsec-status show whitelist-db cpsec-status [lms-list] Description Display aggregate status information APs in the campus AP whitelist. Syntax Parameter Description lms-list Displays a list of LMS IP addresses. Example The output of the following command shows current status information for all APs in the campus AP whitelist: (host) #show whitelist-db cpsec-status My Mac-Address My IP-Address Master IP-Address Switch-Role Whitelist-sync is enabled 00:1a:1e:00:89:b8 192.0.2.1 192.0.
Parameter Description Total entries Total number of entries in the campus AP whitelist Approved entries: Number of APs that are valid, but is waiting to receive a certificate. Unapproved entries Number of APs that have certificate that was not not approved. Certified entries Number of APs that have an approved certificate. Certified hold entries Number of APs in the certified hold state.
show whitelist-db rap show whitelist-db rap apgroup apname export-css fullname long mac-address page start Description View detailed information for the remote AP whitelist database. Syntax Parameter Description apgroup Display specific AP-entries for this AP-group. apname Display specific AP-entry for this AP-name. export-css Export the remote AP white list to a file in the controller's /flash/config/ folder.
00:0b:86:66:02:09 AP_Authenticated ---------------Authenticated Provisioned Authenticated Authenticated Provisioned default LAB-AP Description ----------- Date-Added ---------Thu Mar 5 Thu Mar 5 Wed Mar 4 Tue May 19 Fri May 8 21:25:36 21:25:49 20:16:16 07:53:29 10:37:40 2009 2009 2009 2009 2009 Enabled ------Yes No Yes Yes Yes Remote-IP ------192.0.2.3 192.0.2.78 192.0.2.6 192.0.2.12 192.0.2.
Parameter Description Description A text string used to further identify the remote AP. Date-Added Date and time that the AP was added to the local user database Enabled This column shows if the entry in the database is enabled or disabled.
show whitelist-db rap-local-switch-list show whitelist-db rap-local-switch-list [mac-address ] Description Display the remote AP whitelist local switch list on a master controller. Syntax Parameter Description mac-address MAC address of the local controller whose data you want to view. Usage Guidelines When you have remote APs on a network with both master and local controllers, the master controller maintains a whitelist of local controllers with remote APs.
The output of this command includes the following information: Parameter Description Active Shows if the controller is active on the network. l 1: Active l 0: Inactive MAC-Address MAC address of the local controller. IP-Address IP address of the local controller. Sequence Number The number of times the local controller in the whitelist received and acknowledged a remote AP whitelist change from the master controller.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show whitelist-db rap-master-switch-list show whitelist-db rap-local-switch-list [mac-address ] Description Display the remote AP whitelist master switch list on local controllers with remote APs Syntax Parameter Description mac-address MAC address of the local controller whose data you want to view.
Parameter Description MAC-Address MAC address of the mastercontroller. IP-Address IP address of the mastercontroller. Sequence Number The number of times the mastercontroller in the whitelist received and acknowledged a remote AP whitelist change from the local controller. In the example above, the master controllers received and acknowledged three remote AP whitelist changes sent from a local controller.
show whitelist-db rap-status show whitelist-db rap-status Description Display aggregate status information APs in the remote AP whitelist. Syntax No parameters.
Command History This command was introduced in ArubaOS 5.0. Command Information Platforms All platforms 2053| show whitelist-db rap-status Licensing Base operating system. Command Mode Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show wlan anyspot-profile show wlan anyspot-profile [] Description The output of this command displays configuration settings for a WLAN anyspot profile. Syntax Parameter Description Name of an anyspot profile Usage Guidelines The anyspot client probe suppression feature decreases network traffic by suppressing probe requests from clients attempting to locate and connect to other known networks.
Related Commands Command wlan anyspot-profile Description The anyspot client probe suppression feature decreases network traffic by suppressing probe requests from clients attempting to locate and connect to other known networks. Command History Version ArubaOS 6.4.3.0 Description Command introduced. Command Information Platforms All platforms 2055| show wlan anyspot-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show wlan bcn-rpt-req-profile show wlan bcn-rpt-req-profile Description Shows configuration and other information about the parameters for the Beacon Report Request frames. Syntax Parameter Description Name of a WLAN beacon report request profile. Usage Guidelines Issue this command without the parameter to display the entire Beacon Report Request profile list, including profile status and the number of references to each profile.
Parameter Description Interface Specifies the Radio interface for transmitting the Beacon Report Request frame. It can have a value of either 0 or 1. Regulatory Class Specifies the Regulatory Class field in the Beacon Report Request frame. Channel Specifies the Channel field in the Beacon Report Request frame. Randomization Interval Specifies the Randomization Interval field in the Beacon Report Request frame.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show wlan dot11k-profile show wlan dot11k-profile [] Description Show a list of all 802.11k profiles, or display detailed configuration information for a specific 802.11k profile. Syntax Parameter Description Name of an 802.11k profile. Usage Guidelines Issue this command without the parameter to display the 802.11k profile list, including profile status and the number of references to each profile.
Parameter Description Advertise 802.11K Capability Shows if the profile has enabled or disabled the 802.11K feature. Forcefully disassociate onhook voice clients If enabled, the AP may forcefully disassociate clients that reach the maximum CAC peak capacity or call handoff reservation.
show wlan dot11r-profile show wlan dot11r-profile [] Description Show a list of all 802.11r profiles, or display detailed configuration information for a specific 802.11r profile. Syntax Parameter Description Name of an 802.11r profile. Usage Guidelines Issue this command without the parameter to display the 802.11r profile list, including profile status and the number of references to each profile.
Parameter Description 802.11r Mobility Domain ID Shows the unique ID that identifies the mobility domain. 802.11r R1 Key Duration Shows the r1 key timeout value in seconds for decrypt-tunnel or bridge mode. 802.11r R1 Key Assignment Shows if the r1 key assignment is static or dynamic. Command History This command was introduced in ArubaOS 6.3.
show wlan edca-parameters-profile show wlan edca-parameters-profile ap|station [] Description Display an Enhanced Distributed Channel Access (EDCA) profile for APs or for clients (stations). EDCA profiles are specific either to APs or clients. Syntax Parameter Description Name of a EDCA Parameters profile. Usage Guidelines Issue this command without the parameter to display a EDCA Parameters profile list, including profile status and the number of references to each profile.
Parameter Description AC Name of an Access channel queue (Best-effort, Background, Video or Voice). ECWmin The exponential (n) value of the minimum contention window size, as expressed by 2n-1. A value of 4 computes to 24-1 = 15. ECWmax The exponential (n) value of the maximum contention window size, as expressed by 2n-1. A value of 4 computes to 24-1 = 15. AIFSN Arbitrary inter-frame space number. TXOP Transmission opportunity, in units of 32 microseconds.
show wlan handover-trigger-profile show wlan handover-trigger-profile [] Description Displays the current configuration settings for a handover trigger profile. Usage Guidelines Issue this command without the parameter to display a handover trigger profile profile list, including profile status and the number of references to each profile. Include a profile name to display detailed configuration information for that profile. For this profile to take effect, the 802.
show wlan hotspot advertisement-profile show wlan hotspot advertisement-profile [] Description The output of this command displays settings for a WLAN ANQP advertisement profile. Syntax Parameter Description Name of a wlan hotspot advertisement profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles and Hotspot 2.0 Query Protocol (H2QP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
ANQP Domain Name Profile corp_domain The output of this command includes the following parameters: Parameter Description ANQP Venue Name Profile Name of the ANQP Venue Name profile associated with this WLAN advertisement profile. ANQP Network Authentication Profile Name of the ANQP Network Authentication profile associated with this WLAN advertisement profile. ANQP Roaming Consortium Profile Name of the ANQP Roaming Consortium profile associated with this WLAN advertisement profile.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show wlan hotspot anqp-3gpp-nwk-profile show wlan hotspot anqp-3gpp-nwk-profile [] Description This profile shows the configuration settings for for a 3rd Generation Partnership Project (3GPP) Cellular Network profile. Syntax Parameter Description Name of a 3GPP Cellular Network profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
Parameter Description ANQP 3GPP network profile enable Shows if this profile has been enabled ANQP 3GPP Cellular Network profiles are disabled by default. 3gpp PLMN1 The Public Land Mobile Networks (PLMN) value of the highest-priority network. The PLMN is comprised of a 12-bit Mobile Country Code (MCC) and the 12-bit Mobile Network Code (MNC). 3gpp PLMN2 The Public Land Mobile Networks (PLMN) value of the second-highest priority network.
Related Commands wlan hotspot anqp-3gpp-nwk-profile Command History This command was introduced in ArubaOS 6.4 Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show wlan hotspot anqp-domain-name-profile show wlan hotspot anqp-domain-name-profile [] Description The output of this command displays settings for a WLAN ANQP Domain Name profile. Syntax Parameter Description Name of a Domain Name profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
The output of this command includes the following parameters: Parameter Description Domain Name Domain name of the hotspot operator. Related Commands wlan hotspot anqp-domain-name-profile .Command History The command was introduced in ArubaOS 6.4 Command Information Platforms All platforms Licensing Base operating system 2073| show wlan hotspot anqp-domain-name-profile Command Mode Enable and Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
show wlan hotspot anqp-ip-addr-avail-profile show wlan hotspot anqp-ip-addr-avail-profile [] Description The output of this command displays settings for a WLAN ANQP IP Address Availability profile. Syntax Parameter Description Name of an IP Address Availability profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
------------IPv4 Address Availability Type public IPv6 Address Availability Type not-available The output of this command includes the following parameters: Parameter IPv4 Address Availability Type IPv6 Address Availability Type Description Indicates the availability of an IPv4 network. This parameter can display any of the following values: l availability-unknown: Network availability cannot be determined. l not-available : Network is not available.
show wlan hotspot anqp-nai-realm-profile show wlan hotspot anqp-nai-realm-profile [] Description The output of this command displays settings for a WLAN ANQP Network Access Identifier (NAI) Realm profile. Syntax Parameter Description Name of an NAI Realm profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
--------NAI Realm name NAI Realm EAP Method NAI Realm Authentication Parameter Type ----example.com eap-ttls expanded-eap The output of this command includes the following parameters: Parameter Description NAI Realm name Name of the NAI realm. The realm name is often the domain name of the service provider.
show wlan hotspot anqp-nwk-auth-profile show wlan hotspot anqp-nwk-auth-profile [] Description The output of this command displays settings for a WLAN ANQP network authentication profile. Syntax Parameter Description Name of an ANQP Network Authentication profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
Parameter Type of Network Authentication Redirect URL Description Network Authentication Type being used by the hotspot network. This parameter can be any of the following values: l acceptance: Network requires the user to accept terms and conditions. l dns-redirection: Additional information on the network is provided through DNS redirection. l http-https-redirection : Additional information on the network is provided through HTTP/HTTPS redirection.
show wlan hotspot anqp-roam-cons-profile show wlan hotspot anqp-roam-cons-profile [] Description The output of this command displays settings for a WLAN ANQP Roaming Consortium profile. Syntax Parameter Description Name of an ANQP Roaming Consortium profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
Roaming consortium OI Len b32af0 The output of this command includes the following parameters: Parameter Description Roaming consortium OI Len Length of the OI. The roaming consortium OI length parameter is based upon the number of octets of the Roaming consortium OI. This parameter can have the following values: Roaming Consortium OI l 0: 0 Octets in the OI (Null) l 3: OI length is 24-bit (3 Octets) l 5: OI length is 36-bit (5 Octets) The roaming consortium OI sent in a GAS query response.
show wlan hotspot anqp-venue-name-profile show wlan hotspot anqp-venue-name-profile [] Description The output of this command displays settings for a WLAN ANQP Venue Name profile. Syntax Parameter Description Name of an ANQP Venue Name profile. Usage Guidelines Access Network Query Protocol (ANQP) profiles define the 802.11u Information Elements (IEs) to be broadcast by an 802.11u-capable AP.
Type of Venue Venue Name mercantile-shopping-mall Westfield_Mall The output of this command includes the following parameters: Parameter Venue Group Description The venue group to be advertised in the ANQP Information Elements (IEs) from APs associated with this profile.
show wlan hotspot hs2-profile show wlan hotspot h2-profile [] Description The output of this command displays settings for a Hotspot profile. Syntax Parameter Description Name of a Hotspot profile.
Roaming Consortium Len Entry 1 Roaming Consortium OI Entry 1 Roaming Consortium Len Entry 2 Roaming Consortium OI Entry 2 Roaming Consortium Len Entry 3 Roaming Consortium OI Entry 3 Additional Roaming Consortium OI's(displayed in Advertisement Profile) Venue Group Type Venue Type mall Type of Hotspot 2.
Parameter Roaming Consortium Len Entry 1 Description Length of the OI. This value is based upon the number of octets in the Roaming Consortium OI Entry 1 field. l 0: Zero Octets in the OI (Null) l 3: OI length is 24-bit (3 Octets) l 5: OI length is 36-bit (5 Octets) Roaming Consortium OI Entry 1 Roaming consortium OI assigned to one of the service provider’s top three roaming partners.
Parameter Description Advertisement Profile l emergency: Emergency Alert System( EAS) l mih-cmd-event: Media Independent Handover (MIH) Command and Event Services Capability Discovery l mih-info: Media Independent Handover (MIH) Information Service. This option allows handovers between differing kinds of wireless access protocols and technologies, allowing access points on different IP subnets to communicate with each other at the link level while maintaining session continuity.
show wlan hotspot h2qp-conn-capability-profile show wlan hotspot h2qp-conn-capability-profile [] Description The output of this command displays settings for a WLAN Hotspot 2.0 Query Protocol (H2QP) connection capability profile. Syntax Parameter Description Name of Hotspot 2.
H2QP H2QP H2QP H2QP H2QP H2QP H2QP H2QP H2QP H2QP H2QP Connection Connection Connection Connection Connection Connection Connection Connection Connection Connection Connection Capability Capability Capability Capability Capability Capability Capability Capability Capability Capability Capability ICMP port FTP port(TCP Protocol) SSH port(TCP Protocol) HTTP port(TCP Protocol) TLS VPN port(TCP Protocol) PPTP VPN port(TCP Protocol) VOIP port(TCP Protocol) VOIP port(UDP Protocol) IKEv2 port for IPSec VPN May
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show wlan hotspot h2qp-op-cl-profile show wlan hotspot h2qp-op-cl-profile [] Description The output of this command displays settings for a WLAN Hotspot 2.0 Query Protocol (H2QP) operating class profile. Syntax Parameter Description Name of Hotspot 2.0 Query Protocol (H2QP) operating class profile Usage Guidelines The values configured in this H2QP Operating Class profile list the channels on which the hotspot is capable of operating.
Related Commands wlan hotspot h2qp-op-cl-profile Command History This command was introduced in ArubaOS 6.3 Command Information Platforms All platforms 2092| show wlan hotspot h2qp-op-cl-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show wlan hotspot h2qp-operator-friendly-name-profile show wlan hotspot h2qp-operator-friendly-name-profile [] Description The output of this command displays settings for a Hotspot 2.0 Query Protocol (H2QP) operator-friendly name profile. Syntax Parameter Description Name of H2QP operator-friendly name profile. Usage Guidelines The operator-friendly name defined in this profile is a free-form text field that can identify the operator and also something about the location.
Parameter Operator Friendly Name Language Code Description An ISO 639 language code that identifies the language used in the Operator Friendly Name field. Operator Friendly Name An operator-friendly name sent by devices using this profile. The name can be up to 64 alphanumeric characters, and can include special characters and spaces. If the name includes quotation marks (“), you must include a backslash character (\) before each quotation mark. (e.g. \"example\") Command History This command was introd
show wlan hotspot h2qp-wan-metrics-profile show wlan hotspot h2qp-wan-metrics-profile [] Description The output of this command displays settings for a Hotspot 2.0 Query Protocol (H2QP) WAN metrics profile. Syntax Parameter Description Name of H2QP WAN metrics profile.
Parameter H2QP WAN metrics link status Description Indicates the status of the WAN Link by displaying one of the following values. The default link status is reserved, which indicates that the link status is unknown or unspecified. l link_down l link_test l link_up l reserved H2QP WAN metrics symmetric WAN link This parameter indicates if the WAN Link has same speed in both the uplink and downlink directions.
show wlan ht-ssid-profile show wlan ht-ssid-profile [] Description Show a list of all High-throughput SSID profiles, or display detailed configuration information for a specific High-throughput SSID profile. Syntax Parameter Description Name of a High-throughput SSID profile. Usage Guidelines Issue this command without the parameter to display the entire High-throughput SSID profile list, including profile status and the number of references to each profile.
MPDU Aggregation Max received A-MPDU size Max transmitted A-MPDU size Min MPDU start spacing Short guard interval in 20 MHz mode Short guard interval in 40 MHz mode Short guard interval in 80 MHz mode Supported MCS set VHT - Supported MCS map VHT - Explicit Transmit Beamforming VHT - Transmit Beamforming Sounding Interval VHT - Multi User Transmit Beamforming Maximum VHT MPDU size Maximum number of MSDUs in an A-MSDU on best-effort AC Maximum number of MSDUs in an A-MSDU on background AC Maximum number of M
Parameter Low-density Parity Check Description If enabled, the AP will advertise Low-density Parity Check (LDPC) support. LDPC improves data transmission over radio channels with high levels of background noise. Default: Enabled. Maximum number of spatial streams usable for STBC reception Displays the maximum number of spatial streams usable for Space-Time Block Code (STBC) reception. 0 disables STBC reception, 1 uses STBC for MCS 0-7. Higher MCS values are not supported.
Parameter Description Default: Enabled. Supported MCS set Displays a list of Modulation Coding Scheme (MCS) values or ranges of values to be supported on this SSID. The MCS you choose determines the channel width (20 MHz vs. 40 MHz vs. 80 MHz) and the number of spatial streams used by the mesh node. Default: 0-31 VHT - Supported MCS map l MCS value of 16-23 are supported on W-AP130 Series/WIAP155/11ac APs only. l MCS value of 24-31 are supported on W-AP320 Series APs only.
Parameter Description Default: 11454 bytes. Maximum number of MSDUs in an A-MSDU on best-effort AC Displays the maximum number of MSDUs in a TX A-MSDU on best-effort Access Category (AC). Default: 2. NOTE: In tunnel and decrypt-tunnel forwarding mode, TX AMSDU is disabled if the value is set to 0. If the value is set to non-zero, TX A-MSDU is enabled and set to this value. Maximum number of MSDUs in an A-MSDU on background AC Displays the maximum number of MSDUs in a TX A-MSDU on background AC.
Version Description The Allow Weak Encryption parameter was deprecated. ArubaOS 6.2 ArubaOS 6.3 The following parameters were introduced. l Transmit Beamforming Compressed Steering l Transmit Beamforming non Compressed Steering l Transmit Beamforming delayed feedback support l Transmit Beamforming immediate feedback support l Transmit Beamforming Sounding Interval The following parameters were introduced.
Dell Networking W-Series ArubaOS 6.5.
show wlan ssid-profile show wlan ssid-profile [] Description Show a list of all SSID profiles, or display detailed configuration information for a specific SSID profile. Syntax Parameter Description Name of an SSID profile. Usage Guidelines Issue this command without the parameter to display the entire SSID profile list, including profile status and the number of references to each profile.
802.
Parameter Description DTIM Interval The interval, in milliseconds, between the sending of Delivery Traffic Indication Messages (DTIMs) in the beacon. 802.11a Basic Rates List of supported 802.11a rates, in Mbps, that are advertised in beacon frames and probe responses. 802.11a Transmit Rates Set of 802.11a rates at which the AP is allowed to send data. 802.11g Basic Rates List of supported 802.11b/g rates, in Mbps, that are advertised in beacon frames and probe responses. 802.
Parameter Description DSCP mapping for WMM video AC DSCP value used to map WMM video traffic. DSCP mapping for WMM best-effort AC DSCP value used to map WMM best-effort traffic. DSCP mapping for WMM background AC DSCP value used to map WMM background traffic. 902il Compatibility Mode (For clients using NTT DoCoMo 902iL phones only) When enabled, the controller does not drop packets from the client if a small or old initialization vector value is received.
Parameter Description WEP Key 2 Displays the Static WEP key associated with this key index. WEP Key 3 Displays the Static WEP key associated with this key index. WEP Key 4 Displays the Static WEP key associated with this key index. WEP Transmit Key Index Show the key index that specifies which static WEP key is to be used WPA Hexkey WPA pre-shared key (PSK). WPA Passphrase WPA passphrase used to generate a preshared key (PSK).
Parameter Description 802.11g Beacon Rate The beacon rate for 802.11g (use for Distributed Antenna System (DAS) only). Using this parameter in normal operation may cause connectivity problems. 802.11a Beacon Rate The beacon rate for 802.11a (use for Distributed Antenna System (DAS) only). Using this parameter in normal operation may cause connectivity problems. Video Multicast Rate Optimization The rate for video multicast frames.
Parameter Description Enable OKC The status of the Opportunistic Key Caching. Opportunistic Key Caching (OKC) is a similar technique, not defined by 802.11i, available for authentication between multiple APs in a network where those APs are under common administrative control. A Dell deployment with multiple APs under the control of a single controller is one such example.
Release Modification ArubaOS 6.4 l The Enable Management Frame Protection and Require Management Frame Protection parameters were added. l The Rate Optimization for delivering EAPOL frames parameter was enabled by default. ArubaOS 6.4.2.0 The description of the Video Multicast Rate Optimization parameter was changed to denote the rate for video multicast frames. ArubaOS 6.4.3.0 The Auth Request Threshold (dB) parameter was introduced.
show wlan traffic-management-profile show wlan traffic-management-profile [] Description Show a list of all traffic management profiles, or display detailed configuration information for a specific traffic management profile. Syntax Parameter Description Name of a Traffic Management profile. Usage Guidelines Issue this command without the parameter to display the entire Traffic Management profile list, including profile status and the number of references to each profile.
Parameter Description Report interval Number of minutes between bandwidth usage reports. Station Shaping Policy Shows which of three possible Station Shaping policies is configured on the profile. l default-access: Traffic shaping is disabled, and client performance is dependent on MAC contention resolution. This is the default traffic shaping setting. l fair-access: Each client gets the same airtime, regardless of client capability and capacity.
show wlan tsm-req-profile show wlan tsm-req-profile Description Shows configuration and other information about the parameters for the Transmit Stream/Category Measurement Request frames. Syntax Parameter Description Name of this instance of the profile. name must be 1-63 characters. Usage Guidelines Issue this command without the parameter to display the entire TSM Request profile list, including profile status and the number of references to each profile.
Parameter Description Measurement Duration Shows the Measurement Duration field in the Transmit Stream/Category Measurement Request frame. Traffic ID Shows the Traffic Identifier field in the Transmit Stream/Category Measurement Request frame. Bin 0 Range Shows the 'Bin 0 Range' field in the Transmit Stream/Category Measurement Request frame. Command History This command is introduced in ArubaOS 6.2.
show wlan virtual-ap show wlan virtual-ap Description Show a list of all Virtual AP profiles, or display detailed configuration information for a specific Virtual AP profile. Syntax Parameter Description Name of a Virtual AP profile Usage Guidelines Issue this command without the parameter to display the entire Virtual AP profile list, including profile status and the number of references to each profile.
Dynamic Multicast Optimization (DMO) Dynamic Multicast Optimization (DMO) Drop Broadcast and Multicast Convert Broadcast ARP requests to unicast Authentication Failure Blacklist Time Blacklist Time Deny inter user traffic Deny time range DoS Prevention HA Discovery on-association Mobile IP Preserve Client VLAN Remote-AP Operation Station Blacklisting Strict Compliance VLAN Mobility FDB Update on Assoc WMM Traffic Management Profile Anyspot Profile Enabled Threshold Disabled Enabled 3600 sec 3600 sec Disabl
Parameter Description When an AP is configured to use the decrypttunnel forwarding mode, that AP decrypts and decapsulates all 802.11 frames from a client and sends the 802.3 frames through the GRE tunnel to to the controller, which then applies firewall policies to the user traffic. When the controller sends traffic to a client, the controller sends 802.3 traffic through the GRE tunnel to the AP, which then converts it to encrypted 802.11 and forwards to the client.
Parameter Description Dynamic Multicast Optimization (DMO) If enabled DMO techniques will be used to reliably transmit video data. Dynamic Multicast Optimization (DMO) Threshold Maximum number of high-throughput stations in a multicast group beyond which dynamic multicast optimization stops. Drop Broadcast and Multicast If enabled, the virtual AP will filter out broadcast and multicast traffic in the air.
Parameter Description NOTE: ha-disc-onassoc parameter works only when IP mobility is enabled and configured on the controller. Mobile IP Shows if the profile has enabled or disabled IP mobility. Preserve Client VLAN This parameter allows clients to retain their previous VLAN assignment if the client disassociates from an AP and then immediately reassociates either with same AP or another AP on same controller.
Parameter Description Fast Roaming Shows if the AP has enabled or disabled fast roaming. VLAN Mobility Shows if the AP has enabled or disabled VLAN (Layer-2) mobility. WMM Traffic Management Profile WMM Traffic Management Profile associated with this Virtual AP Profile Anyspot profile Anyspot Profile associated with this Virtual AP Profile Command History This command was introduced in ArubaOS 3.
show wlan voip-cac-profile show wlan voip-cac-profile [] Description Show a list of all VoIP Call Admission Control (CAC) profiles, or display detailed configuration information for a specific VoIP CAC profile. Syntax Parameter Description Name of a VoIP CAC profile Usage Guidelines Issue this command without the parameter to display the entire VoIP CAC profile list, including profile status and the number of references to each profile.
Allow Idle VOIP Client Disabled The output of this command includes the following data columns: Parameter Description VoIP Call Admission Control Shows if the profile enables or disables Wi-Fi VoIP CAC features. VoIP Bandwidth based CAC Shows the desired CAC mechanism: l Disable - CAC is based on Call Counts l Enable - CAC should be based on Bandwidth. VoIP Call Capacity Number of simultaneous calls that can be handled by one radio.
Parameter Description Allow Idle VOIP Client l 486: Busy Here l 503: Service Unavailable l none: Don't send SIP status code Displays the status of the allow-idlevoip-client parameter. If enabled, the AP allows idle voice clients to associate even if the AP reaches its call capacity limit. If disabled, the AP rejects idle voice clients to associate if the AP reaches its call capacity limit. However, the AP continues to allow active (in-call) and non-voice clients to associate.
Command Information Platforms All platforms 2125| show wlan voip-cac-profile Licensing Base operating system Command Mode Enable and Config mode on master or local controllers. Dell Networking W-Series ArubaOS 6.5.
show wlan wmm-traffic-management-profile show wlan wmm-traffic-management-profile [] Description Display a list of all WMM traffic management profiles, or display detailed configuration information for a specific WMM traffic management profile. Syntax Parameter Description Name of the WMM traffic management profile.
Parameter Description Enable Shaping Policy Displays if WMM based traffic shaping is enabled on the controller. Voice Share Displays the bandwidth allocation in percentage (%) for voice access traffic category. Viceo Share Displays the bandwidth allocation in percentage (%) for video access traffic category. Best-effort Share Displays the bandwidth allocation in percentage (%) for best effort access traffic category.
show wms ap show wms ap {}|list|{stats [mon-mac bssid } Description Display information for APs currently monitored by the ArubaOS Wireless Management System (WMS). Syntax Parameter Description Enter the AP’s BSSID number in hexadecimal format (XX:XX:XX:XX:XX:XX). list Show the AP Tree table for all APs. stats Show the AP Statistics table for all APs. mon-mac Show the AP Tree table for an AP with the specified MAC address.
Column Description BSSID Basic Service Set Identifier for the AP. This is usually the AP’s MAC address. SSID The Service Set Identifier that identifies a wireless network. Channel Channel used by the AP’s radio. Type A WMS AP type can be one of the following: RAP_Type l soft-ap: A Dell Access Point (AP). l air-monitor: A Dell Air Monitor (AM).
Column Description l soft-ap: A Dell Access Point (AP). l air-monitor: A Dell Air Monitor (AM). Status If up, the AP is active. If down (or no information is shown) the AP is inactive. AP Type AP model type. The example below shows received and transmitted data statistics for each BSSID seen by a monitoring AP.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The mon-mac and bssid parameters for the list option were deprecated. Command Information Platforms All platforms 2131| show wms ap Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show wms channel show wms channel stats Description Display per-channel statistics for monitored APs. Syntax No parameters. Example This example shows per-channel statistics for monitored APs.
Column Description NumAP Number of other APs seen on the specified channel. NumSta Number stations seen on the specified channel. TotalPkt Number of received packets. TotalByte Number of received bytes. Noise Current noise level. The output of this command includes the following information: Command History This command was introduced in ArubaOS 3.
show wms client show wms client |{list}|{probe }|{stats [mon-mac mac ]}|{validexempt} Description Display a list of client information for the clients that can be seen by monitoring APs. Syntax Parameter Description Show statistics for a client with the specified MAC address, including the BSSID of the AP to which that client is currently associated, and the MAC addresses of other monitoring APs that can see that client. list Show statistics for all monitored clients.
--00:0b:86:a2:2b:50 00:0b:86:ad:94:40 00:0b:86:cd:86:a0 Column -192.168.2.10 192.168.2.5 192.168.2.4 ---0 0 0 ---soft-ap soft-ap soft-ap -----up up up ---LeftAP 1.1.1 CEO ------61 61 70 Description MAC MAC address of the client Type Station type (valid, interfering, or disabled rogue client ) Status If up, the client is active. If down (or no information is shown) the client is inactive.
Column Description l air-monitor: Dell Air Monitor (AM). Status If up, the probe is active. If down (or no information is shown) the probe is inactive. Name Name of the probe. If a name has not been defined for the probe, this column may display a zero (0). AP type Model type of the probe. The output of this command includes the following information: Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.4.4.0 The following parameter was introduced.
show wms counters show wms counters [debug|event] Description Show WMS event and debug counters. If you omit the optional debug and events parameters, the show wms counters command will display the frequently used (general) counters in a single table. Syntax Parameter Description debug Show debug counters only. events Show events counters only. If you omit the debug and events parameters, the show wms counters will display the frequently used (general) counters in a single table.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.4.4.0 The following counter was introduced. Valid Exempt Station Macs Command Information Platforms All platforms 2138| show wms counters Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show wms monitor-summary show wms channel stats Description Display the numbers of different AP and client types monitored over the last 5 minutes, 1 hour, and since the controller was last reset. Syntax No parameters. Usage Guidelines The WLAN management system (WMS) on the controller monitors wireless traffic to detect any new AP or wireless client station that tries to connect to the network.
Command History Release Release ArubaOS 3.0. Command Introduced ArubaOS 6.1 The Disabled Rogue AP, Known Interfering APs and Interfering Clients entries were removed from the show command output, and the suspectedrogue, Manually Contained APs and Manually Contained Clients output entries were introduced. Command Information Platforms All platforms 2140| show wms monitor-summary Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show wms probe show wms probe Description Display detailed information for a list of WMS probes. Syntax No parameters. Example This example shows the Probe List table for WMS probes. The output below has been split into two tables to better fit in this document. In the actual command-line interface, this information appears in a single, long table.
Column Description LMS IP IP address of the AP’s local controller. Scan Shows if the Air Monitor is performing scanning. Status If the scan column displays a status of Up, the AP or AM is active Updates Number of updates the AP or AM sent to the WMS database since the controller was last reset. Reqs/Fails Number of database update requests that have not yet been added into the database. and the number of failed database requests. Stats Total number of statistics updates sent to the database.
show wms rogue-ap show wms rogue-ap Description Display statistics for APs classified as rogues APs. Syntax Parameter Description MAC address of a rogue AP. Example The output of this command shows statistics for a suspected Rogue AP, including how it was classified as a suspected rogue.
Column Description SSID The rogue AP’s Extended service set identifier. Channel Channel used by a radio on the rogue AP. Type Indicates if the AP is a Dell AP, a Cisco AP, or an AP from any other manufacturer (generic AP). RAP Type Type of rogue AP, l Suspect-unsecure: AP has not been confirmed as a rogue AP. l unsecure: AP has been confirmed as a rogue AP Status Shows if the AP is active (up) or inactive (down). Match Type Describes how the AP was classified as a rogue.
Column Description Suspect Match Types Describes how an AP was classified as a suspected rogue AP. Helper Ap BSSID BSSID of the AP or AM that helped classify a rogue AP. AP name Names of APs that are able to see the specified MAC address. Match Time Time the AP was identified as a rogue AP. Confidence Level Shows the level of confidence that the AP was classified correctly for each match type.
show wms routers show wms routers Description Show Learned Router Mac Information for WMS APs. Syntax Parameter Description MAC address of a probe that can see the router. Usage Guidelines This command displays the MAC addresses of devices that have been determined to be routers by the listed APs. This output of this command will be blank if there is not any broadcast/multicast activity in an AP's subnet.
Command Information Platforms All platforms 2147| show wms routers Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
show wms rules show wms rules config state summary Description Display the internal state and matching information of rules created using the ids ap-classification-rule change command. Syntax Parameter config state summary Description Display the following information for each AP classification rule.
l SNR of the AP l Discovered-AP-Count or the number of APs that can see the AP Example The output in the example below shows that although two rules have been defined, neither have been enabled using the ids ap-rule-matching rule-name command.
show wms system show wms system Description Show the WMS system configuration and system state. Syntax No parameters. Example This example shows the WMS System Configuration and System State tables.
Column Description Current Threshold Current number of table entries. Total AP Count Total number of statistics entries for monitored APs in the AP table. Total STA Count Total number of statistics entries for monitored stations in the Station table. MAX RB-tree Count Maximum number of entries allowed in the statistics. Total Tree Count Total number of entries currently in the statistics tree.
show wms wired-mac show wms wired-mac gw-mac [] monitored-ap-wm prop-eth-mac reg-ap-oui summary system-gw-mac system-wired-mac wireless-device} Description Display a summary table of Wireless Management System (wms) wired MAC information. This command can display a list of APs aware of a specific gateway MAC address, or list the wired MAC addresses known to a single AP. Syntax Column Description gw-mac Show Gateway Wired Mac Information Collected from the APs.
Column Description system-gw-mac Show system gateway MAC information learned at the controller, including the age of each MAC address. If you include the optional MAC address parameter, the output of this command will show information for that single MAC address only. system-wired-mac Show system wired MAC information learned at the controller. If you include the optional MAC address parameter, the output of this command will show information for that single MAC address only.
Command History Version Modification ArubaOS 3.0 Command Introduced ArubaOS 6.1 The ap-name parameter was deprecated, and the following parameters were introduced: l gw-mac l monitored-ap-wm l prop-eth-mac l reg-ap-oui l summary l system-gw-mac l system-wired-mac l wireless-device Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
show ip interface brief show ip interface brief Description View IP-related information on all interfaces in summary format. Syntax No parameters. Example (host) #show ip interface brief Interface vlan 1 vlan 2 loopback mgmt IP Address 172.16.0.254 10.4.62.9 unassigned unassigned / / / / / IP Netmask 255.255.255.0 255.255.255.0 unassigned unassigned Admin up up up down Protocol up up up down The following table details the columns and content in the show command.
shutdown shutdown all Description This command disables all interfaces on the controller. Usage Guidelines This command stops all traffic through the physical ports on the controller. The console port remains active. Use this command only when you have physical access to the controller, so that you can continue to manage using the console port. To shut down an individual interface, tunnel, or VLAN, use the shutdown option within the interface command. To restore the ports, use the no shutdown command.
snmp-server snmp-server community enable trap engine-id host IPv4/IPv6 Address|version {1 udp-port }|2c|{3 } [inform] [interval ] [retrycount ] [udp-port ]} inform queue-length source controller-ip stats trap enable|disable|{source [IPv4/IPv6 Address]} user [auth-prot {md5|sha} ] [priv-prot {AES|DES} ] Description This command configures SNMP parameters.
Parameter trap Description Range Default Source IP address of SNMP traps. — disable d disable Disables an SNMP trap. You can get a list of valid trap names using the show snmp trap-list command. — — enable Enables an SNMP trap. — — source Enter the source IPv4/IPv6 Address address for sending traps. — — udp-port The port number to which notification messages are sent. — 162 Configures an SNMPv3 user profile for the specified username.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
spanning-tree (Global Configuration) spanning-tree [forward-time | hello-time | max-age | priority | vlan range RSTP is backward compatible with STP and is enabled by default. For ease of use, this command uses the spanning tree keyword. Description This command is the global configuration for the Rapid Spanning Tree Protocol (RSTP) and Per VLAN Spanning Tree (PVST+). See spanning-tree (Configuration Interface) for details on the RSTP (config-if) command.
By default, all interfaces and ports on the controller run RSTP as specified in 802.1w and 802.1D. The default RSTP values can be used for most implementations. Use the no spanning-tree command to disable RSTP.
spanning-tree mode spanning-tree mode | Description Set the spanning tree mode to either Rapid Spanning Tree (802.1w) or PVST+ (Per VLAN Spanning Tree). Syntax Parameter Description rapid Set the spanning tree mode to RSTP (Rapid Spanning Tree Protocol). rapid-pvst Set the spanning tree mode to PVST+ (Per VLAN Spanning Tree protocol) Usage Guidelines Once the spanning tree mode is set, you can configure RSTP or PVST+. Command History Release Modification ArubaOS 6.
spanning-tree (Configuration Interface) spanning-tree cost point-to-point port-priority portfast vlan cost port-priority vlan range RSTP is backward compatible with STP and is enabled by default. For clarity, this RSTP command uses the spanning tree keyword. Description Dell’s RSTP implementation interoperates with both PVST (Per VLAN Spanning Tree 802.1D) and Rapid-PVST (802.1w) implementation on industry-standard router/switches.
Parameter Description Range cost Enter th keyword cost followed by the cost value to change the interface’s spanning tree path cost. 165535 port-priority Change the spanning tree priority. 0 - 255 vlan range Enter the keywords vlan range followed by the range of VLAN iID’s. Separate the VLAN IDs with a hyphen, comma or both to indicate the range. — Default 128 — For example: 2-3 or 2,4,6 or 26,11 Usage Guidelines Dell supports global instances of RSTP and PVST+.
(host) (config-if) #spanning-tree vlan range 2-8,11 Related Commands spanning-tree (Global Configuration) Command History Release Modification ArubaOS 6.0 Added support for PVST+ and VLAN and VLAN Range ArubaOS 3.4 Upgraded STP to RSTP with full backward compatibility. ArubaOS 1.0 Introduced the Spanning Tree Protocol (STP). Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
spanning-tree vlan range (PVST+) spanning-tree vlan range [forward-time | hello-time | max-age | priority ] Description Configure PVST+ on a range of VLANs. Syntax Parameter Description Range Default Enter a string representing the VLAN range -- -- forward-time Specifies the time, in seconds, the VLANs spends in the listening and learning state before transition to the forward state.
Command History Release ArubaOS 6.0 Modification Command introduced Command Information Platforms All Platforms 2167| spanning-tree vlan range (PVST+) Licensing Base operating system Command Mode Configuration Mode (config) Dell Networking W-Series ArubaOS 6.5.
ssh ssh disable_dsa | mgmt-auth {public-key [username/password] | username/password [public-key]} Description This command configures SSH access to the controller. Syntax Parameter Description Default disable_dsa Disables DSA authentication for SSH. Only RSA authentication is used. — mgmt-auth Configures authentication method for the management user. You can specify username/password only, public key only, or both username/password and public key.
ssh ssh This command must be executed from the enable mode of the controller. Description This command initiate a remote SSH session from the controller to a remote host. Syntax Parameter Description Enter the remote user name and IP address in the user@host format. Usage Guidelines The command usage guidelines are as follows: l This feature is supported from the SSH session of the controller only. l There is an inactivity timeout for the CLI sessions.
Command Information Platforms All platforms 2170| ssh Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
sso idp-profile sso idp-profile clone idp no Description This command configures an SSO Identity Provider (IDP) profile for use with application Single Sign-On (SSO) with L2 Authentication. Syntax Parameter Description clone Copies the data from another SSO IDP profile idp Configures the name and URL of the controller's IDP server. no Deletes the command.
stm add-blacklist-client kick-off-sta purge-blacklist-clients remove-blacklist-client Description This command is used to manually disconnect a client from an AP or control the blacklisting of clients. Syntax Parameter Description add-blacklist-client MAC address of the client to be added to the denial of service list.
Command History Version Modification ArubaOS 1.0 Command introduced. ArubaOS 6.0 The purge-client-blacklist parameter was introduced. The start-trace and stop-trace parameters are no longer functional. Command Information Platforms All platforms 2173| stm Licensing Base operating system Command Mode Enable mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
support support Description This command, which should be used only in conjunction with Dell customer support, is for controller debugging purposes only. Syntax No parameters. Usage Guidelines This command is used by Dell customer support for debugging the controller. Do not use this command without the guidance of Dell customer support. Example The following command allows Dell customer support to debug the controller: (host) #support Command History Version Modification ArubaOS 2.
syscontact syscontact Description This command configures the name of the system contact for the controller. Syntax Parameter Description syscontact An alphanumeric string that specifies the name of the system contact. Usage Guidelines Use this command to enter the name of the person who acts as the system contact or administrator for the controller. You can use a combination of numbers, letters, characters, and spaces to create the name.
syslocation syslocation Description This command configures the name of the system location for the controller. Syntax Parameter Description syslocation An alphanumeric string that specifies the name of the system location. Usage Guidelines Use this command to indicate the location of the controller. You can use a combination of numbers, letters, characters, and spaces to create the name. To include a space in the name, use quotation marks to enclose the text string.
tar tar clean {crash|flash|logs}| crash{kernel} | flash | logs {tech-support|user}} Description This command archives a directory. Syntax Parameter clean Description Removes a tar file crash Removes crash.tar flash Removes flash.tar.gz logs Removes logs.tar crash kernel Archives the crash directory to crash.tar. A crash directory must exist. Archives the kernel crash directory to kernel_crash.tar. flash Archives and compresses the /flash directory to flash.tar.gz.
Command History Version Description ArubaOS 3.0 Command introduced. ArubaOS 6.4 The kernel parameter was introduced. ArubaOS 6.4.2.5 The show dot1x watermark history was added as part of the techsupport.log file. Command Information Platforms All platforms 2178| tar Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
telnet telnet {cli|soe} Description Enable telnet to the controller or to an AP through the controller. Syntax Parameter Description Default cli Enable telnet using the CLI. Disabled soe Enable telnet using Serial over Ethernet (SoE). Disabled Usage Guidelines Use the cli option to enable telnet to the controller. Use the soe option to enable telnet using the SoE protocol. This allows you to remotely manage an AP directly connected to the controller.
telnet telnet [] This command must be executed from the enable mode of the controller. Description This command initiate a remote telnet session from the controller to a remote host. Syntax Parameter Description Enter the user name of the remote host. Enter the IP address of the remote host. Enter the telnet port number of the remote host. This is an optional parameter.
Command History Version ArubaOS 6.5 Modification Command introduced. Command Information Platforms All platforms 2181| telnet Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
threshold threshold controlpath-cpu controlpath-memory datapath-cpu no-of-APs no-of-locals total-tunnel-capacity user-capacity no ... Description This command configures controller capacity thresholds which, when exceeded, will trigger alerts. Syntax Parameter controlpath-cpu Description Set an alert threshold for controlpath CPU capacity.
Parameter Description A master controller can support a combined total of 256 branch and local controllers. The parameter is the percentage of the total master controller capacity that must be exceeded before the alert is sent. The default threshold for this parameter is 80%. total-tunnel-capacity Set an alert threshold for the controller’s tunnel capacity.
time-range time-range absolute [end ]|[start ] time-range periodic Daily to Friday to Monday to Saturday to Sunday to Thursday to Tuesday to Wednesday to Weekday to Weekend to no ... Description This command configures time ranges. Syntax Parameter Description Name of this time range.
Command Information Platforms All platforms 2185| time-range Licensing Next Generation Policy Enforcement Firewall (PEFNG) license. Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
tracepath tracepath Description Traces the path of an IPv6 host. Syntax Parameter Description The IPv6 global address of the host. Usage Guidelines Use this command to identify points of failure in your IPv6 network. Example The following command traces the path of the specified IPv6 host. (host) #tracepath 2005:d81f:f9f0:1001::14 Command History The command was introduced in ArubaOS 6.1.
traceroute traceroute source Description Trace the route to the specified IP address. Syntax Parameter source Description The destination IP address. Sets the source IP address through which packets are sent for tracing route. Usage Guidelines Use this command to identify points of failure in your network. Example The following command traces the route to the device identified by the IP address 10.1.2.3. (host) (config) #traceroute 10.1.2.
trusted trusted all Description This command makes all physical interfaces on the controller trusted ports. Syntax Parameter Description all Makes all ports on the controller trusted. Usage Guidelines Trusted ports are typically connected to internal controlled networks. Untrusted ports connect to third-party APs, public areas, or any other network to which the controller should provide access control. When APs are attached directly to the controller, set the connecting port to be trusted.
tunnel-group tunnel-group mode {l2|l3) no preemptive-failover tunnel Description This command creates a tunnel-group to group a set of tunnels. Syntax Parameter Description Default mode {l2|l3} Set the type of tunnel-group. l3 no Negates any parameter configured. — preemptive-failover When enabled, this option automatically redirects the traffic upon detecting an active tunnel with a higher precedence in the tunnel-group.
(host)(config) #tunnel-group tgroup1 (host)(config-tunnel-group)# mode l3 (host)(config-tunnel-group)# tunnel 10 (host)(config-tunnel-group)# tunnel 20 (host)(config-tunnel-group)#preemptive-failover Command History Version Modification ArubaOS 6.3 Command introduced. ArubaOS 6.4.2.3 The mode parameter was introduced. ArubaOS 6.4.3.0 The tunnel ID limit was changed from 2147483647 to 16777215. This command was introduced in ArubaOS 6.
tunnel-loop-prevention tunnel-loop-prevention Description This command prevents prevent forwarding loops between tunneled nodes on the controller. The tunneled node loop prevention function appears on the WebUI as the “Enable Wired Access Concentrator Loop Prevention” option. It is located on the Configuration > Advanced Services > Wired Access > Wired Access Concentration Configuration pane. Syntax No parameters.
tunnel-node-mtu tunnel-node-mtu Description This command configures the MTU of a tunneled node. Syntax Parameter Description tnode-mtu Value of the MTU for the tunneled nodes Range: 1024 to 9216 Usage Guidelines A Dell controller can operate as a Wi-Fi controller, terminating GRE tunnels from tunneled node switches. As a Wi-Fi controller, the controller does not perform full Wi-Fi switching functions.
tunneled-node-address tunneled-node-address Description This command configures the IP address of a tunneled node server. Syntax Parameter tunneled-node-address Description IP address of the controller. This is the loopback or IP address of the controller acting as a tunneled node controller. Usage Guidelines A Dell controller can operate as a Wi-Fi controller, terminating GRE tunnels from tunneled node switches.
upgrade upgrade verify target add|del all|{host }|{net } target purge Description Specify which local controllers using the centralized image upgrade feature should download the image from the image server, or verify the validity of an image on the upgrade server.
upgrade-profile auto-reboot filepath max-downloads <1-100> no ... password protocol tftp|ftp|scp serverip upgrade-enable username Description The settings in this centralized image upgrade profile allow the master controller to automatically upgrade its associated local controllers by sending an image from an image server to one or more local controllers.
Parameter Description Range Default username If you specified FTP or SCP for the protocol parameter field, enter the user name that ArubaOS uses to connect to the image server. - - Usage Guidelines This feature can be configured on a master controller only, and supports up to 100 simultaneous downloads. Example (host)(config)# upgrade-profile serverip 192.0.2.15 filepath /tftpboot auto-reboot upgrade-enable Command History Release ArubaOS 6.
uplink uplink cellular {apn | priority } disable enable health-check enable|disable|{ip {|} wired priority <1-255> wired vlan priority <1-255> Description Manage and configure the uplink network connection. Syntax Parameter cellular apn priority Description Set the cellular uplink configuration. This parameter has two sub-parameters: l apn: The access point name (apn) of the cellular uplink.
Usage Guidelines A controller that supports multiple 3G cellular uplinks in addition to its standard wired ports, provides redundancy in the event of a connection failure. If a controller's wired link cannot access the internet, the controller can fail over to a secondary cellular link and continue routing traffic. The uplink manager is enabled by default on branch controller uplinks.
usb-printer (deprecated) usb-printer [printer alias ] Description This command allows you to provide an alias to USB printers connected too older controllers not supported by this version of ArubaOS. Command History Release Modification ArubaOS 3.4 Command introduced ArubaOS 6.5 Command deprecated Dell Networking W-Series ArubaOS 6.5.
usb reclassify crypto-local usb reclassify
Description Disconnect and reclassify an USB device. Syntax Parameter Description USB device address from the show usb command. Usage Guidelines There's no way to power off an USB port on a controller, but you can re-initialize the device using the usb reclassify command. This command removes the modem from the USB device list, then detects it via the USB table. Command History Introduced in ArubaOS 3.4.user-role user-role access-list {eth|mac|session} [ap-group ] [position ] bw-contract [per-user] {downstream|upstream} bw-contract {app|appcategory}{downstream|upstream}| exclude {app|appcategory} bw-contract web-cc-category|web-cc-reputation downstream|upstream captive-portal {|check-for-accounting} dialer dpi max-sessions no ...
Parameter Description Range Default — — Name of the configured ACL. ap-group (Optional) AP group to which this ACL applies. — — position (Optional) Position of this ACL relative to other ACLs that you can configure for the user role. 1 is the top. — (last) Name of a bandwidth contract or rate limiting policy configured with the aaa bandwidthcontract command. The bandwidth contract must be applied to either downstream or upstream traffic.
Parameter Description level. Bandwidth contracts can be applied to userdefined web content categories created using the web-cc command. The five web content reputation levels are predefined in ArubaOS. Range l high-risk l low-risk l moderaterisk l suspicious Default l trustworth y NOTE: bandwidth contracts applied to a web content category or reputation will not be enforced unless web content classification is enabled using the firewall web-contentclassification command.
Parameter check-for-accounting dialer Description Range If disabled, RADIUS accounting is done for an authenticated users irrespective of the captiveportal profile in the role of an authenticated user. If enabled, accounting is not done as long as the user's role has a captive portal profile on it. Accounting will start when Auth/XMLAdd/CoA changes the role of an authenticated user to a role which doesn't have captive portal profile.
Parameter Description Range Default l2tp: When a user negotiates a Layer-2 Tunneling Protocol (L2TP)/ IPsec session, specifies an address pool configured with the ip local pool command. pptp: When a user negotiates a Point-toPoint Tunneling Protocol (PPTP) session, specifies an address pool configured with the pptp ip local pool command. qos-profile reauthentica tion-interval Name of the L2TP or PPTP pool to be applied. Applies a QOS profile to the user role.
Parameter Description statefule-kerberos Applies a stateful Kerberos profile to the user role. stateful-ntlm Apply stateful NTLM authentication to the specified user role traffic-control-profile Apply the Skype4b traffic control priority profile to the user-role. Range Default — — — — NOTE: For the string value, enter the profile name that you created using the app skype4b traffic-control command. via Applies a VIA connection profile to the user role.
Parameter Description Range Default web-cc disable Disable web content classification for this user role. User role bandwidth contracts associated with web content classification categories and reputation types will not enforced unless web content classification is enabled using the firewall web-contentclassification command. — — wispr Apply WISPr authentication to the specified user role. — — Usage Guidelines Every client in a user-centric network is associated with a user role.
Command Information Platforms All platforms 2208| user-role Licensing This command requires the PEFNG license. Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
valid-network-oui-profile valid-network-oui-profile no oui Description This command allows you to add a new OUI to the controller Syntax Parameter Description Range Default no Negates any configured parameter. — — oui The new OUI to be added. Use the aa:bb:cc format to input the new OUI. — — Usage Guidelines This command adds a new OUI to the controller. The new OUI must be entered in a aa:bb:cc format. Example The following command adds a new OUI to the controller.
vlan-bwcontract-explist vlan-bwcontract-explist mac Description Use this command to add entries to or remove entries from the MAC exception list for bandwidth contracts on broadcast/multicast traffic. Syntax Parameter Description MAC address of a protocol that should be added to or removed from the exception list for bandwidth contracts. Usage Guidelines Bandwidth contracts on a VLAN can limit broadcast and multicast traffic. ArubaOS version 6.
vlan-name vlan-name [assignment {even|hash}] Description This command creates a named VLAN on the controller and given an assignment type. Syntax Parameter Description Name of the VLAN. assignment Range 1–32 characters Sets the assignment type. This determines how a VLAN assignment is handled by the controller. — even Sets the assignment type as even.The Even assignment type is based on an even distribution of VLAN pool assignments. — hash Sets the assignment type as hash.
Command History Version Modification ArubaOS 3.0 Command introduced. ArubaOS 3.4 The pool parameter was introduced. ArubaOS 6.2 The assignment parameter was introduced along with the even and hash options. ArubaOS 6.3 The pool parameter was deprecated. Command Information Platforms All platforms 2212| vlan-name Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
vlan vlan [] |[ ]|[range ]|[wired aaa-profile ] Description This command creates a VLAN ID or a range of VLAN IDs on the controller. Syntax Parameter Description Range Default Identification number for the VLAN. 2-4094 1 Description of a VLAN ID. 1-32 characters; cannot begin with a numeric character VLAN000 x, where x is the ID number. (Optional) Identification name of the VLAN.
Usage Guidelines Use the interface vlan command to configure the VLAN interface, including an IP address. Use the vlanname command to create a named VLAN to set up a VLAN pool. A VLAN pool consists of a set of VLAN IDs which are grouped together to efficiently manage multi-controller networks from a single location.
voice alg-based-cac voice alg-based-cac disable enable Description This command is used to enable or disable VoIP signaling based Call Admission Control (CAC). Syntax Parameter Description disable Disable VoIP signaling based CAC. enable Enable VoIP signaling based CAC.
voice dialplan-profile voice dialplan-profile clone dialplan { } no... Description This command allows you to create a dial plan profile and configure dial plans to the profile. Syntax Parameter Description Name of this instance of the dial plan profile. clone Name of the existing dial plan profile from which parameter values are copied. dialplan Configures a dialplan with the sequence, pattern, and action specified for the profile.
Example The following command creates a dial plan for the dial plan profile, local: (host) (config) #voice dialplan-profile local (host) (Dialplan Profile "local") #dialplan 300 Z. 91%e Command History Version ArubaOS 6.0 Description Command introduced. Command Information Platforms All platforms 2217| voice dialplan-profile Licensing This command requires the PEFNG license Command Mode Config mode on master controller Dell Networking W-Series ArubaOS 6.5.
voice facetime voice facetime no pattern Description This command configures a pattern that is matched against the User-Agent field of the SIP messages to determine if the session is a Facetime session. Syntax Parameter Description no Delete or negate a previously-entered configuration or parameter. pattern Enter a pattern text to be searched in the user-agent field of the SIP signaling message header.
voice logging voice logging client mac no ... Description This command allows you to enable logging for a voice client. Syntax Parameter client mac Description MAC address of the voice client to be enabled for voice logging. Usage Guidelines You can enable voice logging for a specific voice client based on the MAC address of the client to troubleshoot any voice issues.
voice real-time-config voice real-time-config config-enable no... Description This command enables the controller to analyze the call quality of the voice calls based on the RTP media streams. Syntax Parameter Description config-enable Default Enables the controller to analyze the call quality of the voice calls based on the RTP media streams.
voice rtcp-inactivity voice rtcp-inactivity {enable | disable} Description This command enables or diables the RTCP inactivity timer. Syntax Parameter Description enable Enables the RTCP inactivity timer. disable Disables the RTCP inactivity timer. Usage Guidelines You can enable the RTCP inactivity timer to clear a voip session if an on-hold client moves out of the coverage area.
voice sip voice sip dialplan-profile no... session-expiry session-timer Description This command allows you to enable SIP session timer and associate a dial plan profile to the SIP ALG. Syntax Parameter Description Default dial-plan profile Name of the existing Dial plan profile to be associated to the SIP ALG. _ session-expiry Timeout value in seconds for the session timer. The range is 240 1200 seconds.
Command Information Platforms All platforms 2223| voice sip Licensing This command requires the PEFNG license Command Mode Config mode on master controller Dell Networking W-Series ArubaOS 6.5.
voice sip-midcall-req-timeout voice sip-midcall-req-timeout {enable | disable} Description This command enables or diables the SIP mid-call request timer. Syntax Parameter Description enable Enables the SIP mid-call request timer. disable Disables the timer. Usage Guidelines You can enable the SIP mid-call request timer on the controller to clear the voip session if there is no response to a SIP mid-call request.
voice wificalling voice wificalling dns-pattern service-provider enable no Description This command configures Wi-Fi Calling on the controller. Syntax Parameter dns-pattern service-provider Description dns-pattern–Configure the DNS pattern for the carrier. A maximum of 10 DNS patterns can be configured. DNS patterns for known carriers are configured by default. Default builtin patterns are: l SmarTone - epdg.epc.mnc006.mcc454.pub.
Command Information Platforms All platforms 2226| voice wificalling Licensing This command requires the PEFNG license Command Mode Config mode on master controller Dell Networking W-Series ArubaOS 6.5.
vpdn group l2tp vpdn group l2tp client configuration {dns|wins} [] disable|enable l2tp tunnel hello no ... ppp authentication {CACHE-SECURID|CHAP|EAP|MSCHAP|MSCHAPv2|PAP} ppp securid cache Description This command configures an L2TP/IPsec VPN connection. Syntax Parameter client configuration Description Range Default Configures parameters for the remote clients. — — dns Configures a primary and optional secondary DNS server.
Parameter Description Range PAP ppp securid If CACHE-SECURID is configured for PPP authentication, this specifies the time, in minutes, that the token is cached. Default — — 1510080 1440 minutes Usage Guidelines L2TP/IPsec relies on the PPP connection process to perform user authentication and protocol configuration. You specify the protocol used for PPP authentication and whether SecureID tokens are cached on the controller.
vpdn group pptp vpdn group pptp client configuration {dns|wins} [] disable|enable no ... ppp authentication {MSCHAP|MSCHAPv2} pptp echo Description This command configures a PPTP VPN connection. Syntax Parameter client configuration Description Range Default Configures parameters for the remote clients. — — dns Configures a primary and optional secondary DNS server. — — wins Configures a primary and optional secondary WINS server.
Example The following command configures virtual private dial-in networking: vpdn group pptp ppp authentication MSCHAPv2 client configuration dns 10.1.1.2 client configuration wins 10.1.1.2 Command History The command was introduced in ArubaOS 3.0. Command Information Platforms All platforms 2230| vpdn group pptp Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
vpn-dialer vpn-dialer enable dnetclear|l2tp|pptp|securid_newpinmode|wirednowifi ike {authentication {pre-share |rsa-sig}|encryption {3des|des}| group {1|2}|hash {md5|sha}|lifetime []} ipsec {encryption {esp-3des|esp-des}|hash {esp-md5-hmac|esp-sha-hmac}| lifetime []|pfs {group1|group2}} no {enable...|ipsec...|ppp...} ppp authentication {cache-securid|chap|mschap|mschapv2|pap} Description This command configures the VPN dialer.
Parameter Description Range Default encryption Specifies the IKE encryption protocol, either DES or 3DES. 3des | des 3des group Specifies the Diffie-Hellman group, either 1 or 2. 1|2 2 hash Specifies the HASH algorithm, ether SHA or MD5. md5 | sha sha lifetime Specifies how long an IKE security association lasts, in seconds. 30086400 28800 seconds Configures IPsec.
Usage Guidelines A VPN dialer is a Windows application that configures a Windows client for use with the VPN services in the controller. When VPN is used as an access method, a user can login using captive portal and download a VPN dialer. You can customize a VPN dialer for a user role configured with the user-role command. After the user authenticates via captive portal, a link appears to allow download of the VPN dialer if a dialer is configured for the user role.
vrrp vrrp advertise authentication description holdtime ip address no... preempt priority shutdown tracking interface {fastethernet //|gigabitethernet //} {sub } tracking master-up-time add tracking vlan {sub } tracking vrrp-master-state add vlan vrrp ipv6 advertise description holdtime ipv6 address no...
Parameter advertise Description Range Specifies the time, in seconds, between successive VRRP advertisements sent by the current master. Default 1-60 seconds 1 second (1s=1000m s) 8 characters — 1-80 characters — Best practices are to use the default value. authentication Configure an optional password of up to eight characters to be used to authenticate VRRP peers in their advertisements. The password must be the same on both members of the redundant pair.
Parameter Description Range Default The IP address must be unique; the IP address cannot be the loopback address of the controller. Only IPv4 address formats are supported. ipv6 address Configure the virtual IPv6 address that will be owned by the elected VRRP master. Use the same IPv6 address on each member of the redundant pair. — — This IPv6 address will be redundant - it will be active on the VRRP master, and will become active on the VRRP backup in the event that the VRRP master fails.
Parameter Description Range Default When the timer is triggered, it delays the router for a specified period of time before taking over the master router. In the mean time, if there is an advertisement from another VRRP master (existing master), the router stops the timer and does not transition to master. priority Defines the priority level of the VRRP instance for the controller. This value is used in the election mechanism for the master.
Parameter Description Range Default tracking master-up-time duration Monitors how long the controller has been master for the VRRP instance. 0-1440 minutes — tracking master-up-time add Instructs the controller to add the specified value to the existing priority level. 0-255 — — — 0-255 — The combined priority and tracking values cannot exceed 255.
Parameter vlan Description Range Specifies the VLAN ID of the VLAN on which VRRP will run. 1-4094 Default — Usage Guidelines Use this command to set parameters for VRRP on the controller. The default VRRP parameters can be left for most implementations. You can use a combination of numbers, letters, and characters to create the authentication password and the VRRP description. To include a space in the password or description, enter quotation marks around the string.
Primary Configuration Backup Configuration ip address 10.200.22.254 preempt priority 105 tracking vlan 10 sub 10 ip address 10.200.22.254 preempt priority 100 tracking vlan 10 sub 10 vrrp 30 vlan 30 ip address 10.200.22.254 preempt priority 105 tracking vlan 20 sub 10 vrrp 30 vlan 30 ip address 10.200.22.
web-cc web-cc global-bandwidth-contract web-cc-category downstream|upstream kbits|mbits web-cc-reputation high-risk|low-risk|moderate-risk|suspicious|trustworthy downstream|upstream kbits|mbits <1-2000> Description This command defines global bandwidth contracts for HTTP traffic matching a predefined web content category or reputation type.
(host) (config) #web-cc global-bandwidth-contract web-cc-category music downstream mbits 100 Command History Version ArubaOS 6.4.2.0 Modification Command introduced. Command Information Platforms All platforms 2242| web-cc Licensing PEF-NG license Command Mode Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
web-proxy server web-proxy server port Description This command configures the web-proxy server related information. Syntax Parameter Description Range Default Specifies the proxy server name / IP address. — — port Specifies the proxy server port. — — Usage Guidelines When the controller needs to access data on the cloud or the internet, and if the internet bound traffic needs to pass through a proxy, execute the web-proxy server command.
web-server profile web-server profile absolute-session-timeout <30-3600> bypass-cp-landing-page captive-portal-cert ciphers {high|low|medium} exclude-http-security.. idp-cert mgmt-auth [certificate] [username/password] no ... session-timeout ssl-protocol [tlsvl | tlsvl.1 | tlsvl.
Parameter Description Range Default idp-cert Specifies the IDP certificate name configured in the controller — — mgmt-auth Specifies the authentication method for the management user; you can choose to use either username/password or certificates, or both username/password and certificates. usernam e/ passwor d, certificat e usernam e/ passwor d no Negates any configured parameter.
how to import the signed certificate received from the CA into the controller. After importing the signed certificate into the controller, use the web-server profile command to specify the certificate for captive portal or WebUI access. If you need to specify a different certificate for captive portal or WebUI access, use the no command to revert back to the default certificate before you specify the new certificate (see the Example section). You can use client certificates to authenticate management users.
Version Modification The following parameters were introduced: l tlsv1.1 l tlsv1.2 ArubaOS 6.4.2.5 The bypass-cp-landing-page parameter was introduced. ArubaOS 6.4.4.0 The absolute-session-timeout parameter was introduced. The web-skype4b-listen-port parameter was introduced. This parameter replaced the web-lync-listen-port parameter introduced in ArubaOS 6.3. ArubaOS 6.5. The excludes security headers was introduced.
whitelist-db cpsec add whitelist-db cpsec add mac-address ap-group ap-name description Description Add an AP entry to the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to enter into the campus AP whitelist database. ap-group (Optional) Name of the AP group. NOTE: If the AP group is not entered, a campus AP boots with "default" as AP group. ap-name (Optional) Name of the AP.
Command History Version ArubaOS 5.0 ArubaOS 6.4.3.0 Modification Command introduced The ap-group and ap-name parameters were introduced. Command Information Platforms All platforms 2249| whitelist-db cpsec add Licensing Base operating system. Command Mode Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
whitelist-db cpsec delete whitelist-db cpsec delete mac-address Description Remove an individual AP entry to the campus AP whitelist. Syntax Parameter mac-address Description MAC address of the AP you want to remove from the campus AP whitelist. Usage Guidelines Use this command to remove an individual whitelist entries for an AP that has been either removed from the network, or is no longer a candidate for automatic certificate provisioning.
whitelist-db cpsec-local-switch-list whitelist-db cpsec-local-switch-list del mac-address purge Description Delete a local controller from the local switch whitelist. Syntax Parameter Description del mac-address Remove a single controller from the local switch whitelist.
Command History Version Modification ArubaOS 5.0 Command introduced ArubaOS 6.0 The cpsec-local-ctlr-list parameter was modified to cpsec-local-switchlist Command Information Platforms All platforms 2252| whitelist-db cpsec-local-switch-list Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
whitelist-db cpsec-master-switch-list whitelist-db cpsec-master-switch-list del mac-address purge Description Delete a master controller from the master switch whitelist. Syntax Parameter Description del mac-address Remove a single master controller from the master switch whitelist.
Command Information Platforms All platforms 2254| whitelist-db cpsec-master-switch-list Licensing Base operating system. Command Mode Config mode on local controllers Dell Networking W-Series ArubaOS 6.5.
whitelist-db cpsec modify whitelist-db cpsec modify mac-address ap-group ap-name cert-type {factory-cert|switch-cert} description mode {disable|enable} revoke-text state {approved-ready-for-cert|certified-factory-cert} Description Modify an existing entry in the campus AP whitelist. Syntax Parameter Description mac-address MAC address of an AP in the campus AP whitelist database.
Example The following command changes the AP group, AP name, certificate type, description, mode, revoke text, and state of an AP with MAC address 00:1E:37:CB:D4:52: (host) #whitelist-db cpsec modify mac-address 00:1E:37:CB:D4:52 ap-group default ap-name ap-225 cert-type factory-cert description "AP-225 in lobby" mode disable revoke-text "Maintenance" state approved-ready-for-cert Related Commands Command show whitelist-db cpsec Description Mode Show the campus AP whitelist for the control plane feature
whitelist-db cpsec purge whitelist-db cpsec purge Description Clear the campus AP whitelist. Syntax No parameters. Usage Guidelines Use this command to clear all entries in the entire campus AP whitelist. If your network includes both master and local controllers, then each campus AP whitelist is synchronized across all controllers. If you purge the entire campus AP whitelist on one controller, that action will clear the campus AP whitelist on every controller in the network.
whitelist-db cpsec revoke whitelist-db cpsec revoke mac-address revoke-text Description Revoke a certificate from an AP in the campus AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to remove from the cpsec whitelist database. revoke-text A brief description why the AP’s certificate was revoked, up to 64 alphanumeric characters.
whitelist-db rap add whitelist-db rap add mac-addr ap-group ap-name description full-name mode enable|disable remote-ip Description Add an AP entry to the remote AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to enter into the remote AP whitelist database. ap-group AP group of the remote AP. ap-name Name of the Remote AP.
Command show whitelist-db rapmaster-switch-list Description Mode Display the list of master controllers with remote APs managed using the remote AP whitelist Enable or Config mode show whitelist-db raplocal-switch-list Display the list of local controllers with remote APs managed using the remote AP whitelist Enable or Config mode show whitelist-db rap View detailed information for the remote AP whitelist database. Enable or Config mode Command History This command was introduced in ArubaOS 6.3.
whitelist-db rap del whitelist-db rap del mac-addr Description Remove an AP entry from the remote AP whitelist. Syntax Parameter mac-address Description MAC address of the AP you want to remove from the remote AP whitelist database. Usage Guidelines You can manually remove entries from the remote AP whitelist to revoke a remote AP’s secure access to the network.
whitelist-db rap modify whitelist-db rap modify mac-addr ap-group ap-name description full-name mode enable|disable remote-ip Description Remove an AP entry from the remote AP whitelist. Syntax Parameter Description mac-address MAC address of the remote AP whose whitelist database entry you want to modify. ap-group AP group of the remote AP. ap-name Name of the Remote AP.
Related Commands Command whitelist-db rap add Description Mode Add an entry into the remote AP whitelist. Config mode on master or local controllers Command History This command was introduced in ArubaOS 6.3. Command Information Platforms All platforms 2263| whitelist-db rap modify Licensing Base operating system. Command Mode Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
whitelist-db rap revoke whitelist-db rap revoke mac-address revoke-comment Description Revoke a certificate from an AP in the remote AP whitelist. Syntax Parameter Description mac-address MAC address of the AP you want to remove from the remote AP whitelist database. revoke-comment A brief description why the AP’s certificate was revoked, up to 64 alphanumeric characters. If this comment includes spaces, you must enclose the comment in quotation marks.
whitelist-db rap-local-switch-list whitelist-db rap-local-switch-list del mac-addr purge Description Delete a local controller from the local switch table used by the remote AP whitelist Syntax Parameter del mac-address purge Description Remove a single controller from the local switch table.
Command Information Platforms All platforms 2266| whitelist-db rap-local-switch-list Licensing Base operating system. Command Mode Config mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
whitelist-db rap-master-switch-list whitelist-db rap-master-switch-list del mac-addr purge Description Delete a master controller from the master switch table used by the remote AP whitelist. Syntax Parameter del mac-address purge Description Remove a single master controller from the master switch whitelist. Clear all controllersfrom the Registered Master Switch table.
whoami whoami Description This command displays information about the current user logged into the controller. Syntax No parameters. Usage Guidelines Use this command to display the name and role of the user who is logged into the controller for this session. Example The following command displays information about the user logged into the controller: (host) #whoami Command History This command was available in ArubaOS 1.0.
wipe wipe out flash Description This command erases all data including configuration, logs, license keys, flash backup files and formats the flash file system in the controller. Execute this command only when the controller is taken out of service or decommissioned. Syntax No syntax. Example The following command formats the flash file system: (host) #wipe out flash Do you really want to wipe out the entire flash (y/n): y Zeroing out flash:.....................................
wlan anyspot-profile wlan anyspot-profile clone enable-anyspot exclude-essid exclude-wildcard no preset-essid Description The anyspot client probe suppression feature decreases network traffic by suppressing probe requests from clients attempting to locate and connect to other known networks. Syntax Parameter Description clone Make a copy of an existing anyspot profile.
client's request. If no matching network is found, the anyspot AP sends a response to the client using the SSID from the client request. If the client is authorized to connect to the anyspot AP, that client associates to AP. Once connected to the anyspot AP, the client recognizes the ESSID to which it is connected as one associated with its preferred network, and does not send out any further probe requests.
wlan bcn-rpt-req-profile wlan bcn-rpt-req-profile channel clone interface measure-dur-mandatory measure-duration measure-mode no random-interval reg-class {1|12} request-info rpt-condition rpt-detail ssid Description Configures a Beacon Report Request Profile to provide the parameters for the Beacon Report Request frames.
Parameter Description Range Default interface This field is used to specify the radio interface for transmitting the Beacon Report Request frame. 0-1 1 measure-dur-mandatory This value is used to set the "Duration Mandatory" bit of the Measurement Request Mode field of the Beacon Report Request frame. — Disabled measure-duration This value is used to set the Measurement Duration field in the Beacon Report Request frame.
Description Parameter Range Default request-info This option is used to indicate the contents of the Request Information IE that could be present in the Beacon Report Request frame. The Request Information IE is present for all Measurement Modes except the 'Beacon Table' mode. It consists of a list of Element IDs that should be included by the client in the response frame. Any valid element ID in the x/y/z format. For exampl e, 0/21/22.
Command Information Platforms All platforms 2275| wlan bcn-rpt-req-profile Licensing Base operating system Command Mode Configuration mode on master and local controllers Dell Networking W-Series ArubaOS 6.5.
wlan client-wlan-profile wlan client-wlan-profile auth-as-computer auth-as-guest clone eap-cert eap-cert-connect-only-to eap-peap eap-peap-connect-only-to eap-type enable-8021x ieap-cert-connect-only inner-eap inner-eap-type no non-broadcasting-connection range-connect ssid-profile Description You can push WLAN profiles to users computers that use the Microsoft Windows Wireless Zero Config (WZC) service to configure and maintain their wireless networks.
Parameter Description Default eap-peapconnect-only-to Comma separated list of servers. eap-type Enter a EAP type used by client to connect to wireless network. EAP-PEAP enable-8021x Select this option to enable 802.1X authentication for this network. Enabled ieap-cert-connectonly Command separated list of servers inner-eap Enter the inner EAP type.
wlan dot11k-profile wlan dotllk ap-chan-rpt-11a ap-chan-rpt-11bg bcn-measurement-mode {active-all-ch|active-ch-rpt|beacon-table|passive} bcn-req-chan-11a bcn-req-chan-11bg bcn-req-time clone dot11k-enable force-disassoc handover-trigger-profile lm-req-time no ... rrm-ie-profile tsm-req-profile tsm-req-time Description Configure a 802.11k radio profile. Syntax Parameter Description Default Name of this instance of the profile.
Parameter Description Default any additional measurements. l passive—Enables passive beacon measurement mode. In this mode, the client sets a measurement duration timer, and, at the end of the measurement duration, compiles all received beacons or probe response with the requested SSID and BSSID into a measurement report. NOTE: If a station doesn't support the selected measurement mode, it returns a Beacon Measurement Report with the Incapable bit set in the Measurement Report Mode field.
Parameter Description handover-trigger-profile Default Name of the handover trigger profile associated with this 802.11k profile. If the handover trigger feature is enabled in the handover trigger profile, the controller will initiate the handover of a voice client (for example: dual mode handsets) roaming at the edge of Wi-Fi coverage to an alternate carrier or connection.
Related Commands Command Description wlan handover-trigger-profile Configure a handover trigger profile to ensure QoS for voice calls. wlan rrm-ie-profile Configure an radio resource management RRM IE profile to define the information elements advertised by an AP with 802.11k support enabled. Command History Version Description ArubaOS 3.4 Command introduced ArubaOS 6.
wlan dot11r-profile wlan dotllr-profile clone mob-domain-id <1-65535> dot11r no key-duration <60-86400> key-assignment Description This command configures an 802.11r radio profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” clone Name of an existing dot11r-profile from which the — — parameter values are copied. mob-domain-id An ID that uniquely identifies the mobility domain.
(host) (802.11r Profile "default") #fastbss-mob-domain-id 25 (host) (802.11r Profile "default") #r1key_validity_duration 2500 Configure a mobility domain ID that uniquely identifies a mobility domain using the following command: (host) (802.11r Profile "default") #mob-domain-id <1-65535> The default value is 1. Configure the r1 key timeout value in seconds for decrypt-tunnel or bridge mode using the following command: (host) (802.
wlan edca-parameters-profile wlan wlan edca-parameters-profile {ap|station} {background | best-effort | video | voice} [acm][aifsn ] [ecw-max [ecw-min ] [txop ] [clone Description This command configures an enhanced distributed channel access (EDCA) profile for APs or for clients (stations). Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 163 characters.
Usage Guidelines EDCA profiles are specific either to APs or clients. You apply an EDCA profile to a specific SSID profile. use this command only under the guidance of your Dell technical support representative.
Command Information Platforms All platforms Licensing PEFNG license Dell Networking W-Series ArubaOS 6.5.
wlan handover-trigger-profile wlan handover-trigger-profile clone handover-threshold handover-trigger no Description Configure a handover trigger profile to ensure QoS for voice calls. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — "default" clone Creates a copy of the Handover Trigger Profile specified as the .
(host) (Handover Trigger Profile "default") #handover-threshold 20 Command History This command was introduced in ArubaOS 6.2. Command Information Platforms All platforms 2288| wlan handover-trigger-profile Licensing Base operating system Command Mode Configuration mode on master or local controllers Dell Networking W-Series ArubaOS 6.5.
wlan hotspot advertisement-profile wlan hotspot advertisement profile anqp-3gpp-nwk-profile anqp-domain-name-profile anqp-ip-addr-avail-profile anqp-nai-realm-profile anqp-nwk-auth-profile anqp-roam-cons-profile anqp-venue-name-profile clone h2qp-conn-cap-profile h2qp-op-cl-profile h2qp-operator-friendly-profile h2qp-wan-metrics-p
Parameter Description anqp-roam-cons-profile Name of the ANQP Roaming Consortium profile to be associated with this WLAN advertisement profile. For more information on configuring this profile, refer to wlan hotspot anqp-roam-consprofile on page 2306. anqp-venue-name-profile Name of the ANQP Venue Name profile to be associated with this WLAN advertisement profile. For more information on configuring this profile, refer to wlan hotspot anqp-venue-nameprofile on page 2308.
1. Associate the ANQP advertisement profile with a Hotspot profile. (wlan hotspot h2-profile advertisement-profile ) 2. Enable the hotspot feature within that Hotspot profile (wlan hotspot h2-profile hotspot-enable) Example The following command associates the ANQP domain name profile anqp-dom-1 to the advertisement profile network1.
Command Description operator-friendlyname-profile profile. l wlan hotspot h2qpwan-metrics-profile This command creates a Hotspot 2.0 Query Protocol (H2QP) profile that specifies the hotspot WAN status and link metrics. l wlan hotspot hs2profile This command configures a hotspot profile for an 802.11u public access service provider. Command History This command was introduced in ArubaOS 6.
wlan hotspot anqp-3gpp-nwk-profile wlan hotspot anqp-3gpp-nwk-profile 3gpp_plmn1 <3GPP PLMN1 data> 3gpp_plmn2 <3GPP PLMN2 data> 3gpp_plmn3 <3GPP PLMN3 data> 3gpp_plmn4 <3GPP PLMN4 data> 3gpp_plmn5 <3GPP PLMN5 data> 3gpp_plmn6 <3GPP PLMN6 data> clone enable no ... Description This profile defines information for a 3rd Generation Partnership Project (3GPP) Cellular Network for hotspots that have roaming relationships with cellular operators.
Parameter Description enable Issue this command to enable this profile. ANQP 3GPP profiles are disabled by default. no Remove an existing parameter. Usage Guidelines The 3GPP Cellular Network Profile defines an ANQP information element (IE) to be sent in a Generic Advertisement Service (GAS) query response from an AP in a hotspot with a roaming relationship with a cellular operator.
wlan hotspot anqp-domain-name-profile wlan hotspot anqp-domain-name-profile clone domain-name no ... Description This command defines the domain name to be sent in an Access Network Query Protocol (ANQP) information element in a Generic Advertisement Service (GAS) query response. Syntax Parameter Description clone Make a copy of an existing ANQP domain name profile. domain-name Domain name of the hotspot operator.
Command Information Platforms All platforms 2296| wlan hotspot anqp-domain-name-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
wlan hotspot anqp-ip-addr-avail-profile wlan hotspot anqp-ip-addr-avail-profile clone ipv4-addr-avail availability-unknown|not-available|port-restricted|port-restricted-oublenated|port-restricted-single-nated|private-double-nated|private-single-nated ipv6-addr-avail available|availability-unknown|not-available no ...
Parameter not-available no Description Network is not available. Remove an existing parameter. Usage Guidelines The IP Address Availability information configured using this command provides clients with information about the availability of IP address versions and types which could be allocated to those clients after they associate to the hotspot AP. Values configured in this profile will not be sent to clients unless you: 1.
wlan hotspot anqp-nai-realm-profile wlan hotspot anqp-nai-realm-profile clone nai-home-realm nai-realm-auth-id-1|nai-realm-auth-id-2 {credential-type|expanded-eap|expanded-innereap|inner-auth-eap|non-eap-inner-auth|tunneled-eap-credential-type} nai-realm-auth-value-1|nai-realm-auth-value-2 {cred-cert|cred-hw-token|cred-nfc|crednone|cred-rsvd|cred-sim|cred-soft-token|cred-user-pass|cred-usim|cred-vendor-spec|eapcrypto-card|eap-generic-token-card|eap-identity|eap-method-aka|eap-m
Parameter Description non-eap-inner-auth The specified authentication ID uses non-EAP inner authentication type. tunneled-eap-credential-type The specified authentication ID uses the tunneled EAP credential type. nai-realm-auth-value-1|nai-realm-auth-value-2 Use the nai-ream-auth-value-1 command to select an authentication value for the authentication method specified by nai-realmauth-id-1.
Parameter Description eap-method-ttls EAP Method - TTLS - Tunneled Transport Security eap-notification EAP Method - Notification eap-one-time-password EAP Method - One-Time-Password eap-peap EAP Method - PEAP eap-peap-mschapv2 EAP Method - PEAP MSCHAP V2 non-eap-chap Non-EAP Method - CHAP non-eap-mschap Non-EAP Method - MSCHAP non-eap-mschapv2 Non-EAP Method - MSCHAPv2 non-eap-pap Non-EAP Method - PAP non-eap-rsvd Non-EAP Method - Reserved for future use reserved Reserved for future u
Parameter Description one-time-password Authentication with a single-use password. peap Protected Extensible Authentication Protocol peap-mschapv2 Protected Extensible Authentication Protocol with Microsoft Challenge Handshake Authentication Protocol version 2 nai-realm-encoding <0-255> Issue this command if the NAI realm named defined by nai-realm-name is a UTF-8 formatted character string that is not formatted in accordance with IETF RFC 4282.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
wlan hotspot anqp-nwk-auth-profile wlan hotspot anqp-nwk-auth-profile clone no ... nwk-auth-type acceptance|dns-redirection|http-https-redirection|online-enroll url Description This command configures an ANQP Network Authentication profile to define authentication type being used by the hotspot network. Syntax Parameter Description clone Make a copy of an existing ANQP Network Authentication profile. no Negate any existing parameter.
3. Enable the hotspot feature within that Hotspot profile. (wlan hotspot h2-profile hotspot-enable ) Example The following command configures the default Network Authorization profile to use DNS redirection. wlan hotspot anqp-nwk-auth-profile default nwk-auth-type dns-redirection redirect-url http://www.example.com/redirect.html Command History This command was introduced in ArubaOS 6.
wlan hotspot anqp-roam-cons-profile wlan hotspot anqp-roam-cons-profile clone no ... roam-cons-oi roam-cons-oi-len Description This command configures the Roaming Consortium OI information to be sent in an Access network Query Protocol (ANQP) information element in a Generic Advertisement Service (GAS) query response. Syntax Parameter Description clone Make a copy of an existing ANQP Roaming Consortium profile.
Example The following command defines the roaming consortium OI and OI length in the ANQP roaming consortium profile: wlan hotspot anqp-roam-cons-profile profile1 roam-cons-oi 506F9A roam-cons-oi-len 3 Command History This command was introduced in ArubaOS 6.4 Command Information Platforms All platforms 2307| wlan hotspot anqp-roam-cons-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
wlan hotspot anqp-venue-name-profile wlan hotspot anqp-venue-name-profile clone no venue-group outdoor|reserved|utility-misc|vehicular|assembly|business educational|factoryor-industrial|institutional|mercantile|residential| storage|unspecified venue-language venue-name venue-type Description This command defines venue information be sent in an Access network Query Protocol (ANQP) information element in a Generic Advertisement Service (GAS) query response.
Parameter venue-type Description Specify a venue type to be advertised in the IEs from APs associated with this hotspot profile. The complete list of supported venue types is described in Venue Types on page 2309. Usage Guidelines Use this command to configure the venue group and venue type in an ANQP Venue Name profile.
l assembly-amphitheater l business-police-station l merchantile unspecified l assembly-amusementpark l business-post-office l outdoor-bus-stop l business-professional-office l outdoor-city-park l business-research-anddevelopment l outdoor-kiosk l assembly-arena l assembly-bar l outdoor-muni-mesh-nwk l assembly-coffee-shop l business-unspecified l outdoor-rest-area l assembly-conventioncenter l educational-primary-school l outdoor-traffic-control l educational-secondary
wlan hotspot h2qp-conn-capability-profile wlan hotspot h2qp-conn-capability-profile clone esp icmp no tcp-ftp tcp-http tcp-pptp-vpn tcp-ssh tcp-tls-vpn tcp-voip udp-ike2-4500 udp-ike2-500 udp-ipsec-vpn udp-voip Description Define a Hotspot 2.0 Query Protocol (H2QP) profile that advertises hotspot protocol and port capabilities. Syntax Parameter Description clone Make a copy of an existing hotspot connection capability profile.
Parameter Description udp-ike2-500 Include this parameter to enable the IKEv2. (port 500) udp-ipsec-vpn Include this parameter to enable the IPsec VPN port. (ports 500, 4500 and 0) no Negates any existing parameter, returning it to its default disabled value. udp-voip Include this parameter to enable the UDP VoIP port.
wlan hotspot h2qp-op-cl-profile wlan hotspot h2qp-op-cl-profile clone no op-cl <1-255> Description This command defines a Hotspot 2.0 Query Protocol (H2QP) profile that defines the Operating Class to be sent in the ANQP IE. Syntax Parameter Description clone Makes a copy of an existing hotspot operating class profile. no Negates any existing parameter, returning it to its default disabled value. op-cl Configures the operating class for the devices’ BSS.
Command Information Platforms All platforms 2314| wlan hotspot h2qp-op-cl-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
wlan hotspot h2qp-operator-friendly-name-profile wlan hotspot h2qp-operator-friendly-name-profile clone no op-fr-name op-lang-code Description This command defines a Hotspot 2.0 Query Protocol (H2QP) operator-friendly name profile. Syntax Parameter Description clone Makes a copy of an existing operator-friendly name profile. no Negates any existing parameter. An operator-friendly name sent by devices using this profile.
Command History This command was introduced in ArubaOS 6.4 Command Information Platforms All platforms Licensing Base operating system 2316| wlan hotspot h2qp-operator-friendly-name-profile Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
wlan hotspot h2qp-wan-metrics-profile wlan hotspot h2qp-wan-metrics-profile at-capacity clone downlink-load downlink-speed load-dur no symm-link uplink-load uplink-speed wan-metrics-link-status link_down|link_test|link_up|reserved Description Create a Hotspot 2.0 Query Protocol (H2QP) profile that specifies the hotspot WAN status and link metrics. Syntax Parameter at_capacity Description Range Use the at_capacity parameter to indicate that the WAN Link has reached its maximum capacity.
Parameter Description Range Default uplink_load The percentage of the WAN uplink that is currently utilized. If no value is set, this parameter will show a default value of 0 to indicate that the downlink speed is unknown or unspecified. 1-100 0 (unspecifie d) uplink_speed Use the uplink parameter to indicate the current WAN backhaul uplink speed in Kbps.
Total:1 Command History This command was introduced in ArubaOS 6.4. Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
wlan hotspot hs2-profile wlan hotspot hs2-profile access-network-type emergency-services|personal-device|private|private-guest|publicchargeable|public-free|test|wildcard addtl-roam-cons-ois advertisement-profile advertisement-protocol anqp|eas|mih-cmd-event|mih-info|rsvd asra clone comeback-mode gas-comeback-delay grp-frame-block hessid hotspot-enable internet no ..
Parameter Description addtl-roam-cons-ois Number of additional roaming consortium Organization Identifiers (OIs) advertised by the AP. This feature supports up to three additional OIs, which are defined using the roam-cons-oi-1, roamcons-oi-2 and roam-cons-oi-3 parameters. advertisement-profile Advertisement profile associated with this hotspot profile. If this parameter is not changed, the hotspot profile uses with the default advertisement profile.
Parameter Description grp-frame-block This option configures the Downstream Group Addressed Forwarding (DGAF) Disabled Mode. If this feature is enabled, it ensures that the AP does not forward downstream group-addressed frames. It is disabled by default, allowing the AP to forward downstram group-addressed frames. hessid This optional parameter devices an AP’s homogenous ESS identifier (HESSSID), which is that device’s MAC address in colon-separated hexadecimal format.
Parameter roam-cons-len-1 roam-cons-len-2 roam-cons-len-3 roam-cons-oi-1 Description Length of the OI. The value of the roam-cons-len-1 parameter is based upon the number of octets of the roam-cons-oi-1 field. l 0: Zero Octets in the OI (Null) l 3: OI length is 24-bit (3 Octets) l 5: OI length is 36-bit (5 Octets) Length of the OI. The value of the roam-cons-len-2 parameter is based upon the number of octets of the roam-cons-oi-2 field.
Parameter Description be used. time-error time-zone The standard deviation of error in time value estimate, in milliseconds. The default value is 0 milliseconds, and the supported range is 0- 2,147,483,647 milliseconds.
ArubaOS 6.3 supports Hotspot 2.0 with enhanced network discovery and selection.Clients can receive general information about the network identity, venue and type via management frames from the Dell AP. Clients can also query APs for information about the network’s available IP address type (IPv4 or IPv6), roaming partners, and supported authentication methods, and receive that information in Information Elements from the AP.
l assembly-amphitheatre l business-fire-station l mercantile-shopping-mall l assembly-amusementpark l business-police-station l outdoor-bus-stop l business-post-office l outdoor-city-park l assembly-arena l business-professional-office l outdoor-kiosk l assembly-bar l outdoor-muni-mesh-nwk assembly-coffee-shop business-research-anddevelopment l l l outdoor-rest-area l assembly-conventioncenter l educational-primary-school l outdoor-traffic-control l educational-seconda
Related Commands Use the following commands to configure the Hotspot feature.
Command Information Platforms All platforms Licensing Base operating system Dell Networking W-Series ArubaOS 6.5.
wlan ht-ssid-profile wlan ht-ssid-profile 40MHz-enable 80MHz-enable ba-amsdu-enable clone high-throughput-enable ldpc legacy-stations max-rx-a-mpdu-size {8191|16383|32767|65535} max-tx-a-mpdu-size max-tx-a-msdu-count-be {0-15} max-tx-a-msdu-count-bk {0-15} max-tx-a-msdu-count-vi {0-15} max-tx-a-msdu-count-vo {0-15} max-vht-mpdu-size min-mpdu-start-spacing {0|.25|.5|1|2|4|8|16} mpdu-agg no...
Parameter Description Range Default clone Name of an existing high-throughput SSID profile from which parameter values are copied. — — high-throughput-enable Enable or disable high-throughput SSID to allow high-throughput (802.11n) stations to associate. — enabled Enabling high-throughput in an ht-ssidprofile enables Wi-Fi Multimedia (WMM) base features for the associated SSID. ldpc If enabled, the AP will advertise LowDensity Parity Check (LDPC) support.
Parameter max-tx-a-masdu-count-bk Description Set the maximum number of MSDUs in a TX A-MSDU on background AC. Range Default 0-15 2 0-15 2 0-15 0 NOTE: TX A-MSDU is disabled if the value is set to 0. In decrypt-tunnel forwarding mode, TX A-MSDU on background AC is disabled and assigning any value has no effect. max-tx-a-masdu-count-vi Set the maximum number of MSDUs in a TX A-MSDU on video AC. NOTE: TX A-MSDU is disabled if the value is set to 0.
Parameter Description Range Default High-throughput APs are able to send aggregated MAC protocol data units (MDPUs), which allow an AP to receive a single block acknowledgment instead of multiple ACK signals. This option, which is enabled by default, reduces network traffic overhead by effectively eliminating the need to initiate a new transfer for every MPDU. no Negate any configured parameter. — — short-guardintvl-20MHz Enable or disable use of short guard interval (400 ns) in 20 MHz mode.
Parameter stbc-tx-streams Description Control the maximum number of spatial streams usable for STBC transmission. 0 disables STBC transmission, 1 uses STBC for MCS 0-7. Higher MCS values are not supported. (Supported on W-AP105, WAP130 Series, and W-AP175 only. The configured value will be adjusted based on AP capabilities.) Range Default 0-1 1 0-31 0-31 NOTE: If transmit beamforming is enabled, STBC will be disabled for beamformed frames.
Parameter Description Range Default vht-supported-mcs-map Comma separated list of maximum supported MCS for spatial streams 1 through 4. Valid values for maximum MCS are 7, 8, 9, and '-' (if spatial stream is not supported). Maximum MCS of a spatial stream cannot be higher than the previous streams. If an MCS is not valid for a particular combination of bandwidth and number of spatial streams, it will not be used for Tx and Rx.
Example The following command configures the maximum size of a received aggregate MDPU to be 8191 bytes for the high-throughput SSID named “htcorpnet:” (host) (config) #wlan ht-ssid-profile htcorpnet max-rx-a-mpdu-size 8191 Command History Version Description ArubaOS 3.3 Command introduced ArubaOS 3.3.1 The legacy-stations parameter was introduced ArubaOS 3.3.2 De-aggregation of MAC Service Data Units (A-MSDUs) was introduced. ArubaOS 6.
Version ArubaOS 6.2 ArubaOS 6.3 Description The following parameters were introduced: l txbf-comp-steering l txbf-noncomp-steering l txbf-delayed-feedback l txbf-immediate-feedback l txbf-sounding-interval The following parameters were introduced.
Command Information Platforms All platforms, but only operates with 802.11ncapable APs. Licensing Base operating system. Command Mode Config mode on master controllers The following parameters are supported on 802.11accapable APs only: l 80-MHz-enable l very-high-throughputenable l vht-supported-mcsmap l vht-txbf-explicitenable l vht-txbf-soundinginterval Dell Networking W-Series ArubaOS 6.5.
wlan rrm-ie-profile wlan rrm-ie-profile bss-aac-ie clone country-ie enabled-capabilities-ie no pwr-constraint-ie qbss-load-ie quiet-ie tpc-report-ie Description Configure an radio resource management RRM IE profile to define the information elements advertised by an AP with 802.11k support enabled.
Example The following command prevents the AP from advertising the country IE. (host) (config) #wlan rrm-ie-profile default (host) (Handover Trigger Profile) #no country-ie Related commands wlan dot11k-profile dot11k-enable Command History Version ArubaOS 6.2 Description Command introduced Command Information Platforms All platforms 2339| wlan rrm-ie-profile Licensing Base operating system Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
wlan ssid-profile wlan ssid-profile 902il-compatibility-mode a-basic-rates a-beacon-rate a-tx-rates advertise-ap-name advertise-location ageout battery-boost clone deny-bcast disable-probe-retry dot11r-profile dtim-period eapol-rate-opt edca-parameters-profile {ap|station} enforce-user-vlan essid g-basic-rates g-beacon-rate g-tx-rates hide-ssid ht-ssid-profile local-probe-req-thresh max-cl
Description This command configures an SSID profile. Syntax Description Range Default Name of this instance of the profile. The name must be 1-63 characters. — “default” 902il-compatibility-mode (For clients using NTT DoCoMo 902iL phones only) When enabled, the controller does not drop packets from the client if a small or old initialization vector value is received.
Description Range Default Use this parameter instead of the local probe request threshold parameter to filter out low SNR authentication request. CAUTION: Use this parameter with caution. Consult technical support before configuring this parameter. battery-boost Converts multicast traffic to unicast before delivery to the client, thus allowing you to set a longer DTIM interval.
Description Range Default dtim-period Specifies the interval, in milliseconds, between the sending of Delivery Traffic Indication Messages (DTIMs) in the beacon. This is the maximum number of beacon cycles before unacknowledged network broadcasts are flushed. When using wireless clients that employ power management features to sleep, the client must revive at least once during the DTIM period to receive broadcasts. eapol-rate-opt Use a more conservative rate for more reliable delivery of EAPOL frames.
Description Range Default hide-ssid Enables or disables hiding of the SSID name in beacon frames. Note that hiding the SSID does very little to increase security. — disabled ht-ssid-profile Name of high-throughput SSID profile to use for configuring high-throughput support. See wlan ht-ssid-profile on page 2329. — “default” local-probe-req-thresh APs will not respond to client probe requests if the SNR value in the probe request is less than the specified threshold value.
Description Range Default NOTE: The following information displays the MCS rate if the short-guardintvl-20MHz parameter in ht-ssidprofile is either enabled or disabled: MCS SGI --0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 Streams 20 MHz 20 MHz ------- ------ --------- 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 6.5 13.0 19.5 26.0 39.0 52.0 58.5 65.0 13.0 26.0 39.0 52.0 78.0 104.0 117.0 130.0 7.2 14.4 21.7 28.9 43.3 57.8 65.0 72.2 14.4 28.9 43.3 57.8 86.7 115.6 130.0 144.
Description Range Default bSec-256 WPA2 with AES GCM-256 encryption and dynamic keys using 802.1X — — dynamic-wep WEP with dynamic keys. — — opensystem No authentication and encryption. — — static-wep WEP with static keys. — — wpa-aes WPA with AES encryption and dynamic keys using 802.1X. — — wpa2-aes-gcm-128 WPA2 with AES GCM-128 (Suite-b) encryption and dynamic keys — — — — using 802.1X. This parameter requires the ACR license.
Description Range Default wpa2-psk-tkip WPA2 with TKIP encryption using a preshared key. — — wpa2-tkip WPA2 with TKIP encryption and dynamic keys using 802.1X. — — xSec Encryption and tunneling of Layer-2 traffic between the controller and wired or wireless clients, or between controllers. To use xSec encryption, you must use a RADIUS authentication server. For clients, you must install the Funk Odyssey client software. — — — disabled Requires installation of the xSec license.
Description Range Default short-preamble Enables or disables short preamble for 802.11b/g radios. Network performance may be higher when short preamble is enabled. In mixed radio environments, some 802.11b wireless client stations may experience difficulty associating with the AP using short preamble. To use only long preamble, disable short preamble. Legacy client devices that use only long preamble generally can be updated to support short preamble.
Description Range Default wmm-vi-dscp DSCP used to map WMM video traffic. 0-63 — wmm-vo-dscp DSCP used to map WMM voice traffic. 0-63 — wpa-hexkey WPA pre-shared key (PSK). — — wpa-passphrase WPA passphrase with which to generate a pre-shared key (PSK). — — Usage Guidelines The SSID profile configures the SSID. Default WMM mappings exist for all SSIDs.
Command History Release Modification ArubaOS 3.0 Command introduced. ArubaOS 3.2 The wmm-ts-min-inact-int parameter was introduced. The wpa2preauth parameter was removed. ArubaOS 3.3 Support for the high-throughput IEEE 802.11n standard was introduced including the ht-ssid-profile parameter and various rate changes. ArubaOS 3.3.1 Support for configurable WMM AC mapping was introduced including the wmm-be-dscp, wmm-bk-dscp, wmm-vi-dscp, and wmm-vo-dscp parameters. ArubaOS 3.
Command Information Platforms All platforms, except for the noted opmode parameters. 2351| wlan ssid-profile Licensing Command Mode Base operating system, except for the noted parameters Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
wlan traffic-management-profile wlan traffic-management-profile bw-alloc virtual-ap share clone no ... report-interval shaping-policy default-access|fair-access|preferred-access Description This command configures a traffic management profile. Syntax Parameter Description Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description Range Default environments like a training facility or exam hall, where a mix of 802.11a/g, 802.11g and 802.11n clients need equal to network resources, regardless of their capabilities. The bw-alloc parameter of a traffic management profile allows you to set a minimum bandwidth to be allocated to a virtual AP profile when there is congestion on the wireless network.You must set traffic shaping to fair-access to use this bandwidth allocation value for an individual virtual AP.
Command History Release ArubaOS 3.0 ArubaOS 3.2 ArubaOS 6.3 Modification Command introduced The mode parameters were introduced in ArubaOS 3.2. The bw-alloc virtual-ap default share (%) enforcement hard command was introduced to set bandwidth allocation limit for an SSID. Command Information Platforms All platforms Licensing Base operating system on master controllers Dell Networking W-Series ArubaOS 6.5.
wlan tsm-req-profile wlan tsm-req-profile bin0-range clone dur-mandatory measure-duration no num-repeats random-interval request-mode {normal | triggered} traffic-id Description This command configures a TSM Report Request Profile. Syntax Parameter Description Range Default Name of this instance of the profile. The name must be 1-63 characters.
Parameter Description Range Default measure-duration This parameter is used to set the Measurement Duration field in the Transmit Stream/Category Measurement Request frame. The Measurement Duration is set to the duration of the requested measurement. It is expressed in units of TUs. When the request mode for the Transmit Stream/Category Measurement Request frame is set to "triggered", the Measurement Duration field should be set to 0.
Parameter Description l traffic-id Range Default triggered The parameter is used to set the Traffic Identifier field in the Transmit Stream/Category Measurement Request frame. The Traffic Identifier field contains the TID subfield. The TID subfield indicates the TC or TS for which traffic is to be measured. 0-255 96 Usage Guidelines The tsm-req-profile is a part of the 802.11K profile. It is used to configure the parameters for the Transmit Stream/Category Measurement frames.
wlan virtual-ap wlan virtual-ap aaa-profile allowed-band ...
Parameter Description Range Default — — g—802.11b/g band only (2.4 GHz) all—both 802.11a and 802.11b/g bands (5 GHz and 2.4 GHz) anyspot-profile Anyspot Profile associated with this Virtual AP Profile. The anyspot client probe suppression feature decreases network traffic by suppressing probe requests from clients attempting to locate and connect to other known networks. auth-failureblacklist-time Time, in seconds, a client is blocked if it fails repeated authentication.
Parameter Description Range Default Band steering can be configured on both campus APs and remote APs that have a virtual AP profile set to tunnel, decrypt-tunnel, split-tunnel or bridge forwarding mode.
Parameter Description Range Default IMPORTANT: If you enable the all option, you must also enable the Broadcast-Filter ARP parameter in the stateful firewall configuration to prevent ARP requests from being dropped. Note also that although a virtual AP profile can be replicated from a master controller to local controllers, stateful firewall settings do not.
Parameter Description Range Default IMPORTANT: If you enable this option, you must also enable the Broadcast-Filter ARP parameter in the stateful firewall configuration to prevent ARP requests from being dropped. Note also that although a virtual AP profile can be replicated from a master controller to local controllers, stateful firewall settings do not.
Parameter Description Range Default cellular-handoff -assist When both the client match and cellular handoff assist features are enabled, the cellular handoff assist feature can help a dual-mode, 3G/4G-capable Wi-Fi device such as an iPhone, iPad, or Android client at the edge of Wi-Fi network coverage switch from Wi-Fi to an alternate 3G/4G radio that provides better network access. This feature is disabled by default, and is recommended only for Wi-Fi hotspot deployments.
Parameter Description Range Default dos-prevention If enabled, APs ignore deauthentication frames from clients. This prevents a successful deauth attack from being carried out against the AP. This does not affect thirdparty APs. — disabled dot11k-profile Name of an 802.11k profile to be associated with this VAP. — default dynamic-mcast-optimization Enable/Disable dynamic multicast optimization. This parameter can only be enabled on a controller with a PEFNG license.
Parameter Description Range Default controller for processing. The controller removes or adds the GRE headers, decrypts or encrypts 802.11 frames and applies firewall rules to the user traffic as usual. 2365| wlan virtual-ap l Bridge: When an AP is in bridge mode, data is bridged onto the local Ethernet LAN. When in bridge mode, the AP handles all 802.11 association requests and responses, encryption/decryption processes, and firewall enforcement. 802.11e and 802.
Parameter Description Range Default controller. APs in decrypttunnel forwarding mode also manage all 802.11 association requests and responses, and process all 802.11e and 802.11k action frames. NOTE: Virtual APs in bridge or split-tunnel mode using static WEP should use key slots 2-4 on the controller. Key slot 1 should only be used with Virtual APs in tunnel mode.
Parameter Description Range Default multi-association Enables or disables multiassociation for this virtual AP. When enabled, this feature allows a station to be associated to multiple APs. If this feature is disabled, when a station moves to new AP it will be de authorized by the AP to which it was previously connected, deleting station context and flushing key caching information. — disabled no Negates any configured parameter.
Parameter Description Range Default (bridge/splittunnel/tunnel/d-tunnel) VAPs. ssid-profile Name of the SSID profile that applies to this virtual AP. — “default” steering-mode Band steering supports three different band steering modes. Force-5GHz prefer-5ghz l Force-5GHz: When the AP is configured in force-5GHz band steering mode, the AP will try to force 5Ghzcapable APs to use that radio band.
Parameter Description Range Default strict-compli ance If enabled, the AP denies client association requests if the AP and client station have no common rates defined. Some legacy client stations which are not fully 802.11-compliant may not include their configured rates in their association requests. Such non-compliant stations may have difficulty associating with APs unless strict compliance is disabled. — disabled vap-enable Enable or disable the virtual AP.
Beginning with ArubaOS 6.1.3.2, the broadcast-filter arp parameter is enabled by default. Behaviors associated with these settings are enabled upon upgrade to ArubaOS 6.1.3.2. If your controller supports clients behind a wireless bridge or virtual clients on VMware devices, you must disable the broadcast-filter arp setting to allow those clients to obtain an IP address.
Release Modification ArubaOS 6.0 The steering-mode balance-bands|force-5ghz| prefer-5ghz parameters are introduced. ArubaOS 6.1 l The deny inter user traffic and Disable conversion multicast RA packets to unicast parameters are introduced. l The multi-association parameter is deprecated. l The Multicast Optimization for Video and Multicast Optimization Threshold parameter are renamed to Dynamic Multicast Optimization (DMO) and Dynamic Multicast Optimization (DMO) Threshold. ArubaOS 6.
wlan voip-cac-profile wlan voip-cac-profile allow-idle-voip-client bandwidth-cac bandwidth-capacity call-admission-control call-capacity call-handoff-reservation clone disconnect-extra-call no ... send-sip-100-trying send-sip-status-code client|server wmm_tspec_enforcement wmm_tspec_enforcement_period Description This command configures a Voice over IP (VoIP) call admission control (CAC) profile.
Parameter Description Range Default Maximum bandwidth that can be handled by one radio, in kbps. The default value is 2000 kbps (2 Mbps) 160000 0 2000 call-admissioncontrol Enables or disables WiFi VoIP CAC features. — disabled call-capacity Number of simultaneous calls that can be handled by one radio. 2-8000 10 call-handoff-reservation Percentage of call capacity reserved for mobile VoIP clients on call.
Parameter Description Range Default wmm_tspec_en forcement Enables validation of TSPEC requests for CAC. — disabled wmm_tspec_en forcement_ period Maximum time for the station to start the call after the TSPEC request. 1-100 1 second Usage Guidelines The VoIP CAC profile prevents any single AP from becoming congested with voice calls.
Command Information Platforms All platforms 2375| wlan voip-cac-profile Licensing PEFNG license Command Mode Config mode on master controllers Dell Networking W-Series ArubaOS 6.5.
wlan wmm-traffic-management-profile wlan wmm-traffic-management-profile background best-effort clone enable-shaping no video voice Description This command configures bandwidth shaping for WMM access categories. The bandwidth shaping is applied on down-link traffic only. Syntax Parameter Description Range Default background Bandwidth allocation in percentage (%) for WMM background access traffic category.
(host) (WMM Traffic management profile "test") #voice 40 (host) (WMM Traffic management profile "test") #video 43 Apply the WMM traffic management profile to the virtual AP profile. (host) (config) #wlan virtual-ap employee (host) (Virtual AP profile "employee") #wmm-traffic-management-profile test Enable the fair-access or preferred access parameter under wlan traffic-management-profile.
wms ap wms ap mode {interfering|manually-contained|neighbor|rogue|suspected-rogue|valid} Description This command allows you to classify an AP into one of several categories. Syntax Parameter Description BSSID of the AP. mode Classify the AP into one of the following categories. interfering An AP seen in the RF environment but is not connected to the wired network. manually-contained Manually enable denial of service from this AP neighbor An neighboring AP whose BSSID is known.
Command History Release Modification ArubaOS 3.0 Introduced ArubaOS 6.0 Renamed the modes and deprecated the DoS mode. ArubaOS 6.1 The suspected-rogue parameter was introduced. Command Information Platforms All platforms 2379| wms ap Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
wms clean-db wms clean-db Description This command deletes the WMS database. Syntax Parameter Description clean-db Cleans the WMS database. Usage Guidelines This command deletes all entries from the WMS database. Do not use this command unless instructed to do so by a Dell representative. Example The following command cleans the WMS database: (host) #wms clean-db WMS Database will be deleted. Do you want to proceed with this action [y/n]: Command History This command was introduced in ArubaOS 3.0.
wms client wms client mode {manually-contain|interfering|valid} valid-exempt {insert|remove} Description This command allows you to classify a wireless client into one of several categories. Syntax Parameter Description client MAC address of the client. mode Classify the client into one of the following categories: manually-contain Manually enable denial of service to this client.
Command History Release Modification ArubaOS 3.0 Command introduced ArubaOS 6.1 The following parameters were deprecated: dos neighbor The following parameters were introduced: manually-contain interfering ArubaOS 6.4.4 The following parameters were introduced. valid-exempt insert remove Command Information Platforms All platforms 2382| wms client Licensing Base operating system Command Mode Enable mode on master controllers Dell Networking W-Series ArubaOS 6.5.
wms export-class wms export-class Description This command exports classification information into a file. Syntax Parameter Description Name of the file into which you want to export classification information Usage Guidelines This command writes classification data into comma separated values (CSV) files—one for APs and one for clients. You can import these files into the Dell Mobility Manager system.
wms export-db wms export-db Description This command exports the WMS database to a specified file. Syntax Parameter Description Name of the file into which you want to export the database. The filename plus any extensions must be no longer than 32 characters and may contain only keyboard characters. Usage Guidelines The file is exported as an ASCII text file. If you have configured the controller for operation with server, this command will fail and an error will be returned.
wms import-db wms import-db Description This command imports the specified file into the WMS database. Syntax Parameter Description Name of the file into which you want to import into the database. The filename plus any extensions must be no longer than 32 characters and may contain only keyboard characters. Usage Guidelines The imported file replaces the WMS database.
wms reinit-db wms reinit-db Description This command reinitializes the WMS database to its factory defaults. Syntax No parameters. Usage Guidelines When you use this command, there is no automatic backup of the current database. If a server is configured on the controller (See mobility-manager on page 628), this command will fail and return an error. Example The following command reinitializes the WMS database: (host) #wms reinit-db WMS Database will be re-initialized.
write write {erase [all] | memory | terminal} Description This command saves the running configuration to memory or displays the running configuration on the screen. This command can also be used to erase the running configuration and return the controller to factory defaults. Syntax Parameter Description erase Erases the running system configuration file. Rebooting the controller resets it to the factory default configuration.
Key Description / Enter a text string to search for. N Repeat the text string to search for. Example The following command saves your changes so they are retained after a reboot: (host) #write memory The following command deletes the running configuration and databases and returns the controller to the factory default settings: (host) #write erase Command History This command was introduced in ArubaOS 1.0.
Appendix A: Command Modes The Dell Networking W-Series ArubaOS command-line interface offers different levels of user access by differentiating between different command modes. When you first log in to the CLI, you start your session in User mode, which provides only limited access for basic operational testing. You must enter an additional password to access Enable mode, which allows you to issue show commands run certain management functions.
(host) #aaa ? authentication inservice ipv6 query-user test-server user Authentication Bring authentication server into service Internet Protocol Version 6 Query User Test authentication server User commands Config Mode To move from enable mode to config mode, enter the command config terminal. Users in config mode may return to enable mode at any time by entering the command exit.